示例#1
0
        public IActionResult Put([FromBody] RightsModel fromBodyRightsModel)
        {
            // List of messages to return to the client
            var messages = new List <Message>();

            // Authentication
            var controllerHelper = new ControllerHelper(context);
            var authUserModel    = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);

            if (authUserModel == null)
            {
                return(Unauthorized());
            }

            // Authorization
            if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CRU))
            {
                return(Forbid());
            }

            #region VALIDATIONS

            // Received rights ApplicationId must be the same as of authorized user
            var sharedValidationHelper = new SharedValidationHelper();
            messages = sharedValidationHelper.ValidateApplicationId(fromBodyRightsModel.ApplicationId, authUserModel.ApplicationId);
            if (messages.Count != 0)
            {
                return(BadRequest(messages));
            }
            fromBodyRightsModel.Application = authUserModel.Application;

            // Rights must already exist in the database
            var rightsRepository = new RightsRepository(context);
            var rightsModel      = rightsRepository.GetById(authUserModel.ApplicationId, fromBodyRightsModel.Id);
            if (rightsModel == null)
            {
                messages.Add(new Message(MessageTypeEnum.Error,
                                         4003,
                                         new List <string>()
                {
                    fromBodyRightsModel.Application.LoginApplicationName,
                    fromBodyRightsModel.Id.ToString()
                }));
                Logger.LogMessagesToConsole(messages);
                return(BadRequest(messages));
            }

            // If the rights name was changed, the new one must be unique
            if (rightsModel.Name != fromBodyRightsModel.Name)
            {
                var sameNameRights = rightsRepository.GetByApplicationIdAndName(authUserModel.ApplicationId, fromBodyRightsModel.Name);
                if (sameNameRights.Count() > 0)
                {
                    messages.Add(new Message(MessageTypeEnum.Error,
                                             4001,
                                             new List <string>()
                    {
                        fromBodyRightsModel.Name
                    }));
                    return(BadRequest(messages));
                }
            }

            // Rights data validity and logic validity
            messages = sharedValidationHelper.ValidateRights(authUserModel.Application.ApplicationDescriptor,
                                                             fromBodyRightsModel.DataDictionary);
            if (messages.Count != 0)
            {
                return(BadRequest(messages));
            }

            #endregion

            rightsRepository.SetNameAndData(rightsModel, fromBodyRightsModel.Name, fromBodyRightsModel.DataDictionary);
            messages.Add(new Message(MessageTypeEnum.Info,
                                     4007,
                                     new List <string>()
            {
                fromBodyRightsModel.Name
            }));
            return(Ok(messages));
        }
示例#2
0
        public IActionResult Create([FromBody] RightsModel fromBodyRightsModel)
        {
            // List of messages to return to the client
            var messages = new List <Message>();

            // Authentication
            var controllerHelper = new ControllerHelper(context);
            var authUserModel    = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);

            if (authUserModel == null)
            {
                return(Unauthorized());
            }

            // Authorization
            if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CR))
            {
                return(Forbid());
            }

            #region VALIDATIONS

            // New rights ApplicationId must be the same as of authorized user
            var sharedValidationHelper = new SharedValidationHelper();
            messages = sharedValidationHelper.ValidateApplicationId(fromBodyRightsModel.ApplicationId, authUserModel.ApplicationId);
            if (messages.Count != 0)
            {
                return(BadRequest(messages));
            }
            fromBodyRightsModel.Application = authUserModel.Application;

            // New rights must have a unique name
            var rightsRepository = new RightsRepository(context);
            var sameNameRights   = rightsRepository.GetByApplicationIdAndName(authUserModel.ApplicationId, fromBodyRightsModel.Name);
            if (sameNameRights.Count() > 0)
            {
                messages.Add(new Message(MessageTypeEnum.Error,
                                         4001,
                                         new List <string>()
                {
                    fromBodyRightsModel.Name
                }));
                return(BadRequest(messages));
            }

            // Rights data validity and logic validity
            messages = sharedValidationHelper.ValidateRights(authUserModel.Application.ApplicationDescriptor,
                                                             fromBodyRightsModel.DataDictionary);
            if (messages.Count != 0)
            {
                return(BadRequest(messages));
            }

            #endregion

            rightsRepository.Add(fromBodyRightsModel);
            messages.Add(new Message(MessageTypeEnum.Info,
                                     4002,
                                     new List <string>()
            {
                fromBodyRightsModel.Name
            }));
            return(Ok(messages));
        }