public async Task <IActionResult> ToggleCompletedState(Guid listId, Guid subItemId, [FromBody] bool completed) { var userEmail = User.FindFirst(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress").Value; var list = await _dapperQuery.GetListAsync(listId); var todoListAuthorizationValidator = new TodoListAuthorizationValidator(list.Contributors, userEmail); if (todoListAuthorizationValidator.IsUserAuthorized()) { var accountId = User.ReadClaimAsGuidValue("urn:codefliptodo:accountid"); var subItemCompleted = new SubItemCompletedState { AccountId = accountId, SubItemId = subItemId, Completed = completed }; await _mediator.Send(subItemCompleted); return(Ok()); } return(Forbid()); }
public async Task <TodoListItem> Handle(CreateItem request, CancellationToken cancellationToken) { var accountPlan = await _accountPlanRepository.FindAccountPlanByAccountIdAsync(request.AccountId); var plan = await _planRepository.FindPlanByIdAsync(accountPlan.PlanId); var accountPlanAuthorization = new AccountPlanAuthorizationValidator(accountPlan, plan); var list = await _todoListRepository.FindTodoListIdByIdAsync(request.ListId); var todoListAuthorization = new TodoListAuthorizationValidator(list.Contributors, request.Email); if (todoListAuthorization.IsUserAuthorized()) { if (list == null) { return(null); } var dueDate = accountPlanAuthorization.CanAddDueDate() ? request.DueDate : null; var id = _todoListItemRepository.NextId(); var todoItem = list.CreateListItem(id, request.Name, request.Notes, dueDate, request.Important); await _todoListItemRepository.AddTodoListItemAsync(todoItem); await _todoListItemRepository.SaveChangesAsync(); return(todoItem); } return(null); }
public async Task <IActionResult> TrashSubItem(Guid listId, Guid subitemId) { var userEmail = User.FindFirst(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress").Value; var list = await _dapperQuery.GetListAsync(listId); var todoListAuthorizationValidator = new TodoListAuthorizationValidator(list.Contributors, userEmail); if (todoListAuthorizationValidator.IsUserAuthorized()) { var accountId = User.ReadClaimAsGuidValue("urn:codefliptodo:accountid"); var trashSubItem = new TrashSubItem { AccountId = accountId, SubItemId = subitemId }; await _mediator.Send(trashSubItem); return(Ok("Subitem deleted!!!")); } return(Forbid()); }
protected override async Task Handle(EditItem request, CancellationToken cancellationToken) { var accountPlan = await _accountPlanRepository.FindAccountPlanByAccountIdAsync(request.AccountId); var plan = await _planRepository.FindPlanByIdAsync(accountPlan.PlanId); var accountPlanAuthorization = new AccountPlanAuthorizationValidator(accountPlan, plan); var list = await _todoListRepository.FindTodoListIdByIdAsync(request.ListId); var item = await _todoListItemRepository.FindToDoListItemByIdAsync(request.ItemId); var todoListAuthorizationValidator = new TodoListAuthorizationValidator(list.Contributors, request.Email); if (todoListAuthorizationValidator.IsUserAuthorized()) { var dueDate = accountPlanAuthorization.CanAddDueDate() ? request.DueDate : null; item.Name = request.Name; item.Notes = request.Notes; item.DueDate = dueDate; item.EditItem(item); await _todoListItemRepository.SaveChangesAsync(); } }
public async Task <IActionResult> GetList(Guid listId) { var userEmail = User.FindFirst(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress").Value; var list = await _dapperQuery.GetListAsync(listId); var todoListAuthorizationValidator = new TodoListAuthorizationValidator(list.Contributors, userEmail); if (todoListAuthorizationValidator.IsUserAuthorized()) { return(Ok(list)); } return(Forbid()); }
public async Task <IActionResult> GetTodoItemById(Guid listId, Guid itemId) { var accountId = User.ReadClaimAsGuidValue("urn:codefliptodo:accountid"); var userEmail = User.FindFirst(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress").Value; var list = await _dapperQuery.GetListAsync(listId); var todoListAuthorization = new TodoListAuthorizationValidator(list.Contributors, userEmail); if (todoListAuthorization.IsUserAuthorized()) { var item = await _dapperQuery.GetTodoItemByIdAsync(itemId); return(Ok(item)); } return(Forbid()); }
public async Task <IActionResult> UpdateLayout(Guid listId, Guid todoId, [FromBody] ItemLayout itemLayout) { var userEmail = User.FindFirst(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress").Value; var list = await _dapperQuery.GetListAsync(listId); var todoListAuthorizationValidator = new TodoListAuthorizationValidator(list.Contributors, userEmail); if (todoListAuthorizationValidator.IsUserAuthorized()) { itemLayout.AccountId = User.ReadClaimAsGuidValue("urn:codefliptodo:accountid"); itemLayout.ItemId = todoId; await _mediator.Send(itemLayout); return(Ok()); } return(Forbid()); }
public async Task <IActionResult> DeleteList(Guid listId) { var userEmail = User.FindFirst(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress").Value; var deleteTodoModel = new DeleteList(); deleteTodoModel.Email = User.FindFirst(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress").Value; deleteTodoModel.AccountId = User.ReadClaimAsGuidValue("urn:codefliptodo:accountid"); deleteTodoModel.ListId = listId; var list = await _dapperQuery.GetListAsync(listId); var todoListAuthorizationValidator = new TodoListAuthorizationValidator(list.Contributors, userEmail); if (todoListAuthorizationValidator.IsUserAuthorized()) { await _mediator.Send(deleteTodoModel); return(Ok()); } return(Forbid()); }
public async Task <IActionResult> UpdateList(Guid listId, UpdateList updatedList) { var userEmail = User.FindFirst(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress").Value; updatedList.ListId = listId; updatedList.Email = userEmail; var list = await _dapperQuery.GetListAsync(listId); var todoListAuthorizationValidator = new TodoListAuthorizationValidator(list.Contributors, userEmail); if (todoListAuthorizationValidator.IsUserAuthorized()) { var mediator = await _mediator.Send(updatedList); if (mediator == null) { return(BadRequest("Can't rename list because you're not an owner.")); } return(Ok()); } return(Forbid()); }