/// <summary>
/// Constructs a PermissionViewModel from a Permission (for role) object.
/// </summary>
/// <param name="permission">Permiso.</param>
/// <param name="rol">Rol con el que se construye el permiso.</param>
/// <param name="resourceGroupId">Grupo al que pertenece.</param>
public PermissionViewModel(Permission permission, RoleInfo rol, Guid resourceGroupId)
{
PermissionId = permission?.PermissionId ?? 0;
ResourceGroupId = resourceGroupId;
RolId = rol.RoleID;
RoleName = rol.RoleName;
ReadPermission = permission != null && permission.ReadPermission;
WritePermission = permission != null && permission.WritePermission;
Cd = permission?.Cd ?? DateTime.Now;
Cu = permission?.Cu ?? Common.CurrentUser.UserID;
Md = permission?.Md ?? DateTime.Now;
Mu = permission?.Mu ?? Common.CurrentUser.UserID;
}
/// <summary>
/// Constructs a PermissionViewModel from a Permission (for user) object.
/// </summary>
/// <param name="permission">Permiso</param>
/// <param name="resourceGroupId">Grupo al que pertenece.</param>
public PermissionViewModel(Permission permission, Guid resourceGroupId)
{
PermissionId = permission.PermissionId;
ResourceGroupId = resourceGroupId;
UserId = permission.UserId;
UserDisplayName = permission.UserId.HasValue ? Common.GetUserDisplayName(permission.UserId.Value) : string.Empty;
ReadPermission = permission.ReadPermission;
WritePermission = permission.WritePermission;
Cd = permission.Cd;
Cu = permission.Cu;
Md = permission.Md;
Mu = permission.Mu;
}
public HttpResponseMessage SaveUserPermission(UserPermission submitted)
{
try
{
if (!Common.HasGroupWritePermission(submitted.permission.ResourceGroupId))
return Request.CreateResponse(HttpStatusCode.Unauthorized, new { Message = App_GlobalResources.Errors.ErrorNotAuthorized });
var user = Common.GetUser(submitted.userName);
if (user == null)
return Request.CreateResponse(HttpStatusCode.OK, new { Success = false, Message = App_GlobalResources.Errors.ErrorUserNotFound });
var userPermissions = _repository.GetUserPermissions(submitted.permission.ResourceGroupId, user.UserID);
if (userPermissions != null && userPermissions.Any())
return Request.CreateResponse(HttpStatusCode.OK, new { Success = false, Message = App_GlobalResources.Errors.ErrorUserAlreadyhasPermission });
var permission = new Permission
{
ResourceGroupId = submitted.permission.ResourceGroupId,
UserId = user.UserID,
ReadPermission = submitted.permission.ReadPermission,
WritePermission = submitted.permission.WritePermission
};
return Request.CreateResponse(HttpStatusCode.OK, new { Success = _repository.Create(permission) });
}
catch (Exception)
{
return Request.CreateResponse(HttpStatusCode.InternalServerError, App_GlobalResources.Errors.ErrorGeneric);
}
}
public HttpResponseMessage Save(Permission viewModel)
{
try
{
if (!Common.HasGroupWritePermission(viewModel.ResourceGroupId))
return Request.CreateResponse(HttpStatusCode.Unauthorized, new {Message = App_GlobalResources.Errors.ErrorNotAuthorized});
var permission = viewModel.PermissionId == 0
? _repository.Create(GeneratePermission(viewModel))
: _repository.Update(GeneratePermission(viewModel));
return permission != null
? Request.CreateResponse(HttpStatusCode.OK, new {Success = true, Permission = permission})
: Request.CreateResponse(HttpStatusCode.OK, new {Success = false});
}
catch (Exception)
{
return Request.CreateResponse(HttpStatusCode.InternalServerError, App_GlobalResources.Errors.ErrorGeneric);
}
}
/// <summary>
/// Create a permit to insert into the database.
/// </summary>
/// <param name="viewModel">New permission to insert.</param>
/// <returns></returns>
private static Permission GeneratePermission(Permission viewModel)
{
return new Permission
{
PermissionId = viewModel.PermissionId,
ResourceGroupId = viewModel.ResourceGroupId,
UserId = viewModel.UserId,
RolId = viewModel.RolId,
ReadPermission = viewModel.ReadPermission,
WritePermission = viewModel.WritePermission
};
}
