This commit is contained in:
@@ -145,7 +145,7 @@ namespace AyaNova.Api.Controllers
|
||||
TagBiz biz = new TagBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
|
||||
//If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, TagBiz.BizType))
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, biz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
@@ -62,7 +62,10 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, UserBiz.BizType))
|
||||
//Instantiate the business object handler
|
||||
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -72,8 +75,7 @@ namespace AyaNova.Api.Controllers
|
||||
return BadRequest(new ApiErrorResponse(ModelState));
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
|
||||
var o = await biz.GetAsync(id);
|
||||
if (o == null)
|
||||
@@ -103,7 +105,10 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, UserBiz.BizType))
|
||||
//Instantiate the business object handler
|
||||
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -113,8 +118,7 @@ namespace AyaNova.Api.Controllers
|
||||
return BadRequest(new ApiErrorResponse(ModelState));
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
|
||||
ApiPagedResponse<System.Object> pr = await biz.GetManyAsync(Url, nameof(ListUsers), pagingOptions);
|
||||
return Ok(new ApiOkWithPagingResponse<System.Object>(pr));
|
||||
@@ -186,13 +190,15 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, UserBiz.BizType, o.OwnerId))
|
||||
//Instantiate the business object handler
|
||||
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
|
||||
try
|
||||
{
|
||||
@@ -251,7 +257,7 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, UserBiz.BizType, o.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -301,7 +307,7 @@ namespace AyaNova.Api.Controllers
|
||||
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
//If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, UserBiz.BizType))
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, biz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -365,7 +371,7 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, UserBiz.BizType, dbObj.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, biz.BizType, dbObj.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
@@ -65,7 +65,10 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -75,8 +78,7 @@ namespace AyaNova.Api.Controllers
|
||||
return BadRequest(new ApiErrorResponse(ModelState));
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
var o = await biz.GetAsync(id);
|
||||
if (o == null)
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
@@ -100,7 +102,10 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -110,8 +115,7 @@ namespace AyaNova.Api.Controllers
|
||||
return BadRequest(new ApiErrorResponse(ModelState));
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
|
||||
ApiPagedResponse<Widget> pr = await biz.GetManyAsync(Url, nameof(ListWidgets), pagingOptions);
|
||||
return Ok(new ApiOkWithPagingResponse<Widget>(pr));
|
||||
@@ -185,13 +189,14 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, WidgetBiz.BizType, o.OwnerId))
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
try
|
||||
{
|
||||
@@ -252,7 +257,7 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, WidgetBiz.BizType, o.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -301,7 +306,7 @@ namespace AyaNova.Api.Controllers
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
//If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, WidgetBiz.BizType))
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, biz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -361,7 +366,7 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, WidgetBiz.BizType, dbObj.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, biz.BizType, dbObj.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -396,10 +401,6 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
throw new System.NotSupportedException("Test exception from widget controller");
|
||||
}
|
||||
@@ -416,10 +417,7 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
|
||||
throw new System.ArgumentException("Test exception (ALT) from widget controller");
|
||||
}
|
||||
|
||||
@@ -25,7 +25,7 @@ namespace AyaNova.Biz
|
||||
|
||||
#region common props
|
||||
|
||||
internal static AyaType BizType { get; set; }
|
||||
internal AyaType BizType { get; set; }
|
||||
internal AyaNova.Models.AyContext ct { get; set; }
|
||||
internal long UserId { get; set; }
|
||||
internal long UserLocaleId { get; set; }
|
||||
|
||||
@@ -106,8 +106,9 @@ namespace AyaNova.Biz
|
||||
{
|
||||
public long TotalResultsFound { get; set; }
|
||||
public List<SearchResult> SearchResults { get; set; }
|
||||
public SearchReturnObject(){
|
||||
TotalResultsFound=0;
|
||||
public SearchReturnObject()
|
||||
{
|
||||
TotalResultsFound = 0;
|
||||
SearchResults = new List<SearchResult>();
|
||||
}
|
||||
}
|
||||
@@ -327,7 +328,7 @@ namespace AyaNova.Biz
|
||||
|
||||
//TOTAL RESULTS
|
||||
//we have the total results here so set accordingly
|
||||
ReturnObject.TotalResultsFound=MatchingObjects.Count;
|
||||
ReturnObject.TotalResultsFound = MatchingObjects.Count;
|
||||
|
||||
//MAXIMUM RESULTS FILTER
|
||||
//The theory is that it should be filtered BEFORE sorting so that you get the most random collection of results
|
||||
@@ -398,6 +399,14 @@ namespace AyaNova.Biz
|
||||
private static void ProcessKeywords(AyContext ct, long localeId, long objectID, AyaType objectType, bool newRecord, string name, params string[] text)
|
||||
{
|
||||
|
||||
#if (DEBUG)
|
||||
if (objectType == AyaType.TagMap || objectType == AyaType.JobOperations || objectType == AyaType.Locale)
|
||||
{
|
||||
throw new System.NotSupportedException($"Search::ProcessKeywords - Invalid type presented {objectType}");
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
//IF NOT NEW, DELETE ALL EXISTING ENTRIES FOR OBJECT TYPE AND ID
|
||||
if (!newRecord)
|
||||
{
|
||||
|
||||
@@ -23,7 +23,7 @@ namespace AyaNova.Biz
|
||||
|
||||
internal UserBiz(AyContext dbcontext, long currentUserId, long userLocaleId, AuthorizationRoles userRoles)
|
||||
{
|
||||
ct = dbcontext;
|
||||
ct = dbcontext;
|
||||
UserId = currentUserId;
|
||||
CurrentUserRoles = userRoles;
|
||||
BizType = AyaType.User;
|
||||
@@ -71,12 +71,6 @@ namespace AyaNova.Biz
|
||||
|
||||
//Handle child and associated items
|
||||
|
||||
// //Associated user options object
|
||||
// UserOptions options = new UserOptions(UserId);
|
||||
// options.User = outObj;
|
||||
// ct.UserOptions.Add(options);
|
||||
// await ct.SaveChangesAsync();
|
||||
|
||||
//Log event
|
||||
EventLogProcessor.AddEntryToContextNoSave(new Event(UserId, outObj.Id, BizType, AyaEvent.Created), ct);
|
||||
await ct.SaveChangesAsync();
|
||||
|
||||
Reference in New Issue
Block a user