2018-10-04 15:59:07 +00:00
parent 0f9ac2600c
commit 03501f1ba1
6 changed files with 51 additions and 44 deletions
--- a/server/AyaNova/Controllers/WidgetController.cs
+++ b/server/AyaNova/Controllers/WidgetController.cs
@@ -65,7 +65,10 @@ namespace AyaNova.Api.Controllers
                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
            }

-            if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
+            //Instantiate the business object handler
+            WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
+
+            if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
            {
                return StatusCode(401, new ApiNotAuthorizedResponse());
            }
@@ -75,8 +78,7 @@ namespace AyaNova.Api.Controllers
                return BadRequest(new ApiErrorResponse(ModelState));
            }

-            //Instantiate the business object handler
-            WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
+
            var o = await biz.GetAsync(id);
            if (o == null)
                return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
@@ -100,7 +102,10 @@ namespace AyaNova.Api.Controllers
                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
            }

-            if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
+            //Instantiate the business object handler
+            WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
+
+            if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
            {
                return StatusCode(401, new ApiNotAuthorizedResponse());
            }
@@ -110,8 +115,7 @@ namespace AyaNova.Api.Controllers
                return BadRequest(new ApiErrorResponse(ModelState));
            }

-            //Instantiate the business object handler
-            WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
+

            ApiPagedResponse<Widget> pr = await biz.GetManyAsync(Url, nameof(ListWidgets), pagingOptions);
            return Ok(new ApiOkWithPagingResponse<Widget>(pr));
@@ -185,13 +189,14 @@ namespace AyaNova.Api.Controllers
                return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
            }

-            if (!Authorized.IsAuthorizedToModify(HttpContext.Items, WidgetBiz.BizType, o.OwnerId))
+            //Instantiate the business object handler       
+            WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
+
+            if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
            {
                return StatusCode(401, new ApiNotAuthorizedResponse());
            }

-            //Instantiate the business object handler       
-            WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);

            try
            {
@@ -252,7 +257,7 @@ namespace AyaNova.Api.Controllers
                return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
            }

-            if (!Authorized.IsAuthorizedToModify(HttpContext.Items, WidgetBiz.BizType, o.OwnerId))
+            if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
            {
                return StatusCode(401, new ApiNotAuthorizedResponse());
            }
@@ -301,7 +306,7 @@ namespace AyaNova.Api.Controllers
            WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);

            //If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
-            if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, WidgetBiz.BizType))
+            if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, biz.BizType))
            {
                return StatusCode(401, new ApiNotAuthorizedResponse());
            }
@@ -361,7 +366,7 @@ namespace AyaNova.Api.Controllers
                return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
            }

-            if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, WidgetBiz.BizType, dbObj.OwnerId))
+            if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, biz.BizType, dbObj.OwnerId))
            {
                return StatusCode(401, new ApiNotAuthorizedResponse());
            }
@@ -396,10 +401,6 @@ namespace AyaNova.Api.Controllers
                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
            }

-            if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
-            {
-                return StatusCode(401, new ApiNotAuthorizedResponse());
-            }

            throw new System.NotSupportedException("Test exception from widget controller");
        }
@@ -416,10 +417,7 @@ namespace AyaNova.Api.Controllers
                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
            }

-            if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
-            {
-                return StatusCode(401, new ApiNotAuthorizedResponse());
-            }
+

            throw new System.ArgumentException("Test exception (ALT) from widget controller");
        }