diff --git a/server/AyaNova/Controllers/CustomerController.cs b/server/AyaNova/Controllers/CustomerController.cs
index ce36268c..410ef85e 100644
--- a/server/AyaNova/Controllers/CustomerController.cs
+++ b/server/AyaNova/Controllers/CustomerController.cs
@@ -107,7 +107,7 @@ namespace AyaNova.Api.Controllers
///
///
///
- [HttpPut("{id}")]
+ [HttpPut]
public async Task PutCustomer([FromBody] Customer updatedObject)
{
if (!serverState.IsOpen)
diff --git a/server/AyaNova/Controllers/WidgetController.cs b/server/AyaNova/Controllers/WidgetController.cs
index 08d7efaf..9f74f475 100644
--- a/server/AyaNova/Controllers/WidgetController.cs
+++ b/server/AyaNova/Controllers/WidgetController.cs
@@ -160,117 +160,177 @@ namespace AyaNova.Api.Controllers
}
+ // ///
+ // /// Get full widget object
+ // ///
+ // ///
+ // /// A single widget
+ // [HttpGet("{id}")]
+ // public async Task GetWidget([FromRoute] long id)
+ // {
+ // if (!serverState.IsOpen)
+ // return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+
+ // //Instantiate the business object handler
+ // WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
+
+ // //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
+ // if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
+ // return StatusCode(403, new ApiNotAuthorizedResponse());
+
+ // if (!ModelState.IsValid)
+ // return BadRequest(new ApiErrorResponse(ModelState));
+
+ // var o = await biz.GetAsync(id);
+ // if (o == null)
+ // return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
+
+ // // NOTE: HERE would be the second check of biz rules before returning the object
+ // // in cases where there is also a business rule to affect retrieval on top of basic rights
+
+ // return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
+ // }
///
- /// Get full widget object
+ /// Get Widget
///
///
- /// A single widget
+ /// Widget
[HttpGet("{id}")]
public async Task GetWidget([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
-
- //Instantiate the business object handler
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
-
- //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
-
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
-
var o = await biz.GetAsync(id);
- if (o == null)
- return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
-
- // NOTE: HERE would be the second check of biz rules before returning the object
- // in cases where there is also a business rule to affect retrieval on top of basic rights
-
+ if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
+ // ///
+ // /// Put (update) widget
+ // ///
+ // ///
+ // ///
+ // ///
+ // [HttpPut("{id}")]
+ // public async Task PutWidget([FromRoute] long id, [FromBody] Widget inObj)
+ // {
+ // if (!serverState.IsOpen)
+ // return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+ // if (!ModelState.IsValid)
+ // return BadRequest(new ApiErrorResponse(ModelState));
+
+ // //Instantiate the business object handler
+ // WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
+
+ // var o = await biz.GetAsync(id, false);
+ // if (o == null)
+ // return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
+
+ // if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
+ // return StatusCode(403, new ApiNotAuthorizedResponse());
+
+ // try
+ // {
+ // if (!await biz.PutAsync(o, inObj))
+ // return BadRequest(new ApiErrorResponse(biz.Errors));
+ // }
+ // catch (DbUpdateConcurrencyException)
+ // {
+ // if (!await biz.ExistsAsync(id))
+ // return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
+ // else
+ // return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
+ // }
+ // return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
+ // }
///
- /// Put (update) widget
- ///
- ///
- ///
+ /// Put (update) Widget
+ ///
+ ///
///
- [HttpPut("{id}")]
- public async Task PutWidget([FromRoute] long id, [FromBody] Widget inObj)
+ [HttpPut]
+ public async Task PutWidget([FromBody] Widget updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
-
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
-
- //Instantiate the business object handler
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
-
- var o = await biz.GetAsync(id, false);
- if (o == null)
- return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
-
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
-
- try
+ var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
+ if (o == null)
{
- if (!await biz.PutAsync(o, inObj))
+ if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
+ return StatusCode(409, new ApiErrorResponse(biz.Errors));
+ else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
- catch (DbUpdateConcurrencyException)
- {
- if (!await biz.ExistsAsync(id))
- return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
- else
- return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
- }
- return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
+ return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); ;
}
+ // ///
+ // /// Delete widget
+ // ///
+ // ///
+ // /// Ok
+ // [HttpDelete("{id}")]
+ // public async Task DeleteWidget([FromRoute] long id)
+ // {
+ // if (!serverState.IsOpen)
+ // return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+ // if (!ModelState.IsValid)
+ // return BadRequest(new ApiErrorResponse(ModelState));
+ // //Instantiate the business object handler
+ // WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
+ // var o = await biz.GetAsync(id, false);
+ // if (o == null)
+ // return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
+ // if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
+ // return StatusCode(403, new ApiNotAuthorizedResponse());
+ // if (!await biz.DeleteAsync(o))
+ // return BadRequest(new ApiErrorResponse(biz.Errors));
+
+ // return NoContent();
+ // }
///
- /// Delete widget
+ /// Delete Widget
///
///
- /// Ok
+ /// NoContent
[HttpDelete("{id}")]
public async Task DeleteWidget([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
-
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
-
- //Instantiate the business object handler
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
-
- var o = await biz.GetAsync(id, false);
- if (o == null)
- return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
-
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
-
- if (!await biz.DeleteAsync(o))
+ if (!await biz.DeleteAsync(id))
return BadRequest(new ApiErrorResponse(biz.Errors));
-
return NoContent();
}
+ ///////////////////////////////////////////////
+ //TEST ROUTES
+ //
///
/// Get route that triggers exception for testing
///