admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-08-31 21:27:19 +00:00
parent 2dd3ee32ab
commit 5845440f1d
2 changed files with 17 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
server/AyaNova/Controllers/ReportController.cs
View File

@@ -158,7 +158,7 @@ namespace AyaNova.Api.Controllers
/// <summary>
/// <summary>
/// Get Report list for object
/// </summary>
/// <param name="ayType">Type of object</param>
@@ -171,6 +171,9 @@ namespace AyaNova.Api.Controllers
ReportBiz biz = ReportBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
//extra check if they have rights to the type of object in question, this nips it in the bud before they even get to the fetch data stage later
if (!Authorized.HasReadFullRole(HttpContext.Items, ayType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetReportListAsync(ayType);
@@ -180,7 +183,7 @@ namespace AyaNova.Api.Controllers
//======================================================================================================
public class ObjectReportDataParameter
public class ObjectReportDataParameter
{
public AyaType ObjectType { get; set; }
public long[] ObjectIdArray { get; set; }
@@ -198,15 +201,15 @@ namespace AyaNova.Api.Controllers
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
ReportBiz biz = ReportBiz.GetBiz(ct, HttpContext);
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
return BadRequest(new ApiErrorResponse(ModelState));
var reportData = await biz.GetReportData(reportDataParam.ObjectType, reportDataParam.ObjectIdArray);
if (reportData == null)
return BadRequest(new ApiErrorResponse(biz.Errors));
else
return Ok(ApiOkResponse.Response(reportData));
return Ok(ApiOkResponse.Response(reportData));
}