2020-05-07 23:40:16 +00:00
parent b7870a9860
commit 5ad40f976b
1 changed files with 3 additions and 11 deletions
--- a/server/AyaNova/Controllers/WorkOrderController.cs
+++ b/server/AyaNova/Controllers/WorkOrderController.cs
@@ -142,7 +142,7 @@ namespace AyaNova.Api.Controllers
        }


-//TODO: will need to traverse, don't need it now for PROPOSAL testing so not coding it yet
+        //TODO: will need to traverse, don't need it now for PROPOSAL testing so not coding it yet
        // /// <summary>
        // /// Delete WorkOrder
        // /// </summary>
@@ -184,7 +184,7 @@ namespace AyaNova.Api.Controllers
        /// <returns>WorkOrderItem object (no descendents)</returns>
        [HttpPost("items")]
        public async Task<IActionResult> PostWorkOrderItem([FromBody] WorkOrderItem newObject, ApiVersion apiVersion)
-        {            
+        {
            if (!serverState.IsOpen)
                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
            WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
@@ -210,23 +210,15 @@ namespace AyaNova.Api.Controllers
        {
            if (!serverState.IsOpen)
                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
-
-            //Instantiate the business object handler
            WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
-
-            //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules 
            if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
                return StatusCode(403, new ApiNotAuthorizedResponse());
-
            if (!ModelState.IsValid)
                return BadRequest(new ApiErrorResponse(ModelState));
-
-            var o = await biz.GetItemAsync(id);
+            var o = await biz.GetItemAsync(WorkOrderItemId);
            if (o == null)
                return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
-
            return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, AyaType.WorkOrderItem)));
-          
        }