This commit is contained in:
@@ -210,23 +210,15 @@ namespace AyaNova.Api.Controllers
|
|||||||
{
|
{
|
||||||
if (!serverState.IsOpen)
|
if (!serverState.IsOpen)
|
||||||
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
|
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
|
||||||
|
|
||||||
//Instantiate the business object handler
|
|
||||||
WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
|
WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
|
||||||
|
|
||||||
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
|
|
||||||
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
|
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
|
||||||
return StatusCode(403, new ApiNotAuthorizedResponse());
|
return StatusCode(403, new ApiNotAuthorizedResponse());
|
||||||
|
|
||||||
if (!ModelState.IsValid)
|
if (!ModelState.IsValid)
|
||||||
return BadRequest(new ApiErrorResponse(ModelState));
|
return BadRequest(new ApiErrorResponse(ModelState));
|
||||||
|
var o = await biz.GetItemAsync(WorkOrderItemId);
|
||||||
var o = await biz.GetItemAsync(id);
|
|
||||||
if (o == null)
|
if (o == null)
|
||||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||||
|
|
||||||
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, AyaType.WorkOrderItem)));
|
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, AyaType.WorkOrderItem)));
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user