diff --git a/server/AyaNova/Controllers/WorkOrderController.cs b/server/AyaNova/Controllers/WorkOrderController.cs
index 8eb3cf7e..ac3496d6 100644
--- a/server/AyaNova/Controllers/WorkOrderController.cs
+++ b/server/AyaNova/Controllers/WorkOrderController.cs
@@ -3,7 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.JsonPatch;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging;
using AyaNova.Models;
@@ -265,124 +264,124 @@ namespace AyaNova.Api.Controllers
#region WorkOrder Item
//TODO: Plot exact routes needed here, not all are needed, particularly the collection ones
- //but maybe handy? Like do I need delete on entire woitems collection?
+ //but maybe handy? Like do I need delete on entire woitems collection?
//WorkOrder/{woid}/WorkorderItems <- all workorderitems, post to add new, put to update all as a collection
//WorkOrder/{woid}/WorkOrderItems/{woitemid} <- CRUD single woitemid
-// ///
-// /// Get full WorkOrder object
-// ///
-// ///
-// /// A single WorkOrder
-// [HttpGet("{id}")]
-// public async Task GetWorkOrder([FromRoute] long id)
-// {
-// if (!serverState.IsOpen)
-// return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+ // ///
+ // /// Get full WorkOrder object
+ // ///
+ // ///
+ // /// A single WorkOrder
+ // [HttpGet("{id}")]
+ // public async Task GetWorkOrder([FromRoute] long id)
+ // {
+ // if (!serverState.IsOpen)
+ // return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
-// //Instantiate the business object handler
-// WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
+ // //Instantiate the business object handler
+ // WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
-// //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
-// if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
-// return StatusCode(403, new ApiNotAuthorizedResponse());
+ // //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
+ // if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
+ // return StatusCode(403, new ApiNotAuthorizedResponse());
-// if (!ModelState.IsValid)
-// return BadRequest(new ApiErrorResponse(ModelState));
+ // if (!ModelState.IsValid)
+ // return BadRequest(new ApiErrorResponse(ModelState));
-// var o = await biz.GetAsync(id);
-// if (o == null)
-// return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
+ // var o = await biz.GetAsync(id);
+ // if (o == null)
+ // return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
-// // NOTE: HERE would be the second check of biz rules before returning the object
-// // in cases where there is also a business rule to affect retrieval on top of basic rights
+ // // NOTE: HERE would be the second check of biz rules before returning the object
+ // // in cases where there is also a business rule to affect retrieval on top of basic rights
-// return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
-// }
+ // return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
+ // }
-// //TODO: GET BY RELATIVE
-// //get by descendent type and id
+ // //TODO: GET BY RELATIVE
+ // //get by descendent type and id
-// ///
-// /// Put (update) WorkOrder
-// ///
-// ///
-// ///
-// ///
-// [HttpPut("{id}")]
-// public async Task PutWorkOrder([FromRoute] long id, [FromBody] WorkOrder inObj)
-// {
-// if (!serverState.IsOpen)
-// return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+ // ///
+ // /// Put (update) WorkOrder
+ // ///
+ // ///
+ // ///
+ // ///
+ // [HttpPut("{id}")]
+ // public async Task PutWorkOrder([FromRoute] long id, [FromBody] WorkOrder inObj)
+ // {
+ // if (!serverState.IsOpen)
+ // return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
-// if (!ModelState.IsValid)
-// return BadRequest(new ApiErrorResponse(ModelState));
+ // if (!ModelState.IsValid)
+ // return BadRequest(new ApiErrorResponse(ModelState));
-// //Instantiate the business object handler
-// WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
+ // //Instantiate the business object handler
+ // WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
-// var o = await biz.GetAsync(id, false);
-// if (o == null)
-// return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
+ // var o = await biz.GetAsync(id, false);
+ // if (o == null)
+ // return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
-// if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
-// return StatusCode(403, new ApiNotAuthorizedResponse());
+ // if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
+ // return StatusCode(403, new ApiNotAuthorizedResponse());
-// try
-// {
-// if (!await biz.PutAsync(o, inObj))
-// return BadRequest(new ApiErrorResponse(biz.Errors));
-// }
-// catch (DbUpdateConcurrencyException)
-// {
-// if (!await biz.ExistsAsync(id))
-// return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
-// else
-// return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
-// }
-// return Ok(ApiOkResponse.Response(new { ConcurrencyToken = o.ConcurrencyToken }, true));
-// }
+ // try
+ // {
+ // if (!await biz.PutAsync(o, inObj))
+ // return BadRequest(new ApiErrorResponse(biz.Errors));
+ // }
+ // catch (DbUpdateConcurrencyException)
+ // {
+ // if (!await biz.ExistsAsync(id))
+ // return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
+ // else
+ // return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
+ // }
+ // return Ok(ApiOkResponse.Response(new { ConcurrencyToken = o.ConcurrencyToken }, true));
+ // }
-// ///
-// /// Post Workorder
-// ///
-// ///
-// /// Automatically filled from route path, no need to specify in body
-// ///
-// [HttpPost]
-// public async Task PostWorkOrder([FromBody] WorkOrder inObj, ApiVersion apiVersion)
-// {
-// if (!serverState.IsOpen)
-// return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+ // ///
+ // /// Post Workorder
+ // ///
+ // ///
+ // /// Automatically filled from route path, no need to specify in body
+ // ///
+ // [HttpPost]
+ // public async Task PostWorkOrder([FromBody] WorkOrder inObj, ApiVersion apiVersion)
+ // {
+ // if (!serverState.IsOpen)
+ // return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
-// //Instantiate the business object handler
-// WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
+ // //Instantiate the business object handler
+ // WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
-// //If a user has change roles
-// if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
-// return StatusCode(403, new ApiNotAuthorizedResponse());
+ // //If a user has change roles
+ // if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
+ // return StatusCode(403, new ApiNotAuthorizedResponse());
-// if (!ModelState.IsValid)
-// return BadRequest(new ApiErrorResponse(ModelState));
+ // if (!ModelState.IsValid)
+ // return BadRequest(new ApiErrorResponse(ModelState));
-// //Create and validate
-// WorkOrder o = await biz.CreateAsync(inObj);
-// if (o == null)
-// return BadRequest(new ApiErrorResponse(biz.Errors));
-// else
-// return CreatedAtAction(nameof(WorkOrderController.GetWorkOrder), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
+ // //Create and validate
+ // WorkOrder o = await biz.CreateAsync(inObj);
+ // if (o == null)
+ // return BadRequest(new ApiErrorResponse(biz.Errors));
+ // else
+ // return CreatedAtAction(nameof(WorkOrderController.GetWorkOrder), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
+
+ // }
-// }
-
@@ -412,14 +411,14 @@ namespace AyaNova.Api.Controllers
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
-//stubbed out for now just to see routes
+ //stubbed out for now just to see routes
// if (!await biz.DeleteItemsAsync(o))
// return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent();
}
- ///
+ ///
/// Delete WorkOrderItems
///
///
@@ -438,18 +437,20 @@ namespace AyaNova.Api.Controllers
//Instantiate the business object handler
WorkOrderBiz biz = WorkOrderBiz.GetBiz(ct, HttpContext);
-
- if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
+
+ if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.GetAsync(workOrderId, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
+ //Make sure the item exists first before getting into it
+ if (!o.WorkorderItems.Exists(m => m.Id == workOrderItemId))
+ return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
-
-
-//stubbed out for now just to see routes
+
+ //stubbed out for now just to see routes
// if (!await biz.DeleteItemsAsync(o))
// return BadRequest(new ApiErrorResponse(biz.Errors));