case 4240
This commit is contained in:
@@ -1131,45 +1131,49 @@ namespace AyaNova.Biz
|
||||
//
|
||||
internal async Task<QuoteState> StateCreateAsync(QuoteState newObject)
|
||||
{
|
||||
await StatePreliminaryValidateCanAddAsync(newObject);
|
||||
if (HasErrors)
|
||||
return null;
|
||||
else
|
||||
using (var transaction = await ct.Database.BeginTransactionAsync())//case 4240 wrapped in transaction because header is updated as well as states collection so both need to be in sync
|
||||
{
|
||||
|
||||
var quote = await ct.Quote.FirstOrDefaultAsync(x => x.Id == newObject.QuoteId);
|
||||
var NewStatusInfo = await ct.QuoteStatus.AsNoTracking().FirstOrDefaultAsync(x => x.Id == newObject.QuoteStatusId);
|
||||
|
||||
QuoteStatus LastStatusInfo = null;
|
||||
if (quote.LastStatusId != null)
|
||||
LastStatusInfo = await ct.QuoteStatus.AsNoTracking().FirstOrDefaultAsync(x => x.Id == quote.LastStatusId);
|
||||
|
||||
//Level 2 validation - Quote status RemoveRoles, SelectRoles and User roles
|
||||
|
||||
//If we have a last role, can it be removed by this User?
|
||||
if (LastStatusInfo != null && CurrentUserRoles.HasAnyFlags(LastStatusInfo.RemoveRoles) == false)
|
||||
{
|
||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror", "LT:QuoteQuoteStatusType -> LT:RemoveRoles");
|
||||
await StatePreliminaryValidateCanAddAsync(newObject);
|
||||
if (HasErrors)
|
||||
return null;
|
||||
}
|
||||
//Can the new role be selected by this user?
|
||||
if (CurrentUserRoles.HasAnyFlags(NewStatusInfo.SelectRoles) == false)
|
||||
else
|
||||
{
|
||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror", "LT:QuoteQuoteStatusType -> LT:SelectRoles");
|
||||
return null;
|
||||
|
||||
var quote = await ct.Quote.FirstOrDefaultAsync(x => x.Id == newObject.QuoteId);
|
||||
var NewStatusInfo = await ct.QuoteStatus.AsNoTracking().FirstOrDefaultAsync(x => x.Id == newObject.QuoteStatusId);
|
||||
|
||||
QuoteStatus LastStatusInfo = null;
|
||||
if (quote.LastStatusId != null)
|
||||
LastStatusInfo = await ct.QuoteStatus.AsNoTracking().FirstOrDefaultAsync(x => x.Id == quote.LastStatusId);
|
||||
|
||||
//Level 2 validation - Quote status RemoveRoles, SelectRoles and User roles
|
||||
|
||||
//If we have a last role, can it be removed by this User?
|
||||
if (LastStatusInfo != null && CurrentUserRoles.HasAnyFlags(LastStatusInfo.RemoveRoles) == false)
|
||||
{
|
||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror", "LT:QuoteQuoteStatusType -> LT:RemoveRoles");
|
||||
return null;
|
||||
}
|
||||
//Can the new role be selected by this user?
|
||||
if (CurrentUserRoles.HasAnyFlags(NewStatusInfo.SelectRoles) == false)
|
||||
{
|
||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror", "LT:QuoteQuoteStatusType -> LT:SelectRoles");
|
||||
return null;
|
||||
}
|
||||
//Seems legit, we'll allow it
|
||||
|
||||
|
||||
|
||||
await ct.QuoteState.AddAsync(newObject);
|
||||
quote.LastStatusId = newObject.QuoteStatusId;
|
||||
await ct.SaveChangesAsync();
|
||||
newObject.NewQuoteConcurrency = quote.Concurrency;
|
||||
|
||||
await EventLogProcessor.LogEventToDatabaseAsync(new Event(UserId, newObject.Id, AyaType.QuoteStatus, AyaEvent.Created), ct);
|
||||
await transaction.CommitAsync();
|
||||
await StateHandlePotentialNotificationEvent(AyaEvent.Created, newObject);
|
||||
return newObject;
|
||||
}
|
||||
//Seems legit, we'll allow it
|
||||
|
||||
|
||||
|
||||
await ct.QuoteState.AddAsync(newObject);
|
||||
quote.LastStatusId = newObject.QuoteStatusId;
|
||||
await ct.SaveChangesAsync();
|
||||
newObject.NewQuoteConcurrency = quote.Concurrency;
|
||||
|
||||
await EventLogProcessor.LogEventToDatabaseAsync(new Event(UserId, newObject.Id, AyaType.QuoteStatus, AyaEvent.Created), ct);
|
||||
await StateHandlePotentialNotificationEvent(AyaEvent.Created, newObject);
|
||||
return newObject;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user