This commit is contained in:
@@ -62,7 +62,7 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.User))
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, UserBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -83,7 +83,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//Log
|
||||
EventLogProcessor.AddEntry(new Event(biz.UserId, o.Id, AyaType.User, AyaEvent.Retrieved), ct);
|
||||
EventLogProcessor.AddEntry(new Event(biz.UserId, o.Id, UserBiz.BizType, AyaEvent.Retrieved), ct);
|
||||
ct.SaveChanges();
|
||||
return Ok(new ApiOkResponse(o));
|
||||
}
|
||||
@@ -107,7 +107,7 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.User))
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, UserBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -190,7 +190,7 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.User, o.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, UserBiz.BizType, o.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -257,7 +257,7 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.User, o.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, UserBiz.BizType, o.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -304,7 +304,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, AyaType.User))
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, UserBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -366,7 +366,7 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, AyaType.User, dbObj.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, UserBiz.BizType, dbObj.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
@@ -65,7 +65,7 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.Widget))
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -76,7 +76,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = new WidgetBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
var o = await biz.GetAsync(id);
|
||||
|
||||
@@ -86,7 +86,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//Log
|
||||
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, AyaType.Widget, AyaEvent.Retrieved), ct);
|
||||
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, WidgetBiz.BizType, AyaEvent.Retrieved), ct);
|
||||
ct.SaveChanges();
|
||||
return Ok(new ApiOkResponse(o));
|
||||
}
|
||||
@@ -108,7 +108,7 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.Widget))
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -119,7 +119,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = new WidgetBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
ApiPagedResponse<Widget> pr = await biz.GetManyAsync(Url, nameof(ListWidgets), pagingOptions);
|
||||
return Ok(new ApiOkWithPagingResponse<Widget>(pr));
|
||||
@@ -155,7 +155,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = new WidgetBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
ApiPagedResponse<NameIdItem> pr = await biz.GetPickListAsync(Url, nameof(WidgetPickList), pagingOptions, q);
|
||||
return Ok(new ApiOkWithPagingResponse<NameIdItem>(pr));
|
||||
@@ -193,13 +193,13 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.Widget, o.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, WidgetBiz.BizType, o.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = new WidgetBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
if (!biz.Put(o, inObj))
|
||||
{
|
||||
@@ -209,9 +209,9 @@ namespace AyaNova.Api.Controllers
|
||||
try
|
||||
{
|
||||
//Log
|
||||
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, AyaType.Widget, AyaEvent.Modified), ct);
|
||||
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, WidgetBiz.BizType, AyaEvent.Modified), ct);
|
||||
await ct.SaveChangesAsync();
|
||||
Search.ProcessUpdatedObjectKeywords(ct, UserLocaleIdFromContext.Id(HttpContext.Items), o.Id, AyaType.Widget, o.Name, o.Notes, o.Name);
|
||||
Search.ProcessUpdatedObjectKeywords(ct, UserLocaleIdFromContext.Id(HttpContext.Items), o.Id, WidgetBiz.BizType, o.Name, o.Notes, o.Name);
|
||||
}
|
||||
catch (DbUpdateConcurrencyException)
|
||||
{
|
||||
@@ -262,7 +262,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = new WidgetBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
|
||||
var o = await ct.Widget.SingleOrDefaultAsync(m => m.Id == id);
|
||||
@@ -272,7 +272,7 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.Widget, o.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, WidgetBiz.BizType, o.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -286,11 +286,11 @@ namespace AyaNova.Api.Controllers
|
||||
try
|
||||
{
|
||||
//Log
|
||||
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, AyaType.Widget, AyaEvent.Modified), ct);
|
||||
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, WidgetBiz.BizType, AyaEvent.Modified), ct);
|
||||
await ct.SaveChangesAsync();
|
||||
|
||||
//this will save the context as part of it's operations
|
||||
Search.ProcessUpdatedObjectKeywords(ct, UserLocaleIdFromContext.Id(HttpContext.Items), o.Id, AyaType.Widget, o.Name, o.Notes, o.Name);
|
||||
Search.ProcessUpdatedObjectKeywords(ct, UserLocaleIdFromContext.Id(HttpContext.Items), o.Id, WidgetBiz.BizType, o.Name, o.Notes, o.Name);
|
||||
|
||||
}
|
||||
catch (DbUpdateConcurrencyException)
|
||||
@@ -326,7 +326,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, AyaType.Widget))
|
||||
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, WidgetBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -337,7 +337,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = new WidgetBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
//Create and validate
|
||||
Widget o = await biz.CreateAsync(inObj);
|
||||
@@ -354,11 +354,11 @@ namespace AyaNova.Api.Controllers
|
||||
await ct.SaveChangesAsync();
|
||||
|
||||
//Log now that we have the Id
|
||||
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, AyaType.Widget, AyaEvent.Created), ct);
|
||||
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, WidgetBiz.BizType, AyaEvent.Created), ct);
|
||||
await ct.SaveChangesAsync();
|
||||
|
||||
//this will save the context as part of it's operations
|
||||
Search.ProcessNewObjectKeywords(ct, UserLocaleIdFromContext.Id(HttpContext.Items), o.Id, AyaType.Widget, o.Name, o.Notes, o.Name);
|
||||
Search.ProcessNewObjectKeywords(ct, UserLocaleIdFromContext.Id(HttpContext.Items), o.Id, WidgetBiz.BizType, o.Name, o.Notes, o.Name);
|
||||
|
||||
|
||||
//return success and link
|
||||
@@ -398,24 +398,25 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, AyaType.Widget, dbObj.OwnerId))
|
||||
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, WidgetBiz.BizType, dbObj.OwnerId))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
//Instantiate the business object handler
|
||||
WidgetBiz biz = new WidgetBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
if (!biz.Delete(dbObj))
|
||||
{
|
||||
return BadRequest(new ApiErrorResponse(biz.Errors));
|
||||
}
|
||||
|
||||
//Log
|
||||
EventLogProcessor.DeleteObject(biz.userId, AyaType.Widget, dbObj.Id, dbObj.Name, ct);
|
||||
EventLogProcessor.DeleteObject(biz.userId, WidgetBiz.BizType, dbObj.Id, dbObj.Name, ct);
|
||||
await ct.SaveChangesAsync();
|
||||
|
||||
//This will directly execute and is not part of context for saving purposes
|
||||
Search.ProcessDeletedObjectKeywords(ct, dbObj.Id, AyaType.Widget);
|
||||
Search.ProcessDeletedObjectKeywords(ct, dbObj.Id, WidgetBiz.BizType);
|
||||
|
||||
|
||||
//Delete children / attached objects
|
||||
@@ -446,7 +447,7 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.Widget))
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
@@ -466,7 +467,7 @@ namespace AyaNova.Api.Controllers
|
||||
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
||||
}
|
||||
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.Widget))
|
||||
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, WidgetBiz.BizType))
|
||||
{
|
||||
return StatusCode(401, new ApiNotAuthorizedResponse());
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user