admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2019-04-30 15:26:05 +00:00
parent de36cbbaf1
commit e8ef841590
17 changed files with 72 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
server/AyaNova/Controllers/WidgetController.cs
View File

@@ -65,7 +65,7 @@ namespace AyaNova.Api.Controllers
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
@@ -96,7 +96,7 @@ namespace AyaNova.Api.Controllers
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
return Ok(new
{
@@ -122,7 +122,7 @@ namespace AyaNova.Api.Controllers
WidgetBiz biz = WidgetBiz.GetBiz(ct, HttpContext);
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, biz.BizType))
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
@@ -186,7 +186,7 @@ namespace AyaNova.Api.Controllers
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
@@ -235,7 +235,7 @@ namespace AyaNova.Api.Controllers
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
@@ -273,7 +273,7 @@ namespace AyaNova.Api.Controllers
//If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, biz.BizType))
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
@@ -316,7 +316,7 @@ namespace AyaNova.Api.Controllers
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, biz.BizType, o.OwnerId))
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!biz.Delete(o))
return BadRequest(new ApiErrorResponse(biz.Errors));
@@ -361,7 +361,7 @@ namespace AyaNova.Api.Controllers
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.JobOperations))
return StatusCode(401, new ApiNotAuthorizedResponse());
return StatusCode(403, new ApiNotAuthorizedResponse());
//Create the job here
OpsJob j = new OpsJob();