From fd540f29ed3e77f9d880429c43690f90f42b403f Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Wed, 3 Feb 2021 20:12:36 +0000 Subject: [PATCH] --- .vscode/launch.json | 2 +- .../DataListSavedFilterController.cs | 6 +-- server/AyaNova/biz/DataListSavedFilterBiz.cs | 38 +++++++++---------- 3 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 8fd97968..0e2049e9 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -53,7 +53,7 @@ "AYANOVA_FOLDER_USER_FILES": "c:\\temp\\RavenTestData\\userfiles", "AYANOVA_FOLDER_BACKUP_FILES": "c:\\temp\\RavenTestData\\backupfiles", "AYANOVA_FOLDER_TEMPORARY_SERVER_FILES": "c:\\temp\\RavenTestData\\tempfiles", - "AYANOVA_SERVER_TEST_MODE": "true", + "AYANOVA_SERVER_TEST_MODE": "false", "AYANOVA_SERVER_TEST_MODE_SEEDLEVEL": "small", "AYANOVA_SERVER_TEST_MODE_TZ_OFFSET": "-7", "AYANOVA_BACKUP_PG_DUMP_PATH": "C:\\data\\code\\postgres_13\\bin\\" diff --git a/server/AyaNova/Controllers/DataListSavedFilterController.cs b/server/AyaNova/Controllers/DataListSavedFilterController.cs index 38923396..00578b53 100644 --- a/server/AyaNova/Controllers/DataListSavedFilterController.cs +++ b/server/AyaNova/Controllers/DataListSavedFilterController.cs @@ -103,7 +103,7 @@ namespace AyaNova.Api.Controllers /// /// [HttpPut("{id}")] - public async Task PutDataListSavedFilter([FromRoute] long id, [FromBody] DataListSavedFilter inObj) + public async Task PutDataListSavedFilter([FromBody] DataListSavedFilter inObj) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); @@ -114,7 +114,7 @@ namespace AyaNova.Api.Controllers //Instantiate the business object handler DataListSavedFilterBiz biz = DataListSavedFilterBiz.GetBiz(ct, HttpContext); - var o = await biz.GetAsync(id, false); + var o = await biz.GetAsync(inObj.Id, false); if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); @@ -128,7 +128,7 @@ namespace AyaNova.Api.Controllers } catch (DbUpdateConcurrencyException) { - if (!await biz.ExistsAsync(id)) + if (!await biz.ExistsAsync(inObj.Id)) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); else return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); diff --git a/server/AyaNova/biz/DataListSavedFilterBiz.cs b/server/AyaNova/biz/DataListSavedFilterBiz.cs index 0515ac40..2fe07af9 100644 --- a/server/AyaNova/biz/DataListSavedFilterBiz.cs +++ b/server/AyaNova/biz/DataListSavedFilterBiz.cs @@ -49,7 +49,7 @@ namespace AyaNova.Biz //CREATE internal async Task CreateAsync(DataListSavedFilter inObj) { - await ValidateAsync(inObj, true); + Validate(inObj, true); if (HasErrors) return null; else @@ -134,11 +134,11 @@ namespace AyaNova.Biz internal async Task> GetViewListAsync(string listKey) { await EnsureDefaultAsync(listKey); - return await ct.DataListSavedFilter - .AsNoTracking() - .Where(z => z.ListKey == listKey && (z.Public == true || z.UserId == UserId)) - .OrderBy(z => z.Name) - .Select(z => new NameIdDefaultItem(z.Id, z.Name, z.DefaultFilter)).ToListAsync(); + return await ct.DataListSavedFilter + .AsNoTracking() + .Where(z => z.ListKey == listKey && (z.Public == true || z.UserId == UserId)) + .OrderBy(z => z.Name) + .Select(z => new NameIdDefaultItem(z.Id, z.Name, z.DefaultFilter)).ToListAsync(); } @@ -185,7 +185,7 @@ namespace AyaNova.Biz //this will allow EF to check it out ct.Entry(dbObject).OriginalValues["Concurrency"] = inObj.Concurrency; - await ValidateAsync(dbObject, false); + Validate(dbObject, false); if (HasErrors) return false; await ct.SaveChangesAsync(); @@ -233,7 +233,7 @@ namespace AyaNova.Biz // //Can save or update? - private async Task ValidateAsync(DataListSavedFilter inObj, bool isNew) + private void Validate(DataListSavedFilter inObj, bool isNew) { //UserId required @@ -243,23 +243,23 @@ namespace AyaNova.Biz AddError(ApiErrorCode.VALIDATION_REQUIRED, "UserId"); } + //can't save a filter for someone else + if (inObj.UserId != UserId && inObj.Public == false) + { + AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror", "Can only save private filters for self not other UserId's"); + return; + } + //technically not "validation" but always ensure default filter has - name + if (inObj.DefaultFilter) + { + inObj.Name = "-"; + } //Name required if (string.IsNullOrWhiteSpace(inObj.Name)) AddError(ApiErrorCode.VALIDATION_REQUIRED, "Name"); - - //If name is otherwise OK, check that name is unique - if (!PropertyHasErrors("Name")) - { - //Use Any command is efficient way to check existance, it doesn't return the record, just a true or false - if (await ct.DataListSavedFilter.AnyAsync(z => z.Name == inObj.Name && z.Id != inObj.Id)) - { - AddError(ApiErrorCode.VALIDATION_NOT_UNIQUE, "Name"); - } - } - if (string.IsNullOrWhiteSpace(inObj.Filter)) AddError(ApiErrorCode.VALIDATION_REQUIRED, "Filter");