Project 'coscine/api/project' was moved to 'coscine/backend/apis/project'. Please update any links and bookmarks that may still have the old path.
Select Git revision
ResourceController.cs

L. Ellenbeck authored and
Marcel Nellesen
committed
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
ResourceController.cs 4.62 KiB
using Coscine.Api.Project.Models;
using Coscine.Api.Project.ReturnObjects;
using Coscine.ApiCommons;
using Coscine.ApiCommons.Exceptions;
using Coscine.ApiCommons.Factories;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Linq;
using Newtonsoft.Json.Linq;
namespace Coscine.Api.Project.Controllers
{
public class ResourceController : Controller
{
private readonly Authenticator _authenticator;
private readonly ResourceModel _resourceModel;
public ResourceController()
{
_authenticator = new Authenticator(this, Program.Configuration);
_resourceModel = new ResourceModel();
}
[Route("[controller]")]
public IActionResult Index()
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
return _resourceModel.GetAllWhere((resource) =>
(from projectResource in resource.ProjectResourceResourceIdIds
where (from projectRole in projectResource.Project.ProjectRolesProjectIdIds
where projectRole.User == user
&& projectRole.Role.DisplayName == "Owner"
select projectRole).Any()
select projectResource).Any()
).Select((resource) => _resourceModel.CreateReturnObjectFromDatabaseObject(resource));
}));
}
[HttpGet("[controller]/{id}")]
public IActionResult Get(string id)
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
var resource = _resourceModel.GetById(Guid.Parse(id));
if (_resourceModel.OwnsResource(user, resource))
{
_resourceModel.SetType(resource);
return _resourceModel.CreateReturnObjectFromDatabaseObject(resource);
}
else
{
throw new NotAuthorizedException("User does not own resource!");
}
}));
}
[HttpPost("[controller]/{id}")]
public IActionResult Update(string id)
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
ResourceObject resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body);
var resource = _resourceModel.GetById(Guid.Parse(id));
if (_resourceModel.OwnsResource(user, resource))
{
return _resourceModel.UpdateByObject(resource, resourceObject);
}
else
{
throw new NotAuthorizedException("The user is not authorized to perform an update on the selected resource!");
}
}));
}
[HttpDelete("[controller]/{id}")]
public IActionResult Delete(string id)
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
var resource = _resourceModel.GetById(Guid.Parse(id));
if (_resourceModel.OwnsResource(user, resource))
{
var returnObject = _resourceModel.CreateReturnObjectFromDatabaseObject(resource);
_resourceModel.DeleteResource(resource);
return returnObject;
}
else
{
throw new NotAuthorizedException("The user is not authorized to perform an update on the selected resource!");
}
}));
}
[HttpPost("[controller]/project/{projectId}")]
public IActionResult StoreToProject(string projectId)
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
ResourceObject resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body);
ProjectModel projectModel = new ProjectModel();
var project = projectModel.GetById(Guid.Parse(projectId));
if (projectModel.OwnsProject(user, project))
{
var resource = _resourceModel.StoreFromObject(resourceObject);
projectModel.AddResource(project, resource);
return _resourceModel.CreateReturnObjectFromDatabaseObject(resource);
}
else
{
throw new NotAuthorizedException("The user is not authorized to add a new resource to the selected project!");
}
}));
}
}
}