Select Git revision
-
Benedikt Heinrichs authoredBenedikt Heinrichs authored
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
ProjectRoleController.cs 4.01 KiB
using Coscine.Api.Project.Models;
using Coscine.Api.Project.ReturnObjects;
using Coscine.ApiCommons;
using Coscine.ApiCommons.Exceptions;
using Coscine.ApiCommons.Factories;
using Coscine.Database.Model;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace Coscine.Api.Project.Controllers
{
public class ProjectRoleController : Controller
{
private readonly Authenticator _authenticator;
private readonly ProjectRoleModel _projectRoleModel;
public ProjectRoleController()
{
_authenticator = new Authenticator(this, Program.Configuration);
_projectRoleModel = new ProjectRoleModel();
}
[Route("[controller]/{projectId}")]
public IActionResult Index(string projectId)
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
UserModel userModel = new UserModel();
RoleModel roleModel = new RoleModel();
ProjectModel projectModel = new ProjectModel();
Guid.TryParse(projectId, out Guid projectIdGuid);
if (projectModel.OwnsProject(user, projectModel.GetById(projectIdGuid)))
{
return _projectRoleModel.GetAllWhere((projectRole) =>
(projectRole.ProjectId == projectIdGuid)
).Select((projectRole) =>
{
User userInst = projectRole.User;
if (userInst == null)
{
userInst = userModel.GetById(projectRole.UserId);
}
Role role = projectRole.Role;
if (role == null)
{
role = roleModel.GetById(projectRole.RoleId);
}
return new ProjectRoleObject(projectRole.ProjectId, new UserObject(userInst.Id, userInst.DisplayName), new RoleObject(role.Id, role.DisplayName));
});
}
else
{
throw new UnauthorizedAccessException("User is not allowed to list all users to the given project!");
}
}));
}
[HttpPost("[controller]")]
public IActionResult Set()
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
ProjectRoleObject projectRoleObject = ObjectFactory<ProjectRoleObject>.DeserializeFromStream(Request.Body);
ProjectModel projectModel = new ProjectModel();
if (projectModel.OwnsProject(user, projectModel.GetById(projectRoleObject.ProjectId)))
{ return _projectRoleModel.SetFromObject(projectRoleObject);
}
else
{
throw new NotAuthorizedException("The user is not authorized to store a project role to the given project!");
}
}));
}
[HttpDelete("[controller]/project/{projectId}/user/{userId}/role/{roleId}")]
public IActionResult Delete(Guid projectId, Guid userId, Guid roleId)
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
ProjectModel projectModel = new ProjectModel();
if (projectModel.OwnsProject(user, projectModel.GetById(projectId)))
{
return _projectRoleModel.Delete(_projectRoleModel.GetWhere((projectRole) =>
projectRole.ProjectId == projectId
&& projectRole.UserId == userId
&& projectRole.RoleId == roleId));
}
else
{
throw new NotAuthorizedException("The user is not authorized to delete a project role for the given project!");
}
}));
}
}
}