diff --git a/src/Project/Controllers/SubProjectController.cs b/src/Project/Controllers/SubProjectController.cs index 812da5778065382280ea15eeeb8658902c6f21a3..53289c5a6b84e632025a7800d9a6b927c2e2abd9 100644 --- a/src/Project/Controllers/SubProjectController.cs +++ b/src/Project/Controllers/SubProjectController.cs @@ -2,6 +2,7 @@ using Coscine.ApiCommons; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; +using Newtonsoft.Json.Linq; using System; using System.Linq; @@ -47,5 +48,31 @@ namespace Coscine.Api.Project.Controllers return Unauthorized("User is not allowed to create a subproject for the given project id!"); } } + + [HttpGet("[controller]/{childId}/accessibleParent")] + public IActionResult GetAccessibleParent(string childId) + { + var childGuid = new Guid(childId); + var projectModel = new ProjectModel(); + var projectRoleModel = new ProjectRoleModel(); + var user = _authenticator.GetUser(); + string[] allowedRoles = { UserRoles.Owner, UserRoles.Member }; + allowedRoles = allowedRoles.Select(x => x.ToLower().Trim()).ToArray(); + if (projectModel.HasAccess(user, projectModel.GetById(childGuid), allowedRoles)) + { + var subProjects = _subProjectModel.GetAllWhere((subProjectM) => (subProjectM.SubProjectId == childGuid)).ToArray(); + var json = new JObject(); + json["id"] = "00000000-0000-0000-0000-000000000000"; + if (subProjects.Count() == 1 && projectModel.HasAccess(user, projectModel.GetById(subProjects[0].ProjectId), allowedRoles)) + { + json["id"] = subProjects[0].ProjectId; + } + return Json(json); + } + else + { + return Unauthorized("User is not allowed to create a subproject for the given project id!"); + } + } } }