New: Included the ResourceCreator Role (coscine/issues#530)

f5d54c4d · Marcel Nellesen · c673438d · f5d54c4d · f5d54c4d · f5d54c4d
Commit f5d54c4d authored 5 years ago by Marcel Nellesen
--- a/src/Project/Controllers/ResourceController.cs
+++ b/src/Project/Controllers/ResourceController.cs
@@ -9,6 +9,8 @@ using Coscine.Action;
 using Coscine.Configuration;
 using Coscine.Action.EventArgs;
 using Microsoft.AspNetCore.Authorization;
+using Newtonsoft.Json.Linq;
+using Coscine.Database.Model;

 namespace Coscine.Api.Project.Controllers
 {
@@ -59,6 +61,18 @@ namespace Coscine.Api.Project.Controllers
            }
        }

+        [HttpGet("[controller]/resource/{id}/isCreator")]
+        public IActionResult IsUserResourceCreator(string id)
+        {
+            Resource resource = _resourceModel.GetById(Guid.Parse(id));
+            var user = _authenticator.GetUser();
+            var json = new JObject
+            {
+                ["isResourceCreator"] = resource.Creator.Equals(user.Id)
+            };
+            return Json(json);
+        }
+
        [HttpPost("[controller]/{id}")]
        public IActionResult Update(string id)
        {
@@ -66,7 +80,8 @@ namespace Coscine.Api.Project.Controllers
            var resource = _resourceModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();

-            if (_resourceModel.HasAccess(user, resource, UserRoles.Owner))
+            if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
+                (_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
            {
                return Json(_resourceModel.UpdateByObject(resource, resourceObject));
            }
@@ -81,7 +96,8 @@ namespace Coscine.Api.Project.Controllers
        {
            var resource = _resourceModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();
-            if (_resourceModel.HasAccess(user, resource, UserRoles.Owner))
+            if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
+                (_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
            {
                var returnObject = _resourceModel.CreateReturnObjectFromDatabaseObject(resource);
                _emitter.EmitResourceDelete(new ResourceEventArgs(_configuration)
@@ -107,6 +123,7 @@ namespace Coscine.Api.Project.Controllers

            if (projectModel.HasAccess(user, project, UserRoles.Owner, UserRoles.Member))
            {
+                resourceObject.Creator = user.Id;
                var resource = _resourceModel.StoreFromObject(resourceObject);
                projectModel.AddResource(project, resource);


--- a/src/Project/Models/ResourceModel.cs
+++ b/src/Project/Models/ResourceModel.cs
@@ -38,7 +38,8 @@ namespace Coscine.Api.Project.Models
                Type = new ResourceTypeModel().GetById(resourceObject.Type.Id),
                VisibilityId = resourceObject.Visibility.Id,
                ApplicationProfile = resourceObject.ApplicationProfile,
-                FixedValues = resourceObject.FixedValues != null ? resourceObject.FixedValues.ToString() :"{}"                
+                FixedValues = resourceObject.FixedValues != null ? resourceObject.FixedValues.ToString() :"{}",
+                Creator = resourceObject.Creator
            };
            if(resourceObject.License != null)
            {
@@ -226,10 +227,15 @@ namespace Coscine.Api.Project.Models
            {
                resource.LicenseId = resourceObject.License.Id;
            }
+
            // the application profile can not be altered after creation
            // resource.ApplicationProfile = resourceObject.ApplicationProfile;
+
            resource.FixedValues = resourceObject.FixedValues != null ? resourceObject.FixedValues.ToString() : "{}";

+            // the resource creator can not be altered after creation
+            // resource.Creator = resourceObject.Creator;
+
            SetDisciplines(resource, resourceObject.Disciplines);
            SetResourceTypeObject(resource, resourceObject.ResourceTypeOption);

@@ -322,7 +328,8 @@ namespace Coscine.Api.Project.Models
                (resource.License != null) ? new LicenseObject(resource.License.Id, resource.License.DisplayName) : null,
                JObject.FromObject(resourceTypeOptionObject),
                resource.ApplicationProfile,
-                JToken.Parse(resource.FixedValues == null ? "{}": resource.FixedValues )
+                JToken.Parse(resource.FixedValues == null ? "{}": resource.FixedValues ),
+                (resource.Creator != null) ? resource.Creator : null
            );
        }


--- a/src/Project/ReturnObjects/ResourceObject.cs
+++ b/src/Project/ReturnObjects/ResourceObject.cs
@@ -22,8 +22,9 @@ namespace Coscine.Api.Project.ReturnObjects
        public JObject ResourceTypeOption { get; set; }
        public string ApplicationProfile { get; set; }
        public JToken FixedValues { get; set; }
+        public Guid? Creator { get; set; }

-        public ResourceObject(Guid id,  string displayName, string resourceName, string description, string keywords, string usageRights, ResourceTypeObject type, IEnumerable<DisciplineObject> disciplines, VisibilityObject visibility, LicenseObject license, JObject resourceTypeOption, string applicationProfile, JToken fixedValues)
+        public ResourceObject(Guid id,  string displayName, string resourceName, string description, string keywords, string usageRights, ResourceTypeObject type, IEnumerable<DisciplineObject> disciplines, VisibilityObject visibility, LicenseObject license, JObject resourceTypeOption, string applicationProfile, JToken fixedValues, Guid? creator = null)
        {
            Id = id;

@@ -42,6 +43,8 @@ namespace Coscine.Api.Project.ReturnObjects

            ApplicationProfile = applicationProfile;
            FixedValues = fixedValues;
+
+            Creator = creator;
        }
    }
 }