Select Git revision
CodeGen.csproj
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
ResourceController.cs 4.66 KiB
using Coscine.Api.Project.Models;
using Coscine.Api.Project.ReturnObjects;
using Coscine.ApiCommons;
using Coscine.ApiCommons.Exceptions;
using Coscine.ApiCommons.Factories;
using Microsoft.AspNetCore.Mvc;
using System;
using System.Linq;
namespace Coscine.Api.Project.Controllers
{
public class ResourceController : Controller
{
private readonly Authenticator _authenticator;
public ResourceController()
{
_authenticator = new Authenticator(this, Program.Configuration);
}
[Route("[controller]")]
public IActionResult Index()
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
ResourceModel resourceModel = new ResourceModel();
return resourceModel.GetAllWhere((resource) =>
(from projectResource in resource.ProjectResourceResourceIdIds
where (from projectRole in projectResource.Project.ProjectRolesProjectIdIds
where projectRole.User == user
&& projectRole.Role.DisplayName == "Owner"
select projectRole).Any()
select projectResource).Any()
).Select((resource) => new ResourceObject(resource.Id, resource.ExternalId, resource.Url, new ResourceTypeObject(resource.Type.Id, resource.Type.DisplayName)));
}));
}
//[Route("[controller]/greet/{username}")] would also work, but would take all commands
[HttpGet("[controller]/{id}")]
public IActionResult Get(string id)
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
ResourceModel resourceModel = new ResourceModel();
var resource = resourceModel.GetById(Guid.Parse(id));
if (resourceModel.OwnsResource(user, resource))
{
//TODO: Find out why resource.Type is not set
if(resource.Type == null)
{
ResourceTypeModel resourceTypeModel = new ResourceTypeModel();
resource.Type = resourceTypeModel.GetById(resource.TypeId);
}
return new ResourceObject(resource.Id, resource.ExternalId, resource.Url, new ResourceTypeObject(resource.Type.Id, resource.Type.DisplayName));
}
else
{
throw new NotAuthorizedException("User does not own resource!");
}
}));
}
//[Route("[controller]/greet/{username}")] would also work, but would take all commands
[HttpPost("[controller]/{id}")]
public IActionResult Update(string id)
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
ResourceObject resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body); ResourceModel resourceModel = new ResourceModel();
var resource = resourceModel.GetById(Guid.Parse(id));
if (resourceModel.OwnsResource(user, resource))
{
return resourceModel.UpdateByObject(resource, resourceObject);
}
else
{
throw new NotAuthorizedException("The user is not authorized to perform an update on the selected resource!");
}
}));
}
[HttpPost("[controller]/project/{projectId}")]
public IActionResult StoreToProject(string projectId)
{
return Ok(_authenticator.ValidateAndExecute((user) =>
{
ResourceObject resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body);
ProjectModel projectModel = new ProjectModel();
var project = projectModel.GetById(Guid.Parse(projectId));
if (projectModel.OwnsProject(user, project))
{
ResourceModel resourceModel = new ResourceModel();
var resource = resourceModel.StoreFromObject(resourceObject);
projectModel.AddResource(project, resource);
return new ResourceObject(resource.Id, resource.ExternalId, resource.Url, new ResourceTypeObject(resource.Type.Id, resource.Type.DisplayName));
}
else
{
throw new NotAuthorizedException("The user is not authorized to add a new resource to the selected project!");
}
}));
}
}
}