Diplomarbeit-Absolventenverein/Module.BlackBoard
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Module.BlackBoard/Server/Controllers/BlackBoardController.cs

115 lines
4.6 KiB
C#
Raw Permalink Blame History

using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;
using System.Collections.Generic;
using Microsoft.AspNetCore.Http;
using Oqtane.Shared;
using Oqtane.Enums;
using Oqtane.Infrastructure;
using SZUAbsolventenverein.Module.BlackBoard.Services;
using Oqtane.Controllers;
using System.Net;
using System.Threading.Tasks;
namespace SZUAbsolventenverein.Module.BlackBoard.Controllers
{
[Route(ControllerRoutes.ApiRoute)]
public class BlackBoardController : ModuleControllerBase
{
private readonly IBlackBoardService _BlackBoardService;
public BlackBoardController(IBlackBoardService BlackBoardService, ILogManager logger, IHttpContextAccessor accessor) : base(logger, accessor)
{
_BlackBoardService = BlackBoardService;
}
// GET: api/<controller>?moduleid=x
[HttpGet]
[Authorize(Policy = PolicyNames.ViewModule)]
public async Task<IEnumerable<Models.BlackBoard>> Get(string moduleid)
{
int ModuleId;
if (int.TryParse(moduleid, out ModuleId) && IsAuthorizedEntityId(EntityNames.Module, ModuleId))
{
return await _BlackBoardService.GetBlackBoardsAsync(ModuleId);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized BlackBoard Get Attempt {ModuleId}", moduleid);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return null;
}
}
// GET api/<controller>/5
[HttpGet("{id}/{moduleid}")]
[Authorize(Policy = PolicyNames.ViewModule)]
public async Task<Models.BlackBoard> Get(int id, int moduleid)
{
Models.BlackBoard BlackBoard = await _BlackBoardService.GetBlackBoardAsync(id, moduleid);
if (BlackBoard != null && IsAuthorizedEntityId(EntityNames.Module, BlackBoard.ModuleId))
{
return BlackBoard;
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized BlackBoard Get Attempt {BlackBoardId} {ModuleId}", id, moduleid);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return null;
}
}
// POST api/<controller>
[HttpPost]
[Authorize(Policy = PolicyNames.EditModule)]
public async Task<Models.BlackBoard> Post([FromBody] Models.BlackBoard BlackBoard)
{
if (ModelState.IsValid && IsAuthorizedEntityId(EntityNames.Module, BlackBoard.ModuleId))
{
BlackBoard = await _BlackBoardService.AddBlackBoardAsync(BlackBoard);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized BlackBoard Post Attempt {BlackBoard}", BlackBoard);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
BlackBoard = null;
}
return BlackBoard;
}
// PUT api/<controller>/5
[HttpPut("{id}")]
[Authorize(Policy = PolicyNames.EditModule)]
public async Task<Models.BlackBoard> Put(int id, [FromBody] Models.BlackBoard BlackBoard)
{
if (ModelState.IsValid && BlackBoard.BlackBoardId == id && IsAuthorizedEntityId(EntityNames.Module, BlackBoard.ModuleId))
{
BlackBoard = await _BlackBoardService.UpdateBlackBoardAsync(BlackBoard);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized BlackBoard Put Attempt {BlackBoard}", BlackBoard);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
BlackBoard = null;
}
return BlackBoard;
}
// DELETE api/<controller>/5
[HttpDelete("{id}/{moduleid}")]
[Authorize(Policy = PolicyNames.EditModule)]
public async Task Delete(int id, int moduleid)
{
Models.BlackBoard BlackBoard = await _BlackBoardService.GetBlackBoardAsync(id, moduleid);
if (BlackBoard != null && IsAuthorizedEntityId(EntityNames.Module, BlackBoard.ModuleId))
{
await _BlackBoardService.DeleteBlackBoardAsync(id, BlackBoard.ModuleId);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized BlackBoard Delete Attempt {BlackBoardId} {ModuleId}", id, moduleid);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink