improve SettingService

2024-08-12 10:20:44 -04:00
parent d1b94ec203
commit 515c6402b9
5 changed files with 66 additions and 19 deletions
--- a/Oqtane.Server/Controllers/SettingController.cs
+++ b/Oqtane.Server/Controllers/SettingController.cs
@ -146,14 +146,52 @@ namespace Oqtane.Controllers
            return setting;
        }

-        // DELETE api/<controller>/5/xxx
-        [HttpDelete("{id}/{entityName}")]
-        public void Delete(string entityName, int id)
+        // PUT api/<controller>/site/1/settingname/x/false
+        [HttpPut("{entityName}/{entityId}/{settingName}/{settingValue}/{isPrivate}")]
+        public void Put(string entityName, int entityId, string settingName, string settingValue, bool isPrivate)
        {
-            Setting setting = _settings.GetSetting(entityName, id);
+            if (IsAuthorized(entityName, entityId, PermissionNames.Edit))
+            {
+                Setting setting = _settings.GetSetting(entityName, entityId, settingName);
+                if (setting == null)
+                {
+                    setting = new Setting();
+                    setting.EntityName = entityName;
+                    setting.EntityId = entityId;
+                    setting.SettingName = settingName;
+                    setting.SettingValue = settingValue;
+                    setting.IsPrivate = isPrivate;
+                    setting = _settings.AddSetting(setting);
+                    AddSyncEvent(setting.EntityName, setting.EntityId, setting.SettingId, SyncEventActions.Create);
+                    _logger.Log(LogLevel.Information, this, LogFunction.Update, "Setting Created {Setting}", setting);
+                }
+                else
+                {
+                    if (setting.SettingValue != settingValue || setting.IsPrivate != isPrivate)
+                    {
+                        setting.SettingValue = settingValue;
+                        setting.IsPrivate = isPrivate;
+                        setting = _settings.UpdateSetting(setting);
+                        AddSyncEvent(setting.EntityName, setting.EntityId, setting.SettingId, SyncEventActions.Update);
+                        _logger.Log(LogLevel.Information, this, LogFunction.Update, "Setting Updated {Setting}", setting);
+                    }
+                }
+            }
+            else
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Update, "User Not Authorized To Add Or Update Setting {EntityName} {EntityId} {SettingName}", entityName, entityId, settingName);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+            }
+        }
+
+        // DELETE api/<controller>/site/1/settingname
+        [HttpDelete("{entityName}/{entityId}/{settingName}")]
+        public void Delete(string entityName, int entityId, string settingName)
+        {
+            Setting setting = _settings.GetSetting(entityName, entityId, settingName);
            if (IsAuthorized(setting.EntityName, setting.EntityId, PermissionNames.Edit))
            {
-                _settings.DeleteSetting(setting.EntityName, id);
+                _settings.DeleteSetting(setting.EntityName, setting.SettingId);
                AddSyncEvent(setting.EntityName, setting.EntityId, setting.SettingId, SyncEventActions.Delete);
                _logger.Log(LogLevel.Information, this, LogFunction.Delete, "Setting Deleted {Setting}", setting);
            }