perf pro api

2017-02-21 20:49:07 +01:00
parent d26f100b43
commit 073d32fa62
6 changed files with 52 additions and 13 deletions
--- a/Yavsc/ApiControllers/PerformersApiController.cs
+++ b/Yavsc/ApiControllers/PerformersApiController.cs
@ -6,6 +6,7 @@ using Yavsc.Models;
 using Yavsc.Models.Workflow;
 using System.Security.Claims;
 using Microsoft.AspNet.Authorization;
+using Microsoft.Data.Entity;

 namespace Yavsc.Controllers
 {
@ -24,15 +25,32 @@ namespace Yavsc.Controllers
        /// </summary>
        /// <param name="id"></param>
        /// <returns></returns>
-        [Authorize(Roles="Performer")]
+        [Authorize(Roles="Performer"),HttpGet("{id}")]
        public IActionResult Get(string id)
        {
+            var pfr = dbContext.Performers.Include(
+                p=>p.OrganizationAddress
+            ).Include(
+                p=>p.Performer
+            ).Include(
+                p=>p.Performer.Posts
+            ).SingleOrDefault(p=> p.PerformerId == id);
            if (id==null)
            {
-                ModelState.AddModelError("id","Specifier un code activité");
-                return new BadRequestObjectResult(ModelState);
+                ModelState.AddModelError("id","Specifier un identifiant de prestataire valide");
            }
-            return Ok(dbContext.Performers.Where(p=>p.Active && p.PerformerId == id));
+            else {
+                var uid = User.GetUserId();
+                if (!User.IsInRole("Administrator"))
+                if (uid != id) return new ChallengeResult();
+
+                if (!pfr.Active)
+                    {
+                        ModelState.AddModelError("id","Prestataire désactivé.");
+                    }
+            }
+            if (ModelState.IsValid) return Ok(pfr);
+            return new BadRequestObjectResult(ModelState);
        }
    }
 }