ScientificReport
OppositionController.cs
Go to the documentation of this file.
1 using System;
2 using Microsoft.AspNetCore.Authorization;
3 using Microsoft.AspNetCore.Mvc;
4 using ScientificReport.BLL.Interfaces;
5 using ScientificReport.Controllers.Utils;
6 using ScientificReport.DAL.Entities;
7 using ScientificReport.DAL.Roles;
8 using ScientificReport.DTO.Models.Opposition;
9 
10 namespace ScientificReport.Controllers
11 {
12  [Authorize(Roles = UserProfileRole.Any)]
13  public class OppositionController : Controller
14  {
15  private readonly IOppositionService _oppositionService;
16  private readonly IUserProfileService _userProfileService;
17  private readonly IDepartmentService _departmentService;
18 
19  public OppositionController(
20  IOppositionService oppositionService,
21  IDepartmentService departmentService,
22  IUserProfileService userProfileService
23  )
24  {
25  _oppositionService = oppositionService;
26  _userProfileService = userProfileService;
27  _departmentService = departmentService;
28  }
29 
30  // GET: Opposition
31  public IActionResult Index(OppositionIndexModel model)
32  {
33  model.Oppositions = _oppositionService.GetPageByRole(model.CurrentPage, model.PageSize, User);
34  model.Count = _oppositionService.GetCountByRole(User);
35  return View(model);
36  }
37 
38  // GET: Opposition/Details/{id}
39  public IActionResult Details(Guid? id)
40  {
41  if (id == null)
42  {
43  return NotFound();
44  }
45 
46  var opposition = _oppositionService.GetById(id.Value);
47  if (opposition == null)
48  {
49  return NotFound();
50  }
51 
52  if (!UserHasPermission(opposition))
53  {
54  return Forbid();
55  }
56 
57  return View(opposition);
58  }
59 
60  // GET: Opposition/Create
61  public IActionResult Create() => View();
62 
63  // POST: Opposition/Create
64  [HttpPost]
65  [ValidateAntiForgeryToken]
66  public IActionResult Create(OppositionModel model)
67  {
68  if (!ModelState.IsValid)
69  {
70  return View(model);
71  }
72 
73  model.Opponent = _userProfileService.Get(User);
74  _oppositionService.CreateItem(model);
75  return RedirectToAction(nameof(Index));
76  }
77 
78  // GET: Opposition/Edit/{id}
79  public IActionResult Edit(Guid? id)
80  {
81  if (id == null)
82  {
83  return NotFound();
84  }
85 
86  var opposition = _oppositionService.GetById(id.Value);
87  if (opposition == null)
88  {
89  return NotFound();
90  }
91 
92  if (!UserHasPermission(opposition))
93  {
94  return Forbid();
95  }
96 
97  return View(new OppositionEditModel(opposition));
98  }
99 
100  // POST: Opposition/Edit/{id}
101  [HttpPost]
102  [ValidateAntiForgeryToken]
103  public IActionResult Edit(Guid id, OppositionEditModel model)
104  {
105  if (id != model.Id || !_oppositionService.Exists(id))
106  {
107  return NotFound();
108  }
109 
110  if (!UserHasPermission(_oppositionService.GetById(id)))
111  {
112  return Forbid();
113  }
114 
115  if (!ModelState.IsValid)
116  {
117  return View(model);
118  }
119 
120  _oppositionService.UpdateItem(model);
121  return RedirectToAction(nameof(Index));
122  }
123 
124  // GET: Opposition/Delete/{id}
125  public IActionResult Delete(Guid? id)
126  {
127  if (id == null)
128  {
129  return NotFound();
130  }
131 
132  var opposition = _oppositionService.GetById(id.Value);
133  if (opposition == null)
134  {
135  return NotFound();
136  }
137 
138  if (!UserHasPermission(opposition))
139  {
140  return Forbid();
141  }
142 
143  return View(opposition);
144  }
145 
146  // POST: Opposition/Delete/{id}
147  [HttpPost, ActionName("Delete")]
148  [ValidateAntiForgeryToken]
149  public IActionResult DeleteConfirmed(Guid id)
150  {
151  if (!_oppositionService.Exists(id))
152  {
153  return NotFound();
154  }
155 
156  if (!UserHasPermission(_oppositionService.GetById(id)))
157  {
158  return Forbid();
159  }
160 
161  _oppositionService.DeleteById(id);
162  return RedirectToAction(nameof(Index));
163  }
164 
165  private bool UserHasPermission(Opposition opposition)
166  {
167  var user = _userProfileService.Get(User);
168  var department = _departmentService.Get(d => d.Staff.Contains(user));
169  return PageHelpers.IsAdmin(User) ||
170  PageHelpers.IsHeadOfDepartment(User) &&
171  department.Staff.Contains(opposition.Opponent) ||
172  opposition.Opponent.Id == user.Id;
173  }
174  }
175 }
ScientificReport.DAL.Entities.Opposition.Opponent
virtual UserProfile.UserProfile Opponent
Definition: Opposition.cs:16
ScientificReport.Controllers.OppositionController.Edit
IActionResult Edit(Guid id, OppositionEditModel model)
Definition: OppositionController.cs:103
ScientificReport.Controllers.OppositionController.Index
IActionResult Index(OppositionIndexModel model)
Definition: OppositionController.cs:31
ScientificReport.Controllers.OppositionController.Create
IActionResult Create(OppositionModel model)
Definition: OppositionController.cs:66
ScientificReport.Controllers.OppositionController.OppositionController
OppositionController(IOppositionService oppositionService, IDepartmentService departmentService, IUserProfileService userProfileService)
Definition: OppositionController.cs:19
ScientificReport.DTO.Models.Opposition.OppositionModel.Opponent
DAL.Entities.UserProfile.UserProfile Opponent
Definition: OppositionModel.cs:16