public IHttpActionResult DeleteAuth(int id, int loggedId, string sessionKey)
{
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
Auth auth = db.Auths.Find(id);
if (error == Constants.VerifyUserErrors.OK)
{
if (auth == null)
{
return(NotFound());
}
if (auth.UserID != 0)
{
AuthHandler.DeleteUserAuth(db, auth);
User foundUser = db.Users.FirstOrDefault(u => u.ID == auth.UserID);
if (foundUser != null)
{
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has deleted the login information for {foundUser.Name} (ID: {foundUser.ID})", (int)LogHandler.RequestTypes.DELETE);
}
}
return(Ok(auth));
}
auth.UserID = -1;
return(Ok(auth));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public async Task <IHttpActionResult> PostStockHasItem(StockHasItem stockHasItem, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.StockHasItems.Add(stockHasItem);
try
{
await db.SaveChangesAsync();
}
catch (DbUpdateException)
{
if (StockHasItemExists(stockHasItem.StockID, stockHasItem.ItemID))
{
return(Conflict());
}
else
{
throw;
}
}
return(CreatedAtRoute("DefaultApi", new { id = stockHasItem.StockID }, stockHasItem));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult PostInvoiceHasItem(InvoiceHasItem invoiceHasItem, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.InvoiceHasItems.Add(invoiceHasItem);
try
{
db.SaveChanges();
}
catch (DbUpdateException)
{
if (InvoiceHasItemExists(invoiceHasItem.InvoiceID))
{
return(Conflict());
}
else
{
throw;
}
}
return(CreatedAtRoute("DefaultApi", new { id = invoiceHasItem.InvoiceID }, invoiceHasItem));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public async Task <IHttpActionResult> DeleteSupplier(int id, int loggedId, string sessionKey)
{
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
Supplier supplier = await db.Suppliers.FindAsync(id);
Supplier returnSupplier = supplier;
if (error == Constants.VerifyUserErrors.OK)
{
if (supplier == null)
{
return(NotFound());
}
if (supplier.ID != 0)
{
db.Suppliers.Remove(supplier);
await db.SaveChangesAsync();
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has deleted the supplier {supplier.Name} (ID: {supplier.ID})", (int)LogHandler.RequestTypes.DELETE);
}
return(Ok(returnSupplier));
}
supplier.ID = -1;
return(Ok(supplier));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult PostInvoice(Invoice invoice, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
/*Invoice newInvoice = db.Invoices.Add(invoice.Item1);
* db.SaveChanges();
* foreach (InvoiceHasItem item in invoice.Item2)
* {
* item.InvoiceID = newInvoice.ID;
* db.InvoiceHasItems.Add(item);
* }
* db.SaveChanges();
*
*
* return CreatedAtRoute("DefaultApi", new { id = invoice.Item1.ID }, invoice.Item1);*/
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
Invoice newInvoice = db.Invoices.Add(invoice);
db.SaveChanges();
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has created the invoice with an ID of {invoice.ID}", (int)LogHandler.RequestTypes.POST);
}
return(CreatedAtRoute("DefaultApi", new { id = newInvoice.ID }, newInvoice));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult DeleteUser(int id, int loggedId, string sessionKey)
{
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
User user = db.Users.FirstOrDefault(u => u.ID == id);
User returnUser = user;
if (error == Constants.VerifyUserErrors.OK)
{
if (user == null)
{
return(NotFound());
}
if (user.ID != 0)
{
UserHandler.DeleteOneUser(db, user);
returnUser.StoreID = 0;
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has deleted the user {user.Name} (ID: {user.ID})", (int)LogHandler.RequestTypes.DELETE);
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has deleted the login information for {returnUser.Name} (ID: {user.ID})", (int)LogHandler.RequestTypes.DELETE);
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has deleted the salary for {returnUser.Name} (ID: {user.ID})", (int)LogHandler.RequestTypes.DELETE);
}
return(Ok(returnUser));
}
user.ID = -1;
return(Ok(user));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult DeleteSalary(int id, int loggedId, string sessionKey)
{
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
Salary salary = db.Salaries.Find(id);
if (error == Constants.VerifyUserErrors.OK)
{
if (salary == null)
{
return(NotFound());
}
if (salary.UserID != 0)
{
SalaryHandler.DeleteOneSalary(db, salary);
User deletedUserSalary = db.Users.FirstOrDefault(u => u.ID == salary.UserID);
if (deletedUserSalary != null)
{
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has deleted the salary for {deletedUserSalary.Name} (ID: {deletedUserSalary.ID})", (int)LogHandler.RequestTypes.DELETE);
}
}
return(Ok(salary));
}
salary.UserID = -1;
return(Ok(salary));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IQueryable <Log> GetLogs(int loggedId, string sessionKey)
{
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
return(db.Logs);
}
return(new EnumerableQuery <Log>(new List <Log>()));
}
public static HttpStatusCode StatusCodeReturn(Constants.VerifyUserErrors error)
{
if (error == Constants.VerifyUserErrors.INCORRECT_SESSION_KEY)
{
return(HttpStatusCode.Unauthorized);
}
if (error == Constants.VerifyUserErrors.SESSION_NOT_FOUND)
{
return(HttpStatusCode.NotFound);
}
return(HttpStatusCode.InternalServerError);
}
public async Task <IHttpActionResult> PutSalary(int id, Salary salary, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != salary.UserID)
{
return(BadRequest());
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Entry(salary).State = EntityState.Modified;
try
{
await db.SaveChangesAsync();
User updatedUserSalary = db.Users.FirstOrDefault(u => u.ID == salary.UserID);
if (updatedUserSalary != null)
{
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId,
$"The user {loggedUser.Name} (ID: {loggedId}) has updated the salary for {updatedUserSalary.Name} (ID: {updatedUserSalary.ID})",
(int)LogHandler.RequestTypes.PUT);
}
}
}
catch (DbUpdateConcurrencyException)
{
if (!SalaryExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult DeleteInvoice(int id, int loggedId, string sessionKey)
{
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
Invoice invoice = db.Invoices.Find(id);
if (error == Constants.VerifyUserErrors.OK)
{
if (invoice != null)
{
invoice.AuthorID = 0;
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != invoice.ID)
{
return(BadRequest());
}
db.Entry(invoice).State = EntityState.Modified;
try
{
db.SaveChanges();
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has deleted the invoice with an ID of {invoice.ID}", (int)LogHandler.RequestTypes.DELETE);
}
}
catch (DbUpdateConcurrencyException)
{
if (!InvoiceExists(id))
{
return(NotFound());
}
throw;
}
return(Ok(invoice));
}
return(NotFound());
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult PutAuth(int id, Auth auth, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != auth.UserID)
{
return(BadRequest());
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Entry(auth).State = EntityState.Modified;
try
{
db.SaveChanges();
User foundUser = db.Users.FirstOrDefault(u => u.ID == auth.UserID);
if (foundUser != null)
{
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has updated the login information for {foundUser.Name} (ID: {foundUser.ID})", (int)LogHandler.RequestTypes.PUT);
}
}
}
catch (DbUpdateConcurrencyException)
{
if (!AuthExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult DeleteInvoiceHasItem(int id, int loggedId, string sessionKey)
{
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
InvoiceHasItem invoiceHasItem = db.InvoiceHasItems.Find(id);
if (error == Constants.VerifyUserErrors.OK)
{
if (invoiceHasItem == null)
{
return(NotFound());
}
db.InvoiceHasItems.Remove(invoiceHasItem);
db.SaveChanges();
return(Ok(invoiceHasItem));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult PostRole(Role role, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
Role postedRole = RolesHandler.PostRole(db, role);
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has created the role {role.Name} (ID: {role.ID})", (int)LogHandler.RequestTypes.POST);
}
return(CreatedAtRoute("DefaultApi", new { id = postedRole.ID }, postedRole));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult PostSalary(Salary salary, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Salaries.Add(salary);
try
{
db.SaveChanges();
User postedUserSalary = db.Users.FirstOrDefault(u => u.ID == salary.UserID);
if (postedUserSalary != null)
{
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has created the salary for {postedUserSalary.Name} (ID: {postedUserSalary.ID})", (int)LogHandler.RequestTypes.POST);
}
}
}
catch (DbUpdateException)
{
if (SalaryExists(salary.UserID))
{
return(Conflict());
}
else
{
throw;
}
}
return(CreatedAtRoute("DefaultApi", new { id = salary.UserID }, salary));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult PostItem(Item item, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Items.Add(item);
db.SaveChanges();
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has created the item {item.Name} (ID: {item.ID})", (int)LogHandler.RequestTypes.POST);
}
return(CreatedAtRoute("DefaultApi", new { id = item.ID }, item));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public async Task <IHttpActionResult> DeleteStockHasItem(int id, int loggedId, string sessionKey)
{
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
StockHasItem stockHasItem = await db.StockHasItems.FindAsync(id);
if (error == Constants.VerifyUserErrors.OK)
{
if (stockHasItem == null)
{
return(NotFound());
}
db.StockHasItems.Remove(stockHasItem);
await db.SaveChangesAsync();
return(Ok(stockHasItem));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public async Task <IHttpActionResult> PostCategory(Category category, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Categories.Add(category);
await db.SaveChangesAsync();
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has created the category {category.Name} (ID: {category.ID})", (int)LogHandler.RequestTypes.POST);
}
return(CreatedAtRoute("DefaultApi", new { id = category.ID }, category));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public async Task <IHttpActionResult> PostAuth(Auth auth, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
AuthHandler.PostNewAuth(auth, db);
try
{
await db.SaveChangesAsync();
User foundUser = db.Users.FirstOrDefault(u => u.ID == auth.UserID);
if (foundUser != null)
{
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has created the login information for {foundUser.Name} (ID: {foundUser.ID})", (int)LogHandler.RequestTypes.POST);
}
}
}
catch (DbUpdateException)
{
if (AuthExists(auth.UserID))
{
return(Conflict());
}
else
{
throw;
}
}
return(CreatedAtRoute("DefaultApi", new { id = auth.UserID }, auth));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public async Task <IHttpActionResult> PutStockHasItem(int stockID, int itemID, StockHasItem stockHasItem, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (stockID != stockHasItem.StockID || itemID != stockHasItem.ItemID)
{
return(BadRequest());
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Entry(stockHasItem).State = EntityState.Modified;
try
{
await db.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!StockHasItemExists(stockID, itemID))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult DeleteItem(int id, int loggedId, string sessionKey)
{
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
Item item = db.Items.Find(id);
if (error == Constants.VerifyUserErrors.OK)
{
if (item == null)
{
return(NotFound());
}
db.Items.Remove(item);
db.SaveChanges();
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has deleted the item {item.Name} (ID: {item.ID})", (int)LogHandler.RequestTypes.DELETE);
}
return(Ok(item));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public IHttpActionResult PutInvoiceHasItem(int id, InvoiceHasItem invoiceHasItem, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != invoiceHasItem.InvoiceID)
{
return(BadRequest());
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Entry(invoiceHasItem).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!InvoiceHasItemExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
