public override void RespondToRequest(User user,
System.Web.HttpRequest request,
System.Web.HttpResponse response,
IBabyDataSource DataSource)
{
Baby b;
if (!String.IsNullOrEmpty (request ["id"])) {
b = DataSource.ReadBaby (request ["id"], user);
switch (request.HttpMethod.ToUpper ()) {
case "GET":
if (b.HasPermission (user.Username, Permission.Types.READ)) {
b.Events = DataSource.GetEventsForBaby (b, user);
response.Write (b.ToJSON ());
} else {
throw new AuthException ("You don't have permission to view this baby's data");
}
break;
case "POST":
b.Permissions = DataSource.GetPermissionsForBaby (b, user);
if(b.HasPermission(user.Username, Permission.Types.UPDATE)){
BabyEvent be = new BabyEvent (
b.Id,
user.Username,
String.IsNullOrEmpty (request ["eventtype"]) ? "UNKNOWN" : request ["eventtype"],
String.IsNullOrEmpty (request ["subtype"]) ? "" : request ["subtype"],
String.IsNullOrEmpty (request ["details"]) ? "" : request ["details"]);
be = DataSource.CreateBabyEvent (be, user);
b.Events.Add (be);
response.Write (b.ToJSON());
}
else {
throw new AuthException ("You don't have permission to Update this baby's data");
}
break;
default:
throw new NotSupportedException ("Unsupported HTTP Method");
break;
}
}
else {
throw new ArgumentNullException ("Baby id not specified as 'id'");
}
}
public bool SaveBabyEvent(BabyEvent babyevent, User user)
{
SqliteCommand cmd = new SqliteCommand (SAVE_BABYEVENT, db);
if (db.State != System.Data.ConnectionState.Open) {
db.Open ();
}
cmd.Parameters.AddWithValue ("@username", babyevent.ReportUser);
cmd.Parameters.AddWithValue ("@babyId", babyevent.BabyId);
cmd.Parameters.AddWithValue ("@type", babyevent.Type);
cmd.Parameters.AddWithValue ("@subtype", babyevent.Subtype);
cmd.Parameters.AddWithValue ("@reported", babyevent.ReportTime.ToString (DB_DATE_FORMAT));
cmd.Parameters.AddWithValue ("@details", babyevent.Details);
cmd.Parameters.AddWithValue ("@id", babyevent.Id);
int items = cmd.ExecuteNonQuery();
return items > 0;
}
public BabyEvent ReadBabyEvent(int Id, User user)
{
BabyEvent be = new BabyEvent ();
SqliteCommand cmd = new SqliteCommand (READ_BABYEVENT, db);
if (db.State != System.Data.ConnectionState.Open) {
db.Open ();
}
cmd.Parameters.AddWithValue ("@id", Id);
SqliteDataReader r = cmd.ExecuteReader ();
if (r.Read ()) {
be.Id = int.Parse (r ["Id"].ToString ());
be.ReportUser = r ["Username"].ToString();
be.BabyId = r ["BabyId"].ToString();
be.ReportTime = DateTime.Parse (r ["Reported"].ToString ());
be.Type = r ["Type"].ToString ();
be.Subtype = r ["Subtype"].ToString ();
be.Details = r ["details"].ToString ();
}
r.Close ();
return be;
}
public List<BabyEvent> GetEventsForBaby(Baby baby, User user ,Filter filter)
{
List<BabyEvent> Events = new List<BabyEvent> ();
SqliteCommand cmd = new SqliteCommand (READ_BABY_EVENTS, this.db);
cmd.Parameters.AddWithValue ("@id", baby.Id);
cmd.CommandText = cmd.CommandText.Replace ("ORDER BY Reported DESC", "");
if (filter.Start > DateTime.MinValue) {
cmd.CommandText += " AND Reported >= @start ";
cmd.Parameters.AddWithValue ("@start", filter.Start);
}
if (filter.End > DateTime.MinValue) {
cmd.CommandText += " AND Reported <= @end ";
cmd.Parameters.AddWithValue ("@end", filter.End);
}
if (!String.IsNullOrEmpty (filter.EventType)) {
switch(filter.Match){
case Filter.Matches.EQUAL:
cmd.CommandText += " AND Type = @type ";
cmd.Parameters.AddWithValue ("@type", filter.EventType);
break;
case Filter.Matches.LIKE:
cmd.CommandText += " AND Type like @type ";
cmd.Parameters.AddWithValue ("@type", filter.EventType);
break;
case Filter.Matches.NOT_EQUAL:
cmd.CommandText += " AND Type like @type ";
cmd.Parameters.AddWithValue ("@type", filter.EventType);
break;
}
}
cmd.CommandText += " ORDER BY Reported DESC ";
if (filter.Count > 0) {
cmd.CommandText += " LIMIT @count ";
cmd.Parameters.AddWithValue ("@count", filter.Count);
if (filter.Offset > 0 ) {
cmd.CommandText += " OFFSET @offset ";
cmd.Parameters.AddWithValue("@offset", filter.Offset);
}
}
SqliteDataReader r = cmd.ExecuteReader ();
while (r.Read ()) {
BabyEvent be = new BabyEvent ();
int.TryParse (r ["Id"].ToString (),out be.Id );
be.ReportUser = r ["Username"].ToString ();
be.BabyId = r ["BabyId"].ToString ();
be.ReportTime = DateTime.ParseExact(r ["Reported"].ToString (),
DB_DATE_FORMAT,
CultureInfo.InvariantCulture
);
be.Type = r ["Type"].ToString ();
be.Subtype = r ["Subtype"].ToString ();
be.Details = r ["Details"].ToString ();
Events.Add (be);
}
r.Close ();
return Events;
}
public BabyEvent CreateBabyEvent(BabyEvent babyevent, User user)
{
BabyEvent be = babyevent;
SqliteCommand cmd = new SqliteCommand (CREATE_BABYEVENT, db);
if (db.State != System.Data.ConnectionState.Open) {
db.Open ();
}
cmd.Parameters.AddWithValue ("@username", babyevent.ReportUser);
cmd.Parameters.AddWithValue ("@babyId", babyevent.BabyId);
cmd.Parameters.AddWithValue ("@type", babyevent.Type);
cmd.Parameters.AddWithValue ("@subtype", babyevent.Subtype);
cmd.Parameters.AddWithValue ("@reported", babyevent.ReportTime.ToString (DB_DATE_FORMAT));
cmd.Parameters.AddWithValue ("@details", babyevent.Details);
bool saved = cmd.ExecuteNonQuery () > 0;
if (saved) {
return babyevent;
}
return be;
}
public Baby CreateBaby(Baby baby, User user)
{
Baby b = baby;
SqliteCommand cmd = new SqliteCommand (CREATE_BABY, db);
if (db.State != System.Data.ConnectionState.Open) {
db.Open ();
}
if (String.IsNullOrEmpty (baby.Id)) {
Random r = new Random ();
//TODO Collision Checks
byte[] id =new byte[BABY_ID_LENGTH];
r.NextBytes (id);
b.Id = Convert.ToBase64String (id)
.Replace ('+', '-')
.Replace('/','_')
.TrimEnd(new char[]{'='});
cmd.Parameters.AddWithValue ("@Id",b.Id);
} else {
cmd.Parameters.AddWithValue ("@Id", baby.Id);
}
cmd.Parameters.AddWithValue("@name",b.Name);
cmd.Parameters.AddWithValue("@image",b.Image);
cmd.Parameters.AddWithValue("@sex",b.Sex);
cmd.Parameters.AddWithValue("@dateofbirth",b.DOB.ToString(DB_DATE_FORMAT));
cmd.Parameters.AddWithValue("@ispublic",b.IsPublic);
bool saved = cmd.ExecuteNonQuery () > 0;
if (saved) {
Permission p = new Permission (b.Id,user.Username,Permission.Types.PARENT);
this.CreatePermission (p,user);
b.Permissions.Add (p);
BabyEvent be = new BabyEvent (b.Id, user.Username, "INFO", "CREATED");
this.CreateBabyEvent (be, user);
b.Events.Add (be);
return b;
}
return new Baby();
}