public async Task <IHttpActionResult> PutUpdateSequencialRestricted(int id, SequenceACL sequence)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Update Sequencial Restricted"));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Document document = await db.Documents.FindAsync(id);
if (document == null)
{
return(NotFound());
}
// Check Sequencial List is already created.
var sequencialListToCheck = await
db.SequenceAcls.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync();
if (sequencialListToCheck != null)
{
return(BadRequest("Sequencial list is already Exist."));
}
// only sequence and present access is updated
DocumentACL aDocumentAcl = await db.DocumentAcls.Where(x => x.DocumentId == id).SingleOrDefaultAsync();
SequenceACL aSequenceAcl =
await db.SequenceAcls.Where(x => x.DocAclId == aDocumentAcl.Id).SingleOrDefaultAsync();
aSequenceAcl.Sequence = sequence.Sequence;
aSequenceAcl.PresentAccess = sequence.PresentAccess;
await db.SaveChangesAsync();
// change the DocAclType in DocumentAcl
aDocumentAcl.DocAclType = 2;
await db.SaveChangesAsync();
//// Check Document have a restricted sequence.
//var restrictedListToCheck = await
// db.Restricteds.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync();
//if (restrictedListToCheck != null)
//{
// db.Restricteds.Remove(restrictedListToCheck);
// await db.SaveChangesAsync();
//}
//Delete the Document from the DocumentUser Table...
db.DocumentUsers.RemoveRange(db.DocumentUsers.Where(x => x.DocumentId == id));
await db.SaveChangesAsync();
// Add user To the DocumentUser Model
List <string> userInTagList = sequence.Sequence.Split(',').ToList();
foreach (var userInList in userInTagList)
{
var len = userInList.Length;
if (len != 36 && userInList[0] == 'g')
{
var groupId = Convert.ToInt64(userInList.Substring(1));
//Check the Group is Exist
var groupIsExist = db.Groups.FindAsync(groupId);
// Get all the user of the Group
var groupUsers = await(from u in db.Users
join ug in db.UserGroups on u.Id equals ug.UserId
join g in db.Groups on ug.GroupId equals g.Id
where g.Id == groupId
select new
{
u.Id,
u.UserName,
u.Email,
u.CompanyId,
}).ToListAsync();
// Add User to the Document
foreach (var userInGroup in groupUsers)
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInGroup.Id && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInGroup.Id;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
else
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInList && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInList;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
return(Ok(sequence));
}
public async Task <IHttpActionResult> PostDocument(DocumentDTO document)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// Check the User have the Privelage to add Document
var userIdToCheckPrivilage = User.Identity.GetUserId();
var userPrivilage = await db.UserPrivilages.FirstAsync(x => x.UserId == userIdToCheckPrivilage);
if (userPrivilage.CanAddDocument != 1)
{
return(BadRequest("User doens't have the Permission to add Document"));
}
// UserId and CompanyId must be correct
var UserId = User.Identity.GetUserId();
var aUser = await db.Users.Where(x => x.Id == UserId).SingleOrDefaultAsync();
document.UserId = aUser.Id;
document.CompanyId = aUser.CompanyId;
//Save Document
Document aDocument = new Document();
aDocument.UserId = document.UserId;
aDocument.CompanyId = document.CompanyId;
aDocument.DocType = document.DocType;
aDocument.Name = document.Name;
db.Documents.Add(aDocument);
await db.SaveChangesAsync();
//Save File
File aFile = new File();
aFile.Content = document.FileContent;
aFile.DocumentId = aDocument.Id;
db.Files.Add(aFile);
await db.SaveChangesAsync();
//Save History
History aHistory = new History();
aHistory.AddedOn = DateTime.Now;
aHistory.EditedOn = DateTime.Now;
aHistory.DocumentId = aDocument.Id;
db.Histories.Add(aHistory);
await db.SaveChangesAsync();
// Save DocumentAcl
DocumentACL aDocumentAcl = new DocumentACL();
aDocumentAcl.DocumentId = aDocument.Id;
if (document.DocumentACLType != 0)
{
document.DocumentACLType = 0;
}
aDocumentAcl.DocAclType = document.DocumentACLType; // By Default Private
db.DocumentAcls.Add(aDocumentAcl);
await db.SaveChangesAsync();
//Save HistorySequence
HistorySequence aHistorySequence = new HistorySequence();
aHistorySequence.HistoryId = aHistory.Id;
aHistorySequence.Message = aDocument.Name + " file is Created.";
aHistorySequence.Date = aHistory.AddedOn;
aHistorySequence.UserId = document.UserId;
db.HistorySequences.Add(aHistorySequence);
await db.SaveChangesAsync();
//Add FileId to the Document
aDocument.FileId = aFile.Id;
aDocument.DocumentACLId = aDocumentAcl.Id;
await db.SaveChangesAsync();
return(Ok(aDocument));
}
public async Task <IHttpActionResult> PutCreateRestrictedSequence(int id, Restricted restricted)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Update User ACL"));
}
//Check DocAcl and UserId is Given
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Document document = await db.Documents.FindAsync(id);
if (document == null)
{
return(NotFound());
}
// only List is updated
DocumentACL aDocumentAcl = await db.DocumentAcls.Where(x => x.DocumentId == id).SingleOrDefaultAsync();
Restricted aRestricted =
await db.Restricteds.Where(x => x.DocAclId == aDocumentAcl.Id).SingleOrDefaultAsync();
aRestricted.List = restricted.List;
//db.Restricteds.Add(aRestricted);
await db.SaveChangesAsync();
// change the DocAclType in DocumentAcl
aDocumentAcl.DocAclType = 3;
await db.SaveChangesAsync();
//Delete the Document from the DocumentUser Table...
db.DocumentUsers.RemoveRange(db.DocumentUsers.Where(x => x.DocumentId == id));
await db.SaveChangesAsync();
// Add User to the Document
List <string> userInTagList = aRestricted.List.Split(',').ToList();
foreach (var userInList in userInTagList)
{
var len = userInList.Length;
if (len != 36 && userInList[0] == 'g')
{
var groupId = Convert.ToInt64(userInList.Substring(1));
//Check the Group is Exist
var groupIsExist = await db.Groups.FindAsync(groupId);
// Get all the user of the Group
var groupUsers = await(from u in db.Users
join ug in db.UserGroups on u.Id equals ug.UserId
join g in db.Groups on ug.GroupId equals g.Id
where g.Id == groupId
select new
{
u.Id,
u.UserName,
u.Email,
u.CompanyId,
}).ToListAsync();
// Add User to the Document
foreach (var userInGroup in groupUsers)
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInGroup.Id && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInGroup.Id;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
else
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInList && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInList;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
return(Ok(aRestricted));
}
public async Task <IHttpActionResult> PostTag(TagDTO tag)
{
Tag aTag = new Tag();
//History aHistory = new History();
HistorySequence aHistorySequence = new HistorySequence();
SequenceACL aSequenceAcl = new SequenceACL();
bool updatePresentAccess = false;
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
//Check the doc is exist
Document document = await db.Documents.FindAsync(tag.DocumentId);
if (document == null)
{
return(BadRequest("Document is not exist"));
}
// check the document acl
DocumentACL documentAcl = await db.DocumentAcls.Where(x => x.DocumentId == tag.DocumentId).SingleOrDefaultAsync();
if (documentAcl.DocAclType == 0)
{
if (document.UserId != tag.UserId)
{
return(BadRequest("This document is private and this user is not authorized to tag this document"));
}
else
{
aTag.DocumentId = tag.DocumentId;
aTag.TagContent = tag.TagContent;
aTag.TagColor = tag.TagColor;
aTag.UserId = tag.UserId;
db.Tags.Add(aTag);
}
}
else if (documentAcl.DocAclType == 1)
{
var CompanyUser = await
db.Users.Where(x => x.CompanyId == document.CompanyId && x.Id == tag.UserId).SingleOrDefaultAsync();
if (CompanyUser == null)
{
return(BadRequest("This User is not belongs to this company"));
}
else
{
aTag.DocumentId = tag.DocumentId;
aTag.TagContent = tag.TagContent;
aTag.TagColor = tag.TagColor;
aTag.UserId = tag.UserId;
db.Tags.Add(aTag);
}
}
else if (documentAcl.DocAclType == 3)
{
Restricted aRestricted = await db.Restricteds.Where(x => x.DocAclId == documentAcl.Id).SingleOrDefaultAsync();
List <string> tagList = aRestricted.List.Split(',').ToList();
//Check the User is in the restricted list
DocumentUser aDocumentUser =
await db.DocumentUsers.Where(x => x.UserId == tag.UserId).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
return(BadRequest("The Document is restriced and this user is not authorize to use it "));
}
else
{
aTag.DocumentId = tag.DocumentId;
aTag.TagContent = tag.TagContent;
aTag.TagColor = tag.TagColor;
aTag.UserId = tag.UserId;
db.Tags.Add(aTag);
}
}
else if (documentAcl.DocAclType == 2)
{
bool canTag = false;
aSequenceAcl = await db.SequenceAcls.Where(x => x.DocAclId == documentAcl.Id).SingleOrDefaultAsync();
List <string> tagList = aSequenceAcl.Sequence.Split(',').ToList();
//
var presentUserInList = tagList[aSequenceAcl.PresentAccess];
var len = presentUserInList.Length;
if (len != 36 && presentUserInList[0] == 'g')
{
var groupId = Convert.ToInt64(presentUserInList.Substring(1));
// check the user is in the group
var userIsIngroup = await(from ug in db.UserGroups
join u in db.Users on ug.UserId equals u.Id
where ug.GroupId == groupId && ug.UserId == tag.UserId
select new
{
Id = u.Id,
}).SingleOrDefaultAsync();
if (userIsIngroup != null)
{
var userPrivilageforTag = await
db.UserPrivilages.Where(x => x.UserId == userIsIngroup.Id).SingleOrDefaultAsync();
if (userPrivilageforTag.CanTagDocument == 1)
{
canTag = true;
}
}
else
{
return(BadRequest("User is not in authorize to tag the document"));
}
}
else
{
int index = tagList.IndexOf(tag.UserId);
if (index == -1)
{
return
(BadRequest("The Document is Sequencial-restriced and this user is not authorize to use it "));
}
else if (tagList.Count - 1 < aSequenceAcl.PresentAccess)
{
return
(BadRequest(
"The Document is Sequencial-restriced. All the User has already tagged this document."));
}
else if (tagList[aSequenceAcl.PresentAccess] != tag.UserId)
{
return
(BadRequest(
"The Document is Sequencial-restriced. User trun to tag the document is not come."));
}
else
{
canTag = true;
}
}
if (canTag)
{
aTag.DocumentId = tag.DocumentId;
aTag.TagContent = tag.TagContent;
aTag.TagColor = tag.TagColor;
aTag.UserId = tag.UserId;
db.Tags.Add(aTag);
updatePresentAccess = true;
}
}
await db.SaveChangesAsync();
//Edit history info
History aHistory = await db.Histories.Where(x => x.DocumentId == tag.DocumentId).SingleOrDefaultAsync();
//aHistory.AddedOn = DateTime.Now;
aHistory.EditedOn = DateTime.Now;
//aHistory.DocumentId = document.Id;
//db.Histories.Add(aHistory);
await db.SaveChangesAsync();
//Add History Sequence Info
aHistorySequence.HistoryId = aHistory.Id;
aHistorySequence.Message = tag.Message;
aHistorySequence.Date = aHistory.EditedOn;
aHistorySequence.UserId = User.Identity.GetUserId();
db.HistorySequences.Add(aHistorySequence);
await db.SaveChangesAsync();
//Update the present Access if it is a Sequencial Restricted Document
if (updatePresentAccess)
{
aSequenceAcl.PresentAccess += 1;
}
await db.SaveChangesAsync();
return(Ok(aTag));
}
