Ejemplo n.º 1
0
        /// <summary>
        /// GET request format located in the Web Api Enumeration v2
        /// under the tab Company/Parts/Request, starting row 23
        /// </summary>
        /// <param name="ctx">HttpListenerContext to respond to</param>
        private void HandleGetRequest(HttpListenerContext ctx, CompanyPartsRequestGetRequest entry)
        {
            try
            {
                MySqlDataManipulator connection = new MySqlDataManipulator();
                using (connection)
                {
                    bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
                    if (!res)
                    {
                        WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed");
                        return;
                    }
                    #region User Validation
                    OverallUser mappedUser = connection.GetUserById(entry.UserId);
                    if (mappedUser == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server");
                        return;
                    }
                    if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
                        return;
                    }
                    if (!UserVerificationUtil.AuthTokenValid(mappedUser, entry.AuthToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Auth token was ezpired or incorrect");
                        return;
                    }
                    if ((mappedUser.AccessLevel & AccessLevelMasks.PartMask) == 0)
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "User was not a parts level user");
                        return;
                    }
                    #endregion

                    #region Action Handling
                    JsonListStringConstructor retConstructor = new JsonListStringConstructor();
                    List <PartsRequest>       requests       = connection.GetPartsRequests(mappedUser.Company);
                    requests.ForEach(req => retConstructor.AddElement(WritePartsRequestToOutput(req, connection, mappedUser.Company)));

                    WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString());
                    #endregion
                }
            }
            catch (HttpListenerException)
            {
                //HttpListeners dispose themselves when an exception occurs, so we can do no more.
            }
            catch (Exception e)
            {
                WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
            }
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Attempts to return a list of the top 3 most similar complaint groups from the database
        /// </summary>
        /// <param name="entryIn">The query to predict the most similar complaint groups of</param>
        /// <param name="manipulator">The object to use to access the database</param>
        /// <param name="companyId">The id of the company the request is being made for. Determines which tables to use in the database</param>
        /// <returns>Json formatted string that contains the top 3 complaint groups that are most similar to the query made, and their database ids</returns>
        public string ProcessQueryForComplaintGroups(RepairJobEntry entryIn, MySqlDataManipulator manipulator, int companyId, int numGroupsRequested = 3)
        {
            List <string>         tokens       = SentenceTokenizer.TokenizeSentence(entryIn.Complaint);
            List <List <string> > taggedTokens = KeywordTagger.Tag(tokens);
            List <string>         keywords     = KeywordPredictor.PredictKeywords(taggedTokens);
            KeywordExample        example      = new KeywordExample();

            foreach (string keyword in keywords)
            {
                example.AddKeyword(keyword);
            }
            KeywordClusterer.Load(manipulator, companyId);
            List <int> groups = KeywordClusterer.PredictTopNSimilarGroups(example, numGroupsRequested);
            List <KeywordGroupEntry> companyComplaintGroups = manipulator.GetCompanyComplaintGroups(companyId);

            if (companyComplaintGroups == null)
            {
                throw new NullReferenceException("Company " + companyId + " complaint groups were not available in database");
            }
            List <KeywordGroupEntry> ret = new List <KeywordGroupEntry>();
            bool uncategorizedAdded      = false;

            foreach (int i in groups)
            {
                if (i == 0 && !uncategorizedAdded)
                {
                    ret.Add(new KeywordGroupEntry("Uncategorized")
                    {
                        Id = 0
                    });
                    uncategorizedAdded = true;
                }
                else if (i != 0)
                {
                    companyComplaintGroups[i - 1].Id = i;
                    ret.Add(companyComplaintGroups[i - 1]);
                }
            }
            JsonListStringConstructor constructor = new JsonListStringConstructor();

            ret.ForEach(obj => constructor.AddElement(ConvertKeywordGroupEntry(obj)));
            return(constructor.ToString());

            JsonDictionaryStringConstructor ConvertKeywordGroupEntry(KeywordGroupEntry e)
            {
                JsonDictionaryStringConstructor r = new JsonDictionaryStringConstructor();

                r.SetMapping("GroupDefinition", e.GroupDefinition);
                r.SetMapping("Id", e.Id);
                return(r);
            }
        }
Ejemplo n.º 3
0
        public string ProcessQueryForSimilarQueriesArchive(RepairJobEntry entryIn, MySqlDataManipulator manipulator, int companyId, int problemGroupId, int numRequested, int offset = 0)
        {
            List <string>         tokens       = SentenceTokenizer.TokenizeSentence(entryIn.Problem);
            List <List <string> > taggedTokens = KeywordTagger.Tag(tokens);
            List <string>         keywords     = KeywordPredictor.PredictKeywords(taggedTokens);
            KeywordExample        example      = new KeywordExample();

            foreach (string keyword in keywords)
            {
                example.AddKeyword(keyword);
            }
            KeywordClusterer.Load(manipulator, companyId);
            List <int> groups = KeywordClusterer.PredictTopNSimilarGroups(example, 3);

            entryIn.ComplaintGroups = "[" + string.Join(',', groups) + "]";
            List <RepairJobEntry>     potentials     = manipulator.GetDataEntriesByProblemGroup(companyId, problemGroupId);
            List <EntrySimilarity>    ret            = ProblemPredictor.GetQueryResults(entryIn, potentials, numRequested, offset);
            JsonListStringConstructor retConstructor = new JsonListStringConstructor();

            ret.ForEach(obj => retConstructor.AddElement(ConvertEntrySimilarity(obj)));
            return(retConstructor.ToString());


            JsonDictionaryStringConstructor ConvertEntrySimilarity(EntrySimilarity e)
            {
                JsonDictionaryStringConstructor r = new JsonDictionaryStringConstructor();

                r.SetMapping("Make", e.Entry.Make);
                r.SetMapping("Model", e.Entry.Model);
                r.SetMapping("Complaint", e.Entry.Complaint);
                r.SetMapping("Problem", e.Entry.Problem);
                if (e.Entry.Year == -1)
                {
                    r.SetMapping("Year", "Unknown");
                }
                else
                {
                    r.SetMapping("Year", e.Entry.Year);
                }
                r.SetMapping("Id", e.Entry.Id);
                r.SetMapping("Difference", e.Difference);
                return(r);
            }
        }
Ejemplo n.º 4
0
        /// <summary>
        /// GET request format located in the Web Api Enumeration v2
        /// under the tab Company/Parts, starting row 72
        /// </summary>
        /// <param name="ctx">HttpListenerContext to respond to</param>
        private void HandleGetRequest(HttpListenerContext ctx)
        {
            try
            {
                #region Input Validation
                if (!ctx.Request.HasEntityBody)
                {
                    WriteBodyResponse(ctx, 400, "Bad Request", "No Body");
                    return;
                }
                CompanyPartsApiGetRequest entry = JsonDataObjectUtil <CompanyPartsApiGetRequest> .ParseObject(ctx);

                if (!ValidateGetRequest(entry))
                {
                    WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format");
                    return;
                }
                #endregion

                MySqlDataManipulator connection = new MySqlDataManipulator();
                using (connection)
                {
                    bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
                    if (!res)
                    {
                        WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed");
                        return;
                    }
                    #region User Validation
                    OverallUser mappedUser = connection.GetUserById(entry.UserId);
                    if (mappedUser == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server");
                        return;
                    }
                    if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
                        return;
                    }
                    if (!UserVerificationUtil.AuthTokenValid(mappedUser, entry.AuthToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Auth token was ezpired or incorrect");
                        return;
                    }
                    if ((mappedUser.AccessLevel & AccessLevelMasks.PartMask) == 0)
                    {
                        WriteBodyResponse(ctx, 401, "Not Autherized", "Not marked as a Parts User");
                        return;
                    }
                    #endregion

                    #region Get Parts List
                    List <PartCatalogueEntry> catelogue      = connection.GetPartCatalogueEntries(mappedUser.Company);
                    JsonListStringConstructor retConstructor = new JsonListStringConstructor();
                    catelogue.ForEach(part => retConstructor.AddElement(WritePartCatelogueEntryToOutput(part)));

                    WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString());
                    #endregion
                }
            }
            catch (HttpListenerException)
            {
                //HttpListeners dispose themselves when an exception occurs, so we can do no more.
            }
            catch (Exception e)
            {
                WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
            }
        }
Ejemplo n.º 5
0
        /// <summary>
        /// GET request format located in the Web Api Enumeration v2
        /// under the tab Company/Forum, starting row 49
        /// </summary>
        /// <param name="ctx">HttpListenerContext to respond to</param>
        private void HandleGetRequest(HttpListenerContext ctx)
        {
            try
            {
                #region Input Validation
                if (!ctx.Request.HasEntityBody)
                {
                    WriteBodyResponse(ctx, 400, "Bad Request", "No Body");
                    return;
                }

                CompanyForumApiGetRequest entry = JsonDataObjectUtil <CompanyForumApiGetRequest> .ParseObject(ctx);

                if (!ValidateGetRequest(entry))
                {
                    WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format");
                    return;
                }
                #endregion

                //Otherwise we have a valid entry, validate user
                MySqlDataManipulator connection = new MySqlDataManipulator();
                using (connection)
                {
                    bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
                    if (!res)
                    {
                        WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed");
                        return;
                    }
                    #region User Validation
                    OverallUser mappedUser = connection.GetUserById(entry.UserId);
                    if (mappedUser == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server");
                        return;
                    }
                    if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
                        return;
                    }
                    CompanySettingsEntry isPublicSetting = connection.GetCompanySettingsWhere(entry.CompanyId, "SettingKey=\"" + CompanySettingsKey.Public + "\"")[0];
                    bool isPublic = bool.Parse(isPublicSetting.SettingValue);
                    if (!isPublic && mappedUser.Company != entry.CompanyId)
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Cannot access other company's private data");
                        return;
                    }
                    #endregion

                    #region Get Forum
                    RepairJobEntry forumEntry = connection.GetDataEntryById(entry.CompanyId, entry.JobEntryId);
                    if (forumEntry == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "Job Data Entry was not found on the server");
                        return;
                    }
                    JsonListStringConstructor       returnListConstructor = new JsonListStringConstructor();
                    JsonDictionaryStringConstructor repairJobConstructor  = new JsonDictionaryStringConstructor();
                    repairJobConstructor.SetMapping("Make", forumEntry.Make);
                    repairJobConstructor.SetMapping("Model", forumEntry.Model);
                    if (forumEntry.Year == -1)
                    {
                        repairJobConstructor.SetMapping("Year", "Unknown");
                    }
                    else
                    {
                        repairJobConstructor.SetMapping("Year", forumEntry.Year);
                    }
                    repairJobConstructor.SetMapping("Complaint", forumEntry.Complaint);
                    repairJobConstructor.SetMapping("Problem", forumEntry.Problem);
                    RequirementsEntry repairJobRequirements = RequirementsEntry.ParseJsonString(forumEntry.Requirements);
                    List <string>     auxillaryRequirements = new List <string>(repairJobRequirements.Auxillary.Select(req => req.Requirement));
                    repairJobConstructor.SetMapping("AuxillaryRequirements", auxillaryRequirements);
                    repairJobConstructor.SetMapping("PartRequirements", repairJobRequirements.Parts);
                    repairJobConstructor.SetMapping("SafetyRequirements", repairJobRequirements.Safety);
                    returnListConstructor.AddElement(repairJobConstructor);

                    List <UserToTextEntry> forumPosts = connection.GetForumPosts(mappedUser.Company, entry.JobEntryId);
                    if (forumPosts == null)
                    {
                        WriteBodylessResponse(ctx, 404, "Not Found");
                        return;
                    }
                    forumPosts.ForEach(post => returnListConstructor.AddElement(ConvertForumPostToJson(post, connection)));
                    WriteBodyResponse(ctx, 200, "OK", returnListConstructor.ToString(), "application/json");
                    #endregion
                }
            }
            catch (HttpListenerException)
            {
                //HttpListeners dispose themselves when an exception occurs, so we can do no more.
            }
            catch (Exception e)
            {
                WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
            }
        }
Ejemplo n.º 6
0
        private void HandlePostRequest(HttpListenerContext ctx)
        {
            try
            {
                #region Input Validation
                if (!ctx.Request.HasEntityBody)
                {
                    WriteBodyResponse(ctx, 400, "Invalid Format", "Request did not contain a body");
                    return;
                }
                UsableCompanyListRetrieveRequest entry = JsonDataObjectUtil <UsableCompanyListRetrieveRequest> .ParseObject(ctx);

                if (entry == null)
                {
                    WriteBodylessResponse(ctx, 400, "Invalid Format");
                    return;
                }
                if (!ValidateUsableRetrieveRequest(entry))
                {
                    WriteBodyResponse(ctx, 400, "Invalid Format", "One or more fields contained an invalid value or were missing");
                    return;
                }
                #endregion

                MySqlDataManipulator connection = new MySqlDataManipulator();
                using (connection)
                {
                    bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
                    if (!res)
                    {
                        WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed");
                        return;
                    }
                    #region User Validation
                    OverallUser mappedUser = connection.GetUserById(entry.UserId);
                    if (mappedUser == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server");
                        return;
                    }
                    if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
                        return;
                    }
                    #endregion

                    #region Post CompanyList
                    List <CompanyId> companies   = connection.GetPublicCompanies();
                    CompanyId        userCompany = connection.GetCompanyById(mappedUser.Company);
                    if (companies == null)
                    {
                        WriteBodyResponse(ctx, 500, "Internal Server Error", "Error occured while retrieving companies: " + connection.LastException.Message);
                        return;
                    }
                    if (!companies.Contains(userCompany))
                    {
                        companies.Add(userCompany);
                    }
                    JsonListStringConstructor retConstructor = new JsonListStringConstructor();
                    companies.ForEach(req => retConstructor.AddElement(WriteCompanyIdToOutput(req)));

                    WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString());
                    #endregion
                }
            }
            catch (HttpListenerException)
            {
                //HttpListeners dispose themselves when an exception occurs, so we can do no more.
            }
            catch (Exception e)
            {
                WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
            }
        }
        /// <summary>
        /// PATCH request format located in the Web Api Enumeration v2
        /// under the tab Company/Partslists/Request, starting row 95
        /// </summary>
        /// <param name="ctx">HttpListenerContext to respond to</param>
        private void HandlePatchRequest(HttpListenerContext ctx)
        {
            try
            {
                #region Input Validation
                if (!ctx.Request.HasEntityBody)
                {
                    WriteBodyResponse(ctx, 400, "Bad Request", "No Body");
                    return;
                }
                string reqStr;
                using (var reader = new StreamReader(ctx.Request.InputStream))
                {
                    reqStr = reader.ReadToEnd();
                }
                CompanyPartsListsRequestApiPatchRequest entry = JsonDataObjectUtil <CompanyPartsListsRequestApiPatchRequest> .ParseObject(reqStr);

                if (!ValidatePatchRequest(entry))
                {
                    CompanyPartsListsRequestApiDeleteRequest entry2 = JsonDataObjectUtil <CompanyPartsListsRequestApiDeleteRequest> .ParseObject(reqStr);

                    if (entry2 != null && ValidateDeleteRequest(entry2))
                    {
                        HandleDeleteRequest(ctx, entry2);
                        return;
                    }
                    WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format");
                    return;
                }
                #endregion

                MySqlDataManipulator connection = new MySqlDataManipulator();
                using (connection)
                {
                    bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
                    if (!res)
                    {
                        WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed");
                        return;
                    }
                    #region User Validation
                    OverallUser mappedUser = connection.GetUserById(entry.UserId);
                    if (mappedUser == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server");
                        return;
                    }
                    if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
                        return;
                    }
                    if (!UserVerificationUtil.AuthTokenValid(mappedUser, entry.AuthToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Auth token was ezpired or incorrect");
                        return;
                    }
                    if ((mappedUser.AccessLevel & AccessLevelMasks.PartMask) == 0)
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "User was not a parts level user");
                        return;
                    }
                    #endregion

                    #region Action Handling
                    var request = connection.GetPartsListAdditionRequestById(mappedUser.Company, entry.RequestId);

                    if (request == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "The requested request was not found");
                        return;
                    }

                    List <int> requestedParts = JsonDataObjectUtil <List <int> > .ParseObject(request.RequestedAdditions);

                    if (entry.RequirementId >= requestedParts.Count)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "The requested part to change was not found");
                        return;
                    }
                    requestedParts[entry.RequirementId] = entry.PartsRequirement;
                    JsonListStringConstructor editConstructor = new JsonListStringConstructor();
                    foreach (int i in requestedParts)
                    {
                        editConstructor.AddElement(i);
                    }
                    request.RequestedAdditions = editConstructor.ToString();
                    if (!connection.UpdatePartsListAdditionRequest(mappedUser.Company, request))
                    {
                        WriteBodyResponse(ctx, 500, "Internal Server Error", "Error occurred while attempting to update request: " + connection.LastException.Message);
                        return;
                    }
                    WriteBodylessResponse(ctx, 200, "OK");
                    #endregion
                }
            }
            catch (HttpListenerException)
            {
                //HttpListeners dispose themselves when an exception occurs, so we can do no more.
            }
            catch (Exception e)
            {
                WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
            }
        }
        private void HandlePutRequest(HttpListenerContext ctx)
        {
            try
            {
                #region Input Validation
                if (!ctx.Request.HasEntityBody)
                {
                    WriteBodyResponse(ctx, 400, "Bad Request", "No Body");
                    return;
                }
                ArchiveApiPutRequest req = JsonDataObjectUtil <ArchiveApiPutRequest> .ParseObject(ctx);

                if (!ValidatePutRequest(req))
                {
                    WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format");
                    return;
                }
                #endregion

                MySqlDataManipulator connection = new MySqlDataManipulator();
                using (connection)
                {
                    bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
                    if (!res)
                    {
                        WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed");
                        return;
                    }
                    #region Validate User
                    OverallUser mappedUser = connection.GetUserById(req.UserId);
                    if (mappedUser == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server");
                        return;
                    }
                    if (!UserVerificationUtil.LoginTokenValid(mappedUser, req.LoginToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
                        return;
                    }
                    CompanySettingsEntry isPublicSetting = connection.GetCompanySettingsWhere(req.CompanyId, "SettingKey=\"" + CompanySettingsKey.Public + "\"")[0];
                    bool isPublic = bool.Parse(isPublicSetting.SettingValue);
                    if (!isPublic && mappedUser.Company != req.CompanyId)
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Cannot access other company's private data");
                        return;
                    }
                    #endregion

                    UserSettingsEntry numPredictionsRequested = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(mappedUser.Settings).FirstOrDefault(entry => entry.Key.Equals(UserSettingsEntryKeys.ArchiveQueryResults));

                    if (numPredictionsRequested == null)
                    {
                        WriteBodyResponse(ctx, 500, "Internal Server Error", "User did not contain a setting with a key " + UserSettingsEntryKeys.ArchiveQueryResults);
                        return;
                    }
                    int numRequested = int.Parse(numPredictionsRequested.Value);
                    #region Input sanitation
                    string whereString = "";
                    bool   addedWhere  = false;
                    if (req.Entry.Complaint != null)
                    {
                        if (!PerformSanitization(req.Entry.Complaint))
                        {
                            return;
                        }
                        whereString += " Complaint like \"%" + req.Entry.Complaint + "%\"";
                        addedWhere   = true;
                    }
                    if (req.Entry.Problem != null)
                    {
                        if (!PerformSanitization(req.Entry.Problem))
                        {
                            return;
                        }
                        if (addedWhere)
                        {
                            whereString += " and";
                        }
                        whereString += " Problem like \"%" + req.Entry.Problem + "%\"";
                        addedWhere   = true;
                    }
                    if (req.Entry.Make != null)
                    {
                        if (!PerformSanitization(req.Entry.Make))
                        {
                            return;
                        }
                        if (addedWhere)
                        {
                            whereString += " and";
                        }
                        whereString += " Make like \"%" + req.Entry.Make + "%\"";
                        addedWhere   = true;
                    }
                    if (req.Entry.Model != null)
                    {
                        if (!PerformSanitization(req.Entry.Model))
                        {
                            return;
                        }
                        if (addedWhere)
                        {
                            whereString += " and";
                        }
                        whereString += " Model like \"%" + req.Entry.Model + "%\"";
                        addedWhere   = true;
                    }
                    if (req.Entry.Year != 0)
                    {
                        if (addedWhere)
                        {
                            whereString += " and";
                        }
                        whereString += " Year =" + req.Entry.Year;
                        addedWhere   = true;
                    }
                    #endregion

                    if (!addedWhere)
                    {
                        WriteBodyResponse(ctx, 400, "Bad Request", "No fields in the request's entry were filled");
                        return;
                    }
                    List <RepairJobEntry>     entries        = connection.GetDataEntriesWhere(req.CompanyId, whereString, true);
                    JsonListStringConstructor retConstructor = new JsonListStringConstructor();
                    try
                    {
                        entries.ForEach(entry => retConstructor.AddElement(ConvertEntry(entry)));
                    } catch (NullReferenceException)
                    {
                        WriteBodyResponse(ctx, 200, "OK", "[]", "application/json");
                        return;
                    }
                    WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString(), "application/json");

                    bool PerformSanitization(string queryIn)
                    {
                        if (queryIn.Contains('`'))
                        {
                            WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the single quote character, which is disallowed due to MySQL injection attacks");
                            return(false);
                        }
                        return(true);
                    }
                }
            }
            catch (HttpListenerException)
            {
                //HttpListeners dispose themselves when an exception occurs, so we can do no more.
            }
            catch (Exception e)
            {
                WriteBodyResponse(ctx, 500, "Internal Server Error", "Error occurred during processing of request: " + e.Message);
            }
        }
Ejemplo n.º 9
0
        /// <summary>
        /// GET request format located in the Web Api Enumeration v2
        /// under the tab Company/Settings, starting row 1
        /// </summary>
        /// <param name="ctx">HttpListenerContext to respond to</param>
        private void HandlePutRequest(HttpListenerContext ctx)
        {
            try
            {
                #region Input Validation
                if (!ctx.Request.HasEntityBody)
                {
                    WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body");
                    return;
                }
                CompanySettingsApiPutRequest entry = JsonDataObjectUtil <CompanySettingsApiPutRequest> .ParseObject(ctx);

                if (entry == null)
                {
                    WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format");
                    return;
                }
                if (!ValidatePutRequest(entry))
                {
                    WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields in the request were filled");
                    return;
                }
                #endregion

                MySqlDataManipulator connection = new MySqlDataManipulator();
                using (connection)
                {
                    bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
                    if (!res)
                    {
                        WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed");
                        return;
                    }
                    #region User Validation
                    var user = connection.GetUserById(entry.UserId);
                    if (user == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server");
                        return;
                    }
                    #endregion

                    #region Action Handling
                    List <CompanySettingsEntry> entries = connection.GetCompanySettings(user.Company);
                    if (entries == null)
                    {
                        WriteBodyResponse(ctx, 500, "Internal Server Error", "Error occured while retrieving settings: " + connection.LastException.Message);
                        return;
                    }
                    JsonListStringConstructor retConstructor = new JsonListStringConstructor();
                    entries.ForEach(obj => retConstructor.AddElement(WriteSettingToOutput(obj)));
                    WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString());
                    #endregion
                }
            }
            catch (HttpListenerException)
            {
                //HttpListeners dispose themselves when an exception occurs, so we can do no more.
            }
            catch (Exception e)
            {
                WriteBodyResponse(ctx, 500, "Internal Server Error", "Error occurred while processing request: " + e.Message);
            }
        }
        /// <summary>
        /// Request for adding a repair job entry. Documention is found in the Web API Enumeration file
        /// in the /RepairJob tab, starting at row 1
        /// </summary>
        /// <param name="ctx">The HttpListenerContext to respond to</param>
        private void HandlePostRequest(HttpListenerContext ctx)
        {
            try
            {
                #region Input Validation
                if (!ctx.Request.HasEntityBody)
                {
                    WriteBodyResponse(ctx, 400, "Bad Request", "No Body");
                    return;
                }
                RepairJobApiRequest entry = JsonDataObjectUtil <RepairJobApiRequest> .ParseObject(ctx);

                if (!ValidateFullRequest(entry))
                {
                    WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format");
                    return;
                }
                #endregion
                //Otherwise we have a valid entry, validate user
                MySqlDataManipulator connection = new MySqlDataManipulator();
                using (connection)
                {
                    bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
                    if (!res)
                    {
                        WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed");
                        return;
                    }
                    #region User Validation
                    OverallUser mappedUser = connection.GetUserById(entry.UserId);
                    if (mappedUser == null)
                    {
                        WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server");
                        return;
                    }
                    if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
                        return;
                    }
                    if (!UserVerificationUtil.AuthTokenValid(mappedUser, entry.AuthToken))
                    {
                        WriteBodyResponse(ctx, 401, "Not Authorized", "Auth token was expired or incorrect");
                        return;
                    }
                    #endregion

                    #region Input Sanitation
                    if (entry.ContainedEntry.Complaint.Contains('<'))
                    {
                        WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks");
                        return;
                    }
                    if (entry.ContainedEntry.Problem.Contains('<'))
                    {
                        WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks");
                        return;
                    }
                    if (entry.ContainedEntry.Make.Contains('<'))
                    {
                        WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks");
                        return;
                    }
                    if (entry.ContainedEntry.Model.Contains('<'))
                    {
                        WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks");
                        return;
                    }
                    if (entry.ContainedEntry.JobId.Contains('<'))
                    {
                        WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks");
                        return;
                    }
                    #endregion

                    #region Action Handling

                    #region Forced Upload
                    if (!(entry.Duplicate == 0))
                    {
                        //Now that we know the user is good, actually do the addition.
                        res = connection.AddDataEntry(mappedUser.Company, entry.ContainedEntry);
                        if (!res)
                        {
                            WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message);
                            return;
                        }
                        WriteBodylessResponse(ctx, 200, "OK");
                    }
                    #endregion

                    else
                    {
                        //test if there exists similar
                        string whereString = "Make =\"" + entry.ContainedEntry.Make + "\" AND " + "Model =\"" + entry.ContainedEntry.Model + "\"";
                        //whereString += "AND"+entry.ContainedEntry.Year+">="+(entry.ContainedEntry.Year-2)+"AND"+entry.ContainedEntry.Year+"<="+(entry.ContainedEntry.Year+2);
                        List <RepairJobEntry> dataCollectionsWhere = connection.GetDataEntriesWhere(mappedUser.Company, whereString, true);
                        List <RepairJobEntry> data2 = connection.GetDataEntriesWhere(mappedUser.Company, whereString, false);
                        foreach (RepairJobEntry x in data2)
                        {
                            dataCollectionsWhere.Add(x);
                        }
                        #region No Similar Jobs
                        //if none force through
                        if (dataCollectionsWhere.Count == 0)
                        {
                            res = connection.AddDataEntry(mappedUser.Company, entry.ContainedEntry);
                            if (!res)
                            {
                                WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message);
                                return;
                            }
                            WriteBodylessResponse(ctx, 200, "OK");
                        }
                        #endregion

                        #region Similar Jobs Return
                        //if yes 409 with similar jobs
                        else
                        {
                            JsonListStringConstructor retConstructor = new JsonListStringConstructor();
                            List <EntrySimilarity>    ret            = getSimilar(entry.ContainedEntry, dataCollectionsWhere, 3);
                            if (ret.Count == 0)
                            {
                                res = connection.AddDataEntry(mappedUser.Company, entry.ContainedEntry);
                                if (!res)
                                {
                                    WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message);
                                    return;
                                }
                                WriteBodylessResponse(ctx, 200, "OK");
                            }
                            ret.ForEach(obj => retConstructor.AddElement(ConvertEntrySimilarity(obj)));
                            WriteBodyResponse(ctx, 409, "Conflict", retConstructor.ToString(), "application/json");

                            JsonDictionaryStringConstructor ConvertEntrySimilarity(EntrySimilarity e)
                            {
                                JsonDictionaryStringConstructor r = new JsonDictionaryStringConstructor();

                                r.SetMapping("Make", e.Entry.Make);
                                r.SetMapping("Model", e.Entry.Model);
                                r.SetMapping("Complaint", e.Entry.Complaint);
                                r.SetMapping("Problem", e.Entry.Problem);
                                if (e.Entry.Year == -1)
                                {
                                    r.SetMapping("Year", "Unknown");
                                }
                                else
                                {
                                    r.SetMapping("Year", e.Entry.Year);
                                }
                                r.SetMapping("Id", e.Entry.Id);
                                return(r);
                            }
                        }
                        #endregion
                    }
                    #endregion
                }
            }
            catch (HttpListenerException)
            {
                //HttpListeners dispose themselves when an exception occurs, so we can do no more.
            }
            catch (Exception e)
            {
                WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
            }
        }