public HttpResponseMessage Get([FromUri] int currentPage = 1, [FromUri] int pageSize = 0, [FromUri] string query = "", [FromUri] string sort = "") { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.ACCOUNT_VIEW_LIST); IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { var userId = Convert.ToInt32(payload["id"]); var isAuthorized = _authorizationService.Authorize(userId); if (isAuthorized) { response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; var sortQ = new List <string>(); sortQ = sort.Split(',').ToList(); responseData.data = _accountService.GetAccountList(query, pageSize, currentPage, sortQ); } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } } } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage Detail([FromUri] int id) { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.TASK_VIEW); IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { var userId = payload["id"]; var isAuthorized = _authorizationService.Authorize(Convert.ToInt32(userId)); if (isAuthorized) { response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; responseData.data = _taskTemplateService.GetTask(id); } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } } } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage Get(string query = "") { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; var tags = _tagService.GetTagList(query); responseData.data = tags; } } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage AddContacts([FromUri] int id, [FromBody] AccountAddContactApiModel contact) { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); //AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.LEAD_MODIFY); //read jwt IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { var userId = Convert.ToInt32(payload["id"]); var owner = _accountService.FindOwnerId(id); var collaborator = _accountService.FindCollaboratorId(id); if ((userId == owner) || (userId == collaborator) || (new AuthorizationService().SetPerm((int)EnumPermissions.ACCOUNT_DELETE).Authorize(userId))) { var isAdded = _accountService.AddContact(id, contact.id); if (isAdded) { response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; responseData.message = SuccessMessages.CONTACT_ADDED; } else { response.StatusCode = HttpStatusCode.InternalServerError; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.SOMETHING_WRONG; } } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } } } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage CreateNote([FromUri] int id) { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.NOTE_CREATE); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { var userId = Convert.ToInt32(payload["id"]); var isAuthorized = _authorizationService.Authorize(userId); if (isAuthorized) { string noteBody = HttpContext.Current.Request.Form["body"]; if (!string.IsNullOrEmpty(noteBody)) { //create a note NoteApiModel apiModel = new NoteApiModel(); apiModel.body = noteBody; apiModel.createdBy = new UserLinkApiModel() { id = userId }; apiModel.account = id; var createdNote = _noteService.Create(apiModel); //create files and link them to note if (HttpContext.Current.Request.Files.Count > 0) { var allFiles = HttpContext.Current.Request.Files; foreach (string fileName in allFiles) { HttpPostedFile uploadedFile = allFiles[fileName]; FileManager.File file = new FileManager.File(uploadedFile); _noteService.AddFile(createdNote, file); } } response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; responseData.message = SuccessMessages.NOTE_ADDED; } else { response.StatusCode = HttpStatusCode.BadRequest; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.NOTE_EMPTY; } } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } } } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage Delete([FromUri] int id) { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); //AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.LEAD_MODIFY); //read jwt IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { var userId = Convert.ToInt32(payload["id"]); var owner = _taskTemplateService.GetTaskOwner(id); if ((userId == owner) || (new AuthorizationService().SetPerm((int)EnumPermissions.TASK_DELETE_ANY).Authorize(userId))) { var isRemoved = _taskTemplateService.DeleteTask(id); if (isRemoved) { response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; responseData.message = SuccessMessages.TASK_DELETED; } else { response.StatusCode = HttpStatusCode.InternalServerError; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.SOMETHING_WRONG; } } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } } } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage ChangeAvatar([FromUri] int id) { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); //read jwt IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { var userId = Convert.ToInt32(payload["id"]); //if user is owner var owner = _contactService.FindOwnerId(id); var collaborator = _contactService.FindCollaboratorId(id); if ((userId == owner) || (userId == collaborator) || (new AuthorizationService().SetPerm((int)EnumPermissions.CONTACT_DELETE).Authorize(userId))) { if (HttpContext.Current.Request.Files.Count > 0) { var uploadedFile = HttpContext.Current.Request.Files[0]; var isChanged = _contactService.ChangeAvatar(id, uploadedFile); if (isChanged) { response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; responseData.message = SuccessMessages.AVATAR_CHANGED; } else { response.StatusCode = HttpStatusCode.InternalServerError; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.SOMETHING_WRONG; } } else { response.StatusCode = HttpStatusCode.BadRequest; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.INVALID_BODY; } } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } } } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage ValidateCode([FromBody] ResetPasswordApiModel apiModel) { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); if (apiModel == null) { response.StatusCode = HttpStatusCode.BadRequest; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.INVALID_KEY; } else { //validate the key sent if (string.IsNullOrEmpty(apiModel.key) || string.IsNullOrEmpty(apiModel.newPassword)) { response.StatusCode = HttpStatusCode.BadRequest; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.INVALID_KEY; } else { var payload = JwtTokenManager.ValidateJwtToken(apiModel.key); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { //decode key for field "validationCode" and "email" var userEmail = Convert.ToString(payload["email"]); var userCode = Convert.ToString(payload["validationCode"]); //find user with email, if validation code is the same, hash password and save it to db var dbUser = db.USERs.Where(c => c.Email == userEmail).FirstOrDefault(); if (dbUser != null) { if (dbUser.RememberMeToken == userCode) { //hash user password dbUser.Hash = _hashManager.Hash(apiModel.newPassword); db.SaveChanges(); response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; responseData.message = SuccessMessages.PASSWORD_RESET; } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.INVALID_KEY; } } else { response.StatusCode = HttpStatusCode.NotFound; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.USER_NOT_FOUND; } } } } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage ViewSaleDashboard() { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.DEAL_VIEW_LIST); IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { var userId = payload["id"]; var isAuthorized = _authorizationService.Authorize(Convert.ToInt32(userId)); if (isAuthorized) { response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; var deals = db.DEALs.ToList(); DashboardApiModel apiModel = new DashboardApiModel(); apiModel.stages = new List <DashboardApiModel.S>(); var qualified = new DashboardApiModel.S(); var valueProposition = new DashboardApiModel.S(); var findKeyContacts = new DashboardApiModel.S(); var sendProposal = new DashboardApiModel.S(); var review = new DashboardApiModel.S(); var negotiate = new DashboardApiModel.S(); var won = new DashboardApiModel.S(); var lost = new DashboardApiModel.S(); var qualifiedStage = db.STAGEs.Find((int)EnumStage.QUALIFIED); var valuePropositionStage = db.STAGEs.Find((int)EnumStage.VALUE_PROPOSITION); var findKeyContactsStage = db.STAGEs.Find((int)EnumStage.FIND_KEY_CONTACTS); var sendProposalStage = db.STAGEs.Find((int)EnumStage.SEND_PROPOSAL); var reviewStage = db.STAGEs.Find((int)EnumStage.REVIEW); var negotiateStage = db.STAGEs.Find((int)EnumStage.NEGOTIATE); var wonStage = db.STAGEs.Find((int)EnumStage.WON); var lostStage = db.STAGEs.Find((int)EnumStage.LOST); #region stages //qualified qualified.stageID = qualifiedStage.ID; qualified.stageName = qualifiedStage.Name; qualified.probability = qualifiedStage.Probability.Value; //value proposition valueProposition.stageID = valuePropositionStage.ID; valueProposition.stageName = valuePropositionStage.Name; valueProposition.probability = valuePropositionStage.Probability.Value; //find key contacts findKeyContacts.stageID = findKeyContactsStage.ID; findKeyContacts.stageName = findKeyContactsStage.Name; findKeyContacts.probability = findKeyContactsStage.Probability.Value; //send proposal sendProposal.stageID = sendProposalStage.ID; sendProposal.stageName = sendProposalStage.Name; sendProposal.probability = sendProposalStage.Probability.Value; //review review.stageID = reviewStage.ID; review.stageName = reviewStage.Name; review.probability = reviewStage.Probability.Value; //negotiate negotiate.stageID = negotiateStage.ID; negotiate.stageName = negotiateStage.Name; negotiate.probability = negotiateStage.Probability.Value; //won won.stageID = wonStage.ID; won.stageName = wonStage.Name; won.probability = wonStage.Probability.Value; //lost lost.stageID = lostStage.ID; lost.stageName = lostStage.Name; lost.probability = lostStage.Probability.Value; #endregion foreach (var deal in deals) { var d = new DashboardApiModel.D(); d.dealID = deal.ID; d.dealName = deal.Name; d.ownerID = deal.Owner.ID; d.ownerUsername = deal.Owner.Username; d.accountID = deal.ACCOUNT != null ? deal.ACCOUNT.ID : 0; d.accountName = deal.ACCOUNT != null ? deal.ACCOUNT.Name : ""; d.expectedRevenue = deal.ExpectedRevenue.HasValue ? deal.ExpectedRevenue.Value : 0; d.priority = deal.PRIORITY != null ? deal.PRIORITY.Name : ""; foreach (var tag in deal.TAG_ITEM) { var t = new DashboardApiModel.T(); t.tagID = tag.TAG.ID; t.tagName = tag.TAG.Name; d.tags.Add(t); } var history = deal.STAGE_HISTORY.OrderByDescending(sh => sh.ModifiedAt).Take(1); if (history.Count() != 0) { var stage = history.Select(c => c.STAGE_ID).First(); if (stage == (int)EnumStage.QUALIFIED) { qualified.deals.Add(d); } if (stage == (int)EnumStage.VALUE_PROPOSITION) { valueProposition.deals.Add(d); } if (stage == (int)EnumStage.FIND_KEY_CONTACTS) { findKeyContacts.deals.Add(d); } if (stage == (int)EnumStage.SEND_PROPOSAL) { sendProposal.deals.Add(d); } if (stage == (int)EnumStage.REVIEW) { review.deals.Add(d); } if (stage == (int)EnumStage.NEGOTIATE) { negotiate.deals.Add(d); } if (stage == (int)EnumStage.WON) { won.deals.Add(d); } if (stage == (int)EnumStage.LOST) { lost.deals.Add(d); } } } apiModel.stages.AddRange(new List <DashboardApiModel.S>() { qualified, valueProposition, findKeyContacts, sendProposal, review, negotiate, won, lost }); responseData.data = apiModel; } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } } } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage AddTag([FromUri] int id, [FromBody] TagCreateApiModel tag) { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); //AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.LEAD_MODIFY); //read jwt IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { var userId = Convert.ToInt32(payload["id"]); var owner = _leadService.FindOwnerId(id); if ((userId == owner) || (new AuthorizationService().SetPerm((int)EnumPermissions.LEAD_DELETE).Authorize(userId))) { //check if a tag exist //if it is, create a tag item with current lead // else create a new tag and a new tag item var isAdded = _leadService.AddTag(id, tag.name); if (isAdded) { response.StatusCode = HttpStatusCode.OK; responseData = ResponseFormat.Success; responseData.message = SuccessMessages.TAG_ADDED; } else { response.StatusCode = HttpStatusCode.InternalServerError; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.SOMETHING_WRONG; } } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } } } else { response.StatusCode = HttpStatusCode.Unauthorized; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }
public HttpResponseMessage SuccessedResponse(int id) { var response = new HttpResponseMessage(); ResponseFormat responseData = new ResponseFormat(); IEnumerable <string> headerValues; if (Request.Headers.TryGetValues("Authorization", out headerValues)) { string jwt = headerValues.FirstOrDefault(); //validate jwt var payload = JwtTokenManager.ValidateJwtToken(jwt); if (payload.ContainsKey("error")) { if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED) { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_EXPIRED; } if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID) { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.TOKEN_INVALID; } } else { var userId = Convert.ToInt32(payload["id"]); if ((id == userId && new AuthorizationService().SetPerm((int)EnumPermissions.USER_MODIFY_SELF).Authorize(userId)) || (id != userId && new AuthorizationService().SetPerm((int)EnumPermissions.USER_VIEW).Authorize(userId))) { var dbUser = db.USERs.Find(id); if (dbUser != null) { } else { response.StatusCode = HttpStatusCode.Gone; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.USER_NOT_FOUND; } } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } } } else { response.StatusCode = HttpStatusCode.Forbidden; responseData = ResponseFormat.Fail; responseData.message = ErrorMessages.UNAUTHORIZED; } var json = JsonConvert.SerializeObject(responseData); response.Content = new StringContent(json, Encoding.UTF8, "application/json"); return(response); }