public async Task <IHttpActionResult> UpdateProductTeamMember(ProductTeamMemberUpdateDTO productTeamMemberUpdateDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Product product = db.Products.Where(_product => _product.ID == productTeamMemberUpdateDTO.ProductID)
.Include(_product => _product.TeamMembers
.Select(teamMember => teamMember.User))
.SingleOrDefault();
if (product == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((product.CompanyID != user.Company.ID) && (product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
ProductTeamMember productTeamMember = product.TeamMembers.Where(_productTeamMember => _productTeamMember.UserID == productTeamMemberUpdateDTO.UserID).SingleOrDefault();
if (productTeamMember == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
productTeamMember.Role = productTeamMemberUpdateDTO.Role;
productTeamMember.CanEditTheProduct = productTeamMemberUpdateDTO.CanEditTheProduct;
db.Entry(productTeamMember).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok(Mapper.Map <ProductTeamMember, ProductTeamMemberDTO>(productTeamMember)));
}
public async Task <IHttpActionResult> GetMyProductAccessLevel(long id)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).Include(_user => _user.Company).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
Product product = db.Products.Where(_product => _product.ID == id).Include(_product => _product.TeamMembers).SingleOrDefault();
if (product == null)
{
return(NotFound());
}
if (product.CompanyID == user.Company.ID)
{
EntityUserLevel entityUserLevel = new EntityUserLevel();
entityUserLevel.EntityId = product.ID;
entityUserLevel.IsAdmin = true;
return(Ok(entityUserLevel));
}
if ((product.CompanyID != user.Company.ID) && (product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && (teamMember.CanEditTheProduct == true || (teamMember.UserLevelId.HasValue && teamMember.UserLevelId.Value > 0))).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
ProductTeamMember productTeamMember = product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id).SingleOrDefault();
if (productTeamMember != null)
{
EntityUserLevel entityUserLevel = new EntityUserLevel();
entityUserLevel.EntityId = product.ID;
entityUserLevel.EntityUserLevelId = productTeamMember.UserLevelId.HasValue ? productTeamMember.UserLevelId.Value : 0;
UserLevel userLevel = db.UserLevels.Where(uLevel => uLevel.Id == entityUserLevel.EntityUserLevelId).SingleOrDefault();
if (userLevel != null)
{
entityUserLevel.UserLevel = userLevel.Name;
if (!productTeamMember.CanEditTheProduct)
{
if (userLevel.Name.ToLower() == "admin")
{
entityUserLevel.IsAdmin = true;
}
if (userLevel.Name.ToLower() == "viewer")
{
entityUserLevel.IsViewer = true;
}
if (userLevel.Name.ToLower() == "editor")
{
entityUserLevel.IsEditor = true;
}
}
}
if (productTeamMember.CanEditTheProduct)
{
entityUserLevel.IsAdmin = true;
}
return(Ok(entityUserLevel));
}
throw new HttpResponseException(HttpStatusCode.NotFound);
}
public async Task <IHttpActionResult> AddNewProductTeamMember(NewProductTeamMemberDTO newProductTeamMemberDTO)
{
string userName = User.Identity.Name;
User authenticatedUser = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (authenticatedUser == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Product product = db.Products.Where(_product => _product.ID == newProductTeamMemberDTO.ProductID)
.Include(_product => _product.TeamMembers
.Select(teamMember => teamMember.User)
.Select(teamMember => teamMember.Company))
.SingleOrDefault();
if (product == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((product.CompanyID != authenticatedUser.Company.ID) && (product.TeamMembers.Where(teamMember => teamMember.UserID == authenticatedUser.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
User productTeamMemberUser = db.Users.Where(_user => _user.Id == newProductTeamMemberDTO.UserID)
.Include(_user => _user.CompaniesAsMembers)
.Include(_user => _user.ProductTeamMembers)
.SingleOrDefault();
if (productTeamMemberUser == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
Company company = product.Company;
if (company == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
CompanyMember companyMember = productTeamMemberUser.CompaniesAsMembers.Where(_companyMember => _companyMember.CompanyID == company.ID).SingleOrDefault();
if (companyMember == null)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
ProductTeamMember productTeamMember = productTeamMemberUser.ProductTeamMembers.Where(_productTeamMember => _productTeamMember.ProductID == newProductTeamMemberDTO.ProductID).SingleOrDefault();
if (productTeamMember != null)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
productTeamMember = new ProductTeamMember();
productTeamMember.UserID = productTeamMemberUser.Id;
productTeamMember.ProductID = product.ID;
productTeamMember.User = productTeamMemberUser;
productTeamMember.Product = product;
productTeamMember.CanEditTheProduct = false;
productTeamMember = db.ProductTeamMembers.Add(productTeamMember);
await db.SaveChangesAsync();
return(Ok(Mapper.Map <ProductTeamMember, ProductTeamMemberDTO>(productTeamMember)));
}
public async Task <IHttpActionResult> UpdateProductTeamMemberMutiple(List <ProductTeamMemberUpdateDTO> productTeamMemberUpdateDTO)
{
CervittApiResult result = new CervittApiResult();
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (productTeamMemberUpdateDTO == null || productTeamMemberUpdateDTO.Count == 0)
{
return(BadRequest("Invalid data or no any data passed."));
}
long userId = productTeamMemberUpdateDTO.FirstOrDefault().UserID;
db.ProductTeamMembers.RemoveRange(db.ProductTeamMembers.Where(u => u.UserID == userId));
await db.SaveChangesAsync();
foreach (ProductTeamMemberUpdateDTO postItem in productTeamMemberUpdateDTO)
{
if (postItem.ProductID <= 0 || postItem.UserID <= 0)
{
continue;
}
Product product = db.Products.Where(_product => _product.ID == postItem.ProductID)
.Include(_product => _product.TeamMembers
.Select(teamMember => teamMember.User))
.SingleOrDefault();
if (product != null)
{
UserLevel userLevel = db.UserLevels.SingleOrDefault(c => c.Id == postItem.UserLevelId);
bool isAdmin = false;
if (userLevel.Name.ToLower() == "admin")
{
isAdmin = true;
}
ProductTeamMember productTeamMember = product.TeamMembers.Where(_productTeamMember => _productTeamMember.UserID == postItem.UserID).SingleOrDefault();
if (productTeamMember == null)
{
productTeamMember = new ProductTeamMember();
productTeamMember.CanEditTheProduct = isAdmin;
productTeamMember.ProductID = postItem.ProductID;
productTeamMember.UserID = postItem.UserID;
productTeamMember.UserLevelId = postItem.UserLevelId;
db.ProductTeamMembers.Add(productTeamMember);
await db.SaveChangesAsync();
}
else
{
productTeamMember.Role = postItem.Role;
productTeamMember.UserLevelId = postItem.UserLevelId;
productTeamMember.CanEditTheProduct = isAdmin;
db.Entry(productTeamMember).State = EntityState.Modified;
await db.SaveChangesAsync();
}
}
}
result.Success = true;
result.SuccessMessage = "Records updated successfully.";
result.ErrorMessage = "";
return(Ok(result));
}
