public ReturnBid AddBid(Bid bid)
{
try
{
using (SqlConnection conn = new SqlConnection(connectionString))
{
conn.Open();
string timeStamp = DateTime.Now.ToString("MM/dd/yy HH:mm");
SqlCommand cmd = new SqlCommand($"INSERT INTO bid (item_id, user_id, amount, time_placed) VALUES (@item_id, @user_id, @bid_amount, @now); Select @@IDENTITY;", conn);
cmd.Parameters.AddWithValue("@item_id", bid.Item_ID);
cmd.Parameters.AddWithValue("@user_id", bid.User_ID);
cmd.Parameters.AddWithValue("@bid_amount", bid.Amount);
cmd.Parameters.AddWithValue("@now", timeStamp);
int newID = Convert.ToInt32(cmd.ExecuteScalar());
ReturnBid returnedBid = new ReturnBid();
returnedBid.Amount = bid.Amount;
returnedBid.Item_ID = bid.Item_ID;
returnedBid.Time_Placed = timeStamp;
returnedBid.Bid_ID = newID;
return(returnedBid);
}
}
catch (SqlException)
{
throw;
}
}
public Item GetSingleItem(int item_Id)
{
Item returnItem = new Item();
try
{
using (SqlConnection conn = new SqlConnection(connectionString))
{
conn.Open();
SqlCommand cmd = new SqlCommand($"Select * From Item WHERE item_id = @item_Id order by title; " +
"Select * From item_category IC " +
"JOIN Category C on IC.category_id = c.category_id WHERE IC.item_id = @item_Id; " +
"SELECT * From bid " +
"JOIN item on bid.item_id = item.item_id " +
"JOIN users on users.user_id = bid.user_id WHERE item.item_id = @item_Id Order by amount desc", conn);
cmd.Parameters.AddWithValue("@item_Id", item_Id);
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Item item = RowToObject(reader);
returnItem = item;
}
reader.NextResult();
while (reader.Read())
{
int item_ID = Convert.ToInt32(reader["item_id"]);
string name = Convert.ToString(reader["name"]);
// TODO: find the item with the id of 'item_id'
Item foundItem = returnItem;
// TODO: add name to list of categories
foundItem.Categories.Add(name);
}
reader.NextResult();
while (reader.Read())
{
ReturnBid bid = BidRowToObject(reader);
int item_ID = Convert.ToInt32(reader["item_ID"]);
// Attach bids to each item as list
Item foundBid = returnItem;
foundBid.Bids.Add(bid);
}
return(returnItem);
}
}
catch (SqlException)
{
throw;
}
}
private static ReturnBid BidRowToObject(SqlDataReader rdr)
{
//string wholeAddress = Convert.ToString(rdr["username"]);
//string bit = wholeAddress.Substring(0, 2);
//string emailProvider = wholeAddress.Substring(wholeAddress.IndexOf("@"), 2);
//string anonymousUser = bit + "**" + emailProvider + "****.com";
ReturnBid bid = new ReturnBid();
bid.Bid_ID = Convert.ToInt32(rdr["bid_id"]);
bid.Item_ID = Convert.ToInt32(rdr["item_ID"]);
bid.Amount = Convert.ToDecimal(rdr["amount"]);
bid.User_Name = Convert.ToString(rdr["username"]);
bid.Time_Placed = Convert.ToString(rdr["time_placed"]);
return(bid);
}
public List <Item> GetAllItems()
{
List <Item> returnItems = new List <Item>();
try
{
using (SqlConnection conn = new SqlConnection(connectionString))
{
conn.Open();
SqlCommand cmd = new SqlCommand("GetAllItems", conn);
cmd.CommandType = System.Data.CommandType.StoredProcedure;
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Item item = RowToObject(reader);
returnItems.Add(item);
}
reader.NextResult();
while (reader.Read())
{
int item_ID = Convert.ToInt32(reader["item_id"]);
string name = Convert.ToString(reader["name"]);
// TODO: find the item with the id of 'item_id'
Item foundItem = returnItems.Find(item => item.Item_ID == item_ID);
// TODO: add name to list of categories
foundItem.Categories.Add(name);
}
reader.NextResult();
while (reader.Read())
{
ReturnBid bid = BidRowToObject(reader);
int item_ID = Convert.ToInt32(reader["item_ID"]);
// Attach bids to each item as list
Item foundBid = returnItems.Find(item => item.Item_ID == item_ID);
foundBid.Bids.Add(bid);
}
return(returnItems);
}
}
catch (SqlException)
{
throw;
}
}
public ActionResult <Bid> AddNewBid(int itemID, Bid bid)
{
if (UserId == null)
{
return(Unauthorized());
}
bid.User_ID = int.Parse(UserId);
decimal amountToCheck = bidDao.GetHighestBidAmountForItem(itemID) + 1m;
if (bid.Amount >= amountToCheck)
{
ReturnBid returnedBid = bidDao.AddBid(bid);
return(Created("", returnedBid));
}
else
{
return(BadRequest());
}
// Error check that item_id inside the bid object matches url item_id
// User id will be pulled by authorized logged in user, not userid from json
}
