public async Task <ActionResult <UULResponse> > DeleteHabitant(HabitantDTO habitantDTO)
{
var currentUser = HttpContext.User;
UULResponse response;
try {
var userInfo = SecHelper.GetUserInfo(currentUser.Claims);
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).FirstAsync();
var existentHabitants = await _context.Habitants.Where(h => h.User.ID == user.ID).Select(h => new HabitantDTO(h)).ToListAsync();
if (existentHabitants.Count <= 1)
{
return(Error.ProfileLastHabitantDeletion.CreateErrorResponse(_logger, "DeleteHabitant"));
}
var habitant = await _context.Habitants.FindAsync(habitantDTO.ID);
_context.Habitants.Remove(habitant);
await _context.SaveChangesAsync();
var habitants = await _context.Habitants.Where(h => h.User.ID == user.ID).Select(h => new HabitantDTO(h)).ToListAsync();
userInfo.IsActivated = user.IsActivated;
userInfo.Habitants = habitants;
response = new UULResponse()
{
Success = true, Message = "Habitant was deleted", Data = userInfo
};
} catch (Exception e) {
response = Error.ProfileDeleteHabitantFailed.CreateErrorResponse(_logger, "DeleteHabitant", e);
}
return(response);
}
public async Task <ActionResult <UULResponse> > AddHabitant(HabitantDTO habitantDTO) // TODO check rules before adding
{
var currentUser = HttpContext.User;
UULResponse response;
try {
var userInfo = SecHelper.GetUserInfo(currentUser.Claims);
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).SingleOrDefaultAsync();
if (user == null)
{
return(Error.ProfileNotFound.CreateErrorResponse(_logger, "AddHabitant"));
}
var habitant = new Habitant(habitantDTO)
{
User = user
};
_context.Habitants.Add(habitant);
await _context.SaveChangesAsync();
var habitants = await _context.Habitants.Where(h => h.User.ID == user.ID).Select(h => new HabitantDTO(h)).ToListAsync();
userInfo.IsActivated = user.IsActivated;
userInfo.Habitants = habitants;
response = new UULResponse()
{
Success = true, Message = "Habitant was added", Data = userInfo
};
} catch (Exception e) {
response = Error.ProfileAddHabitantFailed.CreateErrorResponse(_logger, "AddHabitant", e);
}
return(response);
}
public static User AddFromDto(UULContext context, NewUserDTO newUser)
{
var salt = SecHelper.CreateSalt();
var habitant = new Habitant(newUser);
context.Habitants.Add(habitant);
var userToSave = new User {
Login = newUser.Login,
IsActivated = false,
CreatedAt = DateOperations.Now(),
Hash = SecHelper.SaltAndHashPwd(newUser.Pwd, salt),
Salt = salt,
ApartmentCode = newUser.ApartmentCode,
Habitants = new List <Habitant>()
{
habitant
}
};
context.Users.Add(userToSave);
return(userToSave);
}
public async Task <ActionResult <ICollection <UserWebInfoDTO> > > UpdateUser(UserWebInfoDTO userWebInfoDTO)
{
var userInfo = SecHelper.GetUserInfo(HttpContext.User.Claims);
try {
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).SingleOrDefaultAsync();
if (!SecHelper.IsAdmin(user)) // TODO move to claims
{
throw new Exception("Not admin");
}
var userToUpdate = await _context.Users.FindAsync(userWebInfoDTO.ID);
if (userToUpdate == null)
{
return(new NotFoundResult());
}
userToUpdate.IsActivated = userWebInfoDTO.IsActivated; // currently only this
_context.Users.Update(userToUpdate);
await _context.SaveChangesAsync();
return(new OkObjectResult(userWebInfoDTO));
} catch {
return(new ForbidResult());
}
}
public static async Task <User> GetUserFromClaimsOrDefault(UULContext _context, ClaimsPrincipal currentUser)
{
var userInfo = SecHelper.GetUserInfo(currentUser.Claims);
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).SingleOrDefaultAsync();
return(user);
}
public async Task <ActionResult <UULResponse> > ChangePassword(UserUpdatePasswordDTO userPwdsDTO)
{
if (!userPwdsDTO.isValid(out var msg))
{
return(Error.ProfileValidationFailed.CreateErrorResponse(_logger, "ChangePassword", new Exception(msg)));
}
UULResponse response;
try {
var userInfoDTO = await AuthenticateUserOrThrow(userPwdsDTO.toLoginInfoDTO());
var user = await UserDao.GetUserByDetailsOrThrow(_context, userInfoDTO.Login, userInfoDTO.ApartmentCode);
var salt = SecHelper.CreateSalt();
user.Salt = salt;
user.Hash = SecHelper.SaltAndHashPwd(userPwdsDTO.NewPwd, salt);
_context.Users.Update(user);
await _context.SaveChangesAsync();
var tokenString = SecHelper.GenerateJSONWebToken(userInfoDTO.Login, userInfoDTO.ApartmentCode, _config);
var habitants = await _context.Habitants.Where(h => h.User.ID == user.ID).Select(h => new HabitantDTO(h)).ToListAsync();
response = new UULResponse()
{
Success = true, Message = tokenString, Data = new UserInfoDTO(user, habitants)
};
} catch (UserProfileNotFoundException e) {
response = Error.ProfileNotFound.CreateErrorResponse(_logger, "ChangePassword", e);
} catch (AuthException e) {
response = Error.AuthFailed.CreateErrorResponse(_logger, "ChangePassword", e);
} catch (Exception e) {
response = Error.ProfileChangePwdFailed.CreateErrorResponse(_logger, "ChangePassword", e);
}
return(response);
}
public async Task <ActionResult <UULResponse> > DeleteNews(long id)
{
UULResponse response;
var currentUser = HttpContext.User;
try {
var user = await UserDao.GetUserFromClaimsOrThrow(_context, HttpContext.User);
if (!SecHelper.IsAdmin(user))
{
throw new Exception("Access denied");
}
var news = await _context.News.FindAsync(id);
_context.News.Remove(news);
await _context.SaveChangesAsync();
response = new UULResponse()
{
Success = true, Message = "News item was deleted", Data = null
};
} catch (Exception e) {
response = new UULResponse()
{
Success = false, Message = e.Message, Data = null
};
}
return(response);
}
public async Task <ActionResult <UULResponse> > NewUser(NewUserDTO newUser)
{
UULResponse response;
try {
if (!newUser.isValid(out var msg))
{
return(Error.ProfileValidationFailed.CreateErrorResponse(_logger, "NewProfile", new Exception(msg)));
}
var exist = await _context.Users.AnyAsync(u => u.Login.Equals(newUser.Login) && u.ApartmentCode == newUser.ApartmentCode);
if (exist)
{
return(Error.ProfileAlreadyExists.CreateErrorResponse(_logger, "NewProfile"));
}
var user = UserDao.AddFromDto(_context, newUser);
await _context.SaveChangesAsync();
var userInfo = new UserInfoDTO(user);
var tokenString = SecHelper.GenerateJSONWebToken(userInfo.Login, userInfo.ApartmentCode, _config);
response = new UULResponse()
{
Success = true, Message = tokenString, Data = userInfo
};
} catch (Exception e) {
response = Error.ProfileCreationFailed.CreateErrorResponse(_logger, "NewProfile", e);
}
return(response);
}
private async Task <UserInfoDTO> AuthenticateUserOrThrow(UserLoginInfoDTO loginInfoDTO)
{
var stored = await UserDao.GetUserByDetailsOrThrow(_context, loginInfoDTO.Login, loginInfoDTO.ApartmentCode);
var saltedAndHashedPwd = SecHelper.SaltAndHashPwd(loginInfoDTO.Pwd, stored.Salt);
if (saltedAndHashedPwd != stored.Hash)
{
throw new AuthException("Wrong credentials");
}
return(new UserInfoDTO()
{
ApartmentCode = loginInfoDTO.ApartmentCode, Login = loginInfoDTO.Login
});
}
public async Task <ActionResult <UULResponse> > CreateOrUpdateNews(NewsWebDTO dto)
{
UULResponse response;
try {
var user = await UserDao.GetUserFromClaimsOrThrow(_context, HttpContext.User);
if (!SecHelper.IsAdmin(user))
{
throw new Exception("Access denied");
}
var news = new News(dto);
var now = DateOperations.Now();
if (news.ID == null)
{
news.CreatedAt = now;
}
else
{
news.UpdatedAt = now;
}
string message = "News was created";
if (news.ID == null)
{
_context.News.Add(news);
}
else
{
_context.News.Update(news);
message = "News was upadted";
}
await _context.SaveChangesAsync();
response = new UULResponse()
{
Success = true, Message = message, Data = new NewsWebDTO(news)
};
} catch (Exception e) {
response = new UULResponse()
{
Success = false, Message = e.Message, Data = null
};
}
return(response);
}
public async Task <ActionResult <ICollection <UserWebInfoDTO> > > GetUsers()
{
var userInfo = SecHelper.GetUserInfo(HttpContext.User.Claims);
try {
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).SingleOrDefaultAsync();
if (!SecHelper.IsAdmin(user)) // TODO move to claims
{
throw new Exception("Not admin");
}
var userDTOs = await _context.Users.Where(u => !u.Login.Equals(userInfo.Login) && !u.ApartmentCode.Equals(userInfo.ApartmentCode)).OrderBy(u => u.ApartmentCode).Select(u => new UserWebInfoDTO(u)).ToListAsync();
return(new OkObjectResult(userDTOs));
} catch {
return(new ForbidResult());
}
}
public async Task <ActionResult <UULResponse> > LoginUser(UserLoginInfoDTO loginInfoDTO)
{
UULResponse response;
try {
var userInfoDTO = await AuthenticateUserOrThrow(loginInfoDTO);
var tokenString = SecHelper.GenerateJSONWebToken(userInfoDTO.Login, userInfoDTO.ApartmentCode, _config);
response = new UULResponse()
{
Success = true, Message = "Login success", Data = tokenString
};
} catch (AuthException e) {
response = Error.AuthFailed.CreateErrorResponse(_logger, "Login", e);
} catch (Exception e) {
response = Error.ProfileLoginFailed.CreateErrorResponse(_logger, "Login", e);
}
return(response);
}
public async Task <ActionResult <UULResponse> > EditHabitant(HabitantDTO habitantDTO)
{
var currentUser = HttpContext.User;
UULResponse response;
try {
var userInfo = SecHelper.GetUserInfo(currentUser.Claims);
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).SingleOrDefaultAsync();
if (user == null)
{
return(Error.ProfileNotFound.CreateErrorResponse(_logger, "EditHabitant"));
}
var habitant = await _context.Habitants.FindAsync(habitantDTO.ID);
if (habitant == null)
{
return(Error.ProfileHabitantLookupFailed.CreateErrorResponse(_logger, "EditHabitant"));
}
habitant.Name = habitantDTO.Name;
habitant.AvatarSrc = habitantDTO.AvatarSrc;
_context.Habitants.Update(habitant);
await _context.SaveChangesAsync();
var habitants = await _context.Habitants.Where(h => h.User.ID == user.ID).Select(h => new HabitantDTO(h)).ToListAsync();
userInfo.IsActivated = user.IsActivated;
userInfo.Habitants = habitants;
response = new UULResponse()
{
Success = true, Message = "Habitant was updated", Data = userInfo
};
} catch (Exception e) {
response = Error.ProfileEditHabitantFailed.CreateErrorResponse(_logger, "EditHabitant", e);
}
return(response);
}
public async Task <ActionResult <UULResponse> > GetMyUserInfo()
{
var currentUser = HttpContext.User;
UULResponse response;
try {
var userInfo = SecHelper.GetUserInfo(currentUser.Claims);
var user = await UserDao.GetUserByDetailsOrThrow(_context, userInfo.Login, userInfo.ApartmentCode);
var habitants = await _context.Habitants.Where(h => h.User.ID == user.ID).Select(h => new HabitantDTO(h)).ToListAsync();
userInfo.IsActivated = user.IsActivated;
userInfo.Habitants = habitants;
response = new UULResponse()
{
Success = true, Message = "", Data = userInfo
};
} catch (UserProfileNotFoundException e) {
response = Error.ProfileNotFound.CreateErrorResponse(_logger, "ProfileInfo", e);
} catch (Exception e) {
response = Error.ProfileGetInfoFailed.CreateErrorResponse(_logger, "ProfileInfo", e);
}
return(response);
}
public static void Initialize(UULContext context, IConfiguration config)
{
if (config.GetValue <bool>("DropDataOnStart") == true)
{
context.Database.EnsureDeleted();
}
context.Database.EnsureCreated();
if (!context.Users.Any())
{
context.Users.Add(SecHelper.CreateDefaultAdmin());
}
if (!context.Rules.Any())
{
context.Towers.RemoveRange(context.Towers);
context.SpecialFloors.RemoveRange(context.SpecialFloors);
context.BannedApartments.RemoveRange(context.BannedApartments);
context.Gyms.RemoveRange(context.Gyms);
var towers = new List <Tower>()
{
new Tower()
{
Name = "A", FloorsCount = 10
},
new Tower()
{
Name = "B", FloorsCount = 10
},
new Tower()
{
Name = "C", FloorsCount = 12
},
new Tower()
{
Name = "D", FloorsCount = 12
}
};
var specialFloors = new List <SpecialFloor>()
{
new SpecialFloor()
{
Name = "A10", Alias = "PH"
},
new SpecialFloor()
{
Name = "B10", Alias = "PH"
},
new SpecialFloor()
{
Name = "C12", Alias = "PH"
},
new SpecialFloor()
{
Name = "D12", Alias = "PH"
},
};
var gyms = new List <Gym>()
{
new Gym()
{
Name = "A", IsOpen = true
},
new Gym()
{
Name = "B", IsOpen = true
}
};
context.Towers.AddRange(towers);
context.SpecialFloors.AddRange(specialFloors);
context.Gyms.AddRange(gyms);
var rules = new Rules()
{
Version = 0,
PersonsPerTimeSlot = 4,
HabitantsPerApartment = 4,
DoorsPerFloor = 8,
TimeSlotSpan = DefaultTimeSlotSpan,
Towers = towers,
SpecialFloors = specialFloors,
BannedApartments = { },
Gyms = gyms
};
context.Rules.Add(rules);
context.SaveChanges();
}
if (config.GetValue <bool>("CreateDummyDataOnStart") == false)
{
var newSlots = TimeSlotsFactory.CreateTodayTimeSlots(context, 11); // 11 Utc is 5 am at Gdl
newSlots.Wait();
context.TimeSlots.AddRange(newSlots.Result);
}
else
{
DummyDataFactory.CreateDummyData(context);
}
context.SaveChanges();
}
private async Task <ActionResult <UULResponse> > BookTimeSlotByGym(BookTimeSlotDTO dto, int gymId)
{
UULResponse response; // TODO refactor to use exceptions
var currentUser = HttpContext.User;
try {
var userInfo = SecHelper.GetUserInfo(currentUser.Claims);
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).SingleOrDefaultAsync();
if (user is null)
{
return(Error.ProfileNotFound.CreateErrorResponse(_logger, "BookTimeSlotsByGym"));
}
if (!user.IsActivated)
{
return(Error.ProfileNotActivated.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
var timeSlot = await _context.TimeSlots
.Include(t => t.OccupiedBy)
.Include(t => t.Gym)
.FirstOrDefaultAsync(t => t.ID == dto.TimeslotId);
if (timeSlot is null)
{
return(Error.TimeSlotNotFound.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
var rulesDto = await RulesDao.GetCurrentRulesDTOOrDefault(_context);
if (rulesDto is null)
{
return(Error.RulesNotFound.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
DateOperations.GetTodayTimeSlotsBoundsUtc(rulesDto.TimeSlotSpan, out DateTime todayStart, out DateTime todayEnd);
if (!timeSlot.Gym.IsOpen)
{
return(Error.GymClosed.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
if (!(timeSlot.Start.IsWithinBounds(todayStart, todayEnd)))
{
return(Error.TimeSlotNotToday.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
if (timeSlot.OccupiedBy.Count >= rulesDto.PersonsPerTimeSlot)
{
return(Error.TimeSlotFull.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
if (await AlreadyBookedInBoundsUTC(dto.HabitantId, todayStart, todayEnd))
{
return(Error.TimeSlotOverbooking.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
Habitant habitant = await _context.Habitants.FindAsync(dto.HabitantId);
if (habitant is null)
{
return(Error.ProfileHabitantLookupFailed.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
timeSlot.OccupiedBy.Add(habitant);
habitant.LastGymVisit = timeSlot.Start;
_context.TimeSlots.Update(timeSlot);
_context.Habitants.Update(habitant);
var success = await _context.SaveChangesAsync() != 0;
var slots = gymId == -1 ? await TimeSlotsDao.GetTimeSlotsByUtcBounds(_context, todayStart, todayEnd) : await TimeSlotsDao.GetTimeSlotsByUtcBounds(_context, gymId, todayStart, todayEnd);
var data = new ScheduleDTO()
{
Date = todayStart.Year + "/" + todayStart.Month + "/" + todayStart.Day, GymId = gymId == -1 ? null : gymId, TimeSlots = slots
};
response = new UULResponse()
{
Success = success, Message = "Booked", Data = data
};
} catch (Exception e) {
response = Error.TimeSlotsBookingFailed.CreateErrorResponse(_logger, "BookTimesSlotsByGym", e);
}
return(response);
}
