public async Task <IHttpActionResult> PutUserPrivilage(string id, UserPrivilage userPrivilage)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Change User Privilage"));
}
// Check if User exist
if (!UserExists(id))
{
BadRequest("User id is not valid");
}
// Save edited Privilage
UserPrivilage aUserPrivilage = await db.UserPrivilages.Where(x => x.UserId == id).SingleOrDefaultAsync();
aUserPrivilage.CanAddDocument = userPrivilage.CanAddDocument;
aUserPrivilage.CanDeleteDocument = userPrivilage.CanDeleteDocument;
aUserPrivilage.CanTagDocument = userPrivilage.CanTagDocument;
await db.SaveChangesAsync();
return(Ok(aUserPrivilage));
}
public async Task <IHttpActionResult> PutACl(string id, UserACL userAcl)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Update User ACL"));
}
// Check if User exist
if (!UserExists(id))
{
BadRequest("User id is not valid");
}
// Save edited AclType
UserACL aUserAcl = await db.UserAcls.Where(x => x.UserId == id).SingleOrDefaultAsync();
aUserAcl.UserType = userAcl.UserType;
await db.SaveChangesAsync();
return(Ok(aUserAcl));
}
public async Task <IHttpActionResult> GetACl(string id)
{
// Check if User exist
if (!UserExists(id))
{
BadRequest("User id is not valid");
}
UserACL aUserAcl = await db.UserAcls.Where(x => x.UserId == id).SingleOrDefaultAsync();
return(Ok(aUserAcl));
}
public async Task <IHttpActionResult> GetUserInfo(string id)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Delete User"));
}
// Get the UserInfo
var user = await(from u in db.Users
join up in db.UserProfiles on u.Id equals up.UserId
join uacl in db.UserAcls on u.Id equals uacl.UserId
join c in db.Companies on u.CompanyId equals c.Id into cu
from cInfo in cu.DefaultIfEmpty()
where u.Id == id
select new
{
u.Id,
u.UserName,
u.Email,
u.PasswordHash,
up.FirstName,
up.LastName,
uacl.UserType,
CompanyName = cInfo.Name,
ConmapyId = (int?)cInfo.Id,
}).ToListAsync();
if (user == null)
{
return(NotFound());
}
return(Ok(user));
}
public async Task <IHttpActionResult> DeleteUser(string id)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Delete User"));
}
// is id is valid
if (!(db.Users.Any(x => x.Id == id)))
{
string message = "Invalid Id";
return(BadRequest(message));
}
var user = await db.Users.Where(x => x.Id == id).SingleOrDefaultAsync();
var aUserProfile = await db.UserProfiles.Where(x => x.UserId == id).SingleOrDefaultAsync();
var aUserAcl = await db.UserAcls.Where(x => x.UserId == id).SingleOrDefaultAsync();
if (user == null)
{
return(NotFound());
}
db.Users.Remove(user);
db.UserAcls.Remove(aUserAcl);
db.UserProfiles.Remove(aUserProfile);
await db.SaveChangesAsync();
return(Ok("User is deleted"));
}
public async Task <IHttpActionResult> GetSequencialRestricted(int id)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can get Sequencial list"));
}
Document document = await db.Documents.FindAsync(id);
if (document == null)
{
return(NotFound());
}
// Get the SequencialList
SequenceACL sequence = await
db.SequenceAcls.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync();
return(Ok(sequence));
}
public async Task <IHttpActionResult> Register(RegisterBindingModel model)
{
UserACL aUserAcl = new UserACL();
UserProfile aUserProfile = new UserProfile();
UserPrivilage aUserPrivilage = new UserPrivilage();
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (model.UserAclType == Normal || model.UserAclType == Manager) // (a) company must be valid for Manager and Normal user
{
if (!db.Companies.Any(x => x.Id == model.CompanyId))
{
return(BadRequest("This CompanyId is not valid"));
}
}
else
{
if (model.CompanyId != 0)
{
return(BadRequest("CompanyId Must be 0 for Admin User"));
}
}
var user = new ApplicationUser()
{
UserName = model.UserName, Email = model.Email, CompanyId = model.CompanyId
};
IdentityResult result = await UserManager.CreateAsync(user, model.Password);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
ApplicationUser aUser = await db.Users.Where(x => x.Email == user.Email).SingleOrDefaultAsync(); //get the UserId
// Save UserACL
aUserAcl.UserType = model.UserAclType;
aUserAcl.UserId = aUser.Id;
db.UserAcls.Add(aUserAcl);
await db.SaveChangesAsync();
// save UserProfile
aUserProfile.FirstName = model.FirstName;
aUserProfile.LastName = model.LastName;
aUserProfile.UserId = aUser.Id;
db.UserProfiles.Add(aUserProfile);
await db.SaveChangesAsync();
//Save UserPrivilage
aUserPrivilage.CanAddDocument = model.CanAddDocument;
aUserPrivilage.CanDeleteDocument = model.CanDeleteDocument;
aUserPrivilage.CanTagDocument = model.CanTagDocument;
aUserPrivilage.UserId = aUser.Id;
db.UserPrivilages.Add(aUserPrivilage);
await db.SaveChangesAsync();
return(Ok());
}
public async Task <IHttpActionResult> PutUpdateSequencialRestricted(int id, SequenceACL sequence)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Update Sequencial Restricted"));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Document document = await db.Documents.FindAsync(id);
if (document == null)
{
return(NotFound());
}
// Check Sequencial List is already created.
var sequencialListToCheck = await
db.SequenceAcls.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync();
if (sequencialListToCheck != null)
{
return(BadRequest("Sequencial list is already Exist."));
}
// only sequence and present access is updated
DocumentACL aDocumentAcl = await db.DocumentAcls.Where(x => x.DocumentId == id).SingleOrDefaultAsync();
SequenceACL aSequenceAcl =
await db.SequenceAcls.Where(x => x.DocAclId == aDocumentAcl.Id).SingleOrDefaultAsync();
aSequenceAcl.Sequence = sequence.Sequence;
aSequenceAcl.PresentAccess = sequence.PresentAccess;
await db.SaveChangesAsync();
// change the DocAclType in DocumentAcl
aDocumentAcl.DocAclType = 2;
await db.SaveChangesAsync();
//// Check Document have a restricted sequence.
//var restrictedListToCheck = await
// db.Restricteds.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync();
//if (restrictedListToCheck != null)
//{
// db.Restricteds.Remove(restrictedListToCheck);
// await db.SaveChangesAsync();
//}
//Delete the Document from the DocumentUser Table...
db.DocumentUsers.RemoveRange(db.DocumentUsers.Where(x => x.DocumentId == id));
await db.SaveChangesAsync();
// Add user To the DocumentUser Model
List <string> userInTagList = sequence.Sequence.Split(',').ToList();
foreach (var userInList in userInTagList)
{
var len = userInList.Length;
if (len != 36 && userInList[0] == 'g')
{
var groupId = Convert.ToInt64(userInList.Substring(1));
//Check the Group is Exist
var groupIsExist = db.Groups.FindAsync(groupId);
// Get all the user of the Group
var groupUsers = await(from u in db.Users
join ug in db.UserGroups on u.Id equals ug.UserId
join g in db.Groups on ug.GroupId equals g.Id
where g.Id == groupId
select new
{
u.Id,
u.UserName,
u.Email,
u.CompanyId,
}).ToListAsync();
// Add User to the Document
foreach (var userInGroup in groupUsers)
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInGroup.Id && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInGroup.Id;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
else
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInList && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInList;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
return(Ok(sequence));
}
public async Task <IHttpActionResult> PutCreateRestrictedSequence(int id, Restricted restricted)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Update User ACL"));
}
//Check DocAcl and UserId is Given
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Document document = await db.Documents.FindAsync(id);
if (document == null)
{
return(NotFound());
}
// only List is updated
DocumentACL aDocumentAcl = await db.DocumentAcls.Where(x => x.DocumentId == id).SingleOrDefaultAsync();
Restricted aRestricted =
await db.Restricteds.Where(x => x.DocAclId == aDocumentAcl.Id).SingleOrDefaultAsync();
aRestricted.List = restricted.List;
//db.Restricteds.Add(aRestricted);
await db.SaveChangesAsync();
// change the DocAclType in DocumentAcl
aDocumentAcl.DocAclType = 3;
await db.SaveChangesAsync();
//Delete the Document from the DocumentUser Table...
db.DocumentUsers.RemoveRange(db.DocumentUsers.Where(x => x.DocumentId == id));
await db.SaveChangesAsync();
// Add User to the Document
List <string> userInTagList = aRestricted.List.Split(',').ToList();
foreach (var userInList in userInTagList)
{
var len = userInList.Length;
if (len != 36 && userInList[0] == 'g')
{
var groupId = Convert.ToInt64(userInList.Substring(1));
//Check the Group is Exist
var groupIsExist = await db.Groups.FindAsync(groupId);
// Get all the user of the Group
var groupUsers = await(from u in db.Users
join ug in db.UserGroups on u.Id equals ug.UserId
join g in db.Groups on ug.GroupId equals g.Id
where g.Id == groupId
select new
{
u.Id,
u.UserName,
u.Email,
u.CompanyId,
}).ToListAsync();
// Add User to the Document
foreach (var userInGroup in groupUsers)
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInGroup.Id && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInGroup.Id;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
else
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInList && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInList;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
return(Ok(aRestricted));
}
