public IHttpActionResult GetAllUsers()
{
using (var _db = new DatabaseContext())
{
try
{
// Throws ExceptionService.NoTokenProvidedException
// Throws ExceptionService.SessionNotFoundException
var session = ControllerHelpers.ValidateAndUpdateSession(Request);
var _userManager = new UserManagementManager(_db);
var user = _userManager.GetUser(session.UserId);
if (user.IsAdministrator)
{
var users = _userManager.GetUsers();
_db.SaveChanges();
var responseUsers = Content(HttpStatusCode.OK, users);
return(responseUsers);
}
else
{
return(Content(HttpStatusCode.Unauthorized, "Non-administrators cannot view all users."));
}
}
catch (Exception e) when(e is UserNotFoundException)
{
return(Content(HttpStatusCode.NotFound, e.Message));
}
catch (Exception e) when(e is InvalidGuidException)
{
return(Content(HttpStatusCode.BadRequest, e.Message));
}
catch (Exception e) when(e is NoTokenProvidedException ||
e is SessionNotFoundException ||
e is UserIsNotAdministratorException)
{
return(Content(HttpStatusCode.Unauthorized, e.Message));
}
catch (Exception e)
{
if (e is DbUpdateException ||
e is DbEntityValidationException)
{
_db.RevertDatabaseChanges(_db);
}
return(InternalServerError());
}
}
}
