public ActionResult <IEnumerable <Cart> > DeleteItemsCart(string id, [FromBody] string[] items, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Cart> carts = Program.db.Query <Cart>($"SELECT * FROM Cart WHERE id='{id}';");
if (carts.Count > 0)
{
Cart c = carts.First();
List <ItemProperty> cartItems = c.items;
foreach (string item in items)
{
// check if the item is already in the cart
if (cartItems.Any(c => c.id == Convert.ToInt32(item)))
{
cartItems.Remove(cartItems.FirstOrDefault(c => c.id == Convert.ToInt32(item)));
}
}
c.itemsBlob = JsonSerializer.Serialize(cartItems);
Program.db.Update(c);
return(Ok(c));
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult DeleteCustomer(string id, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Customer> customers = Program.db.Query <Customer>($"SELECT * FROM Customer WHERE id='{id}';");
if (customers.Count > 0)
{
List <Contract> contracts = Program.db.Query <Contract>($"SELECT id FROM Contract WHERE customerId='{customers.First().id}';");
if (contracts.Count > 0)
{
return(BadRequest("Cannot remove customer, customer still has contracts assigned to it!"));
}
Program.db.Delete(customers.First());
return(Ok());
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Customer> > SearchCustomer([FromBody] string query, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
// Prevent searching everything, else this would causes a major performance hit.
if (string.IsNullOrEmpty(query))
{
return(NotFound());
}
List <Customer> customers = Program.db.Query <Customer>($"SELECT * FROM Customer WHERE initials LIKE '%{query}%' OR familyName LIKE '%{query}%' OR email LIKE '%{query}%' OR phone LIKE '%{query}%' OR address LIKE '%{query}%' OR postalCode LIKE '%{query}%';");
if (customers.Count > 0)
{
return(customers);
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public IActionResult NewCustomer([FromBody] Customer customer, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
if (!string.IsNullOrEmpty(customer.initials) && !string.IsNullOrEmpty(customer.familyName) && !string.IsNullOrEmpty(customer.email))
{
if (Utilities.IsValidEmail(customer.email))
{
Program.db.Insert(customer);
return(Ok(customer));
}
else
{
return(BadRequest($"Malformed email address. ({customer.email})"));
}
}
else
{
return(BadRequest("Customer initials, family name and email are required fields!"));
}
}
else
{
return(Unauthorized());
}
}
public ActionResult GetInvoiceTotals(int invoiceId, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Invoice> invoices = Program.db.Query <Invoice>($"SELECT * FROM Invoice WHERE id=$1;", new object[] { invoiceId });
if (invoices.Count > 0)
{
Invoice invoice = invoices.Last();
return(Ok((new Dictionary <string, object>()
{
{ "totalPrice", invoice.TotalPrice() },
{ "totalPriceExTax", invoice.TotalPriceExTax() },
{ "totalTax", invoice.TotalTax() },
{ "prettyTotalPrice", invoice.PrettyTotalPrice() },
{ "prettyTotalPriceExVat", invoice.PrettyTotalPriceExTax() },
{ "prettyTotalTax", invoice.PrettyTotalTax() },
})));
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult GetCartTotals(string cartId, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Cart> carts = Program.db.Query <Cart>($"SELECT * FROM Cart WHERE id=$1;", new object[] { cartId });
if (carts.Count > 0)
{
Cart cart = carts.Last();
return(Ok((new Dictionary <string, object>()
{
{ "totalPrice", cart.TotalPrice() },
{ "totalPriceExTax", cart.TotalPriceExTax() },
{ "totalTax", cart.TotalTax() },
{ "prettyTotalPrice", cart.PrettyTotalPrice() },
{ "prettyTotalPriceExVat", cart.PrettyTotalPriceExTax() },
{ "prettyTotalTax", cart.PrettyTotalTax() },
})));
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public IActionResult DeleteInvoice(int id, [FromHeader] string token)
{
if (Logins.Verify(token, true) != null)
{
List <Invoice> invoices = Program.db.Query <Invoice>($"SELECT * FROM Invoice WHERE id='{id}';");
if (invoices.Count == 0)
{
return(NotFound());
}
Invoice invoice = invoices.First();
// If it is processed we need to check if it's older than 7 years to conform with regulations.
if (invoice.processedAt.AddYears(7) < DateTime.Now)
{
Program.db.Delete(invoice);
return(Ok());
}
else
{
return(BadRequest("Record cannot be deleted as it's younger than 7 years. To conform with regulations you are only allowed to delete an invoice after 7 years of the processing date."));
}
}
else
{
return(Unauthorized());
}
}
public ActionResult ArchiveContract(string id, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Contract> contracts = Program.db.Query <Contract>($"SELECT * FROM Contract WHERE id='{id}';");
if (contracts.Count > 0)
{
Contract c = contracts.First();
if (c.enabled == false && c.archived == true)
{
Program.db.Delete(c);
return(Ok());
}
else
{
c.archived = true;
c.enabled = false;
Program.db.Update(c);
return(Accepted("archived"));
}
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Contract> > SearchContract([FromBody] string query, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
// Prevent searching everything, else this would causes a major performance hit.
if (string.IsNullOrEmpty(query))
{
return(NotFound());
}
List <Contract> contracts = Program.db.Query <Contract>($"SELECT con.* FROM Contract as con, Customer as cust WHERE cust.familyName LIKE '%{query}%' OR cust.initials LIKE '%{query}%' OR cust.company LIKE '%{query}%';");
if (contracts.Count > 0)
{
return(contracts);
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public IActionResult NewContract([FromBody] Contract contract, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
if (contract.runDay >= 1 && contract.runDay <= 27 && contract.customerId > 0)
{
contract.enabled = true;
if (Program.db.Query <Customer>($"SELECT * FROM Customer WHERE id='{contract.customerId}';").Count == 0)
{
return(BadRequest($"Customer with id {contract.customerId} does not exist!"));
}
if (contract.start.Year == 1)
{
contract.start = DateTime.Now;
}
Program.db.Insert(contract);
return(Ok(contract));
}
else
{
return(BadRequest("Customer initials, family name and email are required fields!"));
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Contract> > UpdateContract(string id, [FromBody] Contract update, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Contract> contract = Program.db.Query <Contract>($"SELECT * FROM Contract WHERE id = '{id}';");
if (contract.Count > 0)
{
Contract i = contract.First();
if (update.customerId != 0)
{
if (Program.db.Query <Customer>($"SELECT * FROM Customer WHERE id='{update.customerId}';").Count == 0)
{
return(BadRequest($"Customer with id {update.customerId} does not exist!"));
}
}
if (update.runDay != 0 && update.runDay >= 1 && update.runDay <= 27)
{
i.runDay = update.runDay;
}
if (update.customerId != 0)
{
i.customerId = update.customerId;
}
if (update.period != 0)
{
i.period = update.period;
}
if (update.paymentMethod != 0)
{
i.paymentMethod = update.paymentMethod;
}
if (update.enabled != null)
{
i.enabled = update.enabled;
}
Program.db.Update(i);
return(Ok(i));
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Cart> > UpdateCartItemsCount(string id, [FromBody] Dictionary <string, int> items, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Cart> carts = Program.db.Query <Cart>($"SELECT * FROM Cart WHERE id='{id}';");
if (carts.Count > 0)
{
Cart c = carts.First();
List <ItemProperty> cartItems = c.items;
foreach (KeyValuePair <string, int> item in items)
{
// check if the item is already in the cart
if (cartItems.Any(c => c.id == Convert.ToInt32(item.Key)))
{
//if so just add/remove the amount
cartItems.FirstOrDefault(c => c.id == Convert.ToInt32(item.Key)).count += item.Value;
//if we are admin, only then we can accept negative returns.
LoginSession sess = Logins.Verify(token, true);
if (cartItems.FirstOrDefault(c => c.id == Convert.ToInt32(item.Key)).count <= 0)
{
if (sess != null)
{
}
else
{
return(Unauthorized("Only admins are allowed to accept returns."));
}
}
}
else
{
return(NotFound($"Cart does not contain item with id {item.Key}"));
}
}
c.itemsBlob = JsonSerializer.Serialize(cartItems);
Program.db.Update(c);
return(Ok(c));
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <User> > GetAll([FromHeader] string token)
{
// Check if user login
if (Logins.Verify(token, true) != null)
{
return(Program.db.Query <User>("SELECT id, displayName, username, isAdmin FROM User WHERE 1;"));
}
else
{
return(Unauthorized());
}
}
public ActionResult UpdateUser(int id, [FromBody] User raw, [FromHeader] string token)
{
// Check if user login
if (Logins.Verify(token, true) != null)
{
// Get the user to delete
User u = Users.getUserById(id);
// Make sure the user has been found
if (u == null)
{
return(NotFound());
}
// Update values of user if they are not null
if (raw.displayName != null)
{
u.displayName = raw.displayName;
}
if (raw.username != null)
{
u.username = raw.username;
}
if (raw.isAdmin != null)
{
u.isAdmin = raw.isAdmin;
}
if (raw.pinCode != null)
{
u.pinCode = raw.pinCode;
}
if (raw.Hash != null)
{
// Update the password
HashSalt hs = Utilities.GenerateSaltedHash(64, raw.Hash);
u.Hash = hs.Hash;
u.Salt = hs.Salt;
}
Program.db.Update(u);
return(Ok());
}
else
{
return(Unauthorized());
}
}
public ActionResult<IEnumerable<Item>> GetItem(string id, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List<Item> items = Items.getItem(id);
if (items.Count > 0)
return items;
else
return NotFound();
}
else
return Unauthorized();
}
public ActionResult<IEnumerable<Item>> GetItemRange(int count, int offset, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List<Item> items = Program.db.Query<Item>($"SELECT * FROM Item LIMIT {count} OFFSET {offset};");
if (items.Count > 0)
return items;
else
return NotFound();
}
else
return Unauthorized();
}
public ActionResult <IEnumerable <Cart> > UpdateCartItems(string id, [FromBody] string[] items, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Cart> carts = Program.db.Query <Cart>($"SELECT * FROM Cart WHERE id='{id}';");
if (carts.Count > 0)
{
Cart c = carts.First();
List <ItemProperty> cartItems = c.items;
foreach (string item in items)
{
// check if the item is already in the cart
if (!cartItems.Any(c => c.id == Convert.ToInt32(item)))
{
//if not so get the item details and add them to the cart while also adding the correct amount
ItemProperty rawItem = Program.db.Query <ItemProperty>($"SELECT * FROM Item WHERE id='{item}';").First();
//if this is null it means we try adding an item that didn't exist
if (rawItem == null)
{
return(NotFound($"Item with id {item} couldn't be found."));
}
//Create a new count property and add it to the cart items.
ItemProperty itemProp = rawItem;
itemProp.count = 1;
itemProp.multiplier = 1;
cartItems.Add(itemProp);
}
}
c.itemsBlob = JsonSerializer.Serialize(cartItems);
Program.db.Update(c);
return(Ok(c));
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public IActionResult NewItem([FromBody] Item item, [FromHeader] string token)
{
if (Logins.Verify(token, true) != null)
{
if (!string.IsNullOrEmpty(item.description) && item.margin != 0 && item.price != 0)
{
Program.db.Insert(item);
Program.db.Insert(new ItemStock() { id = item.id, stock = 0 });
return Ok(item);
}
else
return BadRequest("Item description, margin and price are required fields!");
}
else
return Unauthorized();
}
public ActionResult NewCart([FromBody] Cart c, [FromHeader] string token)
{
LoginSession session = Logins.Verify(token);
if (session != null)
{
c.id = Guid.NewGuid().ToString();
Program.db.Insert(c);
session.activeCartId = c.id;
Program.db.Update(session);
return(Ok(c));
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Contract> > UpdateContractItemsCount(int id, [FromBody] Dictionary <string, int> items, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Contract> contracts = Program.db.Query <Contract>($"SELECT * FROM Contract WHERE id='{id}';");
if (contracts.Count > 0)
{
Contract c = contracts.First();
List <ItemProperty> contractItems = c.items;
foreach (KeyValuePair <string, int> item in items)
{
// check if the item is already in the contract
if (contractItems.Any(c => c.id == Convert.ToInt32(item.Key)))
{
//if so just add/remove the amount
contractItems.FirstOrDefault(c => c.id == Convert.ToInt32(item.Key)).count += item.Value;
//if we have 0 or less added at the moment we will remove it from the contract as we can't sell negatives in contracts
if (contractItems.FirstOrDefault(c => c.id == Convert.ToInt32(item.Key)).count <= 0)
{
contractItems.Remove(contractItems.FirstOrDefault(c => c.id == Convert.ToInt32(item.Key)));
}
}
else
{
return(NotFound($"Contract does not contain item with id {item.Key}"));
}
}
c.itemsBlob = JsonSerializer.Serialize(contractItems);
Program.db.Update(c);
return(Ok(c));
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Cart> > UpdateCartItemsMultipliers(string id, [FromBody] Dictionary <string, int> items, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Cart> carts = Program.db.Query <Cart>($"SELECT * FROM Cart WHERE id='{id}';");
if (carts.Count > 0)
{
Cart c = carts.First();
List <ItemProperty> cartItems = c.items;
foreach (KeyValuePair <string, int> item in items)
{
// check if the item is already in the cart
if (cartItems.Any(c => c.id == Convert.ToInt32(item.Key)))
{
//if so just add/remove the amount
cartItems.FirstOrDefault(c => c.id == Convert.ToInt32(item.Key)).multiplier += item.Value;
//If the multiplier is 0 or below we will change it back to 1
if (cartItems.FirstOrDefault(c => c.id == Convert.ToInt32(item.Key)).multiplier <= 0)
{
cartItems.FirstOrDefault(c => c.id == Convert.ToInt32(item.Key)).multiplier = 1;
}
}
else
{
return(NotFound($"Cart does not contain item with id {item.Key}"));
}
}
c.itemsBlob = JsonSerializer.Serialize(cartItems);
Program.db.Update(c);
return(Ok(c));
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult<IEnumerable<Item>> SearchItem([FromBody] string query, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
// Prevent searching everything, else this would causes a major performance hit.
if (string.IsNullOrEmpty(query))
return NotFound();
List<Item> items = Program.db.Query<Item>($"SELECT * FROM Item WHERE barcode LIKE '%{query}%' OR description LIKE '%{query}%' OR supplier LIKE '%{query}%' OR category LIKE '%{query}%';");
if (items.Count > 0)
return items;
else
return NotFound();
}
else
return Unauthorized();
}
public ActionResult ProcessCartToInvoice(string id, [FromHeader] string token)
{
LoginSession sess = Logins.Verify(token);
if (sess != null)
{
List <Cart> carts = Program.db.Query <Cart>($"SELECT * FROM Cart WHERE id=$1;", new object[] { id });
Cart cart = carts.Count > 0 ? carts.Last() : null;
// Check if the cart id actually exists
if (cart == null)
{
return(NotFound());
}
Invoice invoice = new Invoice();
invoice.items = cart.items;
invoice.fields = cart.fields;
invoice.notice = cart.notice;
invoice.paymentMethod = cart.paymentMethod;
invoice.processedAt = DateTime.Now;
invoice.userId = sess.userId;
invoice.customerId = cart.customerId;
// If cart was not a template it means we should delete it once we processed it.
if (cart.isTemplate == false)
{
Program.db.Delete(cart);
}
// Clear the active cart in the session as we processed it.
sess.activeCartId = "";
Program.db.Update(sess);
Program.db.Insert(invoice);
return(Ok(invoice));
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Invoice> > GetInvoiceRange(int customerId, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Invoice> invoices = Program.db.Query <Invoice>($"SELECT * FROM Invoice WHERE customerId={customerId};");
if (invoices.Count > 0)
{
return(invoices);
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <Invoice> GetInvoice(int invoiceId, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Invoice> invoices = Program.db.Query <Invoice>($"SELECT * FROM Invoice WHERE id=$1;", new object[] { invoiceId });
if (invoices.Count > 0)
{
return(invoices.Last());
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Customer> > GetCustomerRange(int offset, int count, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Customer> customers = Program.db.Query <Customer>($"SELECT * FROM Customer LIMIT {count} OFFSET {offset};");
if (customers.Count > 0)
{
return(customers);
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Customer> > GetItem(string id, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Customer> customers = Program.db.Query <Customer>($"SELECT * FROM Customer WHERE id='{id}';");
if (customers.Count > 0)
{
return(customers);
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Cart> > GetItemRange(int count, int offset, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Cart> carts = Program.db.Query <Cart>($"SELECT * FROM Cart LIMIT $1 OFFSET $2;", new object[] { count, offset });
if (carts.Count > 0)
{
return(carts);
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}
public ActionResult GetCart(string id, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Cart> carts = Program.db.Query <Cart>($"SELECT * FROM Cart WHERE id=$1;", new object[] { id });
Cart cart = carts.Count > 0 ? carts.Last() : null;
// Check if the cart id actually exists
if (cart == null)
{
return(NotFound());
}
return(Ok(cart));
}
else
{
return(Unauthorized());
}
}
public ActionResult <IEnumerable <Contract> > GetAllCustomerContracts(string id, [FromHeader] string token)
{
if (Logins.Verify(token) != null)
{
List <Contract> contracts = Program.db.Query <Contract>($"SELECT * FROM Contract WHERE customerId='{id}';");
if (contracts.Count > 0)
{
return(contracts);
}
else
{
return(NotFound());
}
}
else
{
return(Unauthorized());
}
}