Example #1
0
        public FTSDTOForAdmin Create(int formId, string teacherId, int subjectId)
        {
            Form foundForm = formsService.GetByID(formId);

            if (foundForm == null)
            {
                throw new HttpException("The Form with id: " + formId + " was not found");
            }

            if (foundForm.Started.AddDays(360).CompareTo(DateTime.UtcNow) < 0)
            {
                throw new HttpException("The Form with id: " + formId + " was not created for this shool year. " +
                                        "This form is from: " + foundForm.Started.Year + ". Classes must be assign to a form from this school year.");
            }

            TeacherToSubject foundTeacherToSubject = teachersToSubjectsService.GetActiveTeacherToSubjectByTeacherIdAndSubjectId(teacherId, subjectId);

            if (foundForm.Grade != foundTeacherToSubject.Subject.Grade)
            {
                throw new HttpException("The subject and teacher combination with id: " + foundTeacherToSubject.Id + " has " +
                                        "the subject that is taught in grade " + foundTeacherToSubject.Subject.Grade +
                                        "and it can not be assigned to the grade " + foundForm.Grade + " in form " + foundForm.Id);
            }

            FormToTeacherSubject duplicate = db.FormsToTeacherSubjectsRepository.GetDuplicate(foundForm.Id, foundTeacherToSubject.Id);

            if (duplicate != null)
            {
                throw new HttpException("The combination form-teacher-subject you are trying to create already exists - FTS Id: " + duplicate.Id);
            }

            FormToTeacherSubject fts = new FormToTeacherSubject
            {
                Form             = foundForm,
                TeacherToSubject = foundTeacherToSubject,
                Started          = DateTime.UtcNow,
                Stopped          = null
            };

            db.FormsToTeacherSubjectsRepository.Insert(fts);
            db.Save();

            FTSDTOForAdmin dto = toDTO.ConvertToFTSDTOForAdmin(fts);

            return(dto);
        }
Example #2
0
        public async Task <StudentDTOForAdmin> Update(string id, PutStudentDTO updated)
        {
            Student found = db.StudentsRepository.GetByID(id);

            if (found == null)
            {
                throw new HttpException("The student with id: " + id + " was not found.");
            }
            if (updated.UserName != null)
            {
                ApplicationUser foundByUserName = await usersService.FindUserByUserName(updated.UserName);

                if (foundByUserName != null && foundByUserName.Id != found.Id)
                {
                    throw new HttpException("The username " + updated.UserName + " already exists.");
                }
                found.UserName = updated.UserName;
            }
            if (updated.Jmbg != null)
            {
                ApplicationUser foundByJmbg = usersService.GetByJmbg(updated.Jmbg);
                if (foundByJmbg != null && foundByJmbg.Id != found.Id)
                {
                    throw new HttpException("The user with JMBG: " + updated.Jmbg + " is already in the sistem." +
                                            "Leave blank if you don't want to change the JMBG.");
                }
            }
            if (updated.FirstName != null)
            {
                found.FirstName = updated.FirstName;
            }
            if (updated.LastName != null)
            {
                found.LastName = updated.LastName;
            }
            if (updated.Email != null)
            {
                found.Email = updated.Email;
            }
            if (updated.EmailConfirmed != null)
            {
                found.EmailConfirmed = (bool)updated.EmailConfirmed;
            }
            if (updated.PhoneNumber != null)
            {
                found.PhoneNumber = updated.PhoneNumber;
            }
            if (updated.PhoneNumberConfirmed != null)
            {
                found.PhoneNumberConfirmed = (bool)updated.PhoneNumberConfirmed;
            }
            if (updated.DayOfBirth != null)
            {
                found.DayOfBirth = (DateTime)updated.DayOfBirth;
            }
            if (updated.IsActive != null)
            {
                found.IsActive = (bool)updated.IsActive;
            }
            if (updated.FormId != null)
            {
                Form foundForm = formsService.GetByID((int)updated.FormId);

                if (foundForm == null)
                {
                    throw new HttpException("The Form with id: " + updated.FormId + " was not found.");
                }

                if (foundForm.Started.AddDays(360).CompareTo(DateTime.UtcNow) < 0)
                {
                    throw new HttpException("The Form with id: " + id + " was not created for this shool year. " +
                                            "This form is from: " + foundForm.Started.Year + ". Students must be assign to a form from this school year.");
                }

                found.Form = foundForm;
            }

            db.StudentsRepository.Update(found);
            db.Save();

            emailsService.CreateMailForUserUpdate(found.Id);
            emailsService.CreateMailForParentForStudentUpdate(found.Id);

            StudentDTOForAdmin updatedDTO = new StudentDTOForAdmin();

            updatedDTO = toDTO.ConvertToStudentDTOForAdmin(found, (List <IdentityUserRole>)found.Roles);

            return(updatedDTO);
        }
Example #3
0
        public HttpResponseMessage GetForm(int id)
        {
            string userId   = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
            string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value;

            logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Form by id: " + id);

            try
            {
                Form form = formsService.GetByID(id);

                if (form == null)
                {
                    logger.Info("The form with id: " + id + " was not found.");
                    return(Request.CreateResponse(HttpStatusCode.BadRequest, "The form with id: " + id + " was not found."));
                }
                if (userRole == "admin")
                {
                    logger.Info("Requesting found form convert for " + userRole + "role.");
                    FormDTOForAdmin dto = toDTO.ConvertToFormDTOForAdmin(form);
                    if (dto == null)
                    {
                        logger.Info("Failed!");
                        return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
                    }
                    logger.Info("Success!");
                    return(Request.CreateResponse(HttpStatusCode.OK, dto));
                }
                else if (userRole == "teacher")
                {
                    logger.Info("Requesting found form convert for " + userRole + "role.");
                    FormDTOForTeacher dto = toDTO.ConvertToFormDTOForTeacher(form);
                    if (dto == null)
                    {
                        logger.Info("Failed!");
                        return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
                    }
                    logger.Info("Success!");
                    return(Request.CreateResponse(HttpStatusCode.OK, dto));
                }
                else if (form.Students.Any(x => x.Id == userId) == true ||
                         form.Students.Any(x => x.Parent.Id == userId) == true)
                {
                    logger.Info("Requesting found form convert for " + userRole + " role.");
                    FormDTOForStudentAndParents dto = toDTO.ConvertToFormDTOForStudentAndParent(form);
                    if (dto == null)
                    {
                        logger.Info("Failed!");
                        return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
                    }
                    logger.Info("Success!");
                    return(Request.CreateResponse(HttpStatusCode.OK, dto));
                }
                else
                {
                    logger.Info("Authorisation failure. User " + userId + " is not authorised for this request.");
                    return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " +
                                                       "We’re sorry, but you are not authorized to perform the requested operation."));
                }
            }
            catch (Exception e)
            {
                logger.Error(e);
                return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
            }
        }