public HttpStatusCode AddRatingToDeck(string deckId, [FromBody] RatingData rating) { //if the request has an invalid body if (!ModelState.IsValid) { throw new HttpResponseException(HttpStatusCode.BadRequest); } //make sure the user is logged in if (!User.Identity.IsAuthenticated) { throw new HttpResponseException(HttpStatusCode.Forbidden); } //get the user var getUserTask = UserManager.GetUserAsync(HttpContext.User); Task.WaitAny(getUserTask); var user = getUserTask.Result; //get the deck to rate DeckModel deck; try { deck = NoSqlService.GetDeckById(deckId); } catch (HttpResponseException e) { throw e; } //make sure the deck is public, and make sure that if the deck is public, the deck doesn't belong to the user if (!deck.IsPublic || (string.Compare(deck.Creator, user.UserName, StringComparison.CurrentCulture) == 0)) { throw new HttpResponseException(HttpStatusCode.Forbidden); } //set the username to the rating object rating.UserName = user.UserName; //since the user is allowed to, let them rate the deck, HttpStatusCode result; try { result = NoSqlService.RateDeckGetDeckById(deckId, rating); } catch (HttpResponseException e) { throw e; } return(result); }
public HttpStatusCode AddCommentToDeck(string deckId, [FromBody] CommentData comment) { //make sure the user is logged in to comment if (!User.Identity.IsAuthenticated) { throw new HttpResponseException(HttpStatusCode.Forbidden); } //get the deck to delete DeckModel deck; try { deck = NoSqlService.GetDeckById(deckId); } catch (HttpResponseException e) { throw e; } //get the user var getUserTask = UserManager.GetUserAsync(HttpContext.User); Task.WaitAny(getUserTask); var user = getUserTask.Result; //make sure the deck is public, you can only comment on public decks if you don't own them if (!deck.IsPublic && (string.Compare(deck.Creator, user.UserName, StringComparison.CurrentCulture) != 0)) { throw new HttpResponseException(HttpStatusCode.Forbidden); } //add the username to the comment data comment.Commenter = user.UserName; //add the current date to the comment comment.CommentDate = DateTime.Now; //save the comment HttpStatusCode result; try { result = NoSqlService.AddCommentToDeck(comment, deckId); } catch (HttpResponseException e) { throw e; } return(result); }
public HttpStatusCode DeleteDeckById(string id) { //make sure the user is logged in if (!User.Identity.IsAuthenticated) { throw new HttpResponseException(HttpStatusCode.Forbidden); } //get the user var getUserTask = UserManager.GetUserAsync(HttpContext.User); Task.WaitAny(getUserTask); var user = getUserTask.Result; //get the deck to delete DeckModel deck; try { deck = NoSqlService.GetDeckById(id); } catch (HttpResponseException e) { throw e; } //make sure that the deck belongs to the user if (string.Compare(user.UserName, deck.Creator, StringComparison.CurrentCulture) != 0) { throw new HttpResponseException(HttpStatusCode.Forbidden); } //delete the deck return(NoSqlService.DeleteDeck(id)); }
public HttpStatusCode Put(string id, [FromBody] DeckModel deckModel) { //if the request has an invalid body if (!ModelState.IsValid) { throw new HttpResponseException(HttpStatusCode.BadRequest); } //make sure the user is logged in if (!User.Identity.IsAuthenticated) { throw new HttpResponseException(HttpStatusCode.Forbidden); } //get the user var getUserTask = UserManager.GetUserAsync(HttpContext.User); Task.WaitAny(getUserTask); var user = getUserTask.Result; //get the current deck with the requested id DeckModel deck; try { deck = NoSqlService.GetDeckById(id); } catch { throw new HttpResponseException(HttpStatusCode.InternalServerError); } //make sure the deck belongs to the current user if (string.Compare(deck.Creator, user.UserName, StringComparison.CurrentCulture) != 0) { throw new HttpResponseException(HttpStatusCode.Forbidden); } //set the Creator to the current user deckModel.Creator = user.UserName; //work out the colour spread of the deck deckModel.ColourSpread = DeckBuilderHelper.CalculateColourSpread(deckModel.Cards); //set the creation time to now deckModel.CreationDate = deck.CreationDate; //copy the comments over deckModel.Comments = deck.Comments; //copy the ratings over deckModel.Ratings = deck.Ratings; //update the deck with the new data HttpStatusCode statusCode; try { statusCode = NoSqlService.UpdateDeckById(id, deckModel); } catch { throw new HttpResponseException(HttpStatusCode.InternalServerError); } return(statusCode); }