public override void RespondToRequest(User user,
System.Web.HttpRequest request,
System.Web.HttpResponse response,
IBabyDataSource DataSource)
{
Baby b=null;
if (!String.IsNullOrEmpty (request ["id"])) {
b = DataSource.ReadBaby (request ["id"], user);
}
switch (request.HttpMethod.ToUpper()) {
case "GET":
if(b!=null){
if (b.HasPermission (user.Username, Permission.Types.READ)) {
// b.Permissions = DataSource.GetPermissionsForBaby (b, user);
// b.Events = DataSource.GetEventsForBaby (b, user);
response.Write (b.ToJSON ());
} else {
throw new AuthException ("You don't have permission to view this baby's data");
}
} else {
throw new ArgumentNullException ("Argument 'id' not specified. POST to CREATE a BABY or use and id.");
}
break;
case "POST":
b = new Baby();
b.Name = request["name"];
b.Sex = request["sex"];
b.IsPublic = request["public"] =="Y";
DateTime.TryParse(request["dob"], out b.DOB);
b.Image = request["image"];
if(String.IsNullOrEmpty(request["id"])){
Baby fromDb = DataSource.CreateBaby(b,user);
response.Write (fromDb.ToJSON ());
}
else{
if (b.HasPermission (user.Username, Permission.Types.PARENT)) {
b.Id = request ["id"];
DataSource.SaveBaby (b, user);
} else {
throw new AuthException ("Only users with the parent role can update baby details.");
}
}
break;
default:
throw new NotSupportedException ("Unsupported HTTP Method");
break;
}
}
public bool SaveBaby(Baby baby, User user)
{
SqliteCommand cmd = new SqliteCommand (SAVE_BABY, db);
if (db.State != System.Data.ConnectionState.Open) {
db.Open ();
}
cmd.Parameters.AddWithValue ("@Id", baby.Id);
cmd.Parameters.AddWithValue("@name",baby.Name);
cmd.Parameters.AddWithValue("@image",baby.Image);
cmd.Parameters.AddWithValue("@sex",baby.Sex);
cmd.Parameters.AddWithValue("@dateofbirth",baby.DOB.ToString(DB_DATE_FORMAT));
cmd.Parameters.AddWithValue("@ispublic",baby.IsPublic);
int items = cmd.ExecuteNonQuery();
return items > 0;
}
public Baby ReadBaby(string Id, User user)
{
Baby b = new Baby ();
SqliteCommand cmd = new SqliteCommand (READ_BABY, db);
if (db.State != System.Data.ConnectionState.Open) {
db.Open ();
}
cmd.Parameters.AddWithValue ("@Id", Id);
SqliteDataReader r = cmd.ExecuteReader ();
if (r.Read ()) {
b.Id = Id;
b.DOB = DateTime.ParseExact (r ["DateOfBirth"].ToString (),
DB_DATE_FORMAT,
CultureInfo.InvariantCulture);
b.Name = r ["Name"].ToString ();
b.Image = r ["Image"].ToString ();
b.Sex = r ["Sex"].ToString ();
b.IsPublic = r ["IsPublic"].ToString () == "1";
} else {
throw new ArgumentException ("No baby found for that id. ");
}
r.Close();
return b;
}
public List<Permission> GetPermissionsForBaby(Baby baby, User user)
{
List<Permission> Permissions = new List<Permission> ();
SqliteCommand cmd = new SqliteCommand (READ_BABY_PERMISSIONS, this.db);
cmd.Parameters.AddWithValue ("@id", baby.Id);
SqliteDataReader r = cmd.ExecuteReader ();
while (r.Read ()) {
Permission p = new Permission ();
int.TryParse (r ["Id"].ToString (),out p.Id);
p.Added = DateTime.ParseExact(r ["Added"].ToString (),
DB_DATE_FORMAT,
CultureInfo.InvariantCulture );
p.BabyId = r ["BabyId"].ToString ();
p.Type = (Permission.Types)int.Parse (r ["Type"].ToString ());
p.Username = r ["Username"].ToString ();
Permissions.Add (p);
}
r.Close ();
return Permissions;
}
public List<BabyEvent> GetEventsForBaby(Baby baby, User user ,Filter filter)
{
List<BabyEvent> Events = new List<BabyEvent> ();
SqliteCommand cmd = new SqliteCommand (READ_BABY_EVENTS, this.db);
cmd.Parameters.AddWithValue ("@id", baby.Id);
cmd.CommandText = cmd.CommandText.Replace ("ORDER BY Reported DESC", "");
if (filter.Start > DateTime.MinValue) {
cmd.CommandText += " AND Reported >= @start ";
cmd.Parameters.AddWithValue ("@start", filter.Start);
}
if (filter.End > DateTime.MinValue) {
cmd.CommandText += " AND Reported <= @end ";
cmd.Parameters.AddWithValue ("@end", filter.End);
}
if (!String.IsNullOrEmpty (filter.EventType)) {
switch(filter.Match){
case Filter.Matches.EQUAL:
cmd.CommandText += " AND Type = @type ";
cmd.Parameters.AddWithValue ("@type", filter.EventType);
break;
case Filter.Matches.LIKE:
cmd.CommandText += " AND Type like @type ";
cmd.Parameters.AddWithValue ("@type", filter.EventType);
break;
case Filter.Matches.NOT_EQUAL:
cmd.CommandText += " AND Type like @type ";
cmd.Parameters.AddWithValue ("@type", filter.EventType);
break;
}
}
cmd.CommandText += " ORDER BY Reported DESC ";
if (filter.Count > 0) {
cmd.CommandText += " LIMIT @count ";
cmd.Parameters.AddWithValue ("@count", filter.Count);
if (filter.Offset > 0 ) {
cmd.CommandText += " OFFSET @offset ";
cmd.Parameters.AddWithValue("@offset", filter.Offset);
}
}
SqliteDataReader r = cmd.ExecuteReader ();
while (r.Read ()) {
BabyEvent be = new BabyEvent ();
int.TryParse (r ["Id"].ToString (),out be.Id );
be.ReportUser = r ["Username"].ToString ();
be.BabyId = r ["BabyId"].ToString ();
be.ReportTime = DateTime.ParseExact(r ["Reported"].ToString (),
DB_DATE_FORMAT,
CultureInfo.InvariantCulture
);
be.Type = r ["Type"].ToString ();
be.Subtype = r ["Subtype"].ToString ();
be.Details = r ["Details"].ToString ();
Events.Add (be);
}
r.Close ();
return Events;
}
public List<BabyEvent> GetEventsForBaby(Baby baby, User user)
{
return GetEventsForBaby (baby, user, Filter.Empty);
}
public Baby CreateBaby(Baby baby, User user)
{
Baby b = baby;
SqliteCommand cmd = new SqliteCommand (CREATE_BABY, db);
if (db.State != System.Data.ConnectionState.Open) {
db.Open ();
}
if (String.IsNullOrEmpty (baby.Id)) {
Random r = new Random ();
//TODO Collision Checks
byte[] id =new byte[BABY_ID_LENGTH];
r.NextBytes (id);
b.Id = Convert.ToBase64String (id)
.Replace ('+', '-')
.Replace('/','_')
.TrimEnd(new char[]{'='});
cmd.Parameters.AddWithValue ("@Id",b.Id);
} else {
cmd.Parameters.AddWithValue ("@Id", baby.Id);
}
cmd.Parameters.AddWithValue("@name",b.Name);
cmd.Parameters.AddWithValue("@image",b.Image);
cmd.Parameters.AddWithValue("@sex",b.Sex);
cmd.Parameters.AddWithValue("@dateofbirth",b.DOB.ToString(DB_DATE_FORMAT));
cmd.Parameters.AddWithValue("@ispublic",b.IsPublic);
bool saved = cmd.ExecuteNonQuery () > 0;
if (saved) {
Permission p = new Permission (b.Id,user.Username,Permission.Types.PARENT);
this.CreatePermission (p,user);
b.Permissions.Add (p);
BabyEvent be = new BabyEvent (b.Id, user.Username, "INFO", "CREATED");
this.CreateBabyEvent (be, user);
b.Events.Add (be);
return b;
}
return new Baby();
}
