public override void RespondToRequest(User user, System.Web.HttpRequest request, System.Web.HttpResponse response, IBabyDataSource DataSource) { Baby b=null; if (!String.IsNullOrEmpty (request ["id"])) { b = DataSource.ReadBaby (request ["id"], user); } switch (request.HttpMethod.ToUpper()) { case "GET": if(b!=null){ if (b.HasPermission (user.Username, Permission.Types.READ)) { // b.Permissions = DataSource.GetPermissionsForBaby (b, user); // b.Events = DataSource.GetEventsForBaby (b, user); response.Write (b.ToJSON ()); } else { throw new AuthException ("You don't have permission to view this baby's data"); } } else { throw new ArgumentNullException ("Argument 'id' not specified. POST to CREATE a BABY or use and id."); } break; case "POST": b = new Baby(); b.Name = request["name"]; b.Sex = request["sex"]; b.IsPublic = request["public"] =="Y"; DateTime.TryParse(request["dob"], out b.DOB); b.Image = request["image"]; if(String.IsNullOrEmpty(request["id"])){ Baby fromDb = DataSource.CreateBaby(b,user); response.Write (fromDb.ToJSON ()); } else{ if (b.HasPermission (user.Username, Permission.Types.PARENT)) { b.Id = request ["id"]; DataSource.SaveBaby (b, user); } else { throw new AuthException ("Only users with the parent role can update baby details."); } } break; default: throw new NotSupportedException ("Unsupported HTTP Method"); break; } }
public bool SaveBaby(Baby baby, User user) { SqliteCommand cmd = new SqliteCommand (SAVE_BABY, db); if (db.State != System.Data.ConnectionState.Open) { db.Open (); } cmd.Parameters.AddWithValue ("@Id", baby.Id); cmd.Parameters.AddWithValue("@name",baby.Name); cmd.Parameters.AddWithValue("@image",baby.Image); cmd.Parameters.AddWithValue("@sex",baby.Sex); cmd.Parameters.AddWithValue("@dateofbirth",baby.DOB.ToString(DB_DATE_FORMAT)); cmd.Parameters.AddWithValue("@ispublic",baby.IsPublic); int items = cmd.ExecuteNonQuery(); return items > 0; }
public Baby ReadBaby(string Id, User user) { Baby b = new Baby (); SqliteCommand cmd = new SqliteCommand (READ_BABY, db); if (db.State != System.Data.ConnectionState.Open) { db.Open (); } cmd.Parameters.AddWithValue ("@Id", Id); SqliteDataReader r = cmd.ExecuteReader (); if (r.Read ()) { b.Id = Id; b.DOB = DateTime.ParseExact (r ["DateOfBirth"].ToString (), DB_DATE_FORMAT, CultureInfo.InvariantCulture); b.Name = r ["Name"].ToString (); b.Image = r ["Image"].ToString (); b.Sex = r ["Sex"].ToString (); b.IsPublic = r ["IsPublic"].ToString () == "1"; } else { throw new ArgumentException ("No baby found for that id. "); } r.Close(); return b; }
public List<Permission> GetPermissionsForBaby(Baby baby, User user) { List<Permission> Permissions = new List<Permission> (); SqliteCommand cmd = new SqliteCommand (READ_BABY_PERMISSIONS, this.db); cmd.Parameters.AddWithValue ("@id", baby.Id); SqliteDataReader r = cmd.ExecuteReader (); while (r.Read ()) { Permission p = new Permission (); int.TryParse (r ["Id"].ToString (),out p.Id); p.Added = DateTime.ParseExact(r ["Added"].ToString (), DB_DATE_FORMAT, CultureInfo.InvariantCulture ); p.BabyId = r ["BabyId"].ToString (); p.Type = (Permission.Types)int.Parse (r ["Type"].ToString ()); p.Username = r ["Username"].ToString (); Permissions.Add (p); } r.Close (); return Permissions; }
public List<BabyEvent> GetEventsForBaby(Baby baby, User user ,Filter filter) { List<BabyEvent> Events = new List<BabyEvent> (); SqliteCommand cmd = new SqliteCommand (READ_BABY_EVENTS, this.db); cmd.Parameters.AddWithValue ("@id", baby.Id); cmd.CommandText = cmd.CommandText.Replace ("ORDER BY Reported DESC", ""); if (filter.Start > DateTime.MinValue) { cmd.CommandText += " AND Reported >= @start "; cmd.Parameters.AddWithValue ("@start", filter.Start); } if (filter.End > DateTime.MinValue) { cmd.CommandText += " AND Reported <= @end "; cmd.Parameters.AddWithValue ("@end", filter.End); } if (!String.IsNullOrEmpty (filter.EventType)) { switch(filter.Match){ case Filter.Matches.EQUAL: cmd.CommandText += " AND Type = @type "; cmd.Parameters.AddWithValue ("@type", filter.EventType); break; case Filter.Matches.LIKE: cmd.CommandText += " AND Type like @type "; cmd.Parameters.AddWithValue ("@type", filter.EventType); break; case Filter.Matches.NOT_EQUAL: cmd.CommandText += " AND Type like @type "; cmd.Parameters.AddWithValue ("@type", filter.EventType); break; } } cmd.CommandText += " ORDER BY Reported DESC "; if (filter.Count > 0) { cmd.CommandText += " LIMIT @count "; cmd.Parameters.AddWithValue ("@count", filter.Count); if (filter.Offset > 0 ) { cmd.CommandText += " OFFSET @offset "; cmd.Parameters.AddWithValue("@offset", filter.Offset); } } SqliteDataReader r = cmd.ExecuteReader (); while (r.Read ()) { BabyEvent be = new BabyEvent (); int.TryParse (r ["Id"].ToString (),out be.Id ); be.ReportUser = r ["Username"].ToString (); be.BabyId = r ["BabyId"].ToString (); be.ReportTime = DateTime.ParseExact(r ["Reported"].ToString (), DB_DATE_FORMAT, CultureInfo.InvariantCulture ); be.Type = r ["Type"].ToString (); be.Subtype = r ["Subtype"].ToString (); be.Details = r ["Details"].ToString (); Events.Add (be); } r.Close (); return Events; }
public List<BabyEvent> GetEventsForBaby(Baby baby, User user) { return GetEventsForBaby (baby, user, Filter.Empty); }
public Baby CreateBaby(Baby baby, User user) { Baby b = baby; SqliteCommand cmd = new SqliteCommand (CREATE_BABY, db); if (db.State != System.Data.ConnectionState.Open) { db.Open (); } if (String.IsNullOrEmpty (baby.Id)) { Random r = new Random (); //TODO Collision Checks byte[] id =new byte[BABY_ID_LENGTH]; r.NextBytes (id); b.Id = Convert.ToBase64String (id) .Replace ('+', '-') .Replace('/','_') .TrimEnd(new char[]{'='}); cmd.Parameters.AddWithValue ("@Id",b.Id); } else { cmd.Parameters.AddWithValue ("@Id", baby.Id); } cmd.Parameters.AddWithValue("@name",b.Name); cmd.Parameters.AddWithValue("@image",b.Image); cmd.Parameters.AddWithValue("@sex",b.Sex); cmd.Parameters.AddWithValue("@dateofbirth",b.DOB.ToString(DB_DATE_FORMAT)); cmd.Parameters.AddWithValue("@ispublic",b.IsPublic); bool saved = cmd.ExecuteNonQuery () > 0; if (saved) { Permission p = new Permission (b.Id,user.Username,Permission.Types.PARENT); this.CreatePermission (p,user); b.Permissions.Add (p); BabyEvent be = new BabyEvent (b.Id, user.Username, "INFO", "CREATED"); this.CreateBabyEvent (be, user); b.Events.Add (be); return b; } return new Baby(); }