public IActionResult AddReservation([FromServices] IEmailService emailservice, DateTime StartTime, DateTime EndTime, string Description, int RoomID, bool Force = false) { if (StartTime == null || EndTime == null || Description == null) { return(BadRequest("Fields missing")); } if (StartTime > EndTime) { return(BadRequest("StartTime is before EndTime")); } var rooms = _context.Rooms.Where(x => x.Id == RoomID); if (!rooms.Any()) { return(BadRequest("Room does not exist")); } var room = rooms.First(); var Owner = Models.User.FromClaims(User.Claims, _context); lock (_context.ReservationLock) //lock all intersection checking and reservation writing logic to prevent changes to the database during the checking phase { var intersections = FindIntersections(StartTime, EndTime, room); if (intersections.Count() == 0) //No intersections with other reservations, add it { return(Ok(createreservation(StartTime, EndTime, Description, Owner, room).ToString())); } if (!intersections.All(x => x.IsMutable == true)) //intersection with an immutable reservation { return(new ObjectResult("Conflict: Overlaps with an immutable reservation.") { StatusCode = 409 }); } if (!Force) { return(new ObjectResult("Conflict: There is overlap with existing reservations, please set 'Force' to true in your request if you wish to forcibly insert it.") { StatusCode = 409 }); } if (Authorization.AIsBOrHigher(Owner.Role, Role.ServiceDesk)) //service desk or higher can always forcibly add reservations { return(Ok(OverrideAddReservation(emailservice, intersections, StartTime, EndTime, Description, Owner, room).ToString())); } var _intersectionowners = (from x in intersections select x.Participants).SelectMany(x => x).Where(x => x.IsOwner).Select(x => x.UserID); var _intersectionownerLevels = (from x in _intersectionowners select _context.Users.Where(z => z.Id == x).First().Role); if (!_intersectionownerLevels.All(x => Authorization.AIsHigherThanB(Owner.Role, x))) //intersections with reservation from people of higher or equal level { return(new ObjectResult("Conflict: Overlaps with a reservation with owner of equal or higher level.") { StatusCode = 409 }); } return(Ok(OverrideAddReservation(emailservice, intersections, StartTime, EndTime, Description, Owner, room).ToString())); //intersections with reservations from people with lower level } }
private bool CanEditReservation(Reservation reservation, User actor) { if (reservation.Participants.Where(x => x.IsOwner).Where(x => x.UserID == actor.Id).Count() != 1) { if (!Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk)) { return(false); } } return(true); }
public IActionResult AddParticipants([FromServices] IEmailService emailservice, List <int> userAsOwner, List <int> userAsParticipant, int reservationid) { if (userAsParticipant == null) { userAsParticipant = new List <int>(); } if (userAsOwner == null) { userAsOwner = new List <int>(); } var UserIds = new List <Tuple <int, bool> >(); foreach (var item in userAsOwner) { UserIds.Add(new Tuple <int, bool>(item, true)); } foreach (var item in userAsParticipant) { UserIds.Add(new Tuple <int, bool>(item, false)); } //Check if user is owner or service desk member or higher var owner = Models.User.FromClaims(User.Claims, _context); var _reservation = _context.Reservations.Where(x => x.Id == reservationid).Include(x => x.Participants).Include(x => x.ParticipantChanges); if (_reservation.Count() != 1) { return(BadRequest("Could not find reservation")); } var reservation = _reservation.First(); if (!Authorization.AIsBOrHigher(owner.Role, Role.ServiceDesk)) { if (reservation.Participants.Where(x => x.UserID == owner.Id).Where(x => x.IsOwner).Count() != 1) { return(Unauthorized()); } } var users = from id in UserIds select new Tuple <User, bool>(_context.Users.Where(x => x.Id == id.Item1).FirstOrDefault(), id.Item2); if (!users.All(x => x.Item1 != null)) { return(BadRequest("A user could not be found")); } foreach (var user in users) { InviteUser(emailservice, owner, user.Item1, user.Item2, reservation); } return(Ok("Succesfull added or updated users")); }
public IActionResult AddParticipants(List <Tuple <int, bool> > UserIds, int reservationid) { //Check if user is owner or service desk member or higher var owner = Models.User.FromClaims(User.Claims); var _reservation = _context.Reservations.Where(x => x.Id == reservationid).Include(x => x.Participants).Include(x => x.ParticipantChanges); if (_reservation.Count() != 1) { Response.StatusCode = 400; return(Content("Could not find reservation")); } var reservation = _reservation.First(); if (reservation.Participants.Where(x => x.UserID == owner.Id).Where(x => x.IsOwner).Count() != 1 || Authorization.AIsBOrHigher(owner.Role, Role.ServiceDesk)) { Response.StatusCode = 401; return(Content("You are not the owner of this reservation, nor are you a service desk member or higher")); } if (UserIds == null) { Response.StatusCode = 400; return(Content("UserId's cannot be empty")); } var users = from id in UserIds select new Tuple <User, bool>(_context.Users.Find(id.Item1), id.Item2); if (!users.All(x => x.Item1 != null)) { Response.StatusCode = 400; return(Content("A user could not be found")); } foreach (var user in users) { InviteUser(owner, user.Item1, user.Item2, reservation); } return(Content("Succesfull added or updated users")); }
public IActionResult ChangeReservation(int ReservationID, DateTime?StartTime, DateTime?EndTime, string Description, int?RoomID, bool?isactive, bool Force = false) { User actor = Models.User.FromClaims(User.Claims); Room room = null; if (RoomID.HasValue) { room = _context.Rooms.Find(RoomID.Value); if (room == null) { Response.StatusCode = 400; return(Content("RoomID could not be found")); } } lock (ReservationLock) { var _reservation = _context.Reservations.Where(x => x.Id == ReservationID).Include(x => x.Participants); Reservation reservation = null; if (_reservation.Count() != 0) { Response.StatusCode = 400; return(Content("Reservation could not be found")); } reservation = _reservation.First(); if (reservation.Participants.Where(x => x.IsOwner).Where(x => x.UserID == actor.Id).Count() != 1) { if (!Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk)) { Response.StatusCode = 401; return(Content("You are not an owner of this reservation, nor are you a service desk employee or higher.")); } } var reservationchange = reservation.GenerateChangeCopy(actor); DateTime start; if (StartTime.HasValue) { start = StartTime.Value; } else { start = reservation.StartDate; } DateTime end; if (EndTime.HasValue) { end = EndTime.Value; } else { end = reservation.EndDate; } if (start > end) { Response.StatusCode = 400; return(Content("Startdate cannot come before end date")); } var intersections = FindIntersections(start, end); if (intersections.Count() <= 1) { return(_ChangeReservation(isactive, reservation, start, end, room, Description, reservationchange)); } else { intersections = intersections.Where(x => x.Id != reservation.Id); //remove self if (!Force) { Response.StatusCode = 400; return(Content("There is overlap with existing reservations, please set 'Force' to true in your request if you wish to forcibly insert it.")); } if (Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk)) //service desk or higher can always forcibly change reservations { return(_ForceChangeReservation(isactive, reservation, start, end, room, Description, reservationchange, actor, intersections)); } var _intersectionowners = (from x in intersections select x.Participants).SelectMany(x => x).Where(x => x.IsOwner).Select(x => x.UserID); var _intersectionownerLevels = (from x in _intersectionowners select _context.Users.Find(x).Role); if (!_intersectionownerLevels.All(x => Authorization.AIsHigherThanB(actor.Role, x))) //intersections with reservation from people of higher or equal level { Response.StatusCode = 400; return(Content("Overlaps with a reservation with owner of equal or higher level.")); } return(_ForceChangeReservation(isactive, reservation, start, end, room, Description, reservationchange, actor, intersections)); //intersections with reservations from people with lower level } } }
public IActionResult RemoveParticipants(List <int> UserIds, int reservationid) { var owner = Models.User.FromClaims(User.Claims); var _reservation = _context.Reservations.Where(x => x.Id == reservationid).Include(x => x.Participants).Include(x => x.ParticipantChanges); if (_reservation.Count() != 1) { Response.StatusCode = 400; return(Content("Could not find reservation")); } var reservation = _reservation.First(); if (reservation.Participants.Where(x => x.UserID == owner.Id).Where(x => x.IsOwner).Count() != 1 || Authorization.AIsBOrHigher(owner.Role, Role.ServiceDesk)) { Response.StatusCode = 401; return(Content("You are not the owner of this reservation, nor are you a service desk member or higher")); } if (UserIds == null) { Response.StatusCode = 400; return(Content("UserId's cannot be empty")); } var users = from id in UserIds select _context.Users.Find(id); if (!users.All(x => x != null)) { Response.StatusCode = 400; return(Content("A user could not be found")); } foreach (var user in users) { RemoveUser(owner, user, reservation); } _context.SaveChanges(); return(Ok(users.ToList())); }
public IActionResult ChangeReservation([FromServices] IEmailService emailservice, int ReservationID, DateTime?StartTime, DateTime?EndTime, string Description, int?RoomID, bool?isactive, bool Force = false) { User actor = Models.User.FromClaims(User.Claims, _context); Room room = null; if (RoomID.HasValue) { var rooms = _context.Rooms.Where(x => x.Id == RoomID.Value); if (!rooms.Any()) { return(BadRequest("RoomID could not be found")); } room = rooms.First(); } lock (_context.ReservationLock) { var _reservation = _context.Reservations.Where(x => x.Id == ReservationID).Include(x => x.Participants).Include(x => x.Room); Reservation reservation = null; if (_reservation.Count() == 0) { return(BadRequest("Reservation could not be found")); } reservation = _reservation.First(); if (room == null) { room = reservation.Room; } if (reservation.Participants.Where(x => x.IsOwner).Where(x => x.UserID == actor.Id).Count() != 1) { if (!Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk)) { return(Unauthorized()); } } var reservationchange = reservation.GenerateChangeCopy(actor); DateTime start; if (StartTime.HasValue) { start = StartTime.Value; } else { start = reservation.StartDate; } DateTime end; if (EndTime.HasValue) { end = EndTime.Value; } else { end = reservation.EndDate; } if (start > end) { return(BadRequest("Startdate cannot come before end date")); } var intersections = FindIntersections(start, end, room); if (intersections.Count() <= 0) { return(_ChangeReservation(emailservice, actor, isactive, reservation, start, end, room, Description, reservationchange)); } else if (intersections.Count() == 1 && intersections.First() == reservation) { return(_ChangeReservation(emailservice, actor, isactive, reservation, start, end, room, Description, reservationchange)); } else { intersections = intersections.Where(x => x.Id != reservation.Id); //remove self if (!Force) { return(new ObjectResult("Conflict: There is overlap with existing reservations, please set 'Force' to true in your request if you wish to forcibly insert it.") { StatusCode = 409 }); } if (Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk)) //service desk or higher can always forcibly change reservations { return(_ForceChangeReservation(emailservice, isactive, reservation, start, end, room, Description, reservationchange, actor, intersections)); } var isOwnerOfIntersections = intersections.Select(x => x.Participants.Select(z => z.UserID).Contains(actor.Id)).All(x => x); var _intersectionowners = (from x in intersections select x.Participants).SelectMany(x => x).Where(x => x.IsOwner).Select(x => x.UserID); var _intersectionownerLevels = (from x in _intersectionowners select _context.Users.Where(z => z.Id == x).First().Role); if (isOwnerOfIntersections || _intersectionownerLevels.All(x => Authorization.AIsHigherThanB(actor.Role, x))) //intersections with reservation from people of higher or equal level { return(_ForceChangeReservation(emailservice, isactive, reservation, start, end, room, Description, reservationchange, actor, intersections)); //intersections with reservations from people with lower level } return(Unauthorized()); } } }
public IActionResult RemoveParticipants([FromServices] IEmailService emailservice, List <int> UserIds, int reservationid) { var owner = Models.User.FromClaims(User.Claims, _context); var _reservation = _context.Reservations.Where(x => x.Id == reservationid).Include(x => x.Participants).Include(x => x.ParticipantChanges); if (_reservation.Count() != 1) { return(BadRequest("Could not find reservation")); } var reservation = _reservation.First(); if (reservation.Participants.Where(x => x.UserID == owner.Id).Where(x => x.IsOwner).Count() != 1 || Authorization.AIsBOrHigher(owner.Role, Role.ServiceDesk)) { return(Unauthorized()); } if (UserIds == null) { return(BadRequest("UserId's cannot be empty")); } var users = from id in UserIds select _context.Users.Where(x => x.Id == id).FirstOrDefault(); if (!users.All(x => x != null)) { return(BadRequest("A user could not be found")); } foreach (var user in users) { RemoveUser(emailservice, owner, user, reservation); } _context.SaveChanges(); return(Ok(users.ToList())); }