public IActionResult AddReservation([FromServices] IEmailService emailservice, DateTime StartTime, DateTime EndTime, string Description, int RoomID, bool Force = false)
{
if (StartTime == null || EndTime == null || Description == null)
{
return(BadRequest("Fields missing"));
}
if (StartTime > EndTime)
{
return(BadRequest("StartTime is before EndTime"));
}
var rooms = _context.Rooms.Where(x => x.Id == RoomID);
if (!rooms.Any())
{
return(BadRequest("Room does not exist"));
}
var room = rooms.First();
var Owner = Models.User.FromClaims(User.Claims, _context);
lock (_context.ReservationLock) //lock all intersection checking and reservation writing logic to prevent changes to the database during the checking phase
{
var intersections = FindIntersections(StartTime, EndTime, room);
if (intersections.Count() == 0) //No intersections with other reservations, add it
{
return(Ok(createreservation(StartTime, EndTime, Description, Owner, room).ToString()));
}
if (!intersections.All(x => x.IsMutable == true)) //intersection with an immutable reservation
{
return(new ObjectResult("Conflict: Overlaps with an immutable reservation.")
{
StatusCode = 409
});
}
if (!Force)
{
return(new ObjectResult("Conflict: There is overlap with existing reservations, please set 'Force' to true in your request if you wish to forcibly insert it.")
{
StatusCode = 409
});
}
if (Authorization.AIsBOrHigher(Owner.Role, Role.ServiceDesk)) //service desk or higher can always forcibly add reservations
{
return(Ok(OverrideAddReservation(emailservice, intersections, StartTime, EndTime, Description, Owner, room).ToString()));
}
var _intersectionowners = (from x in intersections select x.Participants).SelectMany(x => x).Where(x => x.IsOwner).Select(x => x.UserID);
var _intersectionownerLevels = (from x in _intersectionowners select _context.Users.Where(z => z.Id == x).First().Role);
if (!_intersectionownerLevels.All(x => Authorization.AIsHigherThanB(Owner.Role, x))) //intersections with reservation from people of higher or equal level
{
return(new ObjectResult("Conflict: Overlaps with a reservation with owner of equal or higher level.")
{
StatusCode = 409
});
}
return(Ok(OverrideAddReservation(emailservice, intersections, StartTime, EndTime, Description, Owner, room).ToString())); //intersections with reservations from people with lower level
}
}
private bool CanEditReservation(Reservation reservation, User actor)
{
if (reservation.Participants.Where(x => x.IsOwner).Where(x => x.UserID == actor.Id).Count() != 1)
{
if (!Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk))
{
return(false);
}
}
return(true);
}
public IActionResult AddParticipants([FromServices] IEmailService emailservice, List <int> userAsOwner, List <int> userAsParticipant, int reservationid)
{
if (userAsParticipant == null)
{
userAsParticipant = new List <int>();
}
if (userAsOwner == null)
{
userAsOwner = new List <int>();
}
var UserIds = new List <Tuple <int, bool> >();
foreach (var item in userAsOwner)
{
UserIds.Add(new Tuple <int, bool>(item, true));
}
foreach (var item in userAsParticipant)
{
UserIds.Add(new Tuple <int, bool>(item, false));
}
//Check if user is owner or service desk member or higher
var owner = Models.User.FromClaims(User.Claims, _context);
var _reservation = _context.Reservations.Where(x => x.Id == reservationid).Include(x => x.Participants).Include(x => x.ParticipantChanges);
if (_reservation.Count() != 1)
{
return(BadRequest("Could not find reservation"));
}
var reservation = _reservation.First();
if (!Authorization.AIsBOrHigher(owner.Role, Role.ServiceDesk))
{
if (reservation.Participants.Where(x => x.UserID == owner.Id).Where(x => x.IsOwner).Count() != 1)
{
return(Unauthorized());
}
}
var users = from id in UserIds select new Tuple <User, bool>(_context.Users.Where(x => x.Id == id.Item1).FirstOrDefault(), id.Item2);
if (!users.All(x => x.Item1 != null))
{
return(BadRequest("A user could not be found"));
}
foreach (var user in users)
{
InviteUser(emailservice, owner, user.Item1, user.Item2, reservation);
}
return(Ok("Succesfull added or updated users"));
}
public IActionResult AddParticipants(List <Tuple <int, bool> > UserIds, int reservationid)
{
//Check if user is owner or service desk member or higher
var owner = Models.User.FromClaims(User.Claims);
var _reservation = _context.Reservations.Where(x => x.Id == reservationid).Include(x => x.Participants).Include(x => x.ParticipantChanges);
if (_reservation.Count() != 1)
{
Response.StatusCode = 400;
return(Content("Could not find reservation"));
}
var reservation = _reservation.First();
if (reservation.Participants.Where(x => x.UserID == owner.Id).Where(x => x.IsOwner).Count() != 1 || Authorization.AIsBOrHigher(owner.Role, Role.ServiceDesk))
{
Response.StatusCode = 401;
return(Content("You are not the owner of this reservation, nor are you a service desk member or higher"));
}
if (UserIds == null)
{
Response.StatusCode = 400;
return(Content("UserId's cannot be empty"));
}
var users = from id in UserIds select new Tuple <User, bool>(_context.Users.Find(id.Item1), id.Item2);
if (!users.All(x => x.Item1 != null))
{
Response.StatusCode = 400;
return(Content("A user could not be found"));
}
foreach (var user in users)
{
InviteUser(owner, user.Item1, user.Item2, reservation);
}
return(Content("Succesfull added or updated users"));
}
public IActionResult ChangeReservation(int ReservationID, DateTime?StartTime, DateTime?EndTime, string Description, int?RoomID, bool?isactive, bool Force = false)
{
User actor = Models.User.FromClaims(User.Claims);
Room room = null;
if (RoomID.HasValue)
{
room = _context.Rooms.Find(RoomID.Value);
if (room == null)
{
Response.StatusCode = 400;
return(Content("RoomID could not be found"));
}
}
lock (ReservationLock)
{
var _reservation = _context.Reservations.Where(x => x.Id == ReservationID).Include(x => x.Participants);
Reservation reservation = null;
if (_reservation.Count() != 0)
{
Response.StatusCode = 400;
return(Content("Reservation could not be found"));
}
reservation = _reservation.First();
if (reservation.Participants.Where(x => x.IsOwner).Where(x => x.UserID == actor.Id).Count() != 1)
{
if (!Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk))
{
Response.StatusCode = 401;
return(Content("You are not an owner of this reservation, nor are you a service desk employee or higher."));
}
}
var reservationchange = reservation.GenerateChangeCopy(actor);
DateTime start;
if (StartTime.HasValue)
{
start = StartTime.Value;
}
else
{
start = reservation.StartDate;
}
DateTime end;
if (EndTime.HasValue)
{
end = EndTime.Value;
}
else
{
end = reservation.EndDate;
}
if (start > end)
{
Response.StatusCode = 400;
return(Content("Startdate cannot come before end date"));
}
var intersections = FindIntersections(start, end);
if (intersections.Count() <= 1)
{
return(_ChangeReservation(isactive, reservation, start, end, room, Description, reservationchange));
}
else
{
intersections = intersections.Where(x => x.Id != reservation.Id); //remove self
if (!Force)
{
Response.StatusCode = 400;
return(Content("There is overlap with existing reservations, please set 'Force' to true in your request if you wish to forcibly insert it."));
}
if (Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk)) //service desk or higher can always forcibly change reservations
{
return(_ForceChangeReservation(isactive, reservation, start, end, room, Description, reservationchange, actor, intersections));
}
var _intersectionowners = (from x in intersections select x.Participants).SelectMany(x => x).Where(x => x.IsOwner).Select(x => x.UserID);
var _intersectionownerLevels = (from x in _intersectionowners select _context.Users.Find(x).Role);
if (!_intersectionownerLevels.All(x => Authorization.AIsHigherThanB(actor.Role, x))) //intersections with reservation from people of higher or equal level
{
Response.StatusCode = 400;
return(Content("Overlaps with a reservation with owner of equal or higher level."));
}
return(_ForceChangeReservation(isactive, reservation, start, end, room, Description, reservationchange, actor, intersections)); //intersections with reservations from people with lower level
}
}
}
public IActionResult RemoveParticipants(List <int> UserIds, int reservationid)
{
var owner = Models.User.FromClaims(User.Claims);
var _reservation = _context.Reservations.Where(x => x.Id == reservationid).Include(x => x.Participants).Include(x => x.ParticipantChanges);
if (_reservation.Count() != 1)
{
Response.StatusCode = 400;
return(Content("Could not find reservation"));
}
var reservation = _reservation.First();
if (reservation.Participants.Where(x => x.UserID == owner.Id).Where(x => x.IsOwner).Count() != 1 || Authorization.AIsBOrHigher(owner.Role, Role.ServiceDesk))
{
Response.StatusCode = 401;
return(Content("You are not the owner of this reservation, nor are you a service desk member or higher"));
}
if (UserIds == null)
{
Response.StatusCode = 400;
return(Content("UserId's cannot be empty"));
}
var users = from id in UserIds select _context.Users.Find(id);
if (!users.All(x => x != null))
{
Response.StatusCode = 400;
return(Content("A user could not be found"));
}
foreach (var user in users)
{
RemoveUser(owner, user, reservation);
}
_context.SaveChanges();
return(Ok(users.ToList()));
}
public IActionResult ChangeReservation([FromServices] IEmailService emailservice, int ReservationID, DateTime?StartTime, DateTime?EndTime, string Description, int?RoomID, bool?isactive, bool Force = false)
{
User actor = Models.User.FromClaims(User.Claims, _context);
Room room = null;
if (RoomID.HasValue)
{
var rooms = _context.Rooms.Where(x => x.Id == RoomID.Value);
if (!rooms.Any())
{
return(BadRequest("RoomID could not be found"));
}
room = rooms.First();
}
lock (_context.ReservationLock)
{
var _reservation = _context.Reservations.Where(x => x.Id == ReservationID).Include(x => x.Participants).Include(x => x.Room);
Reservation reservation = null;
if (_reservation.Count() == 0)
{
return(BadRequest("Reservation could not be found"));
}
reservation = _reservation.First();
if (room == null)
{
room = reservation.Room;
}
if (reservation.Participants.Where(x => x.IsOwner).Where(x => x.UserID == actor.Id).Count() != 1)
{
if (!Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk))
{
return(Unauthorized());
}
}
var reservationchange = reservation.GenerateChangeCopy(actor);
DateTime start;
if (StartTime.HasValue)
{
start = StartTime.Value;
}
else
{
start = reservation.StartDate;
}
DateTime end;
if (EndTime.HasValue)
{
end = EndTime.Value;
}
else
{
end = reservation.EndDate;
}
if (start > end)
{
return(BadRequest("Startdate cannot come before end date"));
}
var intersections = FindIntersections(start, end, room);
if (intersections.Count() <= 0)
{
return(_ChangeReservation(emailservice, actor, isactive, reservation, start, end, room, Description, reservationchange));
}
else if (intersections.Count() == 1 && intersections.First() == reservation)
{
return(_ChangeReservation(emailservice, actor, isactive, reservation, start, end, room, Description, reservationchange));
}
else
{
intersections = intersections.Where(x => x.Id != reservation.Id); //remove self
if (!Force)
{
return(new ObjectResult("Conflict: There is overlap with existing reservations, please set 'Force' to true in your request if you wish to forcibly insert it.")
{
StatusCode = 409
});
}
if (Authorization.AIsBOrHigher(actor.Role, Role.ServiceDesk)) //service desk or higher can always forcibly change reservations
{
return(_ForceChangeReservation(emailservice, isactive, reservation, start, end, room, Description, reservationchange, actor, intersections));
}
var isOwnerOfIntersections = intersections.Select(x => x.Participants.Select(z => z.UserID).Contains(actor.Id)).All(x => x);
var _intersectionowners = (from x in intersections select x.Participants).SelectMany(x => x).Where(x => x.IsOwner).Select(x => x.UserID);
var _intersectionownerLevels = (from x in _intersectionowners select _context.Users.Where(z => z.Id == x).First().Role);
if (isOwnerOfIntersections || _intersectionownerLevels.All(x => Authorization.AIsHigherThanB(actor.Role, x))) //intersections with reservation from people of higher or equal level
{
return(_ForceChangeReservation(emailservice, isactive, reservation, start, end, room, Description, reservationchange, actor, intersections)); //intersections with reservations from people with lower level
}
return(Unauthorized());
}
}
}
public IActionResult RemoveParticipants([FromServices] IEmailService emailservice, List <int> UserIds, int reservationid)
{
var owner = Models.User.FromClaims(User.Claims, _context);
var _reservation = _context.Reservations.Where(x => x.Id == reservationid).Include(x => x.Participants).Include(x => x.ParticipantChanges);
if (_reservation.Count() != 1)
{
return(BadRequest("Could not find reservation"));
}
var reservation = _reservation.First();
if (reservation.Participants.Where(x => x.UserID == owner.Id).Where(x => x.IsOwner).Count() != 1 || Authorization.AIsBOrHigher(owner.Role, Role.ServiceDesk))
{
return(Unauthorized());
}
if (UserIds == null)
{
return(BadRequest("UserId's cannot be empty"));
}
var users = from id in UserIds select _context.Users.Where(x => x.Id == id).FirstOrDefault();
if (!users.All(x => x != null))
{
return(BadRequest("A user could not be found"));
}
foreach (var user in users)
{
RemoveUser(emailservice, owner, user, reservation);
}
_context.SaveChanges();
return(Ok(users.ToList()));
}
