public async Task <IActionResult> Get()
{
try
{
DynamicParameters selectWorkdaysByUserId_params = new DynamicParameters();
selectWorkdaysByUserId_params.Add("@userId", _claims.GetUserId());
string selectWorkdaysByUserId_string = $@"
SELECT [id], [date], [startDate], [endDate], [typeCode], [aom], [userId] FROM [Workday] WHERE [userId] = @userId AND [endDate] IS NOT NULL
";
var selectWorkdaysByUserId_result = await _db.SelectAsync <WorkdayModel, dynamic>(
selectWorkdaysByUserId_string, selectWorkdaysByUserId_params
);
if (selectWorkdaysByUserId_result.Count < 1)
{
IActionResult actionResult = customActionResult.NotFound($"No workdays found in database for this username.");
return(StatusCode(StatusCodes.Status404NotFound, actionResult));
}
else
{
List <WorkdayModel> UserWorkdays = new List <WorkdayModel>();
foreach (var workday in selectWorkdaysByUserId_result)
{
DynamicParameters selectTSignatureByWorkdayId_params = new DynamicParameters();
selectTSignatureByWorkdayId_params.Add("@workdayId", workday.id);
string selectTSignatureByWorkdayId_string = $@"
SELECT TOP 1 [typeCode] FROM [TimeSignature] WHERE [workdayId] = @workdayId
";
var selectTSignatureByWorkdayId_result = await _db.SelectAsync <TimeSignatureModel, dynamic>(
selectTSignatureByWorkdayId_string, selectTSignatureByWorkdayId_params
);
UserWorkdays.Add(new WorkdayModel {
id = workday.id,
date = workday.date,
startDate = workday.startDate,
endDate = workday.endDate,
signatureType = selectTSignatureByWorkdayId_result[0].typeCode,
aom = workday.aom,
typeCode = workday.typeCode,
userId = workday.userId
});
}
IActionResult actionResult = customActionResult.Ok($"Following workdays were found in database for this username.", UserWorkdays);
return(StatusCode(StatusCodes.Status200OK, actionResult));
}
}
catch (Exception e)
{
return(StatusCode(StatusCodes.Status500InternalServerError, e.Message));
}
}
private async Task <List <TimeSignatureModel> > CheckIfAnyWorkdaySavedInDbWithCurrentDate()
{
DynamicParameters checkIfAnyWorkdaySavedInDbWithCurrentDate_params = new DynamicParameters();
checkIfAnyWorkdaySavedInDbWithCurrentDate_params.Add("@userId", _claims.GetUserId());
string checkIfAnyWorkdaySavedInDbWithCurrentDate_string = @$ "
SELECT TOP 1 [id], [endDate], [typeCode], [stateCode] FROM [TimeSignature] WHERE [endDate] IS NOT NULL AND [userId] = @userId ORDER BY [id] DESC
public async Task <IActionResult> GetUserProfile()
{
try
{
DynamicParameters getUserProfile_params = new DynamicParameters();
getUserProfile_params.Add("@userId", _claims.GetUserId());
string getUserProfile_string = @$ "
SELECT [id], [firstName], [lastName], [userName], [role] FROM [User] WHERE [id] = @userId
private async Task <List <TimeSignatureModel> > SelectTodaysUserTSignatureIdentifiersByUserId(TimeSignatureModel body)
{
DynamicParameters selectTodaysUserTSignatureIdentifiersByUserId_params = new DynamicParameters();
selectTodaysUserTSignatureIdentifiersByUserId_params.Add("@startDate", body.startDate);
selectTodaysUserTSignatureIdentifiersByUserId_params.Add("@userId", _claims.GetUserId());
string selectTodaysUserTSignatureIdentifiersByUserId_string = @$ "
SELECT TOP 1 [startDate], [endDate], [typeCode], [stateCode], [workdayId]
public async Task <IActionResult> ClockOut(TimeSignatureModel body)
{
try
{
if (body == null)
{
IActionResult actionResult = customActionResult.BadRequest(
"The client set the requested body to null before it was sent."
);
return(StatusCode(StatusCodes.Status400BadRequest, actionResult));
}
else
{
if (body.finish == false)
{
DynamicParameters checkIfClockOut_params = new DynamicParameters();
checkIfClockOut_params.Add("@userId", _claims.GetUserId());
string checkIfClockOut_string = @$ "
SELECT TOP 1 [id], [startDate] FROM [TimeSignature] WHERE [endDate] IS NULL AND [userId] = @userId ORDER BY [id] DESC
public async Task <IActionResult> ChangePassword(UserAccountModel body)
{
try
{
if (body == null)
{
IActionResult actionResult = BadRequest(
"The client set the requested body to null before it was sent."
);
return(StatusCode(StatusCodes.Status400BadRequest, actionResult));
}
else if (string.IsNullOrEmpty(body.password) || string.IsNullOrWhiteSpace(body.password))
{
IActionResult actionResult = customActionResult.FieldsRequired(
"The 'password' field has been sent from the client null, empty, or whitespaced."
);
return(StatusCode(StatusCodes.Status411LengthRequired, actionResult));
}
else if (string.IsNullOrEmpty(body.oldPassword) || string.IsNullOrWhiteSpace(body.oldPassword))
{
IActionResult actionResult = customActionResult.FieldsRequired(
"The 'old password' field has been sent from the client null, empty, or whitespaced."
);
return(StatusCode(StatusCodes.Status411LengthRequired, actionResult));
}
else
{
DynamicParameters selectPasswordByUserId_params = new DynamicParameters();
selectPasswordByUserId_params.Add("@userId", _claims.GetUserId());
string selectPasswordByUserId_string = $"SELECT [password] FROM [User] WHERE [id] = @userId";
var selectPasswordByUserId_results = await _db.SelectAsync <UserAccountModel, dynamic>(selectPasswordByUserId_string, selectPasswordByUserId_params);
if (selectPasswordByUserId_results.Count < 1)
{
IActionResult actionResult = customActionResult.NotFound(
"The user details provided do not exist in the database, try again."
);
return(StatusCode(StatusCodes.Status404NotFound, actionResult));
}
else
{
_user.oldPassword = selectPasswordByUserId_results[0].password;
bool comparePassword = new HashPassword().VerifyPassword(_user.oldPassword, body.oldPassword);
byte[] salt = hashPassword.CreateSalt(10);
string newPasswordHashed = hashPassword.GenerateSHA256Hash(body.password, salt, false);
if (comparePassword != true)
{
IActionResult actionResult = customActionResult.Unauthorized(
"The old password is wrong, so the access is denied."
);
return(StatusCode(StatusCodes.Status401Unauthorized, actionResult));
}
else if (string.IsNullOrEmpty(newPasswordHashed) || string.IsNullOrWhiteSpace(newPasswordHashed))
{
IActionResult actionResult = customActionResult.Locked(
"The new password failed to hash, so the process to change the password has been blocked. Please Try Again."
);
return(StatusCode(StatusCodes.Status423Locked, actionResult));
}
else
{
DynamicParameters updatePassword_params = new DynamicParameters();
updatePassword_params.Add("@userId", _claims.GetUserId());
updatePassword_params.Add("@newPassword", newPasswordHashed);
string updatePassword_string = @"UPDATE [User] SET [password] = @newPassword WHERE [id] = @userId";
await _db.UpdateAsync(updatePassword_string, updatePassword_params);
IActionResult actionResult = customActionResult.Ok(
"Password changed successfully. Be careful and don't give it to anyone."
);
return(StatusCode(StatusCodes.Status202Accepted, actionResult));
}
}
}
}
catch (Exception e)
{
return(StatusCode(StatusCodes.Status500InternalServerError, e.Message));
}
}
public async Task <IActionResult> UpdateSelfsWorkdayAndTSignatureByWorkdayId(int id, TimeSignatureModel body)
{
try
{
if (body == null)
{
IActionResult actionResult = customActionResult.BadRequest(
"The client set the requested body to null before it was sent."
);
return(StatusCode(StatusCodes.Status400BadRequest, actionResult));
}
else
{
if (body.startDate == null || body.endDate == null)
{
IActionResult actionResult = customActionResult.FieldsRequired(
"The 'start date' or 'end date' field has been sent from the client null, empty, or whitespaced."
);
return(StatusCode(StatusCodes.Status411LengthRequired, actionResult));
}
else
{
DynamicParameters selectTSignaturesIdentifiersByWorkdayIdAndUserId_params = new DynamicParameters();
selectTSignaturesIdentifiersByWorkdayIdAndUserId_params.Add("@workdayId", id);
selectTSignaturesIdentifiersByWorkdayIdAndUserId_params.Add("@userId", _claims.GetUserId());
string selectTSignaturesIdentifiersByWorkdayIdAndUserId_string = $@"
SELECT [typeCode], [updateBy] FROM [TimeSignature] WHERE [workdayId] = @workdayId AND [userId] = @userId
";
var selectTSignaturesIdentifiersByWorkdayIdAndUserId = await _db.SelectAsync <TimeSignatureModel, dynamic>(
selectTSignaturesIdentifiersByWorkdayIdAndUserId_string, selectTSignaturesIdentifiersByWorkdayIdAndUserId_params
);
if (
selectTSignaturesIdentifiersByWorkdayIdAndUserId.Count > 0 &&
selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].typeCode == "FIX" &&
(
selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].updateBy == null ||
selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].updateBy == "self"
)
)
{
DynamicParameters updateTSignature_params = new DynamicParameters();
updateTSignature_params.Add("@userId", _claims.GetUserId());
updateTSignature_params.Add("@userName", _claims.GetUserName());
updateTSignature_params.Add("@id", id);
updateTSignature_params.Add("@startDate", body.startDate);
updateTSignature_params.Add("@endDate", body.endDate);
updateTSignature_params.Add("@wd_typeCode", body.wd_typeCode);
string updateTSignature_string = $@"
UPDATE [TimeSignature]
SET
[startDate] = @startDate,
[endDate] = @endDate,
[aom] = (SELECT DATEDIFF(MINUTE, @startDate, @endDate)),
[wd_typeCode] = @wd_typeCode,
[lastUpdate] = GETDATE(),
[updateBy] = 'self'
WHERE
[userId] = @userId
AND [workdayId] = @id
";
await _db.UpdateAsync(updateTSignature_string, updateTSignature_params);
string updateWorkday_string = $@"
UPDATE [Workday]
SET
[startDate] = @startDate,
[endDate] = @endDate,
[aom] = (SELECT DATEDIFF(MINUTE, @startDate, @endDate)),
[typeCode] = @wd_typeCode
WHERE
[userId] = @userId
AND [id] = @id
";
await _db.UpdateAsync(updateWorkday_string, updateTSignature_params);
IActionResult actionResult = customActionResult.Ok(@$ "Your time signature was successfully updated.");
return(StatusCode(StatusCodes.Status200OK, actionResult));
}
else
if (
selectTSignaturesIdentifiersByWorkdayIdAndUserId.Count > 0 &&
selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].typeCode == "FIX" &&
(
selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].updateBy != null ||
selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].updateBy != "self"
)
)
{
IActionResult actionResult = customActionResult.Unauthorized(
"You are not authorzied to make any updates on workdays having time signatures that were updated by an admin user."
);
return(StatusCode(StatusCodes.Status401Unauthorized, actionResult));
}
else
if (
selectTSignaturesIdentifiersByWorkdayIdAndUserId.Count > 0 &&
selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].typeCode == "FLX" &&
_claims.GetUserRole() == "admin"
)
{
DynamicParameters deleteFlxTSignaturesByWorkdayId_params = new DynamicParameters();
deleteFlxTSignaturesByWorkdayId_params.Add("@id", id);
string deleteFlxTSignaturesByWorkdayId = $@"
DELETE FROM [TimeSignature] WHERE [WorkdayId] = @id
";
await _db.DeleteAsync(deleteFlxTSignaturesByWorkdayId, deleteFlxTSignaturesByWorkdayId_params);
DynamicParameters insertIntoTSignature_params = new DynamicParameters();
insertIntoTSignature_params.Add("@userId", _claims.GetUserId());
insertIntoTSignature_params.Add("@workdayId", id);
insertIntoTSignature_params.Add("@wd_typeCode", body.wd_typeCode);
insertIntoTSignature_params.Add("@startDate", body.startDate);
insertIntoTSignature_params.Add("@endDate", body.endDate);
string insertIntoTSignature_string = $@"
INSERT
INTO [TimeSignature] (
[startDate], [endDate], [typeCode], [stateCode],
[wd_typeCode], [workdayId], [userId], [aom], [lastUpdate], [updateBy]
) VALUES (
@startDate,
@endDate,
(SELECT [code] FROM [SignatureType] WHERE [code] = 'FIX'),
(SELECT [code] FROM [SignatureState] WHERE [code] = 'TT'),
(SELECT [code] FROM [WorkdayType] WHERE [code] = @wd_typeCode),
(SELECT [id] FROM [Workday] WHERE [id] = @workdayId),
(SELECT [id] FROM [User] WHERE [id] = @userId),
(SELECT DATEDIFF(MINUTE, @startDate, @endDate)),
(SELECT GETDATE()),
'self'
)
";
await _db.InsertAsync(insertIntoTSignature_string, insertIntoTSignature_params);
DynamicParameters updateWorkdayById_params = new DynamicParameters();
updateWorkdayById_params.Add("@userId", _claims.GetUserId());
updateWorkdayById_params.Add("@workdayId", id);
updateWorkdayById_params.Add("@startDate", body.startDate);
updateWorkdayById_params.Add("@endDate", body.endDate);
string updateWorkdayById_string = $@"
UPDATE [Workday]
SET
[date] = (SELECT [startDate] FROM [TimeSignature] WHERE [workdayId] = @workdayId),
[startDate] = (SELECT [startDate] FROM [TimeSignature] WHERE [workdayId] = @workdayId),
[endDate] = (SELECT [endDate] FROM [TimeSignature] WHERE [workdayId] = @workdayId),
[aom] = (SELECT DATEDIFF(MINUTE, @startDate, @endDate))
WHERE [userId] = @userId
AND [id] = @workdayId
";
await _db.UpdateAsync(updateWorkdayById_string, updateWorkdayById_params);
IActionResult actionResult = customActionResult.Ok(@$ "Your time signature was successfully updated.");
return(StatusCode(StatusCodes.Status200OK, actionResult));
}
else
if (
selectTSignaturesIdentifiersByWorkdayIdAndUserId.Count > 0 &&
selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].typeCode == "FLX" &&
_claims.GetUserRole() != "admin"
)
{
IActionResult actionResult = customActionResult.Unauthorized(
"You are not authorized to update your workdays with flexible time signature, if by mystake you made a databes record using flexible time signature, please contact your manager."
);
return(StatusCode(StatusCodes.Status401Unauthorized, actionResult));
}
else
{
IActionResult actionResult = customActionResult.NotFound(
@$ "No time signatures found searching by workday id and user id."
);
return(StatusCode(StatusCodes.Status404NotFound, actionResult));
}
}
}
}
catch (Exception e)
{
return(StatusCode(StatusCodes.Status500InternalServerError, e.Message));
}
}
public async Task <IActionResult> DeleteAsOrdinaryAsync(int id, TimeSignatureModel body)
{
try
{
if (body == null)
{
IActionResult actionResult = customActionResult.BadRequest(
"The client set the requested body to null before it was sent."
);
return(StatusCode(StatusCodes.Status400BadRequest, actionResult));
}
else
{
if (string.IsNullOrEmpty(body.typeCode) || string.IsNullOrWhiteSpace(body.typeCode))
{
IActionResult actionResult = customActionResult.FieldsRequired(
"The 'code type' field has been sent from the client null, empty, or whitespaced."
);
return(StatusCode(StatusCodes.Status411LengthRequired, actionResult));
}
else if (body.typeCode != "FIX" && _claims.GetUserRole() != "admin")
{
IActionResult actionResult = customActionResult.Conflict(
"This option is only for 'Fixed Time Signature' type. If you want to delete a 'Flexible Time Signature', please contact your manager."
);
return(StatusCode(StatusCodes.Status409Conflict, actionResult));
}
else if (body.typeCode == "FIX" && _claims.GetUserRole() != "admin")
{
DynamicParameters selectUserIdByWokrdayId_params = new DynamicParameters();
selectUserIdByWokrdayId_params.Add("@userId", _claims.GetUserId());
selectUserIdByWokrdayId_params.Add("@workdayId", id);
string selectUserIdByWokrdayId_string = $@"
SELECT [userId]
FROM [Workday]
WHERE [userId] = @userId
AND [id] = @workdayId
";
var selectUserIdByWorkdayId_result = await _db.SelectAsync <WorkdayModel, dynamic>(selectUserIdByWokrdayId_string, selectUserIdByWokrdayId_params);
if (selectUserIdByWorkdayId_result.Count < 1)
{
IActionResult actionResult = customActionResult.NotFound("No time signature found by given id");
return(StatusCode(StatusCodes.Status404NotFound, actionResult));
}
else if (selectUserIdByWorkdayId_result[0].userId != _claims.GetUserId())
{
IActionResult actionResult = customActionResult.Unauthorized(
"You are not authorized to delete this time signature."
);
return(StatusCode(StatusCodes.Status401Unauthorized, actionResult));
}
else
{
DynamicParameters deleteFixTSignatureByWorkdayId_params = new DynamicParameters();
deleteFixTSignatureByWorkdayId_params.Add("@workdayId", id);
string deleteFixTSignaturesByWorkdayId = $@"
DELETE FROM [TimeSignature] WHERE [workdayId] = @workdayId AND [typeCode] = 'FIX'
";
await _db.DeleteAsync(deleteFixTSignaturesByWorkdayId, deleteFixTSignatureByWorkdayId_params);
string deleteFixWorkdayByWorkdayId = $@"
DELETE FROM [Workday] WHERE [id] = @workdayId
";
await _db.DeleteAsync(deleteFixWorkdayByWorkdayId, deleteFixTSignatureByWorkdayId_params);
IActionResult actionResult = customActionResult.Ok(
"You deleted successfuly your workday."
);
return(StatusCode(StatusCodes.Status200OK, actionResult));
}
}
else
{
DynamicParameters selectUserIdByWokrdayId_params = new DynamicParameters();
selectUserIdByWokrdayId_params.Add("@userId", _claims.GetUserId());
selectUserIdByWokrdayId_params.Add("@workdayId", id);
string selectUserIdByWokrdayId_string = $@"
SELECT [userId]
FROM [Workday]
WHERE [userId] = @userId
AND [id] = @workdayId
";
var selectUserIdByWorkdayId_result = await _db.SelectAsync <WorkdayModel, dynamic>(selectUserIdByWokrdayId_string, selectUserIdByWokrdayId_params);
if (selectUserIdByWorkdayId_result.Count < 1)
{
IActionResult actionResult = customActionResult.NotFound("No time signature found by given id");
return(StatusCode(StatusCodes.Status404NotFound, actionResult));
}
else if (selectUserIdByWorkdayId_result[0].userId != _claims.GetUserId())
{
IActionResult actionResult = customActionResult.Unauthorized(
"You are not authorized to delete this time signature."
);
return(StatusCode(StatusCodes.Status401Unauthorized, actionResult));
}
else
{
DynamicParameters deleteFixTSignatureByWorkdayId_params = new DynamicParameters();
deleteFixTSignatureByWorkdayId_params.Add("@workdayId", id);
string deleteFixTSignaturesByWorkdayId = $@"
DELETE FROM [TimeSignature] WHERE [workdayId] = @workdayId
";
await _db.DeleteAsync(deleteFixTSignaturesByWorkdayId, deleteFixTSignatureByWorkdayId_params);
string deleteFixWorkdayByWorkdayId = $@"
DELETE FROM [Workday] WHERE [id] = @workdayId
";
await _db.DeleteAsync(deleteFixWorkdayByWorkdayId, deleteFixTSignatureByWorkdayId_params);
IActionResult actionResult = customActionResult.Ok(
"You deleted successfuly your workday."
);
return(StatusCode(StatusCodes.Status200OK, actionResult));
}
}
}
}
catch (Exception e)
{
return(StatusCode(StatusCodes.Status500InternalServerError, e.Message));
}
}