public async Task <IHttpActionResult> NewNewsItemFeedback(NewNewsItemFeedbackDTO newNewsItemFeedbackDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).Include(_user => _user.Company).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
NewsItem newsItem = db.NewsItems.Where(_newsItem => _newsItem.ID == newNewsItemFeedbackDTO.NewsItemID)
.Include(_newsItem => _newsItem.Product.TeamMembers
.Select(teamMember => teamMember.User)
.Select(teamMember => teamMember.Company))
.Include(_newsItem => _newsItem.User.Company.Followers)
.Include(_newsItem => _newsItem.User.CompaniesAsMembers)
.SingleOrDefault();
if (newsItem == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if (newsItem.Product != null)
{
if ((newsItem.Product.CompanyID != user.Company.ID) &&
(newsItem.Product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id &&
teamMember.CanEditTheProduct == true).SingleOrDefault() == null) &&
(newsItem.Product.Privacy == ProductPrivacy.Private) ||
((newsItem.Product.Privacy == ProductPrivacy.VisibleToSelectedGroups) &&
(newsItem.Product.GroupsVisibleTo.Any(followerGroup => followerGroup.Followers.Any(follower => follower.UserID == user.Id)) == false)))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
}
if ((newsItem.UserID != user.Id) && (newsItem.User.Company.Members.Where(member => member.UserID == user.Id).SingleOrDefault() == null) && (newsItem.User.Company.Followers.Where(follower => follower.UserID == user.Id).SingleOrDefault() == null) && (newsItem.User.CompaniesAsMembers.Where(companyAsMember => companyAsMember.Company.Followers.Any(follower => follower.UserID == user.Id)).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
NewsItemFeedback newsItemFeedback = Mapper.Map <NewNewsItemFeedbackDTO, NewsItemFeedback>(newNewsItemFeedbackDTO);
newsItemFeedback.UserID = user.Id;
newsItemFeedback.User = user;
newsItemFeedback.NewsItemID = newsItem.ID;
newsItemFeedback.NewsItem = newsItem;
newsItemFeedback.PostedAt = DateTime.Now;
newsItemFeedback = db.NewsItemFeedback.Add(newsItemFeedback);
newsItem.UpdatedAt = DateTime.Now;
db.Entry(newsItem).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok(Mapper.Map <NewsItemFeedback, NewsItemFeedbackDTO>(newsItemFeedback)));
}
public async Task <IQueryable <CompanyFollowerDTO> > GetMyCompanysFollowers()
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).Include(_user => _user.Company).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (user.Company == null)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
IQueryable <CompanyConnection> companyConnections = db.CompanyConnections
.Where(connection => connection.CompanyID == user.Company.ID)
.Include(connection => connection.User)
.Include(connection => connection.Company)
.Include(connection => connection.FollowerGroups);
IQueryable <CompanyFollowerDTO> companyFollowerDtos = companyConnections.ProjectTo <CompanyFollowerDTO>();
foreach (CompanyFollowerDTO companyFollowerDTO in companyFollowerDtos)
{
companyFollowerDTO.IsNew = (user.LastCheckForConnectionRequests == null) || ((companyFollowerDTO.Status == ConnectionStatus.Pending) && (user.LastCheckForConnectionRequests < companyFollowerDTO.RequestedAt));
}
user.LastCheckForConnectionRequests = DateTime.Now;
db.Entry(user).State = EntityState.Modified;
await db.SaveChangesAsync();
return(companyFollowerDtos);
}
public async Task <IHttpActionResult> SetProductFileCategory(long id, ProductFileCategory category)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
ProductFile productFile = db.ProductFiles.Where(_productFile => _productFile.ID == id)
.Include(_productFile => _productFile.Product)
.Include(_productFile => _productFile.Product.TeamMembers)
.SingleOrDefault();
if (productFile == null)
{
return(NotFound());
}
if ((productFile.Product.CompanyID != user.Company.ID) && (productFile.Product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (productFile.Category == category)
{
return(Ok());
}
ProductUpdate productUpdate = new ProductUpdate();
productFile.Category = category;
db.Entry(productFile).State = EntityState.Modified;
productUpdate.UserID = user.Id;
productUpdate.User = user;
productUpdate.ProductID = productFile.ProductID;
productUpdate.Product = productFile.Product;
productUpdate.ProductFileID = productFile.ID;
productUpdate.ProductFile = productFile;
productUpdate.DateTime = DateTime.Now;
productUpdate.UpdateType = UpdateType.ProductFileEdited;
db.ProductUpdates.Add(productUpdate);
await db.SaveChangesAsync();
return(Ok());
}
public async Task <IHttpActionResult> UpdateProductTeamMember(ProductTeamMemberUpdateDTO productTeamMemberUpdateDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Product product = db.Products.Where(_product => _product.ID == productTeamMemberUpdateDTO.ProductID)
.Include(_product => _product.TeamMembers
.Select(teamMember => teamMember.User))
.SingleOrDefault();
if (product == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((product.CompanyID != user.Company.ID) && (product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
ProductTeamMember productTeamMember = product.TeamMembers.Where(_productTeamMember => _productTeamMember.UserID == productTeamMemberUpdateDTO.UserID).SingleOrDefault();
if (productTeamMember == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
productTeamMember.Role = productTeamMemberUpdateDTO.Role;
productTeamMember.CanEditTheProduct = productTeamMemberUpdateDTO.CanEditTheProduct;
db.Entry(productTeamMember).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok(Mapper.Map <ProductTeamMember, ProductTeamMemberDTO>(productTeamMember)));
}
public async Task <IHttpActionResult> UpdateMemberOfMyCompany(CompanyMemberUpdateDTO companyMemberUpdateDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
CompanyMember companyMember = db.CompanyMembers.Where(_companyMember => _companyMember.ID == companyMemberUpdateDTO.ID).SingleOrDefault();
if (companyMember == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
Company company = user.Company;
if (company == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if (companyMember.Company != company)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
companyMember.UserLevelId = companyMemberUpdateDTO.UserLevelId;
companyMember.Role = companyMemberUpdateDTO.Role;
companyMember.Email = companyMemberUpdateDTO.Email;
db.Entry(companyMember).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok(Mapper.Map <CompanyMember, CompanyMemberDTO>(companyMember)));
}
public async Task <IEnumerable <ProductUpdateDTO> > GetLatestProductUpdatesPaged(int pageNumber, int pageSize)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (pageNumber <= 0 || pageSize <= 0)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
IQueryable <ProductUpdate> productUpdates = db.ProductUpdates.Where(productUpdate =>
(productUpdate.Product.Company.Owner.Id == user.Id) ||
(productUpdate.Product.TeamMembers.Any(teamMember => teamMember.UserID == user.Id)) ||
(productUpdate.Product.Company.Followers.Any(follower => follower.UserID == user.Id) &&
((productUpdate.Product.Privacy == ProductPrivacy.Public) ||
(productUpdate.Product.Privacy == ProductPrivacy.VisibleToSelectedGroups &&
productUpdate.Product.GroupsVisibleTo.Any(followerGroup => followerGroup.Followers.Any(follower => follower.UserID == user.Id)))) &&
((productUpdate.ProductFile == null) ||
((productUpdate.ProductFile != null) &&
((productUpdate.ProductFile.Privacy == ProductFilePrivacy.Public) ||
(productUpdate.ProductFile.Privacy == ProductFilePrivacy.VisibleToSelectedGroups &&
productUpdate.ProductFile.GroupsVisibleTo.Any(followerGroup => followerGroup.Followers.Any(follower => follower.UserID == user.Id))))))))
.OrderByDescending(productUpdate => productUpdate.DateTime);
IEnumerable <ProductUpdateDTO> productUpdateDtos = Mapper.Map <IEnumerable <ProductUpdateDTO> >(productUpdates.ToPagedList(pageNumber, pageSize).ToList());
foreach (ProductUpdateDTO productUpdateDto in productUpdateDtos)
{
productUpdateDto.IsNew = (user.LastCheckForProductUpdates == null) || (user.LastCheckForProductUpdates < productUpdateDto.DateTime);
}
user.LastCheckForProductUpdates = DateTime.Now;
db.Entry(user).State = EntityState.Modified;
await db.SaveChangesAsync();
return(productUpdateDtos);
}
public async Task <IHttpActionResult> JumpToWizardStep(UserOnboardingStatusDTO inputStep)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!inputStep.OnboardingStep.HasValue)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
if (inputStep.OnboardingStep.HasValue && (inputStep.OnboardingStep.Value < 0 || inputStep.OnboardingStep.Value > 4))
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
user.OnboardingStep = inputStep.OnboardingStep.Value;
db.Entry(user).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok(Mapper.Map <User, UserOnboardingStatusDTO>(user)));
}
public async Task <IHttpActionResult> UpdateProduct(ProductDTO productDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName)
.Include(_user => _user.Company)
.SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Product product = db.Products.Where(_product => _product.ID == productDTO.ID)
.Include(_product => _product.TeamMembers)
.Include(_product => _product.GroupsVisibleTo)
.Include(_product => _product.ProductFiles
.Select(productFile => productFile.GroupsVisibleTo))
.SingleOrDefault();
if (product == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((product.CompanyID != user.Company.ID) && (product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
Regex regex = new Regex("[^a-zA-Z0-9_-]");
product.URI = productDTO.Name.Replace(" ", "-");
product.URI = regex.Replace(product.URI, "").ToLower();
if (product.URI.Length == 0)
{
product.URI = null;
}
else if (db.Products.Where(_product => _product.URI == product.URI && _product.ID != product.ID && _product.CompanyID == product.CompanyID).SingleOrDefault() != null)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
product.Name = productDTO.Name;
product.Description = productDTO.Description;
product.Privacy = productDTO.Privacy;
product.Logo = productDTO.Logo;
if (productDTO.Privacy == ProductPrivacy.VisibleToSelectedGroups)
{
List <long> followerGroupIdsToRemove = new List <long>();
List <long> followerGroupIdsToAdd = new List <long>();
bool keepFollowerGroupInProduct = false;
bool addFollowerGroupToProduct = false;
foreach (CompanyFollowerGroup companyFollowerGroup in product.GroupsVisibleTo)
{
keepFollowerGroupInProduct = false;
foreach (CompanyFollowerGroupDTO companyFollowerGroupDto in productDTO.GroupsVisibleTo)
{
if (companyFollowerGroup.ID == companyFollowerGroupDto.ID)
{
keepFollowerGroupInProduct = true;
break;
}
}
if (keepFollowerGroupInProduct == false)
{
followerGroupIdsToRemove.Add(companyFollowerGroup.ID);
}
}
foreach (CompanyFollowerGroupDTO companyFollowerGroupDto in productDTO.GroupsVisibleTo)
{
addFollowerGroupToProduct = true;
foreach (CompanyFollowerGroup companyFollowerGroup in product.GroupsVisibleTo)
{
if (companyFollowerGroup.ID == companyFollowerGroupDto.ID)
{
addFollowerGroupToProduct = false;
break;
}
}
if (addFollowerGroupToProduct == true)
{
followerGroupIdsToAdd.Add(companyFollowerGroupDto.ID);
}
}
foreach (long followerGroupId in followerGroupIdsToRemove)
{
product.GroupsVisibleTo.Remove(product.GroupsVisibleTo.Where(followerGroup => followerGroup.ID == followerGroupId).SingleOrDefault());
}
foreach (long followerGroupId in followerGroupIdsToAdd)
{
product.GroupsVisibleTo.Add(db.CompanyFollowerGroups.Where(followerGroup => followerGroup.ID == followerGroupId && followerGroup.CompanyID == user.Company.ID).SingleOrDefault());
}
}
else if (productDTO.Privacy == ProductPrivacy.Public || productDTO.Privacy == ProductPrivacy.Private)
{
product.GroupsVisibleTo.Clear();
}
db.Entry(product).State = EntityState.Modified;
ProductUpdate productUpdate = new ProductUpdate();
productUpdate.UserID = user.Id;
productUpdate.User = user;
productUpdate.ProductID = product.ID;
productUpdate.Product = product;
productUpdate.DateTime = DateTime.Now;
productUpdate.UpdateType = UpdateType.ProductEdited;
db.ProductUpdates.Add(productUpdate);
await db.SaveChangesAsync();
return(Ok(Mapper.Map <Product, ProductDTO>(product)));
}
public async Task <IHttpActionResult> UpdateMyCompanyProfile(CompanyProfileDTO companyProfileDTO)
{
string userName = User.Identity.Name;
User authenticatedUser = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (authenticatedUser == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
User user = db.Users.Find(companyProfileDTO.OwnerID);
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if (authenticatedUser != user)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (companyProfileDTO.URI != null)
{
Regex regex = new Regex("[^a-zA-Z0-9_-]");
companyProfileDTO.URI = companyProfileDTO.URI.Replace(" ", "-");
companyProfileDTO.URI = regex.Replace(companyProfileDTO.URI, "").ToLower();
if (companyProfileDTO.URI.Length == 0)
{
companyProfileDTO.URI = null;
}
else if (db.Companies.Where(company => company.URI == companyProfileDTO.URI && company.ID != companyProfileDTO.ID).SingleOrDefault() != null)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
}
else if (companyProfileDTO.ID == 0 && companyProfileDTO.URI == null)
{
Regex regex = new Regex("[^a-zA-Z0-9_-]");
companyProfileDTO.URI = companyProfileDTO.DisplayName.Replace(" ", "-");
companyProfileDTO.URI = regex.Replace(companyProfileDTO.URI, "").ToLower();
}
user.Company = Mapper.Map(companyProfileDTO, user.Company);
db.Entry(user).State = EntityState.Modified;
await db.SaveChangesAsync();
if (companyProfileDTO.Countries != null)
{
if (db.CompanyCountries.Any(cc => cc.CompanyId == user.Company.ID))
{
db.CompanyCountries.RemoveRange(db.CompanyCountries.Where(cc => cc.CompanyId == user.Company.ID));
await db.SaveChangesAsync();
}
List <CompanyCountry> countries = new List <CompanyCountry>();
foreach (string country in companyProfileDTO.Countries)
{
var countryModel = db.Countries.SingleOrDefault(c => c.Name == country);
if (countryModel != null)
{
CompanyCountry companyCountry = new CompanyCountry();
companyCountry.CompanyId = user.Company.ID;
companyCountry.CountryId = countryModel.Id;
countries.Add(companyCountry);
}
}
db.CompanyCountries.AddRange(countries);
await db.SaveChangesAsync();
}
if (!db.Sectors.Any(s => s.SectorName == companyProfileDTO.Sector))
{
Sector sector = new Sector();
sector.Active = true;
sector.CreateDate = DateTime.Now;
sector.SectorName = companyProfileDTO.Sector;
db.Sectors.Add(sector);
await db.SaveChangesAsync();
}
bool existingSkills = db.CompanySkills.Any(cs => cs.CompanyId == user.Company.ID);
if (existingSkills)
{
//remove it
List <CompanySkill> companySkills = db.CompanySkills.Where(cs => cs.CompanyId == user.Company.ID).ToList();
db.CompanySkills.RemoveRange(companySkills);
db.SaveChanges();
}
if (companyProfileDTO.Skills != null && companyProfileDTO.Skills.Count() > 0 && user.Company.ID > 0)
{
bool hasSkill = false;
foreach (string skill in companyProfileDTO.Skills)
{
CompanySkill existing = db.CompanySkills.SingleOrDefault(cs => cs.SkillName == skill && cs.CompanyId == user.Company.ID);
if (existing == null)
{
if (!db.Skills.Any(s => s.SkillName == skill))
{
Skill skillMaster = new Skill();
skillMaster.SkillName = skill;
skillMaster.Active = true;
skillMaster.CreateDate = DateTime.Now;
db.Skills.Add(skillMaster);
db.SaveChanges();
}
CompanySkill newSkill = new CompanySkill();
newSkill.CompanyId = user.Company.ID;
newSkill.SkillName = skill;
db.CompanySkills.Add(newSkill);
hasSkill = true;
}
}
if (hasSkill)
{
await db.SaveChangesAsync();
}
}
if (!user.OnboardingSkipped)
{
List <CompanyMember> companyMembers = await db.CompanyMembers.Where(c1 => c1.UserID == user.Id).ToListAsync();
if (companyMembers != null && companyMembers.Count > 0)
{
CompanyMember cm = companyMembers.FirstOrDefault();
if (cm != null)
{
db.CompanyMembers.Remove(cm);
await db.SaveChangesAsync();
}
}
}
return(Ok(Mapper.Map <Company, CompanyProfileDTO>(user.Company)));
}
public async Task <IHttpActionResult> UpdateProduct(CompanyFollowerGroupDTO companyFollowerGroupDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Find(companyFollowerGroupDTO.ID);
if (companyFollowerGroup == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((companyFollowerGroup.CompanyID != user.Company.ID) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
Mapper.Map(companyFollowerGroupDTO, companyFollowerGroup);
db.Entry(companyFollowerGroup).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok(Mapper.Map <CompanyFollowerGroup, CompanyFollowerGroupDTO>(companyFollowerGroup)));
}
