Esempio n. 1
0
        public IHttpActionResult PutAccommodation(int id, Accommodation a)
        {

            IdentityUser user = this.UserManager.FindById(User.Identity.GetUserId());
            int? userId = (user as BAIdentityUser).appUserId;
            var userRole = user.Roles.First().RoleId;
            BAContext BAContext = new BAContext();
            var role = BAContext.Roles.FirstOrDefault(r => r.Id == userRole);

            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            if (id != a.Id)
            {
                return BadRequest();
            }

            if (!(role.Name.Equals("Admin")) && !(role.Name.Equals("Manager")) && (a.AppUserId != userId))
            {
                return Unauthorized();
            }

            AppUser manager = db.AppUsers.Where((x) => x.Id.Equals(a.AppUserId)).FirstOrDefault();
            if ((manager == null) || (manager.Banned))
            {
                return Unauthorized();
            }

            if(role.Name.Equals("Admin"))
            {
                AccommodationNotificationHub.AccommodationApproved(a);
            }

            db.Entry(a).State = EntityState.Modified;

            try
            {
                db.SaveChanges();
            }
            catch (DbUpdateConcurrencyException)
            {
                if (!AccommodationExists(id))
                {
                    return NotFound();
                }
                else
                {
                    throw;
                }
            }

            return StatusCode(HttpStatusCode.NoContent);
        }
Esempio n. 2
0
        public IHttpActionResult PostAccommodation()
        {
            Accommodation a = new Accommodation();

            if (!ModelState.IsValid)
            {
                return BadRequest(ModelState);
            }

            var httpRequest = HttpContext.Current.Request;
            a = JsonConvert.DeserializeObject<Accommodation>(httpRequest.Form[0]);

            AppUser manager = db.AppUsers.Where((x) => x.Id.Equals(a.AppUserId)).FirstOrDefault();
            if ((manager == null) || (manager.Banned))
            {
                return Unauthorized();
            }

            foreach (string file in httpRequest.Files)
            {
                HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created);

                var postedFile = httpRequest.Files[file];
                if (postedFile != null && postedFile.ContentLength > 0)
                {
                    IList<string> AllowedFileExtensions = new List<string> { ".jpg", ".gif", ".png" };
                    var ext = postedFile.FileName.Substring(postedFile.FileName.LastIndexOf('.'));
                    var extension = ext.ToLower();
                    if (!AllowedFileExtensions.Contains(extension))
                    {
                        return BadRequest();
                    }
                    else
                    {
                        var filePath = HttpContext.Current.Server.MapPath("~/Content/AccommodationPictures/" + postedFile.FileName);
                        a.ImageUrl = "Content/AccommodationPictures/" + postedFile.FileName;
                        postedFile.SaveAs(filePath);
                    }
                }
            }

            db.Accommodations.Add(a);
            db.SaveChanges();
            AccommodationNotificationHub.AccommodationAdded(a);
            return CreatedAtRoute("DefaultApi", new { controller = "Accommodation", id = a.Id }, a);
        }