public FTSDTOForAdmin Create(int formId, string teacherId, int subjectId) { Form foundForm = formsService.GetByID(formId); if (foundForm == null) { throw new HttpException("The Form with id: " + formId + " was not found"); } if (foundForm.Started.AddDays(360).CompareTo(DateTime.UtcNow) < 0) { throw new HttpException("The Form with id: " + formId + " was not created for this shool year. " + "This form is from: " + foundForm.Started.Year + ". Classes must be assign to a form from this school year."); } TeacherToSubject foundTeacherToSubject = teachersToSubjectsService.GetActiveTeacherToSubjectByTeacherIdAndSubjectId(teacherId, subjectId); if (foundForm.Grade != foundTeacherToSubject.Subject.Grade) { throw new HttpException("The subject and teacher combination with id: " + foundTeacherToSubject.Id + " has " + "the subject that is taught in grade " + foundTeacherToSubject.Subject.Grade + "and it can not be assigned to the grade " + foundForm.Grade + " in form " + foundForm.Id); } FormToTeacherSubject duplicate = db.FormsToTeacherSubjectsRepository.GetDuplicate(foundForm.Id, foundTeacherToSubject.Id); if (duplicate != null) { throw new HttpException("The combination form-teacher-subject you are trying to create already exists - FTS Id: " + duplicate.Id); } FormToTeacherSubject fts = new FormToTeacherSubject { Form = foundForm, TeacherToSubject = foundTeacherToSubject, Started = DateTime.UtcNow, Stopped = null }; db.FormsToTeacherSubjectsRepository.Insert(fts); db.Save(); FTSDTOForAdmin dto = toDTO.ConvertToFTSDTOForAdmin(fts); return(dto); }
public async Task <StudentDTOForAdmin> Update(string id, PutStudentDTO updated) { Student found = db.StudentsRepository.GetByID(id); if (found == null) { throw new HttpException("The student with id: " + id + " was not found."); } if (updated.UserName != null) { ApplicationUser foundByUserName = await usersService.FindUserByUserName(updated.UserName); if (foundByUserName != null && foundByUserName.Id != found.Id) { throw new HttpException("The username " + updated.UserName + " already exists."); } found.UserName = updated.UserName; } if (updated.Jmbg != null) { ApplicationUser foundByJmbg = usersService.GetByJmbg(updated.Jmbg); if (foundByJmbg != null && foundByJmbg.Id != found.Id) { throw new HttpException("The user with JMBG: " + updated.Jmbg + " is already in the sistem." + "Leave blank if you don't want to change the JMBG."); } } if (updated.FirstName != null) { found.FirstName = updated.FirstName; } if (updated.LastName != null) { found.LastName = updated.LastName; } if (updated.Email != null) { found.Email = updated.Email; } if (updated.EmailConfirmed != null) { found.EmailConfirmed = (bool)updated.EmailConfirmed; } if (updated.PhoneNumber != null) { found.PhoneNumber = updated.PhoneNumber; } if (updated.PhoneNumberConfirmed != null) { found.PhoneNumberConfirmed = (bool)updated.PhoneNumberConfirmed; } if (updated.DayOfBirth != null) { found.DayOfBirth = (DateTime)updated.DayOfBirth; } if (updated.IsActive != null) { found.IsActive = (bool)updated.IsActive; } if (updated.FormId != null) { Form foundForm = formsService.GetByID((int)updated.FormId); if (foundForm == null) { throw new HttpException("The Form with id: " + updated.FormId + " was not found."); } if (foundForm.Started.AddDays(360).CompareTo(DateTime.UtcNow) < 0) { throw new HttpException("The Form with id: " + id + " was not created for this shool year. " + "This form is from: " + foundForm.Started.Year + ". Students must be assign to a form from this school year."); } found.Form = foundForm; } db.StudentsRepository.Update(found); db.Save(); emailsService.CreateMailForUserUpdate(found.Id); emailsService.CreateMailForParentForStudentUpdate(found.Id); StudentDTOForAdmin updatedDTO = new StudentDTOForAdmin(); updatedDTO = toDTO.ConvertToStudentDTOForAdmin(found, (List <IdentityUserRole>)found.Roles); return(updatedDTO); }
public HttpResponseMessage GetForm(int id) { string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value; string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value; logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Form by id: " + id); try { Form form = formsService.GetByID(id); if (form == null) { logger.Info("The form with id: " + id + " was not found."); return(Request.CreateResponse(HttpStatusCode.BadRequest, "The form with id: " + id + " was not found.")); } if (userRole == "admin") { logger.Info("Requesting found form convert for " + userRole + "role."); FormDTOForAdmin dto = toDTO.ConvertToFormDTOForAdmin(form); if (dto == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong.")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, dto)); } else if (userRole == "teacher") { logger.Info("Requesting found form convert for " + userRole + "role."); FormDTOForTeacher dto = toDTO.ConvertToFormDTOForTeacher(form); if (dto == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong.")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, dto)); } else if (form.Students.Any(x => x.Id == userId) == true || form.Students.Any(x => x.Parent.Id == userId) == true) { logger.Info("Requesting found form convert for " + userRole + " role."); FormDTOForStudentAndParents dto = toDTO.ConvertToFormDTOForStudentAndParent(form); if (dto == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong.")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, dto)); } else { logger.Info("Authorisation failure. User " + userId + " is not authorised for this request."); return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " + "We’re sorry, but you are not authorized to perform the requested operation.")); } } catch (Exception e) { logger.Error(e); return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e)); } }