public FTSDTOForAdmin Create(int formId, string teacherId, int subjectId)
{
Form foundForm = formsService.GetByID(formId);
if (foundForm == null)
{
throw new HttpException("The Form with id: " + formId + " was not found");
}
if (foundForm.Started.AddDays(360).CompareTo(DateTime.UtcNow) < 0)
{
throw new HttpException("The Form with id: " + formId + " was not created for this shool year. " +
"This form is from: " + foundForm.Started.Year + ". Classes must be assign to a form from this school year.");
}
TeacherToSubject foundTeacherToSubject = teachersToSubjectsService.GetActiveTeacherToSubjectByTeacherIdAndSubjectId(teacherId, subjectId);
if (foundForm.Grade != foundTeacherToSubject.Subject.Grade)
{
throw new HttpException("The subject and teacher combination with id: " + foundTeacherToSubject.Id + " has " +
"the subject that is taught in grade " + foundTeacherToSubject.Subject.Grade +
"and it can not be assigned to the grade " + foundForm.Grade + " in form " + foundForm.Id);
}
FormToTeacherSubject duplicate = db.FormsToTeacherSubjectsRepository.GetDuplicate(foundForm.Id, foundTeacherToSubject.Id);
if (duplicate != null)
{
throw new HttpException("The combination form-teacher-subject you are trying to create already exists - FTS Id: " + duplicate.Id);
}
FormToTeacherSubject fts = new FormToTeacherSubject
{
Form = foundForm,
TeacherToSubject = foundTeacherToSubject,
Started = DateTime.UtcNow,
Stopped = null
};
db.FormsToTeacherSubjectsRepository.Insert(fts);
db.Save();
FTSDTOForAdmin dto = toDTO.ConvertToFTSDTOForAdmin(fts);
return(dto);
}
public async Task <StudentDTOForAdmin> Update(string id, PutStudentDTO updated)
{
Student found = db.StudentsRepository.GetByID(id);
if (found == null)
{
throw new HttpException("The student with id: " + id + " was not found.");
}
if (updated.UserName != null)
{
ApplicationUser foundByUserName = await usersService.FindUserByUserName(updated.UserName);
if (foundByUserName != null && foundByUserName.Id != found.Id)
{
throw new HttpException("The username " + updated.UserName + " already exists.");
}
found.UserName = updated.UserName;
}
if (updated.Jmbg != null)
{
ApplicationUser foundByJmbg = usersService.GetByJmbg(updated.Jmbg);
if (foundByJmbg != null && foundByJmbg.Id != found.Id)
{
throw new HttpException("The user with JMBG: " + updated.Jmbg + " is already in the sistem." +
"Leave blank if you don't want to change the JMBG.");
}
}
if (updated.FirstName != null)
{
found.FirstName = updated.FirstName;
}
if (updated.LastName != null)
{
found.LastName = updated.LastName;
}
if (updated.Email != null)
{
found.Email = updated.Email;
}
if (updated.EmailConfirmed != null)
{
found.EmailConfirmed = (bool)updated.EmailConfirmed;
}
if (updated.PhoneNumber != null)
{
found.PhoneNumber = updated.PhoneNumber;
}
if (updated.PhoneNumberConfirmed != null)
{
found.PhoneNumberConfirmed = (bool)updated.PhoneNumberConfirmed;
}
if (updated.DayOfBirth != null)
{
found.DayOfBirth = (DateTime)updated.DayOfBirth;
}
if (updated.IsActive != null)
{
found.IsActive = (bool)updated.IsActive;
}
if (updated.FormId != null)
{
Form foundForm = formsService.GetByID((int)updated.FormId);
if (foundForm == null)
{
throw new HttpException("The Form with id: " + updated.FormId + " was not found.");
}
if (foundForm.Started.AddDays(360).CompareTo(DateTime.UtcNow) < 0)
{
throw new HttpException("The Form with id: " + id + " was not created for this shool year. " +
"This form is from: " + foundForm.Started.Year + ". Students must be assign to a form from this school year.");
}
found.Form = foundForm;
}
db.StudentsRepository.Update(found);
db.Save();
emailsService.CreateMailForUserUpdate(found.Id);
emailsService.CreateMailForParentForStudentUpdate(found.Id);
StudentDTOForAdmin updatedDTO = new StudentDTOForAdmin();
updatedDTO = toDTO.ConvertToStudentDTOForAdmin(found, (List <IdentityUserRole>)found.Roles);
return(updatedDTO);
}
public HttpResponseMessage GetForm(int id)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value;
logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Form by id: " + id);
try
{
Form form = formsService.GetByID(id);
if (form == null)
{
logger.Info("The form with id: " + id + " was not found.");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "The form with id: " + id + " was not found."));
}
if (userRole == "admin")
{
logger.Info("Requesting found form convert for " + userRole + "role.");
FormDTOForAdmin dto = toDTO.ConvertToFormDTOForAdmin(form);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else if (userRole == "teacher")
{
logger.Info("Requesting found form convert for " + userRole + "role.");
FormDTOForTeacher dto = toDTO.ConvertToFormDTOForTeacher(form);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else if (form.Students.Any(x => x.Id == userId) == true ||
form.Students.Any(x => x.Parent.Id == userId) == true)
{
logger.Info("Requesting found form convert for " + userRole + " role.");
FormDTOForStudentAndParents dto = toDTO.ConvertToFormDTOForStudentAndParent(form);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else
{
logger.Info("Authorisation failure. User " + userId + " is not authorised for this request.");
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " +
"We’re sorry, but you are not authorized to perform the requested operation."));
}
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
}
}
