Esempio n. 1
0
        public IHttpActionResult DeleteUser(int id)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var userData = _db.Users.Find(id);

            if (userData == null)
            {
                return(NotFound());
            }
            userData.Permission = 0;
            Sql.UpData(userData.Permission);
            try
            {
                _db.SaveChanges();
                return(Ok(id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
        public IHttpActionResult DeleteCounty(int id)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var county = _db.Counties.Find(id);

            if (county == null)
            {
                return(NotFound());
            }
            county.Delete = true;
            Sql.UpData(county.Delete);
            try
            {
                _db.SaveChanges();
                return(Ok(id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 3
0
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddControllers();

            services.AddScoped <IRepositoryContextFactory, RepositoryContextFactory>();
            services.AddScoped <IOrderRepository>(
                provider =>
                new OrderRepository(Configuration.GetConnectionString("DefaultConnection"),
                                    provider.GetService <IRepositoryContextFactory>())
                );
            services.AddScoped <IOrderItemRepository>(
                provider =>
                new OrderItemRepository(Configuration.GetConnectionString("DefaultConnection"),
                                        provider.GetService <IRepositoryContextFactory>())
                );
            services.AddScoped <ICustomerRepository>(
                provider =>
                new CustomerRepository(Configuration.GetConnectionString("DefaultConnection"),
                                       provider.GetService <IRepositoryContextFactory>())
                );

            services.AddScoped <ICatalogRepository>(
                provider =>
                new CatalogRepository(Configuration.GetConnectionString("DefaultConnection"),
                                      provider.GetService <IRepositoryContextFactory>())
                );

            JwtAuth.SetAuthService(services);
            services.AddCors();
        }
        public IHttpActionResult PutCounty(int id, [FromBody] County newCounty)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var county = _db.Counties.Find(id);

            if (county == null)
            {
                return(NotFound());
            }
            county.Name      = newCounty.Name ?? county.Name;
            county.CountryId = county.CountryId;

            _db.Entry(county).State = EntityState.Modified;
            try
            {
                _db.SaveChanges();
                return(Ok(id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 5
0
        public IHttpActionResult GetUser(int id)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);
            var tokenId    = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);

            if ((permission & 1) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (tokenId != id)
            {
                return(BadRequest("使用者錯誤"));
            }
            var user = _db.Users.Find(id);

            return(Ok(new
            {
                user.Id,
                user.Account,
                user.Nickname,
                user.Name,
                user.Picture,
                user.Email,
                user.Phone,
                user.Birthday,
                user.BuyerAverageStar,
                user.SellerAverageStar
            }));
        }
Esempio n. 6
0
        public IHttpActionResult GetOrder(int id)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 2) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var order = _db.Orders.Find(id);

            return(Ok(new
            {
                order.Id,
                order.Name,
                order.Address,
                order.Email,
                order.Phone,
                order.Payment,
                order.Pickup,
                order.Status,
                order.TotalPrice,
                order.Remark,
                RoomName = order.Room.Name.FirstOrDefault(),
                RoomPicture = order.Room.Picture.FirstOrDefault(),
                Detail = order.OrderDetails.Select(detail => new
                {
                    detail.Id,
                    detail.Name,
                    detail.Price
                }).ToList(),
            }));
        }
Esempio n. 7
0
        public IHttpActionResult PutTag(int id, [FromBody] Tag newTag)
        {
            var token = JwtAuth.GetToken(Request.Headers.Authorization.Parameter);

            if ((Convert.ToInt32(token["Permission"]) & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var tag = _db.Tags.Find(id);

            if (tag == null)
            {
                return(NotFound());
            }
            tag.Name             = newTag.Name ?? tag.Name;
            tag.Color            = newTag.Color ?? tag.Color;
            _db.Entry(tag).State = EntityState.Modified;
            try
            {
                _db.SaveChanges();
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
            return(Ok(id));
        }
Esempio n. 8
0
        public IHttpActionResult DeleteOrder(int id)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 2) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var order = _db.Orders.Find(id);

            if (order == null)
            {
                return(NotFound());
            }
            order.Status = OrderStatus.訂單取消;
            Sql.UpData(order.Status);
            try
            {
                _db.SaveChanges();
                return(Ok(id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 9
0
        public IHttpActionResult DeleteTag(int id)
        {
            var token = JwtAuth.GetToken(Request.Headers.Authorization.Parameter);

            if ((Convert.ToInt32(token["Permission"]) & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var tag = _db.Tags.Find(id);

            if (tag == null)
            {
                return(NotFound());
            }
            tag.Delete = true;
            Sql.UpData(tag.Delete);
            try
            {
                _db.SaveChanges();
                return(Ok(id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 10
0
        public static void AddJwtLogin(this IServiceCollection services, JwtOptions jwtOptions, string connectionString)
        {
            UserDbContext.ConnectionString = connectionString;
            services.AddSingleton <IRepo <UserDbContext>, Repo <UserDbContext> >();
            services.AddScoped <AuthenticationService, AuthenticationService>();

            JwtAuth.AddJwtAuth(services, jwtOptions);
        }
Esempio n. 11
0
        public IHttpActionResult GetRoomUser()
        {
            var tokenId   = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);
            var roomUsers = _db.Rooms.Where(room => room.SellerId == tokenId);

            return(Ok(roomUsers.Select(room => new
            {
                room.Id,
            })));
        }
Esempio n. 12
0
        public IHttpActionResult PutRoom(int id, [FromBody] Room newRoom)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 4) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var room = _db.Rooms.Find(id);

            if (room == null)
            {
                return(NotFound());
            }
            var tokenId = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);

            if (tokenId != room.SellerId)
            {
                return(BadRequest("使用者錯誤"));
            }
            room.CountryId        = newRoom.CountryId == 0 ? room.CountryId : newRoom.CountryId;
            room.CountyId         = newRoom.CountyId == 0 ? room.CountyId : newRoom.CountyId;
            room.CityId           = newRoom.CityId == 0 ? room.CityId : newRoom.CityId;
            room.TagId            = newRoom.TagId == 0 ? room.TagId : newRoom.TagId;
            room.Name             = newRoom.Name ?? room.Name;
            room.Picture          = newRoom.Picture ?? room.Picture;
            room.Rule             = newRoom.Rule ?? room.Rule;
            room.TagText          = newRoom.TagText ?? room.TagText;
            room.MaxUsers         = newRoom.MaxUsers == 0 ? room.MaxUsers : newRoom.MaxUsers;
            room.Star             = newRoom.Star == 0 ? room.Star : newRoom.Star;
            room.R18              = newRoom.R18;
            room.RoomClose        = newRoom.RoomClose;
            room.RoomEnd          = DateTime.Now.AddHours(1);
            _db.Entry(room).State = EntityState.Modified;
            try
            {
                _db.SaveChanges();
                return(Ok(id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 13
0
        public IHttpActionResult GetRoomUser(int id)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var roomUsers = _db.RoomUsers.Where(room => room.RoomId == id);

            return(Ok(roomUsers.Select(user => new
            {
                user.User.Id,
                user.User.Nickname,
                user.User.Picture,
            })));
        }
Esempio n. 14
0
        public IHttpActionResult PostRoom([FromBody] Room room)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 4) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            room.RoomStart = DateTime.Now;
            room.RoomEnd   = DateTime.Now.AddHours(1);
            if (room.RoomStart > DateTime.Now && room.RoomEnd <= DateTime.Now)
            {
                room.RoomClose = true;
            }
            room.SellerId = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);
            if (room.CountryId == 0)
            {
                room.CountryId = 1;
            }
            if (room.CountyId == 0)
            {
                room.CountyId = 1;
            }
            if (room.CityId == 0)
            {
                room.CityId = 1;
            }
            if (room.TagId == 0)
            {
                room.TagId = 1;
            }
            _db.Rooms.Add(room);
            try
            {
                _db.SaveChanges();
                return(Ok(room.Id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 15
0
        public IHttpActionResult DeleteRoom(int id)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 4) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var room = _db.Rooms.Find(id);

            if (room == null)
            {
                return(NotFound());
            }
            var tokenId = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);

            if (tokenId != room.SellerId)
            {
                return(BadRequest("使用者錯誤"));
            }
            room.RoomClose        = true;
            _db.Entry(room).State = EntityState.Modified;
            try
            {
                _db.SaveChanges();
                return(Ok(id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
            //var roomUser = room.RoomUsers.FirstOrDefault(user => user.RoomId == id);
            //if (roomUser != null) return BadRequest("房間還有訪客");
            //_db.Rooms.Remove(room);
            //try
            //{
            //    _db.SaveChanges();
            //    return Ok(id);
            //}
            //catch (Exception e)
            //{
            //    return BadRequest(e.Message);
            //}
        }
        public IHttpActionResult GetBuyerRatings()
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 1) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var tokenId = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);
            var orders  = _db.Orders.Where(order => order.BuyerId == tokenId).ToList();

            return(Ok(orders.OrderByDescending(order => order.Id).Select(order => new
            {
                order.Id,
                order.Name,
                order.Address,
                order.Email,
                order.Phone,
                Payment = order.Payment.ToString(),
                Pickup = order.Pickup.ToString(),
                Status = order.Status.ToString(),
                order.TotalPrice,
                order.Remark,
                order.RoomId,
                RoomName = order.Room.Name,
                RoomPicture = order.Room.Picture,
                Detail = order.OrderDetails.Select(detail => new
                {
                    detail.Id,
                    detail.Name,
                    detail.Price
                }).ToList(),
                order.SellerId,
                SellerNickname = order.Seller.Nickname,
                SellerAccount = order.Seller.Account,
                SellerPicture = order.Seller.Picture,
                SellerStar = Star(order.SellerStar),
                order.SellerReviews,
                BuyerStar = Star(order.BuyerStar),
                order.BuyerReviews,
            })));
        }
Esempio n. 17
0
        public void TestCreateAndValidateInvalidToken()
        {
            var secret        = "2Fkc2Fkc2FkYXNkMTIzMTJhc2Rhc2RzYWRhc2Q=232";
            var aud           = "teste";
            var issuer        = "teste";
            var secretInvalid = "2Fkc2Fkc2FkYXNkMTIzMTJhc2Rhc2RzYWRhc2Q=";
            var audInvalid    = "teste";
            var issuerInvalid = "teste";
            var jwtAuth       = new JwtAuth(secret, aud, issuer);
            var jwtAuthIvalid = new JwtAuth(secretInvalid, audInvalid, issuerInvalid);
            var userId        = 1;

            var claims = CreateClaims(userId);

            var token      = jwtAuth.CreateToken(claims);
            var validation = jwtAuthIvalid.ValidateToken(token);

            Assert.False(validation.IsValid);
            Assert.Null(validation.Claims);
        }
Esempio n. 18
0
        public IHttpActionResult PostOrder(InputId inputId)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 2) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var order = new Order
            {
                TotalPrice = 0,
                SellerId   = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter),
                BuyerId    = inputId.BuyerId,
                RoomId     = inputId.RoomId
            };
            var tempDetails = _db.TempDetails.Where(x => x.BuyerId == inputId.BuyerId && x.RoomId == inputId.RoomId);

            foreach (var detail in tempDetails)
            {
                var newDerail = new OrderDetail
                {
                    Name    = detail.Name,
                    Price   = detail.Price,
                    OrderId = order.Id
                };
                order.TotalPrice += detail.Price;
                _db.OrderDetails.Add(newDerail);
                //產生產品明細
            }
            //產生訂單表
            _db.Orders.Add(order);
            try
            {
                _db.SaveChanges();
                return(Ok(order.Id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 19
0
        public void TestCreateAndValidateToken()
        {
            var secret     = "2Fkc2Fkc2FkYXNkMTIzMTJhc2Rhc2RzYWRhc2Q=232";
            var aud        = "teste";
            var issuer     = "teste";
            var jwtAuth    = new JwtAuth(secret, aud, issuer);
            var userId     = 1;
            var claims     = CreateClaims(userId);
            var token      = jwtAuth.CreateToken(claims);
            var validation = jwtAuth.ValidateToken(token);

            if (validation.IsValid)
            {
                var userIdClaim = validation.Claims.FindFirst(c => c.Type == USER_ID).Value;
                Assert.Equal(userId.ToString(), userIdClaim);
            }
            else
            {
                Assert.True(false);
            }
        }
Esempio n. 20
0
        public IHttpActionResult PutUser(int id, [FromBody] User newUser)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);
            var tokenId    = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);

            if ((permission & 1) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (tokenId != id)
            {
                return(BadRequest("使用者錯誤"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var user = _db.Users.Find(id);

            user.PasswordSalt     = Salt.CreateSalt();
            user.Password         = Salt.GenerateHashWithSalt(newUser.Password, user.PasswordSalt);
            user.Nickname         = newUser.Nickname ?? user.Nickname;
            user.Name             = newUser.Name ?? user.Name;
            user.Picture          = newUser.Picture ?? user.Picture;
            user.Email            = newUser.Email ?? user.Email;
            user.Phone            = newUser.Phone ?? user.Phone;
            user.Birthday         = user.Birthday;
            _db.Entry(user).State = EntityState.Modified;
            try
            {
                _db.SaveChanges();
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
            return(Ok(id));
        }
Esempio n. 21
0
        public IHttpActionResult DeleteRoomUser(int id)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 2) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var tokenId  = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);
            var roomUser = _db.RoomUsers.FirstOrDefault(x => x.RoomId == id && x.UserId == tokenId);
            var delUser  = _db.RoomUsers.Find(roomUser.Id);

            _db.RoomUsers.Remove(delUser);
            try
            {
                _db.SaveChanges();
                return(Ok(id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 22
0
        public IHttpActionResult PostTag([FromBody] Tag tag)
        {
            var token = JwtAuth.GetToken(Request.Headers.Authorization.Parameter);

            if ((Convert.ToInt32(token["Permission"]) & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            _db.Tags.Add(tag);
            try
            {
                _db.SaveChanges();
                return(Ok("新增成功"));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 23
0
        public IHttpActionResult GetUsers()
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            return(Ok(_db.Users.Select(user => new
            {
                user.Id,
                user.Account,
                user.Nickname,
                user.Name,
                user.Picture,
                user.Email,
                user.Phone,
                user.Birthday,
                user.Permission,
                user.BuyerAverageStar,
                user.SellerAverageStar
            })));
        }
Esempio n. 24
0
        public IHttpActionResult PostCountry([FromBody] Country country)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            _db.Countries.Add(country);
            try
            {
                _db.SaveChanges();
                return(Ok(country.Id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 25
0
        public IHttpActionResult PutOrder(int id, [FromBody] Order order)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 2) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var orderData = _db.Orders.Find(id);

            if (orderData == null)
            {
                return(NotFound());
            }
            orderData.Name             = string.IsNullOrEmpty(order.Name) ? orderData.Name : order.Name;
            orderData.Address          = string.IsNullOrEmpty(order.Address) ? orderData.Address : order.Address;
            orderData.Email            = string.IsNullOrEmpty(order.Email) ? orderData.Email : order.Email;
            orderData.Phone            = string.IsNullOrEmpty(order.Phone) ? orderData.Phone : order.Phone;
            orderData.Payment          = order.Payment == Payment.未選擇 ? orderData.Payment : order.Payment;
            orderData.Pickup           = order.Pickup == Pickup.未選擇 ? orderData.Pickup : order.Pickup;
            orderData.Status           = order.Status == OrderStatus.未選擇 ? orderData.Status : order.Status;
            orderData.Remark           = string.IsNullOrEmpty(order.Remark) ? orderData.Remark : order.Remark;
            _db.Entry(orderData).State = EntityState.Modified;
            try
            {
                _db.SaveChanges();
                return(Ok(id));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 26
0
        public IHttpActionResult GetOrders()
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 128) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            var orders = _db.Orders.ToList();

            return(Ok(orders.Select(order => new
            {
                order.Id,
                order.Name,
                order.Address,
                order.Email,
                order.Phone,
                order.Payment,
                order.Pickup,
                Status = order.Status.ToString(),
                order.TotalPrice,
                order.Remark,
                RoomName = order.Room.Name.FirstOrDefault(),
                RoomPicture = order.Room.Picture.FirstOrDefault(),
                Detail = order.OrderDetails.Select(detail => new
                {
                    detail.Id,
                    detail.Name,
                    detail.Price
                }),
                order.BuyerStar,
                order.BuyerReviews,
                order.SellerStar,
                order.SellerReviews,
            })));
        }
Esempio n. 27
0
        public IActionResult Auth([FromBody] UserViewModel user)
        {
            try
            {
                var userExists = _userService.CheckUserExists(user.Email, user.Password);
                if (userExists == null || userExists.Password != user.Password)
                {
                    return(BadRequest(new { Message = "Email e/ou senha está(ão) inválido(s)." }));
                }

                var key   = _configuration.GetValue <string>("AuthenticationSettings:Key");
                var token = JwtAuth.GenerateToken(Encoding.ASCII.GetBytes(key));

                return(Ok(new
                {
                    Token = token,
                    Usuario = userExists
                }));
            }
            catch (Exception ex)
            {
                return(BadRequest(new { Message = "Ocorreu algum erro interno na aplicação, por favor tente novamente.", ExceptionMessage = ex.Message }));
            }
        }
 public AdvertController(AdvertAccess advertAccess, IOptions <AppSetting> appSetting, JwtAuth jwtAuth)
 {
     _advertAccess = advertAccess;
     _appSetting   = appSetting.Value;
     _jwtAuth      = jwtAuth;
 }
Esempio n. 29
0
        public IHttpActionResult PutRatings(int id, Ratings newRating)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);
            var tokenId    = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);
            var user       = _db.Users.Find(tokenId);

            if ((permission & 16) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var order = _db.Orders.Find(id);

            if (order == null)
            {
                return(NotFound());
            }
            if (order.SellerId == tokenId)
            {
                order.BuyerStar    = newRating.BuyerStar;
                order.BuyerReviews = newRating.BuyerReviews;
                if (order.Buyer.SellerAverageStar > 0)
                {
                    order.Buyer.SellerAverageStar += newRating.SellerStar;
                    order.Buyer.SellerAverageStar /= 2;
                }
                else
                {
                    order.Buyer.SellerAverageStar = newRating.SellerStar;
                }
            }
            else
            {
                order.SellerStar    = newRating.SellerStar;
                order.SellerReviews = newRating.SellerReviews;
                if (order.Seller.BuyerAverageStar > 0)
                {
                    order.Seller.BuyerAverageStar += newRating.BuyerStar;
                    order.Seller.BuyerAverageStar /= 2;
                }
                else
                {
                    order.Seller.BuyerAverageStar = newRating.BuyerStar;
                }
            }
            _db.Entry(user).State  = EntityState.Modified;
            _db.Entry(order).State = EntityState.Modified;
            try
            {
                _db.SaveChanges();
                return(Ok(new
                {
                    id,
                    order.SellerId,
                    order.BuyerId,
                    tokenId
                }));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }
Esempio n. 30
0
        public IHttpActionResult PostRoomUser([FromBody] Room room)
        {
            var permission = JwtAuth.GetTokenPermission(Request.Headers.Authorization.Parameter);

            if ((permission & 2) <= 0)
            {
                return(BadRequest("權限不足"));
            }
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var roomData = _db.Rooms.Find(room.Id);

            if (roomData != null && roomData.RoomClose)
            {
                return(BadRequest("找不到房間"));
            }
            var roomUsers = _db.RoomUsers.Where(x => x.RoomId == room.Id);
            var tokenId   = JwtAuth.GetTokenId(Request.Headers.Authorization.Parameter);

            if (roomData.SellerId == tokenId)
            {
                // 房主直接進入
                return(Ok(roomUsers.Select(user => new
                {
                    user.RoomId,
                    user.Room.Name,
                    UserId = user.User.Id,
                    UserName = user.User.Name,
                    UserPicture = user.User.Picture,
                    user.Status
                })));
            }
            var joinedUser = roomUsers.Where(user => user.User.Id == tokenId);

            if (joinedUser.Any())
            {
                // 房客直接進入
                return(Ok(joinedUser.Select(user => new
                {
                    user.RoomId,
                    user.Room.Name,
                    UserId = user.User.Id,
                    UserName = user.User.Name,
                    UserPicture = user.User.Picture,
                    user.Status
                })));
            }
            if (roomData.MaxUsers < roomUsers.Count())
            {
                return(BadRequest("人數已經滿"));
            }
            // 不在房間內則進入
            var newUser = new RoomUser
            {
                RoomId = room.Id,
                UserId = tokenId,
                Status = UserStatus.無訂單
            };

            _db.RoomUsers.Add(newUser);
            try
            {
                _db.SaveChanges();
                return(Ok(roomUsers.Select(user => new
                {
                    user.RoomId,
                    user.Room.Name,
                    UserId = user.User.Id,
                    UserName = user.User.Name,
                    UserPicture = user.User.Picture,
                    user.Status
                })));
            }
            catch (Exception e)
            {
                return(BadRequest(e.Message));
            }
        }