public async Task <IActionResult> Put(int id, [FromBody] LearnObjectViewModel vm) { String usrName = String.Empty; if (Startup.UnitTestMode) { usrName = UnitTestUtility.UnitTestUser; } else { var usrObj = HIHAPIUtility.GetUserClaim(this); usrName = usrObj.Value; } if (String.IsNullOrEmpty(usrName)) { return(BadRequest("User cannot recognize")); } if (vm == null) { return(BadRequest("No data is inputted")); } if (vm.HID <= 0) { return(BadRequest("No Home Inputted")); } if (vm.Name != null) { vm.Name = vm.Name.Trim(); } if (String.IsNullOrEmpty(vm.Name)) { return(BadRequest("Name is a must!")); } // Update the database SqlConnection conn = null; SqlCommand cmd = null; String queryString = ""; String strErrMsg = ""; HttpStatusCode errorCode = HttpStatusCode.OK; try { queryString = @"UPDATE [dbo].[t_learn_obj] SET [CATEGORY] = @CTGY ,[NAME] = @NAME ,[CONTENT] = @CONTENT ,[UPDATEDBY] = @UPDATEDBY ,[UPDATEDAT] = @UPDATEDAT WHERE [ID] = @OBJID"; using (conn = new SqlConnection(Startup.DBConnectionString)) { await conn.OpenAsync(); // Check Home assignment with current user try { HIHAPIUtility.CheckHIDAssignment(conn, vm.HID, usrName); } catch (Exception) { errorCode = HttpStatusCode.BadRequest; throw; } cmd = new SqlCommand(queryString, conn); cmd.Parameters.AddWithValue("@CTGY", vm.CategoryID); cmd.Parameters.AddWithValue("@NAME", vm.Name); cmd.Parameters.AddWithValue("@CONTENT", vm.Content); cmd.Parameters.AddWithValue("@UPDATEDBY", usrName); cmd.Parameters.AddWithValue("@UPDATEDAT", DateTime.Now); cmd.Parameters.AddWithValue("@OBJID", vm.ID); Int32 nRst = await cmd.ExecuteNonQueryAsync(); } } catch (Exception exp) { System.Diagnostics.Debug.WriteLine(exp.Message); strErrMsg = exp.Message; if (errorCode == HttpStatusCode.OK) { errorCode = HttpStatusCode.InternalServerError; } } finally { if (cmd != null) { cmd.Dispose(); cmd = null; } if (conn != null) { conn.Dispose(); conn = null; } } if (errorCode != HttpStatusCode.OK) { switch (errorCode) { case HttpStatusCode.Unauthorized: return(Unauthorized()); case HttpStatusCode.NotFound: return(NotFound()); case HttpStatusCode.BadRequest: return(BadRequest(strErrMsg)); default: return(StatusCode(500, strErrMsg)); } } var setting = new Newtonsoft.Json.JsonSerializerSettings { DateFormatString = HIHAPIConstants.DateFormatPattern, ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver() }; return(new JsonResult(vm, setting)); }
public async Task <IActionResult> Post([FromBody] LearnObjectViewModel vm) { String usrName = String.Empty; if (Startup.UnitTestMode) { usrName = UnitTestUtility.UnitTestUser; } else { var usrObj = HIHAPIUtility.GetUserClaim(this); usrName = usrObj.Value; } if (String.IsNullOrEmpty(usrName)) { return(BadRequest("User cannot recognize")); } if (vm == null) { return(BadRequest("No data is inputted")); } if (vm.HID <= 0) { return(BadRequest("No Home Inputted")); } if (vm.Name != null) { vm.Name = vm.Name.Trim(); } if (String.IsNullOrEmpty(vm.Name)) { return(BadRequest("Name is a must!")); } // Update the database SqlConnection conn = null; SqlCommand cmd = null; SqlDataReader reader = null; String queryString = ""; Int32 nNewID = -1; String strErrMsg = ""; HttpStatusCode errorCode = HttpStatusCode.OK; try { queryString = @"SELECT [ID] FROM [dbo].[t_learn_obj] WHERE [Name] = N'" + vm.Name + "' AND [HID] = " + vm.HID.ToString(); using (conn = new SqlConnection(Startup.DBConnectionString)) { await conn.OpenAsync(); // Check Home assignment with current user try { HIHAPIUtility.CheckHIDAssignment(conn, vm.HID, usrName); } catch (Exception) { errorCode = HttpStatusCode.BadRequest; throw; } cmd = new SqlCommand(queryString, conn); reader = cmd.ExecuteReader(); if (reader.HasRows) { Int32 nDuplicatedID = -1; while (reader.Read()) { nDuplicatedID = reader.GetInt32(0); break; } errorCode = HttpStatusCode.BadRequest; throw new Exception("Object with name already exists: " + nDuplicatedID.ToString()); } else { reader.Dispose(); reader = null; cmd.Dispose(); cmd = null; // Now go ahead for the creating queryString = @"INSERT INTO [dbo].[t_learn_obj] ([HID] ,[CATEGORY] ,[NAME] ,[CONTENT] ,[CREATEDBY] ,[CREATEDAT]) VALUES (@HID ,@CTGY ,@NAME ,@CONTENT ,@CREATEDBY ,@CREATEDAT ); SELECT @Identity = SCOPE_IDENTITY();"; cmd = new SqlCommand(queryString, conn); cmd.Parameters.AddWithValue("@HID", vm.HID); cmd.Parameters.AddWithValue("@CTGY", vm.CategoryID); cmd.Parameters.AddWithValue("@NAME", vm.Name); cmd.Parameters.AddWithValue("@CONTENT", vm.Content); cmd.Parameters.AddWithValue("@CREATEDBY", usrName); cmd.Parameters.AddWithValue("@CREATEDAT", vm.CreatedAt); SqlParameter idparam = cmd.Parameters.AddWithValue("@Identity", SqlDbType.Int); idparam.Direction = ParameterDirection.Output; Int32 nRst = await cmd.ExecuteNonQueryAsync(); nNewID = (Int32)idparam.Value; } } } catch (Exception exp) { System.Diagnostics.Debug.WriteLine(exp.Message); strErrMsg = exp.Message; if (errorCode == HttpStatusCode.OK) { errorCode = HttpStatusCode.InternalServerError; } } finally { if (reader != null) { reader.Dispose(); reader = null; } if (cmd != null) { cmd.Dispose(); cmd = null; } if (conn != null) { conn.Dispose(); conn = null; } } if (errorCode != HttpStatusCode.OK) { switch (errorCode) { case HttpStatusCode.Unauthorized: return(Unauthorized()); case HttpStatusCode.NotFound: return(NotFound()); case HttpStatusCode.BadRequest: return(BadRequest(strErrMsg)); default: return(StatusCode(500, strErrMsg)); } } vm.ID = nNewID; var setting = new Newtonsoft.Json.JsonSerializerSettings { DateFormatString = HIHAPIConstants.DateFormatPattern, ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver() }; return(new JsonResult(vm, setting)); }