public void EditStudentProfile(int accountId, UserProfileDTO newUserProfileInfo)
{
Account accountToEdit = _userManagementServices.FindById(accountId);
Student studentToEdit = _userManagementServices.FindStudentById(accountId);
if (accountToEdit == null)
{
throw new AccountNotFoundException();
}
if (studentToEdit == null)
{
throw new NotAStudentException();
}
accountToEdit.FirstName = newUserProfileInfo.FirstName;
accountToEdit.MiddleName = newUserProfileInfo.MiddleName;
accountToEdit.LastName = newUserProfileInfo.LastName;
accountToEdit.LogTelemetry = newUserProfileInfo.AllowTelemetry;
ISchoolRegistrationService schoolRegistrationServices = new SchoolRegistrationService(this._DbContext);
Department department = schoolRegistrationServices.FindDepartment(
newUserProfileInfo.DepartmentName
);
if (department == null)
{
throw new DepartmentNotFoundException();
}
studentToEdit.SchoolDepartmentId = department.Id;
// TODO allow telemetry
_userManagementServices.UpdateUser(accountToEdit);
_userManagementServices.UpdateStudent(studentToEdit);
this._DbContext.SaveChanges();
}
public IHttpActionResult Post(RegistrationData registrationData)
{
SecurityContext securityContext = SecurityContextBuilder.CreateSecurityContext(
Request.Headers
);
if (securityContext == null)
{
return(Unauthorized());
}
SessionManager sm = new SessionManager();
if (!sm.ValidateSession(securityContext.Token))
{
return(Unauthorized());
}
AuthorizationManager authorizationManager = new AuthorizationManager(
securityContext
);
// TODO get this from table in database.
List <string> requiredClaims = new List <string>()
{
"CanRegister"
};
if (!authorizationManager.CheckClaims(requiredClaims))
{
return(Unauthorized());
}
else
{
UserManager um = new UserManager();
Account user = um.FindByUserName(securityContext.UserName);
if (user == null)
{
return(NotFound());
}
user.FirstName = registrationData.FirstName;
user.MiddleName = registrationData.MiddleName;
user.LastName = registrationData.LastName;
// User is a student
if (registrationData.SchoolId > 0)
{
using (var _db = new DatabaseContext())
{
ISchoolRegistrationService srs = new SchoolRegistrationService(_db);
var school = srs.FindSchool(registrationData.SchoolId);
var domainIndex = user.UserName.IndexOf('@');
if (school.EmailDomain.Equals(user.UserName.Substring(domainIndex + 1)))
{
var schoolDepartment = srs.FindSchoolDepartment(registrationData.SchoolId, registrationData.DepartmentId);
Student student = new Student(user.Id, schoolDepartment.Id);
var selectedCourses = srs.GetSchoolTeacherCourses(registrationData.selectedCourseIds);
student.Courses = selectedCourses;
user.Students.Add(student);
}
else
{
return(BadRequest("User's Email Does Not Match School's Email Domain"));
}
}
}
// TODO test this.
user.DateOfBirth = registrationData.DateOfBirth;
um.UpdateUserAccount(user);
if (registrationData.SchoolId > 0)
{
um.SetCategory(user.Id, "Student");
}
else
{
um.SetCategory(user.Id, "NonStudent");
}
um.RemoveClaimAction(user.Id, "CanRegister");
um.AutomaticClaimAssigning(user);
string updatedToken = sm.RefreshSessionUpdatedPayload(
securityContext.Token,
securityContext.UserId
);
Dictionary <string, string> responseContent = new Dictionary <string, string>()
{
{ "SITtoken", updatedToken }
};
return(Ok(responseContent));
}
}
