/// <summary>
/// Saves user settings.
/// </summary>
/// <param name="uid">The uid of user.</param>
/// <param name="userSettings">The user settings to be saved.</param>
public void SaveSettings(long uid, UserSettingsRequest userSettings)
{
UserSettingsEntry userSettingsEntry = new UserSettingsEntry();
userSettingsEntry.ChartBeginTime = userSettings.BeginDate;
userSettingsEntry.ChartEndTime = userSettings.EndDate;
userSettingsEntry.CookieUid = uid;
ExplorerRepository.RemoveCorrespondanceEntries(userSettingsEntry);
//userSettingsEntry.CurrencyCodes = ExplorerRepository.GetCodeEntries().Where(x => userSettings.CurrencyValues.Contains(x.Value)).ToList();
UserLanguageEntry newUserLanguageEntry = new UserLanguageEntry();
newUserLanguageEntry.Language = userSettings.Language.ToString();
ExplorerRepository.AddUserLanguage(newUserLanguageEntry);
userSettingsEntry.Language = newUserLanguageEntry;
ExplorerRepository.SaveUserSettings(userSettingsEntry);
var correspCurrencyCodes =
ExplorerRepository.GetCodeEntries().Where(x => userSettings.CurrencyValues.Contains(x.Value)).ToList();
foreach (CurrencyCodeEntry currencyCode in correspCurrencyCodes)
{
CorrespondanceEntry correspondanceEntry = new CorrespondanceEntry();
correspondanceEntry.UserSettings = userSettingsEntry;
correspondanceEntry.CurrencyCode = currencyCode;
ExplorerRepository.AddCorrespondenceEntry(correspondanceEntry);
}
}
public UserSettingsEntry LoadUserSettings(long uid)
{
UserSettingsEntry userSettingsEntry =
_currencyDataContext.UserSettingsEntries.FirstOrDefault(x => x.CookieUid == uid);
return(userSettingsEntry);
}
public void SaveUserSettings(UserSettingsEntry userSettings)
{
//var all = _currencyDataContext.UserSettingsEntries.ToArray();
var langs = _currencyDataContext.UserLanguageEntries.ToArray();
UserSettingsEntry data = _currencyDataContext.UserSettingsEntries.FirstOrDefault(x => x.Equals(userSettings));
if (data == null)
{
_currencyDataContext.UserSettingsEntries.Add(userSettings);
_currencyDataContext.SaveChanges();
}
else
{
// BUG: Updating is not implemented.
string sql = $"UPDATE UserSettingsEntry SET LanguageId = {userSettings.Language.Id} WHERE Id = {data.Id}";
_currencyDataContext.Database.ExecuteSqlCommand(sql);
/*data.ChartBeginTime = userSettings.ChartBeginTime;
* data.ChartEndTime = userSettings.ChartEndTime;
* data.Language = userSettings.Language;
*
* //_currencyDataContext.Entry(data).State = EntityState.Modified;
*
* _currencyDataContext.Update(data);
*
* _currencyDataContext.SaveChanges();*/
// DANGEROUS!
userSettings.Id = data.Id;
}
}
public void RemoveCorrespondanceEntries(UserSettingsEntry userSettingsEntry)
{
var existingEnties = _currencyDataContext.CorrespondanceEntries.Where(
x => x.UserSettings.Equals(userSettingsEntry)).ToList();
_currencyDataContext.CorrespondanceEntries.RemoveRange(existingEnties);
_currencyDataContext.SaveChanges();
}
public void SaveUserSettings(UserSettingsEntry userSettings)
{
var langs = _currencyDataContext.UserLanguageEntries.ToArray();
UserSettingsEntry data = _currencyDataContext.UserSettingsEntries.FirstOrDefault(x => x.Equals(userSettings));
if (data == null)
{
_currencyDataContext.UserSettingsEntries.Add(userSettings);
_currencyDataContext.SaveChanges();
}
else
{
string sql = $"UPDATE UserSettingsEntry SET LanguageId = {userSettings.Language.Id} WHERE Id = {data.Id}";
_currencyDataContext.Database.ExecuteSqlCommand(sql);
// DANGEROUS!
userSettings.Id = data.Id;
}
}
/// <summary>
/// Loads user settings.
/// </summary>
/// <param name="uid">The uid of user.</param>
/// <returns>User settings for specified user uid.</returns>
public UserSettings LoadSettings(long uid)
{
UserSettings userSettings = null;
var langs = ExplorerRepository.GetUserLanguages().ToList();
UserSettingsEntry userSettingsEntry = ExplorerRepository.LoadUserSettings(uid);
if (userSettingsEntry != null)
{
userSettings = new UserSettings();
userSettings.Language = (CurrencyExplorerLanguage)Enum.Parse(typeof(CurrencyExplorerLanguage), userSettingsEntry.Language.Language);
userSettings.TimePeriod = new ChartTimePeriod(userSettingsEntry.ChartBeginTime, userSettingsEntry.ChartEndTime);
userSettings.Currencies =
ExplorerRepository.GetCorrespondanceEntries(userSettingsEntry).Select(x => new CurrencyDataEntry()
{
DbCurrencyCodeEntry = x.CurrencyCode
});
}
return(userSettings);
}
private void HandlePutRequest(HttpListenerContext ctx)
{
try
{
#region Input Validation
if (!ctx.Request.HasEntityBody)
{
WriteBodyResponse(ctx, 400, "Bad Request", "No Body");
return;
}
ArchiveApiPutRequest req = JsonDataObjectUtil <ArchiveApiPutRequest> .ParseObject(ctx);
if (!ValidatePutRequest(req))
{
WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format");
return;
}
#endregion
MySqlDataManipulator connection = new MySqlDataManipulator();
using (connection)
{
bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
if (!res)
{
WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed");
return;
}
#region Validate User
OverallUser mappedUser = connection.GetUserById(req.UserId);
if (mappedUser == null)
{
WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server");
return;
}
if (!UserVerificationUtil.LoginTokenValid(mappedUser, req.LoginToken))
{
WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
return;
}
CompanySettingsEntry isPublicSetting = connection.GetCompanySettingsWhere(req.CompanyId, "SettingKey=\"" + CompanySettingsKey.Public + "\"")[0];
bool isPublic = bool.Parse(isPublicSetting.SettingValue);
if (!isPublic && mappedUser.Company != req.CompanyId)
{
WriteBodyResponse(ctx, 401, "Not Authorized", "Cannot access other company's private data");
return;
}
#endregion
UserSettingsEntry numPredictionsRequested = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(mappedUser.Settings).FirstOrDefault(entry => entry.Key.Equals(UserSettingsEntryKeys.ArchiveQueryResults));
if (numPredictionsRequested == null)
{
WriteBodyResponse(ctx, 500, "Internal Server Error", "User did not contain a setting with a key " + UserSettingsEntryKeys.ArchiveQueryResults);
return;
}
int numRequested = int.Parse(numPredictionsRequested.Value);
#region Input sanitation
string whereString = "";
bool addedWhere = false;
if (req.Entry.Complaint != null)
{
if (!PerformSanitization(req.Entry.Complaint))
{
return;
}
whereString += " Complaint like \"%" + req.Entry.Complaint + "%\"";
addedWhere = true;
}
if (req.Entry.Problem != null)
{
if (!PerformSanitization(req.Entry.Problem))
{
return;
}
if (addedWhere)
{
whereString += " and";
}
whereString += " Problem like \"%" + req.Entry.Problem + "%\"";
addedWhere = true;
}
if (req.Entry.Make != null)
{
if (!PerformSanitization(req.Entry.Make))
{
return;
}
if (addedWhere)
{
whereString += " and";
}
whereString += " Make like \"%" + req.Entry.Make + "%\"";
addedWhere = true;
}
if (req.Entry.Model != null)
{
if (!PerformSanitization(req.Entry.Model))
{
return;
}
if (addedWhere)
{
whereString += " and";
}
whereString += " Model like \"%" + req.Entry.Model + "%\"";
addedWhere = true;
}
if (req.Entry.Year != 0)
{
if (addedWhere)
{
whereString += " and";
}
whereString += " Year =" + req.Entry.Year;
addedWhere = true;
}
#endregion
if (!addedWhere)
{
WriteBodyResponse(ctx, 400, "Bad Request", "No fields in the request's entry were filled");
return;
}
List <RepairJobEntry> entries = connection.GetDataEntriesWhere(req.CompanyId, whereString, true);
JsonListStringConstructor retConstructor = new JsonListStringConstructor();
try
{
entries.ForEach(entry => retConstructor.AddElement(ConvertEntry(entry)));
} catch (NullReferenceException)
{
WriteBodyResponse(ctx, 200, "OK", "[]", "application/json");
return;
}
WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString(), "application/json");
bool PerformSanitization(string queryIn)
{
if (queryIn.Contains('`'))
{
WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the single quote character, which is disallowed due to MySQL injection attacks");
return(false);
}
return(true);
}
}
}
catch (HttpListenerException)
{
//HttpListeners dispose themselves when an exception occurs, so we can do no more.
}
catch (Exception e)
{
WriteBodyResponse(ctx, 500, "Internal Server Error", "Error occurred during processing of request: " + e.Message);
}
}
public IQueryable <CorrespondanceEntry> GetCorrespondanceEntries(UserSettingsEntry userSettingsEntry)
{
return(_currencyDataContext.CorrespondanceEntries.Where(x => x.UserSettings.Equals(userSettingsEntry)));
}
private void HandlePostRequest(HttpListenerContext ctx)
{
try
{
#region Input Validation
if (!ctx.Request.HasEntityBody)
{
WriteBodyResponse(ctx, 400, "Bad Request", "No Body");
return;
}
PredictApiPostRequest req = JsonDataObjectUtil <PredictApiPostRequest> .ParseObject(ctx);
if (!ValidateGetRequest(req))
{
WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format");
return;
}
#endregion
MySqlDataManipulator connection = new MySqlDataManipulator();
using (connection)
{
bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
if (!res)
{
WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed");
return;
}
#region User Validation
OverallUser mappedUser = connection.GetUserById(req.UserId);
if (mappedUser == null)
{
WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server");
return;
}
if (!UserVerificationUtil.LoginTokenValid(mappedUser, req.LoginToken))
{
WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
return;
}
#endregion
#region Action Handling
CompanySettingsEntry isPublicSetting = connection.GetCompanySettingsWhere(req.CompanyId, "SettingKey=\"" + CompanySettingsKey.Public + "\"")[0];
bool isPublic = bool.Parse(isPublicSetting.SettingValue);
if (!isPublic && mappedUser.Company != req.CompanyId)
{
WriteBodyResponse(ctx, 401, "Not Authorized", "Cannot predict using other company's private data");
return;
}
List <UserSettingsEntry> userSettings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(mappedUser.Settings);
UserSettingsEntry predictionQueryResultsSetting = userSettings.Where(entry => entry.Key.Equals(UserSettingsEntryKeys.PredictionQueryResults)).First();
int numQueriesRequested = int.Parse(predictionQueryResultsSetting.Value);
DatabaseQueryProcessor processor = new DatabaseQueryProcessor();
string ret = processor.ProcessQueryForSimilarQueries(req.Entry, connection, req.CompanyId, req.ComplaintGroupId, numQueriesRequested);
WriteBodyResponse(ctx, 200, "OK", ret, "application/json");
#endregion
}
}
catch (HttpListenerException)
{
//HttpListeners dispose themselves when an exception occurs, so we can do no more.
}
catch (Exception e)
{
WriteBodyResponse(ctx, 500, "Internal Server Error", "Error occurred during processing of request: " + e.Message);
}
}
