public async Task <IHttpActionResult> RemoveFollowerFromGroup(long followerUserId, long followerGroupId)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Where(_companyFollowerGroup => _companyFollowerGroup.ID == followerGroupId).SingleOrDefault();
if (companyFollowerGroup == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((companyFollowerGroup.Company.Owner.Id != user.Id) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
CompanyConnection companyConnection = companyFollowerGroup.Followers.Where(_follower => _follower.UserID == followerUserId).SingleOrDefault();
if (companyConnection == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
companyFollowerGroup.Followers.Remove(companyConnection);
db.Entry(companyFollowerGroup).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok());
}
public async Task <IHttpActionResult> DeleteCompanyFollowerGroup(CompanyFollowerGroupDTO companyFollowerGroupDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Find(companyFollowerGroupDTO.ID);
if (companyFollowerGroup == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((companyFollowerGroup.CompanyID != user.Company.ID) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
db.CompanyFollowerGroups.Remove(companyFollowerGroup);
await db.SaveChangesAsync();
return(Ok());
}
public async Task <IHttpActionResult> UpdateProduct(CompanyFollowerGroupDTO companyFollowerGroupDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Find(companyFollowerGroupDTO.ID);
if (companyFollowerGroup == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((companyFollowerGroup.CompanyID != user.Company.ID) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
Mapper.Map(companyFollowerGroupDTO, companyFollowerGroup);
db.Entry(companyFollowerGroup).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok(Mapper.Map <CompanyFollowerGroup, CompanyFollowerGroupDTO>(companyFollowerGroup)));
}
public async Task <IHttpActionResult> NewCompanyFollowerGroup(NewCompanyFollowerGroupDTO newCompanyFollowerGroupDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Company company = user.Company;
CompanyFollowerGroup companyFollowerGroup = new CompanyFollowerGroup();
companyFollowerGroup.CompanyID = company.ID;
companyFollowerGroup.Company = company;
companyFollowerGroup.Name = newCompanyFollowerGroupDTO.Name;
companyFollowerGroup = db.CompanyFollowerGroups.Add(companyFollowerGroup);
await db.SaveChangesAsync();
return(Ok(Mapper.Map <CompanyFollowerGroup, CompanyFollowerGroupDTO>(companyFollowerGroup)));
}
public async Task <IHttpActionResult> AddProductToFollowerGroup(long productId, long followerGroupId)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Where(_companyFollowerGroup => _companyFollowerGroup.ID == followerGroupId).SingleOrDefault();
if (companyFollowerGroup == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((companyFollowerGroup.Company.Owner.Id != user.Id) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
Product product = db.Products.Where(_product => _product.ID == productId).SingleOrDefault();
if (product == null)
{
return(NotFound());
}
if ((product.CompanyID != user.Company.ID) && (product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (companyFollowerGroup.VisibleProducts.Contains(product))
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
if (product.Privacy == ProductPrivacy.Public)
{
product.Privacy = ProductPrivacy.Private;
db.Entry(product).State = EntityState.Modified;
}
companyFollowerGroup.VisibleProducts.Add(product);
db.Entry(companyFollowerGroup).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok());
}
public async Task <IHttpActionResult> RemoveProductFileFromFollowerGroup(long productFileId, long followerGroupId)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Where(_companyFollowerGroup => _companyFollowerGroup.ID == followerGroupId).SingleOrDefault();
if (companyFollowerGroup == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if ((companyFollowerGroup.Company.Owner.Id != user.Id) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
ProductFile productFile = companyFollowerGroup.VisibleProductFiles.Where(_productFile => _productFile.ID == productFileId).SingleOrDefault();
if (productFile == null)
{
return(NotFound());
}
if ((productFile.Product.CompanyID != user.Company.ID) && (productFile.Product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
companyFollowerGroup.VisibleProductFiles.Remove(productFile);
db.Entry(companyFollowerGroup).State = EntityState.Modified;
if (productFile.GroupsVisibleTo.Count == 0)
{
productFile.Privacy = ProductFilePrivacy.Public;
db.Entry(productFile).State = EntityState.Modified;
}
await db.SaveChangesAsync();
return(Ok());
}
public async Task <IHttpActionResult> SetProductFilePrivacy(long id, ProductFilePrivacy privacy, long selectedGroupId = 0)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
ProductFile productFile = db.ProductFiles.Where(_productFile => _productFile.ID == id)
.Include(_productFile => _productFile.Product)
.Include(_productFile => _productFile.Product.TeamMembers)
.Include(_productFile => _productFile.GroupsVisibleTo)
.SingleOrDefault();
if (productFile == null)
{
return(NotFound());
}
if ((productFile.Product.CompanyID != user.Company.ID) && (productFile.Product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (productFile.Privacy == privacy && productFile.Privacy == ProductFilePrivacy.Public)
{
return(Ok());
}
if (privacy != ProductFilePrivacy.VisibleToSelectedGroups && productFile.GroupsVisibleTo.Count() > 0)
{
productFile.GroupsVisibleTo.Clear();
}
if (privacy == ProductFilePrivacy.VisibleToSelectedGroups)
{
CompanyFollowerGroup selectedGroup = db.CompanyFollowerGroups.SingleOrDefault(c => c.ID == selectedGroupId);
if (selectedGroup != null)
{
if (!productFile.GroupsVisibleTo.Any(c => c.ID == selectedGroup.ID))
{
productFile.GroupsVisibleTo.Add(selectedGroup);
productFile.Privacy = KaribouAlpha.Models.ProductFilePrivacy.VisibleToSelectedGroups;
}
else
{
productFile.GroupsVisibleTo.Remove(selectedGroup);
if (productFile.GroupsVisibleTo.Count == 0)
{
productFile.Privacy = KaribouAlpha.Models.ProductFilePrivacy.Public;
}
}
}
}
else
{
productFile.Privacy = KaribouAlpha.Models.ProductFilePrivacy.Public;
}
ProductUpdate productUpdate = new ProductUpdate();
//productFile.Privacy = privacy;
db.Entry(productFile).State = EntityState.Modified;
productUpdate.UserID = user.Id;
productUpdate.User = user;
productUpdate.ProductID = productFile.ProductID;
productUpdate.Product = productFile.Product;
productUpdate.ProductFileID = productFile.ID;
productUpdate.ProductFile = productFile;
productUpdate.DateTime = DateTime.Now;
productUpdate.UpdateType = UpdateType.ProductFileEdited;
db.ProductUpdates.Add(productUpdate);
await db.SaveChangesAsync();
return(Ok());
}
