public async Task <IHttpActionResult> RemoveFollowerFromGroup(long followerUserId, long followerGroupId) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Where(_companyFollowerGroup => _companyFollowerGroup.ID == followerGroupId).SingleOrDefault(); if (companyFollowerGroup == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } if ((companyFollowerGroup.Company.Owner.Id != user.Id) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } CompanyConnection companyConnection = companyFollowerGroup.Followers.Where(_follower => _follower.UserID == followerUserId).SingleOrDefault(); if (companyConnection == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } companyFollowerGroup.Followers.Remove(companyConnection); db.Entry(companyFollowerGroup).State = EntityState.Modified; await db.SaveChangesAsync(); return(Ok()); }
public async Task <IHttpActionResult> DeleteCompanyFollowerGroup(CompanyFollowerGroupDTO companyFollowerGroupDTO) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Find(companyFollowerGroupDTO.ID); if (companyFollowerGroup == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } if ((companyFollowerGroup.CompanyID != user.Company.ID) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } db.CompanyFollowerGroups.Remove(companyFollowerGroup); await db.SaveChangesAsync(); return(Ok()); }
public async Task <IHttpActionResult> UpdateProduct(CompanyFollowerGroupDTO companyFollowerGroupDTO) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Find(companyFollowerGroupDTO.ID); if (companyFollowerGroup == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } if ((companyFollowerGroup.CompanyID != user.Company.ID) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } Mapper.Map(companyFollowerGroupDTO, companyFollowerGroup); db.Entry(companyFollowerGroup).State = EntityState.Modified; await db.SaveChangesAsync(); return(Ok(Mapper.Map <CompanyFollowerGroup, CompanyFollowerGroupDTO>(companyFollowerGroup))); }
public async Task <IHttpActionResult> NewCompanyFollowerGroup(NewCompanyFollowerGroupDTO newCompanyFollowerGroupDTO) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Company company = user.Company; CompanyFollowerGroup companyFollowerGroup = new CompanyFollowerGroup(); companyFollowerGroup.CompanyID = company.ID; companyFollowerGroup.Company = company; companyFollowerGroup.Name = newCompanyFollowerGroupDTO.Name; companyFollowerGroup = db.CompanyFollowerGroups.Add(companyFollowerGroup); await db.SaveChangesAsync(); return(Ok(Mapper.Map <CompanyFollowerGroup, CompanyFollowerGroupDTO>(companyFollowerGroup))); }
public async Task <IHttpActionResult> AddProductToFollowerGroup(long productId, long followerGroupId) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Where(_companyFollowerGroup => _companyFollowerGroup.ID == followerGroupId).SingleOrDefault(); if (companyFollowerGroup == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } if ((companyFollowerGroup.Company.Owner.Id != user.Id) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } Product product = db.Products.Where(_product => _product.ID == productId).SingleOrDefault(); if (product == null) { return(NotFound()); } if ((product.CompanyID != user.Company.ID) && (product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } if (companyFollowerGroup.VisibleProducts.Contains(product)) { throw new HttpResponseException(HttpStatusCode.BadRequest); } if (product.Privacy == ProductPrivacy.Public) { product.Privacy = ProductPrivacy.Private; db.Entry(product).State = EntityState.Modified; } companyFollowerGroup.VisibleProducts.Add(product); db.Entry(companyFollowerGroup).State = EntityState.Modified; await db.SaveChangesAsync(); return(Ok()); }
public async Task <IHttpActionResult> RemoveProductFileFromFollowerGroup(long productFileId, long followerGroupId) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } CompanyFollowerGroup companyFollowerGroup = db.CompanyFollowerGroups.Where(_companyFollowerGroup => _companyFollowerGroup.ID == followerGroupId).SingleOrDefault(); if (companyFollowerGroup == null) { throw new HttpResponseException(HttpStatusCode.NotFound); } if ((companyFollowerGroup.Company.Owner.Id != user.Id) && (companyFollowerGroup.Company.Members.Any(member => member.UserID == user.Id) == false)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } ProductFile productFile = companyFollowerGroup.VisibleProductFiles.Where(_productFile => _productFile.ID == productFileId).SingleOrDefault(); if (productFile == null) { return(NotFound()); } if ((productFile.Product.CompanyID != user.Company.ID) && (productFile.Product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } companyFollowerGroup.VisibleProductFiles.Remove(productFile); db.Entry(companyFollowerGroup).State = EntityState.Modified; if (productFile.GroupsVisibleTo.Count == 0) { productFile.Privacy = ProductFilePrivacy.Public; db.Entry(productFile).State = EntityState.Modified; } await db.SaveChangesAsync(); return(Ok()); }
public async Task <IHttpActionResult> SetProductFilePrivacy(long id, ProductFilePrivacy privacy, long selectedGroupId = 0) { string userName = User.Identity.Name; User user = db.Users.Where(_user => _user.UserName == userName).SingleOrDefault(); if (user == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } ProductFile productFile = db.ProductFiles.Where(_productFile => _productFile.ID == id) .Include(_productFile => _productFile.Product) .Include(_productFile => _productFile.Product.TeamMembers) .Include(_productFile => _productFile.GroupsVisibleTo) .SingleOrDefault(); if (productFile == null) { return(NotFound()); } if ((productFile.Product.CompanyID != user.Company.ID) && (productFile.Product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id && teamMember.CanEditTheProduct == true).SingleOrDefault() == null)) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } if (productFile.Privacy == privacy && productFile.Privacy == ProductFilePrivacy.Public) { return(Ok()); } if (privacy != ProductFilePrivacy.VisibleToSelectedGroups && productFile.GroupsVisibleTo.Count() > 0) { productFile.GroupsVisibleTo.Clear(); } if (privacy == ProductFilePrivacy.VisibleToSelectedGroups) { CompanyFollowerGroup selectedGroup = db.CompanyFollowerGroups.SingleOrDefault(c => c.ID == selectedGroupId); if (selectedGroup != null) { if (!productFile.GroupsVisibleTo.Any(c => c.ID == selectedGroup.ID)) { productFile.GroupsVisibleTo.Add(selectedGroup); productFile.Privacy = KaribouAlpha.Models.ProductFilePrivacy.VisibleToSelectedGroups; } else { productFile.GroupsVisibleTo.Remove(selectedGroup); if (productFile.GroupsVisibleTo.Count == 0) { productFile.Privacy = KaribouAlpha.Models.ProductFilePrivacy.Public; } } } } else { productFile.Privacy = KaribouAlpha.Models.ProductFilePrivacy.Public; } ProductUpdate productUpdate = new ProductUpdate(); //productFile.Privacy = privacy; db.Entry(productFile).State = EntityState.Modified; productUpdate.UserID = user.Id; productUpdate.User = user; productUpdate.ProductID = productFile.ProductID; productUpdate.Product = productFile.Product; productUpdate.ProductFileID = productFile.ID; productUpdate.ProductFile = productFile; productUpdate.DateTime = DateTime.Now; productUpdate.UpdateType = UpdateType.ProductFileEdited; db.ProductUpdates.Add(productUpdate); await db.SaveChangesAsync(); return(Ok()); }