public async Task <IActionResult> GetTenantById(int tenantId)
{
if (this.UserInRole(Role.Admin) || this.UserInRole(Role.Manager))
{
var tenant = await _tenantRepository.TenantFromId(tenantId);
if (tenant == null)
{
var err = new DTO.ErrorBuilder()
.Message("Tenant not found.")
.Code(404)
.Build();
return(err);
}
var unit = await _tenantRepository.UnitFromTenantId(tenant.TenantId);
var unitNumber = unit == null ? "" : unit.UnitNumber;
var tenantDTO = new DTO.TenantInfoDTO(tenant, unitNumber);
return(new ObjectResult(tenantDTO));
}
else
{
var err = new DTO.ErrorBuilder()
.Message("You are not authorized to view tenants by ID.")
.Code(403)
.Build();
return(err);
}
}
public async Task <DTO.TenantInfoDTO> AddTenant(DTO.TenantInfoDTO info)
{
var emailAlreadyExists = await _context.Tenants
.Where(t => t.Email.ToLower() == info.Email.ToLower())
.CountAsync() > 0;
if (emailAlreadyExists)
{
return(null);
}
if (info == null)
{
return(null);
}
var tenant = new Tenant();
tenant.FirstName = info.FirstName;
tenant.LastName = info.LastName;
tenant.Email = info.Email;
tenant.PhoneNumber = info.PhoneNumber;
_context.Add(tenant);
await _context.SaveChangesAsync();
await AssignToUnit(tenant.TenantId, info.UnitNumber);
await _context.SaveChangesAsync();
return(new DTO.TenantInfoDTO(tenant, info.UnitNumber));
}
public async Task <IActionResult> GetTenants()
{
if (this.UserInRole(Role.Admin) || this.UserInRole(Role.Manager))
{
var tenants = await _tenantRepository.GetTenants();
var tenantDTOs = new List <DTO.TenantInfoDTO>();
foreach (var tenant in tenants)
{
var unit = await _tenantRepository.UnitFromTenantId(tenant.TenantId);
var unitNumber = unit == null ? "" : unit.UnitNumber;
var tenantDTO = new DTO.TenantInfoDTO(tenant, unitNumber);
tenantDTOs.Add(tenantDTO);
}
return(new ObjectResult(tenantDTOs));
}
else
{
var err = new DTO.ErrorBuilder()
.Message("You are not authorized to view tenant lists.")
.Code(403)
.Build();
return(err);
}
}
public async Task <DTO.TenantInfoDTO> UpdateTenantInfo(int tenantId, DTO.TenantInfoDTO newInfo)
{
var tenant = await TenantFromId(tenantId);
if (tenant == null)
{
return(await AddTenant(newInfo));
}
tenant.FirstName = newInfo.FirstName;
tenant.LastName = newInfo.LastName;
tenant.Email = newInfo.Email;
tenant.PhoneNumber = newInfo.PhoneNumber;
var unit = await AssignToUnit(tenantId, newInfo.UnitNumber);
await _context.SaveChangesAsync();
if (unit == null)
{
return(new DTO.TenantInfoDTO(tenant, null));
}
else
{
return(new DTO.TenantInfoDTO(tenant, unit.UnitNumber));
}
}
public async Task <IActionResult> UpdateTenantInfo(DTO.TenantInfoDTO info)
{
if (this.UserInRole(Role.Tenant))
{
var userId = this.UserIdFromApiKey();
var tenantId = await _tenantRepository.TenantIdFromUserId(userId);
if (tenantId == null)
{
var err = new DTO.ErrorBuilder()
.Message("Not a tenant")
.Code(400)
.Build();
return(err);
}
var unitNumber = await _tenantRepository.UnitFromTenantId((int)tenantId);
if (unitNumber == null)
{
var err = new DTO.ErrorBuilder()
.Message("Not assigned to a unit")
.Code(400)
.Build();
return(err);
}
// Prevent user from changing their own unit number.
info.UnitNumber = unitNumber.UnitNumber;
var tenant = await _tenantRepository.UpdateTenantInfo((int)tenantId, info);
return(new ObjectResult(tenant));
}
else if (this.UserInRole(Role.Manager) || this.UserInRole(Role.Admin))
{
var tenant = await _tenantRepository.UpdateTenantInfo(info.TenantId, info);
return(new ObjectResult(tenant));
}
else
{
var err = new DTO.ErrorBuilder()
.Message("Not authorized to edit tenant information.")
.Code(403)
.Build();
return(err);
}
}
public async Task <IActionResult> GetTenant()
{
if (this.UserInRole(Role.Tenant))
{
var userId = this.UserIdFromApiKey();
var tenant = await _tenantRepository.TenantFromUserId(userId);
if (tenant == null)
{
var err = new DTO.ErrorBuilder()
.Message("Not a tenant")
.Code(400)
.Build();
return(err);
}
var unit = await _tenantRepository.UnitFromTenantId(tenant.TenantId);
var unitNumber = unit == null ? "" : unit.UnitNumber;
var tenantDTO = new DTO.TenantInfoDTO(tenant, unitNumber);
return(new ObjectResult(tenantDTO));
}
else if (this.UserInRole(Role.Admin) || this.UserInRole(Role.Manager))
{
var err = new DTO.ErrorBuilder()
.Message("This route is for tenants only.")
.Code(400)
.Build();
return(new ObjectResult(err));
}
else
{
var err = new DTO.ErrorBuilder()
.Message("You are not authorized to view tenant info.")
.Code(403)
.Build();
_logger.LogWarning($"Unauthorized access attempt to view tenant info.");
return(new ObjectResult(err));
}
}
public async Task <DTO.TenantInfoDTO> AddTenant(DTO.TenantInfoDTO info)
{
if (info == null)
{
return(null);
}
var tenant = new Tenant();
tenant.FirstName = info.FirstName;
tenant.LastName = info.LastName;
tenant.Email = info.Email;
tenant.PhoneNumber = info.PhoneNumber;
_context.Add(tenant);
await AssignToUnit(tenant.TenantId, info.UnitNumber);
await _context.SaveChangesAsync();
return(new DTO.TenantInfoDTO(tenant, info.UnitNumber));
}
public async Task <DTO.TenantInfoDTO> UpdateTenantInfo(int tenantId, DTO.TenantInfoDTO newInfo)
{
var emailAlreadyExists = await _context.Tenants
.Where(t => t.Email.ToLower() == newInfo.Email.ToLower())
.Where(t => t.TenantId != tenantId)
.CountAsync() > 0;
if (emailAlreadyExists)
{
return(null);
}
var tenant = await TenantFromId(tenantId);
if (tenant == null)
{
return(await AddTenant(newInfo));
}
tenant.FirstName = newInfo.FirstName;
tenant.LastName = newInfo.LastName;
tenant.Email = newInfo.Email;
tenant.PhoneNumber = newInfo.PhoneNumber;
var unit = await AssignToUnit(tenantId, newInfo.UnitNumber);
await _context.SaveChangesAsync();
if (unit == null)
{
return(new DTO.TenantInfoDTO(tenant, null));
}
else
{
return(new DTO.TenantInfoDTO(tenant, unit.UnitNumber));
}
}
