public IHttpActionResult PutAssignment(int id, AssignmentDetailTeacherDTO assignmentDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Assignment assignment = db.Assignments.Find(id); if (assignmentDTO == null || assignment == null || assignment.Course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } Course course = assignment.Course; if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } if (!assignmentDTO.Validate(assignment, null)) { return(BadRequest()); } assignmentDTO.Update(assignment, null); string error = db.Update(assignment, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignment.Id)); }
public IHttpActionResult PutUser(int id, UserDetailDTO userDTO) { User authorizedUser = new Authorize().GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (userDTO == null) { return(BadRequest()); } if (authorizedUser == null) { return(Unauthorized()); } if (userDTO.NewUserIdentifier != null) { User otherUser = new Authorize().GetUserByIdentifier(userDTO.NewUserIdentifier); if (otherUser == null) { return(NotFound()); } id = otherUser.Id; } User user = db.Users.Find(id); if (user == null || !ModelState.IsValid || !userDTO.Validate(false, authorizedUser.Id != id ? authorizedUser : null)) { return(BadRequest(ModelState)); } bool logoutNecessary = false; if (authorizedUser.Id == id) { userDTO.Update(user); } if (userDTO.NewRole != null) { if (authorizedUser.GetTeacher() == null) { return(Unauthorized()); } userDTO.UpdateRole(user); } string error = db.Update(user, Modified); if (error != null) { return(BadRequest(error)); } if (logoutNecessary) { return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Logout")); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Users/" + authorizedUser.Id)); }
public IHttpActionResult PostGradingScheme(GradingSchemeDetailDTO schemeDTO) { User authorizedUser = new Authorize().GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Teacher teacher = authorizedUser.GetTeacher(); Course course = db.Courses.Find(schemeDTO.NewCourseId); if (!ModelState.IsValid || !schemeDTO.Validate(teacher) || course == null) { return(BadRequest()); } GradingScheme scheme = schemeDTO.Create(); db.GradingSchemes.Add(scheme); string error = db.Update(scheme, Added); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id)); }
public IHttpActionResult PutLesson(int id, LessonDetailDTO lessonDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Lesson lesson = db.Lessons.Find(id); if (lessonDTO == null || lesson == null || lesson.Assignment == null || lesson.Assignment.Course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, lesson))) { return(Unauthorized()); } Tutor tutor = null; if (lessonDTO.NewTutorIdentifier != null) { User user = auth.GetUserByIdentifier(lessonDTO.NewTutorIdentifier); if (user == null && user.GetTutor() == null) { return(BadRequest()); } tutor = user.GetTutor(); } if (!lessonDTO.Validate(lesson, null, tutor)) { return(BadRequest()); } lessonDTO.Update(lesson, tutor); string error = db.Update(lesson, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + lesson.Assignment.Id)); }
public IHttpActionResult PutCourse(int id, CourseDetailDTO courseDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null) { return(Unauthorized()); } Course course = db.Courses.Find(id); if (courseDTO == null || course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } if (courseDTO.NewGradingSchemeName != null) { foreach (GradingScheme scheme in db.GradingSchemes) { if (courseDTO.NewGradingSchemeName.Equals(scheme.Name)) { course.GradingSchemeId = scheme.Id; break; } } } if (!courseDTO.Validate(course)) { return(BadRequest()); } courseDTO.Update(course); string error = db.Update(course, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id)); }
public IHttpActionResult DeleteGroupMembership(int id) { User authorizedUser = new Authorize().GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetStudent() == null) { return(Unauthorized()); } Student student = authorizedUser.GetStudent(); GroupMembership membership = db.GroupMemberships.Find(id); if (membership == null) { return(NotFound()); } if (membership.StudentId != student.Id) { return(Unauthorized()); } if (membership.Group == null || membership.Group.Lesson == null || membership.Group.Lesson.Assignment == null || membership.Group.Lesson.Assignment.MembershipsFinal || membership.Student == null) { return(BadRequest()); } int assignmentId = membership.Group.Lesson.Assignment.Id; Group deleteGroup = null; if (membership.Group.GroupMemberships.Count == 0) { deleteGroup = membership.Group; } string error = db.Update(membership, Deleted); if (error != null) { return(BadRequest(error)); } if (deleteGroup != null) { db.Update(deleteGroup, Deleted); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignmentId)); }
public IHttpActionResult PutGroup(int id, GroupDetailTeacherDTO groupDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || (authorizedUser.GetTeacher() == null && authorizedUser.GetTutor() == null)) { return(Unauthorized()); } Group group = db.Groups.Find(id); if (groupDTO == null || group == null || group.Lesson == null || group.Lesson.Assignment == null || group.Lesson.Assignment.Course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } Course course = group.Lesson.Assignment.Course; bool isTeacher; if (!group.IsFinal) { if (authorizedUser.GetTutor() == null || !authorizedUser.GetTutor().Equals(group.Lesson.Tutor)) { return(Unauthorized()); } isTeacher = false; } else { if (authorizedUser.GetTeacher() == null || !"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } isTeacher = true; } if (!groupDTO.Validate(group, isTeacher)) { return(BadRequest()); } groupDTO.Update(group); string error = db.Update(group, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Groups/" + id)); }