public async Task <IActionResult> Put(int id, [FromBody] LearnQuestionBankViewModel vm) { String usrName = String.Empty; if (Startup.UnitTestMode) { usrName = UnitTestUtility.UnitTestUser; } else { var usrObj = HIHAPIUtility.GetUserClaim(this); usrName = usrObj.Value; } if (String.IsNullOrEmpty(usrName)) { return(BadRequest("User cannot recognize")); } if (vm == null) { return(BadRequest("No data is inputted")); } if (vm.HID <= 0) { return(BadRequest("No Home Inputted")); } // Check if (vm.ID != id) { return(BadRequest("Invalid data")); } if (vm.Question != null) { vm.Question = vm.Question.Trim(); } if (String.IsNullOrEmpty(vm.Question)) { return(BadRequest("Question is a must!")); } if (vm.QuestionType == (Byte)HIHQuestionBankType.EssayQuestion || vm.QuestionType == (Byte)HIHQuestionBankType.MultipleChoice) { } else { // Non supported type return(BadRequest("Non-supported type")); } // Update the database SqlConnection conn = null; SqlTransaction tran = null; SqlCommand cmd = null; String queryString = ""; String strErrMsg = ""; HttpStatusCode errorCode = HttpStatusCode.OK; try { using (conn = new SqlConnection(Startup.DBConnectionString)) { await conn.OpenAsync(); // Check Home assignment with current user try { HIHAPIUtility.CheckHIDAssignment(conn, vm.HID, usrName); } catch (Exception) { errorCode = HttpStatusCode.BadRequest; throw; } tran = conn.BeginTransaction(); // Question bank queryString = @"UPDATE [dbo].[t_learn_qtn_bank] SET [Type] = @Type ,[Question] = @Question ,[BriefAnswer] = @BriefAnswer ,[UPDATEDBY] = @UPDATEDBY ,[UPDATEDAT] = @UPDATEDAT WHERE [HID] = @HID AND [ID] = @ID"; cmd = new SqlCommand(queryString, conn) { Transaction = tran }; cmd.Parameters.AddWithValue("@HID", vm.HID); cmd.Parameters.AddWithValue("@ID", vm.ID); cmd.Parameters.AddWithValue("@Type", vm.QuestionType); cmd.Parameters.AddWithValue("@Question", vm.Question); if (!String.IsNullOrEmpty(vm.BriefAnswer)) { cmd.Parameters.AddWithValue("@BriefAnswer", vm.BriefAnswer); } else { cmd.Parameters.AddWithValue("@BriefAnswer", DBNull.Value); } cmd.Parameters.AddWithValue("@UPDATEDBY", usrName); cmd.Parameters.AddWithValue("@UPDATEDAT", DateTime.Now); await cmd.ExecuteNonQueryAsync(); cmd.Dispose(); cmd = null; // Question bank sub item queryString = @"DELETE FROM [dbo].[t_learn_qtn_bank_sub] WHERE [QTNID] = " + id.ToString(); cmd = new SqlCommand(queryString, conn, tran); await cmd.ExecuteNonQueryAsync(); cmd.Dispose(); cmd = null; foreach (var si in vm.SubItemList) { queryString = @"INSERT INTO [dbo].[t_learn_qtn_bank_sub] ([QTNID] ,[SUBITEM] ,[DETAIL] ,[OTHERS]) VALUES (@QTNID ,@SUBITEM ,@DETAIL ,@OTHERS)"; cmd = new SqlCommand(queryString, conn, tran); cmd.Parameters.AddWithValue("@QTNID", id); cmd.Parameters.AddWithValue("@SUBITEM", si.SubItem); cmd.Parameters.AddWithValue("@DETAIL", si.Detail); if (!String.IsNullOrEmpty(si.Others)) { cmd.Parameters.AddWithValue("@OTHERS", si.Others); } else { cmd.Parameters.AddWithValue("@OTHERS", DBNull.Value); } await cmd.ExecuteNonQueryAsync(); cmd.Dispose(); cmd = null; } // Tag queryString = HIHDBUtility.GetTagDeleteString(); cmd = new SqlCommand(queryString, conn, tran); HIHDBUtility.BindTagDeleteParameter(cmd, vm.HID, HIHTagTypeEnum.LearnQuestionBank, id); await cmd.ExecuteNonQueryAsync(); cmd.Dispose(); cmd = null; foreach (var tag in vm.TagTerms) { queryString = HIHDBUtility.GetTagInsertString(); cmd = new SqlCommand(queryString, conn, tran); HIHDBUtility.BindTagInsertParameter(cmd, vm.HID, HIHTagTypeEnum.LearnQuestionBank, id, tag); await cmd.ExecuteNonQueryAsync(); } tran.Commit(); } } catch (Exception exp) { #if DEBUG System.Diagnostics.Debug.WriteLine(exp.Message); #endif if (tran != null) { tran.Rollback(); } strErrMsg = exp.Message; if (errorCode == HttpStatusCode.OK) { errorCode = HttpStatusCode.InternalServerError; } } finally { if (tran != null) { tran.Dispose(); tran = null; } if (cmd != null) { cmd.Dispose(); cmd = null; } if (conn != null) { conn.Dispose(); conn = null; } } if (errorCode != HttpStatusCode.OK) { switch (errorCode) { case HttpStatusCode.Unauthorized: return(Unauthorized()); case HttpStatusCode.NotFound: return(NotFound()); case HttpStatusCode.BadRequest: return(BadRequest(strErrMsg)); default: return(StatusCode(500, strErrMsg)); } } var setting = new Newtonsoft.Json.JsonSerializerSettings { DateFormatString = HIHAPIConstants.DateFormatPattern, ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver() }; return(new JsonResult(vm, setting)); }