public IHttpActionResult GetByUserName([FromUri] string username) { ParentDto parent = new ParentDto(); try { parent = db.GetByUserName(username); } catch (NullReferenceException e) { logger.Error(e.Message); return(NotFound()); } logger.Info("Search by username"); return(Ok(parent)); }
public HttpResponseMessage GetParentByUserName(string username) { string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value; string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value; logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Parnet by username: "******"The parent with username: "******" was not found."); return(Request.CreateResponse(HttpStatusCode.BadRequest, "The parent with username: "******" was not found.")); } if (userRole == "admin") { logger.Info("Requesting found parent convert for " + userRole + "role."); ParentDTOForAdmin dto = toDTO.ConvertToParentDTOForAdmin(parent, (List <IdentityUserRole>)parent.Roles); if (dto == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong.")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, dto)); } else if (userRole == "teacher") { logger.Info("Requesting found parent convert for " + userRole + "role."); ParentDTOForTeacher dto = toDTO.ConvertToParentDTOForTeacher(parent); if (dto == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong.")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, dto)); } else if (userId == parent.Id || parent.Students.Any(x => x.Id == userId) == true || parent.Students.Any(x => x.Form.Students.Any(y => y.Id == userId)) == true || parent.Students.Any(x => x.Form.Students.Any(y => y.Parent.Id == userId)) == true) { logger.Info("Requesting found parent convert for " + userRole + "role."); ParentDTOForStudentAndParents dto = toDTO.ConvertToParentDTOForStudentAndParent(parent); if (dto == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong.")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, dto)); } else { logger.Info("Authorisation failure. User " + userId + " is not authorised for this request."); return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " + "We’re sorry, but you are not authorized to perform the requested operation.")); } } catch (Exception e) { logger.Error(e); return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e)); } }