public async Task <IHttpActionResult> NewNewsItemFeedback(NewNewsItemFeedbackDTO newNewsItemFeedbackDTO)
{
string userName = User.Identity.Name;
User user = db.Users.Where(_user => _user.UserName == userName).Include(_user => _user.Company).SingleOrDefault();
if (user == null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
NewsItem newsItem = db.NewsItems.Where(_newsItem => _newsItem.ID == newNewsItemFeedbackDTO.NewsItemID)
.Include(_newsItem => _newsItem.Product.TeamMembers
.Select(teamMember => teamMember.User)
.Select(teamMember => teamMember.Company))
.Include(_newsItem => _newsItem.User.Company.Followers)
.Include(_newsItem => _newsItem.User.CompaniesAsMembers)
.SingleOrDefault();
if (newsItem == null)
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
if (newsItem.Product != null)
{
if ((newsItem.Product.CompanyID != user.Company.ID) &&
(newsItem.Product.TeamMembers.Where(teamMember => teamMember.UserID == user.Id &&
teamMember.CanEditTheProduct == true).SingleOrDefault() == null) &&
(newsItem.Product.Privacy == ProductPrivacy.Private) ||
((newsItem.Product.Privacy == ProductPrivacy.VisibleToSelectedGroups) &&
(newsItem.Product.GroupsVisibleTo.Any(followerGroup => followerGroup.Followers.Any(follower => follower.UserID == user.Id)) == false)))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
}
if ((newsItem.UserID != user.Id) && (newsItem.User.Company.Members.Where(member => member.UserID == user.Id).SingleOrDefault() == null) && (newsItem.User.Company.Followers.Where(follower => follower.UserID == user.Id).SingleOrDefault() == null) && (newsItem.User.CompaniesAsMembers.Where(companyAsMember => companyAsMember.Company.Followers.Any(follower => follower.UserID == user.Id)).SingleOrDefault() == null))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
NewsItemFeedback newsItemFeedback = Mapper.Map <NewNewsItemFeedbackDTO, NewsItemFeedback>(newNewsItemFeedbackDTO);
newsItemFeedback.UserID = user.Id;
newsItemFeedback.User = user;
newsItemFeedback.NewsItemID = newsItem.ID;
newsItemFeedback.NewsItem = newsItem;
newsItemFeedback.PostedAt = DateTime.Now;
newsItemFeedback = db.NewsItemFeedback.Add(newsItemFeedback);
newsItem.UpdatedAt = DateTime.Now;
db.Entry(newsItem).State = EntityState.Modified;
await db.SaveChangesAsync();
return(Ok(Mapper.Map <NewsItemFeedback, NewsItemFeedbackDTO>(newsItemFeedback)));
}
public async Task <IHttpActionResult> GetNewsItemFeedbackImage(long newsItemFeedbackId)
{
NewsItemFeedback newsItemFeedback = db.NewsItemFeedback.Where(_newsItemFeedback => _newsItemFeedback.ID == newsItemFeedbackId).SingleOrDefault();
if (newsItemFeedback == null)
{
return(NotFound());
}
byte[] imageBytes;
string mediaTypeHeader;
if (newsItemFeedback.Image != null)
{
imageBytes = newsItemFeedback.Image;
mediaTypeHeader = "image/png";
}
else
{
string filePath = System.Web.Hosting.HostingEnvironment.MapPath("/img/user_image.svg");
imageBytes = File.ReadAllBytes(filePath);
mediaTypeHeader = "image/svg+xml";
}
MemoryStream memoryStream = new MemoryStream(imageBytes);
HttpResponseMessage responseMessage = new HttpResponseMessage(HttpStatusCode.OK);
responseMessage.Content = new StreamContent(memoryStream);
responseMessage.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue(mediaTypeHeader);
return(ResponseMessage(responseMessage));
}
