public IHttpActionResult UpdateCriteria(long id, CRITERIA cRITERIA) { if (HttpContext.Current.Request.Cookies.AllKeys.Contains("sid")) { try { response = identity.Auth(HttpContext.Current.Request.Cookies.Get("sid").Value); } catch { return(BadRequest("Invalid token. Login in again!")); } if (!response.Roles.Contains("ADMIN")) { return(BadRequest("You are not authorized for this action")); } } else { return(BadRequest("You are not logged in. Please login and try again.")); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (id != cRITERIA.ID_CRITERIA) { return(BadRequest("id doesn't match")); } cRITERIA.DATE_MODIFIED = DateTime.Now; db.Entry(cRITERIA).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException) { if (!CRITERIAExists(id)) { return(NotFound()); } } return(Ok(cRITERIA)); }
public IHttpActionResult GetScore(long id) { if (HttpContext.Current.Request.Cookies.AllKeys.Contains("sid")) { try { response = identity.Auth(HttpContext.Current.Request.Cookies.Get("sid").Value); } catch { return(BadRequest("Invalid token. Login in again!")); } //if (!(response.Roles.Contains("CV_ADMIN") || response.Roles.Contains("ADMIN"))) // return BadRequest("You are not authorized for this action"); } else { return(BadRequest("You are not logged in. Please login and try again.")); } int score = 0; try { //first find all CV_ITEMs with CV_TABLE_ID_CV==id, than sum points of criteria in all CV_ITEMs if (db.CV_ITEM.Where(o => o.CV_TABLE_ID_CV == id && o.CV_ITEM_STATUS.STATUS == "confirmed").Count() > 0) { score = (int)db.CV_ITEM.Where(o => o.CV_TABLE_ID_CV == id && o.CV_ITEM_STATUS.STATUS == "confirmed").Sum(o => o.CRITERIA.POINTS); } } catch (Exception) { return(BadRequest("Error")); } return(Ok(score)); }
public UserInfo getAuth(string token) { try { SSO.IdentityClient client = new SSO.IdentityClient(); SSO.AuthResponse ui = client.Auth(token); return(new UserInfo { Email = ui.Email, FirstName = ui.FirstName, LastName = ui.LastName, Roles = ui.Roles.ToList(), UserId = ui.UserId, Username = ui.Username }); } catch (Exception e) { throw new UnauthorizedAccessException("Authorization failed.", e); } }
public async Task <IHttpActionResult> PostCV_ITEM() { if (!Request.Content.IsMimeMultipartContent()) { this.Request.CreateResponse(HttpStatusCode.UnsupportedMediaType); } if (HttpContext.Current.Request.Cookies.AllKeys.Contains("sid")) { try { response = identity.Auth(HttpContext.Current.Request.Cookies.Get("sid").Value); } catch { return(BadRequest("Invalid token. Login in again!")); } if (!(response.Roles.Contains("CV_ADMIN") || response.Roles.Contains("ADMIN"))) { return(BadRequest("You are not authorized for this action")); } } else { return(BadRequest("You are not logged in. Please login and try again.")); } CV_ITEM cv = new CV_ITEM(); List <CV_ITEM_LINK> links = new List <CV_ITEM_LINK>(); try { string root = HttpContext.Current.Server.MapPath("~/App_Data"); var provider = new MultipartFormDataStreamProvider(root); await Request.Content.ReadAsMultipartAsync(provider); //lopp for going trough all key:values pairs /* foreach (var key in provider.FormData.AllKeys) * { * //next loop is used for the case when one key has multiple values * foreach (var val in provider.FormData.GetValues(key)) * { * } * }*/ cv.CV_TABLE_ID_CV = response.UserId; links = Newtonsoft.Json.JsonConvert.DeserializeObject <List <CV_ITEM_LINK> >(provider.FormData.GetValues("LINKS").First()); cv.NAME = provider.FormData.GetValues("NAME").First(); cv.DESCRIPTION = provider.FormData.GetValues("DESCRIPTION").First(); cv.CRITERIA_ID_CRITERIA = Convert.ToInt64(provider.FormData.GetValues("CRITERIA_ID_CRITERIA").First()); cv.START_DATE = Convert.ToDateTime(provider.FormData.GetValues("START_DATE").First()); cv.END_DATE = Convert.ToDateTime(provider.FormData.GetValues("END_DATE").First()); //status=unconfirmed cv.STATUS_ID = 1; cv.DATE_CREATED = DateTime.Now; if (provider.FileData.Count > 0) { string uploadedFile = ""; string localfilename = ""; //loop for multiple files if needed foreach (var file in provider.FileData) { //deletes "" / signs in filename uploadedFile = JsonConvert.DeserializeObject(file.Headers.ContentDisposition.FileName).ToString(); localfilename = file.LocalFileName; } var userId = response.UserId; string identifier = Guid.NewGuid().ToString(); var extension = Path.GetExtension(uploadedFile); string path = userId + "-" + identifier + extension; var fileName = Path.GetFileName(path); string[] _supportedExtensions = { ".zip", ".rar", ".doc", ".pdf", ".docx", ".odt" }; if (!_supportedExtensions.Contains(extension)) { return(BadRequest("File not supported")); } //blobContainer.CreateIfNotExists(); //blob = blobContainer.GetBlockBlobReference(fileName); //localfilename: path of the file on server //blob.UploadFromFile(localfilename); cv.CV_ITEM_LINK_LINK = "http://www.pdf995.com/samples/pdf.pdf";//blob.Uri.ToString(); } } catch (Exception e) { return(InternalServerError(e)); } //saving CV_item to database db.CV_ITEM.Add(cv); db.SaveChanges(); //now update CV_ITEM_ID in every link foreach (CV_ITEM_LINK link in links) { link.CV_ITEM_ID = cv.ID_ITEM; } db.CV_ITEM_LINK.AddRange(links); db.SaveChanges(); //returns cv_item atributes incuding list of ATTACHMENTS return(Ok(cv)); }