public async Task <IHttpActionResult> GetSequencialRestricted(int id)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can get Sequencial list"));
}
Document document = await db.Documents.FindAsync(id);
if (document == null)
{
return(NotFound());
}
// Get the SequencialList
SequenceACL sequence = await
db.SequenceAcls.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync();
return(Ok(sequence));
}
public async Task <IHttpActionResult> PutUpdateSequencialRestricted(int id, SequenceACL sequence)
{
//Check the user is a Admin User
var userId = User.Identity.GetUserId();
UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync();
if (userAclForAdmin.UserType != Admin)
{
return(BadRequest("Only Admin User can Update Sequencial Restricted"));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Document document = await db.Documents.FindAsync(id);
if (document == null)
{
return(NotFound());
}
// Check Sequencial List is already created.
var sequencialListToCheck = await
db.SequenceAcls.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync();
if (sequencialListToCheck != null)
{
return(BadRequest("Sequencial list is already Exist."));
}
// only sequence and present access is updated
DocumentACL aDocumentAcl = await db.DocumentAcls.Where(x => x.DocumentId == id).SingleOrDefaultAsync();
SequenceACL aSequenceAcl =
await db.SequenceAcls.Where(x => x.DocAclId == aDocumentAcl.Id).SingleOrDefaultAsync();
aSequenceAcl.Sequence = sequence.Sequence;
aSequenceAcl.PresentAccess = sequence.PresentAccess;
await db.SaveChangesAsync();
// change the DocAclType in DocumentAcl
aDocumentAcl.DocAclType = 2;
await db.SaveChangesAsync();
//// Check Document have a restricted sequence.
//var restrictedListToCheck = await
// db.Restricteds.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync();
//if (restrictedListToCheck != null)
//{
// db.Restricteds.Remove(restrictedListToCheck);
// await db.SaveChangesAsync();
//}
//Delete the Document from the DocumentUser Table...
db.DocumentUsers.RemoveRange(db.DocumentUsers.Where(x => x.DocumentId == id));
await db.SaveChangesAsync();
// Add user To the DocumentUser Model
List <string> userInTagList = sequence.Sequence.Split(',').ToList();
foreach (var userInList in userInTagList)
{
var len = userInList.Length;
if (len != 36 && userInList[0] == 'g')
{
var groupId = Convert.ToInt64(userInList.Substring(1));
//Check the Group is Exist
var groupIsExist = db.Groups.FindAsync(groupId);
// Get all the user of the Group
var groupUsers = await(from u in db.Users
join ug in db.UserGroups on u.Id equals ug.UserId
join g in db.Groups on ug.GroupId equals g.Id
where g.Id == groupId
select new
{
u.Id,
u.UserName,
u.Email,
u.CompanyId,
}).ToListAsync();
// Add User to the Document
foreach (var userInGroup in groupUsers)
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInGroup.Id && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInGroup.Id;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
else
{
//check the user is already member of this Document
var aDocumentUser = await
db.DocumentUsers.Where(x => x.UserId == userInList && x.DocumentId == document.Id).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
DocumentUser documentUser = new DocumentUser();
documentUser.UserId = userInList;
documentUser.DocumentId = document.Id;
db.DocumentUsers.Add(documentUser);
await db.SaveChangesAsync();
}
}
}
return(Ok(sequence));
}
public async Task <IHttpActionResult> PostTag(TagDTO tag)
{
Tag aTag = new Tag();
//History aHistory = new History();
HistorySequence aHistorySequence = new HistorySequence();
SequenceACL aSequenceAcl = new SequenceACL();
bool updatePresentAccess = false;
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
//Check the doc is exist
Document document = await db.Documents.FindAsync(tag.DocumentId);
if (document == null)
{
return(BadRequest("Document is not exist"));
}
// check the document acl
DocumentACL documentAcl = await db.DocumentAcls.Where(x => x.DocumentId == tag.DocumentId).SingleOrDefaultAsync();
if (documentAcl.DocAclType == 0)
{
if (document.UserId != tag.UserId)
{
return(BadRequest("This document is private and this user is not authorized to tag this document"));
}
else
{
aTag.DocumentId = tag.DocumentId;
aTag.TagContent = tag.TagContent;
aTag.TagColor = tag.TagColor;
aTag.UserId = tag.UserId;
db.Tags.Add(aTag);
}
}
else if (documentAcl.DocAclType == 1)
{
var CompanyUser = await
db.Users.Where(x => x.CompanyId == document.CompanyId && x.Id == tag.UserId).SingleOrDefaultAsync();
if (CompanyUser == null)
{
return(BadRequest("This User is not belongs to this company"));
}
else
{
aTag.DocumentId = tag.DocumentId;
aTag.TagContent = tag.TagContent;
aTag.TagColor = tag.TagColor;
aTag.UserId = tag.UserId;
db.Tags.Add(aTag);
}
}
else if (documentAcl.DocAclType == 3)
{
Restricted aRestricted = await db.Restricteds.Where(x => x.DocAclId == documentAcl.Id).SingleOrDefaultAsync();
List <string> tagList = aRestricted.List.Split(',').ToList();
//Check the User is in the restricted list
DocumentUser aDocumentUser =
await db.DocumentUsers.Where(x => x.UserId == tag.UserId).SingleOrDefaultAsync();
if (aDocumentUser == null)
{
return(BadRequest("The Document is restriced and this user is not authorize to use it "));
}
else
{
aTag.DocumentId = tag.DocumentId;
aTag.TagContent = tag.TagContent;
aTag.TagColor = tag.TagColor;
aTag.UserId = tag.UserId;
db.Tags.Add(aTag);
}
}
else if (documentAcl.DocAclType == 2)
{
bool canTag = false;
aSequenceAcl = await db.SequenceAcls.Where(x => x.DocAclId == documentAcl.Id).SingleOrDefaultAsync();
List <string> tagList = aSequenceAcl.Sequence.Split(',').ToList();
//
var presentUserInList = tagList[aSequenceAcl.PresentAccess];
var len = presentUserInList.Length;
if (len != 36 && presentUserInList[0] == 'g')
{
var groupId = Convert.ToInt64(presentUserInList.Substring(1));
// check the user is in the group
var userIsIngroup = await(from ug in db.UserGroups
join u in db.Users on ug.UserId equals u.Id
where ug.GroupId == groupId && ug.UserId == tag.UserId
select new
{
Id = u.Id,
}).SingleOrDefaultAsync();
if (userIsIngroup != null)
{
var userPrivilageforTag = await
db.UserPrivilages.Where(x => x.UserId == userIsIngroup.Id).SingleOrDefaultAsync();
if (userPrivilageforTag.CanTagDocument == 1)
{
canTag = true;
}
}
else
{
return(BadRequest("User is not in authorize to tag the document"));
}
}
else
{
int index = tagList.IndexOf(tag.UserId);
if (index == -1)
{
return
(BadRequest("The Document is Sequencial-restriced and this user is not authorize to use it "));
}
else if (tagList.Count - 1 < aSequenceAcl.PresentAccess)
{
return
(BadRequest(
"The Document is Sequencial-restriced. All the User has already tagged this document."));
}
else if (tagList[aSequenceAcl.PresentAccess] != tag.UserId)
{
return
(BadRequest(
"The Document is Sequencial-restriced. User trun to tag the document is not come."));
}
else
{
canTag = true;
}
}
if (canTag)
{
aTag.DocumentId = tag.DocumentId;
aTag.TagContent = tag.TagContent;
aTag.TagColor = tag.TagColor;
aTag.UserId = tag.UserId;
db.Tags.Add(aTag);
updatePresentAccess = true;
}
}
await db.SaveChangesAsync();
//Edit history info
History aHistory = await db.Histories.Where(x => x.DocumentId == tag.DocumentId).SingleOrDefaultAsync();
//aHistory.AddedOn = DateTime.Now;
aHistory.EditedOn = DateTime.Now;
//aHistory.DocumentId = document.Id;
//db.Histories.Add(aHistory);
await db.SaveChangesAsync();
//Add History Sequence Info
aHistorySequence.HistoryId = aHistory.Id;
aHistorySequence.Message = tag.Message;
aHistorySequence.Date = aHistory.EditedOn;
aHistorySequence.UserId = User.Identity.GetUserId();
db.HistorySequences.Add(aHistorySequence);
await db.SaveChangesAsync();
//Update the present Access if it is a Sequencial Restricted Document
if (updatePresentAccess)
{
aSequenceAcl.PresentAccess += 1;
}
await db.SaveChangesAsync();
return(Ok(aTag));
}
