public IHttpActionResult GetMySpouse(int contactid)
{
return(Authorized(token =>
{
try
{
var family = _contactRelationshipService.GetMyImmediateFamilyRelationships(contactid, token);
var spouse = family.Where(f => f.Relationship_Id == 1).Select(s => new FamilyMember
{
Age = s.Age,
ContactId = s.Contact_Id,
Email = s.Email_Address,
LastName = s.Last_Name,
PreferredName = s.Preferred_Name,
RelationshipId = s.Relationship_Id,
ParticipantId = s.Participant_Id,
HighSchoolGraduationYear = s.HighSchoolGraduationYear
}).SingleOrDefault();
return Ok(spouse);
}
catch (Exception ex)
{
var apiError = new ApiErrorDto("Get Spouse Failed", ex);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
private IHttpActionResult GetDonorForUnauthenticatedUser(string email)
{
try
{
var donor = _donorService.GetContactDonorForEmail(email);
if (donor == null || !donor.HasPaymentProcessorRecord)
{
return(NotFound());
}
else
{
var response = new DonorDTO
{
Id = donor.DonorId,
ProcessorId = donor.ProcessorId,
RegisteredUser = donor.RegisteredUser,
Email = donor.Email
};
return(Ok(response));
}
}
catch (PaymentProcessorException stripeException)
{
return(stripeException.GetStripeResult());
}
catch (Exception exception)
{
var apiError = new ApiErrorDto("Donor Get Failed", exception);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public IHttpActionResult CancelRecurringGift([FromUri] int recurringGiftId, [FromUri(Name = "impersonateDonorId")] int?impersonateDonorId = null)
{
return(Authorized(token =>
{
try
{
var impersonateUserId = impersonateDonorId == null ? string.Empty : _mpDonorService.GetEmailViaDonorId(impersonateDonorId.Value).Email;
var result = (impersonateDonorId != null)
? _impersonationService.WithImpersonation(token,
impersonateUserId,
() =>
_donorService.CancelRecurringGift(token, recurringGiftId))
: _donorService.CancelRecurringGift(token, recurringGiftId);
return (Ok());
}
catch (PaymentProcessorException stripeException)
{
return (stripeException.GetStripeResult());
}
catch (ApplicationException applicationException)
{
var apiError = new ApiErrorDto("Error calling Ministry Platform " + applicationException.Message, applicationException);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
public IHttpActionResult CreateInvitation([FromBody] Invitation invitation)
{
if (!ModelState.IsValid)
{
var errors = ModelState.Values.SelectMany(val => val.Errors).Aggregate("", (current, err) => current + err.Exception.Message);
var dataError = new ApiErrorDto("CreateInvitation Data Invalid", new InvalidOperationException("Invalid CreateInvitation Data " + errors));
throw new HttpResponseException(dataError.HttpResponseMessage);
}
return(Authorized(token =>
{
try
{
_invitationService.ValidateInvitation(invitation, token);
return Ok(_invitationService.CreateInvitation(invitation, token));
}
catch (ValidationException e)
{
var error = new ApiErrorDto("Not authorized to send invitations of this type", e, HttpStatusCode.Forbidden);
throw new HttpResponseException(error.HttpResponseMessage);
}
catch (Exception e)
{
_logger.Error(string.Format("Could not create invitation to recipient {0} ({1}) for group {2}", invitation.RecipientName, invitation.EmailAddress, invitation.SourceId), e);
var apiError = new ApiErrorDto("CreateInvitation Failed", e, HttpStatusCode.InternalServerError);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
private IHttpActionResult CreateDonorForAuthenticatedUser(string authToken, CreateDonorDTO dto)
{
try
{
var donor = _donorService.GetContactDonorForAuthenticatedUser(authToken);
donor = _donorService.CreateOrUpdateContactDonor(donor, string.Empty, string.Empty, string.Empty, string.Empty, dto.stripe_token_id, DateTime.Now);
var response = new DonorDTO
{
Id = donor.DonorId,
ProcessorId = donor.ProcessorId,
RegisteredUser = true,
Email = donor.Email
};
return(Ok(response));
}
catch (PaymentProcessorException e)
{
return(e.GetStripeResult());
}
catch (Exception exception)
{
var apiError = new ApiErrorDto("Donor Post Failed", exception);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public IHttpActionResult Get(string username)
{
return(Authorized(token =>
{
try
{
int userid = _userRepository.GetUserIdByUsername(username);
MpUser user = _userRepository.GetUserByRecordId(userid);
var userRoles = _userRepository.GetUserRoles(userid);
MpMyContact contact = _contactRepository.GetContactByUserRecordId(user.UserRecordId);
var r = new LoginReturn
{
userToken = token,
userTokenExp = "",
refreshToken = "",
userId = contact.Contact_ID,
username = contact.First_Name,
userEmail = contact.Email_Address,
roles = userRoles,
age = contact.Age,
userPhone = contact.Mobile_Phone,
canImpersonate = user.CanImpersonate
};
return Ok(r);
}
catch (Exception e)
{
var apiError = new ApiErrorDto($"{e.Message}");
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
public IHttpActionResult VerifyCredentials([FromBody] Credentials cred)
{
return(Authorized(token =>
{
try
{
var authData = AuthenticationRepository.Authenticate(cred.username, cred.password);
// if the username or password is wrong, auth data will be null
if (authData == null)
{
return this.Unauthorized();
}
else
{
return this.Ok();
}
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Verify Credentials Failed", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
public IHttpActionResult Post([FromBody] EventToolDto eventReservation)
{
if (ModelState.IsValid)
{
return(Authorized(token =>
{
try
{
_eventService.CreateEventReservation(eventReservation, token);
return Ok();
}
catch (Exception e)
{
var msg = "EventToolController: POST " + eventReservation.Title;
logger.Error(msg, e);
var apiError = new ApiErrorDto(msg, e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
var errors = ModelState.Values.SelectMany(val => val.Errors).Aggregate("", (current, err) => current + err.Exception.Message);
var dataError = new ApiErrorDto("Event Data Invalid", new InvalidOperationException("Invalid Event Data" + errors));
throw new HttpResponseException(dataError.HttpResponseMessage);
}
public IHttpActionResult SaveRsvp([FromBody] SaveRsvpDto saveRsvp)
{
if (!ModelState.IsValid)
{
var errors = ModelState.Values.SelectMany(val => val.Errors).Aggregate("", (current, err) => current + err.Exception.Message);
var dataError = new ApiErrorDto("RSVP Data Invalid", new InvalidOperationException("Invalid RSVP Data" + errors));
throw new HttpResponseException(dataError.HttpResponseMessage);
}
//validate request
if (saveRsvp.StartDateUnix <= 0)
{
var dateError = new ApiErrorDto("StartDate Invalid", new InvalidOperationException("Invalid Date"));
throw new HttpResponseException(dateError.HttpResponseMessage);
}
return(Authorized(token =>
{
var message = _messageFactory.CreateMessage(saveRsvp);
_eventQueue.Send(message, MessageQueueTransactionType.None);
// get updated events and return them
var updatedEvents = new UpdatedEvents();
try
{
updatedEvents.EventIds.AddRange(_serveService.GetUpdatedOpportunities(token, saveRsvp));
}
catch (Exception exception)
{
var apiError = new ApiErrorDto("Save RSVP Failed", exception);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
return Ok(updatedEvents);
}));
}
public IHttpActionResult AddToGroup([FromUri] int groupId, [FromBody] User person)
{
if (!ModelState.IsValid)
{
var errors = ModelState.Values.SelectMany(val => val.Errors).Aggregate("", (current, err) => current + err.Exception.Message);
var dataError = new ApiErrorDto("AddToGroup Data Invalid", new InvalidOperationException("Invalid AddToGroup Data " + errors));
throw new HttpResponseException(dataError.HttpResponseMessage);
}
return(Authorized(token =>
{
try
{
_finderService.AddUserDirectlyToGroup(token, person, groupId, _trialMemberRoleId);
return (Ok());
}
catch (DuplicateGroupParticipantException dup)
{
throw new HttpResponseException(HttpStatusCode.Conflict);
}
catch (Exception e)
{
_logger.Error($"Could not add participant {person.firstName + " " + person.lastName} ({person.email}) to group {3}", e);
var apiError = new ApiErrorDto("AddToGroup Failed", e, HttpStatusCode.InternalServerError);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
public IHttpActionResult UpdateEventRoom([FromBody] EventRoomDto room, int eventId)
{
if (ModelState.IsValid)
{
return(Authorized(token =>
{
try
{
if (eventId == 0)
{
throw new ApplicationException("Invalid Event Id");
}
return Ok(_eventService.UpdateEventRoom(room, eventId, token));
}
catch (Exception e)
{
var msg = "EventToolController: UpdateEventRoom " + room.Name;
logger.Error(msg, e);
var apiError = new ApiErrorDto(msg, e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
var errors = ModelState.Values.SelectMany(val => val.Errors).Aggregate("", (current, err) => current + err.Exception.Message);
var dataError = new ApiErrorDto("Event Data Invalid", new InvalidOperationException("Invalid Event Data" + errors));
throw new HttpResponseException(dataError.HttpResponseMessage);
}
public IHttpActionResult GetPinsByAddress(PinSearchQueryParams queryParams)
{
try
{
AwsBoundingBox awsBoundingBox = null;
Boolean areAllBoundingBoxParamsPresent = _finderService.areAllBoundingBoxParamsPresent(queryParams.BoundingBox);
if (areAllBoundingBoxParamsPresent)
{
awsBoundingBox = _awsCloudsearchService.BuildBoundingBox(queryParams.BoundingBox);
}
var originCoords = _finderService.GetMapCenterForResults(queryParams.UserLocationSearchString, queryParams.CenterGeoCoords, queryParams.FinderType);
var pinsInRadius = _finderService.GetPinsInBoundingBox(originCoords, queryParams.UserKeywordSearchString, awsBoundingBox, queryParams.FinderType, queryParams.ContactId, queryParams.UserFilterString);
pinsInRadius = _finderService.RandomizeLatLongForNonSitePins(pinsInRadius);
var result = new PinSearchResultsDto(new GeoCoordinates(originCoords.Latitude, originCoords.Longitude), pinsInRadius);
return(Ok(result));
}
catch (InvalidAddressException ex)
{
var apiError = new ApiErrorDto("Invalid Address", ex, HttpStatusCode.PreconditionFailed);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
catch (Exception ex)
{
var apiError = new ApiErrorDto("Get Pin By Address Failed", ex);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public IHttpActionResult GetProfile(int contactId)
{
return(Authorized(token =>
{
try
{
// does the logged in user have permission to view this contact?
//TODO: Move this security logic to MP, if for some reason we absulutly can't then centerlize all security logic that exists in the gateway
var family = _serveService.GetImmediateFamilyParticipants(token);
Person person = null;
if (family.Where(f => f.ContactId == contactId).ToList().Count > 0)
{
person = _personService.GetPerson(contactId);
}
if (person == null)
{
return Unauthorized();
}
return Ok(person);
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Get Profile Failed", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
public IHttpActionResult Post([FromBody] Person person)
{
if (ModelState.IsValid)
{
return(Authorized(t =>
{
// does the logged in user have permission to view this contact?
var family = _serveService.GetImmediateFamilyParticipants(t);
if (family.Where(f => f.ContactId == person.ContactId).ToList().Count > 0)
{
try
{
_personService.SetProfile(t, person);
return this.Ok();
}
catch (Exception ex)
{
var apiError = new ApiErrorDto("Profile update Failed", ex);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
else
{
return this.Unauthorized();
}
}));
}
var errors = ModelState.Values.SelectMany(val => val.Errors).Aggregate("", (current, err) => current + err.Exception.Message);
var dataError = new ApiErrorDto("Save Trip Application Data Invalid", new InvalidOperationException("Invalid Save Data" + errors));
throw new HttpResponseException(dataError.HttpResponseMessage);
}
public IHttpActionResult Post(int groupId, [FromBody] List <ParticipantSignup> partId)
{
return(Authorized(token =>
{
try
{
_groupService.LookupParticipantIfEmpty(token, partId);
_groupService.addParticipantsToGroup(groupId, partId);
_logger.Debug(String.Format("Successfully added participants {0} to group {1}", partId, groupId));
return (Ok());
}
catch (GroupFullException e)
{
var responseMessage = new ApiErrorDto("Group Is Full", e).HttpResponseMessage;
// Using HTTP Status code 422/Unprocessable Entity to indicate Group Is Full
// http://tools.ietf.org/html/rfc4918#section-11.2
responseMessage.StatusCode = (HttpStatusCode)422;
throw new HttpResponseException(responseMessage);
}
catch (Exception e)
{
_logger.Error("Could not add user to group", e);
return BadRequest();
}
}));
}
public IHttpActionResult Post([FromBody] MpRespondToOpportunityDto opportunityResponse)
{
if (!ModelState.IsValid)
{
var errors = ModelState.Values.SelectMany(val => val.Errors)
.Aggregate("", (current, err) => current + err.Exception.Message);
var dataError = new ApiErrorDto("POST Data Invalid",
new InvalidOperationException("Invalid POST Data" + errors));
throw new HttpResponseException(dataError.HttpResponseMessage);
}
try
{
if (opportunityResponse.Participants.Count > 0)
{
_opportunityService.RespondToOpportunity(opportunityResponse);
}
}
catch (Exception exception)
{
var apiError = new ApiErrorDto("Opportunity POST failed", exception);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
return(Ok());
}
public IHttpActionResult AdminGetProfile(int contactId)
{
return(Authorized(token =>
{
var user = _userService.GetByAuthenticationToken(token);
var roles = _userService.GetUserRoles(user.UserRecordId);
if (roles == null || !roles.Exists(r => _allowedAdminGetProfileRoles.Contains(r.Id)))
{
return Unauthorized();
}
try
{
var person = _personService.GetPerson(contactId);
if (person == null)
{
return NotFound();
}
return Ok(person);
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Get Profile Failed", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
private IHttpActionResult UpdateDonor(string token, UpdateDonorDTO dto)
{
MpContactDonor mpContactDonor;
SourceData sourceData;
try
{
mpContactDonor =
token == null?
_donorService.GetContactDonorForEmail(dto.EmailAddress)
:
_donorService.GetContactDonorForAuthenticatedUser(token);
sourceData = _stripePaymentService.UpdateCustomerSource(mpContactDonor.ProcessorId, dto.StripeTokenId);
}
catch (PaymentProcessorException stripeException)
{
return(stripeException.GetStripeResult());
}
catch (ApplicationException applicationException)
{
var apiError = new ApiErrorDto("Error calling Ministry Platform" + applicationException.Message, applicationException);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
//return donor
var donor = new DonorDTO
{
Id = mpContactDonor.DonorId,
ProcessorId = mpContactDonor.ProcessorId,
DefaultSource = new DefaultSourceDTO
{
credit_card = new CreditCardDTO
{
brand = sourceData.brand,
last4 = sourceData.last4,
address_zip = sourceData.address_zip,
exp_date = sourceData.exp_month + sourceData.exp_year
},
bank_account = new BankAccountDTO
{
last4 = sourceData.bank_last4,
routing = sourceData.routing_number,
accountHolderName = sourceData.account_holder_name,
accountHolderType = sourceData.account_holder_type
}
},
RegisteredUser = mpContactDonor.RegisteredUser,
Email = mpContactDonor.Email
};
return(Ok(donor));
}
public IHttpActionResult GetGoEquipment()
{
try
{
return(Ok(GetAttributesByType("GoCincinnatiEquipmentAttributeType")));
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Get Go Volunteer Equipment failed: ", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public IHttpActionResult GetPrepTimes()
{
try
{
return(Ok(GetAttributesByType("PrepWorkAttributeTypeId")));
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Get Prep Times failed: ", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public IHttpActionResult Post([FromBody] Registration goVolunteerRegistration)
{
if (ModelState.IsValid)
{
return(Authorized(token => SaveRegistration(token, goVolunteerRegistration),
() => SaveRegistration(string.Empty, goVolunteerRegistration)));
}
var errors = ModelState.Values.SelectMany(val => val.Errors).Aggregate("", (current, err) => current + err.ErrorMessage);
var dataError = new ApiErrorDto("Registration Data Invalid", new InvalidOperationException("Invalid Registration Data" + errors));
throw new HttpResponseException(dataError.HttpResponseMessage);
}
public IHttpActionResult GetProject(int projectId)
{
try
{
return(Ok(_goVolunteerService.GetProject(projectId)));
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Get Project failed: ", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public IHttpActionResult ValidateAddress([FromUri(Name = "address")] string address)
{
try
{
return(Ok(_addressGeocodingService.ValidateAddress(address)));
}
catch (InvalidAddressException)
{
var apiError = new ApiErrorDto($"Invalid address {address}", code: HttpStatusCode.NotFound);
return(ResponseMessage(apiError.HttpResponseMessage));
}
}
private IHttpActionResult CreateDonorForUnauthenticatedUser(CreateDonorDTO dto)
{
MpContactDonor donor;
try
{
donor = _donorService.GetContactDonorForEmail(dto.email_address);
}
catch (Exception e)
{
var msg = "Error getting donor for email " + dto.email_address;
logger.Error(msg, e);
var apiError = new ApiErrorDto(msg, e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
int existingDonorId =
(donor == null) ?
0 :
donor.DonorId;
try
{
donor = _donorService.CreateOrUpdateContactDonor(donor, String.Empty, dto.first_name, dto.last_name, dto.email_address, dto.stripe_token_id, DateTime.Now);
}
catch (PaymentProcessorException e)
{
return(e.GetStripeResult());
}
catch (Exception e)
{
var msg = "Error creating donor for email " + dto.email_address;
logger.Error(msg, e);
var apiError = new ApiErrorDto(msg, e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
var responseBody = new DonorDTO
{
Id = donor.DonorId,
ProcessorId = donor.ProcessorId,
RegisteredUser = false,
Email = donor.Email
};
// HTTP StatusCode should be 201 (Created) if we created a donor, or 200 (Ok) if returning an existing donor
var statusCode =
(existingDonorId == donor.DonorId) ?
HttpStatusCode.OK :
HttpStatusCode.Created;
return(ResponseMessage(Request.CreateResponse(statusCode, responseBody)));
}
private IHttpActionResult GetDonorForAuthenticatedUser(string token)
{
try
{
var donor = _donorService.GetContactDonorForAuthenticatedUser(token);
if (donor == null || !donor.HasPaymentProcessorRecord)
{
return(NotFound());
}
else
{
var defaultSource = _stripePaymentService.GetDefaultSource(donor.ProcessorId);
var response = new DonorDTO()
{
Id = donor.DonorId,
ProcessorId = donor.ProcessorId,
DefaultSource = new DefaultSourceDTO
{
credit_card = new CreditCardDTO
{
last4 = defaultSource.last4,
brand = defaultSource.brand,
address_zip = defaultSource.address_zip,
exp_date = defaultSource.exp_month + defaultSource.exp_year
},
bank_account = new BankAccountDTO
{
last4 = defaultSource.bank_last4,
routing = defaultSource.routing_number,
accountHolderName = defaultSource.account_holder_name,
accountHolderType = defaultSource.account_holder_type
}
},
RegisteredUser = donor.RegisteredUser,
Email = donor.Email
};
return(Ok(response));
}
}
catch (PaymentProcessorException stripeException)
{
return(stripeException.GetStripeResult());
}
catch (Exception exception)
{
var apiError = new ApiErrorDto("Donor Get Failed", exception);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public IHttpActionResult ApproveChildcareRequest(int requestId, ChildcareRequestDto childcareRequest)
{
if (!ModelState.IsValid)
{
var errors = ModelState.Values.SelectMany(val => val.Errors).Aggregate("", (current, err) => current + err.Exception.Message);
var dataError = new ApiErrorDto("Save Request Data Invalid", new InvalidOperationException("Invalid Save request Data" + errors));
throw new HttpResponseException(dataError.HttpResponseMessage);
}
return(Authorized(token =>
{
try
{
_childcareService.ApproveChildcareRequest(requestId, childcareRequest, token);
return Ok();
}
catch (EventMissingException e)
{
var errors = new DateError()
{
Errors = e.MissingDateTimes, Message = e.Message
};
var json = JsonConvert.SerializeObject(errors, Formatting.Indented);
var message = new HttpResponseMessage(HttpStatusCode.RequestedRangeNotSatisfiable);
message.Content = new StringContent(json);
throw new HttpResponseException(message);
}
catch (ChildcareDatesMissingException e)
{
var json = JsonConvert.SerializeObject(e.Message, Formatting.None);
var message = new HttpResponseMessage(HttpStatusCode.NotAcceptable);
message.Content = new StringContent(json);
throw new HttpResponseException(message);
}
catch (DuplicateChildcareEventsException e)
{
var error = new DateError()
{
Error = e.RequestedDate, Message = e.Message
};
var json = JsonConvert.SerializeObject(error, Formatting.Indented);
var message = new HttpResponseMessage(HttpStatusCode.MultipleChoices);
message.Content = new StringContent(json);
throw new HttpResponseException(message);
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Approve Childcare Request Failed", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}));
}
public IHttpActionResult GetInvoicePaymentDetails(int invoiceId)
{
try
{
var res = _paymentService.GetPaymentDetails(invoiceId);
return(Ok(res));
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Unable to get payment details", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public IHttpActionResult Search(string query)
{
try
{
var list = _tripService.Search(query);
return(Ok(list));
}
catch (Exception ex)
{
var apiError = new ApiErrorDto("Trip Search Failed", ex);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public async Task <IHttpActionResult> GetURLSegment()
{
try
{
var urlSegment = _groupLeaderService.GetUrlSegment().Wait();
return(Ok(new { url = urlSegment }));
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Getting Url Segment Failed: ", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}
public IHttpActionResult GetGoChildrenOptions()
{
try
{
var options = _goVolunteerService.ChildrenOptions();
return(Ok(options));
}
catch (Exception e)
{
var apiError = new ApiErrorDto("Get Go Volunteer Children Options failed: ", e);
throw new HttpResponseException(apiError.HttpResponseMessage);
}
}