public IHttpActionResult DeleteLesson(int id) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null) { return(Unauthorized()); } Lesson lesson = db.Lessons.Find(id); if (lesson == null) { return(NotFound()); } if (lesson.Assignment == null || lesson.Assignment.Course == null) { return(BadRequest()); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, lesson))) { return(Unauthorized()); } int assignmentId = lesson.Assignment.Id; string error = db.Update(lesson, Deleted); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignmentId)); }
public IHttpActionResult GetLesson(int id) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null) { return(Unauthorized()); } Lesson lesson = db.Lessons.Find(id); if (lesson == null) { return(NotFound()); } if (lesson.Assignment == null || lesson.Assignment.Course == null) { return(InternalServerError()); } string accessRole = auth.GetAccessRole(authorizedUser, lesson); if (accessRole == null || accessRole.Equals("Student")) { return(Unauthorized()); } return(Ok(new LessonDetailDTO(lesson))); }
public IHttpActionResult DeleteCourse(int id) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null) { return(Unauthorized()); } Course course = db.Courses.Find(id); if (course == null) { return(NotFound()); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } string error = db.Update(course, Deleted); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Users/" + authorizedUser.Id)); }
public IHttpActionResult PutAssignment(int id, AssignmentDetailTeacherDTO assignmentDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Assignment assignment = db.Assignments.Find(id); if (assignmentDTO == null || assignment == null || assignment.Course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } Course course = assignment.Course; if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } if (!assignmentDTO.Validate(assignment, null)) { return(BadRequest()); } assignmentDTO.Update(assignment, null); string error = db.Update(assignment, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignment.Id)); }
public IHttpActionResult GetAssignment(int id) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null) { return(Unauthorized()); } Assignment assignment = db.Assignments.Find(id); if (assignment == null) { return(NotFound()); } if (assignment.Course == null) { return(InternalServerError()); } string accessRole = auth.GetAccessRole(authorizedUser, assignment); if (accessRole == null) { accessRole = "Student"; } if (accessRole.Equals("Student")) { return(Ok(new AssignmentDetailStudentDTO(assignment, authorizedUser.GetStudent(), null))); } else { Tutor tutor = accessRole.Equals("Teacher") ? null : authorizedUser.GetTutor(); return(Ok(new AssignmentDetailTeacherDTO(assignment, authorizedUser.GetStudent(), tutor, authorizedUser.GetTeacher()))); } }
public IHttpActionResult PostTask(TaskDetailDTO taskDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Assignment assignment = db.Assignments.Find(taskDTO.NewAssignmentId); if (!ModelState.IsValid || assignment == null || assignment.Course == null || !taskDTO.Validate(null, assignment)) { return(BadRequest()); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, assignment.Course))) { return(Unauthorized()); } Task task = taskDTO.Create(); string error = db.Update(task, Added); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignment.Id)); }
public IHttpActionResult GetGroup(int id) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null) { return(Unauthorized()); } Group group = db.Groups.Find(id); if (group == null) { return(NotFound()); } if (group.Lesson == null || group.Lesson.Assignment == null || group.Lesson.Assignment.Course == null) { return(InternalServerError()); } string accessRole = auth.GetAccessRole(authorizedUser, group); if (accessRole == null || accessRole.Equals("Student")) { return(Unauthorized()); } return(Ok(new GroupDetailTeacherDTO(group))); }
public IHttpActionResult PostAssignment(AssignmentDetailTeacherDTO assignmentDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Course course = db.Courses.Find(assignmentDTO.NewCourseId); if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } Assignment derived = null; if (assignmentDTO.NewIsDerived) { if (assignmentDTO.NewDerivedFromName == null) { return(BadRequest()); } foreach (Assignment otherAssignment in course.Assignments) { if (assignmentDTO.NewDerivedFromName.Equals(otherAssignment.Name)) { derived = otherAssignment; break; } } if (derived == null) { return(BadRequest()); } } if (!ModelState.IsValid || course == null || !assignmentDTO.Validate(null, derived)) { return(BadRequest()); } ICollection <object> objects = assignmentDTO.Create(derived); string error = db.UpdateAll(objects, Added); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id)); }
public IHttpActionResult PutGroup(int id, GroupDetailTeacherDTO groupDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || (authorizedUser.GetTeacher() == null && authorizedUser.GetTutor() == null)) { return(Unauthorized()); } Group group = db.Groups.Find(id); if (groupDTO == null || group == null || group.Lesson == null || group.Lesson.Assignment == null || group.Lesson.Assignment.Course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } Course course = group.Lesson.Assignment.Course; bool isTeacher; if (!group.IsFinal) { if (authorizedUser.GetTutor() == null || !authorizedUser.GetTutor().Equals(group.Lesson.Tutor)) { return(Unauthorized()); } isTeacher = false; } else { if (authorizedUser.GetTeacher() == null || !"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } isTeacher = true; } if (!groupDTO.Validate(group, isTeacher)) { return(BadRequest()); } groupDTO.Update(group); string error = db.Update(group, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Groups/" + id)); }
public IHttpActionResult DeleteGradingScheme(int id) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } GradingScheme scheme = db.GradingSchemes.Find(id); if (scheme == null) { return(NotFound()); } bool authorized = scheme.Courses.Count == 0; if (!authorized) { foreach (Course course in scheme.Courses) { if ("Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { authorized = true; break; } } } if (!authorized) { return(Unauthorized()); } ICollection <object> entities = new HashSet <object>(); foreach (Grade grade in scheme.Grades) { entities.Add(grade); } entities.Add(scheme); string error = db.UpdateAll(entities, Deleted); if (error != null) { return(BadRequest(error)); } return(StatusCode(HttpStatusCode.NoContent)); }
public IHttpActionResult PutLesson(int id, LessonDetailDTO lessonDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Lesson lesson = db.Lessons.Find(id); if (lessonDTO == null || lesson == null || lesson.Assignment == null || lesson.Assignment.Course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, lesson))) { return(Unauthorized()); } Tutor tutor = null; if (lessonDTO.NewTutorIdentifier != null) { User user = auth.GetUserByIdentifier(lessonDTO.NewTutorIdentifier); if (user == null && user.GetTutor() == null) { return(BadRequest()); } tutor = user.GetTutor(); } if (!lessonDTO.Validate(lesson, null, tutor)) { return(BadRequest()); } lessonDTO.Update(lesson, tutor); string error = db.Update(lesson, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + lesson.Assignment.Id)); }
public IHttpActionResult PutCourse(int id, CourseDetailDTO courseDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null) { return(Unauthorized()); } Course course = db.Courses.Find(id); if (courseDTO == null || course == null || !ModelState.IsValid) { return(BadRequest(ModelState)); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course))) { return(Unauthorized()); } if (courseDTO.NewGradingSchemeName != null) { foreach (GradingScheme scheme in db.GradingSchemes) { if (courseDTO.NewGradingSchemeName.Equals(scheme.Name)) { course.GradingSchemeId = scheme.Id; break; } } } if (!courseDTO.Validate(course)) { return(BadRequest()); } courseDTO.Update(course); string error = db.Update(course, Modified); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id)); }
public IHttpActionResult PostLesson(LessonDetailDTO lessonDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } Assignment assignment = db.Assignments.Find(lessonDTO.NewAssignmentId); if (lessonDTO.NewTutorIdentifier == null || assignment == null || assignment.Course == null) { return(BadRequest()); } if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, assignment))) { return(Unauthorized()); } User user = auth.GetUserByIdentifier(lessonDTO.NewTutorIdentifier); if (user == null && user.GetTutor() == null) { return(BadRequest()); } Tutor tutor = user.GetTutor(); if (!ModelState.IsValid || !lessonDTO.Validate(null, assignment, tutor)) { return(BadRequest()); } Lesson lesson = lessonDTO.Create(tutor); string error = db.Update(lesson, Added); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + lesson.Assignment.Id)); }
public IHttpActionResult PostCourse(CourseDetailDTO courseDTO) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null || authorizedUser.GetTeacher() == null) { return(Unauthorized()); } if (!ModelState.IsValid || !courseDTO.Validate(null)) { return(BadRequest()); } Course course = courseDTO.Create(authorizedUser.GetTeacher().Id); string error = db.Update(course, Added); if (error != null) { return(BadRequest(error)); } return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id)); }
public HttpResponseMessage Post([FromBody] string value) { Authorize auth = new Authorize(); User user = auth.GetAuthorizedUser(value); if (user == null) { return(new HttpResponseMessage(HttpStatusCode.Unauthorized)); } HttpResponseMessage resp = new HttpResponseMessage(); CookieHeaderValue cookie = new CookieHeaderValue("user", user.Id.ToString() + "&" + user.Identifier + "&" + auth.GetPassword(value)) { Expires = DateTimeOffset.Now.AddHours(1), Domain = Request.RequestUri.Host, Path = "/", HttpOnly = true, Secure = true }; resp.Headers.AddCookies(new CookieHeaderValue[] { cookie }); resp.StatusCode = HttpStatusCode.Moved; resp.Headers.Location = new Uri("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Users/" + user.Id); return(resp); }
public IHttpActionResult GetCourse(int id) { Authorize auth = new Authorize(); User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault()); if (authorizedUser == null) { return(Unauthorized()); } Course course = db.Courses.Find(id); if (course == null) { return(NotFound()); } string accessRole = auth.GetAccessRole(authorizedUser, course); if (accessRole == null) { return(Ok(new CourseListDTO(course))); } return(Ok(new CourseDetailDTO(course, authorizedUser.GetStudent(), authorizedUser.GetTutor(), authorizedUser.GetTeacher(), db.GradingSchemes.ToList()))); }