public JsonResult Index() { ConvertibleHashtable h = ConvertibleHashtable.fromRequest(); ConvertibleHashtable ud = ConvertibleHashtable.fromJObject((JObject)h["user_data"]); ApiKey k = ApiKey.getApiKey(); if (k.isAdmin()) { if (h["type"].ToString() == "supplier") { ud.merge(((JObject)h["supplier_data"]).ToObject <ConvertibleHashtable>()); if (ud.ContainsKey("user_id")) { ud.Remove("user_id"); } ud.toObject <Supplier>().insert(); } else if (h["type"].ToString() == "admin") { ud.toObject <Admin>().insert(); } else { return(Json(Costants.WRONG_USER_TYPE, JsonRequestBehavior.AllowGet)); } return(Json(Costants.OK, JsonRequestBehavior.AllowGet)); } else { return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet)); } }
/** Autentica l'utente e ritorna l'api_key * * API Reference: POST /api/auth/ * * JSON data: {email: "email", password: "******"} */ public JsonResult Index() { ConvertibleHashtable d = ConvertibleHashtable.fromRequest(); ConvertibleHashtable h = new ConvertibleHashtable(); // autentica l'utente, tramite il metodo checkPassword di User h.Add("auth", Models.User.checkPassword(d["email"].ToString(), d["password"].ToString())); // se l'autenticazione va a buon fine if ((bool)h["auth"]) { // trova l'user_id e l'aggiunge ai dati da ritornare int user_id = int.Parse(Models.User.getUserHashtableByEmail(d["email"].ToString())["id"].ToString()); h.Add("user_id", user_id); // calcola la chiave, l'inserisce nel db se non esiste già e l'aggiunge ai dati da ritornare ApiKey ak = new ApiKey(int.Parse(h["user_id"].ToString()), d["email"].ToString(), d["password"].ToString()); if (!(ApiKey.getApiKey(ak.key).key == ak.key)) { ak.insert(); } else { Models.Session.CloseSession(user_id); // chiude la sessione se è aperta } Models.Session.OpenSession(user_id); // apre una nuova sessione h.Add("api_key", ak.key); } return(Json(h, JsonRequestBehavior.AllowGet)); }
/// Ritorna la ConvertibleHashtable dell'Admin|Supplier avente l'user_id specificato protected static ConvertibleHashtable _getAdminOrSupplierHashtableByUserId <T>(int user_id) { ConvertibleHashtable userData = getHashtableById <User>(user_id); ConvertibleHashtable extraData = _db.getData(_getTableName <T>(), "user_id", user_id.ToString())[0]; extraData.merge(userData); return(extraData); }
/** Aggiunge una categoria * * API Reference: POST /api/categories/ * * Requisiti: admin api_key negli header http * * JSON Data: {name: "name"} */ public JsonResult Index() { if (!ApiKey.getApiKey().isAdmin()) { return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet)); } else { ConvertibleHashtable.fromRequest().toObject <ProductCategory>().insert(); return(Json(Costants.OK, JsonRequestBehavior.AllowGet)); } }
/// Restituisce true <=> l'email e la password corrispondono a un utente esistente public static bool checkPassword(String email, String password) { bool x = false; ConvertibleHashtable h = getUserHashtableByEmail(email); if (h.ContainsKey("password")) { x = h["password"].ToString() == password; } return(x); }
/** Ritorna i dati dei supplier * * GET /api/users/indexsupplier/ * * Requisiti: admin api_key negli haeders http */ public JsonResult IndexSupplier(int id) { ApiKey k = ApiKey.getApiKey(); if (id == -1 && k.isAdmin()) { return(Json(ConvertibleHashtable.filterPassword(Supplier.getAll()), JsonRequestBehavior.AllowGet)); } else { return(Detail(id)); } }
/// Aggiorna il record nel db public virtual void update() { ConvertibleHashtable old = _getHashtableById(id, _tableName); ConvertibleHashtable current = this._toConvertibleHashtable(); foreach (var k in old.Keys) { if (old[k].ToString() != current[k].ToString()) { _db.updateData(_tableName, k.ToString(), current[k].ToString(), "id", id.ToString()); } } }
/** Aggiorna una categoria * * API Reference: POST /api/categories/update/<id>/ * * Requisiti: admin api_key negli header http * * JSON Data: {name: "name"} */ public JsonResult Update(int id) { if (!ApiKey.getApiKey().isAdmin()) { return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet)); } else { ConvertibleHashtable newData = ConvertibleHashtable.fromRequest(); ConvertibleHashtable currentData = Model.getHashtableById <ProductCategory>(id); currentData.update(newData); currentData.toObject <ProductCategory>().update(); return(Json(Costants.OK, JsonRequestBehavior.AllowGet)); } }
/** Aggiunge uno stock * * Api Reference: POST /api/stocks/ * * Requisiti: admin api_key negli header http * * JSON Data: {product_id:<id>, price:<pr>, min:<min>, max:<max>, availability:<av>} */ public JsonResult Index() { ApiKey k = ApiKey.getApiKey(); ProductStock s = ConvertibleHashtable.fromRequest().toObject <ProductStock>(); if (k.isAdmin() || s.checkUserId(k.user_id)) { s.insert(); return(Json(Costants.OK, JsonRequestBehavior.AllowGet)); } else { return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet)); } }
public JsonResult Index() { ApiKey k = ApiKey.getApiKey(); ConvertibleHashtable data = ConvertibleHashtable.fromRequest(); if (k.isAdmin() || (data.ContainsKey("supplier_id") && Supplier.checkUserId(k.user_id, int.Parse(data["supplier_id"].ToString())))) { ConvertibleHashtable.fromRequest().toObject <Product>().insert(); return(Json(Costants.OK, JsonRequestBehavior.AllowGet)); } else { return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet)); } }
public JsonResult Update(int id) { ApiKey k = ApiKey.getApiKey(); ConvertibleHashtable newData = ConvertibleHashtable.fromRequest(); ConvertibleHashtable currentData = Model.getHashtableById <Product>(id); if (k.isAdmin() || Supplier.checkUserId(k.user_id, int.Parse(currentData["supplier_id"].ToString()))) { currentData.update(newData); currentData.toObject <Product>().update(); return(Json(Costants.OK, JsonRequestBehavior.AllowGet)); } else { return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet)); } }
/** Ritorna i dettagli di un utente * * Nota: ritorna anche le info sui supplier * * API Reference: GET /api/users/detail/<id>/ * * Requisiti: api_key negli headers http */ public JsonResult Detail(int id) { ApiKey k = ApiKey.getApiKey(); if (k.isAdmin() || k.checkUser(id)) { ConvertibleHashtable h = Model.getHashtableById <User>(id); if (h.toObject <User>().type == userType.supplier) { h = Supplier.getHashtableByUserId(id); } return(Json(h.filterPassword(), JsonRequestBehavior.AllowGet)); } else { return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet)); } }
/** Aggiorna uno stock * * Api Reference: POST /api/stocks/update/<id>/ * * Requisiti: admin api_key negli header http * * JSON Data: {product_id:<id>, price:<pr>, min:<min>, max:<max>, availability:<av>} */ public JsonResult Update(int id) { ApiKey k = ApiKey.getApiKey(); ConvertibleHashtable newData = ConvertibleHashtable.fromRequest(); ConvertibleHashtable currentData = Model.getHashtableById <ProductStock>(id); currentData.update(newData); ProductStock s = currentData.toObject <ProductStock>(); if (k.isAdmin() || s.checkUserId(k.user_id)) { s.update(); return(Json(Costants.OK, JsonRequestBehavior.AllowGet)); } else { return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet)); } }
public JsonResult Update(int id) { ConvertibleHashtable h = ConvertibleHashtable.fromRequest(); ApiKey k = ApiKey.getApiKey(); if (k.isAdmin() || k.checkUser(id)) { // controlla se si deve modificare le informazioni specifiche di un supplier ConvertibleHashtable supplierCurrentData = Supplier.getHashtableByUserId(id); if (h.ContainsKey("supplier_data") && supplierCurrentData["user_id"].ToString() == id.ToString()) { ConvertibleHashtable newData = ConvertibleHashtable.fromJObject((JObject)h["supplier_data"]); if (h.ContainsKey("user_data")) { newData.merge(ConvertibleHashtable.fromJObject((JObject)h["user_data"])); } supplierCurrentData.update(newData); if (!supplierCurrentData.ContainsKey("user_id")) { supplierCurrentData.Add("user_id", id); } supplierCurrentData.toObject <Supplier>().update(); } // modifica le info di base dell'utente, che sia admin o supplier else { ConvertibleHashtable currentData = Model.getHashtableById <User>(id); ConvertibleHashtable newData = ConvertibleHashtable.fromJObject((JObject)h["user_data"]); currentData.update(newData); currentData.toObject <User>().update(); } // aggiorna le api key per riflettere evenutali modifiche alla password o alla mail ApiKey.fromUserId(id).update(); return(Json(Costants.OK, JsonRequestBehavior.AllowGet)); } else { return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet)); } }