public JsonResult Index()
{
ConvertibleHashtable h = ConvertibleHashtable.fromRequest();
ConvertibleHashtable ud = ConvertibleHashtable.fromJObject((JObject)h["user_data"]);
ApiKey k = ApiKey.getApiKey();
if (k.isAdmin())
{
if (h["type"].ToString() == "supplier")
{
ud.merge(((JObject)h["supplier_data"]).ToObject <ConvertibleHashtable>());
if (ud.ContainsKey("user_id"))
{
ud.Remove("user_id");
}
ud.toObject <Supplier>().insert();
}
else if (h["type"].ToString() == "admin")
{
ud.toObject <Admin>().insert();
}
else
{
return(Json(Costants.WRONG_USER_TYPE, JsonRequestBehavior.AllowGet));
}
return(Json(Costants.OK, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet));
}
}
/** Autentica l'utente e ritorna l'api_key
*
* API Reference: POST /api/auth/
*
* JSON data: {email: "email", password: "******"} */
public JsonResult Index()
{
ConvertibleHashtable d = ConvertibleHashtable.fromRequest();
ConvertibleHashtable h = new ConvertibleHashtable();
// autentica l'utente, tramite il metodo checkPassword di User
h.Add("auth", Models.User.checkPassword(d["email"].ToString(), d["password"].ToString()));
// se l'autenticazione va a buon fine
if ((bool)h["auth"])
{
// trova l'user_id e l'aggiunge ai dati da ritornare
int user_id = int.Parse(Models.User.getUserHashtableByEmail(d["email"].ToString())["id"].ToString());
h.Add("user_id", user_id);
// calcola la chiave, l'inserisce nel db se non esiste già e l'aggiunge ai dati da ritornare
ApiKey ak = new ApiKey(int.Parse(h["user_id"].ToString()), d["email"].ToString(), d["password"].ToString());
if (!(ApiKey.getApiKey(ak.key).key == ak.key))
{
ak.insert();
}
else
{
Models.Session.CloseSession(user_id); // chiude la sessione se è aperta
}
Models.Session.OpenSession(user_id); // apre una nuova sessione
h.Add("api_key", ak.key);
}
return(Json(h, JsonRequestBehavior.AllowGet));
}
/// Ritorna la ConvertibleHashtable dell'Admin|Supplier avente l'user_id specificato
protected static ConvertibleHashtable _getAdminOrSupplierHashtableByUserId <T>(int user_id)
{
ConvertibleHashtable userData = getHashtableById <User>(user_id);
ConvertibleHashtable extraData = _db.getData(_getTableName <T>(), "user_id", user_id.ToString())[0];
extraData.merge(userData);
return(extraData);
}
/** Aggiunge una categoria
*
* API Reference: POST /api/categories/
*
* Requisiti: admin api_key negli header http
*
* JSON Data: {name: "name"} */
public JsonResult Index()
{
if (!ApiKey.getApiKey().isAdmin())
{
return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet));
}
else
{
ConvertibleHashtable.fromRequest().toObject <ProductCategory>().insert();
return(Json(Costants.OK, JsonRequestBehavior.AllowGet));
}
}
/// Restituisce true <=> l'email e la password corrispondono a un utente esistente
public static bool checkPassword(String email, String password)
{
bool x = false;
ConvertibleHashtable h = getUserHashtableByEmail(email);
if (h.ContainsKey("password"))
{
x = h["password"].ToString() == password;
}
return(x);
}
/** Ritorna i dati dei supplier
*
* GET /api/users/indexsupplier/
*
* Requisiti: admin api_key negli haeders http */
public JsonResult IndexSupplier(int id)
{
ApiKey k = ApiKey.getApiKey();
if (id == -1 && k.isAdmin())
{
return(Json(ConvertibleHashtable.filterPassword(Supplier.getAll()), JsonRequestBehavior.AllowGet));
}
else
{
return(Detail(id));
}
}
/// Aggiorna il record nel db
public virtual void update()
{
ConvertibleHashtable old = _getHashtableById(id, _tableName);
ConvertibleHashtable current = this._toConvertibleHashtable();
foreach (var k in old.Keys)
{
if (old[k].ToString() != current[k].ToString())
{
_db.updateData(_tableName, k.ToString(), current[k].ToString(), "id", id.ToString());
}
}
}
/** Aggiorna una categoria
*
* API Reference: POST /api/categories/update/<id>/
*
* Requisiti: admin api_key negli header http
*
* JSON Data: {name: "name"} */
public JsonResult Update(int id)
{
if (!ApiKey.getApiKey().isAdmin())
{
return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet));
}
else
{
ConvertibleHashtable newData = ConvertibleHashtable.fromRequest();
ConvertibleHashtable currentData = Model.getHashtableById <ProductCategory>(id);
currentData.update(newData);
currentData.toObject <ProductCategory>().update();
return(Json(Costants.OK, JsonRequestBehavior.AllowGet));
}
}
/** Aggiunge uno stock
*
* Api Reference: POST /api/stocks/
*
* Requisiti: admin api_key negli header http
*
* JSON Data: {product_id:<id>, price:<pr>, min:<min>, max:<max>, availability:<av>} */
public JsonResult Index()
{
ApiKey k = ApiKey.getApiKey();
ProductStock s = ConvertibleHashtable.fromRequest().toObject <ProductStock>();
if (k.isAdmin() || s.checkUserId(k.user_id))
{
s.insert();
return(Json(Costants.OK, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet));
}
}
public JsonResult Index()
{
ApiKey k = ApiKey.getApiKey();
ConvertibleHashtable data = ConvertibleHashtable.fromRequest();
if (k.isAdmin() || (data.ContainsKey("supplier_id") &&
Supplier.checkUserId(k.user_id, int.Parse(data["supplier_id"].ToString()))))
{
ConvertibleHashtable.fromRequest().toObject <Product>().insert();
return(Json(Costants.OK, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet));
}
}
public JsonResult Update(int id)
{
ApiKey k = ApiKey.getApiKey();
ConvertibleHashtable newData = ConvertibleHashtable.fromRequest();
ConvertibleHashtable currentData = Model.getHashtableById <Product>(id);
if (k.isAdmin() || Supplier.checkUserId(k.user_id, int.Parse(currentData["supplier_id"].ToString())))
{
currentData.update(newData);
currentData.toObject <Product>().update();
return(Json(Costants.OK, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet));
}
}
/** Ritorna i dettagli di un utente
*
* Nota: ritorna anche le info sui supplier
*
* API Reference: GET /api/users/detail/<id>/
*
* Requisiti: api_key negli headers http */
public JsonResult Detail(int id)
{
ApiKey k = ApiKey.getApiKey();
if (k.isAdmin() || k.checkUser(id))
{
ConvertibleHashtable h = Model.getHashtableById <User>(id);
if (h.toObject <User>().type == userType.supplier)
{
h = Supplier.getHashtableByUserId(id);
}
return(Json(h.filterPassword(), JsonRequestBehavior.AllowGet));
}
else
{
return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet));
}
}
/** Aggiorna uno stock
*
* Api Reference: POST /api/stocks/update/<id>/
*
* Requisiti: admin api_key negli header http
*
* JSON Data: {product_id:<id>, price:<pr>, min:<min>, max:<max>, availability:<av>} */
public JsonResult Update(int id)
{
ApiKey k = ApiKey.getApiKey();
ConvertibleHashtable newData = ConvertibleHashtable.fromRequest();
ConvertibleHashtable currentData = Model.getHashtableById <ProductStock>(id);
currentData.update(newData);
ProductStock s = currentData.toObject <ProductStock>();
if (k.isAdmin() || s.checkUserId(k.user_id))
{
s.update();
return(Json(Costants.OK, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet));
}
}
public JsonResult Update(int id)
{
ConvertibleHashtable h = ConvertibleHashtable.fromRequest();
ApiKey k = ApiKey.getApiKey();
if (k.isAdmin() || k.checkUser(id))
{
// controlla se si deve modificare le informazioni specifiche di un supplier
ConvertibleHashtable supplierCurrentData = Supplier.getHashtableByUserId(id);
if (h.ContainsKey("supplier_data") && supplierCurrentData["user_id"].ToString() == id.ToString())
{
ConvertibleHashtable newData = ConvertibleHashtable.fromJObject((JObject)h["supplier_data"]);
if (h.ContainsKey("user_data"))
{
newData.merge(ConvertibleHashtable.fromJObject((JObject)h["user_data"]));
}
supplierCurrentData.update(newData);
if (!supplierCurrentData.ContainsKey("user_id"))
{
supplierCurrentData.Add("user_id", id);
}
supplierCurrentData.toObject <Supplier>().update();
}
// modifica le info di base dell'utente, che sia admin o supplier
else
{
ConvertibleHashtable currentData = Model.getHashtableById <User>(id);
ConvertibleHashtable newData = ConvertibleHashtable.fromJObject((JObject)h["user_data"]);
currentData.update(newData);
currentData.toObject <User>().update();
}
// aggiorna le api key per riflettere evenutali modifiche alla password o alla mail
ApiKey.fromUserId(id).update();
return(Json(Costants.OK, JsonRequestBehavior.AllowGet));
}
else
{
return(Json(Costants.UNAUTHORIZED, JsonRequestBehavior.AllowGet));
}
}