public IHttpActionResult PutDestination([FromBody] Destination Dest1)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
CTEmployee empLogged = GetLoggedEmp(out bool isAdmin);
//ako ne postoji user koji je logovan
if (empLogged == null)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User invalid")));
}
//ako mije admin
if (!isAdmin)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User not permited")));
}
//Postoji li Destination prema ID-ju
bool PutDestExists = db.Destinations.Any(x => x.ID.Equals(Dest1.ID));
//ako nema
if (!PutDestExists)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Destination invalid")));
}
db.Entry(Dest1).State = EntityState.Modified;
db.SaveChanges();
return(ResponseMessage(Request.CreateResponse(HttpStatusCode.OK, "Podaci promenjeni")));
}
public IHttpActionResult PutAccTraDesCategory(int id, AccTraDesCategory accTraDesCategory)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != accTraDesCategory.ID)
{
return(BadRequest());
}
db.Entry(accTraDesCategory).State = EntityState.Modified;
try {
db.SaveChanges();
}
catch (DbUpdateConcurrencyException) {
if (!AccTraDesCategoryExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
public IHttpActionResult PostCTEmployee([FromBody] CTEmployee PostEmp1)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
//identifikuje jedinstvenog usera preko mail-a
PostEmp1.Email = PostEmp1.Email.Trim();
bool empExists = db.CTEmployees.Any(e => e.Email == PostEmp1.Email);
if (empExists)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Conflict, "Email address already exists!")));
}
//proveri da li password već postoji kod drugog usera
PostEmp1.Pass = encrypt.encryptPass(PostEmp1.Pass.Trim());
bool PassExists = db.CTEmployees.Any(x => (x.Pass == PostEmp1.Pass && x.Email != PostEmp1.Email));
if (PassExists)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Conflict, "Password Alredy exists")));
}
PostEmp1.EmployeeType = 1;
db.CTEmployees.Add(PostEmp1);
db.SaveChanges();
SendActivationEmail(PostEmp1);
return(ResponseMessage(Request.CreateResponse(HttpStatusCode.Created, "To successfully finish the process of registration click the link in the activation email!")));
}
public IHttpActionResult PostFeedback(Feedback feedback)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
db.Feedbacks.Add(feedback);
db.SaveChanges();
return(CreatedAtRoute("DefaultApi", new { id = feedback.ID }, feedback));
}
//******************************************
//*drugi stepen aktivacije naloga
public ActionResult Activation()
{
string poruka1 = String.Empty;
string Guidobj1 = RouteData.Values["id"].ToString();
Guid activationCode1 = new Guid();
if (Guid.TryParse(Guidobj1, out activationCode1) && Guidobj1 != null)
{
Employee_Activation Activation1 = db.Employee_Activations.Where(p => p.ActivationCode.Equals(activationCode1)).FirstOrDefault();
if (Activation1 != null)
{
db.Employee_Activations.Remove(Activation1);
db.SaveChanges();
CTEmployee user1 = db.CTEmployees.Find(Activation1.Id);
ViewBag.message = "Activation successful! You can Login now.";
return(View());
}
}
ViewBag.message = "Activation unsuccessful!";
return(View());
}
public IHttpActionResult PutLifeInCity(LifeInCity life1)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
CTEmployee empLogged = GetLoggedEmp(out bool isAdmin);
//ako ne postoji user koji je logovan
if (empLogged == null)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User invalid")));
}
//ako mije admin
if (!isAdmin)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User not permited")));
}
//postoji li LifeInCity prema iD-ju ?
bool LifeincityExists = db.LifeInCities.Any(x => x.ID.Equals(life1.ID));
//ako nema
if (!LifeincityExists)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.NotFound, "LifeinCIty Item not found")));
}
life1.ChangeDate = System.DateTime.UtcNow;
life1.IDAdmin = empLogged.ID;
//polja IDDestination i IDAccTraDesCategory se ne menjaju
db.LifeInCities.Attach(life1);
db.Entry(life1).Property("Description").IsModified = true;
db.SaveChanges();
return(ResponseMessage(Request.CreateResponse(HttpStatusCode.OK, "Item changed")));
}
//[ResponseType(typeof(void))]
public IHttpActionResult PutCTEmployee(CTEmployee PutEmp1)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
CTEmployee empLogged = GetLoggedEmp(out bool isAdmin);
//ako ne postoji user koji je logovan
if (empLogged == null)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User invalid")));
}
//Ima li usera prema traženom ID-ju
CTEmployee ExistingEmployee = db.CTEmployees.Where(x => x.ID.Equals(PutEmp1.ID)).FirstOrDefault();
//ako ga nema
if (ExistingEmployee == null)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "User invalid")));
}
//ako je običan user, može da traži samo svoje podatke
if (!isAdmin && empLogged.ID != PutEmp1.ID)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "User not permited")));
}
//proveri da li je email jedinstven samo ako je admin ulogovan, jer ako nije, običan user svejedno ne može da menja email
PutEmp1.Email = PutEmp1.Email.Trim();
if (isAdmin)
{
bool empExists = db.CTEmployees.Any(x => (x.Email == PutEmp1.Email && x.ID != PutEmp1.ID));
//ako već postoji
if (empExists)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Conflict, "Email address already exists!")));
}
}
//proveri da li password već postoji kod drugog usera
PutEmp1.Pass = encrypt.encryptPass(PutEmp1.Pass.Trim());
bool PassExists = db.CTEmployees.Any(x => (x.Pass == PutEmp1.Pass && x.ID != PutEmp1.ID));
if (PassExists)
{
return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.Conflict, "Password Alredy exists")));
}
ExistingEmployee.FName = PutEmp1.FName;
ExistingEmployee.LName = PutEmp1.LName;
ExistingEmployee.Pass = PutEmp1.Pass;
if (isAdmin) //samo admin sme da izmeni Email polje
{
ExistingEmployee.Email = PutEmp1.Email;
}
db.SaveChanges();
return(ResponseMessage(Request.CreateResponse(HttpStatusCode.OK, "Podaci promenjeni")));
}