public async Task <IActionResult> Register(UserAccountModel body) { try { if (body == null) { IActionResult actionResult = BadRequest( "The client set the requested body to null before it was sent." ); return(StatusCode(StatusCodes.Status400BadRequest, actionResult)); } else { if (string.IsNullOrEmpty(body.firstName) || string.IsNullOrWhiteSpace(body.firstName)) { IActionResult actionResult = customActionResult.FieldsRequired( "The 'firstname' field has been sent from the client null, empty, or whitespaced." ); return(StatusCode(StatusCodes.Status411LengthRequired, actionResult)); } else if (string.IsNullOrEmpty(body.lastName) || string.IsNullOrWhiteSpace(body.lastName)) { IActionResult actionResult = customActionResult.FieldsRequired( "The 'firstname' field has been sent from the client null, empty, or whitespaced." ); return(StatusCode(StatusCodes.Status411LengthRequired, actionResult)); } else if (string.IsNullOrEmpty(body.userName) || string.IsNullOrWhiteSpace(body.userName)) { IActionResult actionResult = customActionResult.FieldsRequired( "The 'email' field has been sent from the client null, empty, or whitespaced." ); return(StatusCode(StatusCodes.Status411LengthRequired, actionResult)); } else if (string.IsNullOrEmpty(body.password) || string.IsNullOrWhiteSpace(body.password)) { IActionResult actionResult = customActionResult.FieldsRequired( "The 'password' field has been sent from the client null, empty, or whitespaced." ); return(StatusCode(StatusCodes.Status411LengthRequired, actionResult)); } else if (string.IsNullOrEmpty(body.role) || string.IsNullOrWhiteSpace(body.role)) { IActionResult actionResult = customActionResult.FieldsRequired( "The 'role' field has been sent from the client null, empty, or whitespaced." ); return(StatusCode(StatusCodes.Status411LengthRequired, actionResult)); } else { DynamicParameters selectParameters = new DynamicParameters(); selectParameters.Add("@userName", body.userName); string selectQuery = @$ "SELECT [id], [userName] FROM [User] WHERE [userName] = @userName"; var resultQuery = await _db.SelectAsync <UserAccountModel, dynamic>(selectQuery, selectParameters); if (resultQuery.Count > 0) { IActionResult actionResult = customActionResult.Conflict( "The user account you are trying to create, already exists." ); return(StatusCode(StatusCodes.Status409Conflict, actionResult)); } else { byte[] salt = hashPassword.CreateSalt(10); string hashedPassword = hashPassword.GenerateSHA256Hash(body.password, salt, false); if (string.IsNullOrEmpty(hashedPassword) || string.IsNullOrWhiteSpace(hashedPassword)) { IActionResult actionResult = customActionResult.Locked( "The password failed to hash, so the account creation process been locked. Please Try Again." ); return(StatusCode(StatusCodes.Status423Locked, actionResult)); } else { DynamicParameters insertParameters = new DynamicParameters(); insertParameters.Add("@firstName", body.firstName); insertParameters.Add("@lastName", body.lastName); insertParameters.Add("@userName", body.userName); insertParameters.Add("@role", body.role); insertParameters.Add("@password", hashedPassword); string insertQuery = @" INSERT INTO [User] ([firstName], [lastName], [userName], [password], [role]) VALUES (@firstName, @lastName, @userName, @password, @role) "; await _db.InsertAsync(insertQuery, insertParameters); IActionResult actionResult = customActionResult.Created( "The user account as been created successfully. " ); return(StatusCode(StatusCodes.Status201Created, actionResult)); } } } } } catch (Exception e) { return(StatusCode(StatusCodes.Status500InternalServerError, e.Message)); } }
public async Task <IActionResult> UpdateSelfsWorkdayAndTSignatureByWorkdayId(int id, TimeSignatureModel body) { try { if (body == null) { IActionResult actionResult = customActionResult.BadRequest( "The client set the requested body to null before it was sent." ); return(StatusCode(StatusCodes.Status400BadRequest, actionResult)); } else { if (body.startDate == null || body.endDate == null) { IActionResult actionResult = customActionResult.FieldsRequired( "The 'start date' or 'end date' field has been sent from the client null, empty, or whitespaced." ); return(StatusCode(StatusCodes.Status411LengthRequired, actionResult)); } else { DynamicParameters selectTSignaturesIdentifiersByWorkdayIdAndUserId_params = new DynamicParameters(); selectTSignaturesIdentifiersByWorkdayIdAndUserId_params.Add("@workdayId", id); selectTSignaturesIdentifiersByWorkdayIdAndUserId_params.Add("@userId", _claims.GetUserId()); string selectTSignaturesIdentifiersByWorkdayIdAndUserId_string = $@" SELECT [typeCode], [updateBy] FROM [TimeSignature] WHERE [workdayId] = @workdayId AND [userId] = @userId "; var selectTSignaturesIdentifiersByWorkdayIdAndUserId = await _db.SelectAsync <TimeSignatureModel, dynamic>( selectTSignaturesIdentifiersByWorkdayIdAndUserId_string, selectTSignaturesIdentifiersByWorkdayIdAndUserId_params ); if ( selectTSignaturesIdentifiersByWorkdayIdAndUserId.Count > 0 && selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].typeCode == "FIX" && ( selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].updateBy == null || selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].updateBy == "self" ) ) { DynamicParameters updateTSignature_params = new DynamicParameters(); updateTSignature_params.Add("@userId", _claims.GetUserId()); updateTSignature_params.Add("@userName", _claims.GetUserName()); updateTSignature_params.Add("@id", id); updateTSignature_params.Add("@startDate", body.startDate); updateTSignature_params.Add("@endDate", body.endDate); updateTSignature_params.Add("@wd_typeCode", body.wd_typeCode); string updateTSignature_string = $@" UPDATE [TimeSignature] SET [startDate] = @startDate, [endDate] = @endDate, [aom] = (SELECT DATEDIFF(MINUTE, @startDate, @endDate)), [wd_typeCode] = @wd_typeCode, [lastUpdate] = GETDATE(), [updateBy] = 'self' WHERE [userId] = @userId AND [workdayId] = @id "; await _db.UpdateAsync(updateTSignature_string, updateTSignature_params); string updateWorkday_string = $@" UPDATE [Workday] SET [startDate] = @startDate, [endDate] = @endDate, [aom] = (SELECT DATEDIFF(MINUTE, @startDate, @endDate)), [typeCode] = @wd_typeCode WHERE [userId] = @userId AND [id] = @id "; await _db.UpdateAsync(updateWorkday_string, updateTSignature_params); IActionResult actionResult = customActionResult.Ok(@$ "Your time signature was successfully updated."); return(StatusCode(StatusCodes.Status200OK, actionResult)); } else if ( selectTSignaturesIdentifiersByWorkdayIdAndUserId.Count > 0 && selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].typeCode == "FIX" && ( selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].updateBy != null || selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].updateBy != "self" ) ) { IActionResult actionResult = customActionResult.Unauthorized( "You are not authorzied to make any updates on workdays having time signatures that were updated by an admin user." ); return(StatusCode(StatusCodes.Status401Unauthorized, actionResult)); } else if ( selectTSignaturesIdentifiersByWorkdayIdAndUserId.Count > 0 && selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].typeCode == "FLX" && _claims.GetUserRole() == "admin" ) { DynamicParameters deleteFlxTSignaturesByWorkdayId_params = new DynamicParameters(); deleteFlxTSignaturesByWorkdayId_params.Add("@id", id); string deleteFlxTSignaturesByWorkdayId = $@" DELETE FROM [TimeSignature] WHERE [WorkdayId] = @id "; await _db.DeleteAsync(deleteFlxTSignaturesByWorkdayId, deleteFlxTSignaturesByWorkdayId_params); DynamicParameters insertIntoTSignature_params = new DynamicParameters(); insertIntoTSignature_params.Add("@userId", _claims.GetUserId()); insertIntoTSignature_params.Add("@workdayId", id); insertIntoTSignature_params.Add("@wd_typeCode", body.wd_typeCode); insertIntoTSignature_params.Add("@startDate", body.startDate); insertIntoTSignature_params.Add("@endDate", body.endDate); string insertIntoTSignature_string = $@" INSERT INTO [TimeSignature] ( [startDate], [endDate], [typeCode], [stateCode], [wd_typeCode], [workdayId], [userId], [aom], [lastUpdate], [updateBy] ) VALUES ( @startDate, @endDate, (SELECT [code] FROM [SignatureType] WHERE [code] = 'FIX'), (SELECT [code] FROM [SignatureState] WHERE [code] = 'TT'), (SELECT [code] FROM [WorkdayType] WHERE [code] = @wd_typeCode), (SELECT [id] FROM [Workday] WHERE [id] = @workdayId), (SELECT [id] FROM [User] WHERE [id] = @userId), (SELECT DATEDIFF(MINUTE, @startDate, @endDate)), (SELECT GETDATE()), 'self' ) "; await _db.InsertAsync(insertIntoTSignature_string, insertIntoTSignature_params); DynamicParameters updateWorkdayById_params = new DynamicParameters(); updateWorkdayById_params.Add("@userId", _claims.GetUserId()); updateWorkdayById_params.Add("@workdayId", id); updateWorkdayById_params.Add("@startDate", body.startDate); updateWorkdayById_params.Add("@endDate", body.endDate); string updateWorkdayById_string = $@" UPDATE [Workday] SET [date] = (SELECT [startDate] FROM [TimeSignature] WHERE [workdayId] = @workdayId), [startDate] = (SELECT [startDate] FROM [TimeSignature] WHERE [workdayId] = @workdayId), [endDate] = (SELECT [endDate] FROM [TimeSignature] WHERE [workdayId] = @workdayId), [aom] = (SELECT DATEDIFF(MINUTE, @startDate, @endDate)) WHERE [userId] = @userId AND [id] = @workdayId "; await _db.UpdateAsync(updateWorkdayById_string, updateWorkdayById_params); IActionResult actionResult = customActionResult.Ok(@$ "Your time signature was successfully updated."); return(StatusCode(StatusCodes.Status200OK, actionResult)); } else if ( selectTSignaturesIdentifiersByWorkdayIdAndUserId.Count > 0 && selectTSignaturesIdentifiersByWorkdayIdAndUserId[0].typeCode == "FLX" && _claims.GetUserRole() != "admin" ) { IActionResult actionResult = customActionResult.Unauthorized( "You are not authorized to update your workdays with flexible time signature, if by mystake you made a databes record using flexible time signature, please contact your manager." ); return(StatusCode(StatusCodes.Status401Unauthorized, actionResult)); } else { IActionResult actionResult = customActionResult.NotFound( @$ "No time signatures found searching by workday id and user id." ); return(StatusCode(StatusCodes.Status404NotFound, actionResult)); } } } } catch (Exception e) { return(StatusCode(StatusCodes.Status500InternalServerError, e.Message)); } }