public HttpResponseMessage CreateLock() { var statusCode = HttpStatusCode.OK; var lockResponse = new LockResponseContract(); try { LockParameters parameters = LockParameters.ParsePutLockParameters(HttpContext.Current.Request.QueryString); lockResponse.UserId = parameters.UserId; // Check if the user exists. UserModel user = this.userDal.GetUser(parameters.UserId); // Check if users specified in access list exist. foreach (int allowedUser in parameters.AllowedUsers) { this.userDal.GetUser(allowedUser); } // If the user is an admin they can create a lock with an access list. if (user.IsAdmin) { LockModel lockModel = this.lockDal.CreateLock(parameters.LockName, parameters.AllowedUsers); if (lockModel == null) { lockResponse.Message = "Failed to create the lock."; } lockResponse.LockState = lockModel.State; lockResponse.LockId = lockModel.LockId; lockResponse.LockName = parameters.LockName; lockResponse.AllowedUsers = parameters.AllowedUsers; lockResponse.Message = "Lock created successfully."; } else { lockResponse.Message = "User unauthorized."; statusCode = HttpStatusCode.Unauthorized; } } catch (InvalidParameterException paramException) { lockResponse.Message = paramException.Message; statusCode = HttpStatusCode.BadRequest; } catch (UserNotFoundException userException) { lockResponse.Message = userException.Message; } return(Request.CreateResponse(statusCode, lockResponse, formatter)); }
public HttpResponseMessage ModifyLockState() { bool? result = null; LockParameters parameters = null; var statusCode = HttpStatusCode.OK; var lockResponse = new LockResponseContract(); try { parameters = LockParameters.ParsePostLockParameters(HttpContext.Current.Request.QueryString); lockResponse.LockId = parameters.LockId; lockResponse.UserId = parameters.UserId; // Check to see if the user exists. this.userDal.GetUser(parameters.UserId); result = this.lockDal.ModifyLockState(parameters.LockId, parameters.UserId, parameters.LockState); lockResponse.LockState = result.Value ? parameters.LockState.ToString() : "Failed"; lockResponse.Message = result.Value ? String.Format(CultureInfo.InvariantCulture, "Door {0}ed successfully.", parameters.LockState) : String.Format(CultureInfo.InvariantCulture, "Door {0} failed.", parameters.LockState); this.eventsDal.CreateEvent(parameters.LockId, parameters.UserId, lockResponse.LockState); } catch (InvalidParameterException paramException) { lockResponse.Message = paramException.Message; statusCode = HttpStatusCode.BadRequest; } catch (UserNotFoundException userException) { lockResponse.Message = userException.Message; } catch (UnauthorizedUserException userAuthException) { lockResponse.Message = userAuthException.Message; statusCode = HttpStatusCode.Unauthorized; this.eventsDal.CreateEvent(parameters.LockId, parameters.UserId, "Unauthorized"); } catch (LockNotFoundException lockException) { lockResponse.Message = lockException.Message; } return(Request.CreateResponse(statusCode, lockResponse, formatter)); }
public HttpResponseMessage GetLockState() { var statusCode = HttpStatusCode.OK; var lockResponse = new LockResponseContract(); try { LockParameters parameters = LockParameters.ParseGetLockParameters(HttpContext.Current.Request.QueryString); lockResponse.LockId = parameters.LockId; lockResponse.UserId = parameters.UserId; // Check to see if the user exists. this.userDal.GetUser(parameters.UserId); lockResponse.LockState = this.lockDal.GetLockState(parameters.LockId); lockResponse.Message = "State of lock."; } catch (InvalidParameterException paramException) { lockResponse.Message = paramException.Message; statusCode = HttpStatusCode.BadRequest; } // We do not want to give information on what input is incorrect. // Keeping the response generic so that malicious intent is not // provided with too much information. catch (UserNotFoundException userException) { lockResponse.Message = userException.Message; } catch (LockNotFoundException lockException) { lockResponse.Message = lockException.Message; } return(Request.CreateResponse(statusCode, lockResponse, formatter)); }