public ParentDTOForAdmin ConvertToParentDTOForAdmin(Parent x, IList <IdentityUserRole> roles)
{
IList <string> rolesIds = new List <string>();
foreach (var role in roles)
{
rolesIds.Add(role.RoleId);
}
ParentDTOForAdmin dto = new ParentDTOForAdmin
{
Id = x.Id,
Roles = rolesIds,
UserName = x.UserName,
FirstName = x.FirstName,
LastName = x.LastName,
Email = x.Email,
EmailConfirmed = x.EmailConfirmed,
PhoneNumber = x.PhoneNumber,
PhoneNumberConfirmed = x.PhoneNumberConfirmed,
Jmbg = x.Jmbg,
MobilePhone = x.MobilePhone
};
return(dto);
}
public async Task <HttpResponseMessage> PutParent(string id, [FromBody] PutParentDTO updated)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value;
logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Update for Parent Id: " + id);
if (updated.Id != id)
{
logger.Error("Updated parent id " + updated.Id + " doesn't match the id " + id + " from the request (route).");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Updated " +
"parent id " + updated.Id + " doesn't match the id " + id + " from the request (route)."));
}
try
{
ParentDTOForAdmin saved = await parentsService.Update(id, updated);
if (saved == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Failed! Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, saved));
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateResponse(HttpStatusCode.BadRequest, e));
}
}
public IList <ParentDTOForAdmin> ConvertToParentDTOListForAdmin(List <Parent> parents)
{
IList <ParentDTOForAdmin> dtos = new List <ParentDTOForAdmin>();
foreach (var parent in parents)
{
ParentDTOForAdmin dto = ConvertToParentDTOForAdmin(parent, (IList <IdentityUserRole>)parent.Roles);
dtos.Add(dto);
}
return(dtos);
}
public HttpResponseMessage GetParentByUserName(string username)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value;
logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Parnet by username: "******"The parent with username: "******" was not found.");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "The parent with username: "******" was not found."));
}
if (userRole == "admin")
{
logger.Info("Requesting found parent convert for " + userRole + "role.");
ParentDTOForAdmin dto = toDTO.ConvertToParentDTOForAdmin(parent, (List <IdentityUserRole>)parent.Roles);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else if (userRole == "teacher")
{
logger.Info("Requesting found parent convert for " + userRole + "role.");
ParentDTOForTeacher dto = toDTO.ConvertToParentDTOForTeacher(parent);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else if (userId == parent.Id ||
parent.Students.Any(x => x.Id == userId) == true ||
parent.Students.Any(x => x.Form.Students.Any(y => y.Id == userId)) == true ||
parent.Students.Any(x => x.Form.Students.Any(y => y.Parent.Id == userId)) == true)
{
logger.Info("Requesting found parent convert for " + userRole + "role.");
ParentDTOForStudentAndParents dto = toDTO.ConvertToParentDTOForStudentAndParent(parent);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else
{
logger.Info("Authorisation failure. User " + userId + " is not authorised for this request.");
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " +
"We’re sorry, but you are not authorized to perform the requested operation."));
}
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
}
}
public async Task <ParentDTOForAdmin> Update(string id, PutParentDTO updated)
{
Parent found = db.ParentsRepository.GetByID(id);
if (found == null)
{
throw new HttpException("The parent with id: " + id + " was not found.");
}
if (updated.UserName != null)
{
ApplicationUser foundByUserName = await usersService.FindUserByUserName(updated.UserName);
if (foundByUserName != null && foundByUserName.Id != found.Id)
{
throw new HttpException("The username " + updated.UserName + " already exists.");
}
found.UserName = updated.UserName;
}
if (updated.Jmbg != null)
{
ApplicationUser foundByJmbg = usersService.GetByJmbg(updated.Jmbg);
if (foundByJmbg != null && foundByJmbg.Id != found.Id)
{
throw new HttpException("The user with JMBG: " + updated.Jmbg + " is already in the sistem.");
}
}
if (updated.FirstName != null)
{
found.FirstName = updated.FirstName;
}
if (updated.LastName != null)
{
found.LastName = updated.LastName;
}
if (updated.Email != null)
{
found.Email = updated.Email;
}
if (updated.EmailConfirmed != null)
{
found.EmailConfirmed = (bool)updated.EmailConfirmed;
}
if (updated.PhoneNumber != null)
{
found.PhoneNumber = updated.PhoneNumber;
}
if (updated.PhoneNumberConfirmed != null)
{
found.PhoneNumberConfirmed = (bool)updated.PhoneNumberConfirmed;
}
if (updated.MobilePhone != null)
{
found.MobilePhone = updated.MobilePhone;
}
db.ParentsRepository.Update(found);
db.Save();
emailsService.CreateMailForUserUpdate(found.Id);
ParentDTOForAdmin updatedDTO = new ParentDTOForAdmin();
updatedDTO = toDTO.ConvertToParentDTOForAdmin(found, (List <IdentityUserRole>)found.Roles);
return(updatedDTO);
}