public IHttpActionResult PutUserLevel(int id, UserLevel userLevel)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != userLevel.ID)
{
return(BadRequest());
}
db.Entry(userLevel).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!UserLevelExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
/// <summary>
/// Logs in the user based on username and password. Creates a session key in database and returns it if the authentication succeeds
/// </summary>
/// <param name="username">Username</param>
/// <param name="password">Password</param>
/// <param name="db">DBContext to pull from.</param>
/// <returns>Session key.</returns>
public static (int UserID, string SessionKey) Login(string username, string password, ParknGardenData db)
{
string sessionKey = null;
int userID = -1;
string passwordHash = db.Auths.FirstOrDefault(u => u.Username == username)?.PasswordHash;
userID = db.Auths.FirstOrDefault(u => u.Username == username)?.UserID ?? -1;
if (password == passwordHash && userID != -1)
{
sessionKey = CreateSessionKey(sessionKeyLength);
while (Authenticate(sessionKey, db))
{
sessionKey = CreateSessionKey(sessionKeyLength);
}
db.Sessions.Add(new Session()
{
SessionKey = sessionKey, UserID = userID
});
db.SaveChanges();
}
return(UserID : userID, SessionKey : sessionKey);
}
public static void DeleteOneStore(ParknGardenData db, Store store)
{
if (store.ID != 0)
{
db.Stores.Remove(store);
db.SaveChanges();
}
}
public IHttpActionResult PutRole(int id, Role role, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != role.ID)
{
return(BadRequest());
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Entry(role).State = EntityState.Modified;
try
{
db.SaveChanges();
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has updated the role {role.Name} (ID: {role.ID})", (int)LogHandler.RequestTypes.PUT);
}
}
catch (DbUpdateConcurrencyException)
{
if (!RoleExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
/// <summary>
/// Deletes session from db, with the sesseionKey specified.
/// </summary>
/// <param name="sessionKey">SessionKey of the session to be deleted.</param>
/// <param name="db">DBContext to use.</param>
/// <returns>The session that was deleted.</returns>
public static Session DeleteSession(string sessionKey, ParknGardenData db)
{
Session session = db.Sessions.FirstOrDefault(s => s.SessionKey == sessionKey);
if (session != null)
{
db.Sessions.Remove(session);
db.SaveChanges();
}
return(session);
}
public static void CreateLogEntry(ParknGardenData db, int userId, string logEntry, int requestType)
{
Log newLog = new Log()
{
DateAndTime = DateTime.Now, LogEntry = logEntry, RequestType = requestType, UserID = userId
};
newLog.LogEntry += " at ";
db.Logs.Add(newLog);
db.SaveChanges();
}
/// <summary>
/// A method that creates a new user in the database
/// </summary>
/// <param name="db">db is the database to be passed to it of type ParknGardenData</param>
/// <param name="user">user is the user to be added to the database</param>
/// <returns>Returns the created user in the database so that it can be used elsewhere</returns>
public static User PostUser(ParknGardenData db, User user)
{
bool userEmailInUse = db.Users.Any(u => u.Email == user.Email);
if (!userEmailInUse)
{
User newUser = db.Users.Add(user);
db.SaveChanges();
return(newUser);
}
user.ID = -1;
return(user);
}
public IHttpActionResult PutInvoiceHasItem(int id, InvoiceHasItem invoiceHasItem, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != invoiceHasItem.InvoiceID)
{
return(BadRequest());
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Entry(invoiceHasItem).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!InvoiceHasItemExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
/// <summary>
/// A method for creating new roles in the database
/// </summary>
/// <param name="db"></param>
/// <param name="role"></param>
/// <returns></returns>
public static Role PostRole(ParknGardenData db, Role role)
{
bool checkRole(Role r) => r.Name.ToLower() == role.Name.ToLower();
bool roleExists = db.Roles.Any(checkRole);
if (!roleExists)
{
Role newRole = db.Roles.Add(role);
db.SaveChanges();
return(newRole);
}
Role returnRole = db.Roles.FirstOrDefault(checkRole);
return(returnRole);
}
public IHttpActionResult PostSalary(Salary salary, int loggedId, string sessionKey)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Constants.VerifyUserErrors error = AuthHandler.VerifyUserSession(sessionKey, loggedId, db);
if (error == Constants.VerifyUserErrors.OK)
{
db.Salaries.Add(salary);
try
{
db.SaveChanges();
User postedUserSalary = db.Users.FirstOrDefault(u => u.ID == salary.UserID);
if (postedUserSalary != null)
{
User loggedUser = db.Users.FirstOrDefault(u => u.ID == loggedId);
if (loggedUser != null)
{
LogHandler.CreateLogEntry(db, loggedId, $"The user {loggedUser.Name} (ID: {loggedId}) has created the salary for {postedUserSalary.Name} (ID: {postedUserSalary.ID})", (int)LogHandler.RequestTypes.POST);
}
}
}
catch (DbUpdateException)
{
if (SalaryExists(salary.UserID))
{
return(Conflict());
}
else
{
throw;
}
}
return(CreatedAtRoute("DefaultApi", new { id = salary.UserID }, salary));
}
return(StatusCode(CommonMethods.StatusCodeReturn(error)));
}
public static void DeleteOneSalary(ParknGardenData db, Salary salary)
{
db.Salaries.Remove(salary);
db.SaveChanges();
}
/// <summary>
/// A method that deletes a given auth from the database
/// </summary>
/// <param name="db">db is the database to be passed to it of type ParknGardenData</param>
/// <param name="auth">auth is the given auth that is to be deleted from the database</param>
public static void DeleteUserAuth(ParknGardenData db, Auth auth)
{
db.Auths.Remove(auth);
db.SaveChanges();
}
/// <summary>
/// A method that deletes a specified user from the database
/// </summary>
/// <param name="db">db is the database to be passed to it of type ParknGardenData</param>
/// <param name="user">user is the user to be deleted from the database</param>
public static void DeleteOneUser(ParknGardenData db, User user)
{
db.Users.Remove(user);
db.SaveChanges();
}