public HttpResponseMessage PostMark([FromBody] PostMarkDTO postDTO, string teacherId, int subjectId, int formId, string studentId) { string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value; string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value; logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Mark Insert - " + "TeacherId: " + teacherId + ", SubjectId: " + subjectId + ", FormId: " + formId + ", StudentId: " + studentId); if (userRole == "admin" || userId == teacherId) { try { MarkDTO saved = marksService.Create(postDTO, teacherId, subjectId, formId, studentId); if (saved == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Failed!")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, saved)); } catch (Exception e) { logger.Error(e); return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e)); } } logger.Info("Authorisation failure. User is not authorised for this request."); return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " + "We’re sorry, but you are not authorized to perform the requested operation.")); }
public Marks Create(PostMarkDTO mark) { var mark1 = mark.ToMark(); context.MarkRepository.Insert(mark1); context.Save(); return(mark1); }
public Marks Update(PostMarkDTO mark) { var mark1 = mark.ToMark(); context.MarkRepository.Update(mark1); context.Save(); return(mark1); }
{ public static Marks ToMark(this PostMarkDTO mark) { return(new Marks { MarkID = mark.MarkID, Mark = mark.Mark, Midterm = mark.Midterm, }); }
public MarkDTO Create(PostMarkDTO postDTO, string teacherId, int subjectId, int formId, string studentId) { FormToTeacherSubject foundFTS = formsToTeacherSubjectsService.FindFTSForMark(formId, teacherId, subjectId); Student foundStudent = studentsService.GetByID(studentId); if (foundStudent == null) { throw new HttpException("The student with id: " + studentId + " was not found."); } if (foundStudent.IsActive == false) { throw new HttpException("The student with id: " + studentId + " is no longer actively enrolled in this school."); } if (foundFTS.Form.Id != foundStudent.Form.Id) { throw new HttpException("The teacher (id: " + teacherId + ") does not teach the subject (" + subjectId + ") " + "in the student's (id: " + studentId + ") form."); } Mark mark = new Mark { MarkValue = postDTO.MarkValue, Created = DateTime.UtcNow, FormToTeacherSubject = foundFTS, Student = foundStudent }; if (DateTime.Today.Month > DateTime.ParseExact("Avgust", "MMMM", CultureInfo.CurrentCulture).Month) { mark.Semester = Semesters.FIRST_SEMESTER; } else { mark.Semester = Semesters.SECOND_SEMESTER; } db.MarksRepository.Insert(mark); db.Save(); emailsService.NewMarkMailForParent(mark.Id); emailsService.NewMarkMailForStudent(mark.Id); MarkDTO markDto = ConvertToMarkDTO(mark.Id); return(markDto); }
public IHttpActionResult PostMark(PostMarkDTO mark, int subjectID, string teacherID, string pupilID) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Pupil pupil = pupilService.GetById(pupilID); if (pupil == null) { return(BadRequest("There is no pupil with the given id.")); } Teacher pno = pnoService.GetById(teacherID); if (pno == null) { return(BadRequest ("There is no teacher with the given id.")); } SubjectDTO subject = subjectService.GetById(subjectID); if (subject == null) { return(BadRequest("There is no subject with the given id.")); } string userName; string userId; if ((ClaimsPrincipal)RequestContext.Principal != null) { userId = ((ClaimsPrincipal)RequestContext.Principal) .FindFirst(x => x.Type == "UserId").Value; userName = ((ClaimsPrincipal)RequestContext.Principal) .FindFirst(x => x.Type == "Username").Value; } if (RequestContext.Principal.IsInRole("teacher") == false) { return(BadRequest()); } Marks newMark = markService.Create(mark); return(Ok()); }
public IHttpActionResult PutMark(int id, PostMarkDTO mark) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (id != mark.MarkID) { return(BadRequest()); } Marks savedMark = markService.Update(mark); logger.Warn("Administrator has changed a mark!"); if (savedMark == null) { return(NotFound()); } return(StatusCode(HttpStatusCode.NoContent)); }