public HttpResponseMessage PostMark([FromBody] PostMarkDTO postDTO, string teacherId, int subjectId, int formId, string studentId)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value;
logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Mark Insert - " +
"TeacherId: " + teacherId + ", SubjectId: " + subjectId + ", FormId: " + formId + ", StudentId: " + studentId);
if (userRole == "admin" || userId == teacherId)
{
try
{
MarkDTO saved = marksService.Create(postDTO, teacherId, subjectId, formId, studentId);
if (saved == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Failed!"));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, saved));
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
}
}
logger.Info("Authorisation failure. User is not authorised for this request.");
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " +
"We’re sorry, but you are not authorized to perform the requested operation."));
}
public Marks Create(PostMarkDTO mark)
{
var mark1 = mark.ToMark();
context.MarkRepository.Insert(mark1);
context.Save();
return(mark1);
}
public Marks Update(PostMarkDTO mark)
{
var mark1 = mark.ToMark();
context.MarkRepository.Update(mark1);
context.Save();
return(mark1);
}
{ public static Marks ToMark(this PostMarkDTO mark)
{
return(new Marks
{
MarkID = mark.MarkID,
Mark = mark.Mark,
Midterm = mark.Midterm,
});
}
public MarkDTO Create(PostMarkDTO postDTO, string teacherId, int subjectId, int formId, string studentId)
{
FormToTeacherSubject foundFTS = formsToTeacherSubjectsService.FindFTSForMark(formId, teacherId, subjectId);
Student foundStudent = studentsService.GetByID(studentId);
if (foundStudent == null)
{
throw new HttpException("The student with id: " + studentId + " was not found.");
}
if (foundStudent.IsActive == false)
{
throw new HttpException("The student with id: " + studentId + " is no longer actively enrolled in this school.");
}
if (foundFTS.Form.Id != foundStudent.Form.Id)
{
throw new HttpException("The teacher (id: " + teacherId + ") does not teach the subject (" + subjectId + ") " +
"in the student's (id: " + studentId + ") form.");
}
Mark mark = new Mark
{
MarkValue = postDTO.MarkValue,
Created = DateTime.UtcNow,
FormToTeacherSubject = foundFTS,
Student = foundStudent
};
if (DateTime.Today.Month > DateTime.ParseExact("Avgust", "MMMM", CultureInfo.CurrentCulture).Month)
{
mark.Semester = Semesters.FIRST_SEMESTER;
}
else
{
mark.Semester = Semesters.SECOND_SEMESTER;
}
db.MarksRepository.Insert(mark);
db.Save();
emailsService.NewMarkMailForParent(mark.Id);
emailsService.NewMarkMailForStudent(mark.Id);
MarkDTO markDto = ConvertToMarkDTO(mark.Id);
return(markDto);
}
public IHttpActionResult PostMark(PostMarkDTO mark, int subjectID, string teacherID, string pupilID)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Pupil pupil = pupilService.GetById(pupilID);
if (pupil == null)
{
return(BadRequest("There is no pupil with the given id."));
}
Teacher pno = pnoService.GetById(teacherID);
if (pno == null)
{
return(BadRequest
("There is no teacher with the given id."));
}
SubjectDTO subject = subjectService.GetById(subjectID);
if (subject == null)
{
return(BadRequest("There is no subject with the given id."));
}
string userName;
string userId;
if ((ClaimsPrincipal)RequestContext.Principal != null)
{
userId = ((ClaimsPrincipal)RequestContext.Principal)
.FindFirst(x => x.Type == "UserId").Value;
userName = ((ClaimsPrincipal)RequestContext.Principal)
.FindFirst(x => x.Type == "Username").Value;
}
if (RequestContext.Principal.IsInRole("teacher") == false)
{
return(BadRequest());
}
Marks newMark = markService.Create(mark);
return(Ok());
}
public IHttpActionResult PutMark(int id, PostMarkDTO mark)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != mark.MarkID)
{
return(BadRequest());
}
Marks savedMark = markService.Update(mark);
logger.Warn("Administrator has changed a mark!");
if (savedMark == null)
{
return(NotFound());
}
return(StatusCode(HttpStatusCode.NoContent));
}
