public IHttpActionResult UpdateCriteria(long id, CRITERIA cRITERIA)
{
if (HttpContext.Current.Request.Cookies.AllKeys.Contains("sid"))
{
try {
response = identity.Auth(HttpContext.Current.Request.Cookies.Get("sid").Value);
}
catch {
return(BadRequest("Invalid token. Login in again!"));
}
if (!response.Roles.Contains("ADMIN"))
{
return(BadRequest("You are not authorized for this action"));
}
}
else
{
return(BadRequest("You are not logged in. Please login and try again."));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != cRITERIA.ID_CRITERIA)
{
return(BadRequest("id doesn't match"));
}
cRITERIA.DATE_MODIFIED = DateTime.Now;
db.Entry(cRITERIA).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
if (!CRITERIAExists(id))
{
return(NotFound());
}
}
return(Ok(cRITERIA));
}
public IHttpActionResult GetScore(long id)
{
if (HttpContext.Current.Request.Cookies.AllKeys.Contains("sid"))
{
try
{
response = identity.Auth(HttpContext.Current.Request.Cookies.Get("sid").Value);
}
catch
{
return(BadRequest("Invalid token. Login in again!"));
}
//if (!(response.Roles.Contains("CV_ADMIN") || response.Roles.Contains("ADMIN")))
// return BadRequest("You are not authorized for this action");
}
else
{
return(BadRequest("You are not logged in. Please login and try again."));
}
int score = 0;
try
{
//first find all CV_ITEMs with CV_TABLE_ID_CV==id, than sum points of criteria in all CV_ITEMs
if (db.CV_ITEM.Where(o => o.CV_TABLE_ID_CV == id && o.CV_ITEM_STATUS.STATUS == "confirmed").Count() > 0)
{
score = (int)db.CV_ITEM.Where(o => o.CV_TABLE_ID_CV == id && o.CV_ITEM_STATUS.STATUS == "confirmed").Sum(o => o.CRITERIA.POINTS);
}
}
catch (Exception)
{
return(BadRequest("Error"));
}
return(Ok(score));
}
public UserInfo getAuth(string token)
{
try
{
SSO.IdentityClient client = new SSO.IdentityClient();
SSO.AuthResponse ui = client.Auth(token);
return(new UserInfo
{
Email = ui.Email,
FirstName = ui.FirstName,
LastName = ui.LastName,
Roles = ui.Roles.ToList(),
UserId = ui.UserId,
Username = ui.Username
});
}
catch (Exception e)
{
throw new UnauthorizedAccessException("Authorization failed.", e);
}
}
public async Task <IHttpActionResult> PostCV_ITEM()
{
if (!Request.Content.IsMimeMultipartContent())
{
this.Request.CreateResponse(HttpStatusCode.UnsupportedMediaType);
}
if (HttpContext.Current.Request.Cookies.AllKeys.Contains("sid"))
{
try
{
response = identity.Auth(HttpContext.Current.Request.Cookies.Get("sid").Value);
}
catch
{
return(BadRequest("Invalid token. Login in again!"));
}
if (!(response.Roles.Contains("CV_ADMIN") || response.Roles.Contains("ADMIN")))
{
return(BadRequest("You are not authorized for this action"));
}
}
else
{
return(BadRequest("You are not logged in. Please login and try again."));
}
CV_ITEM cv = new CV_ITEM();
List <CV_ITEM_LINK> links = new List <CV_ITEM_LINK>();
try {
string root = HttpContext.Current.Server.MapPath("~/App_Data");
var provider = new MultipartFormDataStreamProvider(root);
await Request.Content.ReadAsMultipartAsync(provider);
//lopp for going trough all key:values pairs
/* foreach (var key in provider.FormData.AllKeys)
* {
* //next loop is used for the case when one key has multiple values
* foreach (var val in provider.FormData.GetValues(key))
* {
* }
* }*/
cv.CV_TABLE_ID_CV = response.UserId;
links = Newtonsoft.Json.JsonConvert.DeserializeObject <List <CV_ITEM_LINK> >(provider.FormData.GetValues("LINKS").First());
cv.NAME = provider.FormData.GetValues("NAME").First();
cv.DESCRIPTION = provider.FormData.GetValues("DESCRIPTION").First();
cv.CRITERIA_ID_CRITERIA = Convert.ToInt64(provider.FormData.GetValues("CRITERIA_ID_CRITERIA").First());
cv.START_DATE = Convert.ToDateTime(provider.FormData.GetValues("START_DATE").First());
cv.END_DATE = Convert.ToDateTime(provider.FormData.GetValues("END_DATE").First());
//status=unconfirmed
cv.STATUS_ID = 1;
cv.DATE_CREATED = DateTime.Now;
if (provider.FileData.Count > 0)
{
string uploadedFile = "";
string localfilename = "";
//loop for multiple files if needed
foreach (var file in provider.FileData)
{
//deletes "" / signs in filename
uploadedFile = JsonConvert.DeserializeObject(file.Headers.ContentDisposition.FileName).ToString();
localfilename = file.LocalFileName;
}
var userId = response.UserId;
string identifier = Guid.NewGuid().ToString();
var extension = Path.GetExtension(uploadedFile);
string path = userId + "-" + identifier + extension;
var fileName = Path.GetFileName(path);
string[] _supportedExtensions = { ".zip", ".rar", ".doc", ".pdf", ".docx", ".odt" };
if (!_supportedExtensions.Contains(extension))
{
return(BadRequest("File not supported"));
}
//blobContainer.CreateIfNotExists();
//blob = blobContainer.GetBlockBlobReference(fileName);
//localfilename: path of the file on server
//blob.UploadFromFile(localfilename);
cv.CV_ITEM_LINK_LINK = "http://www.pdf995.com/samples/pdf.pdf";//blob.Uri.ToString();
}
}
catch (Exception e)
{
return(InternalServerError(e));
}
//saving CV_item to database
db.CV_ITEM.Add(cv);
db.SaveChanges();
//now update CV_ITEM_ID in every link
foreach (CV_ITEM_LINK link in links)
{
link.CV_ITEM_ID = cv.ID_ITEM;
}
db.CV_ITEM_LINK.AddRange(links);
db.SaveChanges();
//returns cv_item atributes incuding list of ATTACHMENTS
return(Ok(cv));
}
