public IList <StudentDTOForStudentAndParent> ConvertToStudentDTOListForStudentAndParent(List <Student> students) { IList <StudentDTOForStudentAndParent> dtos = new List <StudentDTOForStudentAndParent>(); foreach (var student in students) { StudentDTOForStudentAndParent dto = ConvertToStudentDTOForStudentAndParent(student); dtos.Add(dto); } return(dtos); }
public StudentDTOForStudentAndParent ConvertToStudentDTOForStudentAndParent(Student x) { StudentDTOForStudentAndParent dto = new StudentDTOForStudentAndParent { Id = x.Id, UserName = x.UserName, FirstName = x.FirstName, LastName = x.LastName, Email = x.Email, PhoneNumber = x.PhoneNumber, Parent = parentToDTO.ConvertToParentDTOForStudentAndParent(x.Parent), Form = formToDTO.ConvertToFormDTOForStudentAndParent(x.Form) }; return(dto); }
public HttpResponseMessage GetStudentById(string id) { string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value; string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value; logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Student by id: " + id); try { Student student = studentsService.GetByID(id); if (student == null) { logger.Info("The student with id: " + id + " was not found."); return(Request.CreateResponse(HttpStatusCode.BadRequest, "The student with id: " + id + " was not found.")); } if (userRole == "admin") { logger.Info("Requesting found student convert for " + userRole + "role."); StudentDTOForAdmin dto = toDTO.ConvertToStudentDTOForAdmin(student, (List <IdentityUserRole>)student.Roles); if (dto == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong.")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, dto)); } else if (userRole == "teacher") { logger.Info("Requesting found student convert for " + userRole + "role."); StudentDTOForTeacher dto = toDTO.ConvertToStudentDTOForTeacher(student); if (dto == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong.")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, dto)); } //ukoliko pretrazuje ucenik ili roditelj za sebe, tj. svoje dete //ili ukoliko pretrazuje za ucenika iz svog odeljenja ili odeljenja svog deteta else if (userId == student.Id || userId == student.Parent.Id || student.Form.Students.Any(x => x.Id == userId) == true || student.Form.Students.Any(x => x.Parent.Id == userId) == true) { logger.Info("Requesting found student convert for " + userRole + "role."); StudentDTOForStudentAndParent dto = toDTO.ConvertToStudentDTOForStudentAndParent(student); if (dto == null) { logger.Info("Failed!"); return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong.")); } logger.Info("Success!"); return(Request.CreateResponse(HttpStatusCode.OK, dto)); } else { logger.Info("Authorisation failure. User " + userId + " is not authorised for this request."); return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " + "We’re sorry, but you are not authorized to perform the requested operation.")); } } catch (Exception e) { logger.Error(e); return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e)); } }