public async Task <ActionResult <UULResponse> > AddHabitant(HabitantDTO habitantDTO) // TODO check rules before adding
{
var currentUser = HttpContext.User;
UULResponse response;
try {
var userInfo = SecHelper.GetUserInfo(currentUser.Claims);
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).SingleOrDefaultAsync();
if (user == null)
{
return(Error.ProfileNotFound.CreateErrorResponse(_logger, "AddHabitant"));
}
var habitant = new Habitant(habitantDTO)
{
User = user
};
_context.Habitants.Add(habitant);
await _context.SaveChangesAsync();
var habitants = await _context.Habitants.Where(h => h.User.ID == user.ID).Select(h => new HabitantDTO(h)).ToListAsync();
userInfo.IsActivated = user.IsActivated;
userInfo.Habitants = habitants;
response = new UULResponse()
{
Success = true, Message = "Habitant was added", Data = userInfo
};
} catch (Exception e) {
response = Error.ProfileAddHabitantFailed.CreateErrorResponse(_logger, "AddHabitant", e);
}
return(response);
}
public async Task <ActionResult <UULResponse> > ChangePassword(UserUpdatePasswordDTO userPwdsDTO)
{
if (!userPwdsDTO.isValid(out var msg))
{
return(Error.ProfileValidationFailed.CreateErrorResponse(_logger, "ChangePassword", new Exception(msg)));
}
UULResponse response;
try {
var userInfoDTO = await AuthenticateUserOrThrow(userPwdsDTO.toLoginInfoDTO());
var user = await UserDao.GetUserByDetailsOrThrow(_context, userInfoDTO.Login, userInfoDTO.ApartmentCode);
var salt = SecHelper.CreateSalt();
user.Salt = salt;
user.Hash = SecHelper.SaltAndHashPwd(userPwdsDTO.NewPwd, salt);
_context.Users.Update(user);
await _context.SaveChangesAsync();
var tokenString = SecHelper.GenerateJSONWebToken(userInfoDTO.Login, userInfoDTO.ApartmentCode, _config);
var habitants = await _context.Habitants.Where(h => h.User.ID == user.ID).Select(h => new HabitantDTO(h)).ToListAsync();
response = new UULResponse()
{
Success = true, Message = tokenString, Data = new UserInfoDTO(user, habitants)
};
} catch (UserProfileNotFoundException e) {
response = Error.ProfileNotFound.CreateErrorResponse(_logger, "ChangePassword", e);
} catch (AuthException e) {
response = Error.AuthFailed.CreateErrorResponse(_logger, "ChangePassword", e);
} catch (Exception e) {
response = Error.ProfileChangePwdFailed.CreateErrorResponse(_logger, "ChangePassword", e);
}
return(response);
}
public async Task <ActionResult <UULResponse> > DeleteNews(long id)
{
UULResponse response;
var currentUser = HttpContext.User;
try {
var user = await UserDao.GetUserFromClaimsOrThrow(_context, HttpContext.User);
if (!SecHelper.IsAdmin(user))
{
throw new Exception("Access denied");
}
var news = await _context.News.FindAsync(id);
_context.News.Remove(news);
await _context.SaveChangesAsync();
response = new UULResponse()
{
Success = true, Message = "News item was deleted", Data = null
};
} catch (Exception e) {
response = new UULResponse()
{
Success = false, Message = e.Message, Data = null
};
}
return(response);
}
public async Task <ActionResult <ICollection <UserWebInfoDTO> > > UpdateUser(UserWebInfoDTO userWebInfoDTO)
{
var userInfo = SecHelper.GetUserInfo(HttpContext.User.Claims);
try {
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).SingleOrDefaultAsync();
if (!SecHelper.IsAdmin(user)) // TODO move to claims
{
throw new Exception("Not admin");
}
var userToUpdate = await _context.Users.FindAsync(userWebInfoDTO.ID);
if (userToUpdate == null)
{
return(new NotFoundResult());
}
userToUpdate.IsActivated = userWebInfoDTO.IsActivated; // currently only this
_context.Users.Update(userToUpdate);
await _context.SaveChangesAsync();
return(new OkObjectResult(userWebInfoDTO));
} catch {
return(new ForbidResult());
}
}
private async Task <ActionResult <UULResponse> > BookTimeSlotByGym(BookTimeSlotDTO dto, int gymId)
{
UULResponse response; // TODO refactor to use exceptions
var currentUser = HttpContext.User;
try {
var userInfo = SecHelper.GetUserInfo(currentUser.Claims);
var user = await _context.Users.Where(u => u.Login.Equals(userInfo.Login) && u.ApartmentCode.Equals(userInfo.ApartmentCode)).SingleOrDefaultAsync();
if (user is null)
{
return(Error.ProfileNotFound.CreateErrorResponse(_logger, "BookTimeSlotsByGym"));
}
if (!user.IsActivated)
{
return(Error.ProfileNotActivated.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
var timeSlot = await _context.TimeSlots
.Include(t => t.OccupiedBy)
.Include(t => t.Gym)
.FirstOrDefaultAsync(t => t.ID == dto.TimeslotId);
if (timeSlot is null)
{
return(Error.TimeSlotNotFound.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
var rulesDto = await RulesDao.GetCurrentRulesDTOOrDefault(_context);
if (rulesDto is null)
{
return(Error.RulesNotFound.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
DateOperations.GetTodayTimeSlotsBoundsUtc(rulesDto.TimeSlotSpan, out DateTime todayStart, out DateTime todayEnd);
if (!timeSlot.Gym.IsOpen)
{
return(Error.GymClosed.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
if (!(timeSlot.Start.IsWithinBounds(todayStart, todayEnd)))
{
return(Error.TimeSlotNotToday.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
if (timeSlot.OccupiedBy.Count >= rulesDto.PersonsPerTimeSlot)
{
return(Error.TimeSlotFull.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
if (await AlreadyBookedInBoundsUTC(dto.HabitantId, todayStart, todayEnd))
{
return(Error.TimeSlotOverbooking.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
Habitant habitant = await _context.Habitants.FindAsync(dto.HabitantId);
if (habitant is null)
{
return(Error.ProfileHabitantLookupFailed.CreateErrorResponse(_logger, "BookTimesSlotsByGym"));
}
timeSlot.OccupiedBy.Add(habitant);
habitant.LastGymVisit = timeSlot.Start;
_context.TimeSlots.Update(timeSlot);
_context.Habitants.Update(habitant);
var success = await _context.SaveChangesAsync() != 0;
var slots = gymId == -1 ? await TimeSlotsDao.GetTimeSlotsByUtcBounds(_context, todayStart, todayEnd) : await TimeSlotsDao.GetTimeSlotsByUtcBounds(_context, gymId, todayStart, todayEnd);
var data = new ScheduleDTO()
{
Date = todayStart.Year + "/" + todayStart.Month + "/" + todayStart.Day, GymId = gymId == -1 ? null : gymId, TimeSlots = slots
};
response = new UULResponse()
{
Success = success, Message = "Booked", Data = data
};
} catch (Exception e) {
response = Error.TimeSlotsBookingFailed.CreateErrorResponse(_logger, "BookTimesSlotsByGym", e);
}
return(response);
}