public async Task <IActionResult> Get() { var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last(); string[] roles = { "User", "Admin", "SchoolAdmin" }; if (RoleService.CheckRoles(token, roles, _userManager)) { var candidacyRepo = new CandidacyRepository(); var detailsRepo = new UserDetailsRepository(); var handler = new JwtSecurityTokenHandler(); var sub = handler.ReadJwtToken(token).Payload.Sub; var details = detailsRepo.GetByUserId(sub); var candidacy = candidacyRepo.GetAll().Last(x => x.OwnerId.Value == details.Id); var credentials = GoogleCredential.FromFile( PathHelper.GetCredentialsPath()); var storage = StorageClient.CreateAsync(credentials); var url = SignedUrlHelper.GenerateV4SignedGetUrl("deep-castle-261418-user-photo-bucket", candidacy.PhotoPath); return(Ok(url)); } return(Unauthorized()); }
public async Task <IActionResult> GetSurveys() { var schoolRepo = new SchoolRepository(); var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last(); string[] roles = { "User", "Admin", "SchoolAdmin" }; var handler = new JwtSecurityTokenHandler(); var sub = handler.ReadJwtToken(token).Payload.Sub; var detailsRepo = new UserDetailsRepository(); var id = detailsRepo.GetByUserId(sub).SchoolId.Value; //Checks if the User have needed role to access all surveys and if User is in that school if (RoleService.CheckRoles(token, roles, _usermanager)) { var result = _repository.GetAll().Where(x => x.Author.SchoolId == id) .Select(x => new SurveySummary(x)) .ToList(); return(Ok(result)); } return(NotFound()); }
public async Task <IActionResult> Submit(VoteInput input) { var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last(); var roles = new List <string>() { "User" }; var handler = new JwtSecurityTokenHandler(); var sub = handler.ReadJwtToken(token).Payload.Sub; if (RoleService.CheckRoles(token, roles, _userManager)) { var vote = VoteInputConverter.Convert(input); var detailsRepo = new UserDetailsRepository(); var voteRecordsRepo = new VoteRecordRepository(); var detailsId = detailsRepo.GetByUserId(sub).Id; var surveyId = vote.SurveyId; if (voteRecordsRepo.GetAll().Count(x => x.UserDetailsId == detailsId && x.SurveyId == surveyId) == 0) { _repository.Add(vote); var record = new VoteRecord(surveyId, detailsId); voteRecordsRepo.Add(record); return(CreatedAtAction("Submit", vote)); } return(BadRequest("You already voted")); } else { return(BadRequest("Only Users can vote.")); } }
public async Task <IActionResult> Add() { var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last(); string[] roles = { "User" }; var handler = new JwtSecurityTokenHandler(); if (RoleService.CheckRoles(token, roles, _userManager)) { var httpRequest = HttpContext.Request; var file = httpRequest.Body; //checks the size of file var imageHandler = new ImageSecurityHandler(); if (!imageHandler.CheckFileSize(httpRequest.ContentLength.Value)) { _logger.LogInformation($"size is {httpRequest.ContentLength}"); return(BadRequest("Photo must be between 5KB and 5MB")); } //checks the format of file if (!imageHandler.CheckFileFormat(httpRequest.ContentType)) { _logger.LogInformation($"file format is {httpRequest.ContentType}"); return(BadRequest("Wrong file format")); } var sub = handler.ReadJwtToken(token).Payload.Sub; var credentials = GoogleCredential.FromFile("../Infrastructure/Images/GCStorage/Rosta-a2299c0ab851.json"); var storage = StorageClient.CreateAsync(credentials); var lastId = 0; if (storage.Result .ListObjects("deep-castle-261418-user-photo-bucket") .Select(x => x.Name) .Count(x => x.Contains(sub)) > 0) { lastId = int.Parse(storage.Result .ListObjects("deep-castle-261418-user-photo-bucket") .Select(x => x.Name).Last(x => x.Contains(sub)) .Split("-").Last()); } var detailsRepository = new UserDetailsRepository(); var details = detailsRepository.GetByUserId(sub); var candidacyRepository = new CandidacyRepository(); var candidacy = candidacyRepository.GetAll().Last(x => x.OwnerId == details.Id); //Checks if User have candidacy if (candidacyRepository.GetAll().Count(x => x.OwnerId == details.Id) == 0) { return(BadRequest("User didnt submited candidacy.")); } //Uploading Photo to Google Cloud and updating indecies. var photoName = $"{sub}-profilePhoto-{lastId + 1}"; storage.Result.UploadObject("deep-castle-261418-user-photo-bucket", photoName, MediaTypeNames.Image.Jpeg, file, null); candidacy.PhotoPath = photoName; candidacyRepository.Edit(candidacy); return(Ok()); } return(Unauthorized()); }
public async Task <IActionResult> Add(int id) { var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last(); string[] roles = { "User", "Admin", "SchoolAdmin" }; var handler = new JwtSecurityTokenHandler(); if (RoleService.CheckRoles(token, roles, _userManager)) { var httpRequest = HttpContext.Request; var file = httpRequest.Body; //checks the size of file var imageHandler = new ImageSecurityHandler(); if (!imageHandler.CheckFileSize(httpRequest.ContentLength.Value)) { _logger.LogInformation($"size is {httpRequest.ContentLength}"); return(BadRequest("Photo must be between 5KB and 5MB")); } //checks the format of file if (!imageHandler.CheckFileFormat(httpRequest.ContentType)) { _logger.LogInformation($"file format is {httpRequest.ContentType}"); return(BadRequest("Wrong file format")); } var sub = handler.ReadJwtToken(token).Payload.Sub; var credentials = GoogleCredential.FromFile( PathHelper.GetCredentialsPath()); var storage = StorageClient.CreateAsync(credentials); var lastId = 0; if (storage.Result .ListObjects("deep-castle-261418-survey-photo-bucket") .Select(x => x.Name) .Count(x => x.Contains(sub)) > 0) { lastId = int.Parse(storage.Result .ListObjects("deep-castle-261418-survey-photo-bucket") .Select(x => x.Name).Last(x => x.Contains(sub)) .Split("-").Last()); } var surveyRepo = new SurveyRepository(); if (!surveyRepo.GetAll().Select(x => x.Id).Contains(id)) { return(BadRequest($"Survey doesnt with {id} exsit")); } var detailsRepo = new UserDetailsRepository(); var detailsId = detailsRepo.GetByUserId(sub).Id; if (surveyRepo.GetAll().First(x => x.Id == id).AuthorId != detailsId) { return(BadRequest("You dont have rights to edit that survey")); } var survey = surveyRepo.GetById(id); var photoPath = $"{sub}-{survey.Id}-surveyPhoto-{lastId + 1}"; storage.Result.UploadObject("deep-castle-261418-survey-photo-bucket", photoPath, MediaTypeNames.Image.Jpeg, file, null); survey.PhotoPath = photoPath; surveyRepo.Edit(survey); return(Ok()); } return(Unauthorized()); }