/// <summary> Not sure yet if we should delete it </summary> /// <param name="id"></param> /// <returns></returns> public async Task <dynamic> Delete([FromUri] long id) { long UserId = long.Parse(User.Identity.GetUserId()); var oldTask = await db.Tasks.Where(f => f.Id == id).Include(f => f.ForField) .Include(f => f.ForField.OnOrganisation).Include(f => f.ForField.OnOrganisation.Bonds).FirstOrDefaultAsync(); if (oldTask == null) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.DoesntExist)); } //Setup variables string role = OrganisationsController.FindAndGetRole(oldTask.ForField.OnOrganisation, UserId); TaskManagementRole = BondDb.CanAssignJobsToOthers.Contains(role); if (!CheckPermission(TaskManagementRole, UserId, oldTask)) { oldTask.MarkedDeleted = true; eventLog = JsonConvert.DeserializeObject <List <TaskEvent> >(oldTask.EventLog); var it = new TaskEvent((DTO.TaskDTO)oldTask, UserId, "Task was deleted"); eventLog.Add(it); oldTask.EventLog = JsonConvert.SerializeObject(eventLog); await db.SaveChangesAsync(); return(Ok()); } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.PermissionsTooLow)); }; }
/// <summary> Will soft-delete the spesified field, but only if you are the owner </summary> /// <param name="id">ID of the Field</param> /// <returns>Returns OK if done, and ErrorResponce if there is an error</returns> public async Task <dynamic> Delete([FromUri] long id) { var userId = long.Parse(User.Identity.GetUserId()); var field = await db.Fields.Where(f => f.Id == id).Include(f => f.OnOrganisation).Include(f => f.OnOrganisation.Bonds).FirstOrDefaultAsync(); var organisation = field?.OnOrganisation; var staff = organisation?.Bonds; if (field == null) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.DoesntExist)); } string role = OrganisationsController.FindAndGetRole(organisation, userId); if (role != BondDb.RoleManager) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.CantEdit)); } field.MarkedDeleted = true; await db.SaveChangesAsync(); return(Ok()); }
/// <summary> /// You can alter the field's name and description, if you are the owner of the organisation. You can also Undelete a field, by setting Deleted to false /// </summary> /// <param name="id">Id of the field</param> /// <param name="newField">The field object</param> /// <returns></returns> public async Task <dynamic> Put([FromUri] long id, [FromBody] Field newField) { var userId = long.Parse(User.Identity.GetUserId()); HttpResponseMessage responce = Utils.CheckModel(newField, Request); if (!responce.IsSuccessStatusCode) { return(responce); } var field = await db.Fields.Where(f => f.Id == id).Include(f => f.OnOrganisation).Include(f => f.OnOrganisation.Bonds).FirstOrDefaultAsync(); var organisation = field?.OnOrganisation; var staff = organisation?.Bonds; if (field == null) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.DoesntExist)); } string role = OrganisationsController.FindAndGetRole(organisation, userId); if (role != BondDb.RoleManager) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.CantEdit)); } if (field.Id != newField.id) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.IllegalChanges)); } //for now we do not allow people ot move fields. That could change later. if (field.onOrganisationID != newField.onOrganisationID) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.IllegalChanges)); } field.Name = newField.name; field.FieldDescription = newField.fieldDescription; field.Version = newField.version; field.MarkedDeleted = newField.markedDeleted; field.ParcelNumber = newField.parcelNumber; field.Longitude = newField.longitude; field.Lattitude = newField.latitude; field.AreaInHectares = newField.areaInHectares; field.UpdatedOn = DateTime.UtcNow; await db.SaveChangesAsync(); return(Ok((Field)field)); }
/// <summary> Edits a job that already exists, according to the truth Table. You can wind back time, we do not check for it. </summary> /// <param name="id">Id of the job you want to alter</param> /// <param name="newTask">Job to be added</param> /// <returns></returns> public async Task <dynamic> Put([FromUri] long id, [FromBody] DTO.TaskDTO newTask) { bool AdvancedEdits = false; long UserId = long.Parse(User.Identity.GetUserId()); bool TimeAdded = false; bool anythingChanged = false; //Check Data integrity HttpResponseMessage responce = Utils.CheckModel(newTask, Request); if (!responce.IsSuccessStatusCode) { return(responce); } TaskDb oldTask = await db.Tasks.Where(f => f.Id == id).Include(f => f.ForField) .Include(f => f.ForField.OnOrganisation).Include(f => f.ForField.OnOrganisation.Bonds).FirstOrDefaultAsync(); if (oldTask == null) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.DoesntExist)); } if (!oldTask.ForField.OnOrganisation.Bonds.Any(p => p.PersonID == newTask.assignedToID)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.PersonNotAvaliable)); } //Setup variables string role = OrganisationsController.FindAndGetRole(oldTask.ForField.OnOrganisation, UserId); TaskManagementRole = BondDb.CanAssignJobsToOthers.Contains(role); TimeAdded = oldTask.TimeTaken < newTask.timeTaken; anythingChanged = AdvancedEdits || TimeAdded || newTask.state != oldTask.State; //Check user's access if (role == BondDb.RoleNone) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.CantView)); } bool[] permission = Permissions.First(p => p[0] == TaskManagementRole && p[1] == AssignedToSelf && p[2] == AssignedBySelf); if (!CheckPermission(TaskManagementRole, UserId, oldTask, newTask)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.PermissionsTooLow)); } if (anythingChanged) { eventLog = JsonConvert.DeserializeObject <List <TaskEvent> >(oldTask.EventLog); oldTask.Name = newTask.name; oldTask.TaskDescription = newTask.taskDescription; oldTask.PayRate = newTask.payRate; oldTask.State = newTask.state; oldTask.DueDate = newTask.dueDate; oldTask.TimeTaken = newTask.timeTaken; oldTask.MarkedDeleted = newTask.markedDeleted; oldTask.AssignedToID = newTask.assignedToID; oldTask.UpdatedOn = DateTime.UtcNow; eventLog.Add(new TaskEvent((DTO.TaskDTO)oldTask, UserId)); oldTask.EventLog = JsonConvert.SerializeObject(eventLog); if (newTask.state == TaskDb.StateFinished) { oldTask.DateFinished = DateTimeOffset.UtcNow; } await db.SaveChangesAsync(); } return(Ok((TaskDTO)oldTask)); }
/// <summary> Creates a job. You can assign a job to yourself, or to staff at this organisation if you role is manager or owner </summary> /// <param name="newJob">Job to be added</param> /// <returns>200 if successfull, and ErrorResponce Otherwise</returns> public async Task <dynamic> Post([FromBody] DTO.TaskDTO newJob) { if (newJob != null) { newJob.oldObject = false; } long UserId = long.Parse(User.Identity.GetUserId()); HttpResponseMessage responce = Utils.CheckModel(newJob, Request); if (!responce.IsSuccessStatusCode) { return(responce); } var theField = await db.Fields.Where(f => f.Id == newJob.forFieldID).Include(f => f.OnOrganisation).Include(f => f.OnOrganisation.Bonds).FirstOrDefaultAsync(); if (theField == null) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.DoesntExist)); } if (!theField.OnOrganisation.Bonds.Any(p => p.PersonID == newJob.assignedToID)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.PersonNotAvaliable)); } string role = OrganisationsController.FindAndGetRole(theField.OnOrganisation, UserId); bool editRights = BondDb.CanAssignJobsToOthers.Contains(role); bool requestAuthorised = false; //Check user's access if (role == BondDb.RoleNone) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.CantView)); } //Self-create if (newJob.assignedToID == UserId || editRights) { requestAuthorised = true; } TaskDb job = new TaskDb { Name = newJob.name, TaskDescription = newJob.taskDescription, PayRate = newJob.payRate, State = newJob.state, Type = newJob.type, DueDate = newJob.dueDate, EventLog = string.Empty, AssignedByID = UserId, AssignedToID = newJob.assignedToID, ForFieldID = theField.Id, TimeTaken = 0, CreatedOn = DateTime.UtcNow, UpdatedOn = DateTime.UtcNow, MarkedDeleted = false }; eventLog.Add(new TaskEvent((DTO.TaskDTO)job, UserId, "Job crated")); job.EventLog = JsonConvert.SerializeObject(eventLog); if (requestAuthorised) { db.Tasks.Add(job); await db.SaveChangesAsync(); //If it makes sence, send a mesage if (newJob.assignedToID != UserId && newJob.state != TaskDb.StateFinished) { var parties = await db.Users.Where(p => p.Id == newJob.assignedToID || p.Id == UserId).ToArrayAsync(); long phone = parties.First(p => p.Id == newJob.assignedToID).PhoneNumber; string actorName = parties.First(p => p.Id == UserId).FirstName + " " + parties.First(p => p.Id == UserId).LastName; string message = "Hive: " + String.Format("{0} has assigned you a {1} task at the {2} field. For more details, see Tasks in the Hive app on your phone", actorName, newJob.type, theField.Name); SMSService.SendMessage(phone.ToString(), message); //We don;t want to await an SMS, really } return(Ok((DTO.TaskDTO)job)); } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.IllegalChanges)); } }