public IHttpActionResult PutAssignment(int id, AssignmentDetailTeacherDTO assignmentDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Assignment assignment = db.Assignments.Find(id);
if (assignmentDTO == null || assignment == null || assignment.Course == null || !ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Course course = assignment.Course;
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
if (!assignmentDTO.Validate(assignment, null))
{
return(BadRequest());
}
assignmentDTO.Update(assignment, null);
string error = db.Update(assignment, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignment.Id));
}
public IHttpActionResult PutUser(int id, UserDetailDTO userDTO)
{
User authorizedUser = new Authorize().GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (userDTO == null)
{
return(BadRequest());
}
if (authorizedUser == null)
{
return(Unauthorized());
}
if (userDTO.NewUserIdentifier != null)
{
User otherUser = new Authorize().GetUserByIdentifier(userDTO.NewUserIdentifier);
if (otherUser == null)
{
return(NotFound());
}
id = otherUser.Id;
}
User user = db.Users.Find(id);
if (user == null || !ModelState.IsValid || !userDTO.Validate(false, authorizedUser.Id != id ? authorizedUser : null))
{
return(BadRequest(ModelState));
}
bool logoutNecessary = false;
if (authorizedUser.Id == id)
{
userDTO.Update(user);
}
if (userDTO.NewRole != null)
{
if (authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
userDTO.UpdateRole(user);
}
string error = db.Update(user, Modified);
if (error != null)
{
return(BadRequest(error));
}
if (logoutNecessary)
{
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Logout"));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Users/" + authorizedUser.Id));
}
public IHttpActionResult PostGradingScheme(GradingSchemeDetailDTO schemeDTO)
{
User authorizedUser = new Authorize().GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Teacher teacher = authorizedUser.GetTeacher();
Course course = db.Courses.Find(schemeDTO.NewCourseId);
if (!ModelState.IsValid || !schemeDTO.Validate(teacher) || course == null)
{
return(BadRequest());
}
GradingScheme scheme = schemeDTO.Create();
db.GradingSchemes.Add(scheme);
string error = db.Update(scheme, Added);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id));
}
public IHttpActionResult PutLesson(int id, LessonDetailDTO lessonDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Lesson lesson = db.Lessons.Find(id);
if (lessonDTO == null || lesson == null || lesson.Assignment == null || lesson.Assignment.Course == null ||
!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, lesson)))
{
return(Unauthorized());
}
Tutor tutor = null;
if (lessonDTO.NewTutorIdentifier != null)
{
User user = auth.GetUserByIdentifier(lessonDTO.NewTutorIdentifier);
if (user == null && user.GetTutor() == null)
{
return(BadRequest());
}
tutor = user.GetTutor();
}
if (!lessonDTO.Validate(lesson, null, tutor))
{
return(BadRequest());
}
lessonDTO.Update(lesson, tutor);
string error = db.Update(lesson, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + lesson.Assignment.Id));
}
public IHttpActionResult PutCourse(int id, CourseDetailDTO courseDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null)
{
return(Unauthorized());
}
Course course = db.Courses.Find(id);
if (courseDTO == null || course == null || !ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
if (courseDTO.NewGradingSchemeName != null)
{
foreach (GradingScheme scheme in db.GradingSchemes)
{
if (courseDTO.NewGradingSchemeName.Equals(scheme.Name))
{
course.GradingSchemeId = scheme.Id;
break;
}
}
}
if (!courseDTO.Validate(course))
{
return(BadRequest());
}
courseDTO.Update(course);
string error = db.Update(course, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id));
}
public IHttpActionResult DeleteGroupMembership(int id)
{
User authorizedUser = new Authorize().GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetStudent() == null)
{
return(Unauthorized());
}
Student student = authorizedUser.GetStudent();
GroupMembership membership = db.GroupMemberships.Find(id);
if (membership == null)
{
return(NotFound());
}
if (membership.StudentId != student.Id)
{
return(Unauthorized());
}
if (membership.Group == null || membership.Group.Lesson == null || membership.Group.Lesson.Assignment == null ||
membership.Group.Lesson.Assignment.MembershipsFinal || membership.Student == null)
{
return(BadRequest());
}
int assignmentId = membership.Group.Lesson.Assignment.Id;
Group deleteGroup = null;
if (membership.Group.GroupMemberships.Count == 0)
{
deleteGroup = membership.Group;
}
string error = db.Update(membership, Deleted);
if (error != null)
{
return(BadRequest(error));
}
if (deleteGroup != null)
{
db.Update(deleteGroup, Deleted);
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignmentId));
}
public IHttpActionResult PutGroup(int id, GroupDetailTeacherDTO groupDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || (authorizedUser.GetTeacher() == null && authorizedUser.GetTutor() == null))
{
return(Unauthorized());
}
Group group = db.Groups.Find(id);
if (groupDTO == null || group == null || group.Lesson == null || group.Lesson.Assignment == null ||
group.Lesson.Assignment.Course == null || !ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Course course = group.Lesson.Assignment.Course;
bool isTeacher;
if (!group.IsFinal)
{
if (authorizedUser.GetTutor() == null || !authorizedUser.GetTutor().Equals(group.Lesson.Tutor))
{
return(Unauthorized());
}
isTeacher = false;
}
else
{
if (authorizedUser.GetTeacher() == null || !"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
isTeacher = true;
}
if (!groupDTO.Validate(group, isTeacher))
{
return(BadRequest());
}
groupDTO.Update(group);
string error = db.Update(group, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Groups/" + id));
}
