public HttpResponseMessage PutStudentForm(string id, int formId)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
logger.Info("UserId: " + userId + ": Requesting Student Update For Student Id: " + id + ", add Student to Form Id: " + formId);
try
{
StudentDTOForAdmin saved = studentsService.UpdateStudentForm(id, formId);
if (saved == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Failed!"));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, saved));
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
}
}
public StudentDTOForAdmin ConvertToStudentDTOForAdmin(Student x, IList <IdentityUserRole> roles)
{
IList <string> rolesIds = new List <string>();
foreach (var role in roles)
{
rolesIds.Add(role.RoleId);
}
StudentDTOForAdmin dto = new StudentDTOForAdmin
{
Id = x.Id,
Roles = rolesIds,
UserName = x.UserName,
FirstName = x.FirstName,
LastName = x.LastName,
Email = x.Email,
EmailConfirmed = x.EmailConfirmed,
PhoneNumber = x.PhoneNumber,
PhoneNumberConfirmed = x.PhoneNumberConfirmed,
Jmbg = x.Jmbg,
DayOfBirth = x.DayOfBirth,
ImagePath = x.ImagePath,
IsActive = x.IsActive,
Parent = parentToDTO.ConvertToParentDTOForAdmin(x.Parent, (List <IdentityUserRole>)x.Parent.Roles),
Form = formToDTO.ConvertToFormDTOForAdmin(x.Form)
};
return(dto);
}
public StudentDTOForAdmin UpdateStudentForm(string id, int formId)
{
Student found = GetByID(id);
if (found == null)
{
throw new HttpException("The student by id " + id + " was not found.");
}
if (found.IsActive == false)
{
throw new HttpException("The student by id " + id + " is no longer actively enrolled in this school.");
}
Form foundForm = db.FormsRepository.GetByID(formId);
if (foundForm == null)
{
throw new HttpException("The form with id: " + formId + " was not found.");
}
if (foundForm.Started.AddDays(360).CompareTo(DateTime.UtcNow) < 0)
{
throw new HttpException("The Form with id: " + formId + " was not created for this shool year. " +
"This form is from: " + foundForm.Started.Year + ". Students must be assign to a form from this school year.");
}
found.Form = foundForm;
db.StudentsRepository.Update(found);
db.Save();
StudentDTOForAdmin dto = toDTO.ConvertToStudentDTOForAdmin(found, (List <IdentityUserRole>)found.Roles);
return(dto);
}
public HttpResponseMessage PutStudentToNewParent(string id, string parentId)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
logger.Info("UserId: " + userId + ": Requesting Update for Student Id: " + id + ". Assigning new parent id: " + parentId);
try
{
StudentDTOForAdmin saved = studentsService.UpdateStudentParent(id, parentId);
if (saved == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Failed! Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, saved));
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateResponse(HttpStatusCode.BadRequest, e));
}
}
public async Task <HttpResponseMessage> PutStudent(string id, [FromBody] PutStudentDTO updated)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
logger.Info("UserId: " + userId + ": Requesting Update for Student Id: " + id);
if (updated.Id != id)
{
logger.Error("Updated student id " + updated.Id + " doesn't match the id " + id + " from the request (route).");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Updated " +
"student id " + updated.Id + " doesn't match the id " + id + " from the request (route)."));
}
try
{
StudentDTOForAdmin saved = await studentsService.Update(id, updated);
if (saved == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Failed! Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, saved));
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateResponse(HttpStatusCode.BadRequest, e));
}
}
public IList <StudentDTOForAdmin> ConvertToStudentDTOListForAdmin(List <Student> students)
{
IList <StudentDTOForAdmin> dtos = new List <StudentDTOForAdmin>();
foreach (var student in students)
{
StudentDTOForAdmin dto = ConvertToStudentDTOForAdmin(student, (IList <IdentityUserRole>)student.Roles);
dtos.Add(dto);
}
return(dtos);
}
public async Task <HttpResponseMessage> PostImageFormData(string id)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
logger.Info("UserId: " + userId + ": Requesting Student Image Upload for Student Id: " + id);
if (!Request.Content.IsMimeMultipartContent())
{
logger.Info("Failed! Unsupported Media Type.");
throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);
}
string root = HttpContext.Current.Server.MapPath("~/App_Data");
var provider = new MultipartFormDataStreamProvider(root);
try
{
// Read the form data.
await Request.Content.ReadAsMultipartAsync(provider);
// This illustrates how to get the file names.
foreach (MultipartFileData file in provider.FileData)
{
logger.Info("Server file path: " + file.LocalFileName);
StudentDTOForAdmin student = studentsService.UpdateStudentWithImage(id, file.LocalFileName);
if (student == null)
{
logger.Info("The student with id: " + id + " was not found.");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "The student with id: " + id + " was not found."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, student));
}
logger.Info("Failed.");
return(Request.CreateResponse(HttpStatusCode.BadRequest));
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, e));
}
}
public StudentDTOForAdmin UpdateStudentWithImage(string id, string localFileName)
{
Student found = db.StudentsRepository.GetByID(id);
if (found == null)
{
throw new HttpException("The student with id: " + id + " was not found.");
}
found.ImagePath = localFileName;
db.StudentsRepository.Update(found);
db.Save();
StudentDTOForAdmin updatedDTO = new StudentDTOForAdmin();
updatedDTO = toDTO.ConvertToStudentDTOForAdmin(found, (List <IdentityUserRole>)found.Roles);
return(updatedDTO);
}
public StudentDTOForAdmin UpdateStudentParent(string id, string parentId)
{
Student found = db.StudentsRepository.GetByID(id);
if (found == null)
{
throw new HttpException("The student with id: " + id + " was not found.");
}
Parent oldParent = db.ParentsRepository.GetByID(found.Parent.Id);
if (oldParent == null)
{
throw new HttpException("The student with id: " + id + " dont have a gardian - not possible.");
}
Parent foundParent = db.ParentsRepository.GetByID(parentId);
found.Parent = foundParent ?? throw new HttpException("The parent with id: " + parentId + " was not found.");
db.StudentsRepository.Update(found);
IEnumerable <Student> oldParentStudents = oldParent.Students;
if (oldParentStudents.Count() == 0)
{
db.ParentsRepository.Delete(oldParent);
}
db.Save();
emailsService.CreateMailForParentNewStudentAssigned(found.Parent.Id);
StudentDTOForAdmin updatedDTO = new StudentDTOForAdmin();
updatedDTO = toDTO.ConvertToStudentDTOForAdmin(found, (List <IdentityUserRole>)found.Roles);
return(updatedDTO);
}
public async Task <StudentDTOForAdmin> Update(string id, PutStudentDTO updated)
{
Student found = db.StudentsRepository.GetByID(id);
if (found == null)
{
throw new HttpException("The student with id: " + id + " was not found.");
}
if (updated.UserName != null)
{
ApplicationUser foundByUserName = await usersService.FindUserByUserName(updated.UserName);
if (foundByUserName != null && foundByUserName.Id != found.Id)
{
throw new HttpException("The username " + updated.UserName + " already exists.");
}
found.UserName = updated.UserName;
}
if (updated.Jmbg != null)
{
ApplicationUser foundByJmbg = usersService.GetByJmbg(updated.Jmbg);
if (foundByJmbg != null && foundByJmbg.Id != found.Id)
{
throw new HttpException("The user with JMBG: " + updated.Jmbg + " is already in the sistem." +
"Leave blank if you don't want to change the JMBG.");
}
}
if (updated.FirstName != null)
{
found.FirstName = updated.FirstName;
}
if (updated.LastName != null)
{
found.LastName = updated.LastName;
}
if (updated.Email != null)
{
found.Email = updated.Email;
}
if (updated.EmailConfirmed != null)
{
found.EmailConfirmed = (bool)updated.EmailConfirmed;
}
if (updated.PhoneNumber != null)
{
found.PhoneNumber = updated.PhoneNumber;
}
if (updated.PhoneNumberConfirmed != null)
{
found.PhoneNumberConfirmed = (bool)updated.PhoneNumberConfirmed;
}
if (updated.DayOfBirth != null)
{
found.DayOfBirth = (DateTime)updated.DayOfBirth;
}
if (updated.IsActive != null)
{
found.IsActive = (bool)updated.IsActive;
}
if (updated.FormId != null)
{
Form foundForm = formsService.GetByID((int)updated.FormId);
if (foundForm == null)
{
throw new HttpException("The Form with id: " + updated.FormId + " was not found.");
}
if (foundForm.Started.AddDays(360).CompareTo(DateTime.UtcNow) < 0)
{
throw new HttpException("The Form with id: " + id + " was not created for this shool year. " +
"This form is from: " + foundForm.Started.Year + ". Students must be assign to a form from this school year.");
}
found.Form = foundForm;
}
db.StudentsRepository.Update(found);
db.Save();
emailsService.CreateMailForUserUpdate(found.Id);
emailsService.CreateMailForParentForStudentUpdate(found.Id);
StudentDTOForAdmin updatedDTO = new StudentDTOForAdmin();
updatedDTO = toDTO.ConvertToStudentDTOForAdmin(found, (List <IdentityUserRole>)found.Roles);
return(updatedDTO);
}
public HttpResponseMessage GetStudentById(string id)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value;
logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Student by id: " + id);
try
{
Student student = studentsService.GetByID(id);
if (student == null)
{
logger.Info("The student with id: " + id + " was not found.");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "The student with id: " + id + " was not found."));
}
if (userRole == "admin")
{
logger.Info("Requesting found student convert for " + userRole + "role.");
StudentDTOForAdmin dto = toDTO.ConvertToStudentDTOForAdmin(student, (List <IdentityUserRole>)student.Roles);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else if (userRole == "teacher")
{
logger.Info("Requesting found student convert for " + userRole + "role.");
StudentDTOForTeacher dto = toDTO.ConvertToStudentDTOForTeacher(student);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
//ukoliko pretrazuje ucenik ili roditelj za sebe, tj. svoje dete
//ili ukoliko pretrazuje za ucenika iz svog odeljenja ili odeljenja svog deteta
else if (userId == student.Id || userId == student.Parent.Id || student.Form.Students.Any(x => x.Id == userId) == true ||
student.Form.Students.Any(x => x.Parent.Id == userId) == true)
{
logger.Info("Requesting found student convert for " + userRole + "role.");
StudentDTOForStudentAndParent dto = toDTO.ConvertToStudentDTOForStudentAndParent(student);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else
{
logger.Info("Authorisation failure. User " + userId + " is not authorised for this request.");
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " +
"We’re sorry, but you are not authorized to perform the requested operation."));
}
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
}
}