Exemplo n.º 1
0
        public IList <StudentDTOForStudentAndParent> ConvertToStudentDTOListForStudentAndParent(List <Student> students)
        {
            IList <StudentDTOForStudentAndParent> dtos = new List <StudentDTOForStudentAndParent>();

            foreach (var student in students)
            {
                StudentDTOForStudentAndParent dto = ConvertToStudentDTOForStudentAndParent(student);
                dtos.Add(dto);
            }

            return(dtos);
        }
Exemplo n.º 2
0
        public StudentDTOForStudentAndParent ConvertToStudentDTOForStudentAndParent(Student x)
        {
            StudentDTOForStudentAndParent dto = new StudentDTOForStudentAndParent
            {
                Id          = x.Id,
                UserName    = x.UserName,
                FirstName   = x.FirstName,
                LastName    = x.LastName,
                Email       = x.Email,
                PhoneNumber = x.PhoneNumber,
                Parent      = parentToDTO.ConvertToParentDTOForStudentAndParent(x.Parent),
                Form        = formToDTO.ConvertToFormDTOForStudentAndParent(x.Form)
            };

            return(dto);
        }
Exemplo n.º 3
0
        public HttpResponseMessage GetStudentById(string id)
        {
            string userId   = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
            string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value;

            logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Student by id: " + id);

            try
            {
                Student student = studentsService.GetByID(id);

                if (student == null)
                {
                    logger.Info("The student with id: " + id + " was not found.");
                    return(Request.CreateResponse(HttpStatusCode.BadRequest, "The student with id: " + id + " was not found."));
                }
                if (userRole == "admin")
                {
                    logger.Info("Requesting found student convert for " + userRole + "role.");
                    StudentDTOForAdmin dto = toDTO.ConvertToStudentDTOForAdmin(student, (List <IdentityUserRole>)student.Roles);
                    if (dto == null)
                    {
                        logger.Info("Failed!");
                        return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
                    }
                    logger.Info("Success!");
                    return(Request.CreateResponse(HttpStatusCode.OK, dto));
                }
                else if (userRole == "teacher")
                {
                    logger.Info("Requesting found student convert for " + userRole + "role.");
                    StudentDTOForTeacher dto = toDTO.ConvertToStudentDTOForTeacher(student);
                    if (dto == null)
                    {
                        logger.Info("Failed!");
                        return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
                    }
                    logger.Info("Success!");
                    return(Request.CreateResponse(HttpStatusCode.OK, dto));
                }
                //ukoliko pretrazuje ucenik ili roditelj za sebe, tj. svoje dete
                //ili ukoliko pretrazuje za ucenika iz svog odeljenja ili odeljenja svog deteta
                else if (userId == student.Id || userId == student.Parent.Id || student.Form.Students.Any(x => x.Id == userId) == true ||
                         student.Form.Students.Any(x => x.Parent.Id == userId) == true)
                {
                    logger.Info("Requesting found student convert for " + userRole + "role.");
                    StudentDTOForStudentAndParent dto = toDTO.ConvertToStudentDTOForStudentAndParent(student);
                    if (dto == null)
                    {
                        logger.Info("Failed!");
                        return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
                    }
                    logger.Info("Success!");
                    return(Request.CreateResponse(HttpStatusCode.OK, dto));
                }
                else
                {
                    logger.Info("Authorisation failure. User " + userId + " is not authorised for this request.");
                    return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " +
                                                       "We’re sorry, but you are not authorized to perform the requested operation."));
                }
            }
            catch (Exception e)
            {
                logger.Error(e);
                return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
            }
        }