Exemplo n.º 1
0
        public async Task <IActionResult> Get()
        {
            var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();

            string[] roles = { "User", "Admin", "SchoolAdmin" };

            if (RoleService.CheckRoles(token, roles, _userManager))
            {
                var candidacyRepo = new CandidacyRepository();
                var detailsRepo   = new UserDetailsRepository();

                var handler = new JwtSecurityTokenHandler();
                var sub     = handler.ReadJwtToken(token).Payload.Sub;

                var details   = detailsRepo.GetByUserId(sub);
                var candidacy = candidacyRepo.GetAll().Last(x => x.OwnerId.Value == details.Id);

                var credentials =
                    GoogleCredential.FromFile(
                        PathHelper.GetCredentialsPath());
                var storage = StorageClient.CreateAsync(credentials);
                var url     = SignedUrlHelper.GenerateV4SignedGetUrl("deep-castle-261418-user-photo-bucket",
                                                                     candidacy.PhotoPath);
                return(Ok(url));
            }

            return(Unauthorized());
        }
Exemplo n.º 2
0
        public async Task <IActionResult> GetSurveys()
        {
            var schoolRepo = new SchoolRepository();

            var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();

            string[] roles = { "User", "Admin", "SchoolAdmin" };

            var handler = new JwtSecurityTokenHandler();
            var sub     = handler.ReadJwtToken(token).Payload.Sub;

            var detailsRepo = new UserDetailsRepository();
            var id          = detailsRepo.GetByUserId(sub).SchoolId.Value;

            //Checks if the User have needed role to access all surveys and if User is in that school
            if (RoleService.CheckRoles(token, roles, _usermanager))
            {
                var result = _repository.GetAll().Where(x => x.Author.SchoolId == id)
                             .Select(x => new SurveySummary(x))
                             .ToList();

                return(Ok(result));
            }

            return(NotFound());
        }
Exemplo n.º 3
0
        public async Task <IActionResult> Submit(VoteInput input)
        {
            var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();
            var roles = new List <string>()
            {
                "User"
            };

            var handler = new JwtSecurityTokenHandler();
            var sub     = handler.ReadJwtToken(token).Payload.Sub;

            if (RoleService.CheckRoles(token, roles, _userManager))
            {
                var vote = VoteInputConverter.Convert(input);

                var detailsRepo     = new UserDetailsRepository();
                var voteRecordsRepo = new VoteRecordRepository();

                var detailsId = detailsRepo.GetByUserId(sub).Id;
                var surveyId  = vote.SurveyId;

                if (voteRecordsRepo.GetAll().Count(x => x.UserDetailsId == detailsId && x.SurveyId == surveyId) == 0)
                {
                    _repository.Add(vote);



                    var record = new VoteRecord(surveyId, detailsId);
                    voteRecordsRepo.Add(record);

                    return(CreatedAtAction("Submit", vote));
                }

                return(BadRequest("You already voted"));
            }
            else
            {
                return(BadRequest("Only Users can vote."));
            }
        }
        public async Task <IActionResult> Add()
        {
            var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();

            string[] roles   = { "User" };
            var      handler = new JwtSecurityTokenHandler();

            if (RoleService.CheckRoles(token, roles, _userManager))
            {
                var httpRequest = HttpContext.Request;
                var file        = httpRequest.Body;

                //checks the size of file
                var imageHandler = new ImageSecurityHandler();
                if (!imageHandler.CheckFileSize(httpRequest.ContentLength.Value))
                {
                    _logger.LogInformation($"size is {httpRequest.ContentLength}");
                    return(BadRequest("Photo must be between 5KB and 5MB"));
                }
                //checks the format of file
                if (!imageHandler.CheckFileFormat(httpRequest.ContentType))
                {
                    _logger.LogInformation($"file format is {httpRequest.ContentType}");
                    return(BadRequest("Wrong file format"));
                }

                var sub = handler.ReadJwtToken(token).Payload.Sub;

                var credentials =
                    GoogleCredential.FromFile("../Infrastructure/Images/GCStorage/Rosta-a2299c0ab851.json");
                var storage = StorageClient.CreateAsync(credentials);

                var lastId = 0;
                if (storage.Result
                    .ListObjects("deep-castle-261418-user-photo-bucket")
                    .Select(x => x.Name)
                    .Count(x => x.Contains(sub)) > 0)
                {
                    lastId = int.Parse(storage.Result
                                       .ListObjects("deep-castle-261418-user-photo-bucket")
                                       .Select(x => x.Name).Last(x => x.Contains(sub))
                                       .Split("-").Last());
                }


                var detailsRepository   = new UserDetailsRepository();
                var details             = detailsRepository.GetByUserId(sub);
                var candidacyRepository = new CandidacyRepository();
                var candidacy           = candidacyRepository.GetAll().Last(x => x.OwnerId == details.Id);

                //Checks if User have candidacy
                if (candidacyRepository.GetAll().Count(x => x.OwnerId == details.Id) == 0)
                {
                    return(BadRequest("User didnt submited candidacy."));
                }

                //Uploading Photo to Google Cloud and updating indecies.
                var photoName = $"{sub}-profilePhoto-{lastId + 1}";
                storage.Result.UploadObject("deep-castle-261418-user-photo-bucket", photoName,
                                            MediaTypeNames.Image.Jpeg, file, null);

                candidacy.PhotoPath = photoName;
                candidacyRepository.Edit(candidacy);

                return(Ok());
            }

            return(Unauthorized());
        }
        public async Task <IActionResult> Add(int id)
        {
            var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();

            string[] roles   = { "User", "Admin", "SchoolAdmin" };
            var      handler = new JwtSecurityTokenHandler();

            if (RoleService.CheckRoles(token, roles, _userManager))
            {
                var httpRequest = HttpContext.Request;
                var file        = httpRequest.Body;

                //checks the size of file
                var imageHandler = new ImageSecurityHandler();
                if (!imageHandler.CheckFileSize(httpRequest.ContentLength.Value))
                {
                    _logger.LogInformation($"size is {httpRequest.ContentLength}");
                    return(BadRequest("Photo must be between 5KB and 5MB"));
                }
                //checks the format of file
                if (!imageHandler.CheckFileFormat(httpRequest.ContentType))
                {
                    _logger.LogInformation($"file format is {httpRequest.ContentType}");
                    return(BadRequest("Wrong file format"));
                }

                var sub = handler.ReadJwtToken(token).Payload.Sub;

                var credentials =
                    GoogleCredential.FromFile(
                        PathHelper.GetCredentialsPath());
                var storage = StorageClient.CreateAsync(credentials);

                var lastId = 0;
                if (storage.Result
                    .ListObjects("deep-castle-261418-survey-photo-bucket")
                    .Select(x => x.Name)
                    .Count(x => x.Contains(sub)) > 0)
                {
                    lastId = int.Parse(storage.Result
                                       .ListObjects("deep-castle-261418-survey-photo-bucket")
                                       .Select(x => x.Name).Last(x => x.Contains(sub))
                                       .Split("-").Last());
                }

                var surveyRepo = new SurveyRepository();

                if (!surveyRepo.GetAll().Select(x => x.Id).Contains(id))
                {
                    return(BadRequest($"Survey doesnt with {id} exsit"));
                }

                var detailsRepo = new UserDetailsRepository();
                var detailsId   = detailsRepo.GetByUserId(sub).Id;

                if (surveyRepo.GetAll().First(x => x.Id == id).AuthorId != detailsId)
                {
                    return(BadRequest("You dont have rights to edit that survey"));
                }

                var survey    = surveyRepo.GetById(id);
                var photoPath = $"{sub}-{survey.Id}-surveyPhoto-{lastId + 1}";
                storage.Result.UploadObject("deep-castle-261418-survey-photo-bucket", photoPath,
                                            MediaTypeNames.Image.Jpeg, file, null);


                survey.PhotoPath = photoPath;
                surveyRepo.Edit(survey);

                return(Ok());
            }

            return(Unauthorized());
        }