public HttpResponseMessage Get([FromUri] int currentPage = 1, [FromUri] int pageSize = 0, [FromUri] string query = "", [FromUri] string sort = "")
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.ACCOUNT_VIEW_LIST);
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
var userId = Convert.ToInt32(payload["id"]);
var isAuthorized = _authorizationService.Authorize(userId);
if (isAuthorized)
{
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
var sortQ = new List <string>();
sortQ = sort.Split(',').ToList();
responseData.data = _accountService.GetAccountList(query, pageSize, currentPage, sortQ);
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
}
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage Detail([FromUri] int id)
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.TASK_VIEW);
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
var userId = payload["id"];
var isAuthorized = _authorizationService.Authorize(Convert.ToInt32(userId));
if (isAuthorized)
{
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
responseData.data = _taskTemplateService.GetTask(id);
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
}
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage Get(string query = "")
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
var tags = _tagService.GetTagList(query);
responseData.data = tags;
}
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage AddContacts([FromUri] int id, [FromBody] AccountAddContactApiModel contact)
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
//AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.LEAD_MODIFY);
//read jwt
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
var userId = Convert.ToInt32(payload["id"]);
var owner = _accountService.FindOwnerId(id);
var collaborator = _accountService.FindCollaboratorId(id);
if ((userId == owner) || (userId == collaborator) || (new AuthorizationService().SetPerm((int)EnumPermissions.ACCOUNT_DELETE).Authorize(userId)))
{
var isAdded = _accountService.AddContact(id, contact.id);
if (isAdded)
{
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
responseData.message = SuccessMessages.CONTACT_ADDED;
}
else
{
response.StatusCode = HttpStatusCode.InternalServerError;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.SOMETHING_WRONG;
}
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
}
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage CreateNote([FromUri] int id)
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.NOTE_CREATE);
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
var userId = Convert.ToInt32(payload["id"]);
var isAuthorized = _authorizationService.Authorize(userId);
if (isAuthorized)
{
string noteBody = HttpContext.Current.Request.Form["body"];
if (!string.IsNullOrEmpty(noteBody))
{
//create a note
NoteApiModel apiModel = new NoteApiModel();
apiModel.body = noteBody;
apiModel.createdBy = new UserLinkApiModel()
{
id = userId
};
apiModel.account = id;
var createdNote = _noteService.Create(apiModel);
//create files and link them to note
if (HttpContext.Current.Request.Files.Count > 0)
{
var allFiles = HttpContext.Current.Request.Files;
foreach (string fileName in allFiles)
{
HttpPostedFile uploadedFile = allFiles[fileName];
FileManager.File file = new FileManager.File(uploadedFile);
_noteService.AddFile(createdNote, file);
}
}
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
responseData.message = SuccessMessages.NOTE_ADDED;
}
else
{
response.StatusCode = HttpStatusCode.BadRequest;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.NOTE_EMPTY;
}
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
}
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage Delete([FromUri] int id)
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
//AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.LEAD_MODIFY);
//read jwt
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
var userId = Convert.ToInt32(payload["id"]);
var owner = _taskTemplateService.GetTaskOwner(id);
if ((userId == owner) || (new AuthorizationService().SetPerm((int)EnumPermissions.TASK_DELETE_ANY).Authorize(userId)))
{
var isRemoved = _taskTemplateService.DeleteTask(id);
if (isRemoved)
{
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
responseData.message = SuccessMessages.TASK_DELETED;
}
else
{
response.StatusCode = HttpStatusCode.InternalServerError;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.SOMETHING_WRONG;
}
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
}
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage ChangeAvatar([FromUri] int id)
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
//read jwt
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
var userId = Convert.ToInt32(payload["id"]);
//if user is owner
var owner = _contactService.FindOwnerId(id);
var collaborator = _contactService.FindCollaboratorId(id);
if ((userId == owner) || (userId == collaborator) || (new AuthorizationService().SetPerm((int)EnumPermissions.CONTACT_DELETE).Authorize(userId)))
{
if (HttpContext.Current.Request.Files.Count > 0)
{
var uploadedFile = HttpContext.Current.Request.Files[0];
var isChanged = _contactService.ChangeAvatar(id, uploadedFile);
if (isChanged)
{
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
responseData.message = SuccessMessages.AVATAR_CHANGED;
}
else
{
response.StatusCode = HttpStatusCode.InternalServerError;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.SOMETHING_WRONG;
}
}
else
{
response.StatusCode = HttpStatusCode.BadRequest;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.INVALID_BODY;
}
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
}
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage ValidateCode([FromBody] ResetPasswordApiModel apiModel)
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
if (apiModel == null)
{
response.StatusCode = HttpStatusCode.BadRequest;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.INVALID_KEY;
}
else
{
//validate the key sent
if (string.IsNullOrEmpty(apiModel.key) || string.IsNullOrEmpty(apiModel.newPassword))
{
response.StatusCode = HttpStatusCode.BadRequest;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.INVALID_KEY;
}
else
{
var payload = JwtTokenManager.ValidateJwtToken(apiModel.key);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
//decode key for field "validationCode" and "email"
var userEmail = Convert.ToString(payload["email"]);
var userCode = Convert.ToString(payload["validationCode"]);
//find user with email, if validation code is the same, hash password and save it to db
var dbUser = db.USERs.Where(c => c.Email == userEmail).FirstOrDefault();
if (dbUser != null)
{
if (dbUser.RememberMeToken == userCode)
{
//hash user password
dbUser.Hash = _hashManager.Hash(apiModel.newPassword);
db.SaveChanges();
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
responseData.message = SuccessMessages.PASSWORD_RESET;
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.INVALID_KEY;
}
}
else
{
response.StatusCode = HttpStatusCode.NotFound;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.USER_NOT_FOUND;
}
}
}
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage ViewSaleDashboard()
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.DEAL_VIEW_LIST);
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
var userId = payload["id"];
var isAuthorized = _authorizationService.Authorize(Convert.ToInt32(userId));
if (isAuthorized)
{
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
var deals = db.DEALs.ToList();
DashboardApiModel apiModel = new DashboardApiModel();
apiModel.stages = new List <DashboardApiModel.S>();
var qualified = new DashboardApiModel.S();
var valueProposition = new DashboardApiModel.S();
var findKeyContacts = new DashboardApiModel.S();
var sendProposal = new DashboardApiModel.S();
var review = new DashboardApiModel.S();
var negotiate = new DashboardApiModel.S();
var won = new DashboardApiModel.S();
var lost = new DashboardApiModel.S();
var qualifiedStage = db.STAGEs.Find((int)EnumStage.QUALIFIED);
var valuePropositionStage = db.STAGEs.Find((int)EnumStage.VALUE_PROPOSITION);
var findKeyContactsStage = db.STAGEs.Find((int)EnumStage.FIND_KEY_CONTACTS);
var sendProposalStage = db.STAGEs.Find((int)EnumStage.SEND_PROPOSAL);
var reviewStage = db.STAGEs.Find((int)EnumStage.REVIEW);
var negotiateStage = db.STAGEs.Find((int)EnumStage.NEGOTIATE);
var wonStage = db.STAGEs.Find((int)EnumStage.WON);
var lostStage = db.STAGEs.Find((int)EnumStage.LOST);
#region stages
//qualified
qualified.stageID = qualifiedStage.ID;
qualified.stageName = qualifiedStage.Name;
qualified.probability = qualifiedStage.Probability.Value;
//value proposition
valueProposition.stageID = valuePropositionStage.ID;
valueProposition.stageName = valuePropositionStage.Name;
valueProposition.probability = valuePropositionStage.Probability.Value;
//find key contacts
findKeyContacts.stageID = findKeyContactsStage.ID;
findKeyContacts.stageName = findKeyContactsStage.Name;
findKeyContacts.probability = findKeyContactsStage.Probability.Value;
//send proposal
sendProposal.stageID = sendProposalStage.ID;
sendProposal.stageName = sendProposalStage.Name;
sendProposal.probability = sendProposalStage.Probability.Value;
//review
review.stageID = reviewStage.ID;
review.stageName = reviewStage.Name;
review.probability = reviewStage.Probability.Value;
//negotiate
negotiate.stageID = negotiateStage.ID;
negotiate.stageName = negotiateStage.Name;
negotiate.probability = negotiateStage.Probability.Value;
//won
won.stageID = wonStage.ID;
won.stageName = wonStage.Name;
won.probability = wonStage.Probability.Value;
//lost
lost.stageID = lostStage.ID;
lost.stageName = lostStage.Name;
lost.probability = lostStage.Probability.Value;
#endregion
foreach (var deal in deals)
{
var d = new DashboardApiModel.D();
d.dealID = deal.ID;
d.dealName = deal.Name;
d.ownerID = deal.Owner.ID;
d.ownerUsername = deal.Owner.Username;
d.accountID = deal.ACCOUNT != null ? deal.ACCOUNT.ID : 0;
d.accountName = deal.ACCOUNT != null ? deal.ACCOUNT.Name : "";
d.expectedRevenue = deal.ExpectedRevenue.HasValue ? deal.ExpectedRevenue.Value : 0;
d.priority = deal.PRIORITY != null ? deal.PRIORITY.Name : "";
foreach (var tag in deal.TAG_ITEM)
{
var t = new DashboardApiModel.T();
t.tagID = tag.TAG.ID;
t.tagName = tag.TAG.Name;
d.tags.Add(t);
}
var history = deal.STAGE_HISTORY.OrderByDescending(sh => sh.ModifiedAt).Take(1);
if (history.Count() != 0)
{
var stage = history.Select(c => c.STAGE_ID).First();
if (stage == (int)EnumStage.QUALIFIED)
{
qualified.deals.Add(d);
}
if (stage == (int)EnumStage.VALUE_PROPOSITION)
{
valueProposition.deals.Add(d);
}
if (stage == (int)EnumStage.FIND_KEY_CONTACTS)
{
findKeyContacts.deals.Add(d);
}
if (stage == (int)EnumStage.SEND_PROPOSAL)
{
sendProposal.deals.Add(d);
}
if (stage == (int)EnumStage.REVIEW)
{
review.deals.Add(d);
}
if (stage == (int)EnumStage.NEGOTIATE)
{
negotiate.deals.Add(d);
}
if (stage == (int)EnumStage.WON)
{
won.deals.Add(d);
}
if (stage == (int)EnumStage.LOST)
{
lost.deals.Add(d);
}
}
}
apiModel.stages.AddRange(new List <DashboardApiModel.S>()
{
qualified, valueProposition, findKeyContacts, sendProposal, review, negotiate, won, lost
});
responseData.data = apiModel;
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
}
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage AddTag([FromUri] int id, [FromBody] TagCreateApiModel tag)
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
//AuthorizationService _authorizationService = new AuthorizationService().SetPerm((int)EnumPermissions.LEAD_MODIFY);
//read jwt
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
var userId = Convert.ToInt32(payload["id"]);
var owner = _leadService.FindOwnerId(id);
if ((userId == owner) || (new AuthorizationService().SetPerm((int)EnumPermissions.LEAD_DELETE).Authorize(userId)))
{
//check if a tag exist
//if it is, create a tag item with current lead
// else create a new tag and a new tag item
var isAdded = _leadService.AddTag(id, tag.name);
if (isAdded)
{
response.StatusCode = HttpStatusCode.OK;
responseData = ResponseFormat.Success;
responseData.message = SuccessMessages.TAG_ADDED;
}
else
{
response.StatusCode = HttpStatusCode.InternalServerError;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.SOMETHING_WRONG;
}
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
}
}
else
{
response.StatusCode = HttpStatusCode.Unauthorized;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
public HttpResponseMessage SuccessedResponse(int id)
{
var response = new HttpResponseMessage();
ResponseFormat responseData = new ResponseFormat();
IEnumerable <string> headerValues;
if (Request.Headers.TryGetValues("Authorization", out headerValues))
{
string jwt = headerValues.FirstOrDefault();
//validate jwt
var payload = JwtTokenManager.ValidateJwtToken(jwt);
if (payload.ContainsKey("error"))
{
if ((string)payload["error"] == ErrorMessages.TOKEN_EXPIRED)
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_EXPIRED;
}
if ((string)payload["error"] == ErrorMessages.TOKEN_INVALID)
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.TOKEN_INVALID;
}
}
else
{
var userId = Convert.ToInt32(payload["id"]);
if ((id == userId && new AuthorizationService().SetPerm((int)EnumPermissions.USER_MODIFY_SELF).Authorize(userId)) || (id != userId && new AuthorizationService().SetPerm((int)EnumPermissions.USER_VIEW).Authorize(userId)))
{
var dbUser = db.USERs.Find(id);
if (dbUser != null)
{
}
else
{
response.StatusCode = HttpStatusCode.Gone;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.USER_NOT_FOUND;
}
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
}
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
responseData = ResponseFormat.Fail;
responseData.message = ErrorMessages.UNAUTHORIZED;
}
var json = JsonConvert.SerializeObject(responseData);
response.Content = new StringContent(json, Encoding.UTF8, "application/json");
return(response);
}
