public async Task <IActionResult> Create(BagViewModel model)
{
if (ModelState.IsValid)
{
model.Bag.ImagePath = "";
if (model.ImageFile != null)
{
var file = model.ImageFile;
var fileName = ContentDispositionHeaderValue.Parse(file.ContentDisposition).FileName.Trim('"'); // FileName returns "fileName.ext"(with double quotes)
if (fileName.EndsWith(".jpg")) // Important for security
{
var filePath = Path.Combine(_hostingEnvironment.WebRootPath, "uploads", fileName);
using (var fileStream = new FileStream(filePath, FileMode.Create))
{
await file.CopyToAsync(fileStream);
}
model.Bag.ImagePath = fileName;
}
}
_context.Add(model.Bag);
await _context.SaveChangesAsync();
return(RedirectToAction("Index"));
}
ViewData["CategoryID"] = new SelectList(_context.Categories, "ID", "ID", model.Bag.CategoryID);
ViewData["SupplierID"] = new SelectList(_context.Suppliers, "ID", "ID", model.Bag.SupplierID);
return(View(model));
}
public async Task <IActionResult> SetUserData([FromBody] Poco.User.SyncData syncData)
{
var user = await _userManager.GetUserAsync(User);
var userId = new Guid(user.Id);
if (syncData.People.Any() && (syncData.People.First().Id != userId))
{
return(BadRequest("Non-matching user id."));
}
if (syncData.Locations.Any(l => l.PersonId != userId))
{
return(BadRequest("Can't edit data with non-matching user."));
}
// These two requre a db query to make sure they have valid locations (owned by them).
if (syncData.Devices.Any() || syncData.CropCycles.Any() || syncData.Sensors.Any())
{
var existingLocations = await _db.Locations.Where(l => l.PersonId == userId).ToListAsync();
// The personId on the syncData locations has been checked already, new locations sent are valid too.
var existingLocationIds = existingLocations.Concat(existingLocations).Select(l => l.Id).ToList();
if (!syncData.Devices.All(d => existingLocationIds.Contains(d.LocationId)) ||
!syncData.CropCycles.All(c => existingLocationIds.Contains(c.LocationId)))
{
return(BadRequest("Can't edit data with non-matching user."));
}
if (syncData.Sensors.Any())
{
var validDeviceIds = (await _db.Devices.Where(d => existingLocationIds.Contains(d.LocationId))
.Select(d => d.Id).ToListAsync())
.Concat(syncData.Devices.Select(d => d.Id));
if (!syncData.Sensors.All(s => validDeviceIds.Contains(s.DeviceId)))
{
return(BadRequest("Can't edit data with non-matching user."));
}
}
}
// The updatedAt times are automatically set by savechanges.
await _db.People.AddOrUpdateRange(syncData.People, (a, b) => a.Id == b.Id);
await _db.Locations.AddOrUpdateRange(syncData.Locations, (a, b) => a.Id == b.Id);
await _db.Devices.AddOrUpdateRange(syncData.Devices, (a, b) => a.Id == b.Id);
await _db.CropCycles.AddOrUpdateRange(syncData.CropCycles, (a, b) => a.Id == b.Id);
await _db.Sensors.AddOrUpdateRange(syncData.Sensors, (a, b) => a.Id == b.Id);
await _db.SaveChangesAsync();
return(new OkResult());
}
public async Task <IActionResult> Create([Bind("ID,Name,Phone,Email")] Supplier supplier)
{
if (ModelState.IsValid)
{
_context.Add(supplier);
await _context.SaveChangesAsync();
return(RedirectToAction("Index"));
}
return(View(supplier));
}
public async Task <IActionResult> Create([Bind("ID,Name")] Category category)
{
if (ModelState.IsValid)
{
_context.Add(category);
await _context.SaveChangesAsync();
return(RedirectToAction("Index"));
}
return(View(category));
}
/// <summary>Creates a Person in the DB. The Person object has no knowledge of ASP.Net Identity. The Person's Guid will be
/// the same as the ID of the IdentityUser's Id, which is a Guid stored as a string.</summary>
/// <param name="userGuid">The guid that the identity system will use to refer to this Person.</param>
/// <param name="db">The databse context.</param>
/// <returns>Awaitable, waiting the save on the database.</returns>
private async Task CreatePerson(Guid userGuid, QbDbContext db)
{
// The update and create dates are auto-initialised.
var person = new Person
{
Id = userGuid
};
db.People.Add(person);
await db.SaveChangesAsync();
}