public void EditStudentProfile(int accountId, UserProfileDTO newUserProfileInfo) { Account accountToEdit = _userManagementServices.FindById(accountId); Student studentToEdit = _userManagementServices.FindStudentById(accountId); if (accountToEdit == null) { throw new AccountNotFoundException(); } if (studentToEdit == null) { throw new NotAStudentException(); } accountToEdit.FirstName = newUserProfileInfo.FirstName; accountToEdit.MiddleName = newUserProfileInfo.MiddleName; accountToEdit.LastName = newUserProfileInfo.LastName; accountToEdit.LogTelemetry = newUserProfileInfo.AllowTelemetry; ISchoolRegistrationService schoolRegistrationServices = new SchoolRegistrationService(this._DbContext); Department department = schoolRegistrationServices.FindDepartment( newUserProfileInfo.DepartmentName ); if (department == null) { throw new DepartmentNotFoundException(); } studentToEdit.SchoolDepartmentId = department.Id; // TODO allow telemetry _userManagementServices.UpdateUser(accountToEdit); _userManagementServices.UpdateStudent(studentToEdit); this._DbContext.SaveChanges(); }
public IHttpActionResult Post(RegistrationData registrationData) { SecurityContext securityContext = SecurityContextBuilder.CreateSecurityContext( Request.Headers ); if (securityContext == null) { return(Unauthorized()); } SessionManager sm = new SessionManager(); if (!sm.ValidateSession(securityContext.Token)) { return(Unauthorized()); } AuthorizationManager authorizationManager = new AuthorizationManager( securityContext ); // TODO get this from table in database. List <string> requiredClaims = new List <string>() { "CanRegister" }; if (!authorizationManager.CheckClaims(requiredClaims)) { return(Unauthorized()); } else { UserManager um = new UserManager(); Account user = um.FindByUserName(securityContext.UserName); if (user == null) { return(NotFound()); } user.FirstName = registrationData.FirstName; user.MiddleName = registrationData.MiddleName; user.LastName = registrationData.LastName; // User is a student if (registrationData.SchoolId > 0) { using (var _db = new DatabaseContext()) { ISchoolRegistrationService srs = new SchoolRegistrationService(_db); var school = srs.FindSchool(registrationData.SchoolId); var domainIndex = user.UserName.IndexOf('@'); if (school.EmailDomain.Equals(user.UserName.Substring(domainIndex + 1))) { var schoolDepartment = srs.FindSchoolDepartment(registrationData.SchoolId, registrationData.DepartmentId); Student student = new Student(user.Id, schoolDepartment.Id); var selectedCourses = srs.GetSchoolTeacherCourses(registrationData.selectedCourseIds); student.Courses = selectedCourses; user.Students.Add(student); } else { return(BadRequest("User's Email Does Not Match School's Email Domain")); } } } // TODO test this. user.DateOfBirth = registrationData.DateOfBirth; um.UpdateUserAccount(user); if (registrationData.SchoolId > 0) { um.SetCategory(user.Id, "Student"); } else { um.SetCategory(user.Id, "NonStudent"); } um.RemoveClaimAction(user.Id, "CanRegister"); um.AutomaticClaimAssigning(user); string updatedToken = sm.RefreshSessionUpdatedPayload( securityContext.Token, securityContext.UserId ); Dictionary <string, string> responseContent = new Dictionary <string, string>() { { "SITtoken", updatedToken } }; return(Ok(responseContent)); } }