public IList <TeacherDTOForStudentAndParent> ConvertToTeacherDTOListForStudentAndParent(List <Teacher> teachers)
{
IList <TeacherDTOForStudentAndParent> dtos = new List <TeacherDTOForStudentAndParent>();
foreach (var teacher in teachers)
{
TeacherDTOForStudentAndParent dto = ConvertToTeacherDTOForStudentAndParent(teacher);
dtos.Add(dto);
}
return(dtos);
}
public TeacherDTOForStudentAndParent ConvertToTeacherDTOForStudentAndParent(Teacher x)
{
TeacherDTOForStudentAndParent dto = new TeacherDTOForStudentAndParent
{
Id = x.Id,
UserName = x.UserName,
FirstName = x.FirstName,
LastName = x.LastName,
Email = x.Email,
PhoneNumber = x.PhoneNumber,
Gender = x.Gender,
IsStillWorking = x.IsStillWorking
};
return(dto);
}
public HttpResponseMessage GetTeacherById(string id)
{
string userId = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == "UserId").Value;
string userRole = ((ClaimsPrincipal)RequestContext.Principal).FindFirst(x => x.Type == ClaimTypes.Role).Value;
logger.Info("UserRole: " + userRole + ", UserId: " + userId + ": Requesting Teacher by id: " + id);
try
{
Teacher teacher = teachersService.GetById(id);
if (teacher == null)
{
logger.Info("The teacher with id: " + id + " was not found.");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "The teacher with id: " + id + " was not found."));
}
if (userRole == "admin")
{
logger.Info("Requesting found teacher convert for " + userRole + "role.");
TeacherDTOForAdmin dto = toDTO.ConvertToTeacherDTOForAdmin(teacher, (List <IdentityUserRole>)teacher.Roles);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else if (userRole == "teacher" && teacher.IsStillWorking == true)
{
logger.Info("Requesting found teacher convert for " + userRole + "role.");
TeacherDTOForTeacher dto = toDTO.ConvertToTeacherDTOForTeacher(teacher);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else if (teacher.IsStillWorking == true && (userRole == "student" || userRole == "parent"))
{
logger.Info("Requesting found teacher convert for " + userRole + "role.");
TeacherDTOForStudentAndParent dto = toDTO.ConvertToTeacherDTOForStudentAndParent(teacher);
if (dto == null)
{
logger.Info("Failed!");
return(Request.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong."));
}
logger.Info("Success!");
return(Request.CreateResponse(HttpStatusCode.OK, dto));
}
else //zbog provere teacher.IsStillWorking
{
logger.Info("Authorisation failure. User " + userId + " is not authorised for this request.");
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Access Denied. " +
"We’re sorry, but you are not authorized to perform the requested operation."));
}
}
catch (Exception e)
{
logger.Error(e);
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
}
}
