public IHttpActionResult GetLesson(int id)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null)
{
return(Unauthorized());
}
Lesson lesson = db.Lessons.Find(id);
if (lesson == null)
{
return(NotFound());
}
if (lesson.Assignment == null || lesson.Assignment.Course == null)
{
return(InternalServerError());
}
string accessRole = auth.GetAccessRole(authorizedUser, lesson);
if (accessRole == null || accessRole.Equals("Student"))
{
return(Unauthorized());
}
return(Ok(new LessonDetailDTO(lesson)));
}
public IHttpActionResult PutAssignment(int id, AssignmentDetailTeacherDTO assignmentDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Assignment assignment = db.Assignments.Find(id);
if (assignmentDTO == null || assignment == null || assignment.Course == null || !ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Course course = assignment.Course;
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
if (!assignmentDTO.Validate(assignment, null))
{
return(BadRequest());
}
assignmentDTO.Update(assignment, null);
string error = db.Update(assignment, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignment.Id));
}
public IHttpActionResult DeleteLesson(int id)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null)
{
return(Unauthorized());
}
Lesson lesson = db.Lessons.Find(id);
if (lesson == null)
{
return(NotFound());
}
if (lesson.Assignment == null || lesson.Assignment.Course == null)
{
return(BadRequest());
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, lesson)))
{
return(Unauthorized());
}
int assignmentId = lesson.Assignment.Id;
string error = db.Update(lesson, Deleted);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignmentId));
}
public IHttpActionResult DeleteCourse(int id)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null)
{
return(Unauthorized());
}
Course course = db.Courses.Find(id);
if (course == null)
{
return(NotFound());
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
string error = db.Update(course, Deleted);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Users/" + authorizedUser.Id));
}
public IHttpActionResult GetAssignment(int id)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null)
{
return(Unauthorized());
}
Assignment assignment = db.Assignments.Find(id);
if (assignment == null)
{
return(NotFound());
}
if (assignment.Course == null)
{
return(InternalServerError());
}
string accessRole = auth.GetAccessRole(authorizedUser, assignment);
if (accessRole == null)
{
accessRole = "Student";
}
if (accessRole.Equals("Student"))
{
return(Ok(new AssignmentDetailStudentDTO(assignment, authorizedUser.GetStudent(), null)));
}
else
{
Tutor tutor = accessRole.Equals("Teacher") ? null : authorizedUser.GetTutor();
return(Ok(new AssignmentDetailTeacherDTO(assignment, authorizedUser.GetStudent(), tutor, authorizedUser.GetTeacher())));
}
}
public IHttpActionResult PostTask(TaskDetailDTO taskDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Assignment assignment = db.Assignments.Find(taskDTO.NewAssignmentId);
if (!ModelState.IsValid || assignment == null || assignment.Course == null ||
!taskDTO.Validate(null, assignment))
{
return(BadRequest());
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, assignment.Course)))
{
return(Unauthorized());
}
Task task = taskDTO.Create();
string error = db.Update(task, Added);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + assignment.Id));
}
public IHttpActionResult GetGroup(int id)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null)
{
return(Unauthorized());
}
Group group = db.Groups.Find(id);
if (group == null)
{
return(NotFound());
}
if (group.Lesson == null || group.Lesson.Assignment == null || group.Lesson.Assignment.Course == null)
{
return(InternalServerError());
}
string accessRole = auth.GetAccessRole(authorizedUser, group);
if (accessRole == null || accessRole.Equals("Student"))
{
return(Unauthorized());
}
return(Ok(new GroupDetailTeacherDTO(group)));
}
public IHttpActionResult PostAssignment(AssignmentDetailTeacherDTO assignmentDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Course course = db.Courses.Find(assignmentDTO.NewCourseId);
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
Assignment derived = null;
if (assignmentDTO.NewIsDerived)
{
if (assignmentDTO.NewDerivedFromName == null)
{
return(BadRequest());
}
foreach (Assignment otherAssignment in course.Assignments)
{
if (assignmentDTO.NewDerivedFromName.Equals(otherAssignment.Name))
{
derived = otherAssignment;
break;
}
}
if (derived == null)
{
return(BadRequest());
}
}
if (!ModelState.IsValid || course == null || !assignmentDTO.Validate(null, derived))
{
return(BadRequest());
}
ICollection <object> objects = assignmentDTO.Create(derived);
string error = db.UpdateAll(objects, Added);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id));
}
public IHttpActionResult PutGroup(int id, GroupDetailTeacherDTO groupDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || (authorizedUser.GetTeacher() == null && authorizedUser.GetTutor() == null))
{
return(Unauthorized());
}
Group group = db.Groups.Find(id);
if (groupDTO == null || group == null || group.Lesson == null || group.Lesson.Assignment == null ||
group.Lesson.Assignment.Course == null || !ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Course course = group.Lesson.Assignment.Course;
bool isTeacher;
if (!group.IsFinal)
{
if (authorizedUser.GetTutor() == null || !authorizedUser.GetTutor().Equals(group.Lesson.Tutor))
{
return(Unauthorized());
}
isTeacher = false;
}
else
{
if (authorizedUser.GetTeacher() == null || !"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
isTeacher = true;
}
if (!groupDTO.Validate(group, isTeacher))
{
return(BadRequest());
}
groupDTO.Update(group);
string error = db.Update(group, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Groups/" + id));
}
public IHttpActionResult DeleteGradingScheme(int id)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
GradingScheme scheme = db.GradingSchemes.Find(id);
if (scheme == null)
{
return(NotFound());
}
bool authorized = scheme.Courses.Count == 0;
if (!authorized)
{
foreach (Course course in scheme.Courses)
{
if ("Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
authorized = true;
break;
}
}
}
if (!authorized)
{
return(Unauthorized());
}
ICollection <object> entities = new HashSet <object>();
foreach (Grade grade in scheme.Grades)
{
entities.Add(grade);
}
entities.Add(scheme);
string error = db.UpdateAll(entities, Deleted);
if (error != null)
{
return(BadRequest(error));
}
return(StatusCode(HttpStatusCode.NoContent));
}
public IHttpActionResult PutLesson(int id, LessonDetailDTO lessonDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Lesson lesson = db.Lessons.Find(id);
if (lessonDTO == null || lesson == null || lesson.Assignment == null || lesson.Assignment.Course == null ||
!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, lesson)))
{
return(Unauthorized());
}
Tutor tutor = null;
if (lessonDTO.NewTutorIdentifier != null)
{
User user = auth.GetUserByIdentifier(lessonDTO.NewTutorIdentifier);
if (user == null && user.GetTutor() == null)
{
return(BadRequest());
}
tutor = user.GetTutor();
}
if (!lessonDTO.Validate(lesson, null, tutor))
{
return(BadRequest());
}
lessonDTO.Update(lesson, tutor);
string error = db.Update(lesson, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + lesson.Assignment.Id));
}
public IHttpActionResult PutCourse(int id, CourseDetailDTO courseDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null)
{
return(Unauthorized());
}
Course course = db.Courses.Find(id);
if (courseDTO == null || course == null || !ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, course)))
{
return(Unauthorized());
}
if (courseDTO.NewGradingSchemeName != null)
{
foreach (GradingScheme scheme in db.GradingSchemes)
{
if (courseDTO.NewGradingSchemeName.Equals(scheme.Name))
{
course.GradingSchemeId = scheme.Id;
break;
}
}
}
if (!courseDTO.Validate(course))
{
return(BadRequest());
}
courseDTO.Update(course);
string error = db.Update(course, Modified);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Courses/" + course.Id));
}
public IHttpActionResult PostLesson(LessonDetailDTO lessonDTO)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null || authorizedUser.GetTeacher() == null)
{
return(Unauthorized());
}
Assignment assignment = db.Assignments.Find(lessonDTO.NewAssignmentId);
if (lessonDTO.NewTutorIdentifier == null || assignment == null || assignment.Course == null)
{
return(BadRequest());
}
if (!"Teacher".Equals(auth.GetAccessRole(authorizedUser, assignment)))
{
return(Unauthorized());
}
User user = auth.GetUserByIdentifier(lessonDTO.NewTutorIdentifier);
if (user == null && user.GetTutor() == null)
{
return(BadRequest());
}
Tutor tutor = user.GetTutor();
if (!ModelState.IsValid || !lessonDTO.Validate(null, assignment, tutor))
{
return(BadRequest());
}
Lesson lesson = lessonDTO.Create(tutor);
string error = db.Update(lesson, Added);
if (error != null)
{
return(BadRequest(error));
}
return(Redirect("https://" + Request.RequestUri.Host + ":" + Request.RequestUri.Port + "/Assignments/" + lesson.Assignment.Id));
}
public IHttpActionResult GetCourse(int id)
{
Authorize auth = new Authorize();
User authorizedUser = auth.GetAuthorizedUser(Request.Headers.GetCookies("user").FirstOrDefault());
if (authorizedUser == null)
{
return(Unauthorized());
}
Course course = db.Courses.Find(id);
if (course == null)
{
return(NotFound());
}
string accessRole = auth.GetAccessRole(authorizedUser, course);
if (accessRole == null)
{
return(Ok(new CourseListDTO(course)));
}
return(Ok(new CourseDetailDTO(course, authorizedUser.GetStudent(), authorizedUser.GetTutor(),
authorizedUser.GetTeacher(), db.GradingSchemes.ToList())));
}
