public HttpResponseMessage RegisterUser(UserRegisterModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
UserDataPersister.ValidateUsername(model.Username);
UserDataPersister.ValidateNickname(model.DisplayName);
UserDataPersister.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var displayNameToLower = model.DisplayName.ToLower();
var users = context.Users;
var user = users.FirstOrDefault(usr => usr.Username == usernameToLower || usr.DisplayName.ToLower() == displayNameToLower);
var role = context.Roles.FirstOrDefault(r => r.Name == "user");
if (role == null)
{
role = new Role
{
Name = "user"
};
}
if (user != null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
var newUser = new User
{
Username = usernameToLower,
DisplayName = model.DisplayName,
AuthCode = model.AuthCode,
Role = role
};
var userInDb = context.Users.Add(newUser);
context.SaveChanges();
userInDb.SessionKey = UserDataPersister.GenerateSessionKey(userInDb.Id);
context.SaveChanges();
var loggedModel = new UserLoggedModel
{
DisplayName = userInDb.DisplayName,
SessionKey = userInDb.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = userInDb.Id }));
return(response);
});
return(responseMsg);
}
public HttpResponseMessage ChangeRole(int userId, string role)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
var users = context.Users;
var user = users.FirstOrDefault(usr => usr.Id == userId);
if (user == null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
var selectedRole = context.Roles.FirstOrDefault(r => r.Name == role);
if (selectedRole == null)
{
selectedRole = new Role
{
Name = role
};
context.Roles.Add(selectedRole);
context.SaveChanges();
}
user.Role = selectedRole;
var response = this.Request.CreateResponse(HttpStatusCode.OK);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage CreateRole(CreateRoleModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
var roles = context.Roles;
var role = roles.FirstOrDefault(r => r.Name == model.Name);
if (role == null)
{
role = new Role
{
Name = model.Name
};
}
else
{
throw new Exception();
}
context.Roles.Add(role);
context.SaveChanges();
var response = this.Request.CreateResponse(HttpStatusCode.Created, role);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage AddAutoPart(
[ValueProvider(typeof(HeaderValueProviderFactory <string>))] string sessionKey, AutoPartAddModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
var users = context.Users;
var user = users.FirstOrDefault(
usr => usr.SessionKey == sessionKey);
if (user.Role.Name != "admin")
{
throw new InvalidOperationException("You don't have permission to add auto parts.");
}
var morgue = context.Morgues.Where(m => m.Name == model.Morgue).FirstOrDefault();
if (morgue == null)
{
throw new InvalidOperationException();
}
var cat = context.Categories.FirstOrDefault(c => c.Name == model.Name);
if (cat == null)
{
cat = new Category
{
Name = model.Category
};
}
var newAutoPart = new AutoPart
{
Name = model.Name,
Price = model.Price,
Quantity = model.Quantity,
Morgue = morgue,
Category = cat
};
context.AutoParts.Add(newAutoPart);
context.SaveChanges();
var createdModel = new CreatedAutoPartModel
{
Name = newAutoPart.Name
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, createdModel);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = newAutoPart.Id }));
return(response);
});
return(responseMsg);
}
public HttpResponseMessage LogoutUser(
[ValueProvider(typeof(HeaderValueProviderFactory <string>))] string sessionKey)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
var users = context.Users;
var user = users.FirstOrDefault(
usr => usr.SessionKey == sessionKey);
if (user == null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
user.SessionKey = null;
context.SaveChanges();
var probUser = new UserLoginModel()
{
AuthCode = "10a81501e9a609a425db71c9a59be60dabbeea86",
Username = "******"
};
var response = this.Request.CreateResponse(HttpStatusCode.OK,
probUser);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage SaleAutoPart(AutoPartSaleModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
//TODO: Validate Data
//UserDataPersister.ValidateUsername(model.Name);
//UserDataPersister.ValidateNickname(model.Location);
//UserDataPersister.ValidateAuthCode(model.PhoneNumber);
var curAutoPart = context.AutoParts.Where(a => a.Id == model.Id).FirstOrDefault();
curAutoPart.Quantity = model.Quantity;
context.SaveChanges();
var autoPartModel = new ReturnedAutoPartModel
{
Id = curAutoPart.Id,
Name = curAutoPart.Name,
MorgueName = curAutoPart.Morgue.Name,
Price = curAutoPart.Price,
Quantity = curAutoPart.Quantity,
Category = curAutoPart.Category.Name
};
var response = this.Request.CreateResponse(HttpStatusCode.OK, autoPartModel);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage UpdateAutoPart(
[ValueProvider(typeof(HeaderValueProviderFactory <string>))] string sessionKey, AutoPartUpdateModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
var users = context.Users;
var user = users.FirstOrDefault(
usr => usr.SessionKey == sessionKey);
if (user.Role.Name != "admin")
{
throw new InvalidOperationException("You don't have permission to edit auto parts.");
}
var curAutoPart = context.AutoParts.Where(a => a.Id == model.Id).FirstOrDefault();
if (curAutoPart.Name != model.Name)
{
curAutoPart.Name = model.Name;
}
if (curAutoPart.Price != model.Price)
{
curAutoPart.Price = model.Price;
}
if (curAutoPart.Quantity != model.Quantity)
{
curAutoPart.Quantity = model.Quantity;
}
context.SaveChanges();
var autoPartModel = new ReturnedAutoPartModel
{
Id = curAutoPart.Id,
Name = curAutoPart.Name,
MorgueName = curAutoPart.Morgue.Name,
Price = curAutoPart.Price,
Quantity = curAutoPart.Quantity,
Category = curAutoPart.Category.Name
};
var response = this.Request.CreateResponse(HttpStatusCode.OK, autoPartModel);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage DeleteUser([ValueProvider(typeof(HeaderValueProviderFactory <string>))] string sessionKey, int userId)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
var users = context.Users;
var admin = users.FirstOrDefault(
usr => usr.SessionKey == sessionKey);
if (admin.Role.Name != "admin")
{
throw new InvalidOperationException("You don't have permission to delete users.");
}
var user = context.Users.FirstOrDefault(u => u.Id == userId);
if (user == null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
if (user.Role.Name == "admin")
{
throw new InvalidOperationException("You can't delete admin users.");
}
context.Users.Remove(user);
context.SaveChanges();
var response = this.Request.CreateResponse(HttpStatusCode.Created, user.Id);
return(response);
});
return(responseMsg);
}
public HttpResponseMessage LoginUser(UserLoginModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
UserDataPersister.ValidateUsername(model.Username);
UserDataPersister.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var users = context.Users;
var user = users.FirstOrDefault(
usr => usr.Username == usernameToLower && usr.AuthCode == model.AuthCode);
if (user == null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
user.SessionKey = UserDataPersister.GenerateSessionKey(user.Id);
context.SaveChanges();
var loggedModel = new UserLoggedModel
{
DisplayName = user.DisplayName,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = user.Id }));
return(response);
});
return(responseMsg);
}
public HttpResponseMessage MakeOrder(MakeOrderModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
var users = context.Users;
var user = users.FirstOrDefault(usr => usr.Id == model.UserId);
var autoParts = context.AutoParts;
var autoPart = autoParts.FirstOrDefault(a => a.Id == model.AutoPartId && a.Quantity >= model.Quantity);
if (user == null || autoPart == null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
var newOrder = new Order
{
AutoPart = autoPart,
User = user,
OrderDate = DateTime.Now
};
autoPart.Quantity -= model.Quantity;
context.Orders.Add(newOrder);
context.SaveChanges();
var response = this.Request.CreateResponse(HttpStatusCode.Created, newOrder.Id);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = newOrder.Id }));
return(response);
});
return(responseMsg);
}
public HttpResponseMessage AddMorgue([ValueProvider(typeof(HeaderValueProviderFactory <string>))] string sessionKey, MorgueAddModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
var users = context.Users;
var user = users.FirstOrDefault(
usr => usr.SessionKey == sessionKey);
if (user.Role.Name != "admin")
{
throw new InvalidOperationException("You don't have permission to add morgues.");
}
var nameToLower = model.Name.ToLower();
var morgues = context.Morgues;
var morgue = morgues.FirstOrDefault(m => m.Name == nameToLower && m.Location.City == model.Location);
if (morgue != null)
{
//TODO: Correct exception message
throw new InvalidOperationException("Morgue with ");
}
Location curLocation;
var locations = context.Locations;
var location = locations.FirstOrDefault(l => l.City == model.Location);
if (location != null)
{
curLocation = location;
}
else
{
curLocation = new Location
{
City = model.Location
};
locations.Add(curLocation);
context.SaveChanges();
}
var newMorgue = new Morgue
{
Name = model.Name,
PhoneNumber = model.PhoneNumber,
Location = curLocation,
WorkTime = model.WorkTime
};
context.Morgues.Add(newMorgue);
context.SaveChanges();
var createdModel = new CreatedMorgueModel
{
Name = newMorgue.Name
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, createdModel);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = newMorgue.Id }));
return(response);
});
return(responseMsg);
}