/// <summary> Edits a job that already exists, according to the truth Table. You can wind back time, we do not check for it. </summary> /// <param name="id">Id of the job you want to alter</param> /// <param name="newTask">Job to be added</param> /// <returns></returns> public async Task <dynamic> Put([FromUri] long id, [FromBody] DTO.TaskDTO newTask) { bool AdvancedEdits = false; long UserId = long.Parse(User.Identity.GetUserId()); bool TimeAdded = false; bool anythingChanged = false; //Check Data integrity HttpResponseMessage responce = Utils.CheckModel(newTask, Request); if (!responce.IsSuccessStatusCode) { return(responce); } TaskDb oldTask = await db.Tasks.Where(f => f.Id == id).Include(f => f.ForField) .Include(f => f.ForField.OnOrganisation).Include(f => f.ForField.OnOrganisation.Bonds).FirstOrDefaultAsync(); if (oldTask == null) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.DoesntExist)); } if (!oldTask.ForField.OnOrganisation.Bonds.Any(p => p.PersonID == newTask.assignedToID)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.PersonNotAvaliable)); } //Setup variables string role = OrganisationsController.FindAndGetRole(oldTask.ForField.OnOrganisation, UserId); TaskManagementRole = BondDb.CanAssignJobsToOthers.Contains(role); TimeAdded = oldTask.TimeTaken < newTask.timeTaken; anythingChanged = AdvancedEdits || TimeAdded || newTask.state != oldTask.State; //Check user's access if (role == BondDb.RoleNone) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.CantView)); } bool[] permission = Permissions.First(p => p[0] == TaskManagementRole && p[1] == AssignedToSelf && p[2] == AssignedBySelf); if (!CheckPermission(TaskManagementRole, UserId, oldTask, newTask)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.PermissionsTooLow)); } if (anythingChanged) { eventLog = JsonConvert.DeserializeObject <List <TaskEvent> >(oldTask.EventLog); oldTask.Name = newTask.name; oldTask.TaskDescription = newTask.taskDescription; oldTask.PayRate = newTask.payRate; oldTask.State = newTask.state; oldTask.DueDate = newTask.dueDate; oldTask.TimeTaken = newTask.timeTaken; oldTask.MarkedDeleted = newTask.markedDeleted; oldTask.AssignedToID = newTask.assignedToID; oldTask.UpdatedOn = DateTime.UtcNow; eventLog.Add(new TaskEvent((DTO.TaskDTO)oldTask, UserId)); oldTask.EventLog = JsonConvert.SerializeObject(eventLog); if (newTask.state == TaskDb.StateFinished) { oldTask.DateFinished = DateTimeOffset.UtcNow; } await db.SaveChangesAsync(); } return(Ok((TaskDTO)oldTask)); }
/// <summary> Creates a job. You can assign a job to yourself, or to staff at this organisation if you role is manager or owner </summary> /// <param name="newJob">Job to be added</param> /// <returns>200 if successfull, and ErrorResponce Otherwise</returns> public async Task <dynamic> Post([FromBody] DTO.TaskDTO newJob) { if (newJob != null) { newJob.oldObject = false; } long UserId = long.Parse(User.Identity.GetUserId()); HttpResponseMessage responce = Utils.CheckModel(newJob, Request); if (!responce.IsSuccessStatusCode) { return(responce); } var theField = await db.Fields.Where(f => f.Id == newJob.forFieldID).Include(f => f.OnOrganisation).Include(f => f.OnOrganisation.Bonds).FirstOrDefaultAsync(); if (theField == null) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.DoesntExist)); } if (!theField.OnOrganisation.Bonds.Any(p => p.PersonID == newJob.assignedToID)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.PersonNotAvaliable)); } string role = OrganisationsController.FindAndGetRole(theField.OnOrganisation, UserId); bool editRights = BondDb.CanAssignJobsToOthers.Contains(role); bool requestAuthorised = false; //Check user's access if (role == BondDb.RoleNone) { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.CantView)); } //Self-create if (newJob.assignedToID == UserId || editRights) { requestAuthorised = true; } TaskDb job = new TaskDb { Name = newJob.name, TaskDescription = newJob.taskDescription, PayRate = newJob.payRate, State = newJob.state, Type = newJob.type, DueDate = newJob.dueDate, EventLog = string.Empty, AssignedByID = UserId, AssignedToID = newJob.assignedToID, ForFieldID = theField.Id, TimeTaken = 0, CreatedOn = DateTime.UtcNow, UpdatedOn = DateTime.UtcNow, MarkedDeleted = false }; eventLog.Add(new TaskEvent((DTO.TaskDTO)job, UserId, "Job crated")); job.EventLog = JsonConvert.SerializeObject(eventLog); if (requestAuthorised) { db.Tasks.Add(job); await db.SaveChangesAsync(); //If it makes sence, send a mesage if (newJob.assignedToID != UserId && newJob.state != TaskDb.StateFinished) { var parties = await db.Users.Where(p => p.Id == newJob.assignedToID || p.Id == UserId).ToArrayAsync(); long phone = parties.First(p => p.Id == newJob.assignedToID).PhoneNumber; string actorName = parties.First(p => p.Id == UserId).FirstName + " " + parties.First(p => p.Id == UserId).LastName; string message = "Hive: " + String.Format("{0} has assigned you a {1} task at the {2} field. For more details, see Tasks in the Hive app on your phone", actorName, newJob.type, theField.Name); SMSService.SendMessage(phone.ToString(), message); //We don;t want to await an SMS, really } return(Ok((DTO.TaskDTO)job)); } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, ErrorResponse.IllegalChanges)); } }