// POST api/calendarapi public HttpResponseMessage Post([FromBody] ScheduleDTO scheduleDTO) { if (ModelState.IsValid) { var recurringCalendarEvent = MapperFacade.MapperConfiguration.Map <ScheduleDTO, Schedule>(scheduleDTO); //recurringCalendarEvent.Id = Guid.NewGuid(); //Assign new ID on save. //Ensure unsupported options are not created if (scheduleDTO.Frequency != 0 && scheduleDTO.Frequency != 1 && scheduleDTO.Frequency != 2) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Frequency not supported. Must be once off (0), Daily (1) or Weekly(2)")); } //Lookup Business and attach, so that no updates or inserts are performed on BusinessType lookup table recurringCalendarEvent.UserProfile = db.UserProfiles.Single(u => u.Email == User.Identity.Name); if (recurringCalendarEvent.UserProfile == null) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Userprofile is null")); } try { db.Schedules.Add(recurringCalendarEvent); db.SaveChanges(); } catch (Exception ex) { var mes = ex.Message; } return(Request.CreateResponse(HttpStatusCode.Created)); } else { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } }
// POST api/calendarapi public HttpResponseMessage Post([FromBody] CalendarEventDTO calendarEventDTO) { if (ModelState.IsValid && calendarEventDTO.StartTime >= DateTime.Now.AddHours(-1) && //Ensure entry is a valid start date and finish date calendarEventDTO.FinishTime > calendarEventDTO.StartTime) { var calendarEvent = Mapper.Map <CalendarEventDTO, CalendarEvent>(calendarEventDTO); calendarEvent.Id = Guid.NewGuid(); //Assign new ID on save. //Lookup Business and attach, so that no updates or inserts are performed on BusinessType lookup table calendarEvent.UserProfile = db.UserProfiles.Single(u => u.Email == User.Identity.Name); if (calendarEvent.UserProfile == null) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Userprofile is null")); } db.CalendarEvents.Add(calendarEvent); db.SaveChanges(); calendarEventDTO = Mapper.Map <CalendarEvent, CalendarEventDTO>(calendarEvent); HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, calendarEventDTO); response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = calendarEventDTO.Id })); return(response); } else { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } }
// PUT api/BusinessTypeAPI/5 public HttpResponseMessage PutBusinessType(int id, BusinessType businesstype) { if (!ModelState.IsValid) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } if (id != businesstype.Id) { return(Request.CreateResponse(HttpStatusCode.BadRequest)); } db.Entry(businesstype).State = EntityState.Modified; try { db.SaveChanges(); } catch (DbUpdateConcurrencyException ex) { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, ex)); } return(Request.CreateResponse(HttpStatusCode.OK)); }
public HttpResponseMessage CancelShift(Guid Id, ShiftChangeActionDTO shiftCancelDTO) { var shift = db.Shifts.Find(Id); if (shift == null) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Shift not found")); } //Only the staff member assigned to the shift can request to cancel the shift if (ClaimsAuthorization.CheckAccess("Get", "BusinessId", shift.Roster.BusinessLocation.Business.Id.ToString()) || shift.Employee.UserProfile.Email != User.Identity.Name) { if (shiftCancelDTO.Reason == String.Empty) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Reason cannot be blank")); } //Check to see if there is already a pending cancellation request var shiftCancelRequest = db.ShiftChangeRequests.Where(sc => sc.Type == ShiftRequestType.Cancel && sc.Shift.Id == Id && sc.Status == RequestStatus.Pending); if (shiftCancelRequest.Count() > 0) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Existing cancellation request already for shift id:" + Id.ToString())); } ShiftChangeRequest shiftChangeRequest = new ShiftChangeRequest { Id = Guid.NewGuid(), Reason = shiftCancelDTO.Reason, Shift = shift, Type = ShiftRequestType.Cancel, Status = RequestStatus.Pending, CreatedDate = WebUI.Common.Common.DateTimeNowLocal(), CreatedBy = shift.Employee }; //Get all managers for this busiess location var managers = db.Employees.Where(m => m.IsAdmin == true && m.BusinessLocation.Id == shift.Roster.BusinessLocation.Id); foreach (var mgr in managers) { if (mgr.UserProfile != null) { //Send notifications to managers of the affected business location information that the employee has requested to cancel a shift MessagingService.ShiftCancelRequest(mgr.UserProfile.Email, mgr.UserProfile.FirstName, shift.Employee.UserProfile.FirstName + ' ' + shift.Employee.UserProfile.LastName, shift.InternalLocation.BusinessLocation.Name, shift.StartTime, shift.FinishTime); } } db.ShiftChangeRequests.Add(shiftChangeRequest); db.SaveChanges(); return(Request.CreateResponse(HttpStatusCode.Created, shiftChangeRequest.Id)); } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } }
public HttpResponseMessage ApproveTimesheetEntry([FromBody] TimesheetEntryDTO timesheetEntryDTO) { if (Is <TimesheetFeature> .Enabled) { TimesheetEntry timesheetEntry = db.TimesheetEntries.Find(timesheetEntryDTO.Id); if (timesheetEntry == null) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound)); } var email = HttpContext.Current.User.Identity.Name; UserProfile userProfile = db.UserProfiles.FirstOrDefault(usr => usr.Email == email); if (userProfile == null) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound)); } //Check business rules if (!timesheetEntryDTO.FinishDateTime.HasValue) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Finish time for shift must be specified")); } if (timesheetEntryDTO.FinishDateTime.Value < timesheetEntryDTO.StartDateTime) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Finish time for shift must be AFTER start time")); } if (ClaimsAuthorization.CheckAccess("Put", "BusinessId", timesheetEntry.TimeCard.BusinessLocation.Business.Id.ToString())) { timesheetEntry.Approved = true; timesheetEntry.ApprovedDateTime = WebUI.Common.Common.DateTimeNowLocal(); timesheetEntry.ApprovedBy = userProfile; timesheetEntry.StartDateTime = timesheetEntryDTO.StartDateTime; timesheetEntry.FinishDateTime = timesheetEntryDTO.FinishDateTime; try { db.Entry(timesheetEntry).State = EntityState.Modified; db.SaveChanges(); } catch (DbUpdateConcurrencyException ex) { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, ex)); } return(Request.CreateResponse(HttpStatusCode.OK)); } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotImplemented)); } }
public ExternalBroadcastDTO ExternalJobPosting([FromBody] ExternalBroadcastDTO model) { var status = 0; ExternalShiftBroadcast externalBrodcaseShift = new ExternalShiftBroadcast(); externalBrodcaseShift.Id = Guid.NewGuid(); externalBrodcaseShift.Description = model.Description; externalBrodcaseShift.Wage = model.Wage; externalBrodcaseShift.Status = ExternalShiftStatus.Pending; db.ExternalShiftBroadcasts.Add(externalBrodcaseShift); status = db.SaveChanges(); //check if any Qualificatoin is selected. if (model.Qualification != null) { foreach (var item in model.Qualification) { ExternalShiftQualification shiftQualification = new ExternalShiftQualification(); shiftQualification.Id = Guid.NewGuid(); shiftQualification.QualificationslookupQualificationId = item.ValueGuid; shiftQualification.ExternalShiftBroadcastId = externalBrodcaseShift.Id; db.ExternalShiftQualifications.Add(shiftQualification); db.SaveChanges(); } } foreach (var item in model.BroadcastedOpenShiftList) { var shiftResult = db.Shifts.Where(a => a.Id == item.BroadcastedOpenShiftId).FirstOrDefault(); shiftResult.ExternalShiftBroadcastId = externalBrodcaseShift.Id; db.SaveChanges(); } //Check if any Skill is selected. if (model.Skills != null) { foreach (var item in model.Skills) { ExternalShiftSkills skills = new ExternalShiftSkills(); skills.Id = Guid.NewGuid(); skills.ExternalShiftBroadcastId = externalBrodcaseShift.Id; skills.IndustrySkillsId = item.ValueGuid; db.ExternalShiftSkills.Add(skills); db.SaveChanges(); } } ExternalBroadcastDTO externalBroadCastDTO = MapperFacade.MapperConfiguration.Map <ExternalShiftBroadcast, ExternalBroadcastDTO>(externalBrodcaseShift); return(externalBroadCastDTO); }
// GET api/AccountAPI/5 //Get method used to ValidateUser upon login/authentication, should only be called on login internal LoginModelDTO GetAccount(string email, string passwordHash) { var userProfile = db.UserProfiles.FirstOrDefault(Usr => Usr.Email == email); if (userProfile == null) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.ExpectationFailed, "Account email/password incorrect")); } else if (userProfile.Membership.IsConfirmed == false) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Account is not confirmed")); } else if (userProfile.Membership.IsLockedOut == true) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Account is locked")); } String hashedPassword = userProfile.Membership.Password; bool verificationSucceeded = (hashedPassword != null && hashedPassword == passwordHash); if (verificationSucceeded) { userProfile.Membership.PasswordFailuresSinceLastSuccess = 0; userProfile.Membership.LastLoginDate = WebUI.Common.Common.DateTimeNowLocal(); } else //failed login attempt { userProfile.Membership.LastPasswordFailureDate = WebUI.Common.Common.DateTimeNowLocal(); int failures = userProfile.Membership.PasswordFailuresSinceLastSuccess; if (failures < UserCredentials.MaxInvalidPasswordAttempts) { ++userProfile.Membership.PasswordFailuresSinceLastSuccess; } else if (failures >= UserCredentials.MaxInvalidPasswordAttempts) { userProfile.Membership.LastLockoutDate = WebUI.Common.Common.DateTimeNowLocal(); userProfile.Membership.IsLockedOut = true; } } db.SaveChanges(); if (verificationSucceeded) { return new LoginModelDTO { Email = userProfile.Email } } ; else { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Invalid password")); } }
public HttpResponseMessage PostShiftTemplate(ShiftTemplateDTO shiftTemplateDTO) { if (ModelState.IsValid) { if (ClaimsAuthorization.CheckAccess("Put", "BusinessLocationId", shiftTemplateDTO.BusinessLocationId.ToString())) { //Business rules if (shiftTemplateDTO.StartTime > shiftTemplateDTO.FinishTime && !shiftTemplateDTO.FinishNextDay) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Shift start time must be before end time")); } //Role selected must be applicable to the Employee if (shiftTemplateDTO.EmployeeId != null && shiftTemplateDTO.RoleId.HasValue && db.Employees.Find(shiftTemplateDTO.EmployeeId).Roles.FirstOrDefault(r => r.Id == shiftTemplateDTO.RoleId) == null) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Employee does not have the role specified")); } var shiftTemplate = MapperFacade.MapperConfiguration.Map <ShiftTemplateDTO, ShiftTemplate>(shiftTemplateDTO); shiftTemplate.Id = Guid.NewGuid(); //Assign new ID on save. shiftTemplate.Enabled = true; //default to enabled shiftTemplate.BusinessLocation = db.BusinessLocations.Find(shiftTemplateDTO.BusinessLocationId); if (shiftTemplateDTO.InternalLocationId.HasValue) { shiftTemplate.InternalLocation = db.InternalLocations.Find(shiftTemplateDTO.InternalLocationId); } if (shiftTemplateDTO.RoleId.HasValue) { shiftTemplate.Role = db.Roles.Find(shiftTemplateDTO.RoleId); } if (shiftTemplateDTO.EmployeeId.HasValue) { shiftTemplate.Employee = db.Employees.Find(shiftTemplateDTO.EmployeeId); } db.ShiftTemplates.Add(shiftTemplate); db.SaveChanges(); shiftTemplateDTO = MapperFacade.MapperConfiguration.Map <ShiftTemplate, ShiftTemplateDTO>(shiftTemplate); HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, shiftTemplateDTO); response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = shiftTemplateDTO.Id })); return(response); } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } } else { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } }
public HttpResponseMessage CreateEmployerRequest(string id) { try { var busLocIdGd = Guid.Parse(id); var email = HttpContext.Current.User.Identity.Name; //Check that employee email address is not already registered to the business if (db.Employees.Any(emp => emp.Email == email && emp.BusinessLocation.Id == busLocIdGd)) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Email address already registered with business location")); } //Check that employee is not already linked to the business if (db.Employees.Any(emp => emp.UserProfile.Email == email && emp.BusinessLocation.Id == busLocIdGd)) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "User is already registered with business location")); } //Check that a request hasn't already been lodged with the business previously if (db.EmployerRequests.Any(er => er.UserProfile.Email == email && er.BusinessLocation.Id == busLocIdGd)) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Request has already been registered with business location")); } var empRequest = new EmployerRequest(); empRequest.Id = Guid.NewGuid(); empRequest.CreatedDate = WebUI.Common.Common.DateTimeNowLocal(); empRequest.Status = RequestStatus.Pending; empRequest.BusinessLocation = db.BusinessLocations.SingleOrDefault(b => b.Id == busLocIdGd); empRequest.UserProfile = db.UserProfiles.SingleOrDefault(usr => usr.Email == email); db.EmployerRequests.Add(empRequest); db.SaveChanges(); return(Request.CreateResponse(HttpStatusCode.OK)); } catch (Exception ex) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message)); } }
public int InsertCourt( BasketballCourt entity) { using (var dbContext = new DataModelDbContext()) { dbContext.BasketballCourts.Add(entity).Entity.Uid = Guid.NewGuid(); return(dbContext.SaveChanges()); } }
// POST api/shiftapi //Create a new shift public HttpResponseMessage PostRoster([FromBody] RosterCreateDTO rosterCreateDTO) { if (ClaimsAuthorization.CheckAccess("Put", "BusinessLocationId", rosterCreateDTO.BusinessLocationId.ToString())) { if (ModelState.IsValid) { Roster existingRoster = db.Rosters.Where(r => r.BusinessLocation.Id == rosterCreateDTO.BusinessLocationId && r.WeekStartDate == rosterCreateDTO.WeekStartDate.Date).FirstOrDefault(); //Business rules if (existingRoster != null) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "A roster already exists for the week starting " + rosterCreateDTO.WeekStartDate.ToShortDateString())); } //Cannot create a roster for a weeks starting in the past EXCEPT if it is the current week. if (rosterCreateDTO.WeekStartDate.Date < WebUI.Common.Common.GetNextWeekday(WebUI.Common.Common.DateTimeNowLocal(), DayOfWeek.Monday).Date.AddDays(-7)) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "A roster cannot be created for a week starting in the past")); } var rosterList = new List <Roster>(); var businessLoc = db.BusinessLocations.Find(rosterCreateDTO.BusinessLocationId); var rosterWeek1 = CreateRosterForWeekStarting(rosterCreateDTO, businessLoc); db.Rosters.Add(rosterWeek1); //If rosters are being created for a month or fortnight. if (rosterCreateDTO.RostersToCreate == RosterToCreateEnum.Fortnight || rosterCreateDTO.RostersToCreate == RosterToCreateEnum.Month) { var rosterWeek2 = CreateRosterForWeekStarting(rosterCreateDTO, businessLoc, 1); db.Rosters.Add(rosterWeek2); //For month, add remaining two weeks if (rosterCreateDTO.RostersToCreate == RosterToCreateEnum.Month) { var rosterWeek3 = CreateRosterForWeekStarting(rosterCreateDTO, businessLoc, 2); db.Rosters.Add(rosterWeek3); var rosterWeek4 = CreateRosterForWeekStarting(rosterCreateDTO, businessLoc, 3); db.Rosters.Add(rosterWeek4); } } db.SaveChanges(); return(Request.CreateResponse(HttpStatusCode.Created)); } else { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } } else { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "You do not have appropriate permission")); } }
public HttpResponseMessage Post(BusinessPreferencesDTO businessPrefDTO) { if (ModelState.IsValid) { var businessPref = MapperFacade.MapperConfiguration.Map <BusinessPreferencesDTO, BusinessPreferences>(businessPrefDTO); businessPref.Id = Guid.NewGuid(); //Assign new ID on save. db.BusinessPreferences.Add(businessPref); db.SaveChanges(); businessPrefDTO = MapperFacade.MapperConfiguration.Map <BusinessPreferences, BusinessPreferencesDTO>(businessPref); HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, businessPrefDTO); //response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = businessDTO.Id })); return(response); } else { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } }
// POST api/<controller> public void Post([FromBody] ShiftBlockDTO shiftBlockDTO) { if (Is <ShiftBlockFeature> .Enabled) { if (ModelState.IsValid) { if (ClaimsAuthorization.CheckAccess("Put", "BusinessLocationId", shiftBlockDTO.BusinessLocationId.ToString())) { //Business rules if (shiftBlockDTO.StartTime > shiftBlockDTO.FinishTime && !shiftBlockDTO.FinishNextDay) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "ShiftBlock start time must be before end time")); } var shiftBlock = MapperFacade.MapperConfiguration.Map <ShiftBlockDTO, ShiftBlock>(shiftBlockDTO); shiftBlock.Id = Guid.NewGuid(); //Assign new ID on save. shiftBlock.BusinessLocation = db.BusinessLocations.Find(shiftBlockDTO.BusinessLocationId); shiftBlock.Role = db.Roles.Find(shiftBlockDTO.RoleId); db.ShiftBlocks.Add(shiftBlock); db.SaveChanges(); } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } } else { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotImplemented)); } }
public void AddTokenDetails([FromBody] PaymentDetailsDTO paymentDetailsDTO) { if (Is <PaymentFeature> .Enabled) { var employee = db.Employees.Find(paymentDetailsDTO.EmployeeID); if (employee != null) { if (ClaimsAuthorization.CheckAccess("Put", "BusinessLocationId", employee.BusinessLocation.Id.ToString())) { var paymentdetails = new PaymentDetails { Id = Guid.NewGuid() }; if (employee.PaymentDetails != null) { paymentdetails = employee.PaymentDetails; } paymentdetails.TokenCustomerID = paymentDetailsDTO.TokenCustomerID; paymentdetails.BusinessLocation = employee.BusinessLocation; paymentdetails.CreatedDate = WebUI.Common.Common.DateTimeNowLocal(); //If there is another payment detail from a different employee then delete if (employee.BusinessLocation.PaymentDetails != null && employee.BusinessLocation.PaymentDetails.Employee.Id != employee.Id) { //employee.BusinessLocation.PaymentDetails. db.Entry(employee.BusinessLocation.PaymentDetails).State = EntityState.Deleted; } employee.PaymentDetails = paymentdetails; db.SaveChanges(); } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound)); } } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotImplemented)); } }
// GET: api/CollegeDetails public QuestionList savequestiondetails() { QuestionList ee = new QuestionList(); ee.Question = "abcd"; ee.QuestionType = "3"; //ee.QuestionType = "2"; using (DataModelDbContext dbContext = new DataModelDbContext()) { dbContext.QuestionLists.Add(ee); dbContext.SaveChanges(); } return(ee); }
public int SaveReview( Rating entity) { using (var dbContext = new DataModelDbContext()) { Rating existing = dbContext.Ratings.AsNoTracking() .Where(r => r.CourtUid == entity.CourtUid && r.PlayerUid == entity.PlayerUid) .SingleOrDefault(); if (existing != null) { dbContext.Ratings.Update(entity); } else { dbContext.Ratings.Add(entity); } return(dbContext.SaveChanges()); } }
public HttpResponseMessage Put(Guid id, UserPreferencesDTO usrPrefDTO) { var email = HttpContext.Current.User.Identity.Name; UserProfile usrProfile = db.UserProfiles.FirstOrDefault(usr => usr.Email == email && usr.Id == id); if (usrProfile != null) { if (!ModelState.IsValid) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } try { var userPreferences = db.UserPreferences.Find(usrPrefDTO.Id); //If NULL, then retain any existing image data as no overrite is occurring (we don't pass back the whole image each time) //This is a bit of a hack, best solution is to seperate out any uploaded documents as per this page (http://www.codeproject.com/Articles/658522/Storing-Images-in-SQL-Server-using-EF-and-ASP-NET) if (usrPrefDTO.ImageData == null) { usrPrefDTO.ImageData = userPreferences.ImageData; usrPrefDTO.ImageType = userPreferences.ImageType; } userPreferences = MapperFacade.MapperConfiguration.Map <UserPreferencesDTO, UserPreferences>(usrPrefDTO, userPreferences); db.Entry(userPreferences).State = EntityState.Modified; db.SaveChanges(); } catch (DbUpdateConcurrencyException ex) { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, ex)); } return(Request.CreateResponse(HttpStatusCode.OK)); } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } }
public HttpResponseMessage RejectShiftChangeRequest(string id, ShiftChangeActionDTO rejectDTO) { try { var requestId = Guid.Parse(id); var email = HttpContext.Current.User.Identity.Name; var scRequest = db.ShiftChangeRequests.FirstOrDefault(er => er.Id == requestId && er.Status == RequestStatus.Pending); //Ensure user has "Put" manager permissions for the business location which the request corresponds to if (!ClaimsAuthorization.CheckAccess("Put", "BusinessLocationId", scRequest.Shift.Roster.BusinessLocation.Id.ToString())) { return(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "You do not have permissions.")); } if (scRequest == null) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Unable to find pending shift change request.")); } //Update Request object scRequest.Status = RequestStatus.Denied; scRequest.ActionedDate = WebUI.Common.Common.DateTimeNowLocal(); scRequest.ActionedComment = rejectDTO.Reason; //Attach the Employee record which matches the logged in user profile and business id. scRequest.ActionedBy = db.UserProfiles.FirstOrDefault(usr => usr.Email == email).Employees.FirstOrDefault(emp => emp.BusinessLocation.Id == scRequest.Shift.Roster.BusinessLocation.Id); db.SaveChanges(); MessagingService.ShiftChangeRequestRejected(scRequest.CreatedBy.Email, scRequest.CreatedBy.FirstName, scRequest.Shift.StartTime.ToString() + " - " + scRequest.Shift.FinishTime.ToString() + " @ " + scRequest.Shift.InternalLocation.BusinessLocation.Name, scRequest.ActionedBy.FirstName + ' ' + scRequest.ActionedBy.LastName, rejectDTO.Reason); return(Request.CreateResponse(HttpStatusCode.OK)); } catch (Exception ex) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message)); } }
// POST api/RosterBroadcastapi //Create a new shift public HttpResponseMessage PutRosterBroadcast([FromBody] IEnumerable <RosterBroadcastDTO> rosterBroadcastListDTO) { //List to store all Employees who have had shifts broadcast List <EmployeeDTO> employees = new List <EmployeeDTO>(); List <EmployeeDTO> employeesNoProfile = new List <EmployeeDTO>(); List <ShiftDTO> openShifts = new List <ShiftDTO>(); if (rosterBroadcastListDTO.Count() > 0) { Guid businessLocationId = db.Rosters.Find(rosterBroadcastListDTO.First().Id).BusinessLocation.Id; if (ClaimsAuthorization.CheckAccess("Put", "BusinessLocationId", businessLocationId.ToString())) { //TODO: test allbusiness logic foreach (RosterBroadcastDTO rosterBroadcastDTO in rosterBroadcastListDTO) { int dow = (int)rosterBroadcastDTO.Day + 1; // SQL Day of week IQueryable <Shift> shiftsToBroadcast = null; if (rosterBroadcastDTO.LocationId != Guid.Empty) { //Do the updates to broadcast all shifts on each day for each location specified shiftsToBroadcast = db.Shifts.Where(s => s.Roster.Id == rosterBroadcastDTO.Id && s.InternalLocation.Id == rosterBroadcastDTO.LocationId && SqlFunctions.DatePart("weekday", s.StartTime) == dow); } else { shiftsToBroadcast = db.Shifts.Where(s => s.Roster.Id == rosterBroadcastDTO.Id && s.InternalLocation == null && SqlFunctions.DatePart("weekday", s.StartTime) == dow); } foreach (Shift shift in shiftsToBroadcast) { shift.IsPublished = true; //Add to list of employees who have shifts broadcast if (shift.Employee != null) { if (shift.Employee.UserProfile != null) { //If email not already added to list to send if (employees.Where(em => em.Id == shift.Employee.Id).Count() == 0) { employees.Add(new EmployeeDTO { Id = shift.Employee.Id, FirstName = shift.Employee.UserProfile.FirstName, LastName = shift.Employee.UserProfile.LastName, Email = shift.Employee.UserProfile.Email }); } } else { //Employee does not have a linked userprofile, therefore try to use email is entered into employee by manager if (!String.IsNullOrEmpty(shift.Employee.Email) && (employeesNoProfile.Where(em => em.Id == shift.Employee.Id).Count() == 0)) { employeesNoProfile.Add(new EmployeeDTO { Id = shift.Employee.Id, FirstName = shift.Employee.FirstName, LastName = shift.Employee.LastName, Email = shift.Employee.Email }); } } } //If this is an OPEN shift if (shift.Employee == null) { openShifts.Add(MapperFacade.MapperConfiguration.Map <Shift, ShiftDTO>(shift)); } } } db.SaveChanges(); //Send notifications to any staff who have shifts being published. Stopwatch sw = new Stopwatch(); sw.Start(); foreach (var emp in employees) { MessagingService.ShiftBroadcast(emp.Email, emp.FirstName); } foreach (var emp in employeesNoProfile) { MessagingService.ShiftBroadcastNotRegistered(emp.Email, emp.FirstName); } sw.Stop(); //Publish notification about open shifts var busLocs = openShifts.Select(s => s.BusinessLocationId.Value).Distinct().ToList(); MessagingService.OpenShiftsBroadcast(busLocs); } } return(Request.CreateResponse(HttpStatusCode.OK)); }
// POST api/shiftapi //Create a new shift public HttpResponseMessage PostShift([FromBody] ShiftDTO shiftDTO, [FromUri] Guid businessLocationId) { if (ClaimsAuthorization.CheckAccess("Put", "BusinessLocationId", businessLocationId.ToString())) { if (ModelState.IsValid) { var dateMinusWeek = shiftDTO.StartDateTime.AddDays(-7); Roster roster = db.Rosters.Find(shiftDTO.RosterId); //Business rules if (roster == null) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Unable to find corresponding roster")); } if (shiftDTO.StartDateTime > shiftDTO.FinishDateTime) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Shift start time must be before end time")); } if (shiftDTO.StartDateTime < roster.WeekStartDate || shiftDTO.StartDateTime >= roster.WeekStartDate.AddDays(7)) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Shift start time must be within the roster week starting '" + roster.WeekStartDate.ToShortDateString() + "'")); } if ((shiftDTO.FinishDateTime - shiftDTO.StartDateTime).Days > 1) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Shift can not span more than one day")); } if (shiftDTO.StartDateTime < WebUI.Common.Common.DateTimeNowLocal()) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Shift start time must not be in the past")); } using (ScheduleActionAPIController scheduleAPIController = new ScheduleActionAPIController()) { var unavailEmployees = scheduleAPIController.GetUnavailableEmployees(shiftDTO.BusinessLocationId.GetValueOrDefault(), shiftDTO.StartDateTime.Ticks.ToString(), shiftDTO.FinishDateTime.Ticks.ToString(), Guid.Empty); if (unavailEmployees.FirstOrDefault(e => e.Id == shiftDTO.EmployeeId) != null) { return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Employee is not available on this day")); } } var shift = MapperFacade.MapperConfiguration.Map <ShiftDTO, Shift>(shiftDTO); shift.Id = Guid.NewGuid(); //Assign new ID on save. shift.Roster = roster; shift.Employee = db.Employees.Find(shiftDTO.EmployeeId); shift.InternalLocation = db.InternalLocations.Find(shiftDTO.InternalLocationId); shift.Role = db.Roles.Find(shiftDTO.RoleId); db.Shifts.Add(shift); db.SaveChanges(); //If save as shift block also selected, then create new shift block if (shiftDTO.SaveAsShiftBlock) { ShiftBlockDTO shiftBlockDTO = new ShiftBlockDTO { StartTime = shiftDTO.StartTime, FinishTime = shiftDTO.FinishTime, BusinessLocationId = businessLocationId, RoleId = shiftDTO.RoleId, FinishNextDay = (shiftDTO.FinishDay > shiftDTO.StartDay) }; using (ShiftBlockAPIController sb = new ShiftBlockAPIController()) { sb.Post(shiftBlockDTO); } } //HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created); //response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = role.Id })); return(Request.CreateResponse(HttpStatusCode.Created)); } else { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } }
private ClockInOutReponseDTO PunchTimeClock(Guid employeeId, Guid businessLocationId, DateTime?timePunchVal = null) { //NOTE: EMployee Id can be an EMployee QR code, or a UserProfile QR code. Need to check for both to get a match. var responseObj = new ClockInOutReponseDTO(); //First check if this is an employeeif Employee emp = db.Employees.Find(employeeId); var authEmail = HttpContext.Current.User.Identity.Name; if (emp == null) //Try and see if it is a UserProfile QR code with a linked employee to the selected business location { var usrProfile = db.UserProfiles.Find(employeeId); if (usrProfile != null) { //Find employee linked to userprofile for selected business location emp = usrProfile.Employees.FirstOrDefault(e => e.BusinessLocation.Id == businessLocationId); if (emp == null) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "No matching employee record to the business location could be found")); } } else { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "No matching employee or user profile records could be found ")); } } //throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound)); if (!emp.IsActive) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Employee is NOT active")); } if (emp.BusinessLocation.Id != businessLocationId) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Employee does not belong to business location")); } if (ClaimsAuthorization.CheckAccess("Put", "BusinessLocationId", businessLocationId.ToString())) { #if DEBUG DateTime timePunch = (timePunchVal.HasValue)? timePunchVal.Value : WebUI.Common.Common.DateTimeNowLocal(); #else DateTime timePunch = WebUI.Common.Common.DateTimeNowLocal(); #endif //See if there are any timecards not chceked out for the employee TimeCard tc = db.TimeCards.FirstOrDefault(t => t.Employee.Id == emp.Id && !t.ClockOut.HasValue); bool exists = false; //If there is no open check in record create a new time card entry if (tc == null) { //CHECK IN //Get the roster object associated with this time punch var weekStartDate = WebUI.Common.Common.GetStartOfWeek(timePunch, DayOfWeek.Monday); var roster = db.Rosters.FirstOrDefault(r => r.BusinessLocation.Id == businessLocationId && r.WeekStartDate == weekStartDate); if (roster == null) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Unable to find matching Roster obejct for week")); } //See if we can locate a shift at the business location which corresponds to this check in event. //Search for a start time which is within 30 mins of timepunch var dtMinTime = timePunch.AddMinutes(-WebUI.Common.Constants.TimeCardShiftVariance); var dtMaxTime = timePunch.AddMinutes(WebUI.Common.Constants.TimeCardShiftVariance); var shift = db.Shifts.FirstOrDefault(s => s.Roster.BusinessLocation.Id == businessLocationId && s.IsPublished && s.Employee.Id == emp.Id && s.StartTime >= dtMinTime && s.StartTime <= dtMaxTime); tc = new TimeCard(); tc.Roster = roster; tc.Id = Guid.NewGuid(); tc.ClockIn = timePunch; tc.Employee = emp; tc.Shift = shift; responseObj.CheckInOut = CheckInOutEnum.CheckIn; responseObj.Message = "Check in confirmed. "; if (shift != null) { responseObj.ShiftDetails = shift.StartTime.ToShortTimeString() + " - " + shift.FinishTime.ToShortTimeString(); } tc.TimesheetEntry = new TimesheetEntry(); tc.TimesheetEntry.Id = Guid.NewGuid(); //If a matched shift has been found then default the timesheet entry to the matched shift //Otherwise set it to the timeclocked entry if (shift != null) { tc.TimesheetEntry.StartDateTime = shift.StartTime; tc.TimesheetEntry.FinishDateTime = shift.FinishTime; } else { tc.TimesheetEntry.StartDateTime = new DateTime(timePunch.Year, timePunch.Month, timePunch.Day, timePunch.Hour, timePunch.Minute, 0); } } else //Check out the previous record { //CHECK OUT exists = true; tc.ClockOut = timePunch; responseObj.CheckInOut = CheckInOutEnum.CheckOut; responseObj.Message = "Check out confirmed. "; if (tc.Shift != null) { responseObj.ShiftDetails = tc.Shift.StartTime.ToShortTimeString() + " - " + tc.Shift.FinishTime.ToShortTimeString(); } else //Timesheet entry default finished time to the timepunch if it has not been defaulted to any linked shift { tc.TimesheetEntry.FinishDateTime = new DateTime(timePunch.Year, timePunch.Month, timePunch.Day, timePunch.Hour, timePunch.Minute, 0); } } responseObj.Message += (emp.FirstName + " " + emp.LastName + " " + timePunch.ToString(WebUI.Common.Common.GetLocaleDateTimeDisplayFormat(HttpContext.Current.Request.UserLanguages.FirstOrDefault())) + " @ " + emp.BusinessLocation.Name); tc.BusinessLocation = emp.BusinessLocation; tc.LastUpdatedDate = WebUI.Common.Common.DateTimeNowLocal(); tc.LastUpdatedBy = db.UserProfiles.First(Usr => Usr.Email == authEmail).Employees.First(u => u.BusinessLocation.Id == businessLocationId); if (!exists) { db.TimeCards.Add(tc); } db.SaveChanges(); return(responseObj); } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } }
public HttpResponseMessage PutBusiness(Guid id, BusinessDetailsDTO businessDTO) { if (ClaimsAuthorization.CheckAccess("Put", "BusinessId", id.ToString())) { if (!ModelState.IsValid) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } if (id != businessDTO.Id) { return(Request.CreateResponse(HttpStatusCode.BadRequest)); } try { var business = MapperFacade.MapperConfiguration.Map <BusinessDetailsDTO, Business>(businessDTO, db.Businesses.Single(b => b.Id == id)); //Lookup BusinessType and attach, so that no updates or inserts are performed on BusinessType lookup table business.Type = db.BusinessTypes.Single(t => t.Id == businessDTO.TypeId); ////Apply any role updates or inserts //foreach (RoleDTO roleDTO in businessDTO.Roles) //{ // Role role = business.Roles.FirstOrDefault(r => r.Id == roleDTO.Id); // //If there is a role, then need to update // if (role != null) // role.Name = roleDTO.Name; // else //This is a new role being added // { // var newRole = MapperFacade.MapperConfiguration.Map<RoleDTO, Role>(roleDTO); // newRole.Id = Guid.NewGuid(); // business.Roles.Add(newRole); // } //Note: deletion of roles is not supported here //} db.Entry(business).State = EntityState.Modified; db.SaveChanges(); } catch (DbUpdateConcurrencyException ex) { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, ex)); } return(Request.CreateResponse(HttpStatusCode.OK)); } else { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized)); } }
// PUT api/EmployeeAPI/5 public HttpResponseMessage PutEmployee(Guid id, EmployeeDTO employeeDTO) { if (!ModelState.IsValid) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState)); } if (id != employeeDTO.Id) { return(Request.CreateResponse(HttpStatusCode.BadRequest)); } if (employeeDTO.Roles != null && employeeDTO.Roles.Count > 5) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.ExpectationFailed, "Maximimum of 5 roles only can be added")); } try { bool sendEmailNotification = false; var employee = db.Employees.Find(id); if (!ClaimsAuthorization.CheckAccess("Put", "BusinessLocationId", employee.BusinessLocation.Id.ToString())) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "You do not have appropriate permission")); } //Do not allow modification of email addresses which are linked to userprofiles already if (employee.UserProfile != null && employeeDTO.Email != employee.Email) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "You can not modify email address for an employee which is linked to a registered user")); } //If the email address is being updated then send notification to new address if (employee.Email != employeeDTO.Email && !String.IsNullOrEmpty(employeeDTO.Email)) { sendEmailNotification = true; } //Map the updates across to original object employee = MapperFacade.MapperConfiguration.Map <EmployeeDTO, Employee>(employeeDTO, employee); //Check to see if there is already an employee with this same email address registered for the business location. var employeeExistingEmail = db.Employees.FirstOrDefault(emp => !String.IsNullOrEmpty(employeeDTO.Email) && emp.Email == employee.Email && emp.Id != employee.Id && emp.BusinessLocation.Id == employee.BusinessLocation.Id); if (employeeExistingEmail != null) { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "An employee with this email address already exists for this business")); } //Lookup BusinessLocation and attach, so that no updates or inserts are performed on BusinessType lookup table var busLoc = db.BusinessLocations.Single(b => b.Id == employeeDTO.BusinessLocationId); employee.BusinessLocation = busLoc; if (employee.IsAdmin) { employee.ManagerBusinessLocations.Add(busLoc); } else { //if not admin but currently linked if (employee.ManagerBusinessLocations.Contains(busLoc)) { employee.ManagerBusinessLocations.Remove(busLoc); } } //Hook up any roles selected employee.Roles.Clear(); //Clear first so we can hook up correct DB items if (employeeDTO.Roles != null) { foreach (RoleDTO roleDTO in employeeDTO.Roles) { Role role = db.Roles.FirstOrDefault(r => r.Id == roleDTO.Id); if (role == null) { return(Request.CreateResponse(HttpStatusCode.NotFound)); } employee.Roles.Add(role); } } //If user email has been updated then send notification and request if (sendEmailNotification) { //Remove any old employee requests if (employee.EmployeeRequest != null) { db.Entry(employee.EmployeeRequest).State = EntityState.Deleted; } //Create an entry in the EMployeeRequest table EmployeeRequest empRequest = new EmployeeRequest() { Id = Guid.NewGuid(), CreatedDate = WebUI.Common.Common.DateTimeNowLocal(), Status = RequestStatus.Pending, BusinessLocation = employee.BusinessLocation }; employee.EmployeeRequest = empRequest; //If an existing user profile exists with matching email address if (db.UserProfiles.Any(usr => usr.Email == employee.Email)) { //Send user email notifying them that a business has registered their email and they need to approve to link MessagingService.BusinessRegisteredEmployee(employee.FirstName, employee.BusinessLocation.Business.Name, true, employee.Email, employee.MobilePhone); } else //Send email notifying them that they have been registered with a business and invite to register an account { MessagingService.BusinessRegisteredEmployee(employee.FirstName, employee.BusinessLocation.Business.Name, false, employee.Email, employee.MobilePhone); } } db.Entry(employee).State = EntityState.Modified; db.SaveChanges(); } catch (DbUpdateConcurrencyException ex) { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, ex)); } return(Request.CreateResponse(HttpStatusCode.OK)); }
public bool PostViewedWizard() { var email = HttpContext.Current.User.Identity.Name; UserProfile userProfile = db.UserProfiles.FirstOrDefault(usr => usr.Email == email); if (userProfile == null) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound)); } userProfile.HasViewedWizard = true; db.SaveChanges(); return(userProfile.HasViewedWizard); }