public async Task <IActionResult> PutImage(int id, [FromBody] JsonPatchDocument <ImagePatchDTO> patchModel)
{
var user = await _userManager.GetUserAsync(HttpContext.User);
if (user == null || (await _userManager.IsInRoleAsync(user, Role.Admin) == false))
{
return(Unauthorized("Error updating image because of incorrect authority level."));
}
try
{
Image image = await _context.Images.Where(x => x.ImageId == id).FirstOrDefaultAsync();
if (image == null)
{
return(NotFound());
}
ImagePatchDTO imageDTO = ConvertToImagePatchDTO(image);
patchModel.ApplyTo(imageDTO);
image = MapToImage(imageDTO, image);
_context.Images.Update(image);
await _context.SaveChangesAsync();
return(new ObjectResult(ConvertToImageDTO(image)));
}
catch (Exception e)
{
}
return(BadRequest("Error updating image"));
}
public async Task <IActionResult> PatchContent(int id, [FromBody] JsonPatchDocument <ContentDTO> patchModel)
{
var user = await _userManager.GetUserAsync(HttpContext.User);
if (user == null || (await _userManager.IsInRoleAsync(user, Role.Admin) == false))
{
return(Unauthorized("Error updating content because of incorrect authority level."));
}
try
{
Content content = await _context.Contents.Where(x => x.ContentId == id).FirstOrDefaultAsync();
if (content == null)
{
return(NotFound());
}
ContentDTO contentDTO = ConvertToContentDTO(content);
patchModel.ApplyTo(contentDTO);
content = MapToContent(contentDTO, content);
_context.Contents.Update(content);
await _context.SaveChangesAsync();
return(new ObjectResult(ConvertToContentDTO(content)));
}
catch (Exception e)
{
}
return(BadRequest("Error updating content"));
}
public async Task <JsonResult> OnPutSignUp([FromBody] SignUpRequest SignUpRequest)
{
Logger.LogDebug("New user request: {} {} {}", SignUpRequest.Email, SignUpRequest.Name, SignUpRequest.University);
if (await _UserManager.FindByEmailAsync(SignUpRequest.Email) != null)
{
Logger.LogInformation("New user {}, already exists!", SignUpRequest.Email);
return(new JsonResult(new SignUpResult
{
UserName = SignUpRequest.Email,
Message = "User already exists!",
Success = false
}));
}
User newUser = new User
{
Email = SignUpRequest.Email,
Name = SignUpRequest.Name,
SecurityStamp = Guid.NewGuid().ToString(),
UserName = SignUpRequest.Email,
University = SignUpRequest.University,
Comments = new List <Comment>(),
Orders = new List <Order>()
};
var createResult = await _UserManager.CreateAsync(newUser, SignUpRequest.Password);
if (createResult.Succeeded)
{
var addToRoleResult = await _UserManager.AddToRoleAsync(newUser, Role.User);
if (!addToRoleResult.Succeeded)
{
await _UserManager.DeleteAsync(newUser);
return(new JsonResult(new SignUpResult
{
UserName = SignUpRequest.Email,
Message = "User " + SignUpRequest.Email + " couldn't be added to Role!",
Success = false
}));
}
}
else
{
bool valid = true;
foreach (var validator in _UserManager.PasswordValidators)
{
if (!(await validator.ValidateAsync(_UserManager, newUser, SignUpRequest.Password)).Succeeded)
{
valid = false;
}
}
if (!valid)
{
return(new JsonResult(new SignUpResult
{
UserName = SignUpRequest.Email,
Message = "User password is not complex enough!",
Success = false
}));
}
return(new JsonResult(new SignUpResult
{
UserName = SignUpRequest.Email,
Message = "User " + SignUpRequest.Email + " couldn't be created!",
Success = false
}));
}
await _context.SaveChangesAsync();
Logger.LogInformation("New user has been created {}!", SignUpRequest.Email);
return(new JsonResult(new SignUpResult
{
UserName = SignUpRequest.Email,
Message = "User " + SignUpRequest.Email + " has been created!",
Success = true
}));
}
public async Task <IActionResult> PatchOrder(int orderId, [FromBody] JsonPatchDocument <OrderPatchDTOUnion> patchModel)
{
try
{
var user = await _userManager.GetUserAsync(HttpContext.User);
if (user == null)
{
return(Unauthorized("Error accessing orders because of incorrect authority level!"));
}
var order = await _context.Orders.Include(x => x.User)
.Include(x => x.Comment)
.Where(x => x.OrderId == orderId).FirstOrDefaultAsync <Order>();
var tempOrder = ConvertToOrderPatchUnionDTO(order);
if (order == null)
{
return(NotFound());
}
if (await _userManager.IsInRoleAsync(user, Role.User))
{
if (user.Id != order.User.Id)
{
return(Unauthorized("Error patching order. A user can only patch their own orders."));
}
else
{
patchModel.ApplyTo(tempOrder);
var orderPatchDTO = ConvertToPatchDetailsDTO(tempOrder);
if (!IsValidPOST(orderPatchDTO))
{
return(BadRequest("Error processing new order due to unprocessable input!"));
}
order = await MapPatchDetailsToOrderAsync(orderPatchDTO, order);
_context.Orders.Update(order);
await _context.SaveChangesAsync();
return(new ObjectResult(ConvertToOrderDetailsDTO(order)));
}
}
else if (await _userManager.IsInRoleAsync(user, Role.Kortag) || await _userManager.IsInRoleAsync(user, Role.Admin))
{
patchModel.ApplyTo(tempOrder);
if (user.Id != order.User.Id)
{
var orderPatchDTO = ConvertToPatchDTO(tempOrder);
order = await MapPatchToOrderAsync(orderPatchDTO, order);
}
else
{
var orderPatchDetailsDTO = ConvertToPatchDetailsDTO(tempOrder);
if (!IsValidPOST(orderPatchDetailsDTO))
{
return(BadRequest("Error processing new order due to unprocessable input!"));
}
var orderPatchDTO = ConvertToPatchDTO(tempOrder);
order = await MapPatchDetailsToOrderAsync(orderPatchDetailsDTO, order);
order = await MapPatchToOrderAsync(orderPatchDTO, order);
}
_context.Orders.Update(order);
await _context.SaveChangesAsync();
return(new ObjectResult(ConvertToOrderDetailsDTO(order)));
}
}
catch (Exception e)
{
}
return(BadRequest("Error updating order"));
}