public override void RespondToRequest(User user, System.Web.HttpRequest request, System.Web.HttpResponse response, IBabyDataSource DataSource) { Baby b; if (!String.IsNullOrEmpty(request ["id"])) { b = DataSource.ReadBaby (request ["id"], user); switch (request.HttpMethod.ToUpper()) { case "GET": if (b.HasPermission (user.Username, Permission.Types.READ)) { b.Permissions = DataSource.GetPermissionsForBaby (b, user); response.Write (b.ToJSON ()); } else { throw new AuthException ("You don't have permission to view this baby's permission data"); } break; case "POST": if (b.HasPermission (user.Username, Permission.Types.PARENT)) { if (String.IsNullOrEmpty (request ["pid"])) { Permission p = new Permission (); p.BabyId = b.Id; p.Username = request ["username"]; Enum.TryParse<Permission.Types> (request ["type"], out p.Type); p = DataSource.CreatePermission (p, user); b.Permissions.Add (p); response.Write (b.ToJSON ()); } else { throw new NotImplementedException ("UPDAITNG HAS TO WAIT SORRY"); } } else{ throw new AuthException ("Only Users with the PARENT role can update this baby's permission data"); } break; default: throw new NotSupportedException ("Unsupported HTTP Method"); break; } } else { throw new ArgumentNullException ("Baby id not specified as 'id'"); } }
public override void RespondToRequest(User user, System.Web.HttpRequest request, System.Web.HttpResponse response, IBabyDataSource DataSource) { Baby b; if (!String.IsNullOrEmpty (request ["id"])) { b = DataSource.ReadBaby (request ["id"], user); switch (request.HttpMethod.ToUpper ()) { case "GET": if (b.HasPermission (user.Username, Permission.Types.READ)) { b.Events = DataSource.GetEventsForBaby (b, user); response.Write (b.ToJSON ()); } else { throw new AuthException ("You don't have permission to view this baby's data"); } break; case "POST": b.Permissions = DataSource.GetPermissionsForBaby (b, user); if(b.HasPermission(user.Username, Permission.Types.UPDATE)){ BabyEvent be = new BabyEvent ( b.Id, user.Username, String.IsNullOrEmpty (request ["eventtype"]) ? "UNKNOWN" : request ["eventtype"], String.IsNullOrEmpty (request ["subtype"]) ? "" : request ["subtype"], String.IsNullOrEmpty (request ["details"]) ? "" : request ["details"]); be = DataSource.CreateBabyEvent (be, user); b.Events.Add (be); response.Write (b.ToJSON()); } else { throw new AuthException ("You don't have permission to Update this baby's data"); } break; default: throw new NotSupportedException ("Unsupported HTTP Method"); break; } } else { throw new ArgumentNullException ("Baby id not specified as 'id'"); } }