private JsonDictionaryStringConstructor WritePartsRequestToOutput(PartsRequest request, MySqlDataManipulator manipulator, int companyId) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); var user = manipulator.GetUserById(request.UserId); if (user == null) { ret.SetMapping("DisplayName", "defaultUser"); } else { List <UserSettingsEntry> entries = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(user.Settings); ret.SetMapping("DisplayName", entries.Where(entry => entry.Key.Equals(UserSettingsEntryKeys.DisplayName)).First().Value); } List <int> referencedParts = JsonDataObjectUtil <List <int> > .ParseObject(request.ReferencedParts); JsonListStringConstructor partsConstructor = new JsonListStringConstructor(); foreach (int i in referencedParts) { var part = manipulator.GetPartCatalogueEntryById(companyId, i); if (part == null) { continue; } partsConstructor.AddElement(part.PartId); } ret.SetMapping("ReferencedParts", partsConstructor); ret.SetMapping("JobId", request.JobId); ret.SetMapping("Id", request.Id); return(ret); }
public void TestBadRequestOnAllEmptyFields() { try { MySqlDataManipulator manipulator = new MySqlDataManipulator(); using (manipulator) { manipulator.Connect(TestingConstants.ConnectionString); Assert.IsTrue(manipulator.RemoveUserByEmail(TestingUserStorage.ValidUser1.Email)); var creationMessage = new JsonDictionaryStringConstructor(); object[] contextAndRequest = ServerTestingMessageSwitchback.SwitchbackMessage( creationMessage, "POST"); var ctx = contextAndRequest[0] as HttpListenerContext; var req = contextAndRequest[1] as HttpWebRequest; HttpWebResponse resp; TestApi.POST(ctx); try { resp = req.EndGetResponse(contextAndRequest[2] as IAsyncResult) as HttpWebResponse; } catch (WebException e) { resp = e.Response as HttpWebResponse; } Assert.AreEqual(HttpStatusCode.BadRequest, resp.StatusCode); } } finally { TestingDatabaseCreationUtils.InitializeUsers(); } }
private JsonDictionaryStringConstructor WriteSafetyRequestToOutput(RequirementAdditionRequest request, MySqlDataManipulator connection, int companyId) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); var user = connection.GetUserById(request.UserId); if (user == null) { ret.SetMapping("DisplayName", "Unknown User"); } else { List <UserSettingsEntry> userSettings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(user.Settings); ret.SetMapping("DisplayName", userSettings.Where(entry => entry.Key.Equals(UserSettingsEntryKeys.DisplayName)).First().Value); } ret.SetMapping("RequestedAdditions", request.RequestedAdditions); var job = connection.GetDataEntryById(companyId, request.ValidatedDataId); if (job == null) { ret.SetMapping("JobId", "Unknown"); } else { ret.SetMapping("JobId", job.JobId); } ret.SetMapping("Id", request.Id); return(ret); }
/// <summary> /// Converts the input <see cref="CompanyId"></see> to JSON stored in a <see cref="JsonDictionaryStringConstructor"/> /// </summary> /// <remarks> /// JSON format is as follows: /// <code> /// { /// Id : int /// LegalName : string /// } /// </code> /// </remarks> /// <param name="idIn"></param> /// <returns></returns> private JsonDictionaryStringConstructor WriteCompanyIdToOutput(CompanyId idIn) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("Id", idIn.Id); ret.SetMapping("LegalName", idIn.LegalName); return(ret); }
public JsonDictionaryStringConstructor ConstructSecurityQuestionRequest(string loginToken, int userId) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("LoginToken", loginToken); ret.SetMapping("UserId", userId); return(ret); }
public JsonDictionaryStringConstructor ConstructCheckLoginStatusRequest(int userId, string loginToken) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("UserId", userId); ret.SetMapping("LoginToken", loginToken); return(ret); }
public JsonDictionaryStringConstructor ConstructLoginRequest() { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("Email", Email); ret.SetMapping("Password", Password); return(ret); }
public JsonDictionaryStringConstructor ConstructCheckAuthenticationStatusRequest(string loginToken, string authToken, int userId) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("LoginToken", loginToken); ret.SetMapping("AuthToken", authToken); ret.SetMapping("UserId", userId); return(ret); }
/// <summary> /// Generates a JSON string that matches the format of a RequirementsEntry object containing no requirements /// </summary> /// <returns>A JSON string that matches the format of a RequirementsEntry object containing no requirements</returns> public static string GenerateEmptyJson() { JsonDictionaryStringConstructor constructor = new JsonDictionaryStringConstructor(); constructor.SetMapping("Safety", new List <object>()); constructor.SetMapping("Parts", new List <object>()); constructor.SetMapping("Auxillary", new List <object>()); return(constructor.ToString()); }
public JsonDictionaryStringConstructor ConstructReportMessage(int userId, string loginToken, string authToken, string reportedName) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("UserId", userId); ret.SetMapping("LoginToken", loginToken); ret.SetMapping("AuthToken", authToken); ret.SetMapping("DisplayName", reportedName); return(ret); }
public JsonDictionaryStringConstructor ConstructDeletionRequest(int userId, string loginToken, string authToken, int entryId) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret["UserId"] = userId; ret["LoginToken"] = loginToken; ret["AuthToken"] = authToken; ret["PartEntryId"] = entryId; return(ret); }
private JsonDictionaryStringConstructor WriteSettingToOutput(CompanySettingsEntry entry) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("SettingValue", entry.SettingValue); ret.SetMapping("SettingKey", entry.SettingKey); ret.SetMapping("Id", entry.Id); ret.SetMapping("Options", GetOptionsForKey(entry.SettingKey)); return(ret); }
public JsonDictionaryStringConstructor ConstructCreationMessage() { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("Email", Email); ret.SetMapping("SecurityQuestion", SecurityQuestion); ret.SetMapping("SecurityAnswer", SecurityAnswer); ret.SetMapping("Password", Password); return(ret); }
public JsonDictionaryStringConstructor ConstructChangeSettingRequest(int userId, string loginToken, string authToken, string key, string newValue) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("UserId", userId); ret.SetMapping("LoginToken", loginToken); ret.SetMapping("AuthToken", authToken); ret.SetMapping("Key", key); ret.SetMapping("Value", newValue); return(ret); }
private JsonDictionaryStringConstructor ConvertUserToOutput(OverallUser toConvert) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("Access Level", toConvert.AccessLevel); ret.SetMapping("Email", toConvert.Email); ret.SetMapping("DatabaseId", toConvert.UserId); List <UserSettingsEntry> entries = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(toConvert.Settings); ret.SetMapping("Display Name", entries.Where(obj => obj.Key.Equals(UserSettingsEntryKeys.DisplayName)).First().Value); return(ret); }
/// <summary> /// Attempts to return a list of the top 3 most similar complaint groups from the database /// </summary> /// <param name="entryIn">The query to predict the most similar complaint groups of</param> /// <param name="manipulator">The object to use to access the database</param> /// <param name="companyId">The id of the company the request is being made for. Determines which tables to use in the database</param> /// <returns>Json formatted string that contains the top 3 complaint groups that are most similar to the query made, and their database ids</returns> public string ProcessQueryForComplaintGroups(RepairJobEntry entryIn, MySqlDataManipulator manipulator, int companyId, int numGroupsRequested = 3) { List <string> tokens = SentenceTokenizer.TokenizeSentence(entryIn.Complaint); List <List <string> > taggedTokens = KeywordTagger.Tag(tokens); List <string> keywords = KeywordPredictor.PredictKeywords(taggedTokens); KeywordExample example = new KeywordExample(); foreach (string keyword in keywords) { example.AddKeyword(keyword); } KeywordClusterer.Load(manipulator, companyId); List <int> groups = KeywordClusterer.PredictTopNSimilarGroups(example, numGroupsRequested); List <KeywordGroupEntry> companyComplaintGroups = manipulator.GetCompanyComplaintGroups(companyId); if (companyComplaintGroups == null) { throw new NullReferenceException("Company " + companyId + " complaint groups were not available in database"); } List <KeywordGroupEntry> ret = new List <KeywordGroupEntry>(); bool uncategorizedAdded = false; foreach (int i in groups) { if (i == 0 && !uncategorizedAdded) { ret.Add(new KeywordGroupEntry("Uncategorized") { Id = 0 }); uncategorizedAdded = true; } else if (i != 0) { companyComplaintGroups[i - 1].Id = i; ret.Add(companyComplaintGroups[i - 1]); } } JsonListStringConstructor constructor = new JsonListStringConstructor(); ret.ForEach(obj => constructor.AddElement(ConvertKeywordGroupEntry(obj))); return(constructor.ToString()); JsonDictionaryStringConstructor ConvertKeywordGroupEntry(KeywordGroupEntry e) { JsonDictionaryStringConstructor r = new JsonDictionaryStringConstructor(); r.SetMapping("GroupDefinition", e.GroupDefinition); r.SetMapping("Id", e.Id); return(r); } }
public JsonDictionaryStringConstructor ConstructAdditionRequest(int userId, string loginToken, string authToken) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret["UserId"] = userId; ret["LoginToken"] = loginToken; ret["AuthToken"] = authToken; ret["Make"] = Make; ret["Model"] = Model; ret["Year"] = Year; ret["PartId"] = PartId; ret["PartName"] = PartName; return(ret); }
public JsonDictionaryStringConstructor ConstructCreationMessage(int Userid, String LoginToken, String AuthToken, int dup) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); JsonDictionaryStringConstructor entry = new JsonDictionaryStringConstructor(); entry.SetMapping("JobId", JobId); entry.SetMapping("Make", Make); entry.SetMapping("Model", Model); entry.SetMapping("Complaint", Complaint); entry.SetMapping("Problem", Problem); ret.SetMapping("ContainedEntry", entry); ret.SetMapping("UserId", Userid); ret.SetMapping("LoginToken", LoginToken); ret.SetMapping("AuthToken", AuthToken); ret.SetMapping("Duplicate", dup); return(ret); }
public static object[] SwitchbackMessage(JsonDictionaryStringConstructor messageContentsIn, string httpRequestMethod) { var switchback = GetSwitchback(); var switchbackUri = SwitchbackUri.Replace("+", "localhost"); HttpWebRequest req = (HttpWebRequest)WebRequest.Create(switchbackUri); req.Method = httpRequestMethod; if (!req.Method.Equals("GET")) { Stream messageStream = req.GetRequestStream(); byte[] messageBytes = Encoding.UTF8.GetBytes(messageContentsIn.ToString()); req.ContentLength = messageBytes.Length; messageStream.Write(messageBytes, 0, messageBytes.Length); } var asyncState = req.BeginGetResponse(GetResponseCallback, null); return(new object[] { switchback.GetContext(), req, asyncState }); }
private JsonDictionaryStringConstructor WritePartCatelogueEntryToOutput(PartCatalogueEntry entryOut) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("Make", entryOut.Make); ret.SetMapping("Model", entryOut.Model); if (entryOut.Year == -1) { ret.SetMapping("Year", "Unknown"); } else { ret.SetMapping("Year", entryOut.Year); } ret.SetMapping("PartId", entryOut.PartId); ret.SetMapping("PartName", entryOut.PartName); return(ret); }
public string ProcessQueryForSimilarQueriesArchive(RepairJobEntry entryIn, MySqlDataManipulator manipulator, int companyId, int problemGroupId, int numRequested, int offset = 0) { List <string> tokens = SentenceTokenizer.TokenizeSentence(entryIn.Problem); List <List <string> > taggedTokens = KeywordTagger.Tag(tokens); List <string> keywords = KeywordPredictor.PredictKeywords(taggedTokens); KeywordExample example = new KeywordExample(); foreach (string keyword in keywords) { example.AddKeyword(keyword); } KeywordClusterer.Load(manipulator, companyId); List <int> groups = KeywordClusterer.PredictTopNSimilarGroups(example, 3); entryIn.ComplaintGroups = "[" + string.Join(',', groups) + "]"; List <RepairJobEntry> potentials = manipulator.GetDataEntriesByProblemGroup(companyId, problemGroupId); List <EntrySimilarity> ret = ProblemPredictor.GetQueryResults(entryIn, potentials, numRequested, offset); JsonListStringConstructor retConstructor = new JsonListStringConstructor(); ret.ForEach(obj => retConstructor.AddElement(ConvertEntrySimilarity(obj))); return(retConstructor.ToString()); JsonDictionaryStringConstructor ConvertEntrySimilarity(EntrySimilarity e) { JsonDictionaryStringConstructor r = new JsonDictionaryStringConstructor(); r.SetMapping("Make", e.Entry.Make); r.SetMapping("Model", e.Entry.Model); r.SetMapping("Complaint", e.Entry.Complaint); r.SetMapping("Problem", e.Entry.Problem); if (e.Entry.Year == -1) { r.SetMapping("Year", "Unknown"); } else { r.SetMapping("Year", e.Entry.Year); } r.SetMapping("Id", e.Entry.Id); r.SetMapping("Difference", e.Difference); return(r); } }
private JsonDictionaryStringConstructor ConvertForumPostToJson(UserToTextEntry forumPost, MySqlDataManipulator connection) { JsonDictionaryStringConstructor retConstructor = new JsonDictionaryStringConstructor(); var user = connection.GetUserById(forumPost.UserId); if (user == null) { retConstructor.SetMapping("DisplayName", "Unknown User"); } else { List <UserSettingsEntry> userSettings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(user.Settings); retConstructor.SetMapping("DisplayName", userSettings.Where(entry => entry.Key.Equals(UserSettingsEntryKeys.DisplayName)).First().Value); } retConstructor.SetMapping("PostText", forumPost.Text); retConstructor.SetMapping("ForumPostId", forumPost.Id); return(retConstructor); }
/// <summary> /// Converts the current RepairJobEntry into a JSON formatted representation of the object /// </summary> /// <remarks> /// <para>Format:</para> /// <code> /// { /// Make : string, /// Model : string, /// Complaint : string, /// Problem : string, /// Year : string, /// Id : int /// } /// </code> /// </remarks> /// <param name="e"></param> /// <returns><see cref="JsonDictionaryStringConstructor"/> storing the JSON data in the format displayed in the <c>remarks</c> section</returns> private JsonDictionaryStringConstructor ConvertEntry(RepairJobEntry e) { JsonDictionaryStringConstructor r = new JsonDictionaryStringConstructor(); r.SetMapping("Make", e.Make); r.SetMapping("Model", e.Model); r.SetMapping("Complaint", e.Complaint); r.SetMapping("Problem", e.Problem); if (e.Year == -1) { r.SetMapping("Year", "Unknown"); } else { r.SetMapping("Year", e.Year); } r.SetMapping("Id", e.Id); return(r); }
private JsonDictionaryStringConstructor WriteJoinRequestToOutput(JoinRequest requestIn, MySqlDataManipulator connection) { JsonDictionaryStringConstructor ret = new JsonDictionaryStringConstructor(); ret.SetMapping("Id", requestIn.Id); var user = connection.GetUserById(requestIn.UserId); if (user == null) { ret.SetMapping("DisplayName", "Unknown"); ret.SetMapping("Email", "Unknown"); } else { var userSettings = JsonDataObjectUtil <List <UserSettingsEntry> > .ParseObject(user.Settings); ret.SetMapping("DisplayName", userSettings.Where(entry => entry.Key.Equals(UserSettingsEntryKeys.DisplayName)).First().Value); ret.SetMapping("Email", user.Email); } return(ret); }
/// <summary> /// GET request format located in the Web Api Enumeration v2 /// under the tab Company/Forum, starting row 49 /// </summary> /// <param name="ctx">HttpListenerContext to respond to</param> private void HandleGetRequest(HttpListenerContext ctx) { try { #region Input Validation if (!ctx.Request.HasEntityBody) { WriteBodyResponse(ctx, 400, "Bad Request", "No Body"); return; } CompanyForumApiGetRequest entry = JsonDataObjectUtil <CompanyForumApiGetRequest> .ParseObject(ctx); if (!ValidateGetRequest(entry)) { WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format"); return; } #endregion //Otherwise we have a valid entry, validate user MySqlDataManipulator connection = new MySqlDataManipulator(); using (connection) { bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString()); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed"); return; } #region User Validation OverallUser mappedUser = connection.GetUserById(entry.UserId); if (mappedUser == null) { WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server"); return; } if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken)) { WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect."); return; } CompanySettingsEntry isPublicSetting = connection.GetCompanySettingsWhere(entry.CompanyId, "SettingKey=\"" + CompanySettingsKey.Public + "\"")[0]; bool isPublic = bool.Parse(isPublicSetting.SettingValue); if (!isPublic && mappedUser.Company != entry.CompanyId) { WriteBodyResponse(ctx, 401, "Not Authorized", "Cannot access other company's private data"); return; } #endregion #region Get Forum RepairJobEntry forumEntry = connection.GetDataEntryById(entry.CompanyId, entry.JobEntryId); if (forumEntry == null) { WriteBodyResponse(ctx, 404, "Not Found", "Job Data Entry was not found on the server"); return; } JsonListStringConstructor returnListConstructor = new JsonListStringConstructor(); JsonDictionaryStringConstructor repairJobConstructor = new JsonDictionaryStringConstructor(); repairJobConstructor.SetMapping("Make", forumEntry.Make); repairJobConstructor.SetMapping("Model", forumEntry.Model); if (forumEntry.Year == -1) { repairJobConstructor.SetMapping("Year", "Unknown"); } else { repairJobConstructor.SetMapping("Year", forumEntry.Year); } repairJobConstructor.SetMapping("Complaint", forumEntry.Complaint); repairJobConstructor.SetMapping("Problem", forumEntry.Problem); RequirementsEntry repairJobRequirements = RequirementsEntry.ParseJsonString(forumEntry.Requirements); List <string> auxillaryRequirements = new List <string>(repairJobRequirements.Auxillary.Select(req => req.Requirement)); repairJobConstructor.SetMapping("AuxillaryRequirements", auxillaryRequirements); repairJobConstructor.SetMapping("PartRequirements", repairJobRequirements.Parts); repairJobConstructor.SetMapping("SafetyRequirements", repairJobRequirements.Safety); returnListConstructor.AddElement(repairJobConstructor); List <UserToTextEntry> forumPosts = connection.GetForumPosts(mappedUser.Company, entry.JobEntryId); if (forumPosts == null) { WriteBodylessResponse(ctx, 404, "Not Found"); return; } forumPosts.ForEach(post => returnListConstructor.AddElement(ConvertForumPostToJson(post, connection))); WriteBodyResponse(ctx, 200, "OK", returnListConstructor.ToString(), "application/json"); #endregion } } catch (HttpListenerException) { //HttpListeners dispose themselves when an exception occurs, so we can do no more. } catch (Exception e) { WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message); } }
/// <summary> /// Request for a user to receive authentication to make edits to content they have access to. Documention is found in the Web API Enumeration file /// in the /RepairJob/Requirements tab, starting at row 21 /// </summary> /// <param name="ctx">The HttpListenerContext to respond to</param> private void HandlePutRequest(HttpListenerContext ctx) { try { #region Input Validation if (!ctx.Request.HasEntityBody) { WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body"); return; } string reqString = new StreamReader(ctx.Request.InputStream).ReadToEnd(); AuthenticationRequest req = JsonDataObjectUtil <AuthenticationRequest> .ParseObject(reqString); if (req == null) { WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format"); return; } if (!ValidateAuthenticationRequest(req)) { AuthenticationCheckRequest req2 = JsonDataObjectUtil <AuthenticationCheckRequest> .ParseObject(reqString); if (req2 != null && ValidateAuthCheckRequest(req2)) { HandleAuthCheckRequest(ctx, req2); return; } WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields of the request were filled"); return; } #endregion MySqlDataManipulator connection = new MySqlDataManipulator(); using (connection) { bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString()); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed"); return; } #region User Validation var user = connection.GetUserById(req.UserId); if (user == null) { WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server"); return; } if (!UserVerificationUtil.LoginTokenValid(user, req.LoginToken)) { WriteBodyResponse(ctx, 401, "Unauthorized", "Login Token is incorrect or expired"); return; } if (!UserVerificationUtil.VerifyAuthentication(user, req.SecurityQuestion, req.SecurityAnswer)) { WriteBodyResponse(ctx, 401, "Unauthorized", "Security Answer was incorrect"); return; } #endregion #region Action Handling LoginStatusTokens tokens = UserVerificationUtil.ExtractLoginTokens(user); UserVerificationUtil.GenerateNewAuthToken(tokens); if (!connection.UpdateUsersLoginToken(user, tokens)) { WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Failed to write login token to database"); return; } JsonDictionaryStringConstructor retConstructor = new JsonDictionaryStringConstructor(); retConstructor.SetMapping("token", tokens.AuthToken); WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString()); #endregion } } catch (HttpListenerException) { //HttpListeners dispose themselves when an exception occurs, so we can do no more. } catch (Exception e) { WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message); } }
/// <summary> /// Request for a user to log in using their email and password. Documention is found in the Web API Enumeration file /// in the /RepairJob/Requirements tab, starting at row 21 /// </summary> /// <param name="ctx">The HttpListenerContext to respond to</param> public void HandlePutRequest(HttpListenerContext ctx) { try { #region Input Validation if (!ctx.Request.HasEntityBody) { WriteBodyResponse(ctx, 400, "No Body", "Request lacked a body"); return; } string reqString = new StreamReader(ctx.Request.InputStream).ReadToEnd(); UserLoginRequest req = JsonDataObjectUtil <UserLoginRequest> .ParseObject(reqString); if (req == null) { WriteBodyResponse(ctx, 400, "Incorrect Format", "Request was in the wrong format"); return; } if (!ValidateLoginRequest(req)) { UserCheckLoginStatusRequest req2 = JsonDataObjectUtil <UserCheckLoginStatusRequest> .ParseObject(reqString); if (req2 != null && ValidateCheckLoginRequest(req2)) { HandleCheckLoginRequest(ctx, req2); return; } WriteBodyResponse(ctx, 400, "Incorrect Format", "Not all fields of the request were filled"); return; } #endregion MySqlDataManipulator connection = new MySqlDataManipulator(); using (connection) { bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString()); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed"); return; } #region Action Handling var users = connection.GetUsersWhere(" Email = \"" + req.Email + "\""); if (users.Count == 0) { WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server"); return; } if (!UserVerificationUtil.VerifyLogin(users[0], req.Email, req.Password)) { WriteBodyResponse(ctx, 401, "Unauthorized", "Email or password was incorrect"); return; } OverallUser loggedInUser = users[0]; LoginStatusTokens tokens = UserVerificationUtil.ExtractLoginTokens(loggedInUser); UserVerificationUtil.GenerateNewLoginToken(tokens); if (!connection.UpdateUsersLoginToken(loggedInUser, tokens)) { WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Failed to write login token to database"); return; } JsonDictionaryStringConstructor retConstructor = new JsonDictionaryStringConstructor(); retConstructor.SetMapping("token", tokens.LoginToken); retConstructor.SetMapping("userId", loggedInUser.UserId); retConstructor.SetMapping("accessLevel", loggedInUser.AccessLevel); WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString(), "application/json"); #endregion } } catch (HttpListenerException) { //HttpListeners dispose themselves when an exception occurs, so we can do no more. } catch (Exception e) { WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message); } }
/// <summary> /// Request for adding a repair job entry. Documention is found in the Web API Enumeration file /// in the /RepairJob tab, starting at row 1 /// </summary> /// <param name="ctx">The HttpListenerContext to respond to</param> private void HandlePostRequest(HttpListenerContext ctx) { try { #region Input Validation if (!ctx.Request.HasEntityBody) { WriteBodyResponse(ctx, 400, "Bad Request", "No Body"); return; } RepairJobApiRequest entry = JsonDataObjectUtil <RepairJobApiRequest> .ParseObject(ctx); if (!ValidateFullRequest(entry)) { WriteBodyResponse(ctx, 400, "Bad Request", "Incorrect Format"); return; } #endregion //Otherwise we have a valid entry, validate user MySqlDataManipulator connection = new MySqlDataManipulator(); using (connection) { bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString()); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected ServerError", "Connection to database failed"); return; } #region User Validation OverallUser mappedUser = connection.GetUserById(entry.UserId); if (mappedUser == null) { WriteBodyResponse(ctx, 404, "Not Found", "User was not found on the server"); return; } if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken)) { WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect."); return; } if (!UserVerificationUtil.AuthTokenValid(mappedUser, entry.AuthToken)) { WriteBodyResponse(ctx, 401, "Not Authorized", "Auth token was expired or incorrect"); return; } #endregion #region Input Sanitation if (entry.ContainedEntry.Complaint.Contains('<')) { WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks"); return; } if (entry.ContainedEntry.Problem.Contains('<')) { WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks"); return; } if (entry.ContainedEntry.Make.Contains('<')) { WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks"); return; } if (entry.ContainedEntry.Model.Contains('<')) { WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks"); return; } if (entry.ContainedEntry.JobId.Contains('<')) { WriteBodyResponse(ctx, 400, "Bad Request", "Request contained the < character, which is disallowed due to cross site scripting attacks"); return; } #endregion #region Action Handling #region Forced Upload if (!(entry.Duplicate == 0)) { //Now that we know the user is good, actually do the addition. res = connection.AddDataEntry(mappedUser.Company, entry.ContainedEntry); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message); return; } WriteBodylessResponse(ctx, 200, "OK"); } #endregion else { //test if there exists similar string whereString = "Make =\"" + entry.ContainedEntry.Make + "\" AND " + "Model =\"" + entry.ContainedEntry.Model + "\""; //whereString += "AND"+entry.ContainedEntry.Year+">="+(entry.ContainedEntry.Year-2)+"AND"+entry.ContainedEntry.Year+"<="+(entry.ContainedEntry.Year+2); List <RepairJobEntry> dataCollectionsWhere = connection.GetDataEntriesWhere(mappedUser.Company, whereString, true); List <RepairJobEntry> data2 = connection.GetDataEntriesWhere(mappedUser.Company, whereString, false); foreach (RepairJobEntry x in data2) { dataCollectionsWhere.Add(x); } #region No Similar Jobs //if none force through if (dataCollectionsWhere.Count == 0) { res = connection.AddDataEntry(mappedUser.Company, entry.ContainedEntry); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message); return; } WriteBodylessResponse(ctx, 200, "OK"); } #endregion #region Similar Jobs Return //if yes 409 with similar jobs else { JsonListStringConstructor retConstructor = new JsonListStringConstructor(); List <EntrySimilarity> ret = getSimilar(entry.ContainedEntry, dataCollectionsWhere, 3); if (ret.Count == 0) { res = connection.AddDataEntry(mappedUser.Company, entry.ContainedEntry); if (!res) { WriteBodyResponse(ctx, 500, "Unexpected Server Error", connection.LastException.Message); return; } WriteBodylessResponse(ctx, 200, "OK"); } ret.ForEach(obj => retConstructor.AddElement(ConvertEntrySimilarity(obj))); WriteBodyResponse(ctx, 409, "Conflict", retConstructor.ToString(), "application/json"); JsonDictionaryStringConstructor ConvertEntrySimilarity(EntrySimilarity e) { JsonDictionaryStringConstructor r = new JsonDictionaryStringConstructor(); r.SetMapping("Make", e.Entry.Make); r.SetMapping("Model", e.Entry.Model); r.SetMapping("Complaint", e.Entry.Complaint); r.SetMapping("Problem", e.Entry.Problem); if (e.Entry.Year == -1) { r.SetMapping("Year", "Unknown"); } else { r.SetMapping("Year", e.Entry.Year); } r.SetMapping("Id", e.Entry.Id); return(r); } } #endregion } #endregion } } catch (HttpListenerException) { //HttpListeners dispose themselves when an exception occurs, so we can do no more. } catch (Exception e) { WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message); } }