/// <summary>
/// GET request format located in the Web Api Enumeration v2
/// under the tab Company/Safety/Request, starting row 23
/// </summary>
/// <param name="ctx">HttpListenerContext to respond to</param>
private void HandleGetRequest(HttpListenerContext ctx, CompanySafetyRequestApiGetRequest entry)
{
try
{
MySqlDataManipulator connection = new MySqlDataManipulator();
using (connection)
{
bool res = connection.Connect(MySqlDataManipulator.GlobalConfiguration.GetConnectionString());
if (!res)
{
WriteBodyResponse(ctx, 500, "Unexpected Server Error", "Connection to database failed");
return;
}
#region User Validation
OverallUser mappedUser = connection.GetUserById(entry.UserId);
if (mappedUser == null)
{
WriteBodyResponse(ctx, 404, "Not Found", "User was not found on on the server");
return;
}
if (!UserVerificationUtil.LoginTokenValid(mappedUser, entry.LoginToken))
{
WriteBodyResponse(ctx, 401, "Not Authorized", "Login token was incorrect.");
return;
}
if (!UserVerificationUtil.AuthTokenValid(mappedUser, entry.AuthToken))
{
WriteBodyResponse(ctx, 401, "Not Authorized", "Auth token was ezpired or incorrect");
return;
}
if ((mappedUser.AccessLevel & AccessLevelMasks.SafetyMask) == 0)
{
WriteBodyResponse(ctx, 401, "Not Authorized", "User was not a parts level user");
return;
}
#endregion
#region Action Handling
List <RequirementAdditionRequest> requests = connection.GetSafetyAdditionRequests(mappedUser.Company);
JsonListStringConstructor retConstructor = new JsonListStringConstructor();
requests.ForEach(req => retConstructor.AddElement(WriteSafetyRequestToOutput(req, connection, mappedUser.Company)));
WriteBodyResponse(ctx, 200, "OK", retConstructor.ToString());
#endregion
}
}
catch (Exception e)
{
WriteBodyResponse(ctx, 500, "Internal Server Error", e.Message);
}
}