public HttpResponseMessage SetCurrentStatus(StatusInput statusInput) { if (this.ModelState.IsValid) { try { ActionLog log = null; if (statusInput.Rto == 0) { log = _actionLogsService.SetUserAction(UserId, DepartmentId, statusInput.Typ, statusInput.Geo, statusInput.Not); } else if (statusInput.Dtp == 0) { log = _actionLogsService.SetUserAction(UserId, DepartmentId, statusInput.Typ, statusInput.Geo, statusInput.Rto, statusInput.Not); } else { log = _actionLogsService.SetUserAction(UserId, DepartmentId, statusInput.Typ, statusInput.Geo, statusInput.Rto, statusInput.Dtp, statusInput.Not); } OutboundEventProvider.PersonnelStatusChangedTopicHandler handler = new OutboundEventProvider.PersonnelStatusChangedTopicHandler(); handler.Handle(new UserStatusEvent() { DepartmentId = DepartmentId, Status = log }); return(Request.CreateResponse(HttpStatusCode.Created)); } catch (Exception ex) { Logging.LogException(ex); throw HttpStatusCode.InternalServerError.AsException(); } } throw HttpStatusCode.BadRequest.AsException(); }
public HttpResponseMessage PostStatusForUser(StatusInput statusInput) { if (this.ModelState.IsValid) { try { var userToSetStatusFor = _departmentsService.GetDepartmentMember(statusInput.Uid, DepartmentId); if (userToSetStatusFor == null) { throw HttpStatusCode.NotFound.AsException(); } if (!_authorizationService.IsUserValidWithinLimits(statusInput.Uid, DepartmentId)) { throw HttpStatusCode.Unauthorized.AsException(); } if (!_authorizationService.IsUserValidWithinLimits(userToSetStatusFor.UserId, DepartmentId)) { throw HttpStatusCode.Unauthorized.AsException(); } if (DepartmentId != userToSetStatusFor.DepartmentId) { throw HttpStatusCode.Unauthorized.AsException(); } // TODO: We need to check here if the user is a department admin, or the admin that the user is a part of ActionLog log = null; if (statusInput.Rto == 0) { log = _actionLogsService.SetUserAction(statusInput.Uid, DepartmentId, statusInput.Typ, statusInput.Geo); } else if (statusInput.Dtp == 0) { log = _actionLogsService.SetUserAction(statusInput.Uid, DepartmentId, statusInput.Typ, statusInput.Geo, statusInput.Rto, statusInput.Not); } else { log = _actionLogsService.SetUserAction(statusInput.Uid, DepartmentId, statusInput.Typ, statusInput.Geo, statusInput.Rto); } OutboundEventProvider.PersonnelStatusChangedTopicHandler handler = new OutboundEventProvider.PersonnelStatusChangedTopicHandler(); handler.Handle(new UserStatusEvent() { DepartmentId = DepartmentId, Status = log }); var response = Request.CreateResponse(HttpStatusCode.Created); response.Headers.Add("Access-Control-Allow-Origin", "*"); response.Headers.Add("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS"); return(response); } catch (Exception ex) { Logging.LogException(ex); throw HttpStatusCode.InternalServerError.AsException(); } } throw HttpStatusCode.BadRequest.AsException(); }