// POST: api/Courses
public async Task <IHttpActionResult> PostCourse()
{
if (!Request.Content.IsMimeMultipartContent())
{
return(StatusCode(HttpStatusCode.UnsupportedMediaType));
}
var filesReadToProvider = await Request.Content.ReadAsMultipartAsync();
var jsonCourse = await filesReadToProvider.Contents[0].ReadAsStringAsync();
Course course = JsonConvert.DeserializeObject <Course>(jsonCourse, new CourseJsonConverter()
{
DbContext = db
});
if (filesReadToProvider.Contents.Count > 1)
{
var imageBytes = await filesReadToProvider.Contents[1].ReadAsByteArrayAsync();
course.ImageUrl = ImageController.SaveImage(imageBytes, Request, db);
}
db.Courses.Add(course);
db.SaveChanges();
return(Created(Request.RequestUri.ToString() + "/" + course.Id, course));
}
public IHttpActionResult PostComment(int postId, Comment comment)
{
Post post = db.Posts.Find(postId);
if (post == null)
{
var resp = new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent(
string.Format("Post with ID = {0} doesn't exist", postId)
)
};
throw new HttpResponseException(resp);
}
int userId = JwtAuthManager.GetUserIdFromRequest(Request);
comment.UserDetails = db.Users.Find(userId).UserDetails;
post.Comments.Add(comment);
InitPopularityIfAbsent(userId, post.Course);
db.SaveChanges();
return(Ok(comment));
}
public IHttpActionResult PostNewPost(int courseId, Post post)
{
Course course = db.Courses.Find(courseId);
if (course == null)
{
var resp = new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent(
string.Format("Cannot add post. Course with ID = {0} doesn't exist", courseId)
)
};
throw new HttpResponseException(resp);
}
post.CreatedAt = DateTime.Now;
int userId = JwtAuthManager.GetUserIdFromRequest(Request);
post.UserDetailsId = userId;
course.Posts.Add(post);
InitPopularityIfAbsent(userId, course);
db.SaveChanges();
return(Ok(post));
}
public IHttpActionResult PutStaff(int id, Staff staffRequest)
{
if (id != staffRequest.Id || !StaffExists(id))
{
return(BadRequest());
}
Staff staff = db.Staffs.Find(id);
staff.FirstName = staffRequest.FirstName;
staff.LastName = staffRequest.LastName;
staff.Title = staffRequest.Title;
staff.DetailsUrl = staffRequest.DetailsUrl;
db.SaveChanges();
return(Ok(staff));
}
public static string SaveImage(byte[] data, HttpRequestMessage req, StudentHelperContext dbContext)
{
var image = new Image {
ImageData = data
};
dbContext.Images.Add(image);
dbContext.SaveChanges();
return(string.Format("http://{0}:{1}/api/image/{2}", req.RequestUri.Host, req.RequestUri.Port, image.Id));
}
public static void DeleteImage(int id, StudentHelperContext dbContext)
{
Image image = dbContext.Images.Find(id);
if (image != null)
{
dbContext.Images.Remove(image);
dbContext.SaveChanges();
}
}
public IHttpActionResult PostNewUser(UserDTO userRequest)
{
if (!IsEmailAvailable(userRequest.Email))
{
var resp = new HttpResponseMessage(HttpStatusCode.MethodNotAllowed)
{
Content = new StringContent("Веќе постои корисник со внесената email адреса")
};
throw new HttpResponseException(resp);
}
byte[] salt;
rngCsp.GetBytes(salt = new byte[16]);
var pdkdf2 = new Rfc2898DeriveBytes(userRequest.Password, salt, 1000);
byte[] hash = pdkdf2.GetBytes(20);
byte[] hashBytes = new byte[36];
Array.Copy(salt, 0, hashBytes, 0, 16);
Array.Copy(hash, 0, hashBytes, 16, 20);
byte[] confirmationCode;
rngCsp.GetBytes(confirmationCode = new byte[10]);
User user = new User {
Email = userRequest.Email,
Password = Convert.ToBase64String(hashBytes),
Salt = Convert.ToBase64String(salt),
Role = "unconfirmed",
ConfirmationCode = Convert.ToBase64String(confirmationCode),
UserDetails = new UserDetails {
FirstName = userRequest.FirstName, LastName = userRequest.LastName
}
};
db.Users.Add(user);
db.SaveChanges();
ConfirmationMail.SendConfirmationEmail(user, Request);
return(Ok("Account successfully created"));
}
