public IHttpActionResult PostSurvey(SurveyViewModel surveyViewModel)
{
if (ModelState.IsValid)
{
try
{
var surveyDto = (ISurveyDTO)DTOFactory.Instance.Create(DTOType.Survey);
DTOConverter.FillDTOFromViewModel(surveyDto, surveyViewModel);
var surveyBdc = (ISurveyBDC)BDCFactory.Instance.Create(BDCType.Survey);
TokenIdentityHelper.FillTokenInfo(surveyDto, Request);
surveyDto.CreatedOn = DateTime.Now;
surveyDto.SurveyTitle = surveyViewModel.SurveyTitle;
var result = surveyBdc.CreateSurvey(surveyDto);
if (result.IsValid())
{
if (result.Data.Id > 0)
{
surveyViewModel.Id = result.Data.Id;
return(Ok(surveyViewModel));
}
}
return(BadRequest(ModelState));
}
catch (Exception ex)
{
//todo log the message
return(Error(HttpStatusCode.InternalServerError, "survey", "An internal error has occurred."));
}
}
else
{
return(BadRequest(ModelState));
}
}
public async Task <IHttpActionResult> GetSingleEvent(string sub)
{
try
{
await Task.FromResult(0);
var ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
if (string.IsNullOrEmpty(ownerId))
{
return(StatusCode(HttpStatusCode.Forbidden));
}
var @event = _eventService.GetSingleEvent(sub);
// return a dto
return(Ok(@event));
}
catch (Exception ex)
{
Log.Logger.Error(ex, "During EventsController.GetSingleEvent");
return(InternalServerError());
}
}
public IHttpActionResult GetAccountRequests(bool active)
{
try
{
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
var acctRequests = this.repository.GetAccountRequests();
var roles = this.repository.GetRoles();
var users = this.repository.GetUserProfiles(active);
var churches = this.churchRepository.GetList(false, userId);
var usersInfo = new
{
config = new { churches = churches, roles = roles },
acctRequests = acctRequests,
users = users,
};
return(Ok(usersInfo));
}
catch (Exception ex)
{
ErrorHelper.ProcessError(this.logger, ex, nameof(GetAccountRequests));
return(InternalServerError(ex));
}
}
public IHttpActionResult Post([FromBody] DTO.TripForCreation tripForCreation)
{
string ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
using (var uow = new CreateTrip(ownerId))
{
var uowResult = uow.Execute(tripForCreation);
switch (uowResult.Status)
{
case UnitOfWork.UnitOfWorkStatus.Ok:
return(Created <DTO.Trip>
(Request.RequestUri + "/" + uowResult.Result.Id.ToString(), uowResult.Result));
case UnitOfWork.UnitOfWorkStatus.Forbidden:
return(StatusCode(HttpStatusCode.Forbidden));
case UnitOfWork.UnitOfWorkStatus.Invalid:
return(BadRequest());
default:
return(InternalServerError());
}
}
}
public async Task <IHttpActionResult> Post([FromBody] CarForCreation carForCreation)
{
try
{
await Task.FromResult(0);
if (carForCreation == null)
{
return(BadRequest());
}
var ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
if (ownerId == null)
{
return(StatusCode(HttpStatusCode.Forbidden));
}
var car = _carService.CreateCarForEvent(ownerId, carForCreation);
return(Created
(Request.RequestUri + "/" + car.CarId, HttpStatusCode.Created));
}
catch (Exception ex)
{
Log.Logger.Error(ex, "During CarsController.Post");
return(InternalServerError());
}
}
public IHttpActionResult Get(Guid tripId)
{
try
{
string ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
using (var uow = new GetPictures(ownerId, tripId))
{
var uowResult = uow.Execute();
switch (uowResult.Status)
{
case UnitOfWork.UnitOfWorkStatus.Ok:
return(Ok(uowResult.Result));
case UnitOfWork.UnitOfWorkStatus.NotFound:
return(NotFound());
case UnitOfWork.UnitOfWorkStatus.Forbidden:
return(StatusCode(HttpStatusCode.Forbidden));
default:
return(InternalServerError());
}
}
}
catch (Exception)
{
return(InternalServerError());
}
}
public IHttpActionResult Post(Guid tripId, [FromBody] DTO.PictureForCreation pictureForCreation)
{
try
{
string ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
using (var uow = new CreatePicture(ownerId, tripId))
{
var uowResult = uow.Execute(pictureForCreation);
switch (uowResult.Status)
{
case UnitOfWork.UnitOfWorkStatus.Ok:
return(Created <DTO.Picture>
(Request.RequestUri + "/" + uowResult.Result.Id.ToString(), uowResult.Result));
case UnitOfWork.UnitOfWorkStatus.Invalid:
return(BadRequest());
case UnitOfWork.UnitOfWorkStatus.NotFound:
return(NotFound());
case UnitOfWork.UnitOfWorkStatus.Forbidden:
return(StatusCode(HttpStatusCode.Forbidden));
default:
return(InternalServerError());
}
}
}
catch (Exception)
{
return(InternalServerError());
}
}
public IHttpActionResult Post([FromBody] Dictionary <string, string> claimsIdentity)
{
try
{
var ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
//using (var uow = new CreateEvent(ownerId))
//{
// var uowResult = uow.Execute(tripForCreation);
// switch (uowResult.Status)
// {
// case UnitOfWorkStatus.Ok:
// return Created
// (Request.RequestUri + "/" + uowResult.Result.Id, uowResult.Result);
// case UnitOfWorkStatus.Forbidden:
// return StatusCode(HttpStatusCode.Forbidden);
// case UnitOfWorkStatus.Invalid:
// return BadRequest();
// default:
// return InternalServerError();
// }
//}
return(Ok());
}
catch (Exception)
{
return(InternalServerError());
}
}
public IHttpActionResult GetMetadata(int churchId)
{
try
{
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
var response = _repository.GetMetadata(churchId, userId);
var metadata = response.Entity;
var ret = new
{
MemberList = metadata.Members.Select(m => new { Id = m.id, Desc = $"{m.FirstName} {m.LastName}".Trim() }),
TeamTypes = metadata.EnumTypes,
TeamEnums = metadata.Enums,
ChurchList = metadata.Churches.Select(c => new { Id = c.id, Name = c.Name }),
};
return(Ok(ret));
}
catch (Exception ex)
{
ErrorHelper.ProcessError(_logger, ex, nameof(GetMetadata));
return(InternalServerError());
}
}
public IHttpActionResult Delete(Guid tripId, Guid pictureId)
{
try
{
// the user can delete. But can he also delete THIS picture?
string ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
using (var uow = new DeletePicture(ownerId, tripId, pictureId))
{
var uowResult = uow.Execute();
switch (uowResult.Status)
{
case UnitOfWork.UnitOfWorkStatus.Ok:
return(StatusCode(HttpStatusCode.NoContent));
case UnitOfWork.UnitOfWorkStatus.Invalid:
return(BadRequest());
case UnitOfWork.UnitOfWorkStatus.NotFound:
return(NotFound());
case UnitOfWork.UnitOfWorkStatus.Forbidden:
return(StatusCode(HttpStatusCode.Forbidden));
default:
return(InternalServerError());
}
}
}
catch (Exception)
{
return(InternalServerError());
}
}
public async Task <IHttpActionResult> Get()
{
try
{
await Task.FromResult(0);
var ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
if (ownerId == null)
{
return(StatusCode(HttpStatusCode.Forbidden));
}
Log.Logger.Debug("EventRepository.GetEvents.Execute(4)");
var events = _eventService.GetEvents(ownerId);
// return a dto
return(Ok(events));
}
catch (Exception ex)
{
Log.Logger.Error(ex, "During EventsController.Get");
return(InternalServerError());
}
}
public IHttpActionResult Get()
{
try
{
string ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
using (var uow = new GetTrips(ownerId))
{
var uowResult = uow.Execute();
switch (uowResult.Status)
{
case UnitOfWork.UnitOfWorkStatus.Ok:
return(Ok(uowResult.Result));
default:
return(InternalServerError());
}
}
}
catch (Exception)
{
return(InternalServerError());
}
}
public async Task <IHttpActionResult> Put([FromBody] Event @event)
{
try
{
await Task.FromResult(0);
var ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
if (@event == null)
{
return(BadRequest());
}
if (ownerId == null || ownerId != @event.OwnerId)
{
return(Unauthorized());
}
var updatedEvent = _eventService.UpdateEvent(@event);
// return a dto
return(Ok(updatedEvent));
}
catch (Exception ex)
{
Log.Logger.Error(ex, "During EventsController.Put");
return(InternalServerError());
}
}
public async Task <IHttpActionResult> GetMetadata()
{
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
var metadata = this.repo.GetMetadata(userId);
var result = new {
churches = metadata.Churches,
enums = metadata.Enums
};
return(Ok(result));
}
public IHttpActionResult GetMetadata(int churchId)
{
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
var metadata = this.repository.GetMetadata(churchId, userId);
var ret = new
{
StatusList = metadata.Enums.Where(i => i.AppEnumTypeName == "MemberStatus").ToArray(),
MemberList = metadata.Members.Select(m => new { Id = m.id, Name = m.FullName, TeamId = m.TeamId }),
TeamList = metadata.Teams.Select(t => new { Id = t.Id, Name = t.Name }),
ChurchList = metadata.Churches.Select(c => new { Id = c.id, Name = c.Name })
};
return(Ok(ret));
}
public IHttpActionResult GetUser()
{
try
{
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
var userProfile = this.repository.GetUserProfile(userId);
return(Ok(userProfile));
}
catch (Exception ex)
{
ErrorHelper.ProcessError(this.logger, ex, nameof(GetUser));
return(InternalServerError(ex));
}
}
public async Task <IHttpActionResult> Post([FromBody] EventForCreation eventForCreation)
{
try
{
await Task.FromResult(0);
var ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
if (eventForCreation == null)
{
return(BadRequest());
}
if (ownerId == null)
{
return(StatusCode(HttpStatusCode.Forbidden));
}
// map to entity
var @event = Mapper.Map <EventForCreation, Event>(eventForCreation);
// create guid
var id = Guid.NewGuid();
@event.EventId = id;
@event.OwnerId = ownerId;
@event.Cars = new Collection <Car>();
var addedEvent = _eventService.AddEvent(@event);
// return a dto
return(Ok(addedEvent));
}
catch (Exception ex)
{
Log.Logger.Error(ex, "During EventsController.Post");
return(InternalServerError());
}
}
public IHttpActionResult ProcessAccountRequest(AccountRequest accountRequest)
{
try
{
// example of how to get the user's id
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
accountRequest.ReviewerUserId = userId;
var identityId = this.repository.ProcessAccountRequest(accountRequest);
var user = this.repository.GetUserProfile(identityId);
// return the new user
return(Ok(user));
}
catch (Exception ex)
{
ErrorHelper.ProcessError(this.logger, ex, nameof(GetAccountRequests));
return(InternalServerError(ex));
}
}
public IHttpActionResult GetProfileMetadata(int churchId)
{
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
var list = _repository.GetProfileMetadata(churchId, userId);
var ret = new
{
UserChurches = list.Where(i => i.AppEnumTypeName == "UserChurches").ToArray(),
ChurchList = list.Where(i => i.AppEnumTypeName == "Churches").ToArray(),
MemberList = list.Where(i => i.AppEnumTypeName == "Members").ToArray(),
TeamList = list.Where(i => i.AppEnumTypeName == "Teams").ToArray(),
ContactInfoTypeList = list.Where(i => i.AppEnumTypeName == "ContactInfoType").ToArray(),
ContactInfoLocationTypeList = list.Where(i => i.AppEnumTypeName == "ContactInfoLocationType").ToArray(),
PhoneTypeList = list.Where(i => i.AppEnumTypeName == "PhoneType").ToArray(),
MemberStatusChangeTypeList = list.Where(i => i.AppEnumTypeName == "MemberStatusChangeType").ToArray(),
MemberStatusList = list.Where(i => i.AppEnumTypeName == "MemberStatus").ToArray(),
MemberTypeList = list.Where(i => i.AppEnumTypeName == "MemberType").ToArray(),
ActivityTypeList = list.Where(i => i.AppEnumTypeName == "ActivityType").ToArray(),
ActivityResponseType = list.Where(i => i.AppEnumTypeName == "ActivityResponseType").ToArray()
};
return(Ok(ret));
}
public async Task <HttpResponseMessage> UploadFile()
{
// https://stackoverflow.com/questions/10320232/how-to-accept-a-file-post
HttpRequestMessage request = this.Request;
if (!request.Content.IsMimeMultipartContent())
{
throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);
}
string root = System.Web.HttpContext.Current.Server.MapPath("~/App_Data/uploads");
var provider = new MultipartFormDataStreamProvider(root);
// Reference this for large file uploads:
// https://www.strathweb.com/2012/09/dealing-with-large-files-in-asp-net-web-api/
var files = await Request.Content.ReadAsMultipartAsync(provider);
var localFilePath = provider.FileData.First().LocalFileName;
System.IO.File.Move(localFilePath, $"{localFilePath}.mdb");
localFilePath += ".mdb";
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
try
{
await Task.Run(() => { this.importService.ImportMdbFile(localFilePath, userId); });
return(await Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK)));
}
catch (Exception ex)
{
return(await Task.FromResult(new HttpResponseMessage(HttpStatusCode.InternalServerError)));
}
}
public IHttpActionResult Patch(Guid tripId,
[FromBody] Marvin.JsonPatch.JsonPatchDocument <DTO.Trip> tripPatchDocument)
{
try
{
// is the user allowed to update THIS trip? => check in UnitOfWork
string ownerId = TokenIdentityHelper.GetOwnerIdFromToken();
using (var uow = new PartiallyUpdateTrip(ownerId, tripId))
{
var uowResult = uow.Execute(tripPatchDocument);
switch (uowResult.Status)
{
case UnitOfWork.UnitOfWorkStatus.Ok:
return(Ok(uowResult.Result));
case UnitOfWork.UnitOfWorkStatus.Invalid:
return(BadRequest());
case UnitOfWork.UnitOfWorkStatus.Forbidden:
return(StatusCode(HttpStatusCode.Forbidden));
case UnitOfWork.UnitOfWorkStatus.NotFound:
return(NotFound());
default:
return(InternalServerError());
}
}
}
catch (Exception)
{
return(InternalServerError());
}
}
public IHttpActionResult Get(int churchId, string statusIds, int page = 1, int pageSize = 10000)
{
try
{
// example of how to get the user's id
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
if (churchId == 0)
{
return(BadRequest());
}
if (string.IsNullOrWhiteSpace(statusIds))
{
statusIds = "49-50";
}
var idlist = statusIds.Split(new[] { '-' }, StringSplitOptions.RemoveEmptyEntries);
var list = _repository.GetList(churchId, Array.ConvertAll <string, int>(idlist, int.Parse));
var totalCount = list.Count();
var totalPages = (int)Math.Ceiling((decimal)totalCount / pageSize);
// add pagination infor to the response header
var urlHelper = new UrlHelper(Request);
var prevLink = page > 1 ? urlHelper.Link("Get"
, new {
churchId = churchId
, statusIds = statusIds
, page = page - 1
, pageSize = pageSize
}) : "";
var nextLink = page < totalPages?urlHelper.Link("Get"
, new
{
churchId = churchId
, statusIds = statusIds
, page = page + 1
, pageSize = pageSize
}) : "";
var paginationHeader = new
{
currentPage = page,
pageSize = pageSize,
totalCount = totalCount,
totalPages = totalPages,
previousPageLink = prevLink,
nextPageLink = nextLink
};
HttpContext.Current.Response.Headers.Add("X-Pagination"
, JsonConvert.SerializeObject(paginationHeader));
return(Ok(list
.Skip(pageSize * (page - 1))
.Take(pageSize)));
}
catch (Exception ex)
{
ErrorHelper.ProcessError(_logger, ex, nameof(Get));
return(InternalServerError());
}
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin") ?? "*";
ApplicationUser user = new ApplicationUser();
var claimsIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
var concatenatedRoles = "";
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
AspNetUserProperty userProperty;
using (AuthRepository _repo = new AuthRepository())
{
if (TokenIdentityHelper.IsCredentialForSingleClick(context.Password))
{
var userId = TokenIdentityHelper.GetUserIdSingleClickSignInToken(context.Password);
user = await _repo.FindByUserIdAsync(userId);
}
else
{
user = await _repo.FindUser(context.UserName, context.Password);
}
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
else if (!user.IsActive || _repo.IsLockedOut(user.Id))
{
context.SetError("blocked_user", "Your account is disabled.");
return;
}
var userRoles = await _repo.FindRolesAsync(user.Id);
foreach (var role in userRoles)
{
claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, role));
}
concatenatedRoles = string.Join(",", userRoles);
//Add user property
userProperty = await _repo.FindUserProperty(user.Id);
//addingclaims
claimsIdentity.AddClaim(new Claim(ClaimTypes.Name, user.FirstName));
claimsIdentity.AddClaim(new Claim(GlobalConstants.Account.ClaimTypes.UserName, user.UserName));
claimsIdentity.AddClaim(new Claim(GlobalConstants.Account.ClaimTypes.Subject, user.Id));
claimsIdentity.AddClaim(new Claim(GlobalConstants.Account.ClaimTypes.Issuer, GlobalConstants.EhrsIssuerUri));
}
Dictionary <string, string> properties = new Dictionary <string, string>
{
{
"as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId
}
};
properties.Add("userName", context.UserName);
properties.Add("firstName", user.FirstName);
properties.Add("roles", concatenatedRoles);
var authProps = new AuthenticationProperties(properties);
var ticket = new AuthenticationTicket(claimsIdentity, authProps);
context.Validated(ticket);
}
public IHttpActionResult Get(int page = 1, int pageSize = 10000, bool showAll = false)
{
try
{
if (page == 0)
{
page = 1;
}
if (pageSize == 0)
{
pageSize = 1000;
}
var userId = TokenIdentityHelper.GetOwnerIdFromToken();
var list = _repository.GetList(showAll, userId);
var totalCount = list.Count();
var totalPages = (int)Math.Ceiling((decimal)totalCount / pageSize);
// add pagination infor to the response header
var urlHelper = new UrlHelper(Request);
var prevLink = page > 1 ? urlHelper.Link("Get"
, new
{
page = page - 1,
pageSize = pageSize,
showAll = showAll
}) : "";
var nextLink = page < totalPages?urlHelper.Link("Get"
, new
{
page = page + 1,
pageSize = pageSize,
showAll = showAll
}) : "";
var paginationHeader = new
{
currentPage = page,
pageSize = pageSize,
totalCount = totalCount,
totalPages = totalPages,
previousPageLink = prevLink,
nextPageLink = nextLink
};
HttpContext.Current.Response.Headers.Add("X-Pagination"
, JsonConvert.SerializeObject(paginationHeader));
return(Ok(list
.Skip(pageSize * (page - 1))
.Take(pageSize)));
}
catch (Exception ex)
{
ErrorHelper.ProcessError(_logger, ex, nameof(Get));
return(InternalServerError());
}
}
