public async Task <IActionResult> Get()
{
var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();
string[] roles = { "User", "Admin", "SchoolAdmin" };
if (RoleService.CheckRoles(token, roles, _userManager))
{
var candidacyRepo = new CandidacyRepository();
var detailsRepo = new UserDetailsRepository();
var handler = new JwtSecurityTokenHandler();
var sub = handler.ReadJwtToken(token).Payload.Sub;
var details = detailsRepo.GetByUserId(sub);
var candidacy = candidacyRepo.GetAll().Last(x => x.OwnerId.Value == details.Id);
var credentials =
GoogleCredential.FromFile(
PathHelper.GetCredentialsPath());
var storage = StorageClient.CreateAsync(credentials);
var url = SignedUrlHelper.GenerateV4SignedGetUrl("deep-castle-261418-user-photo-bucket",
candidacy.PhotoPath);
return(Ok(url));
}
return(Unauthorized());
}
public async Task <IActionResult> GetSurveys()
{
var schoolRepo = new SchoolRepository();
var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();
string[] roles = { "User", "Admin", "SchoolAdmin" };
var handler = new JwtSecurityTokenHandler();
var sub = handler.ReadJwtToken(token).Payload.Sub;
var detailsRepo = new UserDetailsRepository();
var id = detailsRepo.GetByUserId(sub).SchoolId.Value;
//Checks if the User have needed role to access all surveys and if User is in that school
if (RoleService.CheckRoles(token, roles, _usermanager))
{
var result = _repository.GetAll().Where(x => x.Author.SchoolId == id)
.Select(x => new SurveySummary(x))
.ToList();
return(Ok(result));
}
return(NotFound());
}
public async Task <IActionResult> Submit(VoteInput input)
{
var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();
var roles = new List <string>()
{
"User"
};
var handler = new JwtSecurityTokenHandler();
var sub = handler.ReadJwtToken(token).Payload.Sub;
if (RoleService.CheckRoles(token, roles, _userManager))
{
var vote = VoteInputConverter.Convert(input);
var detailsRepo = new UserDetailsRepository();
var voteRecordsRepo = new VoteRecordRepository();
var detailsId = detailsRepo.GetByUserId(sub).Id;
var surveyId = vote.SurveyId;
if (voteRecordsRepo.GetAll().Count(x => x.UserDetailsId == detailsId && x.SurveyId == surveyId) == 0)
{
_repository.Add(vote);
var record = new VoteRecord(surveyId, detailsId);
voteRecordsRepo.Add(record);
return(CreatedAtAction("Submit", vote));
}
return(BadRequest("You already voted"));
}
else
{
return(BadRequest("Only Users can vote."));
}
}
public async Task <IActionResult> Add()
{
var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();
string[] roles = { "User" };
var handler = new JwtSecurityTokenHandler();
if (RoleService.CheckRoles(token, roles, _userManager))
{
var httpRequest = HttpContext.Request;
var file = httpRequest.Body;
//checks the size of file
var imageHandler = new ImageSecurityHandler();
if (!imageHandler.CheckFileSize(httpRequest.ContentLength.Value))
{
_logger.LogInformation($"size is {httpRequest.ContentLength}");
return(BadRequest("Photo must be between 5KB and 5MB"));
}
//checks the format of file
if (!imageHandler.CheckFileFormat(httpRequest.ContentType))
{
_logger.LogInformation($"file format is {httpRequest.ContentType}");
return(BadRequest("Wrong file format"));
}
var sub = handler.ReadJwtToken(token).Payload.Sub;
var credentials =
GoogleCredential.FromFile("../Infrastructure/Images/GCStorage/Rosta-a2299c0ab851.json");
var storage = StorageClient.CreateAsync(credentials);
var lastId = 0;
if (storage.Result
.ListObjects("deep-castle-261418-user-photo-bucket")
.Select(x => x.Name)
.Count(x => x.Contains(sub)) > 0)
{
lastId = int.Parse(storage.Result
.ListObjects("deep-castle-261418-user-photo-bucket")
.Select(x => x.Name).Last(x => x.Contains(sub))
.Split("-").Last());
}
var detailsRepository = new UserDetailsRepository();
var details = detailsRepository.GetByUserId(sub);
var candidacyRepository = new CandidacyRepository();
var candidacy = candidacyRepository.GetAll().Last(x => x.OwnerId == details.Id);
//Checks if User have candidacy
if (candidacyRepository.GetAll().Count(x => x.OwnerId == details.Id) == 0)
{
return(BadRequest("User didnt submited candidacy."));
}
//Uploading Photo to Google Cloud and updating indecies.
var photoName = $"{sub}-profilePhoto-{lastId + 1}";
storage.Result.UploadObject("deep-castle-261418-user-photo-bucket", photoName,
MediaTypeNames.Image.Jpeg, file, null);
candidacy.PhotoPath = photoName;
candidacyRepository.Edit(candidacy);
return(Ok());
}
return(Unauthorized());
}
public async Task <IActionResult> Add(int id)
{
var token = HttpContext.Request.Headers["Authorization"].Last().Split(" ").Last();
string[] roles = { "User", "Admin", "SchoolAdmin" };
var handler = new JwtSecurityTokenHandler();
if (RoleService.CheckRoles(token, roles, _userManager))
{
var httpRequest = HttpContext.Request;
var file = httpRequest.Body;
//checks the size of file
var imageHandler = new ImageSecurityHandler();
if (!imageHandler.CheckFileSize(httpRequest.ContentLength.Value))
{
_logger.LogInformation($"size is {httpRequest.ContentLength}");
return(BadRequest("Photo must be between 5KB and 5MB"));
}
//checks the format of file
if (!imageHandler.CheckFileFormat(httpRequest.ContentType))
{
_logger.LogInformation($"file format is {httpRequest.ContentType}");
return(BadRequest("Wrong file format"));
}
var sub = handler.ReadJwtToken(token).Payload.Sub;
var credentials =
GoogleCredential.FromFile(
PathHelper.GetCredentialsPath());
var storage = StorageClient.CreateAsync(credentials);
var lastId = 0;
if (storage.Result
.ListObjects("deep-castle-261418-survey-photo-bucket")
.Select(x => x.Name)
.Count(x => x.Contains(sub)) > 0)
{
lastId = int.Parse(storage.Result
.ListObjects("deep-castle-261418-survey-photo-bucket")
.Select(x => x.Name).Last(x => x.Contains(sub))
.Split("-").Last());
}
var surveyRepo = new SurveyRepository();
if (!surveyRepo.GetAll().Select(x => x.Id).Contains(id))
{
return(BadRequest($"Survey doesnt with {id} exsit"));
}
var detailsRepo = new UserDetailsRepository();
var detailsId = detailsRepo.GetByUserId(sub).Id;
if (surveyRepo.GetAll().First(x => x.Id == id).AuthorId != detailsId)
{
return(BadRequest("You dont have rights to edit that survey"));
}
var survey = surveyRepo.GetById(id);
var photoPath = $"{sub}-{survey.Id}-surveyPhoto-{lastId + 1}";
storage.Result.UploadObject("deep-castle-261418-survey-photo-bucket", photoPath,
MediaTypeNames.Image.Jpeg, file, null);
survey.PhotoPath = photoPath;
surveyRepo.Edit(survey);
return(Ok());
}
return(Unauthorized());
}
