public HttpResponseMessage PutEditUser(int id, UserFullModel model, [ValueProvider(typeof(HeaderValueProviderFactory <string>))] string sessionKey) { return(this.PerformOperationAndHandleExceptions(() => { var context = this.ContextFactory.Create(); var admin = this.LoginUser(sessionKey, context); var user = context.Set <User>().Find(id); if (user == null) { var errResponse = this.Request.CreateErrorResponse(HttpStatusCode.Conflict, "The user does not exist"); throw new HttpResponseException(errResponse); } if (admin.Role.Permission != "admin") { var errResponse = this.Request.CreateErrorResponse(HttpStatusCode.BadRequest, "You have no permissions to do change cars"); throw new HttpResponseException(errResponse); } if (model.Amount != null && model.Amount != user.Amount) { user.Amount = model.Amount; } if (model.Nickname != null && model.Nickname != user.Nickname) { user.Nickname = model.Nickname; } if (model.Permission != null && model.Permission != user.Role.Permission) { var permission = context.Set <Role>().FirstOrDefault(r => r.Permission == model.Permission); if (permission == null) { var errResponse = this.Request.CreateErrorResponse(HttpStatusCode.Conflict, "Such permissions do not exists, they are admin registered and anonymous"); throw new HttpResponseException(errResponse); } user.Role = permission; } if (model.SessionKey != null && model.SessionKey != user.SessionKey) { user.SessionKey = model.SessionKey; } if (model.AuthCode != null && model.AuthCode != user.AuthCode) { user.AuthCode = model.AuthCode; } if (model.Username != null && model.Username != user.Username) { user.Username = model.Username; } context.SaveChanges(); var response = this.Request.CreateResponse(HttpStatusCode.NoContent); return response; })); }
// api/users/get/{id} public UserFullModel GetUser(string username, string sessionKey) { var response = this.PerformOperationAndHandleExceptions(() => { var currentUser = GetUser(sessionKey); var searchUser = context.Users.FirstOrDefault(u => u.Username == username); if (searchUser == null) { throw new ArgumentException("Invalid user id."); } var userFModel = new UserFullModel { AboutMe = searchUser.AboutMe, Birthday = searchUser.Birthday, Email = searchUser.Email, Gender = searchUser.Gender, Hometown = searchUser.Hometown, LastVisit = searchUser.LastVisit, Nickname = searchUser.Nickname, Occupation = searchUser.Occupation, RegistrationDate = searchUser.RegistrationDate, StudentNumber = searchUser.StudentNumber, Username = searchUser.Username, WebSite = searchUser.WebSite }; if (currentUser.Id == searchUser.Id) { userFModel.Courses = from c in currentUser.Courses let marks = c.Marks.FirstOrDefault(m => m.Student.Id == currentUser.Id) where marks != null select new CourseUserModel { ExamScore = marks.ExamScore, ExamScoreMax = c.Marks.Max(m => m.ExamScore), HomeworksCount = c.Lectures.Count(l => l.HomeworkDeadline != null), Id = c.Id, SubmitedHomeworksCount = c.Lectures.Count(l => l.Homeworks.Any(h => h.Author.Id == currentUser.Id)), TestScore = marks.TestScore, Title = c.Name, FinalResult = new FinalResultModel { Position = marks.Position, Score = marks.Score, Status = marks.FinalResult } }; } return(userFModel); }); return(response); }
public UserFullModel Get(int id) { var entity = this.userRepository.Get(id); if (entity == null) { var errResponse = this.Request.CreateErrorResponse( HttpStatusCode.BadRequest, string.Format("There is no such element")); throw new HttpResponseException(errResponse); } var model = UserFullModel.Convert(entity); return(model); }
public HttpResponseMessage UpdateUser([FromBody] UserFullModel userModel, [ValueProvider(typeof(HeaderValueProviderFactory <string>))] string sessionKey) { var responseMsg = this.PerformOperationAndHandleExceptions(() => { var context = new BookstoreContext(); var adminUser = context.Users.FirstOrDefault(usr => usr.SessionKey == sessionKey); if (adminUser == null) { throw new UnauthorizedAccessException("Invalid username or password"); } if (adminUser.IsAdmin != true) { throw new UnauthorizedAccessException("You dont have permissions to access this resourse!"); } var userEntity = context.Users.SingleOrDefault(u => u.Id == userModel.Id); if (userModel.Username != null) { userEntity.Username = userModel.Username; } if (userModel.IsActive != null) { userEntity.IsActive = userModel.IsActive.Value; } if (userModel.IsAdmin != null) { userEntity.IsAdmin = userModel.IsAdmin.Value; } context.SaveChanges(); return(Request.CreateResponse(HttpStatusCode.OK)); }); return(responseMsg); }
public UserFullModel GetById(int id, [ValueProvider(typeof(HeaderValueProviderFactory <string>))] string sessionKey) { return(this.PerformOperationAndHandleExceptions(() => { ValidateSessionKey(sessionKey); var context = this.ContextFactory.Create(); using (context) { var usersDbSet = context.Set <User>(); var searchedUser = usersDbSet.FirstOrDefault(u => u.Id == id); var user = usersDbSet.FirstOrDefault(u => u.SessionKey == sessionKey); if (user == null || user.Role.Permission != "admin") { var errResponse = this.Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Invalid user authentication"); throw new HttpResponseException(errResponse); } if (searchedUser == null) { var errResponse = this.Request.CreateErrorResponse(HttpStatusCode.NotFound, "No such user"); throw new HttpResponseException(errResponse); } var models = new UserFullModel() { Id = searchedUser.Id, Nickname = searchedUser.Nickname, AuthCode = searchedUser.AuthCode, SessionKey = searchedUser.SessionKey, Permission = searchedUser.Role.Permission, Amount = searchedUser.Amount, Cars = searchedUser.Cars.AsQueryable().Select(CarModel.FromCar) }; return models; } })); }