public override void RespondToRequest(User user, System.Web.HttpRequest request, System.Web.HttpResponse response, IBabyDataSource DataSource) { Baby b; if (!String.IsNullOrEmpty (request ["id"])) { b = DataSource.ReadBaby (request ["id"], user); switch (request.HttpMethod.ToUpper ()) { case "GET": if (b.HasPermission (user.Username, Permission.Types.READ)) { b.Events = DataSource.GetEventsForBaby (b, user); response.Write (b.ToJSON ()); } else { throw new AuthException ("You don't have permission to view this baby's data"); } break; case "POST": b.Permissions = DataSource.GetPermissionsForBaby (b, user); if(b.HasPermission(user.Username, Permission.Types.UPDATE)){ BabyEvent be = new BabyEvent ( b.Id, user.Username, String.IsNullOrEmpty (request ["eventtype"]) ? "UNKNOWN" : request ["eventtype"], String.IsNullOrEmpty (request ["subtype"]) ? "" : request ["subtype"], String.IsNullOrEmpty (request ["details"]) ? "" : request ["details"]); be = DataSource.CreateBabyEvent (be, user); b.Events.Add (be); response.Write (b.ToJSON()); } else { throw new AuthException ("You don't have permission to Update this baby's data"); } break; default: throw new NotSupportedException ("Unsupported HTTP Method"); break; } } else { throw new ArgumentNullException ("Baby id not specified as 'id'"); } }
public bool SaveBabyEvent(BabyEvent babyevent, User user) { SqliteCommand cmd = new SqliteCommand (SAVE_BABYEVENT, db); if (db.State != System.Data.ConnectionState.Open) { db.Open (); } cmd.Parameters.AddWithValue ("@username", babyevent.ReportUser); cmd.Parameters.AddWithValue ("@babyId", babyevent.BabyId); cmd.Parameters.AddWithValue ("@type", babyevent.Type); cmd.Parameters.AddWithValue ("@subtype", babyevent.Subtype); cmd.Parameters.AddWithValue ("@reported", babyevent.ReportTime.ToString (DB_DATE_FORMAT)); cmd.Parameters.AddWithValue ("@details", babyevent.Details); cmd.Parameters.AddWithValue ("@id", babyevent.Id); int items = cmd.ExecuteNonQuery(); return items > 0; }
public BabyEvent ReadBabyEvent(int Id, User user) { BabyEvent be = new BabyEvent (); SqliteCommand cmd = new SqliteCommand (READ_BABYEVENT, db); if (db.State != System.Data.ConnectionState.Open) { db.Open (); } cmd.Parameters.AddWithValue ("@id", Id); SqliteDataReader r = cmd.ExecuteReader (); if (r.Read ()) { be.Id = int.Parse (r ["Id"].ToString ()); be.ReportUser = r ["Username"].ToString(); be.BabyId = r ["BabyId"].ToString(); be.ReportTime = DateTime.Parse (r ["Reported"].ToString ()); be.Type = r ["Type"].ToString (); be.Subtype = r ["Subtype"].ToString (); be.Details = r ["details"].ToString (); } r.Close (); return be; }
public List<BabyEvent> GetEventsForBaby(Baby baby, User user ,Filter filter) { List<BabyEvent> Events = new List<BabyEvent> (); SqliteCommand cmd = new SqliteCommand (READ_BABY_EVENTS, this.db); cmd.Parameters.AddWithValue ("@id", baby.Id); cmd.CommandText = cmd.CommandText.Replace ("ORDER BY Reported DESC", ""); if (filter.Start > DateTime.MinValue) { cmd.CommandText += " AND Reported >= @start "; cmd.Parameters.AddWithValue ("@start", filter.Start); } if (filter.End > DateTime.MinValue) { cmd.CommandText += " AND Reported <= @end "; cmd.Parameters.AddWithValue ("@end", filter.End); } if (!String.IsNullOrEmpty (filter.EventType)) { switch(filter.Match){ case Filter.Matches.EQUAL: cmd.CommandText += " AND Type = @type "; cmd.Parameters.AddWithValue ("@type", filter.EventType); break; case Filter.Matches.LIKE: cmd.CommandText += " AND Type like @type "; cmd.Parameters.AddWithValue ("@type", filter.EventType); break; case Filter.Matches.NOT_EQUAL: cmd.CommandText += " AND Type like @type "; cmd.Parameters.AddWithValue ("@type", filter.EventType); break; } } cmd.CommandText += " ORDER BY Reported DESC "; if (filter.Count > 0) { cmd.CommandText += " LIMIT @count "; cmd.Parameters.AddWithValue ("@count", filter.Count); if (filter.Offset > 0 ) { cmd.CommandText += " OFFSET @offset "; cmd.Parameters.AddWithValue("@offset", filter.Offset); } } SqliteDataReader r = cmd.ExecuteReader (); while (r.Read ()) { BabyEvent be = new BabyEvent (); int.TryParse (r ["Id"].ToString (),out be.Id ); be.ReportUser = r ["Username"].ToString (); be.BabyId = r ["BabyId"].ToString (); be.ReportTime = DateTime.ParseExact(r ["Reported"].ToString (), DB_DATE_FORMAT, CultureInfo.InvariantCulture ); be.Type = r ["Type"].ToString (); be.Subtype = r ["Subtype"].ToString (); be.Details = r ["Details"].ToString (); Events.Add (be); } r.Close (); return Events; }
public BabyEvent CreateBabyEvent(BabyEvent babyevent, User user) { BabyEvent be = babyevent; SqliteCommand cmd = new SqliteCommand (CREATE_BABYEVENT, db); if (db.State != System.Data.ConnectionState.Open) { db.Open (); } cmd.Parameters.AddWithValue ("@username", babyevent.ReportUser); cmd.Parameters.AddWithValue ("@babyId", babyevent.BabyId); cmd.Parameters.AddWithValue ("@type", babyevent.Type); cmd.Parameters.AddWithValue ("@subtype", babyevent.Subtype); cmd.Parameters.AddWithValue ("@reported", babyevent.ReportTime.ToString (DB_DATE_FORMAT)); cmd.Parameters.AddWithValue ("@details", babyevent.Details); bool saved = cmd.ExecuteNonQuery () > 0; if (saved) { return babyevent; } return be; }
public Baby CreateBaby(Baby baby, User user) { Baby b = baby; SqliteCommand cmd = new SqliteCommand (CREATE_BABY, db); if (db.State != System.Data.ConnectionState.Open) { db.Open (); } if (String.IsNullOrEmpty (baby.Id)) { Random r = new Random (); //TODO Collision Checks byte[] id =new byte[BABY_ID_LENGTH]; r.NextBytes (id); b.Id = Convert.ToBase64String (id) .Replace ('+', '-') .Replace('/','_') .TrimEnd(new char[]{'='}); cmd.Parameters.AddWithValue ("@Id",b.Id); } else { cmd.Parameters.AddWithValue ("@Id", baby.Id); } cmd.Parameters.AddWithValue("@name",b.Name); cmd.Parameters.AddWithValue("@image",b.Image); cmd.Parameters.AddWithValue("@sex",b.Sex); cmd.Parameters.AddWithValue("@dateofbirth",b.DOB.ToString(DB_DATE_FORMAT)); cmd.Parameters.AddWithValue("@ispublic",b.IsPublic); bool saved = cmd.ExecuteNonQuery () > 0; if (saved) { Permission p = new Permission (b.Id,user.Username,Permission.Types.PARENT); this.CreatePermission (p,user); b.Permissions.Add (p); BabyEvent be = new BabyEvent (b.Id, user.Username, "INFO", "CREATED"); this.CreateBabyEvent (be, user); b.Events.Add (be); return b; } return new Baby(); }