public ActionResult View(string act, TransactionModel model)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to add a transaction";
if (model.transactionID == null)
{
throw new ArgumentNullException("Transaction GUID must be specified");
}
if (!(model.result == "Confirmed" || model.result == "Rejected"))
{
throw new ArgumentNullException("A transaction must be specified as Confirmed or Rejected");
}
using (var db = new CopiosisEntities())
{
// Get transaction data
var transaction = db.transactions.Where(t => t.transactionID == model.transactionID).FirstOrDefault();
// Make sure a transaction was found.
if(transaction == null)
{
throw new ArgumentNullException(string.Format("Transaction with ID does not exist", model.transactionID));
}
/////////////////////////////////////////////////
// Check permissions to update this transaction.
/////////////////////////////////////////////////
bool update = false;
// User is the provider and the transaction is waiting on their confirmation.
if (WebSecurity.CurrentUserId == transaction.providerID && transaction.dateClosed == null)
{
// These are the only things being updated. Anything else sent along in the POST (even if it's in the model)
// will be ignored.
transaction.providerNotes = model.providerNotes;
transaction.dateClosed = DateTime.Now;
transaction.status = model.result;
// Make sure the DB gets updated below
update = true;
}
// User is the receiver and the transaction is waiting on their confirmation.
else if (WebSecurity.CurrentUserId == transaction.receiverID && transaction.dateClosed == null)
{
// Satisfaction must be specified!
if (model.satisfaction == null)
{
this.ModelState.AddModelError("Satisfaction", "Your satisfaction with this transaction must be specified.");
return View(model.transactionID);
}
transaction.receiverNotes = model.receiverNotes;
transaction.satisfaction = (short)model.satisfaction;
transaction.dateClosed = DateTime.Now;
transaction.status = model.result;
// Make sure DB gets updated below.
update = true;
}
if (update)
{
// Only modify NBRs if the transaction was actually confirmed, and not rejected.
if (model.result == "Confirmed")
{
// Deduct product cost (NBR) from receiver.
transaction.receiver.nbr -= transaction.productGateway;
transaction.receiver.nbr += 2;
// Credit provider with NBR. Bind the NBR to the transaction for records purposes.
float providerReward = CalculateNBR((int)transaction.satisfaction, transaction.productID, transaction.providerID);
transaction.provider.nbr += providerReward;
transaction.nbr = providerReward;
}
db.SaveChanges();
}
}
return RedirectToAction("View", new { tranId = model.transactionID });
}
// GET: /Account/View
// View a specific transaction. Probably takes some kind of GUID.
public ActionResult View(Guid tranId)
{
ACCOUNTERROR.ErrorSubject = "Error while trying to retrieve a transaction";
if(tranId == null)
{
throw new ArgumentNullException("Transaction ID must be specified");
}
TransactionModel model = new TransactionModel();
using(var db = new CopiosisEntities())
{
// Get transaction data
var transaction = db.transactions.Where(t => t.transactionID == tranId).FirstOrDefault();
// Make sure a transaction was found.
if(transaction == null)
{
throw new ArgumentNullException(string.Format("Transaction with ID does not exist", tranId));
}
// Check permissions to view this transaction.
if ((WebSecurity.CurrentUserId == transaction.providerID) ||
(WebSecurity.CurrentUserId == transaction.receiverID) ||
(System.Web.Security.Roles.IsUserInRole(ADMINROLE))
)
{
// Various transaction data expected to be displayed
model.transactionID = transaction.transactionID;
model.date = transaction.date.HasValue ? transaction.date.Value.ToString() : string.Empty; // Date the transaction took place on.
model.dateAdded = transaction.dateAdded; // Date transaction added to system. How long pending??
model.dateClosed = transaction.dateClosed ?? // Date transaction was Confirmed or Rejected.
DateTime.MinValue; // Replaces dateAdded when not null.
model.nbr = transaction.nbr ?? 0.0; // NBR earned from this transaction
model.status = transaction.status; // Pending, Confirmed, or Rejected
model.satisfaction = transaction.satisfaction;
// Product info expected to be displayed.
model.productGuid = transaction.product.guid;
model.productName = transaction.product.name;
model.productDesc = transaction.productDesc;
model.productGateway = transaction.productGateway;
// Provider info expected to be displayed.
model.providerFirstName = transaction.provider.firstName;
model.providerLastName = transaction.provider.lastName;
model.providerUsername = transaction.provider.username;
model.providerNotes = transaction.providerNotes;
// Receiver info expected to be displayed.
model.receiverFirstName = transaction.receiver.firstName;
model.receiverLastName = transaction.receiver.lastName;
model.receiverUsername = transaction.receiver.username;
model.receiverNotes = transaction.receiverNotes;
// For calculatons
model.providerID = transaction.providerID;
model.receiverID = transaction.receiverID;
model.isPendingUser = (transaction.dateClosed == null &&
transaction.createdBy != WebSecurity.CurrentUserId &&
(transaction.providerID == WebSecurity.CurrentUserId ||
transaction.receiverID == WebSecurity.CurrentUserId)
) ? true : false;
}
else
{
throw new ArgumentException("Current user not authorized to view this transaction");
}
}
return View(model);
}