// PUT api/TestDept/5
public HttpResponseMessage Putdepartment(string id, department department)
{
if (!ModelState.IsValid)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
if (id != department.code)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest));
}
db.Entry(department).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.NotFound, ex));
}
return(Request.CreateResponse(HttpStatusCode.OK));
}
// PUT api/TestDept/5
public HttpResponseMessage Putdepartment(string id, department department)
{
if (!ModelState.IsValid)
{
return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState);
}
if (id != department.code)
{
return Request.CreateResponse(HttpStatusCode.BadRequest);
}
db.Entry(department).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException ex)
{
return Request.CreateErrorResponse(HttpStatusCode.NotFound, ex);
}
return Request.CreateResponse(HttpStatusCode.OK);
}
public NonSensitiveDepartment GetAuthorisedDepartment()
{
department dept = _db.departments.SingleOrDefault(d => d.code == HttpContext.Current.User.Identity.Name);
NonSensitiveDepartment nsDept = new NonSensitiveDepartment(dept.code, dept.name);
return(nsDept);
}
// GET api/TestDept/5
public department Getdepartment(string id)
{
department department = db.departments.Find(id);
if (department == null)
{
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound));
}
return(department);
}
// POST api/TestDept
public HttpResponseMessage Postdepartment(department department)
{
if (ModelState.IsValid)
{
db.departments.Add(department);
db.SaveChanges();
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, department);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = department.code }));
return(response);
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
}
// POST api/TestDept
public HttpResponseMessage Postdepartment(department department)
{
if (ModelState.IsValid)
{
db.departments.Add(department);
db.SaveChanges();
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, department);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = department.code }));
return response;
}
else
{
return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState);
}
}
public HttpResponseMessage PostChangePassword(Models.PasswordModel pm)
{
Authentication auth = new Authentication();
string deptCode = GetAuthorisedDepartment().code;
bool correctPassword = auth.ValidateUser(deptCode, pm.currentPassword);
if (correctPassword)
{
if (ModelState.IsValid)
{
department dept =
(from d in _db.departments
where d.code == deptCode
select d).FirstOrDefault();
string deptSalt = dept.salt;
string newDeptPassword = auth.HashPassword(pm.newPassword, deptSalt);
dept.hashedPassword = newDeptPassword;
_db.Entry(dept).CurrentValues.SetValues(dept);
_db.SaveChanges();
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK, pm);
response.Headers.Location = new Uri(Url.Link("DefaultApi", null));
return(response);
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.OK, "Invalid Password"));
}
}
// DELETE api/TestDept/5
public HttpResponseMessage Deletedepartment(string id)
{
department department = db.departments.Find(id);
if (department == null)
{
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
db.departments.Remove(department);
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.NotFound, ex));
}
return(Request.CreateResponse(HttpStatusCode.OK, department));
}
