public HttpResponseMessage GetWhoAmI(int? s = 0 )
        {
            // wait for FB to replicate your FBToken
            System.Threading.Thread.Sleep(500);
            int uId = Auth.FB.GetUserId();
            string fbId = Auth.FB.GetFbId();

            try
            {

                // what are the orgs you are a member of?
                var myOrgs = db.OrgUserMappings.Include(oo => oo.Orgs).Where(o => o.usersId == uId);

                Users u = db.Users.Find(uId);
                Orgs org = db.Orgs.Find(u.defaultOrg);

                // are you either a System admin or an admin of at least one org?
                bool isAdmin = false;
                if (Auth.FB.IsSystemAdmin())
                {
                    isAdmin = true;
                }
                else
                {
                    // determine if the user is an admin of his default org

                    if (Auth.FB.IsOrgAdmin(u.defaultOrg))
                    {
                        isAdmin = true;
                    }
                }

                // if a newFileId is passed in and the user is a member of that org then create a fileInstance,
                //      set the files org as the user deafult org and send back a url #go?file{fileInstId}
                string referrerUrl = "";
                // is new file passed in
                if (s != 0 ) {

                    // is user a member of the org?
                    File fileDetails = db.File.FirstOrDefault(ff => ff.id == s);
                    int orgsId = fileDetails.orgsId;
                    if (Auth.FB.IsOrgUser(orgsId))
                    {
                        int myId = Auth.FB.GetUserId();

                        // create the file instance
                        NewFileInstance n = new NewFileInstance();
                        n.fileId = fileDetails.id;
                        n.userId = u.id;
                        n.name = fileDetails.fileName + " - " + u.name + " " + DateTime.Now.ToString("O");
                        n.created_at = DateTime.Now.ToString("O");

                        NewFileInstance newFileInst = db.NewFileInstance.Add(n);
                        db.SaveChanges();

                        //Update the Users default org
                        u.defaultOrg = fileDetails.orgsId;
                        db.Entry(u).State = EntityState.Modified;
                        db.SaveChanges();

                        // get the first question for url
                        Questions q = db.Questions.FirstOrDefault(dd => dd.fileId == fileDetails.id && dd.order == 1);

                        // pass back file location
                        referrerUrl = "#go?file" + newFileInst.id + "?q" + q.id;

                        isAdmin = Auth.FB.IsOrgAdmin(u.defaultOrg);

                    }
                    else
                    {
                        referrerUrl = "";
                    }

                }
                else{
                    referrerUrl = "";
                }

                return this.Request.CreateResponse(HttpStatusCode.OK, new
                {
                    Id = uId,
                    FbUserId = fbId,
                    IsAdmin = isAdmin,
                    org = myOrgs,
                    defaultOrg = u.defaultOrg,
                    defaultOrgName = org.orgName,
                    isSystemAdmin = u.isSystemAdmin,
                    referrerUrl = referrerUrl
                });
            }
            catch (Exception ex)
            {

                return this.Request.CreateResponse(HttpStatusCode.OK, new
                {
                    error = ex
                });

            }
        }
        /// POST api/FileInstances
        /// <summary>
        /// Creates a new file instance for the user, if the user has access to the file
        /// </summary>
        public HttpResponseMessage PostNewFileInstance(NewFileInstance newfileinstance)
        {
            newfileinstance.userId = uId;
            newfileinstance.created_at = DateTime.Now.ToString("O");

            // create file instance only if you have access to a file
            if (Auth.FB.HasFileAccess(newfileinstance.fileId))
            {
                if (ModelState.IsValid)
                {
                    db.NewFileInstance.Add(newfileinstance);
                    db.SaveChanges();

                    HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, newfileinstance);
                    response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = newfileinstance.id }));
                    return response;
                }
                else
                {
                    return Request.CreateResponse(HttpStatusCode.BadRequest);
                }
            }
            else
            {
                return Request.CreateResponse(HttpStatusCode.Unauthorized);
            }
        }
        /// <summary>
        /// Imports data in bulk, creates a new file instance and creates responses for that instance
        /// <param name="jJson">
        ///  { 
        ///     file: fileId,
        ///     fileName: name,
        ///     questionsIdMap: ["34","35","36","37"] 
        ///     responses: [
        ///        { 0: "q1a", 1: "q2a" },  // in this case 0 maps to questionId 34
        ///        { 0: "q2a", 1: "q22a" },
        ///        { 0: "q3a", 1: "q23a" },
        ///        { 0: "q4a", 1: "q24a" }
        ///     ]
        /// 
        ///  }
        /// </param>
        /// <returns>
        ///     json response with message array of inserted data
        ///     {"message":["Created file : labowski 0, id: 115","Added response to : labowski 1 , response: bowling , id: 256"]}    
        /// </returns>
        /// </summary>
        // POST api/importer
        public JObject Post(JObject jJson)
        {
            // make sure user is an org admin of at least one org
            // TODO this needs to be hardened by passing in the org and checking if user is orgadmin
            // also make sure all files passed in belong to org
            // also make sure each question belongs to the org
            if (Auth.FB.IsOrgAdmin())
            {
                // dynamic input from inbound JSON
                dynamic json = jJson;

                // output json message to user
                JObject jsonOutput = new JObject();
                dynamic jOutput = jsonOutput;
                jOutput.message = new JArray() as dynamic;

                // file
                int file = int.Parse(json.file.Value);

                // file
                string fileName = json.fileName.Value;

                // questionID Array
                dynamic questionIdArray = new JArray(json.questionsIdMap);

                // responses onject
                dynamic responses = new JArray(json.responses);

                // loop responses and gather data to create a new file instance, add to the fileInstanceCreator object
                List<FileInstanceCreator> fileInstanceCreator = new List<FileInstanceCreator>(); // holds all of the file instances and responses we need to create
                int x = 1; // placeholder for a new instance
                foreach (dynamic row in json.responses)
                {
                    // loop the responses in the row and build a query
                    FileInstanceCreator fi = new FileInstanceCreator();
                    fi.id = x;
                    foreach (dynamic resp in row)
                    {
                        if (resp.Value.Value != "")
                        {
                            fi.responseArray.Add(new response { qid = int.Parse(questionIdArray[int.Parse(resp.Name)].Value), resp = resp.Value.Value });
                        }
                    }
                    x++;
                    fileInstanceCreator.Add(fi);
                }

                var rowNum = 1;
                // loop file instances and create a new file instance if the responseArray is not empty
                foreach (FileInstanceCreator fileInst in fileInstanceCreator)
                {
                    if (fileInst.responseArray.Count > 0)
                    {
                        // create new file instance
                        NewFileInstance newInst = new NewFileInstance
                        {
                            name = fileName + " " + fileInst.id,
                            userId = Auth.FB.GetUserId(),
                            fileId = file,
                            created_at = DateTime.Now.ToString("O")
                        };

                        db.NewFileInstance.Add(newInst);
                        db.SaveChanges();

                        // write each successful insert to log and pass back to user
                        jOutput.message.Add("<b>" + rowNum + ".) Created file : " + newInst.name + ", id: " + newInst.id.ToString() + "</b>");

                        // loop the response array, lookup question type and insert responses for the file instance and question id
                        foreach (response question in fileInst.responseArray)
                        {
                            try
                            {
                                string type = db.Questions.Find(question.qid).type;
                                Responses r = new Responses();

                                bool valid = false;
                                if (type == "Signature")
                                {
                                    // do nothing, we dont import signatures at this point
                                    valid = false;
                                }
                                else if (type == "MultipleChoice")
                                {
                                    // then split each option by ,, and lookup id and do mutiple inserts into the respose table if needed
                                    valid = true;
                                    string[] stringSeparators = new string[] { ",," };
                                    string[] multChoiceAry;
                                    multChoiceAry = question.resp.Split(stringSeparators, StringSplitOptions.None);
                                    foreach (string sResp in multChoiceAry)
                                    {
                                        //then lookup id
                                        int optionId = db.Options.FirstOrDefault(o => o.questionsId == question.qid && o.option == sResp).id;
                                        r.response = optionId.ToString();

                                        r.response = optionId.ToString();
                                        r.respondedTo = true;
                                        r.created_at = DateTime.Now.ToString("O");
                                        r.updated_at = DateTime.Now.ToString("O");
                                        r.newFileInstanceId = newInst.id;
                                        r.questionsId = question.qid;

                                        db.Responses.Add(r);
                                        db.SaveChanges();
                                        // write each insert to log to pass back to user
                                        jOutput.message.Add("Added response to : " + newInst.name + " , response: " + sResp + "[" + optionId + "] , id: " + r.id + "<hr/>");
                                    }
                                }
                                else if (type == "SingleAnswer")
                                {
                                    //then lookup id
                                    valid = true;
                                    int optionId = db.Options.FirstOrDefault(o => o.questionsId == question.qid && o.option == question.resp).id;
                                    r.response = optionId.ToString();
                                }
                                else if (type == "Gps")
                                {
                                    //then insert
                                    valid = true;
                                    r.response = question.resp;
                                }
                                else
                                {
                                    // type is open ended then insert
                                    valid = true;
                                    r.response = question.resp;
                                }

                                if (valid == true && type != "MultipleChoice")
                                {
                                    r.respondedTo = true;
                                    r.created_at = DateTime.Now.ToString("O");
                                    r.updated_at = DateTime.Now.ToString("O");
                                    r.newFileInstanceId = newInst.id;
                                    r.questionsId = question.qid;

                                    db.Responses.Add(r);
                                    db.SaveChanges();

                                    // write each insert to log to pass back to user
                                    jOutput.message.Add("Added response to : " + newInst.name + " , response: " + question.resp + " , id: " + r.id + "<hr/>");
                                }
                                else if (valid == false)
                                {
                                    // write each insert to log to pass back to user
                                    jOutput.message.Add("<b style='color:red'>Failed attempting to add response for question with an ID of : " + question.qid + " , your invalid response was <i> " + question.resp + " </i>. Please check your formatting and edit the response in the report view.</b><hr/> ");
                                }
                                else { }
                            }
                            catch (Exception e)
                            {
                                jOutput.message.Add("<b style='color:red'>Failed attempting to add response for question with an ID of : " + question.qid + " , row " + rowNum + " , your invalid response was <i> " + question.resp + " </i>. Please check your formatting and edit the response in the report view.</b><hr/> ");
                            }

                        }

                    }

                    rowNum++;

                }

                return jOutput;
            }
            else
            {
                throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized));
            }
        }
示例#4
0
            // does the user have access to a file instance (i.e his own file) ?
            public static bool HasFileInstanceAccess(NewFileInstance newfileinstance)
            {
                MyDatabase db = new MyDatabase();

                bool hasAccess = false;

                if (IsSystemAdmin()) //yes if you are a sys admin
                {
                    hasAccess = true;
                }
                else
                {

                    // yes if your userId is on the file
                    if (newfileinstance.userId == _userId)
                    {
                        hasAccess = true;
                    }
                    // yes if you are an orgAdmin
                    else
                    {
                        // What org does the fileInstance belong to?
                        File f = db.File.Find(newfileinstance.fileId);
                        int FilesOrg = f.orgsId;

                        // Is the user an admin of this org?
                        IEnumerable<OrgUserMappings> org = db.OrgUserMappings.Where(m => m.usersId == _userId && m.orgsId == FilesOrg && m.isOrgAdmin == true);
                        if (org.Count() > 0)
                        {
                            hasAccess = true;
                        }
                    }

                }

                db.Dispose();

                return hasAccess;
            }