ScientificReport
DepartmentController.cs
Go to the documentation of this file.
1 using System;
2 using System.Collections.Generic;
3 using System.Linq;
4 using System.Threading.Tasks;
5 using Microsoft.AspNetCore.Authorization;
6 using Microsoft.AspNetCore.Identity;
7 using Microsoft.AspNetCore.Mvc;
8 using ScientificReport.BLL.Interfaces;
9 using ScientificReport.Controllers.Utils;
10 using ScientificReport.DAL.Entities;
11 using ScientificReport.DAL.Entities.UserProfile;
12 using ScientificReport.DAL.Roles;
13 using ScientificReport.DTO.Models;
14 using ScientificReport.DTO.Models.Department;
15 
16 namespace ScientificReport.Controllers
17 {
18  [Authorize(Roles = UserProfileRole.Any)]
19  public class DepartmentController : Controller
20  {
21  private readonly UserManager<UserProfile> _userManager;
22 
23  private readonly IDepartmentService _departmentService;
24  private readonly IUserProfileService _userProfileService;
25  private readonly IScientificWorkService _scientificWorkService;
26 
27  public DepartmentController(
28  IDepartmentService departmentService,
29  IUserProfileService userProfileService,
30  IScientificWorkService scientificWorkService,
31  UserManager<UserProfile> userManager
32  )
33  {
34  _userManager = userManager;
35  _departmentService = departmentService;
36  _userProfileService = userProfileService;
37  _scientificWorkService = scientificWorkService;
38  }
39 
40  // GET: Department/Index
41  [HttpGet]
42  public IActionResult Index(DepartmentIndexModel model)
43  {
44  if (PageHelpers.IsAdmin(User))
45  {
46  model.Departments = _departmentService.Filter(model);
47  model.Count = _departmentService.GetCount();
48  return View(model);
49  }
50 
51  var department = _departmentService.Get(
52  d => d.Staff.Contains(_userProfileService.Get(User))
53  );
54 
55  if (department == null)
56  {
57  return NotFound();
58  }
59 
60  return RedirectToAction("Details", new { id = department.Id });
61  }
62 
63  // GET: Department/Details/{id}
64  [HttpGet]
65  public IActionResult Details(Guid? id)
66  {
67  if (id == null)
68  {
69  return NotFound();
70  }
71 
72  var department = _departmentService.GetById(id.Value);
73  if (department == null)
74  {
75  return NotFound();
76  }
77 
78  if (!PageHelpers.IsAdmin(User) && !department.Staff.Contains(_userProfileService.Get(User)))
79  {
80  return Forbid();
81  }
82 
83  return View(department);
84  }
85 
86  // GET: Department/Create
87  [HttpGet]
88  [Authorize(Roles = UserProfileRole.Administrator)]
89  public async Task<IActionResult> Create()
90  {
91  var allUsers = _userProfileService.GetAll();
92  var allDepartments = _departmentService.GetAll();
93 
94  var usersToCheck = allUsers.Where(user => allDepartments.All(d => d.Head.Id != user.Id && !d.Staff.Contains(user))).ToList();
95  var availableUsers = new List<UserProfile>();
96  foreach (var user in usersToCheck)
97  {
98  if (await _userProfileService.IsTeacherOnlyAsync(user, _userManager))
99  {
100  availableUsers.Add(user);
101  }
102  }
103 
104  return View(new DepartmentCreateModel
105  {
106  UserSelection = availableUsers
107  });
108  }
109 
110  // POST: Department/Create
111  [HttpPost]
112  [Authorize(Roles = UserProfileRole.Administrator)]
113  public async Task<IActionResult> Create(DepartmentCreateModel model)
114  {
115  if (!ModelState.IsValid)
116  {
117  return View(model);
118  }
119 
120  if (_departmentService.Get(d => d.Title == model.Title) != null)
121  {
122  return RedirectToAction("Index");
123  }
124 
125  if (_userProfileService.UserExists(model.SelectedHeadId))
126  {
127  var head = _userProfileService.GetById(model.SelectedHeadId);
128  var isAvailable =
129  !(await _userProfileService.IsInRoleAsync(head, UserProfileRole.Administrator, _userManager)
130  && await _userProfileService.IsInRoleAsync(head, UserProfileRole.HeadOfDepartment, _userManager));
131 
132  if (isAvailable)
133  {
134  _departmentService.CreateItem(new Department
135  {
136  Title = model.Title,
137  Head = head,
138  Staff = new List<UserProfile> {head}
139  });
140  head.Position = "HeadOfDepartment";
141  _userProfileService.UpdateItem(head);
142  await _userProfileService.AddToRoleAsync(head, UserProfileRole.HeadOfDepartment, _userManager);
143  }
144  else
145  {
146  return BadRequest();
147  }
148  }
149  else
150  {
151  return NotFound();
152  }
153 
154  return RedirectToAction("Index");
155  }
156 
157  // GET: Department/Edit/{id}
158  [HttpGet]
159  [Authorize(Roles = UserProfileRole.HeadOfDepartmentOrAdmin)]
160  public IActionResult Edit(Guid? id)
161  {
162  if (id == null)
163  {
164  return NotFound();
165  }
166 
167  var department = _departmentService.GetById(id.Value);
168  if (department == null)
169  {
170  return RedirectToAction("Index");
171  }
172 
173  if (!IsValidCurrentUser(department))
174  {
175  return Forbid();
176  }
177 
178  var departments = _departmentService.GetAllWhere(d => d.Id != department.Id).ToList();
179  var allUsers = _userProfileService.GetAll();
180 
181  var availableUsers = allUsers.Where(user => departments.All(d => !d.Staff.Contains(user)));
182 
183  var availableScientificWorks = _scientificWorkService.GetAllWhere(sw => departments.All(d => !d.ScientificWorks.Contains(sw)));
184 
185  return View(new DepartmentEditModel
186  {
187  Department = department,
188  DepartmentId = department.Id,
189  Title = department.Title,
190  UserSelection = availableUsers,
191  Head = department.Head,
192  SelectedHeadId = department.Head.Id,
193  Staff = department.Staff,
194  AvailableScientificWork = availableScientificWorks,
195  ScientificWorks = department.ScientificWorks,
196  IsEditingByHead = department.Head.Id == _userProfileService.Get(u => u.UserName == User.Identity.Name).Id
197  });
198  }
199 
200  // POST: Department/Edit/{id}
201  [HttpPost]
202  [Authorize(Roles = UserProfileRole.HeadOfDepartmentOrAdmin)]
203  public async Task<IActionResult> Edit(Guid? id, [Bind("Title,SelectedHeadId")] DepartmentEditModel model)
204  {
205  if (!ModelState.IsValid)
206  {
207  return View(model);
208  }
209 
210  if (id == null)
211  {
212  return NotFound();
213  }
214 
215  var department = _departmentService.GetById(id.Value);
216  if (department == null)
217  {
218  return NotFound();
219  }
220 
221  if (!IsValidCurrentUser(department))
222  {
223  return Forbid();
224  }
225 
226  department.Title = model.Title;
227  var newHead = _userProfileService.GetById(model.SelectedHeadId);
228  var departments = _departmentService.GetAllWhere(d => !d.Id.Equals(department.Id));
229  if (newHead != null && departments.All(d => !d.Staff.Contains(newHead)))
230  {
231  var oldHead = department.Head;
232  oldHead.Position = "Teacher";
233  _userProfileService.UpdateItem(oldHead);
234  await _userProfileService.RemoveFromRoleAsync(oldHead, UserProfileRole.HeadOfDepartment,
235  _userManager);
236 
237  department.Head = newHead;
238 
239  newHead.Position = "HeadOfDepartment";
240  _userProfileService.UpdateItem(newHead);
241  await _userProfileService.AddToRoleAsync(newHead, UserProfileRole.HeadOfDepartment, _userManager);
242 
243  if (!department.Staff.Contains(newHead))
244  {
245  department.Staff.Add(newHead);
246  _departmentService.UpdateItem(department);
247  }
248  }
249 
250  _departmentService.UpdateItem(department);
251 
252  return RedirectToAction("Index");
253  }
254 
255  // POST: Department/AddUserToStaff/{departmentId}
256  [HttpPost]
257  [Authorize(Roles = UserProfileRole.HeadOfDepartmentOrAdmin)]
258  public async Task<IActionResult> AddUserToStaff(Guid? id, [FromBody] UpdateUserRequest request)
259  {
260  if (id == null)
261  {
262  return NotFound();
263  }
264 
265  var department = _departmentService.GetById(id.Value);
266  if (department == null)
267  {
268  return Json(ApiResponse.Fail);
269  }
270 
271  if (!IsValidCurrentUser(department))
272  {
273  return Json(ApiResponse.Fail);
274  }
275 
276  var user = _userProfileService.GetById(request.UserId);
277  var isNotAvailable = await _userProfileService.IsInRoleAsync(user, UserProfileRole.HeadOfDepartment, _userManager);
278 
279  if (user == null || _departmentService.UserIsHired(user) || isNotAvailable)
280  {
281  return Json(ApiResponse.Fail);
282  }
283 
284  department.Staff.Add(user);
285  _departmentService.UpdateItem(department);
286 
287  return Json(ApiResponse.Ok);
288  }
289 
290  // POST: Department/RemoveUserFromStaff/{departmentId}
291  [HttpPost]
292  [Authorize(Roles = UserProfileRole.HeadOfDepartmentOrAdmin)]
293  public IActionResult RemoveUserFromStaff(Guid? id, [FromBody] UpdateUserRequest request)
294  {
295  if (id == null)
296  {
297  return NotFound();
298  }
299 
300  var department = _departmentService.GetById(id.Value);
301  if (department == null)
302  {
303  return Json(ApiResponse.Fail);
304  }
305 
306  if (!IsValidCurrentUser(department))
307  {
308  return Json(ApiResponse.Fail);
309  }
310 
311  var user = _userProfileService.GetById(request.UserId);
312  if (user == null || !department.Staff.Contains(user) || department.Head.Id.Equals(user.Id))
313  {
314  return Json(ApiResponse.Fail);
315  }
316 
317  department.Staff.Remove(user);
318  _departmentService.UpdateItem(department);
319 
320  return Json(ApiResponse.Ok);
321  }
322 
323  // POST: Department/Delete/{id}
324  [HttpPost]
325  [Authorize(Roles = UserProfileRole.Administrator)]
326  public async Task<IActionResult> Delete(Guid? id)
327  {
328  if (id == null || !_departmentService.Exists(id.Value))
329  {
330  return NotFound();
331  }
332 
333  var departmentToDelete = _departmentService.GetById(id.Value);
334  if (!IsValidCurrentUser(departmentToDelete))
335  {
336  return Forbid();
337  }
338 
339  if (departmentToDelete.Staff.Count == 1)
340  {
341  await _userProfileService.RemoveFromRoleAsync(departmentToDelete.Head, UserProfileRole.HeadOfDepartment, _userManager);
342  departmentToDelete.Head.Position = UserProfileRole.Teacher;
343  _userProfileService.UpdateItem(departmentToDelete.Head);
344  _departmentService.DeleteById(id.Value);
345  }
346 
347  return RedirectToAction("Index");
348  }
349 
350  private bool IsValidCurrentUser(Department department)
351  {
352  var currentUser = _userProfileService.Get(User);
353  if (!PageHelpers.IsAdmin(User))
354  {
355  return currentUser.Id == department.Head.Id;
356  }
357 
358  return true;
359  }
360  }
361 }
ScientificReport.Controllers.DepartmentController.AddUserToStaff
async Task< IActionResult > AddUserToStaff(Guid?id, [FromBody] UpdateUserRequest request)
Definition: DepartmentController.cs:258
ScientificReport.DAL.Entities.Department.Head
virtual UserProfile.UserProfile Head
Definition: Department.cs:20
ScientificReport.Controllers.DepartmentController.Index
IActionResult Index(DepartmentIndexModel model)
Definition: DepartmentController.cs:42
ScientificReport.Controllers.DepartmentController.DepartmentController
DepartmentController(IDepartmentService departmentService, IUserProfileService userProfileService, IScientificWorkService scientificWorkService, UserManager< UserProfile > userManager)
Definition: DepartmentController.cs:27
ScientificReport.Controllers.DepartmentController.Create
async Task< IActionResult > Create(DepartmentCreateModel model)
Definition: DepartmentController.cs:113
ScientificReport.Controllers.DepartmentController.RemoveUserFromStaff
IActionResult RemoveUserFromStaff(Guid?id, [FromBody] UpdateUserRequest request)
Definition: DepartmentController.cs:293
ScientificReport.Controllers.DepartmentController.Edit
async Task< IActionResult > Edit(Guid?id, [Bind("Title,SelectedHeadId")] DepartmentEditModel model)
Definition: DepartmentController.cs:203
ScientificReport.DTO.Models.Department.DepartmentIndexModel.Departments
IEnumerable< ScientificReport.DAL.Entities.Department > Departments
Definition: DepartmentIndexModel.cs:11