damienmoulard
diff --git a/‎Zenergy/Zenergy/Controllers/ApiControllers/CartContentsController.cs
+234 b/‎Zenergy/Zenergy/Controllers/ApiControllers/CartContentsController.cs
+234
diff --git a/‎Zenergy/Zenergy/Models/CartContentModel.cs
+14 b/‎Zenergy/Zenergy/Models/CartContentModel.cs
+14
diff --git a/‎Zenergy/Zenergy/Pages/cart.html
+48 b/‎Zenergy/Zenergy/Pages/cart.html
+48
diff --git a/‎Zenergy/Zenergy/Pages/home.html
+3-5 b/‎Zenergy/Zenergy/Pages/home.html
+3-5
diff --git a/‎Zenergy/Zenergy/Pages/products.html
+2-2 b/‎Zenergy/Zenergy/Pages/products.html
+2-2
@@ -0,0 +1,234 @@
+using System;
+using System.Collections.Generic;
+using System.Data;
+using System.Data.Entity;
+using System.Data.Entity.Infrastructure;
+using System.Linq;
+using System.Net;
+using System.Net.Http;
+using System.Threading.Tasks;
+using System.Web.Http;
+using System.Web.Http.Description;
+using Zenergy.Models;
+
+namespace Zenergy.Controllers.ApiControllers
+{
+    public class CartContentsController : ApiController
+    {
+        private ZenergyContext db = new ZenergyContext();
+
+
+        // GET: api/users/{userId}/basket
+        [HttpGet]
+        [Route("api/users/{userId}/basket")]
+        [Authorize]
+        [ResponseType(typeof(IQueryable<CartContent>))]
+        public  IHttpActionResult GetCartContent(int userId)
+        {
+            //verify the identity of the user
+            var currentUserId = db.user.Where(u => u.mail.Equals(this.User.Identity.Name)).FirstAsync().Result.userId;
+            if (!(currentUserId == userId))
+            {
+                return BadRequest("You are not authorized to access this user's cart content!");
+            }
+            IQueryable<CartContent> cartContent = db.CartContent.Where(cc => cc.userId == (userId));
+            if (!cartContent.Any())
+            {
+                return NotFound();
+            }
+           
+
+            return Ok(cartContent);
+        }
+
+        // PUT: api/CartContents/5
+        [HttpPut]
+        [Route("api/users/{userId}/basket")]
+        [Authorize]
+        [ResponseType(typeof(void))]
+        public async Task<IHttpActionResult> PutCartContent(int userId, CartContentModel cartContent)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            if (userId != cartContent.userId)
+            {
+                return BadRequest("You are not authorized to access to this user's basket");
+            }
+
+            if (!CartContentExists(userId, cartContent.productId))
+            {
+                return NotFound();
+            }
+            if (cartContent.productQuantity < 1) return BadRequest("Please choose a positive product quantity!");
+            //Verify if the quantity in the cartContent if inferior to the available quantity for the product
+            int enoughProductInStock = db.product.Where(p => p.productId == cartContent.productId).FirstAsync().Result.availableQty.Value;
+            if (cartContent.productQuantity > enoughProductInStock)
+            {
+                return BadRequest(string.Format("There are only {0} products left!", enoughProductInStock));
+            }
+            db.Entry(new CartContent() { userId = cartContent.userId, productId = cartContent.productId, productQuantity = cartContent.productQuantity }).State = EntityState.Modified;
+
+            try
+            {
+                await db.SaveChangesAsync();
+            }
+            catch (DbUpdateConcurrencyException)
+            {
+                 throw;
+              
+            }
+
+            return StatusCode(HttpStatusCode.NoContent);
+        }
+
+        // POST: api/users/basket
+        [HttpPost]
+        [Route("api/users/{userId}/basket")]
+        [Authorize]
+        [ResponseType(typeof(CartContentModel))]
+        public async Task<IHttpActionResult> PostCartContent(int userId,CartContentModel cartContent)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            if (userId != cartContent.userId)    //verify that we are creating a cartcontent into the rigth user's basket
+            {
+                return BadRequest();
+            }
+            if (cartContent.productQuantity < 0) return BadRequest("Please choose a positive product quantity!");
+            if (!CartContentExists(userId, cartContent.productId))
+            {
+                //Verify if the quantity in the cartContent if inferior to the available quantity for the product
+                int enoughProductInStock = db.product.Where(p => p.productId == cartContent.productId).FirstAsync().Result.availableQty.Value;
+                if (cartContent.productQuantity > enoughProductInStock)
+                {
+                    return BadRequest(string.Format("There are only {0} products left!", enoughProductInStock));
+                }
+                db.CartContent.Add(new CartContent() { userId = cartContent.userId, productId = cartContent.productId, productQuantity = cartContent.productQuantity });
+            }
+            else return BadRequest("This product is already in your cart");
+            try
+            {
+                await db.SaveChangesAsync();
+            }
+            catch (DbUpdateException)
+            {
+                
+                throw;
+            }
+            
+            return Created("api/users/basket", cartContent);
+        }
+
+        
+        /// <summary>
+        /// Validate the basket, clear it and create a purchase.
+        /// </summary>
+        /// <param name="userId"></param>
+        /// <param name="cartContent"></param>
+        /// <returns></returns>
+        [HttpPut]
+        [Route("api/users/{userId}/basket/validate")]
+        [Authorize]
+        [ResponseType(typeof(purchase))]
+        public async Task<IHttpActionResult> ValidateBasket(int userId)
+        {
+            if (!ModelState.IsValid)
+            {
+                return BadRequest(ModelState);
+            }
+
+            if (!VerifyIdentity(userId))    //verify that we are creating a cartcontent into the rigth user's basket
+            {
+                return BadRequest("You are not authorized to access to this user's cart!");
+            }
+            
+            var basket = db.CartContent.Where(cc => cc.userId == userId);
+            if (!basket.Any())
+            {
+                return BadRequest("Your cart is empty!");
+            }
+            var purchaseContents = new List<purchaseContent>();
+
+            foreach (CartContent item in basket)
+            {
+                var purchaseContent = new purchaseContent();
+                purchaseContent.productId = item.productId;
+                purchaseContent.product = item.product;
+                purchaseContent.productQuantity = item.productQuantity;
+                purchaseContents.Add(purchaseContent);
+            }
+
+            var purchase = db.purchase.Add(new purchase() { userId = userId, purchaseDate = DateTime.Today, purchaseContent = purchaseContents });
+
+            try
+            {
+                //Clearing the basket
+                await ClearBasket(basket.ToListAsync().Result);
+            }
+            catch (DbUpdateException)
+            {
+                throw;
+            }
+            
+            return Created("api/users/{userId}/basket/validate", purchase);
+        }
+
+        // DELETE: api/users/{userId}/basket
+        [HttpDelete]
+        [Route("api/users/{userId}/basket/{productId}")]
+        [Authorize]
+        [ResponseType(typeof(CartContentModel))]
+        public async Task<IHttpActionResult> DeleteCartContent(int userId, int productId)
+        {
+            if (!VerifyIdentity(userId))
+            {
+                return BadRequest("You are not authorized to access to this user's basket");
+            }
+            var cartContent = db.CartContent.Where(cc => cc.userId == userId && cc.productId == productId);
+            if (!cartContent.Any())
+            {
+                return NotFound();
+            }
+
+            if (userId != cartContent.FirstAsync().Result.userId)
+            {
+                return BadRequest("You are not authorized to access to this user's basket");
+            }
+
+            db.CartContent.Remove(cartContent.FirstAsync().Result);
+            await db.SaveChangesAsync();
+            return Ok(cartContent);
+        }
+
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                db.Dispose();
+            }
+            base.Dispose(disposing);
+        }
+
+        private bool CartContentExists(int userId, int productId)
+        {
+            return db.CartContent.Count(e => e.userId == userId && e.productId == productId) > 0;
+        }
+
+        private async Task<int> ClearBasket(List<CartContent> basket)
+        {
+            db.CartContent.RemoveRange(basket);
+            return await db.SaveChangesAsync();
+        }
+
+        public bool VerifyIdentity(int userId)
+        {
+            return db.user.Where(cc => cc.mail.Equals(this.User.Identity.Name)).FirstAsync().Result.userId == userId;
+        }
+    }
+}
@@ -0,0 +1,14 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+
+namespace Zenergy.Models
+{
+    public class CartContentModel
+    {
+        public int userId { get; set; }
+        public int productId { get; set; }
+        public int productQuantity { get; set; }
+    }
+}
@@ -0,0 +1,48 @@
+<div class="container ">
+    <div class="row">
+        <div class="col-md-12">
+            <h2>Shopping cart</h2>
+            <table class="table table-striped">
+                <thead>
+                    <tr>
+                        <th>
+                                Name
+                        </th>
+                        <th>
+                                Description
+                        </th>
+                        <th>
+                                Price
+                        </th>
+                        <th>
+                                Reduction (only for members)
+                        </th>
+                        <th>
+                                Quantity
+                        </th>
+                    </tr>
+                </thead>
+                <tbody>
+                    <tr ng-repeat="c in cartContents" id="tr{{c.productId}}">
+                        <td>{{c.product.productName}}</td>
+                        <td>{{c.product.productDescr}}</td>
+                        <td>{{c.product.productPrice}} €</td>
+                        <td>{{c.product.memberReduction}} %</td>
+                        <td>
+                            <button type="button" class="btn btn-danger btn-xs" ng-click="setQuantity(c,-1)"><span class="glyphicon glyphicon glyphicon-minus" aria-hidden="true"></span></button> 
+                            {{c.productQuantity}} 
+                            <button type="button" class="btn btn-success btn-xs" ng-click="setQuantity(c,1)"><span class="glyphicon glyphicon glyphicon-plus" aria-hidden="true"></span></button>
+                        </td>
+                        <td width="10%"><button type="button" class="btn btn-warning btn-block" ng-click="deleteCC(c)"><span class="glyphicon glyphicon glyphicon-remove" aria-hidden="true"></span></button></td>
+                    </tr>
+                  
+                </tbody>
+            </table>
+            <div class="col-md-2 col-md-offset-9">
+                <h3>Total : {{getTotal()}} €</h3>
+                <input class="btn btn-primary btn-lg" value="Proceed" ng-click="proceed()" />
+            </div>
+            
+        </div>
+    </div>
+</div>
@@ -1,7 +1,5 @@
 <div class="jumbotron">
-    <h1>ASP.NET</h1>
-    <p class="lead">ASP.NET is a free web framework for building great Web sites and Web applications using HTML, CSS and JavaScript.</p>
-    <p><a href="http://asp.net" class="btn btn-primary btn-lg">Learn more &raquo;</a></p>
-    <p ng-cloak ng-show="isConnected">Connected AS : {{name}}</p>
-    {{users}}
+    <h1>Zenergy</h1>
+    <p class="lead">Welcome on our website. Here you can manage your account, subscribe to the club and to events. You can also visit our shop to buy some items </p>
+    <p><a ng-hide="isAuthanticated()" href="#Register" class="btn btn-primary btn-lg">Try it</a></p>
 </div>
@@ -7,7 +7,7 @@ <h2>Products managment</h2>
                     <div class="input-group">
                         <div class="input-group-addon"><i class="glyphicon glyphicon-search"></i></div>
 
-                        <input type="text" class="form-control" placeholder="Search for a product" ng-model="searchProduct">
+                        <input type="text" class="form-control" placeholder="Search for a product (by name)" ng-model="searchProduct.productName">
                     </div>
                 </div>
             </form>
@@ -112,7 +112,7 @@ <h3 class="modal-title">Edit product n° {{productToUpdate.productId}} ?</h3>
                         <td>{{p.productName}}</td>
                         <td>{{p.productDescr}}</td>
                         <td>{{p.productPrice}} €</td>
-                        <td>{{p.memberReduction}} €</td>
+                        <td>{{p.memberReduction}} %</td>
                         <td>{{p.availableQty}}</td>
                         <td width="100px"><input class="btn btn-primary btn-sm" value="Edit" ng-click="update(p)" /></td>
                         <td width="100px"><input class="btn btn-danger btn-sm" value="Delete" ng-click="delete(p)" /></td>