1+ using System ;
2+ using System . Collections . Generic ;
3+ using System . Data ;
4+ using System . Data . Entity ;
5+ using System . Data . Entity . Infrastructure ;
6+ using System . Linq ;
7+ using System . Net ;
8+ using System . Net . Http ;
9+ using System . Threading . Tasks ;
10+ using System . Web . Http ;
11+ using System . Web . Http . Description ;
12+ using Zenergy . Models ;
13+
14+ namespace Zenergy . Controllers . ApiControllers
15+ {
16+ public class CartContentsController : ApiController
17+ {
18+ private ZenergyContext db = new ZenergyContext ( ) ;
19+
20+
21+ // GET: api/users/{userId}/basket
22+ [ HttpGet ]
23+ [ Route ( "api/users/{userId}/basket" ) ]
24+ [ Authorize ]
25+ [ ResponseType ( typeof ( IQueryable < CartContent > ) ) ]
26+ public IHttpActionResult GetCartContent ( int userId )
27+ {
28+ //verify the identity of the user
29+ var currentUserId = db . user . Where ( u => u . mail . Equals ( this . User . Identity . Name ) ) . FirstAsync ( ) . Result . userId ;
30+ if ( ! ( currentUserId == userId ) )
31+ {
32+ return BadRequest ( "You are not authorized to access this user's cart content!" ) ;
33+ }
34+ IQueryable < CartContent > cartContent = db . CartContent . Where ( cc => cc . userId == ( userId ) ) ;
35+ if ( ! cartContent . Any ( ) )
36+ {
37+ return NotFound ( ) ;
38+ }
39+
40+
41+ return Ok ( cartContent ) ;
42+ }
43+
44+ // PUT: api/CartContents/5
45+ [ HttpPut ]
46+ [ Route ( "api/users/{userId}/basket" ) ]
47+ [ Authorize ]
48+ [ ResponseType ( typeof ( void ) ) ]
49+ public async Task < IHttpActionResult > PutCartContent ( int userId , CartContentModel cartContent )
50+ {
51+ if ( ! ModelState . IsValid )
52+ {
53+ return BadRequest ( ModelState ) ;
54+ }
55+
56+ if ( userId != cartContent . userId )
57+ {
58+ return BadRequest ( "You are not authorized to access to this user's basket" ) ;
59+ }
60+
61+ if ( ! CartContentExists ( userId , cartContent . productId ) )
62+ {
63+ return NotFound ( ) ;
64+ }
65+
66+ //Verify if the quantity in the cartContent if inferior to the available quantity for the product
67+ int enoughProductInStock = db . product . Where ( p => p . productId == cartContent . productId ) . FirstAsync ( ) . Result . availableQty . Value ;
68+ if ( cartContent . productQuantity > enoughProductInStock )
69+ {
70+ return BadRequest ( string . Format ( "There are only {0} products left!" , enoughProductInStock ) ) ;
71+ }
72+ db . Entry ( new CartContent ( ) { userId = cartContent . userId , productId = cartContent . productId , productQuantity = cartContent . productQuantity } ) . State = EntityState . Modified ;
73+
74+ try
75+ {
76+ await db . SaveChangesAsync ( ) ;
77+ }
78+ catch ( DbUpdateConcurrencyException )
79+ {
80+ throw ;
81+
82+ }
83+
84+ return StatusCode ( HttpStatusCode . NoContent ) ;
85+ }
86+
87+ // POST: api/users/basket
88+ [ HttpPost ]
89+ [ Route ( "api/users/{userId}/basket" ) ]
90+ [ Authorize ]
91+ [ ResponseType ( typeof ( CartContentModel ) ) ]
92+ public async Task < IHttpActionResult > PostCartContent ( int userId , CartContentModel cartContent )
93+ {
94+ if ( ! ModelState . IsValid )
95+ {
96+ return BadRequest ( ModelState ) ;
97+ }
98+
99+ if ( userId != cartContent . userId ) //verify that we are creating a cartcontent into the rigth user's basket
100+ {
101+ return BadRequest ( ) ;
102+ }
103+ if ( ! CartContentExists ( userId , cartContent . productId ) )
104+ {
105+ //Verify if the quantity in the cartContent if inferior to the available quantity for the product
106+ int enoughProductInStock = db . product . Where ( p => p . productId == cartContent . productId ) . FirstAsync ( ) . Result . availableQty . Value ;
107+ if ( cartContent . productQuantity > enoughProductInStock )
108+ {
109+ return BadRequest ( string . Format ( "There are only {0} products left!" , enoughProductInStock ) ) ;
110+ }
111+ db . CartContent . Add ( new CartContent ( ) { userId = cartContent . userId , productId = cartContent . productId , productQuantity = cartContent . productQuantity } ) ;
112+ }
113+ else return BadRequest ( "This product is already in your cart" ) ;
114+ try
115+ {
116+ await db . SaveChangesAsync ( ) ;
117+ }
118+ catch ( DbUpdateException )
119+ {
120+
121+ throw ;
122+ }
123+
124+ return Created ( "api/users/basket" , cartContent ) ;
125+ }
126+
127+
128+ /// <summary>
129+ /// Validate the basket, clear it and create a purchase.
130+ /// </summary>
131+ /// <param name="userId"></param>
132+ /// <param name="cartContent"></param>
133+ /// <returns></returns>
134+ [ HttpPut ]
135+ [ Route ( "api/users/{userId}/basket/validate" ) ]
136+ [ Authorize ]
137+ [ ResponseType ( typeof ( purchase ) ) ]
138+ public async Task < IHttpActionResult > ValidateBasket ( int userId , CartContent cartContent )
139+ {
140+ if ( ! ModelState . IsValid )
141+ {
142+ return BadRequest ( ModelState ) ;
143+ }
144+
145+ if ( ! VerifyIdentity ( userId ) ) //verify that we are creating a cartcontent into the rigth user's basket
146+ {
147+ return BadRequest ( "You are not authorized to access to this user's cart!" ) ;
148+ }
149+
150+ var basket = db . CartContent . Where ( cc => cc . userId == userId ) ;
151+ if ( ! basket . Any ( ) )
152+ {
153+ return BadRequest ( "Your cart is empty!" ) ;
154+ }
155+ var purchaseContents = new List < purchaseContent > ( ) ;
156+
157+ foreach ( CartContent item in basket )
158+ {
159+ var purchaseContent = new purchaseContent ( ) ;
160+ purchaseContent . productId = item . productId ;
161+ purchaseContent . product = item . product ;
162+ purchaseContent . productQuantity = item . productQuantity ;
163+ purchaseContents . Add ( purchaseContent ) ;
164+
165+ var purchase = db . purchase . Add ( new purchase ( ) { userId = cartContent . userId , purchaseDate = DateTime . Today , user = cartContent . user , purchaseContent = purchaseContents } ) ;
166+
167+ try
168+ {
169+ //Clearing the basket
170+ await ClearBasket ( basket . ToListAsync ( ) . Result ) ;
171+ }
172+ catch ( DbUpdateException )
173+ {
174+ throw ;
175+ }
176+
177+ return Created ( "api/users/{userId}/basket/validate" , purchase ) ;
178+ }
179+
180+ // DELETE: api/users/{userId}/basket
181+ [ HttpDelete ]
182+ [ Route ( "api/users/{userId}/basket/{productId}" ) ]
183+ [ Authorize ]
184+ [ ResponseType ( typeof ( CartContentModel ) ) ]
185+ public async Task < IHttpActionResult > DeleteCartContent ( int userId , int productId )
186+ {
187+ if ( ! VerifyIdentity ( userId ) )
188+ {
189+ return BadRequest ( "You are not authorized to access to this user's basket" ) ;
190+ }
191+ var cartContent = db . CartContent . Where ( cc => cc . userId == userId && cc . productId == productId ) ;
192+ if ( ! cartContent . Any ( ) )
193+ {
194+ return NotFound ( ) ;
195+ }
196+
197+ if ( userId != cartContent . FirstAsync ( ) . Result . userId )
198+ {
199+ return BadRequest ( "You are not authorized to access to this user's basket" ) ;
200+ }
201+
202+ db . CartContent . Remove ( cartContent . FirstAsync ( ) . Result ) ;
203+ await db . SaveChangesAsync ( ) ;
204+ return Ok ( cartContent ) ;
205+ }
206+
207+ protected override void Dispose ( bool disposing )
208+ {
209+ if ( disposing )
210+ {
211+ db . Dispose ( ) ;
212+ }
213+ base . Dispose ( disposing ) ;
214+ }
215+
216+ private bool CartContentExists ( int userId , int productId )
217+ {
218+ return db . CartContent . Count ( e => e . userId == userId && e . productId == productId ) > 0 ;
219+ }
220+
221+ private async Task < int > ClearBasket ( List < CartContent > basket )
222+ {
223+ db . CartContent . RemoveRange ( basket ) ;
224+ return await db . SaveChangesAsync ( ) ;
225+ }
226+
227+ public bool VerifyIdentity ( int userId )
228+ {
229+ return db . user . Where ( cc => cc . mail . Equals ( this . User . Identity . Name ) ) . FirstAsync ( ) . Result . userId == userId ;
230+ }
231+ }
232+ }
0 commit comments