From 7e8fa10f91e23674e872179813d633cbc25381a9 Mon Sep 17 00:00:00 2001 From: Daniel Gyulai Date: Tue, 24 Nov 2020 18:51:15 +0100 Subject: [PATCH] Assistant of doctor can query/modify children assigned to said doctor --- CoviDok/BLL/User/Handlers/IChildHandler.cs | 37 +++--- CoviDok/BLL/User/Managers/ChildManager.cs | 132 ++++++++++----------- CoviDok/Data/MySQL/MySqlChildHandler.cs | 88 ++++++++------ 3 files changed, 134 insertions(+), 123 deletions(-) diff --git a/CoviDok/BLL/User/Handlers/IChildHandler.cs b/CoviDok/BLL/User/Handlers/IChildHandler.cs index 1f5fa39..b1b4fde 100644 --- a/CoviDok/BLL/User/Handlers/IChildHandler.cs +++ b/CoviDok/BLL/User/Handlers/IChildHandler.cs @@ -1,18 +1,19 @@ -using CoviDok.Api.Objects; -using CoviDok.BLL.Sessions; -using CoviDok.Data.Model; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Threading.Tasks; - -namespace CoviDok.BLL.User.Managers -{ - interface IChildHandler - { - public Task GetChild(int id); - public Task UpdateChild(int id, Child newData); - public Task AddChild(Child newChild); - public List GetChildren(int parentId); - } -} +using CoviDok.Api.Objects; +using CoviDok.BLL.Sessions; +using CoviDok.Data.Model; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Threading.Tasks; + +namespace CoviDok.BLL.User.Managers +{ + interface IChildHandler + { + public Task GetChild(int id); + public Task UpdateChild(int id, Child newData); + public Task AddChild(Child newChild); + public List GetChildren(int parentId); + public bool IsAuthorized(Session s, Child c); + } +} diff --git a/CoviDok/BLL/User/Managers/ChildManager.cs b/CoviDok/BLL/User/Managers/ChildManager.cs index aff288c..9ab939c 100644 --- a/CoviDok/BLL/User/Managers/ChildManager.cs +++ b/CoviDok/BLL/User/Managers/ChildManager.cs @@ -1,66 +1,66 @@ -using CoviDok.Api.Objects; -using CoviDok.BLL.Sessions; -using CoviDok.BLL.User.Managers; -using CoviDok.Data.Model; -using CoviDok.Data.MySQL; -using Microsoft.EntityFrameworkCore; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Threading.Tasks; - -namespace CoviDok.Data.MySQL -{ - public class ChildManager - { - private readonly IChildHandler handler = new MySqlChildHandler(); - public async Task GetChild(Session s, int id) - { - Child child = await handler.GetChild(id); - if (child == null) throw new KeyNotFoundException(); - if (child.DoctorId == s.Id || child.ParentId == s.Id) - { - return child.ToPublic(); - } - else { - throw new UnauthorizedAccessException(); - } - } - - public List ChildrenOfParent(int parentId) - { - List ret = new List(); - foreach (Child child in handler.GetChildren(parentId)) - { - ret.Add(child.ToPublic()); - } - return ret; - } - - public async Task UpdateChild(Session s, int id, PublicChild newData) - { - if (id != newData.Id) throw new FormatException(); - - Child child = await handler.GetChild(id); - if (child == null) throw new KeyNotFoundException(); - if (child.ParentId == s.Id || child.DoctorId == s.Id) - { - child.UpdateSelf(newData); - await handler.UpdateChild(id, child); - } - else - { - throw new UnauthorizedAccessException(); - } - } - - public async Task AddChild(Session s, PublicChild newChild) - { - if (s.Id != newChild.ParentId) throw new UnauthorizedAccessException(); - Child child = new Child(); - child.UpdateSelf(newChild); - child.RegistrationDate = DateTime.Now; - return await handler.AddChild(child); - } - } -} +using CoviDok.Api.Objects; +using CoviDok.BLL.Sessions; +using CoviDok.BLL.User.Managers; +using CoviDok.Data.Model; +using CoviDok.Data.MySQL; +using Microsoft.EntityFrameworkCore; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Threading.Tasks; + +namespace CoviDok.Data.MySQL +{ + public class ChildManager + { + private readonly IChildHandler handler = new MySqlChildHandler(); + public async Task GetChild(Session s, int id) + { + Child child = await handler.GetChild(id); + if (child == null) throw new KeyNotFoundException(); + if (handler.IsAuthorized(s, child)) + { + return child.ToPublic(); + } + else { + throw new UnauthorizedAccessException(); + } + } + + public List ChildrenOfParent(int parentId) + { + List ret = new List(); + foreach (Child child in handler.GetChildren(parentId)) + { + ret.Add(child.ToPublic()); + } + return ret; + } + + public async Task UpdateChild(Session s, int id, PublicChild newData) + { + if (id != newData.Id) throw new FormatException(); + + Child child = await handler.GetChild(id); + if (child == null) throw new KeyNotFoundException(); + if (handler.IsAuthorized(s, child)) + { + child.UpdateSelf(newData); + await handler.UpdateChild(id, child); + } + else + { + throw new UnauthorizedAccessException(); + } + } + + public async Task AddChild(Session s, PublicChild newChild) + { + if (s.Id != newChild.ParentId) throw new UnauthorizedAccessException(); + Child child = new Child(); + child.UpdateSelf(newChild); + child.RegistrationDate = DateTime.Now; + return await handler.AddChild(child); + } + } +} diff --git a/CoviDok/Data/MySQL/MySqlChildHandler.cs b/CoviDok/Data/MySQL/MySqlChildHandler.cs index 42846a7..475af09 100644 --- a/CoviDok/Data/MySQL/MySqlChildHandler.cs +++ b/CoviDok/Data/MySQL/MySqlChildHandler.cs @@ -1,39 +1,49 @@ -using CoviDok.BLL; -using CoviDok.BLL.User.Managers; -using CoviDok.Data.Model; -using System; -using System.Collections.Generic; -using System.Linq; -using System.Threading.Tasks; - -namespace CoviDok.Data.MySQL -{ - public class MySqlChildHandler : IChildHandler - { - private readonly MySqlContext context = new MySqlContext(); - public async Task AddChild(Child child) - { - context.Children.Add(child); - await context.SaveChangesAsync(); - return child.Id; - } - - public async Task GetChild(int id) - { - return await context.Children.FindAsync(id); - } - - public List GetChildren(int parentId) - { - return (from c in context.Children where c.ParentId == parentId select c).ToList(); - } - - public async Task UpdateChild(int id, Child newData) - { - Child child = await context.Children.FindAsync(id); - context.Entry(child).State = Microsoft.EntityFrameworkCore.EntityState.Modified; - PropertyCopier.Copy(newData, child); - await context.SaveChangesAsync(); - } - } -} +using CoviDok.BLL; +using CoviDok.BLL.Sessions; +using CoviDok.BLL.User.Managers; +using CoviDok.Data.Model; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Threading.Tasks; + +namespace CoviDok.Data.MySQL +{ + public class MySqlChildHandler : IChildHandler + { + private readonly MySqlContext context = new MySqlContext(); + public async Task AddChild(Child child) + { + context.Children.Add(child); + await context.SaveChangesAsync(); + return child.Id; + } + + public async Task GetChild(int id) + { + return await context.Children.FindAsync(id); + } + + public List GetChildren(int parentId) + { + return (from c in context.Children where c.ParentId == parentId select c).ToList(); + } + + public async Task UpdateChild(int id, Child newData) + { + Child child = await context.Children.FindAsync(id); + context.Entry(child).State = Microsoft.EntityFrameworkCore.EntityState.Modified; + PropertyCopier.Copy(newData, child); + await context.SaveChangesAsync(); + } + + public bool IsAuthorized(Session s, Child c) + { + if (s.Id == c.DoctorId || s.Id == c.ParentId) return true; + // Ha van olyan Asszisztens, akinek; + // - a dokija egyezik az ügy dokijával + // - azonosítója a bejelentezett user azonosítója + return (context.Assistants.Any(a => a.Id == s.Id && a.DoctorId == c.DoctorId)); + } + } +}