diff --git a/ToDo.yaml b/ToDo.yaml index 4d6307c..80938c7 100755 --- a/ToDo.yaml +++ b/ToDo.yaml @@ -2,17 +2,8 @@ Server: Emails: Dont follow theme of website - Admin Functions: - Need to inforce Admin on the API side - - Authentication ProductController: - When the create account is called. right after the getaccount is called. - Have all New for database return the object they create - Need to timeout email reset tokens: - Need to impliment Reset / Delte JobListingContorller - Client: diff --git a/src/Server/Controllers/CompanyController.cs b/src/Server/Controllers/CompanyController.cs new file mode 100644 index 0000000..799f4f0 --- /dev/null +++ b/src/Server/Controllers/CompanyController.cs @@ -0,0 +1,51 @@ +using Microsoft.AspNetCore.Mvc; +using BoredCareers.Services.DatabaseService; +using BoredCareers.Entities; +using System.Web.Http; + +namespace BoredCareers.Controllers { + [ApiController] + [Route("api/company/")] + public class CompanyController : MistoxControllerBase { + + public CompanyController(DatabaseService db) : base(db) {} + + [Route("get")] + [HttpPost] + public async Task GetCompany([FromForm] int companyID) { + if (isLoggedIn()) { + Company? company = await _databaseService.GetCompany(companyID); + if (company != null) { + return Ok(company); + } + } + return NotFound(); + } + + [Route("set")] + [HttpPost] + public async Task SetCompany([FromBody] Company company) { + if (isLoggedIn()) { + if (await isLoggedInUserEmployeeOf(company.ID)) { + await _databaseService.SetCompany(company); + return Ok(); + } + } + return NotFound(); + } + + [Route("delete")] + [HttpPost] + public async Task DeleteCompany([FromForm] int CompanyID) { + if (isLoggedIn()) { + if (await isLoggedInUserEmployeeOf(CompanyID)) { + await _databaseService.DeleteCompany(CompanyID); + return Ok(); + } + } + return NotFound(); + } + + } + +} diff --git a/src/Server/Controllers/JobListingController.cs b/src/Server/Controllers/JobListingController.cs index f177fbe..805d12a 100644 --- a/src/Server/Controllers/JobListingController.cs +++ b/src/Server/Controllers/JobListingController.cs @@ -10,17 +10,14 @@ namespace BoredCareers.Controllers { public JobListingController(DatabaseService db) : base(db) {} - [Route("getlistings")] + [Route("getpage")] [HttpPost] public async Task GetJobListings([FromForm] int page) { - if (isLoggedIn()) { - JobListing[] jobListings = await _databaseService.GetJobListingPage(page, 25); // 10 items per page - return Ok(jobListings); - } - return NotFound(); + JobListing[] jobListings = await _databaseService.GetJobListingPage(page, 25); // 10 items per page + return Ok(jobListings); } - [Route("getlisting")] + [Route("get")] [HttpPost] public async Task GetJobListing([FromForm] int JobListingID) { JobListing? jobListing = await _databaseService.GetJobListing(JobListingID); @@ -32,16 +29,27 @@ namespace BoredCareers.Controllers { [Route("set")] [HttpPost] - public async Task SetJobListing([FromBody] Resume resume) { - await Task.Delay(1); - return Ok(); + public async Task SetJobListing([FromBody] JobListing jobListing) { + if (isLoggedIn()) { + if (await isLoggedInUserEmployeeOf(jobListing.CompanyID)) { + await _databaseService.SetJobListing(jobListing); + } + } + return NotFound(); } [Route("delete")] [HttpPost] - public async Task DeleteJobListing([FromForm] int ResumeID) { - await Task.Delay(1); - return Ok(); + public async Task DeleteJobListing([FromForm] int JobListingID) { + if (isLoggedIn()) { + JobListing? jobListing = await _databaseService.GetJobListing(JobListingID); + if (jobListing != null) { + if (await isLoggedInUserEmployeeOf(JobListingID)) { + await _databaseService.DeleteJobListing(JobListingID); + } + } + } + return NotFound(); } } diff --git a/src/Server/Controllers/MistoxControllerBase.cs b/src/Server/Controllers/MistoxControllerBase.cs index daed8cc..0084227 100644 --- a/src/Server/Controllers/MistoxControllerBase.cs +++ b/src/Server/Controllers/MistoxControllerBase.cs @@ -35,6 +35,16 @@ namespace BoredCareers.Controllers { } } + public async Task isLoggedInUserEmployeeOf(int CompanyID) { + Employee[] employees = await _databaseService.GetEmployees(CompanyID); + foreach (Employee cur in employees) { + if (getLoggedInUserID() == cur.AccountID) { + return true; + } + } + return false; + } + public string Substitue(string message, string subString, string Replacement) { for (int i = 0; i < (message.Length - subString.Length); i++) { if (message.Substring(i, subString.Length) == subString) { diff --git a/src/Server/Controllers/ResumeController.cs b/src/Server/Controllers/ResumeController.cs index 9e12fc3..01d6c67 100644 --- a/src/Server/Controllers/ResumeController.cs +++ b/src/Server/Controllers/ResumeController.cs @@ -21,7 +21,7 @@ namespace BoredCareers.Controllers { return NotFound(); } - [Route("getfull")] + [Route("get")] [HttpPost] public async Task GetResume([FromForm] int ResumeID) { Resume? resume = await _databaseService.GetResume(ResumeID);