Fix employee drivers

src/Server/Controllers/EmployeeController.cs

@@ -0,0 +1,64 @@
+using Microsoft.AspNetCore.Mvc;
+using BoredCareers.Services.DatabaseService;
+using BoredCareers.Entities;
+using System.Web.Http;
+
+namespace BoredCareers.Controllers {
+    [ApiController]
+    [Route("api/employee")]
+    public class EmployeeController : MistoxControllerBase {
+
+        public EmployeeController(DatabaseService db) : base(db) {}
+
+        [HttpGet("{CompanyID}")]
+        public async Task<IActionResult> GetEmployees([FromRoute] int CompanyID) {
+            if (isLoggedIn()) {
+                if (await isLoggedInUserEmployeeOf(CompanyID)) { 
+                    Employee[] employees = await _databaseService.GetEmployeesFromCompany(CompanyID);
+                    return Ok(employees);
+                }
+                return NotFound("You are not an employee of company");
+            }
+            return NotFound("Not logged in");
+        }
+
+        [HttpGet]
+        public async Task<IActionResult> GetEmployee() {
+            if (isLoggedIn()) {
+                Employee[] employees = await _databaseService.GetEmployeesFromAccount(getLoggedInUserID());
+                return Ok(employees);
+            }
+            return NotFound("Not logged in");
+        }
+
+        [HttpPost]
+        public async Task<IActionResult> SetEmployee([FromBody] Employee employee) {
+            if (isLoggedIn()) {
+                if (await isLoggedInUserEmployeeOf(employee.CompanyID)) {
+                    await _databaseService.SetEmployee(employee);
+                    return Ok();
+                }
+                return NotFound("You are not an employee of company");
+            }
+            return NotFound("Not logged in");
+        }
+
+        [HttpDelete]
+        public async Task<IActionResult> DeleteEmployee(int EmployeeID) {
+            if (isLoggedIn()) {
+                Employee? employee = await _databaseService.GetEmployee(EmployeeID);
+                if (employee != null) {
+                    if (await isLoggedInUserEmployeeOf(employee.CompanyID)) {
+                        await _databaseService.DeleteEmployee(EmployeeID);
+                        return Ok();
+                    }
+                    return NotFound("You are not an employee of company");
+                }
+                return NotFound("Employee not found");
+            }
+            return NotFound("Not logged in");
+        }
+
+    }
+
+}

src/Server/Services/DatabaseService/Employee.cs

@@ -6,8 +6,8 @@ using System.Data.Common;
 namespace BoredCareers.Services.DatabaseService {
     public partial class DatabaseService {
 
-        public async Task<Employee[]> GetEmployees( int CompanyID ) {
+        public async Task<Employee?> GetEmployee( int EmployeeID ) {
-            List<Employee> employees = new List<Employee>();
+            Employee? employee = null;
             using( MySqlConnection connection = GetConnection() ) {
                 connection.Open();
                 string command = @"
@@ -17,7 +17,7 @@ namespace BoredCareers.Services.DatabaseService {
                 ";
 
                 MySqlCommand cmd = new MySqlCommand(command, connection);
-                cmd.Parameters.AddWithValue("@ID", CompanyID);
+                cmd.Parameters.AddWithValue("@ID", EmployeeID);
                 
                 using( DbDataReader reader = await cmd.ExecuteReaderAsync() ) {
                     while( await reader.ReadAsync() ) {
@@ -26,6 +26,68 @@ namespace BoredCareers.Services.DatabaseService {
                         int _accountid = reader.GetInt32("AccountID");
                         int _companyid = reader.GetInt32("CompanyID");
 
+                        employee = new Employee() {
+                            ID = _id,
+                            AccountID = _accountid,
+                            CompanyID = _companyid
+                        };
+                    }
+                }
+            }
+            return employee;
+        }
+
+        public async Task<Employee[]> GetEmployeesFromCompany(int CompanyID) {
+            List<Employee> employees = new List<Employee>();
+            using (MySqlConnection connection = GetConnection()) {
+                connection.Open();
+                string command = @"
+                SELECT *
+                FROM Employee
+                WHERE CompanyID = @CompanyID;
+                ";
+
+                MySqlCommand cmd = new MySqlCommand(command, connection);
+                cmd.Parameters.AddWithValue("@CompanyID", CompanyID);
+
+                using (DbDataReader reader = await cmd.ExecuteReaderAsync()) {
+                    while (await reader.ReadAsync()) {
+                        if (reader == null) { break; }
+                        int _id = reader.GetInt32("ID");
+                        int _accountid = reader.GetInt32("AccountID");
+                        int _companyid = reader.GetInt32("CompanyID");
+
+                        employees.Add(new Employee() {
+                            ID = _id,
+                            AccountID = _accountid,
+                            CompanyID = _companyid
+                        });
+                    }
+                }
+            }
+            return employees.ToArray();
+        }
+        
+        public async Task<Employee[]> GetEmployeesFromAccount(int AccountID) {
+            List<Employee> employees = new List<Employee>();
+            using (MySqlConnection connection = GetConnection()) {
+                connection.Open();
+                string command = @"
+                SELECT *
+                FROM Employee
+                WHERE AccountID = @AccountID;
+                ";
+
+                MySqlCommand cmd = new MySqlCommand(command, connection);
+                cmd.Parameters.AddWithValue("@AccountID", AccountID);
+
+                using (DbDataReader reader = await cmd.ExecuteReaderAsync()) {
+                    while (await reader.ReadAsync()) {
+                        if (reader == null) { break; }
+                        int _id = reader.GetInt32("ID");
+                        int _accountid = reader.GetInt32("AccountID");
+                        int _companyid = reader.GetInt32("CompanyID");
+
                         employees.Add(new Employee() {
                             ID = _id,
                             AccountID = _accountid,
@@ -37,8 +99,8 @@ namespace BoredCareers.Services.DatabaseService {
             return employees.ToArray();
         }
 
-        public async Task SetEmployee( Employee employee ) {
+        public async Task SetEmployee(Employee employee) {
-            using( MySqlConnection connection = GetConnection() ) {
+            using (MySqlConnection connection = GetConnection()) {
                 connection.Open();
 
                 string command = @"
@@ -51,7 +113,7 @@ namespace BoredCareers.Services.DatabaseService {
                 CompanyID = @CompanyID;
                 ";
 
-                MySqlCommand cmd = new MySqlCommand( command , connection);
+                MySqlCommand cmd = new MySqlCommand(command, connection);
                 cmd.Parameters.AddWithValue("@ID", employee.ID);
                 cmd.Parameters.AddWithValue("@AccountID", employee.AccountID);
                 cmd.Parameters.AddWithValue("@CompanyID", employee.CompanyID);