admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-12-11 23:54:12 +00:00
parent 4f43229a35
commit 2d444e1116
2 changed files with 187 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

162
server/AyaNova/Controllers/MemoController.cs Normal file
View File

@@ -0,0 +1,162 @@
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Logging;
using AyaNova.Models;
using AyaNova.Api.ControllerHelpers;
using AyaNova.Biz;
namespace AyaNova.Api.Controllers
{
[ApiController]
[ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/memo")]
[Produces("application/json")]
[Authorize]
public class MemoController : ControllerBase
{
private readonly AyContext ct;
private readonly ILogger<MemoController> log;
private readonly ApiServerState serverState;
/// <summary>
/// ctor
/// </summary>
/// <param name="dbcontext"></param>
/// <param name="logger"></param>
/// <param name="apiServerState"></param>
public MemoController(AyContext dbcontext, ILogger<MemoController> logger, ApiServerState apiServerState)
{
ct = dbcontext;
log = logger;
serverState = apiServerState;
}
/// <summary>
/// Create Memo
/// </summary>
/// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param>
/// <returns></returns>
[HttpPost]
public async Task<IActionResult> PostMemo([FromBody] Memo newObject, ApiVersion apiVersion)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
MemoBiz biz = MemoBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
Memo o = await biz.CreateAsync(newObject);
if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors));
else
return CreatedAtAction(nameof(MemoController.GetMemo), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
}
//NO DUPLICATING MEMOS
// /// <summary>
// /// Duplicate Memo
// /// (Wiki and Attachments are not duplicated)
// /// </summary>
// /// <param name="id">Source object id</param>
// /// <param name="apiVersion">From route path</param>
// /// <returns>Memo</returns>
// [HttpPost("duplicate/{id}")]
// public async Task<IActionResult> DuplicateMemo([FromRoute] long id, ApiVersion apiVersion)
// {
// if (!serverState.IsOpen)
// return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
// MemoBiz biz = MemoBiz.GetBiz(ct, HttpContext);
// if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
// return StatusCode(403, new ApiNotAuthorizedResponse());
// if (!ModelState.IsValid)
// return BadRequest(new ApiErrorResponse(ModelState));
// Memo o = await biz.DuplicateAsync(id);
// if (o == null)
// return BadRequest(new ApiErrorResponse(biz.Errors));
// else
// return CreatedAtAction(nameof(MemoController.GetMemo), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
// }
/// <summary>
/// Get Memo
/// </summary>
/// <param name="id"></param>
/// <returns>Memo</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetMemo([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
MemoBiz biz = MemoBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o));
}
//NO UPDATING MEMOS
// /// <summary>
// /// Put (update) Memo
// /// </summary>
// /// <param name="updatedObject"></param>
// /// <returns></returns>
// [HttpPut]
// public async Task<IActionResult> PutMemo([FromBody] Memo updatedObject)
// {
// if (!serverState.IsOpen)
// return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
// if (!ModelState.IsValid)
// return BadRequest(new ApiErrorResponse(ModelState));
// MemoBiz biz = MemoBiz.GetBiz(ct, HttpContext);
// if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
// return StatusCode(403, new ApiNotAuthorizedResponse());
// var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
// if (o == null)
// {
// if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
// return StatusCode(409, new ApiErrorResponse(biz.Errors));
// else
// return BadRequest(new ApiErrorResponse(biz.Errors));
// }
// return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }));;
// }
/// <summary>
/// Delete Memo
/// </summary>
/// <param name="id"></param>
/// <returns>NoContent</returns>
[HttpDelete("{id}")]
public async Task<IActionResult> DeleteMemo([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
MemoBiz biz = MemoBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent();
}
//------------
}//eoc
}//eons

30
server/AyaNova/biz/MemoBiz.cs
View File

@@ -42,7 +42,8 @@ namespace AyaNova.Biz
//
internal async Task<Memo> CreateAsync(Memo newObject)
{
await ValidateAsync(newObject, null);
await ValidateAsync(newObject);//a bit different, can't update a memo so only need to worry about new objects
if (HasErrors)
return null;
else
@@ -103,8 +104,11 @@ namespace AyaNova.Biz
return ret;
}
////////////////////////////////////////////////////////////////////////////////////////////////
//UPDATE
//UPDATE - ## NOTE: only internally, not exposed to controller route only here for batch ops
//
//
internal async Task<Memo> PutAsync(Memo putObject)
{
@@ -120,7 +124,7 @@ namespace AyaNova.Biz
dbObject.Tags = TagBiz.NormalizeTags(dbObject.Tags);
dbObject.CustomFields = JsonUtil.CompactJson(dbObject.CustomFields);
ct.Entry(dbObject).OriginalValues["Concurrency"] = putObject.Concurrency;
await ValidateAsync(dbObject, SnapshotOfOriginalDBObj);
await ValidateAsync(dbObject);
if (HasErrors) return null;
try
{
@@ -208,10 +212,25 @@ namespace AyaNova.Biz
//VALIDATION
//
private async Task ValidateAsync(Memo proposedObj, Memo currentObj)
private async Task ValidateAsync(Memo proposedObj)
{
bool isNew = currentObj == null;
//skip validation if seeding
if (ServerBootConfig.SEEDING) return;
//Only can send a memo from your own account or alternatively as the SuperUser account due to v7Import or other import tasks
if (proposedObj.FromId != UserId && proposedObj.FromId != 1)
{
AddError(ApiErrorCode.NOT_AUTHORIZED, "FromId", "No impersonation");
return;//no need to bother with any other validation, this is not allowed
}
//valid TO ID?
if (!await ct.User.AnyAsync(m => m.Id == proposedObj.ToId))
{
AddError(ApiErrorCode.VALIDATION_INVALID_VALUE, "ToId");
return;//no need to bother with any other validation
}
//Name ("subject") is still required for a memo, empty subject not valid
//also, subject was required by biz rule in v7 so no need to worry about that on migrate
@@ -219,6 +238,7 @@ namespace AyaNova.Biz
AddError(ApiErrorCode.VALIDATION_REQUIRED, "Name");
//Name does *NOT* need to be unique because for memo it's actually the subject line
//just kept internal naming the same to make coding easier with less workarounds