admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2018-09-06 22:18:26 +00:00
parent 499edce0b6
commit 5bb433caf3
3 changed files with 580 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

381
server/AyaNova/Controllers/TagGroupController.cs Normal file
View File

@@ -0,0 +1,381 @@
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.JsonPatch;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging;
using AyaNova.Models;
using AyaNova.Api.ControllerHelpers;
using AyaNova.Biz;
namespace AyaNova.Api.Controllers
{
/// <summary>
/// TagGroup controller
/// </summary>
[ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")]
[Produces("application/json")]
[Authorize]
public class TagGroupController : Controller
{
private readonly AyContext ct;
private readonly ILogger<TagGroupController> log;
private readonly ApiServerState serverState;
/// <summary>
/// ctor
/// </summary>
/// <param name="dbcontext"></param>
/// <param name="logger"></param>
/// <param name="apiServerState"></param>
public TagGroupController(AyContext dbcontext, ILogger<TagGroupController> logger, ApiServerState apiServerState)
{
ct = dbcontext;
log = logger;
serverState = apiServerState;
}
/// <summary>
/// Get TagGroup
///
/// Required roles:
/// AnyOne
/// </summary>
/// <param name="id"></param>
/// <returns>A TagGroup</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetTagGroup([FromRoute] long id)
{
if (!serverState.IsOpen)
{
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
}
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.TagGroup))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
}
if (!ModelState.IsValid)
{
return BadRequest(new ApiErrorResponse(ModelState));
}
//Instantiate the business object handler
TagGroupBiz biz = new TagGroupBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
var o = await biz.GetAsync(id);
if (o == null)
{
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
return Ok(new ApiOkResponse(o));
}
/// <summary>
/// Get TagGroup pick list
///
/// Required roles: AnyRole
///
/// This endpoint queries the Name property of TagGroups for
/// items that **START WITH** the characters submitted in the
/// "q" parameter
///
/// Unlike most other picklists, wildcard characters if found in the query will be escaped and be considered part of the search string
/// Query is case insensitive as all TagGroups are lowercase
///
/// Empty queries will return all TagGroups
///
/// </summary>
/// <returns>Paged id/name collection of TagGroups with paging data</returns>
[HttpGet("PickList", Name = nameof(PickList))]
public async Task<IActionResult> PickList([FromQuery] string q, [FromQuery] PagingOptions pagingOptions)
{
if (!serverState.IsOpen)
{
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
}
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.TagGroup))//Note: anyone can read a TagGroup, but that might change in future so keeping this code in
{
return StatusCode(401, new ApiNotAuthorizedResponse());
}
if (!ModelState.IsValid)
{
return BadRequest(new ApiErrorResponse(ModelState));
}
//Instantiate the business object handler
TagGroupBiz biz = new TagGroupBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
ApiPagedResponse<NameIdItem> pr = await biz.GetPickListAsync(Url, nameof(PickList), pagingOptions, q);
return Ok(new ApiOkWithPagingResponse<NameIdItem>(pr));
}
/// <summary>
/// Post TagGroup
///
/// Required roles:
/// BizAdminFull, DispatchFull, InventoryFull, TechFull, AccountingFull
/// </summary>
/// <param name="inObj">String name of TagGroup</param>
/// <returns><see cref="TagGroup"/> object</returns>
[HttpPost]
public async Task<IActionResult> PostTagGroup([FromBody] NameItem inObj)
{
if (!serverState.IsOpen)
{
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
}
//If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, AyaType.TagGroup))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
}
if (!ModelState.IsValid)
{
return BadRequest(new ApiErrorResponse(ModelState));
}
//Instantiate the business object handler
TagGroupBiz biz = new TagGroupBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
//Create and validate
TagGroup o = await biz.CreateAsync(inObj.Name);
if (o == null)
{
//error return
return BadRequest(new ApiErrorResponse(biz.Errors));
}
else
{
//save and get ID for log then success return
await ct.SaveChangesAsync();
//Log
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, AyaType.TagGroup, AyaEvent.Created), ct);
await ct.SaveChangesAsync();
return CreatedAtAction("GetTagGroup", new { id = o.Id }, new ApiCreatedResponse(o));
}
}
/// <summary>
/// Put (update) TagGroup
///
/// Required roles:
/// BizAdminFull, DispatchFull, InventoryFull, TechFull, AccountingFull
///
/// </summary>
/// <param name="id"></param>
/// <param name="oIn"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutTagGroup([FromRoute] long id, [FromBody] TagGroup oIn)
{
if (!serverState.IsOpen)
{
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
}
if (!ModelState.IsValid)
{
return BadRequest(new ApiErrorResponse(ModelState));
}
var oFromDb = await ct.TagGroup.SingleOrDefaultAsync(m => m.Id == id);
if (oFromDb == null)
{
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.TagGroup, oFromDb.OwnerId))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
}
//Instantiate the business object handler
TagGroupBiz biz = new TagGroupBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
if (!biz.Put(oFromDb, oIn))
{
return BadRequest(new ApiErrorResponse(biz.Errors));
}
//Log
EventLogProcessor.AddEntry(new Event(biz.userId, oFromDb.Id, AyaType.TagGroup, AyaEvent.Modified), ct);
try
{
await ct.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!TagGroupExists(id))
{
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
else
{
//exists but was changed by another user
//I considered returning new and old record, but where would it end?
//Better to let the client decide what to do than to send extra data that is not required
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
}
return Ok(new ApiOkResponse(new { ConcurrencyToken = oFromDb.ConcurrencyToken }));
}
/// <summary>
/// Patch (update) TagGroup
/// Required roles: BizAdminFull, DispatchFull, InventoryFull, TechFull, AccountingFull
/// </summary>
/// <param name="id"></param>
/// <param name="concurrencyToken"></param>
/// <param name="objectPatch"></param>
/// <returns></returns>
[HttpPatch("{id}/{concurrencyToken}")]
public async Task<IActionResult> PatchTagGroup([FromRoute] long id, [FromRoute] uint concurrencyToken, [FromBody]JsonPatchDocument<TagGroup> objectPatch)
{
//https://dotnetcoretutorials.com/2017/11/29/json-patch-asp-net-core/
if (!serverState.IsOpen)
{
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
}
if (!ModelState.IsValid)
{
return BadRequest(new ApiErrorResponse(ModelState));
}
//Instantiate the business object handler
TagGroupBiz biz = new TagGroupBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
var oFromDb = await ct.TagGroup.SingleOrDefaultAsync(m => m.Id == id);
if (oFromDb == null)
{
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.TagGroup, oFromDb.OwnerId))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
}
//patch and validate
if (!biz.Patch(oFromDb, objectPatch, concurrencyToken))
{
return BadRequest(new ApiErrorResponse(biz.Errors));
}
//Log
EventLogProcessor.AddEntry(new Event(biz.userId, oFromDb.Id, AyaType.TagGroup, AyaEvent.Modified), ct);
try
{
await ct.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!TagGroupExists(id))
{
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
else
{
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
}
return Ok(new ApiOkResponse(new { ConcurrencyToken = oFromDb.ConcurrencyToken }));
}
/// <summary>
/// Delete TagGroup
/// Required roles: BizAdminFull, DispatchFull, InventoryFull, TechFull, AccountingFull
/// </summary>
/// <param name="id"></param>
/// <returns>Ok</returns>
[HttpDelete("{id}")]
public async Task<IActionResult> DeleteTagGroup([FromRoute] long id)
{
if (!serverState.IsOpen)
{
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
}
if (!ModelState.IsValid)
{
return BadRequest(new ApiErrorResponse(ModelState));
}
var dbObj = await ct.TagGroup.SingleOrDefaultAsync(m => m.Id == id);
if (dbObj == null)
{
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, AyaType.TagGroup, dbObj.OwnerId))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
}
//Instantiate the business object handler
TagGroupBiz biz = new TagGroupBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
if (!biz.Delete(dbObj))
{
return BadRequest(new ApiErrorResponse(biz.Errors));
}
//Log
EventLogProcessor.DeleteObject(biz.userId, AyaType.TagGroup, dbObj.Id, dbObj.Name, ct);
await ct.SaveChangesAsync();
return NoContent();
}
private bool TagGroupExists(long id)
{
return ct.TagGroup.Any(e => e.Id == id);
}
//------------
}
}

197
server/AyaNova/Controllers/TagGroupMapController.cs Normal file
View File

@@ -0,0 +1,197 @@
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging;
using AyaNova.Models;
using AyaNova.Api.ControllerHelpers;
using AyaNova.Biz;
namespace AyaNova.Api.Controllers
{
/// <summary>
/// TagGroupMap controller
/// </summary>
[ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")]
[Produces("application/json")]
[Authorize]
public class TagGroupMapController : Controller
{
private readonly AyContext ct;
private readonly ILogger<TagGroupMapController> log;
private readonly ApiServerState serverState;
/// <summary>
/// ctor
/// </summary>
/// <param name="dbcontext"></param>
/// <param name="logger"></param>
/// <param name="apiServerState"></param>
public TagGroupMapController(AyContext dbcontext, ILogger<TagGroupMapController> logger, ApiServerState apiServerState)
{
ct = dbcontext;
log = logger;
serverState = apiServerState;
}
/// <summary>
/// Get TagGroupMap object
/// Required roles: BizAdminFull, DispatchFull, InventoryFull, TechFull, AccountingFull
/// </summary>
/// <param name="id"></param>
/// <returns>A TagGroupMap</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetTagGroupMap([FromRoute] long id)
{
if (!serverState.IsOpen)
{
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
}
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.TagGroupMap))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
}
if (!ModelState.IsValid)
{
return BadRequest(new ApiErrorResponse(ModelState));
}
//Instantiate the business object handler
TagGroupMapBiz biz = new TagGroupMapBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
var o = await biz.GetAsync(id);
if (o == null)
{
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
return Ok(new ApiOkResponse(o));
}
/// <summary>
/// Post TagGroupMap - Map a tag to a group
/// Required roles: BizAdminFull, DispatchFull, InventoryFull, TechFull, AccountingFull
/// </summary>
/// <param name="inObj">TagGroupMapInfo</param>
/// <returns><see cref="TagGroupMap"/> object</returns>
[HttpPost]
public async Task<IActionResult> PostTagGroupMap([FromBody] TagGroupMapInfo inObj)
{
if (!serverState.IsOpen)
{
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
}
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, AyaType.TagGroupMap))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
}
if (!ModelState.IsValid)
{
return BadRequest(new ApiErrorResponse(ModelState));
}
//Instantiate the business object handler
TagGroupMapBiz biz = new TagGroupMapBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
//Create and validate
TagGroupMap o = await biz.CreateAsync(inObj);
if (o == null)
{
//error return
return BadRequest(new ApiErrorResponse(biz.Errors));
}
else
{
//save and success return
await ct.SaveChangesAsync();
//BIZLOG: Not going to log this for now, it's too common an operation and would require bringing in more info. If decide to implement should log the parent object with text of tag instead
//and don't forget about import from v7 as well
return CreatedAtAction("GetTagGroupMap", new { id = o.Id }, new ApiCreatedResponse(o));
}
}
/// <summary>
/// Delete TagGroupMap
/// Required roles: BizAdminFull, DispatchFull, InventoryFull, TechFull, AccountingFull
/// </summary>
/// <param name="id"></param>
/// <returns>Ok</returns>
[HttpDelete("{id}")]
public async Task<IActionResult> DeleteTagGroupMap([FromRoute] long id)
{
if (!serverState.IsOpen)
{
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
}
if (!ModelState.IsValid)
{
return BadRequest(new ApiErrorResponse(ModelState));
}
var dbObj = await ct.TagGroupMap.SingleOrDefaultAsync(m => m.Id == id);
if (dbObj == null)
{
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, AyaType.TagGroupMap, dbObj.OwnerId))
{
return StatusCode(401, new ApiNotAuthorizedResponse());
}
//Instantiate the business object handler
TagGroupMapBiz biz = new TagGroupMapBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
if (!biz.Delete(dbObj))
{
return BadRequest(new ApiErrorResponse(biz.Errors));
}
await ct.SaveChangesAsync();
//BIZLOG: Not going to log this for now, it's too common an operation and would require bringing in more info. If decide to implement should log the parent object with text of tag instead
return NoContent();
}
private bool TagGroupMapExists(long id)
{
return ct.TagGroupMap.Any(e => e.Id == id);
}
//------------
}//eoc
}

4
server/AyaNova/biz/BizRoles.cs
View File

@@ -124,10 +124,10 @@ namespace AyaNova.Biz
////////////////////////////////////////////////////////////
//TAGGROUPMAP - MIRROR TAGMAP
//Any roles can tag objects and remove tags as per their rights to the taggable object type in question
//Full roles can make new taggroupmaps and can edit or delete existing taggroupmaps
roles.Add(AyaType.TagGroupMap, new BizRoleSet()
{
Change = AuthorizationRoles.AnyRole,
Change = AuthorizationRoles.BizAdminFull | AuthorizationRoles.DispatchFull | AuthorizationRoles.InventoryFull | AuthorizationRoles.TechFull | AuthorizationRoles.AccountingFull,
EditOwn = AuthorizationRoles.NoRole,
ReadFullRecord = AuthorizationRoles.AnyRole
});