This commit is contained in:
@@ -8,10 +8,12 @@ namespace AyaNova.Api.ControllerHelpers
|
||||
{
|
||||
|
||||
public object Data { get; }
|
||||
public bool ReadOnly {get;}
|
||||
|
||||
public ApiOkResponse(object result)
|
||||
public ApiOkResponse(object result, bool isReadOnly)
|
||||
{
|
||||
Data = result;
|
||||
ReadOnly=isReadOnly;
|
||||
}
|
||||
}//eoc
|
||||
|
||||
|
||||
@@ -104,7 +104,7 @@ namespace AyaNova.Api.Controllers
|
||||
log.LogInformation("Auth retry dlkey");
|
||||
};
|
||||
|
||||
return Ok(new ApiOkResponse(new { dlkey = u.DlKey, expires = u.DlKeyExpire }));
|
||||
return Ok(new ApiOkResponse(new { dlkey = u.DlKey, expires = u.DlKeyExpire }, true));
|
||||
}
|
||||
|
||||
}
|
||||
@@ -247,7 +247,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//Return the list of attachment ids and filenames
|
||||
return Ok(new ApiOkResponse(returnList));
|
||||
return Ok(new ApiOkResponse(returnList, false));
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
||||
@@ -29,7 +29,7 @@ namespace AyaNova.Api.Controllers
|
||||
private readonly IConfiguration _configuration;
|
||||
private readonly ApiServerState serverState;
|
||||
private readonly IMetrics metrics;
|
||||
private const int JWT_LIFETIME_DAYS=7;
|
||||
private const int JWT_LIFETIME_DAYS = 7;
|
||||
|
||||
/// <summary>
|
||||
/// ctor
|
||||
@@ -120,7 +120,7 @@ namespace AyaNova.Api.Controllers
|
||||
};
|
||||
string TestToken = Jose.JWT.Encode(payload, secretKey, Algorithm);
|
||||
|
||||
|
||||
|
||||
//Post JWT creation test payloads
|
||||
switch (creds.Password)
|
||||
{
|
||||
@@ -129,9 +129,9 @@ namespace AyaNova.Api.Controllers
|
||||
break;
|
||||
case "TRANSPOSE_SIGNATURE":
|
||||
//Transpose two characters in the signature
|
||||
int len=TestToken.Length;
|
||||
var Transposed = TestToken.Substring(0,len-5) + TestToken[len-4] + TestToken[len-5] + TestToken.Substring(len-3,3);
|
||||
TestToken=Transposed;
|
||||
int len = TestToken.Length;
|
||||
var Transposed = TestToken.Substring(0, len - 5) + TestToken[len - 4] + TestToken[len - 5] + TestToken.Substring(len - 3, 3);
|
||||
TestToken = Transposed;
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -139,7 +139,7 @@ namespace AyaNova.Api.Controllers
|
||||
return Ok(new ApiOkResponse(new
|
||||
{
|
||||
token = TestToken
|
||||
}));
|
||||
}, true));
|
||||
|
||||
}
|
||||
|
||||
@@ -181,7 +181,7 @@ namespace AyaNova.Api.Controllers
|
||||
{
|
||||
//This is leaking information, instead just act like bad creds
|
||||
//return StatusCode(401, new ApiErrorResponse(ApiErrorCode.NOT_AUTHORIZED, null, "User deactivated"));
|
||||
return StatusCode(401, new ApiErrorResponse(ApiErrorCode.AUTHENTICATION_FAILED));
|
||||
return StatusCode(401, new ApiErrorResponse(ApiErrorCode.AUTHENTICATION_FAILED));
|
||||
}
|
||||
|
||||
//build the key (JWT set in startup.cs)
|
||||
@@ -218,7 +218,7 @@ namespace AyaNova.Api.Controllers
|
||||
token = token
|
||||
//,
|
||||
//id = u.Id
|
||||
}));
|
||||
}, true));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -129,7 +129,7 @@ namespace AyaNova.Api.Controllers
|
||||
|
||||
}
|
||||
|
||||
return Ok(new ApiOkResponse(ReturnList));
|
||||
return Ok(new ApiOkResponse(ReturnList, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -154,7 +154,7 @@ namespace AyaNova.Api.Controllers
|
||||
ret.Add(new KeyValuePair<string, string>("authorizationroles", "AyaNova user account role types"));
|
||||
ret.Add(new KeyValuePair<string, string>("AyaType", "All AyaNova object types, use the AyaTypeController route to fetch these"));
|
||||
|
||||
return Ok(new ApiOkResponse(ret));
|
||||
return Ok(new ApiOkResponse(ret, true));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -70,7 +70,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
|
||||
return Ok(new ApiOkResponse(l));
|
||||
return Ok(new ApiOkResponse(l, true));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -71,7 +71,7 @@ namespace AyaNova.Api.Controllers
|
||||
if (o == null)
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
|
||||
return Ok(new ApiOkResponse(o));
|
||||
return Ok(new ApiOkResponse(o, !Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType)));
|
||||
}
|
||||
|
||||
|
||||
@@ -96,7 +96,7 @@ namespace AyaNova.Api.Controllers
|
||||
DataFilterBiz biz = DataFilterBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
var l = await biz.GetPickListAsync(ListKey);
|
||||
return Ok(new ApiOkResponse(l));
|
||||
return Ok(new ApiOkResponse(l, true));
|
||||
|
||||
}
|
||||
|
||||
@@ -142,7 +142,7 @@ namespace AyaNova.Api.Controllers
|
||||
else
|
||||
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
|
||||
}
|
||||
return Ok(new ApiOkResponse(new { ConcurrencyToken = o.ConcurrencyToken }));
|
||||
return Ok(new ApiOkResponse(new { ConcurrencyToken = o.ConcurrencyToken }, true));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -67,7 +67,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
var result = await EventLogProcessor.GetLogForObject(opt, ct);
|
||||
return Ok(new ApiOkResponse(result));
|
||||
return Ok(new ApiOkResponse(result, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -104,7 +104,7 @@ namespace AyaNova.Api.Controllers
|
||||
|
||||
var result = await EventLogProcessor.GetLogForUser(opt, ct);
|
||||
|
||||
return Ok(new ApiOkResponse(result));
|
||||
return Ok(new ApiOkResponse(result, true));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -87,7 +87,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
}
|
||||
|
||||
return Ok(new ApiOkResponse(o));
|
||||
return Ok(new ApiOkResponse(o, !Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType)));
|
||||
}
|
||||
|
||||
|
||||
@@ -117,7 +117,7 @@ namespace AyaNova.Api.Controllers
|
||||
|
||||
if (FormAvailableFields.IsValidFormKey(formkey))
|
||||
{
|
||||
return Ok(new ApiOkResponse(FormAvailableFields.FormFields(formkey)));
|
||||
return Ok(new ApiOkResponse(FormAvailableFields.FormFields(formkey), true));
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -145,7 +145,7 @@ namespace AyaNova.Api.Controllers
|
||||
|
||||
if (!ModelState.IsValid)
|
||||
return BadRequest(new ApiErrorResponse(ModelState));
|
||||
return Ok(new ApiOkResponse(AyDataType.ValidCustomFieldTypes));
|
||||
return Ok(new ApiOkResponse(AyDataType.ValidCustomFieldTypes, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -169,7 +169,7 @@ namespace AyaNova.Api.Controllers
|
||||
|
||||
if (!ModelState.IsValid)
|
||||
return BadRequest(new ApiErrorResponse(ModelState));
|
||||
return Ok(new ApiOkResponse(FormAvailableFields.AvailableFormKeys));
|
||||
return Ok(new ApiOkResponse(FormAvailableFields.AvailableFormKeys, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -215,7 +215,7 @@ namespace AyaNova.Api.Controllers
|
||||
else
|
||||
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
|
||||
}
|
||||
return Ok(new ApiOkResponse(new { ConcurrencyToken = o.ConcurrencyToken }));
|
||||
return Ok(new ApiOkResponse(new { ConcurrencyToken = o.ConcurrencyToken }, true));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -138,7 +138,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
//Return the list of attachment ids and filenames
|
||||
return Ok(new ApiOkResponse(returnList));
|
||||
return Ok(new ApiOkResponse(returnList, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -204,7 +204,7 @@ namespace AyaNova.Api.Controllers
|
||||
|
||||
//dump file name example: ayanova.data.dump.XXX.zip
|
||||
List<string> l = FileUtil.UtilityFileList("ayanova.data.dump.*.zip");
|
||||
return Ok(new ApiOkResponse(l));
|
||||
return Ok(new ApiOkResponse(l, true));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -77,7 +77,7 @@ namespace AyaNova.Api.Controllers
|
||||
JobOperationsBiz biz = new JobOperationsBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
|
||||
List<JobOperationsFetchInfo> l = await biz.GetJobListAsync();
|
||||
return Ok(new ApiOkResponse(l));
|
||||
return Ok(new ApiOkResponse(l, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -116,7 +116,7 @@ namespace AyaNova.Api.Controllers
|
||||
JobOperationsBiz biz = new JobOperationsBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
|
||||
List<JobOperationsLogInfoItem> l = await biz.GetJobLogListAsync(gid);
|
||||
return Ok(new ApiOkResponse(l));
|
||||
return Ok(new ApiOkResponse(l, true));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -67,7 +67,7 @@ namespace AyaNova.Api.Controllers
|
||||
|
||||
var ret = AyaNova.Core.License.LicenseInfoAsJson;
|
||||
|
||||
return Ok(new ApiOkResponse(ret));
|
||||
return Ok(new ApiOkResponse(ret, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -129,7 +129,7 @@ namespace AyaNova.Api.Controllers
|
||||
//Log
|
||||
EventLogProcessor.LogEventToDatabase(new Event(UserIdFromContext.Id(HttpContext.Items), 0, AyaType.License, AyaEvent.LicenseFetch), ct);
|
||||
|
||||
return Ok(new ApiOkResponse(ret));
|
||||
return Ok(new ApiOkResponse(ret, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -181,7 +181,7 @@ namespace AyaNova.Api.Controllers
|
||||
//Log
|
||||
EventLogProcessor.LogEventToDatabase(new Event(UserIdFromContext.Id(HttpContext.Items), 0, AyaType.License, AyaEvent.LicenseTrialRequest), ct);
|
||||
|
||||
return Ok(new ApiOkResponse(ret));
|
||||
return Ok(new ApiOkResponse(ret, true));
|
||||
}
|
||||
|
||||
//------------------------------------------------------
|
||||
|
||||
@@ -82,7 +82,7 @@ namespace AyaNova.Api.Controllers
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
}
|
||||
|
||||
return Ok(new ApiOkResponse(o));
|
||||
return Ok(new ApiOkResponse(o, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -106,7 +106,7 @@ namespace AyaNova.Api.Controllers
|
||||
LocaleBiz biz = LocaleBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
var l = await biz.GetPickListAsync();
|
||||
return Ok(new ApiOkResponse(l));
|
||||
return Ok(new ApiOkResponse(l, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -130,7 +130,7 @@ namespace AyaNova.Api.Controllers
|
||||
//LocaleBiz biz = new LocaleBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
||||
|
||||
var l = biz.LocaleKeyCoverage();
|
||||
return Ok(new ApiOkResponse(l));
|
||||
return Ok(new ApiOkResponse(l, true));
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -157,7 +157,7 @@ namespace AyaNova.Api.Controllers
|
||||
LocaleBiz biz = LocaleBiz.GetBiz(ct, HttpContext);
|
||||
|
||||
var l = await biz.GetSubset(inObj);
|
||||
return Ok(new ApiOkResponse(l));
|
||||
return Ok(new ApiOkResponse(l, true));
|
||||
}
|
||||
|
||||
|
||||
@@ -265,7 +265,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
|
||||
|
||||
return Ok(new ApiOkResponse(new { ConcurrencyToken = oFromDb.ConcurrencyToken }));
|
||||
return Ok(new ApiOkResponse(new { ConcurrencyToken = oFromDb.ConcurrencyToken }, true));
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -331,7 +331,7 @@ namespace AyaNova.Api.Controllers
|
||||
}
|
||||
}
|
||||
|
||||
return Ok(new ApiOkResponse(new { ConcurrencyToken = oFromDb.ConcurrencyToken }));
|
||||
return Ok(new ApiOkResponse(new { ConcurrencyToken = oFromDb.ConcurrencyToken }, true));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ namespace AyaNova.Api.Controllers
|
||||
if (o == null)
|
||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||
|
||||
return Ok(new ApiOkResponse(o));
|
||||
return Ok(new ApiOkResponse(o, !Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType)));
|
||||
}
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user