admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-09-22 17:07:42 +00:00
parent 1ed40bce11
commit 934da362ac
10 changed files with 350 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.vscode/launch.json vendored
View File

@@ -52,7 +52,7 @@
"AYANOVA_FOLDER_USER_FILES": "c:\\temp\\RavenTestData\\userfiles",
"AYANOVA_FOLDER_BACKUP_FILES": "c:\\temp\\RavenTestData\\backupfiles",
"AYANOVA_FOLDER_TEMPORARY_SERVER_FILES": "c:\\temp\\RavenTestData\\tempfiles",
"AYANOVA_SERVER_TEST_MODE": "false",
"AYANOVA_SERVER_TEST_MODE": "true",
"AYANOVA_SERVER_TEST_MODE_SEEDLEVEL": "small",
"AYANOVA_SERVER_TEST_MODE_TZ_OFFSET": "-7",
"AYANOVA_BACKUP_PG_DUMP_PATH": "C:\\data\\code\\postgres_13\\bin\\"

135
server/AyaNova/Controllers/FormSettingController.cs Normal file
View File

@@ -0,0 +1,135 @@
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Logging;
using AyaNova.Models;
using AyaNova.Api.ControllerHelpers;
using AyaNova.Biz;
namespace AyaNova.Api.Controllers
{
[ApiController]
[ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/form-setting")]
[Produces("application/json")]
[Authorize]
public class FormSettingController : ControllerBase
{
private readonly AyContext ct;
private readonly ILogger<FormSettingController> log;
private readonly ApiServerState serverState;
/// <summary>
/// ctor
/// </summary>
/// <param name="dbcontext"></param>
/// <param name="logger"></param>
/// <param name="apiServerState"></param>
public FormSettingController(AyContext dbcontext, ILogger<FormSettingController> logger, ApiServerState apiServerState)
{
ct = dbcontext;
log = logger;
serverState = apiServerState;
}
/// <summary>
/// Create FormSetting
/// </summary>
/// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param>
/// <returns></returns>
[HttpPost]
public async Task<IActionResult> PostFormSetting([FromBody] FormSetting newObject, ApiVersion apiVersion)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
FormSettingBiz biz = FormSettingBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
FormSetting o = await biz.CreateAsync(newObject);
if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors));
else
return CreatedAtAction(nameof(FormSettingController.GetFormSetting), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
}
/// <summary>
/// Get FormSetting
/// </summary>
/// <param name="formKey"></param>
/// <returns>FormSetting</returns>
[HttpGet("{formKey}")]
public async Task<IActionResult> GetFormSetting([FromRoute] string formKey)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
FormSettingBiz biz = FormSettingBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(formKey);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o));
}
/// <summary>
/// Update FormSetting
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutFormSetting([FromBody] FormSetting updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
FormSettingBiz biz = FormSettingBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);
if (o == null)
{
if (biz.Errors.Exists(z => z.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency })); ;
}
/// <summary>
/// Delete FormSetting
/// </summary>
/// <param name="formKey"></param>
/// <returns>NoContent</returns>
[HttpDelete("{formKey}")]
public async Task<IActionResult> DeleteFormSetting([FromRoute] string formKey)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
FormSettingBiz biz = FormSettingBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(formKey))
return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent();
}
//------------
}//eoc
}//eons

2
server/AyaNova/biz/AyaType.cs
View File

@@ -23,7 +23,7 @@ namespace AyaNova.Biz
NoType = 0,
Global = 1,
UNUSED_2 = 2,
FormSetting = 2,
[CoreBizObject,ReportableBizObject]
User = 3,
ServerState = 4,

25
server/AyaNova/biz/BizRoles.cs
View File

@@ -241,7 +241,7 @@ namespace AyaNova.Biz
Select = AuthorizationRoles.All
});
/////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
//PartInventoryDataList
// same as PO
//
@@ -257,7 +257,7 @@ namespace AyaNova.Biz
Select = AuthorizationRoles.All
});
/////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
//PartInventoryRequestDataList
// same as PO
//
@@ -274,7 +274,7 @@ namespace AyaNova.Biz
});
////////////////////////////////////////////////////////////
//Project
//
@@ -658,7 +658,7 @@ namespace AyaNova.Biz
});
////////////////////////////////////////////////////////////
//SERVERSTATE
@@ -775,7 +775,16 @@ namespace AyaNova.Biz
ReadFullRecord = AuthorizationRoles.All
});
////////////////////////////////////////////////////////////
//FORMSETTING
// Note: this is only ever modified by user personally
// so it is accessible by all and biz rules
//restrict to own userid
roles.Add(AyaType.FormSetting, new BizRoleSet()
{
Change = AuthorizationRoles.All,
ReadFullRecord = AuthorizationRoles.All
});
////////////////////////////////////////////////////////////
//FORMCUSTOM
@@ -895,9 +904,9 @@ namespace AyaNova.Biz
//GENERATE CLIENT COMPATIBLE JSON FROM ROLES OUTPUT TO DEBUG LOG
//And seperately, set the JSON variable so can copy from debug variable "value" property for lastRoles here to compare
// string json = Newtonsoft.Json.JsonConvert.SerializeObject(roles, Newtonsoft.Json.Formatting.None);
// System.Diagnostics.Debugger.Log(1, "JSONFRAGMENTFORCLIENT", "BizRoles.cs -> biz-role-rights.js Client roles JSON fragment:\n\n");
// System.Diagnostics.Debugger.Log(1, "JSONFRAGMENTFORCLIENT", json + "\n\n");
string json = Newtonsoft.Json.JsonConvert.SerializeObject(roles, Newtonsoft.Json.Formatting.None);
System.Diagnostics.Debugger.Log(1, "JSONFRAGMENTFORCLIENT", "BizRoles.cs -> biz-role-rights.js Client roles JSON fragment:\n\n");
System.Diagnostics.Debugger.Log(1, "JSONFRAGMENTFORCLIENT", json + "\n\n");
//ONGOING VALIDATION TO CATCH MISMATCH WHEN NEW ROLES ADDED (wont' catch changes to existing unfortunately)

4
server/AyaNova/biz/FormCustomBiz.cs
View File

@@ -10,11 +10,13 @@ using AyaNova.Models;
namespace AyaNova.Biz
{
//## NOTE this is a *GLOBAL* form custom that applies to all users as configured by someone with rights to do so
//this is *not* a personal customization system
internal class FormCustomBiz : BizObject
{
internal FormCustomBiz(AyContext dbcontext, long currentUserId, long userTranslationId, AuthorizationRoles UserRoles)
{
ct = dbcontext;

156
server/AyaNova/biz/FormSettingBiz.cs Normal file
View File

@@ -0,0 +1,156 @@
using System.Threading.Tasks;
using Microsoft.EntityFrameworkCore;
using AyaNova.Util;
using AyaNova.Api.ControllerHelpers;
using AyaNova.Models;
namespace AyaNova.Biz
{
//## This class manages personal form settings for users
internal class FormSettingBiz : BizObject
{
internal FormSettingBiz(AyContext dbcontext, long currentUserId, long userTranslationId, AuthorizationRoles UserRoles)
{
ct = dbcontext;
UserId = currentUserId;
UserTranslationId = userTranslationId;
CurrentUserRoles = UserRoles;
BizType = AyaType.FormSetting;
}
internal static FormSettingBiz GetBiz(AyContext ct, Microsoft.AspNetCore.Http.HttpContext httpContext = null)
{
if (httpContext != null)
return new FormSettingBiz(ct, UserIdFromContext.Id(httpContext.Items), UserTranslationIdFromContext.Id(httpContext.Items), UserRolesFromContext.Roles(httpContext.Items));
else
return new FormSettingBiz(ct, 1, ServerBootConfig.AYANOVA_DEFAULT_TRANSLATION_ID, AuthorizationRoles.BizAdmin);
}
////////////////////////////////////////////////////////////////////////////////////////////////
//EXISTS
internal async Task<bool> ExistsAsync(long id)
{
return await ct.FormSetting.AnyAsync(z => z.Id == id);
}
////////////////////////////////////////////////////////////////////////////////////////////////
//CREATE
//
internal async Task<FormSetting> CreateAsync(FormSetting newObject)
{
Validate(newObject, null);
if (HasErrors)
return null;
else
{
newObject.Setting = JsonUtil.CompactJson(newObject.Setting);
await ct.FormSetting.AddAsync(newObject);
await ct.SaveChangesAsync();
return newObject;
}
}
////////////////////////////////////////////////////////////////////////////////////////////////
//GET
//
internal async Task<FormSetting> GetAsync(string formKey)
{
var ret = await ct.FormSetting.AsNoTracking().SingleOrDefaultAsync(m => m.FormKey == formKey && m.UserId == UserId);
return ret;
}
////////////////////////////////////////////////////////////////////////////////////////////////
//UPDATE
//
internal async Task<FormSetting> PutAsync(FormSetting putObject)
{
var dbObject = await GetAsync(putObject.FormKey);
if (dbObject == null)
{
AddError(ApiErrorCode.NOT_FOUND, "formKey");
return null;
}
if (dbObject.Concurrency != putObject.Concurrency)
{
AddError(ApiErrorCode.CONCURRENCY_CONFLICT);
return null;
}
putObject.Setting = JsonUtil.CompactJson(putObject.Setting);
Validate(putObject, dbObject);
if (HasErrors) return null;
ct.Replace(dbObject, putObject);
try
{
await ct.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!await ExistsAsync(putObject.Id))
AddError(ApiErrorCode.NOT_FOUND);
else
AddError(ApiErrorCode.CONCURRENCY_CONFLICT);
return null;
}
return putObject;
}
////////////////////////////////////////////////////////////////////////////////////////////////
//DELETE
//
internal async Task<bool> DeleteAsync(string formKey)
{
using (var transaction = await ct.Database.BeginTransactionAsync())
{
var dbObject = await GetAsync(formKey);
if (dbObject == null)
{
AddError(ApiErrorCode.NOT_FOUND);
return false;
}
ValidateCanDelete(dbObject);
if (HasErrors)
return false;
ct.FormSetting.Remove(dbObject);
await ct.SaveChangesAsync();
await transaction.CommitAsync();
return true;
}
}
////////////////////////////////////////////////////////////////////////////////////////////////
//VALIDATION
//
private void Validate(FormSetting proposedObj, FormSetting currentObj)
{
if (proposedObj.UserId != UserId)
{
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror", "A user can only modify their own personal form settings. UserId does not match current api user logged in.");
}
}
private void ValidateCanDelete(FormSetting inObj)
{
if (inObj.UserId != UserId)
{
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror", "A user can only modify their own personal form settings. UserId does not match current api user logged in.");
}
}
/////////////////////////////////////////////////////////////////////
}//eoc
}//eons

1
server/AyaNova/models/AyContext.cs
View File

@@ -25,6 +25,7 @@ namespace AyaNova.Models
public virtual DbSet<DataListColumnView> DataListColumnView { get; set; }
public virtual DbSet<Tag> Tag { get; set; }
public virtual DbSet<FormCustom> FormCustom { get; set; }
public virtual DbSet<FormSetting> FormSetting { get; set; }
public virtual DbSet<PickListTemplate> PickListTemplate { get; set; }
public virtual DbSet<License> License { get; set; }
public virtual DbSet<Memo> Memo { get; set; }

3
server/AyaNova/models/FormCustom.cs
View File

@@ -5,6 +5,9 @@ namespace AyaNova.Models
/*
## NOTE: there is only one formcustom per ayatype, the formkey is the ayatype enum name
This is a *GLOBAL* setting that applies to ALL users
for personal form settings (such as used by schedule form) see FormSetting.cs
- Like DataFilter, holds a JSON fragment in one field and the form key in another field
- JSON FRAGMENT holds items that differ from stock, Hide not valid for non hideable core fields

24
server/AyaNova/models/FormSetting.cs Normal file
View File

@@ -0,0 +1,24 @@
using System.ComponentModel.DataAnnotations;
namespace AyaNova.Models
{
/*
## NOTE: this is for PERSONAL form settings such as schedule, for globally applicable form settings and customization see formcustom.cs
*/
public class FormSetting
{
public long Id { get; set; }
public uint Concurrency { get; set; }
[Required, MaxLength(255)]
public string FormKey { get; set; }//max 255 characters ascii set
[Required]
public string Setting { get; set; }//JSON fragment of form customization template, top level is array.
[Required]
public long UserId {get;set;}
}
}

15
server/AyaNova/util/AySchema.cs
View File

@@ -22,16 +22,16 @@ namespace AyaNova.Util
//!!!!WARNING: BE SURE TO UPDATE THE DbUtil::EmptyBizDataFromDatabaseForSeedingOrImportingAsync WHEN NEW TABLES ADDED!!!!
private const int DESIRED_SCHEMA_LEVEL = 1;
internal const long EXPECTED_COLUMN_COUNT = 1273;
internal const long EXPECTED_INDEX_COUNT = 144;
internal const long EXPECTED_CHECK_CONSTRAINTS = 514;
internal const long EXPECTED_FOREIGN_KEY_CONSTRAINTS = 192;
internal const long EXPECTED_COLUMN_COUNT = 1277;
internal const long EXPECTED_INDEX_COUNT = 145;
internal const long EXPECTED_CHECK_CONSTRAINTS = 518;
internal const long EXPECTED_FOREIGN_KEY_CONSTRAINTS = 193;
internal const long EXPECTED_VIEWS = 10;
internal const long EXPECTED_ROUTINES = 2;
//!!!!WARNING: BE SURE TO UPDATE THE DbUtil::EmptyBizDataFromDatabaseForSeedingOrImportingAsync WHEN NEW TABLES ADDED!!!!
///////////////////////////////////////////////////////////////// C1273:I144:CC514:FC192:V10:R2
///////////////////////////////////////////////////////////////// (C1277:I145:CC518:FC193:V10:R2)
/*
@@ -368,7 +368,7 @@ BEGIN
case ayatype
when 0 then return 'LT:NoType';
when 1 then return 'LT:Global';
when 2 then return 'LT:UNUSED';
when 2 then return 'FormSetting';
when 3 then aytable = 'auser';
when 4 then return 'LT:ServerState';
when 5 then return 'LT:License';
@@ -518,6 +518,9 @@ $BODY$ LANGUAGE PLPGSQL STABLE");
await ExecQueryAsync("CREATE TABLE atag (id BIGINT GENERATED ALWAYS AS IDENTITY PRIMARY KEY, name TEXT NOT NULL UNIQUE, refcount BIGINT NOT NULL)");
await ExecQueryAsync("CREATE TABLE aformcustom (id BIGINT GENERATED ALWAYS AS IDENTITY PRIMARY KEY, "
+ "userid BIGINT NOT NULL REFERENCES auser ON DELETE CASCADE, formkey VARCHAR(255) NOT NULL, setting TEXT NOT NULL)");
await ExecQueryAsync("CREATE TABLE aformsetting (id BIGINT GENERATED ALWAYS AS IDENTITY PRIMARY KEY, "
+ "formkey VARCHAR(255) NOT NULL, template TEXT, UNIQUE(formkey))");
await ExecQueryAsync("CREATE TABLE apicklisttemplate (id INTEGER NOT NULL PRIMARY KEY, "