From d3d2fe8c4680988e5fa72ccabe8552afae6aff8a Mon Sep 17 00:00:00 2001
From: John Cardinal <support@ayanova.com>
Date: Sun, 5 Apr 2020 21:43:34 +0000
Subject: [PATCH]

---
 .../Controllers/ImportAyaNova7Controller.cs   | 32 ++++++-------------
 .../Controllers/JobOperationsController.cs    | 14 +++-----
 2 files changed, 13 insertions(+), 33 deletions(-)

diff --git a/server/AyaNova/Controllers/ImportAyaNova7Controller.cs b/server/AyaNova/Controllers/ImportAyaNova7Controller.cs
index be294d20..ba2fcceb 100644
--- a/server/AyaNova/Controllers/ImportAyaNova7Controller.cs
+++ b/server/AyaNova/Controllers/ImportAyaNova7Controller.cs
@@ -69,19 +69,11 @@ namespace AyaNova.Api.Controllers
             if (serverState.IsClosed)
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
 
-            // //Open or opsOnly only other state so they are ok but check user is opsadminfull
-
-            // if (!serverState.IsOpenOrOpsOnly || (serverState.IsOpsOnly && !Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.OpsAdminFull)))
-            // {
-            //     return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
-            // }
-
             if (!Authorized.HasCreateRole(HttpContext.Items, AyaType.AyaNova7Import))
             {
                 return StatusCode(403, new ApiNotAuthorizedResponse());
             }
 
-
             var returnList = new List<String>();
 
             try
@@ -155,11 +147,8 @@ namespace AyaNova.Api.Controllers
         [HttpDelete("{filename}")]
         public ActionResult Delete([FromRoute] string filename)
         {
-            //Open or opsOnly and user is opsadminfull
-            if (!serverState.IsOpenOrOpsOnly || (serverState.IsOpsOnly && !Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.OpsAdminFull)))
-            {
-                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
-            }
+            if (serverState.IsClosed)
+                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
 
             if (!ModelState.IsValid)
             {
@@ -187,11 +176,8 @@ namespace AyaNova.Api.Controllers
         [HttpGet]
         public ActionResult List()
         {
-            //Open or opsOnly and user is opsadminfull
-            if (!serverState.IsOpenOrOpsOnly || (serverState.IsOpsOnly && !Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.OpsAdminFull)))
-            {
-                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
-            }
+            if (serverState.IsClosed)
+                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
 
             if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.AyaNova7Import))
             {
@@ -218,11 +204,11 @@ namespace AyaNova.Api.Controllers
         [HttpPost("EraseDatabaseAndStartImport/{filename}")]
         public async Task<IActionResult> EraseDatabaseAndStartImport([FromRoute] string filename)
         {
-            //Open or opsOnly and user is opsadminfull
-            if (!serverState.IsOpenOrOpsOnly || (serverState.IsOpsOnly && !Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.OpsAdminFull)))
-            {
-                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
-            }
+            if (serverState.IsClosed)
+                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+
+            if (!serverState.IsOpsOnly)
+                return BadRequest(new ApiErrorResponse(ApiErrorCode.INVALID_OPERATION, null, "Server must be set to Operations Only mode before importing"));
 
             if (!ModelState.IsValid)
             {
diff --git a/server/AyaNova/Controllers/JobOperationsController.cs b/server/AyaNova/Controllers/JobOperationsController.cs
index 27fc036f..35a82455 100644
--- a/server/AyaNova/Controllers/JobOperationsController.cs
+++ b/server/AyaNova/Controllers/JobOperationsController.cs
@@ -53,11 +53,8 @@ namespace AyaNova.Api.Controllers
         [HttpGet]
         public async Task<IActionResult> List()
         {
-            //Open or opsOnly and user is opsadminfull or opsadminlimited
-            if (!serverState.IsOpenOrOpsOnly || (serverState.IsOpsOnly && !Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited)))
-            {
-                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
-            }
+            if (serverState.IsClosed)
+                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
 
             if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.JobOperations))
             {
@@ -87,11 +84,8 @@ namespace AyaNova.Api.Controllers
         [HttpGet("logs/{gid}")]
         public async Task<IActionResult> GetLogs([FromRoute] Guid gid)
         {
-            //Open or opsOnly and user is opsadminfull or opsadminlimited
-            if (!serverState.IsOpenOrOpsOnly || (serverState.IsOpsOnly && !Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited)))
-            {
-                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
-            }
+           if (serverState.IsClosed)
+                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
 
             if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.JobOperations))
             {