From e4d970dd6d3574e2042f35d715933a9334918664 Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Wed, 13 May 2020 22:17:40 +0000 Subject: [PATCH] --- devdocs/todo.txt | 8 +- .../AyaNova/Controllers/ContractController.cs | 171 ++++++------------ .../Controllers/HeadOfficeController.cs | 170 ++++++----------- .../AyaNova/Controllers/LoanUnitController.cs | 171 ++++++------------ .../Controllers/PMTemplateController.cs | 171 ++++++------------ server/AyaNova/Controllers/PartController.cs | 171 ++++++------------ .../AyaNova/Controllers/ProjectController.cs | 171 ++++++------------ .../Controllers/PurchaseOrderController.cs | 171 ++++++------------ server/AyaNova/Controllers/UnitController.cs | 171 ++++++------------ .../Controllers/UnitModelController.cs | 171 ++++++------------ .../AyaNova/Controllers/VendorController.cs | 171 ++++++------------ 11 files changed, 532 insertions(+), 1185 deletions(-) diff --git a/devdocs/todo.txt b/devdocs/todo.txt index 3b863a5e..1d871172 100644 --- a/devdocs/todo.txt +++ b/devdocs/todo.txt @@ -9,12 +9,8 @@ todo: all api routes, re-arrange code in controller in this order POST (and post BIZ TOO todo: all api route URI's sb lower case with dashes if necessary (use plural noun scheme) https://docs.microsoft.com/en-us/azure/architecture/best-practices/api-design#organize-the-api-around-resources -todo: Controllers should not need to know about databases - refactor code so controller never fetches or deals with saving an object, all that is biz responsibility -todo: Routes should check rights *BEFORE* they fetch the object, not after, all routes affected - i.e. delete route instantiates biz object, then it fetchs object from db *then* it checks if they have rights to delete (generically, not specific to that object) - This is out of order as it triggers a db call even if they have no rights to do it -todo: all biz objects "ExistsAsync" is this required / necessary? + + --- todo: add query fail logging to datalist just like done with picklist so in production can catch mysterious problems more easily todo: AUTO ID GENERATOR diff --git a/server/AyaNova/Controllers/ContractController.cs b/server/AyaNova/Controllers/ContractController.cs index 78642bca..f60fae57 100644 --- a/server/AyaNova/Controllers/ContractController.cs +++ b/server/AyaNova/Controllers/ContractController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full Contract object - /// - /// - /// A single Contract - [HttpGet("{id}")] - public async Task GetContract([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) Contract - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutContract([FromRoute] long id, [FromBody] Contract inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - - /// /// Create Contract /// - /// + /// /// From route path /// [HttpPost] - public async Task PostContract([FromBody] Contract inObj, ApiVersion apiVersion) + public async Task PostContract([FromBody] Contract newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - Contract o = await biz.CreateAsync(inObj); + Contract o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(ContractController.GetContract), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate Contract + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// Contract [HttpPost("duplicate/{id}")] public async Task DuplicateContract([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - Contract o = await biz.DuplicateAsync(oSrc); + Contract o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(ContractController.GetContract), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get Contract + /// + /// + /// Contract + [HttpGet("{id}")] + public async Task GetContract([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) Contract + /// + /// + /// + [HttpPut] + public async Task PutContract([FromBody] Contract updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete Contract /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeleteContract([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); } diff --git a/server/AyaNova/Controllers/HeadOfficeController.cs b/server/AyaNova/Controllers/HeadOfficeController.cs index da17c96c..539023f1 100644 --- a/server/AyaNova/Controllers/HeadOfficeController.cs +++ b/server/AyaNova/Controllers/HeadOfficeController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,176 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full HeadOffice object - /// - /// - /// A single HeadOffice - [HttpGet("{id}")] - public async Task GetHeadOffice([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) HeadOffice - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutHeadOffice([FromRoute] long id, [FromBody] HeadOffice inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - /// /// Create HeadOffice /// - /// + /// /// From route path /// [HttpPost] - public async Task PostHeadOffice([FromBody] HeadOffice inObj, ApiVersion apiVersion) + public async Task PostHeadOffice([FromBody] HeadOffice newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - HeadOffice o = await biz.CreateAsync(inObj); + HeadOffice o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(HeadOfficeController.GetHeadOffice), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate HeadOffice + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// HeadOffice [HttpPost("duplicate/{id}")] public async Task DuplicateHeadOffice([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - HeadOffice o = await biz.DuplicateAsync(oSrc); + HeadOffice o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(HeadOfficeController.GetHeadOffice), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get HeadOffice + /// + /// + /// HeadOffice + [HttpGet("{id}")] + public async Task GetHeadOffice([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) HeadOffice + /// + /// + /// + [HttpPut] + public async Task PutHeadOffice([FromBody] HeadOffice updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete HeadOffice /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeleteHeadOffice([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); } diff --git a/server/AyaNova/Controllers/LoanUnitController.cs b/server/AyaNova/Controllers/LoanUnitController.cs index 26dd7b21..ea297e4d 100644 --- a/server/AyaNova/Controllers/LoanUnitController.cs +++ b/server/AyaNova/Controllers/LoanUnitController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full LoanUnit object - /// - /// - /// A single LoanUnit - [HttpGet("{id}")] - public async Task GetLoanUnit([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) LoanUnit - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutLoanUnit([FromRoute] long id, [FromBody] LoanUnit inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - - /// /// Create LoanUnit /// - /// + /// /// From route path /// [HttpPost] - public async Task PostLoanUnit([FromBody] LoanUnit inObj, ApiVersion apiVersion) + public async Task PostLoanUnit([FromBody] LoanUnit newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - LoanUnit o = await biz.CreateAsync(inObj); + LoanUnit o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(LoanUnitController.GetLoanUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate LoanUnit + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// LoanUnit [HttpPost("duplicate/{id}")] public async Task DuplicateLoanUnit([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - LoanUnit o = await biz.DuplicateAsync(oSrc); + LoanUnit o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(LoanUnitController.GetLoanUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get LoanUnit + /// + /// + /// LoanUnit + [HttpGet("{id}")] + public async Task GetLoanUnit([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) LoanUnit + /// + /// + /// + [HttpPut] + public async Task PutLoanUnit([FromBody] LoanUnit updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete LoanUnit /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeleteLoanUnit([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); } diff --git a/server/AyaNova/Controllers/PMTemplateController.cs b/server/AyaNova/Controllers/PMTemplateController.cs index d8a953d3..7e7f9d13 100644 --- a/server/AyaNova/Controllers/PMTemplateController.cs +++ b/server/AyaNova/Controllers/PMTemplateController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full PMTemplate object - /// - /// - /// A single PMTemplate - [HttpGet("{id}")] - public async Task GetPMTemplate([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) PMTemplate - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutPMTemplate([FromRoute] long id, [FromBody] PMTemplate inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - - /// /// Create PMTemplate /// - /// + /// /// From route path /// [HttpPost] - public async Task PostPMTemplate([FromBody] PMTemplate inObj, ApiVersion apiVersion) + public async Task PostPMTemplate([FromBody] PMTemplate newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - PMTemplate o = await biz.CreateAsync(inObj); + PMTemplate o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(PMTemplateController.GetPMTemplate), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate PMTemplate + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// PMTemplate [HttpPost("duplicate/{id}")] public async Task DuplicatePMTemplate([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - PMTemplate o = await biz.DuplicateAsync(oSrc); + PMTemplate o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(PMTemplateController.GetPMTemplate), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get PMTemplate + /// + /// + /// PMTemplate + [HttpGet("{id}")] + public async Task GetPMTemplate([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) PMTemplate + /// + /// + /// + [HttpPut] + public async Task PutPMTemplate([FromBody] PMTemplate updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete PMTemplate /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeletePMTemplate([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); } diff --git a/server/AyaNova/Controllers/PartController.cs b/server/AyaNova/Controllers/PartController.cs index 0aa21e4f..03b023de 100644 --- a/server/AyaNova/Controllers/PartController.cs +++ b/server/AyaNova/Controllers/PartController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full Part object - /// - /// - /// A single Part - [HttpGet("{id}")] - public async Task GetPart([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - PartBiz biz = PartBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) Part - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutPart([FromRoute] long id, [FromBody] Part inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - PartBiz biz = PartBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - - /// /// Create Part /// - /// + /// /// From route path /// [HttpPost] - public async Task PostPart([FromBody] Part inObj, ApiVersion apiVersion) + public async Task PostPart([FromBody] Part newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler PartBiz biz = PartBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - Part o = await biz.CreateAsync(inObj); + Part o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(PartController.GetPart), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate Part + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// Part [HttpPost("duplicate/{id}")] public async Task DuplicatePart([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler PartBiz biz = PartBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - Part o = await biz.DuplicateAsync(oSrc); + Part o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(PartController.GetPart), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get Part + /// + /// + /// Part + [HttpGet("{id}")] + public async Task GetPart([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + PartBiz biz = PartBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) Part + /// + /// + /// + [HttpPut] + public async Task PutPart([FromBody] Part updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + PartBiz biz = PartBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete Part /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeletePart([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler PartBiz biz = PartBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); } diff --git a/server/AyaNova/Controllers/ProjectController.cs b/server/AyaNova/Controllers/ProjectController.cs index 2d18da63..6b367bfa 100644 --- a/server/AyaNova/Controllers/ProjectController.cs +++ b/server/AyaNova/Controllers/ProjectController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full Project object - /// - /// - /// A single Project - [HttpGet("{id}")] - public async Task GetProject([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) Project - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutProject([FromRoute] long id, [FromBody] Project inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - - /// /// Create Project /// - /// + /// /// From route path /// [HttpPost] - public async Task PostProject([FromBody] Project inObj, ApiVersion apiVersion) + public async Task PostProject([FromBody] Project newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - Project o = await biz.CreateAsync(inObj); + Project o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(ProjectController.GetProject), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate Project + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// Project [HttpPost("duplicate/{id}")] public async Task DuplicateProject([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - Project o = await biz.DuplicateAsync(oSrc); + Project o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(ProjectController.GetProject), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get Project + /// + /// + /// Project + [HttpGet("{id}")] + public async Task GetProject([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) Project + /// + /// + /// + [HttpPut] + public async Task PutProject([FromBody] Project updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete Project /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeleteProject([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); } diff --git a/server/AyaNova/Controllers/PurchaseOrderController.cs b/server/AyaNova/Controllers/PurchaseOrderController.cs index 7efd8733..504ecdba 100644 --- a/server/AyaNova/Controllers/PurchaseOrderController.cs +++ b/server/AyaNova/Controllers/PurchaseOrderController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full PurchaseOrder object - /// - /// - /// A single PurchaseOrder - [HttpGet("{id}")] - public async Task GetPurchaseOrder([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) PurchaseOrder - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutPurchaseOrder([FromRoute] long id, [FromBody] PurchaseOrder inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - - /// /// Create PurchaseOrder /// - /// + /// /// From route path /// [HttpPost] - public async Task PostPurchaseOrder([FromBody] PurchaseOrder inObj, ApiVersion apiVersion) + public async Task PostPurchaseOrder([FromBody] PurchaseOrder newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - PurchaseOrder o = await biz.CreateAsync(inObj); + PurchaseOrder o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(PurchaseOrderController.GetPurchaseOrder), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate PurchaseOrder + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// PurchaseOrder [HttpPost("duplicate/{id}")] public async Task DuplicatePurchaseOrder([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - PurchaseOrder o = await biz.DuplicateAsync(oSrc); + PurchaseOrder o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(PurchaseOrderController.GetPurchaseOrder), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get PurchaseOrder + /// + /// + /// PurchaseOrder + [HttpGet("{id}")] + public async Task GetPurchaseOrder([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) PurchaseOrder + /// + /// + /// + [HttpPut] + public async Task PutPurchaseOrder([FromBody] PurchaseOrder updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete PurchaseOrder /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeletePurchaseOrder([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); } diff --git a/server/AyaNova/Controllers/UnitController.cs b/server/AyaNova/Controllers/UnitController.cs index fcee7f4c..b33b702c 100644 --- a/server/AyaNova/Controllers/UnitController.cs +++ b/server/AyaNova/Controllers/UnitController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full Unit object - /// - /// - /// A single Unit - [HttpGet("{id}")] - public async Task GetUnit([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) Unit - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutUnit([FromRoute] long id, [FromBody] Unit inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - - /// /// Create Unit /// - /// + /// /// From route path /// [HttpPost] - public async Task PostUnit([FromBody] Unit inObj, ApiVersion apiVersion) + public async Task PostUnit([FromBody] Unit newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - Unit o = await biz.CreateAsync(inObj); + Unit o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(UnitController.GetUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate Unit + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// Unit [HttpPost("duplicate/{id}")] public async Task DuplicateUnit([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - Unit o = await biz.DuplicateAsync(oSrc); + Unit o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(UnitController.GetUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get Unit + /// + /// + /// Unit + [HttpGet("{id}")] + public async Task GetUnit([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) Unit + /// + /// + /// + [HttpPut] + public async Task PutUnit([FromBody] Unit updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete Unit /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeleteUnit([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); } diff --git a/server/AyaNova/Controllers/UnitModelController.cs b/server/AyaNova/Controllers/UnitModelController.cs index 1d0064ba..c5fbc3b1 100644 --- a/server/AyaNova/Controllers/UnitModelController.cs +++ b/server/AyaNova/Controllers/UnitModelController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full UnitModel object - /// - /// - /// A single UnitModel - [HttpGet("{id}")] - public async Task GetUnitModel([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) UnitModel - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutUnitModel([FromRoute] long id, [FromBody] UnitModel inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - - /// /// Create UnitModel /// - /// + /// /// From route path /// [HttpPost] - public async Task PostUnitModel([FromBody] UnitModel inObj, ApiVersion apiVersion) + public async Task PostUnitModel([FromBody] UnitModel newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - UnitModel o = await biz.CreateAsync(inObj); + UnitModel o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(UnitModelController.GetUnitModel), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate UnitModel + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// UnitModel [HttpPost("duplicate/{id}")] public async Task DuplicateUnitModel([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - UnitModel o = await biz.DuplicateAsync(oSrc); + UnitModel o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(UnitModelController.GetUnitModel), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get UnitModel + /// + /// + /// UnitModel + [HttpGet("{id}")] + public async Task GetUnitModel([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) UnitModel + /// + /// + /// + [HttpPut] + public async Task PutUnitModel([FromBody] UnitModel updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete UnitModel /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeleteUnitModel([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); } diff --git a/server/AyaNova/Controllers/VendorController.cs b/server/AyaNova/Controllers/VendorController.cs index cfffb727..705c0f8c 100644 --- a/server/AyaNova/Controllers/VendorController.cs +++ b/server/AyaNova/Controllers/VendorController.cs @@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Authorization; - -using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; using AyaNova.Models; using AyaNova.Api.ControllerHelpers; @@ -13,7 +11,6 @@ using AyaNova.Biz; namespace AyaNova.Api.Controllers { - [ApiController] [ApiVersion("8.0")] [Route("api/v{version:apiVersion}/[controller]")] @@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers private readonly ILogger log; private readonly ApiServerState serverState; - /// /// ctor /// @@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers serverState = apiServerState; } - - /// - /// Get full Vendor object - /// - /// - /// A single Vendor - [HttpGet("{id}")] - public async Task GetVendor([FromRoute] long id) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler - VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); - - //NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules - if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - var o = await biz.GetAsync(id); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - // NOTE: HERE would be the second check of biz rules before returning the object - // in cases where there is also a business rule to affect retrieval on top of basic rights - - return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); - } - - - - /// - /// Put (update) Vendor - /// - /// - /// - /// - [HttpPut("{id}")] - public async Task PutVendor([FromRoute] long id, [FromBody] Vendor inObj) - { - if (!serverState.IsOpen) - return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - if (!ModelState.IsValid) - return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler - VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) - return StatusCode(403, new ApiNotAuthorizedResponse()); - - try - { - if (!await biz.PutAsync(o, inObj)) - return BadRequest(new ApiErrorResponse(biz.Errors)); - } - catch (DbUpdateConcurrencyException) - { - if (!await biz.ExistsAsync(id)) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - else - return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT)); - } - return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true)); - } - - /// /// Create Vendor /// - /// + /// /// From route path /// [HttpPost] - public async Task PostVendor([FromBody] Vendor inObj, ApiVersion apiVersion) + public async Task PostVendor([FromBody] Vendor newObject, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Create and validate - Vendor o = await biz.CreateAsync(inObj); + Vendor o = await biz.CreateAsync(newObject); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(VendorController.GetVendor), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - - } /// /// Duplicate Vendor + /// (Wiki and Attachments are not duplicated) /// - /// Create a duplicate of this items id + /// Source object id /// From route path - /// + /// Vendor [HttpPost("duplicate/{id}")] public async Task DuplicateVendor([FromRoute] long id, ApiVersion apiVersion) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - - //Instantiate the business object handler VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); - - //If a user has change roles if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - var oSrc = await biz.GetAsync(id, false); - if (oSrc == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - - //Create and validate - Vendor o = await biz.DuplicateAsync(oSrc); + Vendor o = await biz.DuplicateAsync(id); if (o == null) return BadRequest(new ApiErrorResponse(biz.Errors)); else return CreatedAtAction(nameof(VendorController.GetVendor), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); - } + /// + /// Get Vendor + /// + /// + /// Vendor + [HttpGet("{id}")] + public async Task GetVendor([FromRoute] long id) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + var o = await biz.GetAsync(id); + if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); + return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType))); + } + /// + /// Put (update) Vendor + /// + /// + /// + [HttpPut] + public async Task PutVendor([FromBody] Vendor updatedObject) + { + if (!serverState.IsOpen) + return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); + if (!ModelState.IsValid) + return BadRequest(new ApiErrorResponse(ModelState)); + VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); + if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType)) + return StatusCode(403, new ApiNotAuthorizedResponse()); + var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token + if (o == null) + { + if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT)) + return StatusCode(409, new ApiErrorResponse(biz.Errors)); + else + return BadRequest(new ApiErrorResponse(biz.Errors)); + } + return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));; + } /// /// Delete Vendor /// /// - /// Ok + /// NoContent [HttpDelete("{id}")] public async Task DeleteVendor([FromRoute] long id) { if (!serverState.IsOpen) return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); - if (!ModelState.IsValid) return BadRequest(new ApiErrorResponse(ModelState)); - - //Instantiate the business object handler VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); - - var o = await biz.GetAsync(id, false); - if (o == null) - return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND)); - if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) return StatusCode(403, new ApiNotAuthorizedResponse()); - - if (!await biz.DeleteAsync(o)) + if (!await biz.DeleteAsync(id)) return BadRequest(new ApiErrorResponse(biz.Errors)); - return NoContent(); }