admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-05-13 22:17:40 +00:00
parent b5611c4c40
commit e4d970dd6d
11 changed files with 532 additions and 1185 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
devdocs/todo.txt
View File

@@ -9,12 +9,8 @@ todo: all api routes, re-arrange code in controller in this order POST (and post
BIZ TOO BIZ TOO
todo: all api route URI's sb lower case with dashes if necessary (use plural noun scheme) todo: all api route URI's sb lower case with dashes if necessary (use plural noun scheme)
https://docs.microsoft.com/en-us/azure/architecture/best-practices/api-design#organize-the-api-around-resources https://docs.microsoft.com/en-us/azure/architecture/best-practices/api-design#organize-the-api-around-resources
todo: Controllers should not need to know about databases
refactor code so controller never fetches or deals with saving an object, all that is biz responsibility
todo: Routes should check rights *BEFORE* they fetch the object, not after, all routes affected
i.e. delete route instantiates biz object, then it fetchs object from db *then* it checks if they have rights to delete (generically, not specific to that object)
This is out of order as it triggers a db call even if they have no rights to do it
todo: all biz objects "ExistsAsync" is this required / necessary?
--- ---
todo: add query fail logging to datalist just like done with picklist so in production can catch mysterious problems more easily todo: add query fail logging to datalist just like done with picklist so in production can catch mysterious problems more easily
todo: AUTO ID GENERATOR todo: AUTO ID GENERATOR

171
server/AyaNova/Controllers/ContractController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<ContractController> log; private readonly ILogger<ContractController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full Contract object
/// </summary>
/// <param name="id"></param>
/// <returns>A single Contract</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetContract([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Contract
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutContract([FromRoute] long id, [FromBody] Contract inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create Contract /// Create Contract
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostContract([FromBody] Contract inObj, ApiVersion apiVersion) public async Task<IActionResult> PostContract([FromBody] Contract newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Contract o = await biz.CreateAsync(newObject);
//Create and validate
Contract o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(ContractController.GetContract), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(ContractController.GetContract), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate Contract /// Duplicate Contract
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>Contract</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicateContract([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicateContract([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Contract o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
Contract o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(ContractController.GetContract), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(ContractController.GetContract), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get Contract
/// </summary>
/// <param name="id"></param>
/// <returns>Contract</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetContract([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Contract
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutContract([FromBody] Contract updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete Contract /// Delete Contract
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeleteContract([FromRoute] long id) public async Task<IActionResult> DeleteContract([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext); ContractBiz biz = ContractBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }

170
server/AyaNova/Controllers/HeadOfficeController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<HeadOfficeController> log; private readonly ILogger<HeadOfficeController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,176 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full HeadOffice object
/// </summary>
/// <param name="id"></param>
/// <returns>A single HeadOffice</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetHeadOffice([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) HeadOffice
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutHeadOffice([FromRoute] long id, [FromBody] HeadOffice inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create HeadOffice /// Create HeadOffice
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostHeadOffice([FromBody] HeadOffice inObj, ApiVersion apiVersion) public async Task<IActionResult> PostHeadOffice([FromBody] HeadOffice newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
HeadOffice o = await biz.CreateAsync(newObject);
//Create and validate
HeadOffice o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(HeadOfficeController.GetHeadOffice), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(HeadOfficeController.GetHeadOffice), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate HeadOffice /// Duplicate HeadOffice
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>HeadOffice</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicateHeadOffice([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicateHeadOffice([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
HeadOffice o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
HeadOffice o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(HeadOfficeController.GetHeadOffice), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(HeadOfficeController.GetHeadOffice), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get HeadOffice
/// </summary>
/// <param name="id"></param>
/// <returns>HeadOffice</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetHeadOffice([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) HeadOffice
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutHeadOffice([FromBody] HeadOffice updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete HeadOffice /// Delete HeadOffice
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeleteHeadOffice([FromRoute] long id) public async Task<IActionResult> DeleteHeadOffice([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext); HeadOfficeBiz biz = HeadOfficeBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }

171
server/AyaNova/Controllers/LoanUnitController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<LoanUnitController> log; private readonly ILogger<LoanUnitController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full LoanUnit object
/// </summary>
/// <param name="id"></param>
/// <returns>A single LoanUnit</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetLoanUnit([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) LoanUnit
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutLoanUnit([FromRoute] long id, [FromBody] LoanUnit inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create LoanUnit /// Create LoanUnit
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostLoanUnit([FromBody] LoanUnit inObj, ApiVersion apiVersion) public async Task<IActionResult> PostLoanUnit([FromBody] LoanUnit newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
LoanUnit o = await biz.CreateAsync(newObject);
//Create and validate
LoanUnit o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(LoanUnitController.GetLoanUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(LoanUnitController.GetLoanUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate LoanUnit /// Duplicate LoanUnit
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>LoanUnit</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicateLoanUnit([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicateLoanUnit([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
LoanUnit o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
LoanUnit o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(LoanUnitController.GetLoanUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(LoanUnitController.GetLoanUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get LoanUnit
/// </summary>
/// <param name="id"></param>
/// <returns>LoanUnit</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetLoanUnit([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) LoanUnit
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutLoanUnit([FromBody] LoanUnit updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete LoanUnit /// Delete LoanUnit
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeleteLoanUnit([FromRoute] long id) public async Task<IActionResult> DeleteLoanUnit([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext); LoanUnitBiz biz = LoanUnitBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }

171
server/AyaNova/Controllers/PMTemplateController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<PMTemplateController> log; private readonly ILogger<PMTemplateController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full PMTemplate object
/// </summary>
/// <param name="id"></param>
/// <returns>A single PMTemplate</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetPMTemplate([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) PMTemplate
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutPMTemplate([FromRoute] long id, [FromBody] PMTemplate inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create PMTemplate /// Create PMTemplate
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostPMTemplate([FromBody] PMTemplate inObj, ApiVersion apiVersion) public async Task<IActionResult> PostPMTemplate([FromBody] PMTemplate newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
PMTemplate o = await biz.CreateAsync(newObject);
//Create and validate
PMTemplate o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(PMTemplateController.GetPMTemplate), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(PMTemplateController.GetPMTemplate), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate PMTemplate /// Duplicate PMTemplate
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>PMTemplate</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicatePMTemplate([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicatePMTemplate([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
PMTemplate o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
PMTemplate o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(PMTemplateController.GetPMTemplate), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(PMTemplateController.GetPMTemplate), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get PMTemplate
/// </summary>
/// <param name="id"></param>
/// <returns>PMTemplate</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetPMTemplate([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) PMTemplate
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutPMTemplate([FromBody] PMTemplate updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete PMTemplate /// Delete PMTemplate
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeletePMTemplate([FromRoute] long id) public async Task<IActionResult> DeletePMTemplate([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext); PMTemplateBiz biz = PMTemplateBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }

171
server/AyaNova/Controllers/PartController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<PartController> log; private readonly ILogger<PartController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full Part object
/// </summary>
/// <param name="id"></param>
/// <returns>A single Part</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetPart([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
PartBiz biz = PartBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Part
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutPart([FromRoute] long id, [FromBody] Part inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
PartBiz biz = PartBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create Part /// Create Part
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostPart([FromBody] Part inObj, ApiVersion apiVersion) public async Task<IActionResult> PostPart([FromBody] Part newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
PartBiz biz = PartBiz.GetBiz(ct, HttpContext); PartBiz biz = PartBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Part o = await biz.CreateAsync(newObject);
//Create and validate
Part o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(PartController.GetPart), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(PartController.GetPart), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate Part /// Duplicate Part
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>Part</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicatePart([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicatePart([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
PartBiz biz = PartBiz.GetBiz(ct, HttpContext); PartBiz biz = PartBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Part o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
Part o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(PartController.GetPart), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(PartController.GetPart), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get Part
/// </summary>
/// <param name="id"></param>
/// <returns>Part</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetPart([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
PartBiz biz = PartBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Part
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutPart([FromBody] Part updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
PartBiz biz = PartBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete Part /// Delete Part
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeletePart([FromRoute] long id) public async Task<IActionResult> DeletePart([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
PartBiz biz = PartBiz.GetBiz(ct, HttpContext); PartBiz biz = PartBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }

171
server/AyaNova/Controllers/ProjectController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<ProjectController> log; private readonly ILogger<ProjectController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full Project object
/// </summary>
/// <param name="id"></param>
/// <returns>A single Project</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetProject([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Project
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutProject([FromRoute] long id, [FromBody] Project inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create Project /// Create Project
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostProject([FromBody] Project inObj, ApiVersion apiVersion) public async Task<IActionResult> PostProject([FromBody] Project newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Project o = await biz.CreateAsync(newObject);
//Create and validate
Project o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(ProjectController.GetProject), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(ProjectController.GetProject), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate Project /// Duplicate Project
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>Project</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicateProject([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicateProject([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Project o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
Project o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(ProjectController.GetProject), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(ProjectController.GetProject), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get Project
/// </summary>
/// <param name="id"></param>
/// <returns>Project</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetProject([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Project
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutProject([FromBody] Project updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete Project /// Delete Project
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeleteProject([FromRoute] long id) public async Task<IActionResult> DeleteProject([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext); ProjectBiz biz = ProjectBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }

171
server/AyaNova/Controllers/PurchaseOrderController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<PurchaseOrderController> log; private readonly ILogger<PurchaseOrderController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full PurchaseOrder object
/// </summary>
/// <param name="id"></param>
/// <returns>A single PurchaseOrder</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetPurchaseOrder([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) PurchaseOrder
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutPurchaseOrder([FromRoute] long id, [FromBody] PurchaseOrder inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create PurchaseOrder /// Create PurchaseOrder
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostPurchaseOrder([FromBody] PurchaseOrder inObj, ApiVersion apiVersion) public async Task<IActionResult> PostPurchaseOrder([FromBody] PurchaseOrder newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
PurchaseOrder o = await biz.CreateAsync(newObject);
//Create and validate
PurchaseOrder o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(PurchaseOrderController.GetPurchaseOrder), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(PurchaseOrderController.GetPurchaseOrder), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate PurchaseOrder /// Duplicate PurchaseOrder
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>PurchaseOrder</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicatePurchaseOrder([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicatePurchaseOrder([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
PurchaseOrder o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
PurchaseOrder o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(PurchaseOrderController.GetPurchaseOrder), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(PurchaseOrderController.GetPurchaseOrder), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get PurchaseOrder
/// </summary>
/// <param name="id"></param>
/// <returns>PurchaseOrder</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetPurchaseOrder([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) PurchaseOrder
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutPurchaseOrder([FromBody] PurchaseOrder updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete PurchaseOrder /// Delete PurchaseOrder
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeletePurchaseOrder([FromRoute] long id) public async Task<IActionResult> DeletePurchaseOrder([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext); PurchaseOrderBiz biz = PurchaseOrderBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }

171
server/AyaNova/Controllers/UnitController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<UnitController> log; private readonly ILogger<UnitController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full Unit object
/// </summary>
/// <param name="id"></param>
/// <returns>A single Unit</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetUnit([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Unit
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutUnit([FromRoute] long id, [FromBody] Unit inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create Unit /// Create Unit
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostUnit([FromBody] Unit inObj, ApiVersion apiVersion) public async Task<IActionResult> PostUnit([FromBody] Unit newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Unit o = await biz.CreateAsync(newObject);
//Create and validate
Unit o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(UnitController.GetUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(UnitController.GetUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate Unit /// Duplicate Unit
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>Unit</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicateUnit([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicateUnit([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Unit o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
Unit o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(UnitController.GetUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(UnitController.GetUnit), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get Unit
/// </summary>
/// <param name="id"></param>
/// <returns>Unit</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetUnit([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Unit
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutUnit([FromBody] Unit updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete Unit /// Delete Unit
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeleteUnit([FromRoute] long id) public async Task<IActionResult> DeleteUnit([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext); UnitBiz biz = UnitBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }

171
server/AyaNova/Controllers/UnitModelController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<UnitModelController> log; private readonly ILogger<UnitModelController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full UnitModel object
/// </summary>
/// <param name="id"></param>
/// <returns>A single UnitModel</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetUnitModel([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) UnitModel
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutUnitModel([FromRoute] long id, [FromBody] UnitModel inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create UnitModel /// Create UnitModel
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostUnitModel([FromBody] UnitModel inObj, ApiVersion apiVersion) public async Task<IActionResult> PostUnitModel([FromBody] UnitModel newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
UnitModel o = await biz.CreateAsync(newObject);
//Create and validate
UnitModel o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(UnitModelController.GetUnitModel), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(UnitModelController.GetUnitModel), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate UnitModel /// Duplicate UnitModel
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>UnitModel</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicateUnitModel([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicateUnitModel([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
UnitModel o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
UnitModel o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(UnitModelController.GetUnitModel), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(UnitModelController.GetUnitModel), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get UnitModel
/// </summary>
/// <param name="id"></param>
/// <returns>UnitModel</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetUnitModel([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) UnitModel
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutUnitModel([FromBody] UnitModel updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete UnitModel /// Delete UnitModel
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeleteUnitModel([FromRoute] long id) public async Task<IActionResult> DeleteUnitModel([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext); UnitModelBiz biz = UnitModelBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }

171
server/AyaNova/Controllers/VendorController.cs
View File

@@ -3,8 +3,6 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using AyaNova.Models; using AyaNova.Models;
using AyaNova.Api.ControllerHelpers; using AyaNova.Api.ControllerHelpers;
@@ -13,7 +11,6 @@ using AyaNova.Biz;
namespace AyaNova.Api.Controllers namespace AyaNova.Api.Controllers
{ {
[ApiController] [ApiController]
[ApiVersion("8.0")] [ApiVersion("8.0")]
[Route("api/v{version:apiVersion}/[controller]")] [Route("api/v{version:apiVersion}/[controller]")]
@@ -25,7 +22,6 @@ namespace AyaNova.Api.Controllers
private readonly ILogger<VendorController> log; private readonly ILogger<VendorController> log;
private readonly ApiServerState serverState; private readonly ApiServerState serverState;
/// <summary> /// <summary>
/// ctor /// ctor
/// </summary> /// </summary>
@@ -39,177 +35,116 @@ namespace AyaNova.Api.Controllers
serverState = apiServerState; serverState = apiServerState;
} }
/// <summary>
/// Get full Vendor object
/// </summary>
/// <param name="id"></param>
/// <returns>A single Vendor</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetVendor([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext);
//NOTE: This is the first check and often the only check but in some cases with some objects this will also need to check biz object rules
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
// NOTE: HERE would be the second check of biz rules before returning the object
// in cases where there is also a business rule to affect retrieval on top of basic rights
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Vendor
/// </summary>
/// <param name="id"></param>
/// <param name="inObj"></param>
/// <returns></returns>
[HttpPut("{id}")]
public async Task<IActionResult> PutVendor([FromRoute] long id, [FromBody] Vendor inObj)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
{
if (!await biz.PutAsync(o, inObj))
return BadRequest(new ApiErrorResponse(biz.Errors));
}
catch (DbUpdateConcurrencyException)
{
if (!await biz.ExistsAsync(id))
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
else
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));
}
/// <summary> /// <summary>
/// Create Vendor /// Create Vendor
/// </summary> /// </summary>
/// <param name="inObj"></param> /// <param name="newObject"></param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns></returns>
[HttpPost] [HttpPost]
public async Task<IActionResult> PostVendor([FromBody] Vendor inObj, ApiVersion apiVersion) public async Task<IActionResult> PostVendor([FromBody] Vendor newObject, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Vendor o = await biz.CreateAsync(newObject);
//Create and validate
Vendor o = await biz.CreateAsync(inObj);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(VendorController.GetVendor), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(VendorController.GetVendor), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary> /// <summary>
/// Duplicate Vendor /// Duplicate Vendor
/// (Wiki and Attachments are not duplicated)
/// </summary> /// </summary>
/// <param name="id">Create a duplicate of this items id</param> /// <param name="id">Source object id</param>
/// <param name="apiVersion">From route path</param> /// <param name="apiVersion">From route path</param>
/// <returns></returns> /// <returns>Vendor</returns>
[HttpPost("duplicate/{id}")] [HttpPost("duplicate/{id}")]
public async Task<IActionResult> DuplicateVendor([FromRoute] long id, ApiVersion apiVersion) public async Task<IActionResult> DuplicateVendor([FromRoute] long id, ApiVersion apiVersion)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
//Instantiate the business object handler
VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext);
//If a user has change roles
if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
Vendor o = await biz.DuplicateAsync(id);
var oSrc = await biz.GetAsync(id, false);
if (oSrc == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
//Create and validate
Vendor o = await biz.DuplicateAsync(oSrc);
if (o == null) if (o == null)
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
else else
return CreatedAtAction(nameof(VendorController.GetVendor), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o)); return CreatedAtAction(nameof(VendorController.GetVendor), new { id = o.Id, version = apiVersion.ToString() }, new ApiCreatedResponse(o));
} }
/// <summary>
/// Get Vendor
/// </summary>
/// <param name="id"></param>
/// <returns>Vendor</returns>
[HttpGet("{id}")]
public async Task<IActionResult> GetVendor([FromRoute] long id)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
var o = await biz.GetAsync(id);
if (o == null) return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
return Ok(ApiOkResponse.Response(o, !Authorized.HasModifyRole(HttpContext.Items, biz.BizType)));
}
/// <summary>
/// Put (update) Vendor
/// </summary>
/// <param name="updatedObject"></param>
/// <returns></returns>
[HttpPut]
public async Task<IActionResult> PutVendor([FromBody] Vendor updatedObject)
{
if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState));
VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext);
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
var o = await biz.PutAsync(updatedObject);//In future may need to return entire object, for now just concurrency token
if (o == null)
{
if (biz.Errors.Exists(m => m.Code == ApiErrorCode.CONCURRENCY_CONFLICT))
return StatusCode(409, new ApiErrorResponse(biz.Errors));
else
return BadRequest(new ApiErrorResponse(biz.Errors));
}
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }, true));;
}
/// <summary> /// <summary>
/// Delete Vendor /// Delete Vendor
/// </summary> /// </summary>
/// <param name="id"></param> /// <param name="id"></param>
/// <returns>Ok</returns> /// <returns>NoContent</returns>
[HttpDelete("{id}")] [HttpDelete("{id}")]
public async Task<IActionResult> DeleteVendor([FromRoute] long id) public async Task<IActionResult> DeleteVendor([FromRoute] long id)
{ {
if (!serverState.IsOpen) if (!serverState.IsOpen)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason)); return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
if (!ModelState.IsValid) if (!ModelState.IsValid)
return BadRequest(new ApiErrorResponse(ModelState)); return BadRequest(new ApiErrorResponse(ModelState));
//Instantiate the business object handler
VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext); VendorBiz biz = VendorBiz.GetBiz(ct, HttpContext);
var o = await biz.GetAsync(id, false);
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType)) if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse()); return StatusCode(403, new ApiNotAuthorizedResponse());
if (!await biz.DeleteAsync(id))
if (!await biz.DeleteAsync(o))
return BadRequest(new ApiErrorResponse(biz.Errors)); return BadRequest(new ApiErrorResponse(biz.Errors));
return NoContent(); return NoContent();
} }