server/AyaNova/Controllers/EventLogController.cs

@@ -107,14 +107,14 @@ namespace AyaNova.Api.Controllers
         /// <param name="apiVersion">Automatically filled from route path, no need to specify in body</param>
         /// <returns></returns>
         [ApiExplorerSettings(IgnoreApi = true)]
-        [HttpPost]
+        [HttpPost("v7")]
         public async Task<IActionResult> PostV7Modify([FromBody] V7Event inObj, ApiVersion apiVersion)
         {
             if (!serverState.IsOpen)
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
 
-            //Only biz admin full users can do this
+           //NOTE: only bizadmin full and opsadminfull have this right so it's perfect for this task
-            if (!Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.BizAdminFull))
+            if (!Authorized.HasCreateRole(HttpContext.Items, AyaType.License))           
                 return StatusCode(403, new ApiNotAuthorizedResponse());
 
             if (!ModelState.IsValid)

server/AyaNova/Controllers/LicenseController.cs

@@ -183,6 +183,52 @@ namespace AyaNova.Api.Controllers
             return Ok(ApiOkResponse.Response(ret, true));
         }
 
+
+
+
+        /// <summary>
+        /// Permanently erase all data and all attachments
+        /// 
+        /// Posting to this route causes AyaNova completely erase all data in it's database and erase all attachment files
+        /// returning the database to an empty state
+        ///
+        /// The only items retained are the Manager account and the license key
+        ///  
+        /// (Only *the* Manager account can use this route)
+        /// </summary>
+        /// <param name="acceptCode">Must be "I understand"</param>
+        /// <returns>HTTP 204 No Content result code on success or fail code with explanation</returns>
+        [HttpPost("PermanentlyEraseAllData")]
+        public async Task<IActionResult> RemoveAllData([FromBody] string acceptCode)
+        {
+            if (serverState.IsClosed)
+                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+
+            if (!ModelState.IsValid)
+                return BadRequest(new ApiErrorResponse(ModelState));
+                
+            long UserId = UserIdFromContext.Id(HttpContext.Items);
+
+            //Manager only and must have accept code
+            if (UserId != 1 || string.IsNullOrWhiteSpace(acceptCode) || acceptCode.ToLowerInvariant() != "i understand")
+                return StatusCode(403, new ApiNotAuthorizedResponse());
+
+
+
+            //empty the db
+            await AyaNova.Util.DbUtil.EmptyBizDataFromDatabaseForSeedingOrImportingAsync(log);
+
+            //Log
+            await EventLogProcessor.LogEventToDatabaseAsync(new Event(1, 0, AyaType.License, AyaEvent.EraseAllData), ct);
+
+            return NoContent();
+        }
+
+
+
+
+
+
         //------------------------------------------------------
 
         public class dtoTrialRequestData

server/AyaNova/biz/AyaEvent.cs

@@ -23,7 +23,8 @@ namespace AyaNova.Biz
         LicenseTrialRequest=8,
         ServerStateChange=9,
         SeedDatabase=10,
-        AttachmentModified=11
+        AttachmentModified=11,
+        EraseAllData=12
 
         //NEW ITEMS REQUIRE translation KEYS and update CLIENT ay-history.vue code in eventypes list and translation fetcher
 

server/AyaNova/biz/UserBiz.cs

@@ -629,15 +629,16 @@ namespace AyaNova.Biz
                         i.Notes = j["Notes"].Value<string>();
 
                         //TAGS
-                        var MemberOfGroupId = new Guid(j["MemberOfGroup"].Value<string>());
+                        //member of group is actually security group not sched user group so this was wrong anyway but moot now
-                        if (MemberOfGroupId != Guid.Empty)
+                        // var MemberOfGroupId = new Guid(j["MemberOfGroup"].Value<string>());
-                        {
+                        // if (MemberOfGroupId != Guid.Empty)
-                            string sTag = string.Empty;
+                        // {
-                            if (tagLists["ScheduleableUserGroup"].TryGetValue(MemberOfGroupId, out sTag))
+                        //     string sTag = string.Empty;
-                            {
+                        //     if (tagLists["ScheduleableUserGroup"].TryGetValue(MemberOfGroupId, out sTag))
-                                i.Tags.Add(sTag);
+                        //     {
-                            }
+                        //         i.Tags.Add(sTag);
-                        }
+                        //     }
+                        // }
 
                         var RegionID = new Guid(j["RegionID"].Value<string>());
                         if (RegionID != Guid.Empty)

server/AyaNova/util/DbUtil.cs

@@ -289,7 +289,7 @@ namespace AyaNova.Util
                 await EraseTableAsync("awidget", conn);
                 await EraseTableAsync("aevent", conn);
                 await EraseTableAsync("adatalistview", conn);
-              //  await EraseTableAsync("adatalisttemplate", conn);
+                await EraseTableAsync("apicklisttemplate", conn);
                 await EraseTableAsync("aformcustom", conn);
                 await EraseTableAsync("asearchkey", conn);
                 await EraseTableAsync("asearchdictionary", conn);