raven/server/AyaNova/Controllers/EventLogController.cs

using System;
using System.IO;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Routing;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Logging;
using System.ComponentModel.DataAnnotations;
using Newtonsoft.Json.Linq;
using AyaNova.Models;
using AyaNova.Api.ControllerHelpers;
using AyaNova.Biz;


namespace AyaNova.Api.Controllers
{

    /// <summary>
    /// Log files controller
    /// </summary>
    [ApiVersion("8.0")]
    [Route("api/v{version:apiVersion}/[controller]")]
    [Authorize]
    public class EventLogController : Controller
    {
        private readonly AyContext ct;
        private readonly ILogger<LogFilesController> log;
        private readonly ApiServerState serverState;


        /// <summary>
        /// ctor
        /// </summary>
        /// <param name="dbcontext"></param>
        /// <param name="logger"></param>
        /// <param name="apiServerState"></param>
        public EventLogController(AyContext dbcontext, ILogger<LogFilesController> logger, ApiServerState apiServerState)
        {
            ct = dbcontext;
            log = logger;
            serverState = apiServerState;
        }


//TODO: flesh out these routes, just text only for now
//Need to set roles properly
//  User should be able to get own user log, but not someone else's without elevated rights, this is a bizadmin type thing, ops maybe shouldn't be able to see it?  Or should?  not sure
//Owner or with rights to type should be able to get object log
//SEE ATTACHMENT CONTROLLER FOR CODE TO GET RIGHTS TO AD-HOC OBJECTS
//Actual log processor and constructor should be in EventLogProcessor

        /// <summary>
        /// Get events as text document for object specified
        /// 
        /// Required roles:
        /// OpsAdminFull | OpsAdminLimited
        /// </summary>        
        /// <returns>Event log for object</returns>
        [HttpGet("ObjectLog")]
        public async Task<IActionResult> GetObjectLog([FromQuery] EventLogOptions opt)
        {
            //Open or opsOnly and user is opsadminfull or opsadminlimited
            if (!serverState.IsOpenOrOpsOnly || (serverState.IsOpsOnly && !Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited)))
            {
                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
            }

            if (!Authorized.IsAuthorizedToRead(HttpContext.Items, AyaType.Metrics))
            {
                return StatusCode(401, new ApiNotAuthorizedResponse());
            }

            string sResult = await GetTheMetrics("plain");

            //Log
            EventLogProcessor.AddEntry(new Event(UserIdFromContext.Id(HttpContext.Items), 0, AyaType.Metrics, AyaEvent.Retrieved), ct);

            return Content(sResult);
        }



 /// <summary>
        /// Get events for a user as text document for object specified
        /// 
        /// Required roles:
        /// OpsAdminFull | OpsAdminLimited
        /// </summary>        
        /// <returns>Event log for user</returns>
        [HttpGet("UserLog")]
        public async Task<IActionResult> GetUserLog([FromQuery] EventLogOptions opt)
        {
            //Open or opsOnly and user is opsadminfull or opsadminlimited
            if (!serverState.IsOpenOrOpsOnly || (serverState.IsOpsOnly && !Authorized.HasAnyRole(HttpContext.Items, AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited)))
            {
                return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
            }

            if (!Authorized.IsAuthorizedToRead(HttpContext.Items, AyaType.Metrics))
            {
                return StatusCode(401, new ApiNotAuthorizedResponse());
            }

            string sResult = await GetTheMetrics("plain");

            //Log
            EventLogProcessor.AddEntry(new Event(UserIdFromContext.Id(HttpContext.Items), 0, AyaType.Metrics, AyaEvent.Retrieved), ct);

            return Content(sResult);
        }


       

        //------------


        public sealed class EventLogOptions
        {           
            [FromQuery]
            public AyaType AyType { get; set; }
            [FromQuery]
            public long AyId { get; set; }
            [FromQuery]
            public DateTime StartDate { get; set; }
            [FromQuery]
            public DateTime EndDate { get; set; }          
        }

    }//eoc
}//eons