211 lines
8.0 KiB
C#
211 lines
8.0 KiB
C#
using System.Linq;
|
|
using System.Threading.Tasks;
|
|
using Microsoft.AspNetCore.Http;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.Routing;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
|
|
using Microsoft.EntityFrameworkCore;
|
|
using Microsoft.Extensions.Logging;
|
|
|
|
using AyaNova.Models;
|
|
using AyaNova.Api.ControllerHelpers;
|
|
using AyaNova.Biz;
|
|
|
|
|
|
namespace AyaNova.Api.Controllers
|
|
{
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
[ApiController]
|
|
[ApiVersion("8.0")]
|
|
[Route("api/v{version:apiVersion}/form-custom")]
|
|
[Produces("application/json")]
|
|
[Authorize]
|
|
public class FormCustomController : ControllerBase
|
|
{
|
|
private readonly AyContext ct;
|
|
private readonly ILogger<FormCustomController> log;
|
|
private readonly ApiServerState serverState;
|
|
|
|
|
|
/// <summary>
|
|
/// ctor
|
|
/// </summary>
|
|
/// <param name="dbcontext"></param>
|
|
/// <param name="logger"></param>
|
|
/// <param name="apiServerState"></param>
|
|
public FormCustomController(AyContext dbcontext, ILogger<FormCustomController> logger, ApiServerState apiServerState)
|
|
{
|
|
ct = dbcontext;
|
|
log = logger;
|
|
serverState = apiServerState;
|
|
}
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
/// Get form customizations for Client form display
|
|
/// </summary>
|
|
/// <param name="formkey">The official form key used by AyaNova</param>
|
|
/// <param name="concurrency">A prior concurrency token used to check if there are any changes without using up bandwidth sending unnecessary data</param>
|
|
/// <returns>A single FormCustom or nothing and a header 304 not modified</returns>
|
|
[HttpGet("{formkey}")]
|
|
public async Task<IActionResult> GetFormCustom([FromRoute] string formkey, [FromQuery] uint? concurrency)
|
|
{
|
|
if (serverState.IsClosed && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
|
|
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
|
|
|
|
//Instantiate the business object handler
|
|
FormCustomBiz biz = FormCustomBiz.GetBiz(ct, HttpContext);
|
|
|
|
//Just have to be authenticated for this one
|
|
if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
|
|
return StatusCode(403, new ApiNotAuthorizedResponse());
|
|
|
|
if (!ModelState.IsValid)
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
|
|
|
|
var o = await biz.GetAsync(formkey);
|
|
if (o == null)
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
|
|
//If concurrency token specified then check if ours is newer
|
|
if (concurrency != null)
|
|
{
|
|
if (o.Concurrency == concurrency)
|
|
{
|
|
//returns a code 304 (NOT MODIFIED)
|
|
return StatusCode(304);
|
|
}
|
|
}
|
|
|
|
return Ok(ApiOkResponse.Response(o));
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
/// Get available types allowed for Custom fields
|
|
/// Used to build UI for customizing a form
|
|
/// These values are a subset of the AyaDataTypes values
|
|
/// which can be fetched from the EnumList route
|
|
/// </summary>
|
|
/// <returns>A list of valid values for custom field types</returns>
|
|
[HttpGet("availablecustomtypes")]
|
|
public ActionResult GetAvailableCustomTypes()
|
|
{
|
|
if (!serverState.IsOpen && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
|
|
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
|
|
|
|
if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.FormCustom))
|
|
return StatusCode(403, new ApiNotAuthorizedResponse());
|
|
|
|
if (!ModelState.IsValid)
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
return Ok(ApiOkResponse.Response(CustomFieldType.ValidCustomFieldTypes));
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
/// Get a list of all customizable form keys
|
|
/// Used to build UI for customizing a form
|
|
/// </summary>
|
|
/// <returns>A list of string formKey values valid for customization</returns>
|
|
[HttpGet("availablecustomizableformkeys")]
|
|
public ActionResult GetAvailableCustomizableFormKeys()
|
|
{
|
|
if (!serverState.IsOpen && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
|
|
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
|
|
|
|
if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.FormCustom))
|
|
return StatusCode(403, new ApiNotAuthorizedResponse());
|
|
|
|
if (!ModelState.IsValid)
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
return Ok(ApiOkResponse.Response(FormFieldOptionalCustomizableReference.FormFieldKeys));
|
|
}
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
/// Update FormCustom
|
|
/// </summary>
|
|
/// <param name="formkey"></param>
|
|
/// <param name="inObj"></param>
|
|
/// <returns></returns>
|
|
[HttpPut("{formkey}")]
|
|
public async Task<IActionResult> PutFormCustom([FromRoute] string formkey, [FromBody] FormCustom inObj)
|
|
{
|
|
if (!serverState.IsOpen && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
|
|
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
|
|
|
|
if (!ModelState.IsValid)
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
|
|
//Instantiate the business object handler
|
|
FormCustomBiz biz = FormCustomBiz.GetBiz(ct, HttpContext);
|
|
|
|
var o = await biz.GetAsync(formkey);
|
|
if (o == null)
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
|
|
if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
|
|
return StatusCode(403, new ApiNotAuthorizedResponse());
|
|
|
|
try
|
|
{
|
|
if (!await biz.PutAsync(o, inObj))
|
|
return BadRequest(new ApiErrorResponse(biz.Errors));
|
|
}
|
|
catch (DbUpdateConcurrencyException)
|
|
{
|
|
if (!await biz.ExistsAsync(formkey))
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
else
|
|
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
|
|
}
|
|
return Ok(ApiOkResponse.Response(new { Concurrency = o.Concurrency }));
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
/// Get FormKey from id of FormCustom
|
|
/// </summary>
|
|
/// <returns>A formKey string if id found</returns>
|
|
[HttpGet("form-key/{id}")]
|
|
public async Task<IActionResult> GetFormKeyFromId(long id)
|
|
{
|
|
if (!serverState.IsOpen && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
|
|
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
|
|
|
|
if (!Authorized.HasReadFullRole(HttpContext.Items, AyaType.FormCustom))
|
|
return StatusCode(403, new ApiNotAuthorizedResponse());
|
|
|
|
if (!ModelState.IsValid)
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
|
|
var fc = await ct.FormCustom.FirstOrDefaultAsync(z => z.Id == id);
|
|
if (fc == null)
|
|
{
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
}
|
|
return Ok(ApiOkResponse.Response(fc.FormKey));
|
|
}
|
|
|
|
|
|
//------------
|
|
|
|
|
|
}//eoc
|
|
}//eons |