495 lines
17 KiB
C#
495 lines
17 KiB
C#
using System.Linq;
|
|
using System.Threading.Tasks;
|
|
using Microsoft.AspNetCore.Http;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.Routing;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.JsonPatch;
|
|
using Microsoft.EntityFrameworkCore;
|
|
using Microsoft.Extensions.Logging;
|
|
|
|
using AyaNova.Models;
|
|
using AyaNova.Api.ControllerHelpers;
|
|
using AyaNova.Biz;
|
|
|
|
|
|
namespace AyaNova.Api.Controllers
|
|
{
|
|
|
|
/// <summary>
|
|
/// UserOptions
|
|
/// </summary>
|
|
[ApiVersion("8.0")]
|
|
[Route("api/v{version:apiVersion}/[controller]")]
|
|
[Produces("application/json")]
|
|
[Authorize]
|
|
public class UserOptionsController : Controller
|
|
{
|
|
private readonly AyContext ct;
|
|
private readonly ILogger<UserOptionsController> log;
|
|
private readonly ApiServerState serverState;
|
|
|
|
|
|
/// <summary>
|
|
/// ctor
|
|
/// </summary>
|
|
/// <param name="dbcontext"></param>
|
|
/// <param name="logger"></param>
|
|
/// <param name="apiServerState"></param>
|
|
public UserOptionsController(AyContext dbcontext, ILogger<UserOptionsController> logger, ApiServerState apiServerState)
|
|
{
|
|
ct = dbcontext;
|
|
log = logger;
|
|
serverState = apiServerState;
|
|
}
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
/// Get full UserOptions object
|
|
///
|
|
/// Required roles:
|
|
/// BizAdminFull, InventoryFull, BizAdminLimited, InventoryLimited, TechFull, TechLimited, Accounting
|
|
/// </summary>
|
|
/// <param name="id"></param>
|
|
/// <returns>A single UserOptions</returns>
|
|
[HttpGet("{id}")]
|
|
public async Task<IActionResult> GetUserOptions([FromRoute] long id)
|
|
{
|
|
if (serverState.IsClosed)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.UserOptions))
|
|
{
|
|
return StatusCode(401, new ApiNotAuthorizedResponse());
|
|
}
|
|
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
}
|
|
|
|
//Instantiate the business object handler
|
|
UserOptionsBiz biz = new UserOptionsBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
|
|
|
var o = await biz.GetAsync(id);
|
|
|
|
if (o == null)
|
|
{
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
}
|
|
|
|
//Log
|
|
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, AyaType.UserOptions, AyaEvent.Retrieved), ct);
|
|
ct.SaveChanges();
|
|
return Ok(new ApiOkResponse(o));
|
|
}
|
|
|
|
|
|
|
|
/// <summary>
|
|
/// Get paged list of UserOptionss
|
|
///
|
|
/// Required roles: Any
|
|
///
|
|
/// </summary>
|
|
/// <returns>Paged collection of UserOptionss with paging data</returns>
|
|
[HttpGet("ListUserOptionss", Name = nameof(ListUserOptionss))]//We MUST have a "Name" defined or we can't get the link for the pagination, non paged urls don't need a name
|
|
public async Task<IActionResult> ListUserOptionss([FromQuery] PagingOptions pagingOptions)
|
|
{
|
|
if (serverState.IsClosed)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.UserOptions))
|
|
{
|
|
return StatusCode(401, new ApiNotAuthorizedResponse());
|
|
}
|
|
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
}
|
|
|
|
//Instantiate the business object handler
|
|
UserOptionsBiz biz = new UserOptionsBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
|
|
|
ApiPagedResponse<UserOptions> pr = await biz.GetManyAsync(Url, nameof(ListUserOptionss), pagingOptions);
|
|
return Ok(new ApiOkWithPagingResponse<UserOptions>(pr));
|
|
}
|
|
|
|
|
|
|
|
/// <summary>
|
|
/// Get UserOptions pick list
|
|
///
|
|
/// Required roles: Any
|
|
///
|
|
/// This list supports querying the Name property
|
|
/// include a "q" parameter for string to search for
|
|
/// use % for wildcards.
|
|
///
|
|
/// e.g. q=%Jones%
|
|
///
|
|
/// Query is case insensitive
|
|
/// </summary>
|
|
/// <returns>Paged id/name collection of UserOptionss with paging data</returns>
|
|
[HttpGet("PickList", Name = nameof(UserOptionsPickList))]
|
|
public async Task<IActionResult> UserOptionsPickList([FromQuery] string q, [FromQuery] PagingOptions pagingOptions)
|
|
{
|
|
if (serverState.IsClosed)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
}
|
|
|
|
//Instantiate the business object handler
|
|
UserOptionsBiz biz = new UserOptionsBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
|
|
|
ApiPagedResponse<NameIdItem> pr = await biz.GetPickListAsync(Url, nameof(UserOptionsPickList), pagingOptions, q);
|
|
return Ok(new ApiOkWithPagingResponse<NameIdItem>(pr));
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
/// Put (update) UserOptions
|
|
///
|
|
/// Required roles:
|
|
/// BizAdminFull, InventoryFull
|
|
/// TechFull (owned only)
|
|
///
|
|
/// </summary>
|
|
/// <param name="id"></param>
|
|
/// <param name="inObj"></param>
|
|
/// <returns></returns>
|
|
[HttpPut("{id}")]
|
|
public async Task<IActionResult> PutUserOptions([FromRoute] long id, [FromBody] UserOptions inObj)
|
|
{
|
|
if (!serverState.IsOpen)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
}
|
|
|
|
var o = await ct.UserOptions.SingleOrDefaultAsync(m => m.Id == id);
|
|
|
|
if (o == null)
|
|
{
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
}
|
|
|
|
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.UserOptions, o.OwnerId))
|
|
{
|
|
return StatusCode(401, new ApiNotAuthorizedResponse());
|
|
}
|
|
|
|
//Instantiate the business object handler
|
|
UserOptionsBiz biz = new UserOptionsBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
|
|
|
if (!biz.Put(o, inObj))
|
|
{
|
|
return BadRequest(new ApiErrorResponse(biz.Errors));
|
|
}
|
|
|
|
try
|
|
{
|
|
//Log
|
|
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, AyaType.UserOptions, AyaEvent.Modified), ct);
|
|
await ct.SaveChangesAsync();
|
|
}
|
|
catch (DbUpdateConcurrencyException)
|
|
{
|
|
if (!UserOptionsExists(id))
|
|
{
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
}
|
|
else
|
|
{
|
|
//exists but was changed by another user
|
|
//I considered returning new and old record, but where would it end?
|
|
//Better to let the client decide what to do than to send extra data that is not required
|
|
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
|
|
}
|
|
}
|
|
|
|
|
|
|
|
return Ok(new ApiOkResponse(new { ConcurrencyToken = o.ConcurrencyToken }));
|
|
}
|
|
|
|
|
|
|
|
/// <summary>
|
|
/// Patch (update) UserOptions
|
|
///
|
|
/// Required roles:
|
|
/// BizAdminFull, InventoryFull
|
|
/// TechFull (owned only)
|
|
/// </summary>
|
|
/// <param name="id"></param>
|
|
/// <param name="concurrencyToken"></param>
|
|
/// <param name="objectPatch"></param>
|
|
/// <returns></returns>
|
|
[HttpPatch("{id}/{concurrencyToken}")]
|
|
public async Task<IActionResult> PatchUserOptions([FromRoute] long id, [FromRoute] uint concurrencyToken, [FromBody]JsonPatchDocument<UserOptions> objectPatch)
|
|
{
|
|
//https://dotnetcoretutorials.com/2017/11/29/json-patch-asp-net-core/
|
|
|
|
if (!serverState.IsOpen)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
}
|
|
|
|
//Instantiate the business object handler
|
|
UserOptionsBiz biz = new UserOptionsBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
|
|
|
|
|
var o = await ct.UserOptions.SingleOrDefaultAsync(m => m.Id == id);
|
|
|
|
if (o == null)
|
|
{
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
}
|
|
|
|
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.UserOptions, o.OwnerId))
|
|
{
|
|
return StatusCode(401, new ApiNotAuthorizedResponse());
|
|
}
|
|
|
|
//patch and validate
|
|
if (!biz.Patch(o, objectPatch, concurrencyToken))
|
|
{
|
|
return BadRequest(new ApiErrorResponse(biz.Errors));
|
|
}
|
|
|
|
try
|
|
{
|
|
//Log
|
|
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, AyaType.UserOptions, AyaEvent.Modified), ct);
|
|
await ct.SaveChangesAsync();
|
|
}
|
|
catch (DbUpdateConcurrencyException)
|
|
{
|
|
if (!UserOptionsExists(id))
|
|
{
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
}
|
|
else
|
|
{
|
|
return StatusCode(409, new ApiErrorResponse(ApiErrorCode.CONCURRENCY_CONFLICT));
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
return Ok(new ApiOkResponse(new { ConcurrencyToken = o.ConcurrencyToken }));
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
/// Post UserOptions
|
|
///
|
|
/// Required roles:
|
|
/// BizAdminFull, InventoryFull, TechFull
|
|
/// </summary>
|
|
/// <param name="inObj"></param>
|
|
/// <returns></returns>
|
|
[HttpPost]
|
|
public async Task<IActionResult> PostUserOptions([FromBody] UserOptions inObj)
|
|
{
|
|
if (!serverState.IsOpen)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
//If a user has change roles, or editOwnRoles then they can create, true is passed for isOwner since they are creating so by definition the owner
|
|
if (!Authorized.IsAuthorizedToCreate(HttpContext.Items, AyaType.UserOptions))
|
|
{
|
|
return StatusCode(401, new ApiNotAuthorizedResponse());
|
|
}
|
|
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
}
|
|
|
|
//Instantiate the business object handler
|
|
UserOptionsBiz biz = new UserOptionsBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
|
|
|
//Create and validate
|
|
UserOptions o = await biz.CreateAsync(inObj);
|
|
|
|
if (o == null)
|
|
{
|
|
//error return
|
|
return BadRequest(new ApiErrorResponse(biz.Errors));
|
|
}
|
|
else
|
|
{
|
|
|
|
//save to get Id
|
|
await ct.SaveChangesAsync();
|
|
|
|
//Log now that we have the Id
|
|
EventLogProcessor.AddEntry(new Event(biz.userId, o.Id, AyaType.UserOptions, AyaEvent.Created), ct);
|
|
await ct.SaveChangesAsync();
|
|
|
|
//return success and link
|
|
return CreatedAtAction("GetUserOptions", new { id = o.Id }, new ApiCreatedResponse(o));
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/// <summary>
|
|
/// Delete UserOptions
|
|
///
|
|
/// Required roles:
|
|
/// BizAdminFull, InventoryFull
|
|
/// TechFull (owned only)
|
|
///
|
|
/// </summary>
|
|
/// <param name="id"></param>
|
|
/// <returns>Ok</returns>
|
|
[HttpDelete("{id}")]
|
|
public async Task<IActionResult> DeleteUserOptions([FromRoute] long id)
|
|
{
|
|
|
|
if (!serverState.IsOpen)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return BadRequest(new ApiErrorResponse(ModelState));
|
|
}
|
|
|
|
var dbObj = await ct.UserOptions.SingleOrDefaultAsync(m => m.Id == id);
|
|
if (dbObj == null)
|
|
{
|
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
|
}
|
|
|
|
if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, AyaType.UserOptions, dbObj.OwnerId))
|
|
{
|
|
return StatusCode(401, new ApiNotAuthorizedResponse());
|
|
}
|
|
|
|
//Instantiate the business object handler
|
|
UserOptionsBiz biz = new UserOptionsBiz(ct, UserIdFromContext.Id(HttpContext.Items), UserRolesFromContext.Roles(HttpContext.Items));
|
|
if (!biz.Delete(dbObj))
|
|
{
|
|
return BadRequest(new ApiErrorResponse(biz.Errors));
|
|
}
|
|
|
|
//Log
|
|
EventLogProcessor.DeleteObject(biz.userId, AyaType.UserOptions, dbObj.Id, dbObj.Name, ct);
|
|
|
|
await ct.SaveChangesAsync();
|
|
|
|
//Delete children / attached objects
|
|
biz.DeleteChildren(dbObj);
|
|
|
|
|
|
return NoContent();
|
|
}
|
|
|
|
|
|
|
|
|
|
private bool UserOptionsExists(long id)
|
|
{
|
|
return ct.UserOptions.Any(e => e.Id == id);
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
/// Get route that triggers exception for testing
|
|
/// </summary>
|
|
/// <returns>Nothing, triggers exception</returns>
|
|
[HttpGet("exception")]
|
|
public ActionResult GetException()
|
|
{
|
|
if (!serverState.IsOpen)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.UserOptions))
|
|
{
|
|
return StatusCode(401, new ApiNotAuthorizedResponse());
|
|
}
|
|
|
|
throw new System.NotSupportedException("Test exception from UserOptions controller");
|
|
}
|
|
|
|
/// <summary>
|
|
/// Get route that triggers an alternate type of exception for testing
|
|
/// </summary>
|
|
/// <returns>Nothing, triggers exception</returns>
|
|
[HttpGet("altexception")]
|
|
public ActionResult GetAltException()
|
|
{
|
|
if (!serverState.IsOpen)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
if (!Authorized.IsAuthorizedToReadFullRecord(HttpContext.Items, AyaType.UserOptions))
|
|
{
|
|
return StatusCode(401, new ApiNotAuthorizedResponse());
|
|
}
|
|
|
|
throw new System.ArgumentException("Test exception (ALT) from UserOptions controller");
|
|
}
|
|
|
|
|
|
/// <summary>
|
|
/// Get route that submits a simulated long running operation job for testing
|
|
/// </summary>
|
|
/// <returns>Nothing</returns>
|
|
[HttpGet("TestUserOptionsJob")]
|
|
public ActionResult TestUserOptionsJob()
|
|
{
|
|
if (!serverState.IsOpen)
|
|
{
|
|
return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason));
|
|
}
|
|
|
|
if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.JobOperations))
|
|
{
|
|
return StatusCode(401, new ApiNotAuthorizedResponse());
|
|
}
|
|
|
|
//Create the job here
|
|
OpsJob j = new OpsJob();
|
|
j.Name = "TestUserOptionsJob";
|
|
j.JobType = JobType.TestUserOptionsJob;
|
|
JobsBiz.AddJob(j, ct);
|
|
return Accepted(new { JobId = j.GId });//202 accepted
|
|
}
|
|
|
|
//------------
|
|
|
|
|
|
}//eoc
|
|
}//eons |