2022-12-16 06:01:23 +00:00
parent 26c2ae5cc9
commit effd96143f
310 changed files with 48715 additions and 0 deletions
--- a/server/Controllers/DataListController.cs
+++ b/server/Controllers/DataListController.cs
@@ -0,0 +1,187 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Routing;
+using Microsoft.Extensions.Logging;
+using Microsoft.AspNetCore.Authorization;
+using Sockeye.Models;
+using Sockeye.Api.ControllerHelpers;
+using Sockeye.Biz;
+using Sockeye.DataList;
+using System.Threading.Tasks;
+using System.Linq;
+using EnumsNET;
+using Microsoft.EntityFrameworkCore;
+
+namespace Sockeye.Api.Controllers
+{
+
+    [ApiController]
+    [ApiVersion("8.0")]
+    [Route("api/v{version:apiVersion}/data-list")]
+    [Produces("application/json")]
+    [Authorize]
+    public class DataListController : ControllerBase
+    {
+        private readonly AyContext ct;
+        private readonly ILogger<DataListController> log;
+        private readonly ApiServerState serverState;
+
+
+
+        /// <summary>
+        /// ctor
+        /// </summary>
+        /// <param name="dbcontext"></param>
+        /// <param name="logger"></param>
+        /// <param name="apiServerState"></param>
+        public DataListController(AyContext dbcontext, ILogger<DataListController> logger, ApiServerState apiServerState)
+        {
+            ct = dbcontext;
+            log = logger;
+            serverState = apiServerState;
+        }
+
+
+        /// <summary>
+        ///  Get list of data for selection / viewing
+        /// 
+        /// Authorization varies list by list, will return 403 - Not Authorized if user has insufficient role
+        /// 
+        /// </summary>
+        /// <param name="tableRequest">List key, Paging, filtering and sorting options</param>
+        /// <returns>Collection with paging data</returns>
+        // [HttpPost("List", Name = nameof(List))]
+        [HttpPost]
+        public async Task<IActionResult> List([FromBody] DataListTableRequest tableRequest)
+        {
+            var UserId = UserIdFromContext.Id(HttpContext.Items);
+            if (!serverState.IsOpen && UserId != 1)//bypass for superuser to view list of Users to fix license issues
+                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+            if (!ModelState.IsValid)
+                return BadRequest(new ApiErrorResponse(ModelState));
+
+            if (tableRequest.Limit == null || tableRequest.Limit < 1)
+            {
+                tableRequest.Limit = DataListTableProcessingOptions.DefaultLimit;
+            }
+            if (tableRequest.Offset == null)
+            {
+                tableRequest.Offset = 0;
+            }
+
+
+            var UserRoles = UserRolesFromContext.Roles(HttpContext.Items);
+
+            var UType = UserTypeFromContext.Type(HttpContext.Items);
+
+            try
+            {
+
+                DataListColumnViewBiz viewbiz = DataListColumnViewBiz.GetBiz(ct, HttpContext);
+                var SavedView = await viewbiz.GetAsync(UserId, tableRequest.DataListKey, true);
+
+                DataListSavedFilter SavedFilter = null;
+                if (tableRequest.FilterId != 0)
+                {
+                    DataListSavedFilterBiz filterbiz = DataListSavedFilterBiz.GetBiz(ct, HttpContext);
+                    SavedFilter = await filterbiz.GetAsync(tableRequest.FilterId);
+                }
+                var DataList = DataListFactory.GetAyaDataList(tableRequest.DataListKey, UserTranslationIdFromContext.Id(HttpContext.Items));
+                if (DataList == null)
+                    return BadRequest(new ApiErrorResponse(ApiErrorCode.NOT_FOUND, "DataListKey", $"DataList \"{tableRequest.DataListKey}\" specified does not exist"));
+
+
+
+                //check rights
+                if (!UserRoles.HasAnyFlags(DataList.AllowedRoles))
+                    return StatusCode(403, new ApiNotAuthorizedResponse());
+
+                //IF user is a customer type check if they are allowed to view this datalist
+                //and build the data list internal 'client' criteria
+                if (UType == UserType.Customer || UType == UserType.HeadOffice)
+                    if (!await HandleCustomerTypeUserDataListRequest(UserId, tableRequest))
+                        return StatusCode(403, new ApiNotAuthorizedResponse());
+
+                //hydrate the saved view and filter
+                DataListTableProcessingOptions dataListTableOptions = new DataListTableProcessingOptions(tableRequest, DataList, SavedView, SavedFilter, UserId, UserRoles);
+                DataListReturnData r = await DataListFetcher.GetResponseAsync(ct, dataListTableOptions, DataList, UserRoles, log, UserId);
+                return Ok(r);
+            }
+            catch (System.UnauthorizedAccessException)
+            {
+                return StatusCode(403, new ApiNotAuthorizedResponse());
+            }
+            catch (System.ArgumentOutOfRangeException e)
+            {
+                return BadRequest(new ApiErrorResponse(ApiErrorCode.NOT_FOUND, null, e.Message));
+
+            }
+        }
+
+        private async Task<bool> HandleCustomerTypeUserDataListRequest(long currentUserId, DataListTableRequest tableRequest)
+        {
+            await Task.CompletedTask;
+            return false;
+            // //Is this list allowed for a customer user and also enabled in global settings
+            // switch (tableRequest.DataListKey)
+            // {
+               
+            //     default:
+            //         return false;
+            // }
+
+            // //Build client criteria if user is of correct type
+            // var UserInfo = await ct.User.AsNoTracking().Where(x => x.Id == currentUserId).Select(x => new { x.UserType, x.CustomerId, x.HeadOfficeId }).SingleOrDefaultAsync();
+            // switch (UserInfo.UserType)
+            // {
+            //     case UserType.Customer:
+            //         if (UserInfo.CustomerId == null || UserInfo.CustomerId == 0) return false;
+            //         tableRequest.ClientCriteria = $"{UserInfo.CustomerId},{(int)SockType.Customer}";
+            //         break;
+            //     case UserType.HeadOffice:
+            //         if (UserInfo.HeadOfficeId == null || UserInfo.HeadOfficeId == 0) return false;
+            //         tableRequest.ClientCriteria = $"{UserInfo.HeadOfficeId},{(int)SockType.HeadOffice}";
+            //         break;
+            //     default://other user type
+            //         return false;
+            // }
+            // return true;
+        }
+
+        /// <summary>
+        /// List of all DataList keys available
+        /// </summary>        
+        /// <returns>List of strings</returns>
+        [HttpGet("listkeys")]
+        public ActionResult GetDataListKeys()
+        {
+            //NOTE: not used by Sockeye Client, convenience method for developers api usage
+            if (!serverState.IsOpen)
+                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+
+            return Ok(ApiOkResponse.Response(DataListFactory.GetListOfAllDataListKeyNames()));
+        }
+
+
+        /// <summary>
+        /// List of all fields for data list key specified
+        /// </summary>        
+        /// <returns>List of DataListFieldDefinition</returns>
+        [HttpGet("listfields")]
+        public ActionResult GetDataListFields([FromQuery] string DataListKey)
+        {
+            if (!serverState.IsOpen && UserIdFromContext.Id(HttpContext.Items) != 1)//bypass for superuser to fix fundamental problems
+                return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
+
+            var DataList = DataListFactory.GetAyaDataList(DataListKey, UserTranslationIdFromContext.Id(HttpContext.Items));
+            //was the name not found as a list?
+            if (DataList == null)
+            {
+                return BadRequest(new ApiErrorResponse(ApiErrorCode.NOT_FOUND, null, $"DataList \"{DataListKey}\" specified does not exist"));
+            }
+
+            var ExternalOnly = DataList.FieldDefinitions.Where(z => z.IsMeta == false);
+            return Ok(ApiOkResponse.Response(ExternalOnly));
+        }
+
+    }//eoc
+}//ens