Make Controller less magic.
This commit is contained in:
parent
9454fbf878
commit
e025b8cd11
|
@ -2,95 +2,80 @@ using InnovEnergy.App.Backend.Database;
|
|||
using InnovEnergy.App.Backend.DataTypes;
|
||||
using InnovEnergy.App.Backend.DataTypes.Methods;
|
||||
using InnovEnergy.App.Backend.Relations;
|
||||
using InnovEnergy.Lib.Utils;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using static System.Net.HttpStatusCode;
|
||||
|
||||
namespace InnovEnergy.App.Backend.Controllers;
|
||||
|
||||
[ApiController]
|
||||
[Route("api/")]
|
||||
public class Controller
|
||||
public class Controller : ControllerBase
|
||||
{
|
||||
private static readonly HttpResponseMessage _Unauthorized = new HttpResponseMessage(Unauthorized);
|
||||
private static readonly HttpResponseMessage _Ok = new HttpResponseMessage(OK);
|
||||
private static readonly HttpResponseMessage _BadRequest = new HttpResponseMessage(BadRequest);
|
||||
|
||||
[Returns<String>]
|
||||
[Returns(Unauthorized)]
|
||||
[Returns(BadRequest)]
|
||||
[HttpPost($"{nameof(Login)}")]
|
||||
public Object Login(Credentials credentials)
|
||||
[HttpPost(nameof(Login))]
|
||||
public ActionResult<Session> Login(Credentials credentials)
|
||||
{
|
||||
var session = credentials.Login();
|
||||
|
||||
return session is null
|
||||
? _Unauthorized
|
||||
: session;
|
||||
? Unauthorized()
|
||||
: session;
|
||||
}
|
||||
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPost($"{nameof(Logout)}")]
|
||||
public Object Logout()
|
||||
[HttpPost(nameof(Logout))]
|
||||
public ActionResult Logout()
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
return session.Logout()
|
||||
? _Ok
|
||||
: _Unauthorized;
|
||||
? Ok()
|
||||
: Unauthorized();
|
||||
}
|
||||
|
||||
|
||||
[Returns<User>]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpGet($"{nameof(GetUserById)}")]
|
||||
public Object GetUserById(Int64 id)
|
||||
[HttpGet(nameof(GetUserById))]
|
||||
public ActionResult<User> GetUserById(Int64 id)
|
||||
{
|
||||
var caller = GetSession()?.User;
|
||||
if (caller == null)
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
var user = Db.GetUserById(id);
|
||||
|
||||
if (user is null || !caller.HasAccessTo(user))
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
user.Password = "";
|
||||
return user;
|
||||
}
|
||||
|
||||
|
||||
[Returns<Installation>]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpGet($"{nameof(GetInstallationById)}")]
|
||||
public Object GetInstallationById(Int64 id)
|
||||
[HttpGet(nameof(GetInstallationById))]
|
||||
public ActionResult<Installation> GetInstallationById(Int64 id)
|
||||
{
|
||||
var user = GetSession()?.User;
|
||||
if (user == null)
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
var installation = Db.GetInstallationById(id);
|
||||
|
||||
if (installation is null || !user.HasAccessTo(installation))
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
return installation;
|
||||
}
|
||||
|
||||
[Returns<Installation>]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpGet($"{nameof(GetUsersWithAccessToInstallation)}")]
|
||||
public Object GetUsersWithAccessToInstallation(Int64 id)
|
||||
[HttpGet(nameof(GetUsersWithAccessToInstallation))]
|
||||
public ActionResult<IEnumerable<Object>> GetUsersWithAccessToInstallation(Int64 id)
|
||||
{
|
||||
var user = GetSession()?.User;
|
||||
if (user == null)
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
var installation = Db.GetInstallationById(id);
|
||||
|
||||
if (installation is null || !user.HasAccessTo(installation))
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
var directAccess = installation
|
||||
.UsersWithDirectAccess()
|
||||
|
@ -103,128 +88,114 @@ public class Controller
|
|||
.Select(u => new { folderId = f.Id, user = u }));
|
||||
|
||||
return directAccess
|
||||
.Concat<Object>(inheritedAccess);
|
||||
.Concat<Object>(inheritedAccess)
|
||||
.Apply(Ok); // TODO: typing
|
||||
}
|
||||
|
||||
[Returns(Unauthorized)]
|
||||
[HttpGet($"{nameof(GetUsersWithAccessToFolder)}")]
|
||||
public Object GetUsersWithAccessToFolder(Int64 id)
|
||||
[HttpGet(nameof(GetUsersWithAccessToFolder))]
|
||||
public ActionResult<IEnumerable<Object>> GetUsersWithAccessToFolder(Int64 id)
|
||||
{
|
||||
var user = GetSession()?.User;
|
||||
if (user == null)
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
var folder = Db.GetFolderById(id);
|
||||
|
||||
if (folder is null || !user.HasAccessTo(folder))
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
return folder
|
||||
.Ancestors()
|
||||
.Prepend(folder)
|
||||
.SelectMany(f => f.UsersWithDirectAccess()
|
||||
.Where(u => u.IsDescendantOf(user))
|
||||
.Select(u => new { folderId = f.Id, user = u }));
|
||||
.Select(u => new { folderId = f.Id, user = u }))
|
||||
.ToList();
|
||||
}
|
||||
|
||||
[Returns<Folder>]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpGet($"{nameof(GetFolderById)}")]
|
||||
public Object GetFolderById(Int64 id)
|
||||
[HttpGet(nameof(GetFolderById))]
|
||||
public ActionResult<Folder> GetFolderById(Int64 id)
|
||||
{
|
||||
var user = GetSession()?.User;
|
||||
if (user == null)
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
var folder = Db.GetFolderById(id);
|
||||
|
||||
if (folder is null || !user.HasAccessTo(folder))
|
||||
return _Unauthorized;
|
||||
return Unauthorized();
|
||||
|
||||
return folder;
|
||||
}
|
||||
|
||||
|
||||
[Returns<Installation[]>] // assuming swagger knows about arrays but not lists (JSON)
|
||||
[Returns(Unauthorized)]
|
||||
[HttpGet($"{nameof(GetAllInstallations)}/")]
|
||||
public Object GetAllInstallations()
|
||||
[HttpGet(nameof(GetAllInstallations))]
|
||||
public ActionResult<IEnumerable<Installation>> GetAllInstallations()
|
||||
{
|
||||
var user = GetSession()?.User;
|
||||
|
||||
return user is null
|
||||
? _Unauthorized
|
||||
: user.AccessibleInstallations();
|
||||
}
|
||||
if (user is null)
|
||||
return Unauthorized();
|
||||
|
||||
|
||||
[Returns<Folder[]>] // assuming swagger knows about arrays but not lists (JSON)
|
||||
[Returns(Unauthorized)]
|
||||
[HttpGet($"{nameof(GetAllFolders)}/")]
|
||||
public Object GetAllFolders()
|
||||
{
|
||||
var user = GetSession()?.User;
|
||||
|
||||
return user is null
|
||||
? _Unauthorized
|
||||
: user.AccessibleFolders();
|
||||
}
|
||||
|
||||
[Returns<TreeNode[]>] // assuming swagger knows about arrays but not lists (JSON)
|
||||
[Returns(Unauthorized)]
|
||||
[HttpGet($"{nameof(GetAllFoldersAndInstallations)}/")]
|
||||
public Object GetAllFoldersAndInstallations()
|
||||
{
|
||||
var user = GetSession()?.User;
|
||||
|
||||
return user is null
|
||||
? _Unauthorized
|
||||
: user.AccessibleFoldersAndInstallations();
|
||||
return user.AccessibleInstallations().ToList();
|
||||
}
|
||||
|
||||
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPost($"{nameof(CreateUser)}/")]
|
||||
public Object CreateUser(User newUser)
|
||||
[HttpGet(nameof(GetAllFolders))]
|
||||
public ActionResult<IEnumerable<Folder>> GetAllFolders()
|
||||
{
|
||||
var session = GetSession();
|
||||
var user = GetSession()?.User;
|
||||
|
||||
return session.Create(newUser)
|
||||
if (user is null)
|
||||
return Unauthorized();
|
||||
|
||||
return new(user.AccessibleFolders());
|
||||
}
|
||||
|
||||
|
||||
[HttpGet(nameof(GetAllFoldersAndInstallations))]
|
||||
public ActionResult<IEnumerable<TreeNode>> GetAllFoldersAndInstallations()
|
||||
{
|
||||
var user = GetSession()?.User;
|
||||
|
||||
if (user is null)
|
||||
return Unauthorized();
|
||||
|
||||
return new (user.AccessibleFoldersAndInstallations());
|
||||
}
|
||||
|
||||
|
||||
[HttpPost(nameof(CreateUser))]
|
||||
public ActionResult<User> CreateUser(User newUser)
|
||||
{
|
||||
return GetSession().Create(newUser)
|
||||
? newUser
|
||||
: _Unauthorized ;
|
||||
: Unauthorized() ;
|
||||
}
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPost($"{nameof(CreateInstallation)}/")]
|
||||
public Object CreateInstallation(Installation installation)
|
||||
[HttpPost(nameof(CreateInstallation))]
|
||||
public async Task<ActionResult<Installation>> CreateInstallation(Installation installation)
|
||||
{
|
||||
if (!await GetSession().Create(installation))
|
||||
return Unauthorized();
|
||||
|
||||
return installation;
|
||||
}
|
||||
|
||||
[HttpPost(nameof(CreateFolder))]
|
||||
public ActionResult<Folder> CreateFolder(Folder folder)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
return session.Create(installation)
|
||||
? installation
|
||||
: _Unauthorized;
|
||||
if (!session.Create(folder))
|
||||
return Unauthorized();
|
||||
|
||||
return folder;
|
||||
}
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[Returns(InternalServerError)]
|
||||
[HttpPost($"{nameof(CreateFolder)}/")]
|
||||
public Object CreateFolder(Folder folder)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
return session.Create(folder)
|
||||
? folder
|
||||
: _Unauthorized;
|
||||
}
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPost($"{nameof(GrantUserAccessToFolder)}/")]
|
||||
public Object GrantUserAccessToFolder(FolderAccess folderAccess)
|
||||
[HttpPost(nameof(GrantUserAccessToFolder))]
|
||||
public ActionResult GrantUserAccessToFolder(FolderAccess folderAccess)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
|
@ -233,15 +204,13 @@ public class Controller
|
|||
var user = Db.GetUserById(folderAccess.UserId);
|
||||
|
||||
return session.GrantUserAccessTo(user, folder)
|
||||
? _Ok
|
||||
: _Unauthorized;
|
||||
? Ok()
|
||||
: Unauthorized();
|
||||
}
|
||||
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
|
||||
public Object RevokeUserAccessToFolder(FolderAccess folderAccess)
|
||||
[HttpPost(nameof(RevokeUserAccessToFolder))]
|
||||
public ActionResult RevokeUserAccessToFolder(FolderAccess folderAccess)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
|
@ -250,15 +219,13 @@ public class Controller
|
|||
var user = Db.GetUserById(folderAccess.UserId);
|
||||
|
||||
return session.RevokeUserAccessTo(user, folder)
|
||||
? _Ok
|
||||
: _Unauthorized;
|
||||
? Ok()
|
||||
: Unauthorized();
|
||||
}
|
||||
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPost($"{nameof(GrantUserAccessToInstallation)}/")]
|
||||
public Object GrantUserAccessToInstallation(InstallationAccess installationAccess)
|
||||
[HttpPost(nameof(GrantUserAccessToInstallation))]
|
||||
public ActionResult GrantUserAccessToInstallation(InstallationAccess installationAccess)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
|
@ -267,14 +234,12 @@ public class Controller
|
|||
var user = Db.GetUserById(installationAccess.UserId);
|
||||
|
||||
return session.GrantUserAccessTo(user, installation)
|
||||
? _Ok
|
||||
: _Unauthorized;
|
||||
? Ok()
|
||||
: Unauthorized();
|
||||
}
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")]
|
||||
public Object RevokeUserAccessToInstallation(InstallationAccess installationAccess)
|
||||
[HttpPost(nameof(RevokeUserAccessToInstallation))]
|
||||
public ActionResult RevokeUserAccessToInstallation(InstallationAccess installationAccess)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
|
@ -283,88 +248,81 @@ public class Controller
|
|||
var user = Db.GetUserById(installationAccess.UserId);
|
||||
|
||||
return session.RevokeUserAccessTo(user, installation)
|
||||
? _Ok
|
||||
: _Unauthorized;
|
||||
? Ok()
|
||||
: Unauthorized();
|
||||
}
|
||||
|
||||
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPut($"{nameof(UpdateUser)}/")]
|
||||
public Object UpdateUser(User updatedUser)
|
||||
[HttpPut(nameof(UpdateUser))]
|
||||
public ActionResult<User> UpdateUser(User updatedUser)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
if (!session.Update(updatedUser)) return _Unauthorized;
|
||||
updatedUser.Password = "";
|
||||
if (!session.Update(updatedUser))
|
||||
return Unauthorized();
|
||||
|
||||
updatedUser.Password = ""; // TODO: generic sanitize return values
|
||||
|
||||
return updatedUser;
|
||||
}
|
||||
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPut($"{nameof(UpdateInstallation)}/")]
|
||||
public Object UpdateInstallation(Installation installation)
|
||||
[HttpPut(nameof(UpdateInstallation))]
|
||||
public ActionResult<Installation> UpdateInstallation(Installation installation)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
return session.Update(installation)
|
||||
? installation
|
||||
: _Unauthorized;
|
||||
if (!session.Update(installation))
|
||||
return Unauthorized();
|
||||
|
||||
return installation;
|
||||
}
|
||||
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpPut($"{nameof(UpdateFolder)}/")]
|
||||
public Object UpdateFolder(Folder folder)
|
||||
[HttpPut(nameof(UpdateFolder))]
|
||||
public ActionResult<Folder> UpdateFolder(Folder folder)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
return session.Update(folder)
|
||||
? folder
|
||||
: _Unauthorized;
|
||||
if (!session.Update(folder))
|
||||
return Unauthorized();
|
||||
|
||||
return folder;
|
||||
}
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpDelete($"{nameof(DeleteUser)}/")]
|
||||
public Object DeleteUser(Int64 userId)
|
||||
[HttpDelete(nameof(DeleteUser))]
|
||||
public ActionResult DeleteUser(Int64 userId)
|
||||
{
|
||||
var session = GetSession();
|
||||
var user = Db.GetUserById(userId);
|
||||
|
||||
return session.Delete(user)
|
||||
? _Ok
|
||||
: _Unauthorized;
|
||||
? Ok()
|
||||
: Unauthorized();
|
||||
}
|
||||
|
||||
[Returns(OK)]
|
||||
[Returns(Unauthorized)]
|
||||
[HttpDelete($"{nameof(DeleteInstallation)}/")]
|
||||
public Object DeleteInstallation(Int64 installationId)
|
||||
[HttpDelete(nameof(DeleteInstallation))]
|
||||
public ActionResult DeleteInstallation(Int64 installationId)
|
||||
{
|
||||
var session = GetSession();
|
||||
var installation = Db.GetInstallationById(installationId);
|
||||
|
||||
return session.Delete(installation)
|
||||
? _Ok
|
||||
: _Unauthorized;
|
||||
? Ok()
|
||||
: Unauthorized();
|
||||
}
|
||||
|
||||
[ProducesResponseType(200)]
|
||||
[ProducesResponseType(401)]
|
||||
[HttpDelete($"{nameof(DeleteFolder)}/")]
|
||||
public Object DeleteFolder(Int64 folderId)
|
||||
[HttpDelete(nameof(DeleteFolder))]
|
||||
public ActionResult DeleteFolder(Int64 folderId)
|
||||
{
|
||||
var session = GetSession();
|
||||
|
||||
var folder = Db.GetFolderById(folderId);
|
||||
|
||||
return session.Delete(folder)
|
||||
? _Ok
|
||||
: _Unauthorized;
|
||||
? Ok()
|
||||
: Unauthorized();
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -1,22 +0,0 @@
|
|||
using System.Net;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
namespace InnovEnergy.App.Backend.Controllers;
|
||||
|
||||
public class ReturnsAttribute : ProducesResponseTypeAttribute
|
||||
{
|
||||
public ReturnsAttribute(HttpStatusCode statusCode) : base((Int32)statusCode)
|
||||
{
|
||||
}
|
||||
}
|
||||
|
||||
public class ReturnsAttribute<T> : ProducesResponseTypeAttribute
|
||||
{
|
||||
public ReturnsAttribute(HttpStatusCode statusCode) : base(typeof(T), (Int32)statusCode)
|
||||
{
|
||||
}
|
||||
|
||||
public ReturnsAttribute() : base(typeof(T), (Int32)HttpStatusCode.OK)
|
||||
{
|
||||
}
|
||||
}
|
|
@ -80,7 +80,7 @@ public static class FolderMethods
|
|||
|
||||
public static Boolean IsRelativeRoot(this Folder folder)
|
||||
{
|
||||
return folder.ParentId < 0;
|
||||
return folder.ParentId < 0; // TODO
|
||||
}
|
||||
|
||||
public static Boolean WasMoved(this Folder folder)
|
||||
|
|
|
@ -41,7 +41,7 @@ public static class SessionMethods
|
|||
}
|
||||
|
||||
|
||||
public static Boolean Create(this Session? session, Installation? installation)
|
||||
public static async Task<Boolean> Create(this Session? session, Installation? installation)
|
||||
{
|
||||
var user = session?.User;
|
||||
|
||||
|
@ -51,8 +51,8 @@ public static class SessionMethods
|
|||
&& user.HasAccessTo(installation.Parent())
|
||||
&& Db.Create(installation)
|
||||
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id })
|
||||
&& installation.CreateBucket().Result // TODO: await?
|
||||
&& installation.RenewS3BucketUrl().Result; // generation of access _after_ generation of
|
||||
&& await installation.CreateBucket()
|
||||
&& await installation.RenewS3BucketUrl(); // generation of access _after_ generation of
|
||||
// bucket to prevent "zombie" access-rights.
|
||||
}
|
||||
|
||||
|
|
|
@ -7,13 +7,11 @@ public static class Program
|
|||
{
|
||||
public static void Main(String[] args)
|
||||
{
|
||||
Db.CreateFakeRelations();
|
||||
//Db.CreateFakeRelations();
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
builder.Services.AddControllers(); // TODO: remove magic, specify controllers explicitly
|
||||
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
|
||||
|
||||
builder.Services.AddControllers();
|
||||
builder.Services.AddHttpContextAccessor();
|
||||
builder.Services.AddEndpointsApiExplorer();
|
||||
builder.Services.AddCors(o => o.AddDefaultPolicy(p => p.WithOrigins("*").AllowAnyHeader().AllowAnyMethod()));
|
||||
|
@ -22,6 +20,7 @@ public static class Program
|
|||
c.SwaggerDoc("v1", new OpenApiInfo { Title = "InnovEnergy Backend API", Version = "v1" });
|
||||
c.UseAllOfToExtendReferenceSchemas();
|
||||
c.OperationFilter<HeaderFilter>(); //Todo testing throw me out
|
||||
c.SupportNonNullableReferenceTypes();
|
||||
});
|
||||
|
||||
|
||||
|
|
Binary file not shown.
Loading…
Reference in New Issue