Make Controller less magic.

This commit is contained in:
ig 2023-03-20 08:33:44 +01:00
parent 9454fbf878
commit e025b8cd11
6 changed files with 129 additions and 194 deletions

View File

@ -2,95 +2,80 @@ using InnovEnergy.App.Backend.Database;
using InnovEnergy.App.Backend.DataTypes;
using InnovEnergy.App.Backend.DataTypes.Methods;
using InnovEnergy.App.Backend.Relations;
using InnovEnergy.Lib.Utils;
using Microsoft.AspNetCore.Mvc;
using static System.Net.HttpStatusCode;
namespace InnovEnergy.App.Backend.Controllers;
[ApiController]
[Route("api/")]
public class Controller
public class Controller : ControllerBase
{
private static readonly HttpResponseMessage _Unauthorized = new HttpResponseMessage(Unauthorized);
private static readonly HttpResponseMessage _Ok = new HttpResponseMessage(OK);
private static readonly HttpResponseMessage _BadRequest = new HttpResponseMessage(BadRequest);
[Returns<String>]
[Returns(Unauthorized)]
[Returns(BadRequest)]
[HttpPost($"{nameof(Login)}")]
public Object Login(Credentials credentials)
[HttpPost(nameof(Login))]
public ActionResult<Session> Login(Credentials credentials)
{
var session = credentials.Login();
return session is null
? _Unauthorized
: session;
? Unauthorized()
: session;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(Logout)}")]
public Object Logout()
[HttpPost(nameof(Logout))]
public ActionResult Logout()
{
var session = GetSession();
return session.Logout()
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[Returns<User>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetUserById)}")]
public Object GetUserById(Int64 id)
[HttpGet(nameof(GetUserById))]
public ActionResult<User> GetUserById(Int64 id)
{
var caller = GetSession()?.User;
if (caller == null)
return _Unauthorized;
return Unauthorized();
var user = Db.GetUserById(id);
if (user is null || !caller.HasAccessTo(user))
return _Unauthorized;
return Unauthorized();
user.Password = "";
return user;
}
[Returns<Installation>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetInstallationById)}")]
public Object GetInstallationById(Int64 id)
[HttpGet(nameof(GetInstallationById))]
public ActionResult<Installation> GetInstallationById(Int64 id)
{
var user = GetSession()?.User;
if (user == null)
return _Unauthorized;
return Unauthorized();
var installation = Db.GetInstallationById(id);
if (installation is null || !user.HasAccessTo(installation))
return _Unauthorized;
return Unauthorized();
return installation;
}
[Returns<Installation>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetUsersWithAccessToInstallation)}")]
public Object GetUsersWithAccessToInstallation(Int64 id)
[HttpGet(nameof(GetUsersWithAccessToInstallation))]
public ActionResult<IEnumerable<Object>> GetUsersWithAccessToInstallation(Int64 id)
{
var user = GetSession()?.User;
if (user == null)
return _Unauthorized;
return Unauthorized();
var installation = Db.GetInstallationById(id);
if (installation is null || !user.HasAccessTo(installation))
return _Unauthorized;
return Unauthorized();
var directAccess = installation
.UsersWithDirectAccess()
@ -103,128 +88,114 @@ public class Controller
.Select(u => new { folderId = f.Id, user = u }));
return directAccess
.Concat<Object>(inheritedAccess);
.Concat<Object>(inheritedAccess)
.Apply(Ok); // TODO: typing
}
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetUsersWithAccessToFolder)}")]
public Object GetUsersWithAccessToFolder(Int64 id)
[HttpGet(nameof(GetUsersWithAccessToFolder))]
public ActionResult<IEnumerable<Object>> GetUsersWithAccessToFolder(Int64 id)
{
var user = GetSession()?.User;
if (user == null)
return _Unauthorized;
return Unauthorized();
var folder = Db.GetFolderById(id);
if (folder is null || !user.HasAccessTo(folder))
return _Unauthorized;
return Unauthorized();
return folder
.Ancestors()
.Prepend(folder)
.SelectMany(f => f.UsersWithDirectAccess()
.Where(u => u.IsDescendantOf(user))
.Select(u => new { folderId = f.Id, user = u }));
.Select(u => new { folderId = f.Id, user = u }))
.ToList();
}
[Returns<Folder>]
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetFolderById)}")]
public Object GetFolderById(Int64 id)
[HttpGet(nameof(GetFolderById))]
public ActionResult<Folder> GetFolderById(Int64 id)
{
var user = GetSession()?.User;
if (user == null)
return _Unauthorized;
return Unauthorized();
var folder = Db.GetFolderById(id);
if (folder is null || !user.HasAccessTo(folder))
return _Unauthorized;
return Unauthorized();
return folder;
}
[Returns<Installation[]>] // assuming swagger knows about arrays but not lists (JSON)
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetAllInstallations)}/")]
public Object GetAllInstallations()
[HttpGet(nameof(GetAllInstallations))]
public ActionResult<IEnumerable<Installation>> GetAllInstallations()
{
var user = GetSession()?.User;
return user is null
? _Unauthorized
: user.AccessibleInstallations();
}
if (user is null)
return Unauthorized();
[Returns<Folder[]>] // assuming swagger knows about arrays but not lists (JSON)
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetAllFolders)}/")]
public Object GetAllFolders()
{
var user = GetSession()?.User;
return user is null
? _Unauthorized
: user.AccessibleFolders();
}
[Returns<TreeNode[]>] // assuming swagger knows about arrays but not lists (JSON)
[Returns(Unauthorized)]
[HttpGet($"{nameof(GetAllFoldersAndInstallations)}/")]
public Object GetAllFoldersAndInstallations()
{
var user = GetSession()?.User;
return user is null
? _Unauthorized
: user.AccessibleFoldersAndInstallations();
return user.AccessibleInstallations().ToList();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(CreateUser)}/")]
public Object CreateUser(User newUser)
[HttpGet(nameof(GetAllFolders))]
public ActionResult<IEnumerable<Folder>> GetAllFolders()
{
var session = GetSession();
var user = GetSession()?.User;
return session.Create(newUser)
if (user is null)
return Unauthorized();
return new(user.AccessibleFolders());
}
[HttpGet(nameof(GetAllFoldersAndInstallations))]
public ActionResult<IEnumerable<TreeNode>> GetAllFoldersAndInstallations()
{
var user = GetSession()?.User;
if (user is null)
return Unauthorized();
return new (user.AccessibleFoldersAndInstallations());
}
[HttpPost(nameof(CreateUser))]
public ActionResult<User> CreateUser(User newUser)
{
return GetSession().Create(newUser)
? newUser
: _Unauthorized ;
: Unauthorized() ;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(CreateInstallation)}/")]
public Object CreateInstallation(Installation installation)
[HttpPost(nameof(CreateInstallation))]
public async Task<ActionResult<Installation>> CreateInstallation(Installation installation)
{
if (!await GetSession().Create(installation))
return Unauthorized();
return installation;
}
[HttpPost(nameof(CreateFolder))]
public ActionResult<Folder> CreateFolder(Folder folder)
{
var session = GetSession();
return session.Create(installation)
? installation
: _Unauthorized;
if (!session.Create(folder))
return Unauthorized();
return folder;
}
[Returns(OK)]
[Returns(Unauthorized)]
[Returns(InternalServerError)]
[HttpPost($"{nameof(CreateFolder)}/")]
public Object CreateFolder(Folder folder)
{
var session = GetSession();
return session.Create(folder)
? folder
: _Unauthorized;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(GrantUserAccessToFolder)}/")]
public Object GrantUserAccessToFolder(FolderAccess folderAccess)
[HttpPost(nameof(GrantUserAccessToFolder))]
public ActionResult GrantUserAccessToFolder(FolderAccess folderAccess)
{
var session = GetSession();
@ -233,15 +204,13 @@ public class Controller
var user = Db.GetUserById(folderAccess.UserId);
return session.GrantUserAccessTo(user, folder)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
public Object RevokeUserAccessToFolder(FolderAccess folderAccess)
[HttpPost(nameof(RevokeUserAccessToFolder))]
public ActionResult RevokeUserAccessToFolder(FolderAccess folderAccess)
{
var session = GetSession();
@ -250,15 +219,13 @@ public class Controller
var user = Db.GetUserById(folderAccess.UserId);
return session.RevokeUserAccessTo(user, folder)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(GrantUserAccessToInstallation)}/")]
public Object GrantUserAccessToInstallation(InstallationAccess installationAccess)
[HttpPost(nameof(GrantUserAccessToInstallation))]
public ActionResult GrantUserAccessToInstallation(InstallationAccess installationAccess)
{
var session = GetSession();
@ -267,14 +234,12 @@ public class Controller
var user = Db.GetUserById(installationAccess.UserId);
return session.GrantUserAccessTo(user, installation)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")]
public Object RevokeUserAccessToInstallation(InstallationAccess installationAccess)
[HttpPost(nameof(RevokeUserAccessToInstallation))]
public ActionResult RevokeUserAccessToInstallation(InstallationAccess installationAccess)
{
var session = GetSession();
@ -283,88 +248,81 @@ public class Controller
var user = Db.GetUserById(installationAccess.UserId);
return session.RevokeUserAccessTo(user, installation)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPut($"{nameof(UpdateUser)}/")]
public Object UpdateUser(User updatedUser)
[HttpPut(nameof(UpdateUser))]
public ActionResult<User> UpdateUser(User updatedUser)
{
var session = GetSession();
if (!session.Update(updatedUser)) return _Unauthorized;
updatedUser.Password = "";
if (!session.Update(updatedUser))
return Unauthorized();
updatedUser.Password = ""; // TODO: generic sanitize return values
return updatedUser;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPut($"{nameof(UpdateInstallation)}/")]
public Object UpdateInstallation(Installation installation)
[HttpPut(nameof(UpdateInstallation))]
public ActionResult<Installation> UpdateInstallation(Installation installation)
{
var session = GetSession();
return session.Update(installation)
? installation
: _Unauthorized;
if (!session.Update(installation))
return Unauthorized();
return installation;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpPut($"{nameof(UpdateFolder)}/")]
public Object UpdateFolder(Folder folder)
[HttpPut(nameof(UpdateFolder))]
public ActionResult<Folder> UpdateFolder(Folder folder)
{
var session = GetSession();
return session.Update(folder)
? folder
: _Unauthorized;
if (!session.Update(folder))
return Unauthorized();
return folder;
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpDelete($"{nameof(DeleteUser)}/")]
public Object DeleteUser(Int64 userId)
[HttpDelete(nameof(DeleteUser))]
public ActionResult DeleteUser(Int64 userId)
{
var session = GetSession();
var user = Db.GetUserById(userId);
return session.Delete(user)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[Returns(OK)]
[Returns(Unauthorized)]
[HttpDelete($"{nameof(DeleteInstallation)}/")]
public Object DeleteInstallation(Int64 installationId)
[HttpDelete(nameof(DeleteInstallation))]
public ActionResult DeleteInstallation(Int64 installationId)
{
var session = GetSession();
var installation = Db.GetInstallationById(installationId);
return session.Delete(installation)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}
[ProducesResponseType(200)]
[ProducesResponseType(401)]
[HttpDelete($"{nameof(DeleteFolder)}/")]
public Object DeleteFolder(Int64 folderId)
[HttpDelete(nameof(DeleteFolder))]
public ActionResult DeleteFolder(Int64 folderId)
{
var session = GetSession();
var folder = Db.GetFolderById(folderId);
return session.Delete(folder)
? _Ok
: _Unauthorized;
? Ok()
: Unauthorized();
}

View File

@ -1,22 +0,0 @@
using System.Net;
using Microsoft.AspNetCore.Mvc;
namespace InnovEnergy.App.Backend.Controllers;
public class ReturnsAttribute : ProducesResponseTypeAttribute
{
public ReturnsAttribute(HttpStatusCode statusCode) : base((Int32)statusCode)
{
}
}
public class ReturnsAttribute<T> : ProducesResponseTypeAttribute
{
public ReturnsAttribute(HttpStatusCode statusCode) : base(typeof(T), (Int32)statusCode)
{
}
public ReturnsAttribute() : base(typeof(T), (Int32)HttpStatusCode.OK)
{
}
}

View File

@ -80,7 +80,7 @@ public static class FolderMethods
public static Boolean IsRelativeRoot(this Folder folder)
{
return folder.ParentId < 0;
return folder.ParentId < 0; // TODO
}
public static Boolean WasMoved(this Folder folder)

View File

@ -41,7 +41,7 @@ public static class SessionMethods
}
public static Boolean Create(this Session? session, Installation? installation)
public static async Task<Boolean> Create(this Session? session, Installation? installation)
{
var user = session?.User;
@ -51,8 +51,8 @@ public static class SessionMethods
&& user.HasAccessTo(installation.Parent())
&& Db.Create(installation)
&& Db.Create(new InstallationAccess { UserId = user.Id, InstallationId = installation.Id })
&& installation.CreateBucket().Result // TODO: await?
&& installation.RenewS3BucketUrl().Result; // generation of access _after_ generation of
&& await installation.CreateBucket()
&& await installation.RenewS3BucketUrl(); // generation of access _after_ generation of
// bucket to prevent "zombie" access-rights.
}

View File

@ -7,13 +7,11 @@ public static class Program
{
public static void Main(String[] args)
{
Db.CreateFakeRelations();
//Db.CreateFakeRelations();
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddControllers(); // TODO: remove magic, specify controllers explicitly
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddControllers();
builder.Services.AddHttpContextAccessor();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddCors(o => o.AddDefaultPolicy(p => p.WithOrigins("*").AllowAnyHeader().AllowAnyMethod()));
@ -22,6 +20,7 @@ public static class Program
c.SwaggerDoc("v1", new OpenApiInfo { Title = "InnovEnergy Backend API", Version = "v1" });
c.UseAllOfToExtendReferenceSchemas();
c.OperationFilter<HeaderFilter>(); //Todo testing throw me out
c.SupportNonNullableReferenceTypes();
});

Binary file not shown.