380 lines
10 KiB
C#
380 lines
10 KiB
C#
using InnovEnergy.App.Backend.Database;
|
|
using InnovEnergy.App.Backend.DataTypes;
|
|
using InnovEnergy.App.Backend.DataTypes.Methods;
|
|
using InnovEnergy.App.Backend.Relations;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using static System.Net.HttpStatusCode;
|
|
|
|
namespace InnovEnergy.App.Backend.Controllers;
|
|
|
|
[ApiController]
|
|
[Route("api/")]
|
|
public class Controller
|
|
{
|
|
private static readonly HttpResponseMessage _Unauthorized = new HttpResponseMessage(Unauthorized);
|
|
private static readonly HttpResponseMessage _Ok = new HttpResponseMessage(OK);
|
|
private static readonly HttpResponseMessage _BadRequest = new HttpResponseMessage(BadRequest);
|
|
|
|
[Returns<String>]
|
|
[Returns(Unauthorized)]
|
|
[Returns(BadRequest)]
|
|
[HttpPost($"{nameof(Login)}")]
|
|
public Object Login(Credentials credentials)
|
|
{
|
|
var session = credentials.Login();
|
|
|
|
return session is null
|
|
? _Unauthorized
|
|
: session;
|
|
}
|
|
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPost($"{nameof(Logout)}")]
|
|
public Object Logout()
|
|
{
|
|
var session = GetSession();
|
|
|
|
return session.Logout()
|
|
? _Ok
|
|
: _Unauthorized;
|
|
}
|
|
|
|
|
|
[Returns<User>]
|
|
[Returns(Unauthorized)]
|
|
[HttpGet($"{nameof(GetUserById)}")]
|
|
public Object GetUserById(Int64 id)
|
|
{
|
|
var caller = GetSession()?.User;
|
|
if (caller == null)
|
|
return _Unauthorized;
|
|
|
|
var user = Db.GetUserById(id);
|
|
|
|
if (user is null || !caller.HasAccessTo(user))
|
|
return _Unauthorized;
|
|
|
|
user.Password = "";
|
|
return user;
|
|
}
|
|
|
|
|
|
[Returns<Installation>]
|
|
[Returns(Unauthorized)]
|
|
[HttpGet($"{nameof(GetInstallationById)}")]
|
|
public Object GetInstallationById(Int64 id)
|
|
{
|
|
var user = GetSession()?.User;
|
|
if (user == null)
|
|
return _Unauthorized;
|
|
|
|
var installation = Db.GetInstallationById(id);
|
|
|
|
if (installation is null || !user.HasAccessTo(installation))
|
|
return _Unauthorized;
|
|
|
|
return installation;
|
|
}
|
|
|
|
[Returns<Installation>]
|
|
[Returns(Unauthorized)]
|
|
[HttpGet($"{nameof(GetUsersWithAccessToInstallation)}")]
|
|
public Object GetUsersWithAccessToInstallation(Int64 id)
|
|
{
|
|
var user = GetSession()?.User;
|
|
if (user == null)
|
|
return _Unauthorized;
|
|
|
|
var installation = Db.GetInstallationById(id);
|
|
|
|
if (installation is null || !user.HasAccessTo(installation))
|
|
return _Unauthorized;
|
|
|
|
var directAccess = installation
|
|
.UsersWithDirectAccess()
|
|
.Where(u => u.IsDescendantOf(user));
|
|
|
|
var inheritedAccess = installation
|
|
.Ancestors()
|
|
.SelectMany(f => f.UsersWithDirectAccess()
|
|
.Where(u => u.IsDescendantOf(user))
|
|
.Select(u => new { folderId = f.Id, user = u }));
|
|
|
|
return directAccess
|
|
.Concat<Object>(inheritedAccess);
|
|
}
|
|
|
|
[Returns(Unauthorized)]
|
|
[HttpGet($"{nameof(GetUsersWithAccessToFolder)}")]
|
|
public Object GetUsersWithAccessToFolder(Int64 id)
|
|
{
|
|
var user = GetSession()?.User;
|
|
if (user == null)
|
|
return _Unauthorized;
|
|
|
|
var folder = Db.GetFolderById(id);
|
|
|
|
if (folder is null || !user.HasAccessTo(folder))
|
|
return _Unauthorized;
|
|
|
|
return folder
|
|
.Ancestors()
|
|
.Prepend(folder)
|
|
.SelectMany(f => f.UsersWithDirectAccess()
|
|
.Where(u => u.IsDescendantOf(user))
|
|
.Select(u => new { folderId = f.Id, user = u }));
|
|
}
|
|
|
|
[Returns<Folder>]
|
|
[Returns(Unauthorized)]
|
|
[HttpGet($"{nameof(GetFolderById)}")]
|
|
public Object GetFolderById(Int64 id)
|
|
{
|
|
var user = GetSession()?.User;
|
|
if (user == null)
|
|
return _Unauthorized;
|
|
|
|
var folder = Db.GetFolderById(id);
|
|
|
|
if (folder is null || !user.HasAccessTo(folder))
|
|
return _Unauthorized;
|
|
|
|
return folder;
|
|
}
|
|
|
|
|
|
[Returns<Installation[]>] // assuming swagger knows about arrays but not lists (JSON)
|
|
[Returns(Unauthorized)]
|
|
[HttpGet($"{nameof(GetAllInstallations)}/")]
|
|
public Object GetAllInstallations()
|
|
{
|
|
var user = GetSession()?.User;
|
|
|
|
return user is null
|
|
? _Unauthorized
|
|
: user.AccessibleInstallations();
|
|
}
|
|
|
|
|
|
[Returns<Folder[]>] // assuming swagger knows about arrays but not lists (JSON)
|
|
[Returns(Unauthorized)]
|
|
[HttpGet($"{nameof(GetAllFolders)}/")]
|
|
public Object GetAllFolders()
|
|
{
|
|
var user = GetSession()?.User;
|
|
|
|
return user is null
|
|
? _Unauthorized
|
|
: user.AccessibleFolders();
|
|
}
|
|
|
|
[Returns<TreeNode[]>] // assuming swagger knows about arrays but not lists (JSON)
|
|
[Returns(Unauthorized)]
|
|
[HttpGet($"{nameof(GetAllFoldersAndInstallations)}/")]
|
|
public Object GetAllFoldersAndInstallations()
|
|
{
|
|
var user = GetSession()?.User;
|
|
|
|
return user is null
|
|
? _Unauthorized
|
|
: user.AccessibleFoldersAndInstallations();
|
|
}
|
|
|
|
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPost($"{nameof(CreateUser)}/")]
|
|
public Object CreateUser(User newUser)
|
|
{
|
|
var session = GetSession();
|
|
|
|
return session.Create(newUser)
|
|
? newUser
|
|
: _Unauthorized ;
|
|
}
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPost($"{nameof(CreateInstallation)}/")]
|
|
public Object CreateInstallation(Installation installation)
|
|
{
|
|
var session = GetSession();
|
|
|
|
return session.Create(installation)
|
|
? installation
|
|
: _Unauthorized;
|
|
}
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[Returns(InternalServerError)]
|
|
[HttpPost($"{nameof(CreateFolder)}/")]
|
|
public Object CreateFolder(Folder folder)
|
|
{
|
|
var session = GetSession();
|
|
|
|
return session.Create(folder)
|
|
? folder
|
|
: _Unauthorized;
|
|
}
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPost($"{nameof(GrantUserAccessToFolder)}/")]
|
|
public Object GrantUserAccessToFolder(FolderAccess folderAccess)
|
|
{
|
|
var session = GetSession();
|
|
|
|
// TODO: automatic BadRequest when properties are null during deserialization
|
|
var folder = Db.GetFolderById(folderAccess.FolderId);
|
|
var user = Db.GetUserById(folderAccess.UserId);
|
|
|
|
return session.GrantUserAccessTo(user, folder)
|
|
? _Ok
|
|
: _Unauthorized;
|
|
}
|
|
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPost($"{nameof(RevokeUserAccessToFolder)}/")]
|
|
public Object RevokeUserAccessToFolder(FolderAccess folderAccess)
|
|
{
|
|
var session = GetSession();
|
|
|
|
// TODO: automatic BadRequest when properties are null during deserialization
|
|
var folder = Db.GetFolderById(folderAccess.FolderId);
|
|
var user = Db.GetUserById(folderAccess.UserId);
|
|
|
|
return session.RevokeUserAccessTo(user, folder)
|
|
? _Ok
|
|
: _Unauthorized;
|
|
}
|
|
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPost($"{nameof(GrantUserAccessToInstallation)}/")]
|
|
public Object GrantUserAccessToInstallation(InstallationAccess installationAccess)
|
|
{
|
|
var session = GetSession();
|
|
|
|
// TODO: automatic BadRequest when properties are null during deserialization
|
|
var installation = Db.GetFolderById(installationAccess.InstallationId);
|
|
var user = Db.GetUserById(installationAccess.UserId);
|
|
|
|
return session.GrantUserAccessTo(user, installation)
|
|
? _Ok
|
|
: _Unauthorized;
|
|
}
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPost($"{nameof(RevokeUserAccessToInstallation)}/")]
|
|
public Object RevokeUserAccessToInstallation(InstallationAccess installationAccess)
|
|
{
|
|
var session = GetSession();
|
|
|
|
// TODO: automatic BadRequest when properties are null during deserialization
|
|
var installation = Db.GetFolderById(installationAccess.InstallationId);
|
|
var user = Db.GetUserById(installationAccess.UserId);
|
|
|
|
return session.RevokeUserAccessTo(user, installation)
|
|
? _Ok
|
|
: _Unauthorized;
|
|
}
|
|
|
|
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPut($"{nameof(UpdateUser)}/")]
|
|
public Object UpdateUser(User updatedUser)
|
|
{
|
|
var session = GetSession();
|
|
|
|
if (!session.Update(updatedUser)) return _Unauthorized;
|
|
updatedUser.Password = "";
|
|
return updatedUser;
|
|
}
|
|
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPut($"{nameof(UpdateInstallation)}/")]
|
|
public Object UpdateInstallation(Installation installation)
|
|
{
|
|
var session = GetSession();
|
|
|
|
return session.Update(installation)
|
|
? installation
|
|
: _Unauthorized;
|
|
}
|
|
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpPut($"{nameof(UpdateFolder)}/")]
|
|
public Object UpdateFolder(Folder folder)
|
|
{
|
|
var session = GetSession();
|
|
|
|
return session.Update(folder)
|
|
? folder
|
|
: _Unauthorized;
|
|
}
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpDelete($"{nameof(DeleteUser)}/")]
|
|
public Object DeleteUser(Int64 userId)
|
|
{
|
|
var session = GetSession();
|
|
var user = Db.GetUserById(userId);
|
|
|
|
return session.Delete(user)
|
|
? _Ok
|
|
: _Unauthorized;
|
|
}
|
|
|
|
[Returns(OK)]
|
|
[Returns(Unauthorized)]
|
|
[HttpDelete($"{nameof(DeleteInstallation)}/")]
|
|
public Object DeleteInstallation(Int64 installationId)
|
|
{
|
|
var session = GetSession();
|
|
var installation = Db.GetInstallationById(installationId);
|
|
|
|
return session.Delete(installation)
|
|
? _Ok
|
|
: _Unauthorized;
|
|
}
|
|
|
|
[ProducesResponseType(200)]
|
|
[ProducesResponseType(401)]
|
|
[HttpDelete($"{nameof(DeleteFolder)}/")]
|
|
public Object DeleteFolder(Int64 folderId)
|
|
{
|
|
var session = GetSession();
|
|
|
|
var folder = Db.GetFolderById(folderId);
|
|
|
|
return session.Delete(folder)
|
|
? _Ok
|
|
: _Unauthorized;
|
|
|
|
}
|
|
|
|
private static Session? GetSession()
|
|
{
|
|
var ctxAccessor = new HttpContextAccessor();
|
|
return ctxAccessor.HttpContext?.Items["Session"] as Session;
|
|
}
|
|
}
|
|
|
|
|
|
|