Innovenergy_trunk/csharp/App/Backend/Controllers/Controller.cs

using InnovEnergy.App.Backend.Database;
using InnovEnergy.App.Backend.DataTypes;
using InnovEnergy.App.Backend.DataTypes.Methods;
using InnovEnergy.App.Backend.Relations;
using Microsoft.AspNetCore.Mvc;
using static System.Net.HttpStatusCode;
using Folder = InnovEnergy.App.Backend.DataTypes.Folder;
using Installation = InnovEnergy.App.Backend.DataTypes.Installation;
using Object = System.Object;
using User = InnovEnergy.App.Backend.DataTypes.User;

namespace InnovEnergy.App.Backend.Controllers;

[ApiController]
[Route("api/")]
public class Controller  
{
    private static readonly HttpResponseMessage _Unauthorized = new HttpResponseMessage(Unauthorized);
    private static readonly HttpResponseMessage _Ok           = new HttpResponseMessage(OK);
    private static readonly HttpResponseMessage _BadRequest   = new HttpResponseMessage(BadRequest);

    [Returns<String>]
    [Returns(Unauthorized)]
    [Returns(BadRequest)]
    [HttpPost($"{nameof(Login)}")]
    public Object Login(Credentials credentials)
    {
        var session = credentials.Login();

        return session is null 
            ? _Unauthorized 
            : session;
    }


    [Returns(OK)]
    [Returns(Unauthorized)]
    [HttpPost($"{nameof(Logout)}")]
    public Object Logout()
    {
        var session = GetSession();

        return session.Logout()
            ? _Ok
            : _Unauthorized;
    }
    

    [Returns<User>]
    [Returns(Unauthorized)]
    [HttpGet($"{nameof(GetUserById)}")]
    public Object GetUserById(Int64 id)
    {
        var caller = GetSession()?.User;
        if (caller == null)
            return _Unauthorized;
    
        var user = Db.GetUserById(id);
    
        if (user is null || !caller.HasAccessTo(user))
            return _Unauthorized;

        user.Password = "";
        return user;
    }

    
    [Returns<Installation>]
    [Returns(Unauthorized)]
    [HttpGet($"{nameof(GetInstallationById)}")]
    public Object GetInstallationById(Int64 id)
    {
        var user = GetSession()?.User;
        if (user == null)
            return _Unauthorized;
    
        var installation = Db.GetInstallationById(id);
    
        if (installation is null || !user.HasAccessTo(installation))
            return _Unauthorized;
    
        return installation;
    }

    
    [Returns<Folder>]
    [Returns(Unauthorized)]
    [HttpGet($"{nameof(GetFolderById)}")]
    public Object GetFolderById(Int64 id)
    {
        var user = GetSession()?.User;
        if (user == null)
            return _Unauthorized;
        
        var folder = Db.GetFolderById(id);
    
        if (folder is null || !user.HasAccessTo(folder))
            return _Unauthorized;
    
        return folder;
    }
    
    
    [Returns<Installation[]>]  // assuming swagger knows about arrays but not lists (JSON) 
    [Returns(Unauthorized)]
    [HttpGet($"{nameof(GetAllInstallations)}/")]
    public Object GetAllInstallations()
    {
        var user = GetSession()?.User;
        
        return user is null 
            ? _Unauthorized 
            : user.AccessibleInstallations();
    }
    
    
    [Returns<Folder[]>]  // assuming swagger knows about arrays but not lists (JSON)
    [Returns(Unauthorized)]
    [HttpGet($"{nameof(GetAllFolders)}/")]
    public Object GetAllFolders()
    {
        var user = GetSession()?.User;
        
        return user is null 
            ? _Unauthorized 
            : user.AccessibleFolders();
    }
    
    // [Returns<Folder[]>]  // assuming swagger knows about arrays but not lists (JSON)
    // [Returns(Unauthorized)]
    // [HttpGet($"{nameof(GetUsersOfFolder)}/")]
    // public Object GetUsersOfFolder(Int64 folderId)
    // {
    //     var caller = GetCaller();
    //     if (caller == null)
    //         return new HttpResponseMessage(Unauthorized);
    //
    //     var folder = Db.GetFolderById(folderId);
    //
    //     if (folder is null || !caller.HasAccessTo(folder))
    //         return new HttpResponseMessage(Unauthorized);
    //     
    //     return descendantUsers;  
    // }

    [Returns<TreeNode[]>]  // assuming swagger knows about arrays but not lists (JSON)
    [Returns(Unauthorized)]
    [HttpGet($"{nameof(GetAllFoldersAndInstallations)}/")]
    public Object GetAllFoldersAndInstallations()
    {
        var user = GetSession()?.User;
        
        return user is null 
            ? _Unauthorized 
            : user.AccessibleFoldersAndInstallations();
    }

    

    [Returns(OK)]
    [Returns(Unauthorized)]
    [HttpPost($"{nameof(CreateUser)}/")]
    public Object CreateUser(User newUser)
    {
        var session = GetSession();

        return session.Create(newUser) 
             ? newUser 
             : _Unauthorized ;
    }
    
    [Returns(OK)]
    [Returns(Unauthorized)]
    [HttpPost($"{nameof(CreateInstallation)}/")]
    public Object CreateInstallation(Installation installation)
    {
        var session = GetSession();

        return session.Create(installation) 
             ? installation 
             : _Unauthorized;
    }
    
    [Returns(OK)]
    [Returns(Unauthorized)]
    [Returns(InternalServerError)]
    [HttpPost($"{nameof(CreateFolder)}/")]
    public Object CreateFolder(Folder folder)
    {
        var session = GetSession();

        return session.Create(folder) 
             ? folder 
             : _Unauthorized;
    }

    [Returns(OK)]
    [Returns(Unauthorized)]
    [HttpPut($"{nameof(UpdateUser)}/")]
    public Object UpdateUser(User updatedUser)
    {
        var session = GetSession();

        if (!session.Update(updatedUser)) return _Unauthorized;
        updatedUser.Password = "";
        return updatedUser;
    }
    
    
    [Returns(OK)]
    [Returns(Unauthorized)]
    [HttpPut($"{nameof(UpdateInstallation)}/")]
    public Object UpdateInstallation(Installation installation)
    {
        var session = GetSession();
        
        return session.Update(installation)
             ? installation
             : _Unauthorized;
    }
    
    
    [Returns(OK)]
    [Returns(Unauthorized)]
    [HttpPut($"{nameof(UpdateFolder)}/")]
    public Object UpdateFolder(Folder folder)
    {
        var session = GetSession();
        
        return session.Update(folder) 
             ? folder 
             : _Unauthorized;
    }
    
    [Returns(OK)]
    [Returns(Unauthorized)]
    [HttpDelete($"{nameof(DeleteUser)}/")]
    public Object DeleteUser(Int64 userId)
    {
        var session = GetSession();
        var user    = Db.GetUserById(userId);

        return session.Delete(user) 
             ? _Ok
             : _Unauthorized;
    }
    
    [Returns(OK)]
    [Returns(Unauthorized)]
    [HttpDelete($"{nameof(DeleteInstallation)}/")]
    public Object DeleteInstallation(Int64 installationId)
    {
        var session      = GetSession();
        var installation = Db.GetInstallationById(installationId);

        return session.Delete(installation)
            ? _Ok  
            : _Unauthorized;
    }
    
    [ProducesResponseType(200)]
    [ProducesResponseType(401)]
    [HttpDelete($"{nameof(DeleteFolder)}/")]
    public Object DeleteFolder(Int64 folderId)
    {
        var session = GetSession();

        var folder = Db.GetFolderById(folderId);

        return session.Delete(folder) 
             ? _Ok 
             : _Unauthorized;
        
    }

    private static Session? GetSession()
    {
        var ctxAccessor = new HttpContextAccessor();
        return ctxAccessor.HttpContext?.Items["Session"] as Session;
    }
}