ProjectController.cs 8.28 KB
Newer Older
1 2
using Coscine.Action;
using Coscine.Action.EventArgs;
3 4
using Coscine.Api.Project.Models;
using Coscine.Api.Project.ReturnObjects;
5 6
using Coscine.ApiCommons;
using Coscine.ApiCommons.Factories;
7 8 9
using Microsoft.AspNetCore.Mvc;
using System;
using System.Linq;
10
using Coscine.Configuration;
11 12
using Microsoft.AspNetCore.Authorization;
using System.Collections.Generic;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
13 14 15

namespace Coscine.Api.Project.Controllers
{
16
    [Authorize]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
17 18 19
    public class ProjectController : Controller
    {
        private readonly Authenticator _authenticator;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
20
        private readonly ProjectModel _projectModel;
21
        private readonly IConfiguration _configuration;
22
        private readonly Emitter _emitter;
23

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
24 25
        public ProjectController()
        {
26
            _authenticator = new Authenticator(this, Program.Configuration);
27
            _configuration = Program.Configuration;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
28
            _projectModel = new ProjectModel();
29
            _emitter = new Emitter(_configuration);
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
30 31 32 33 34
        }

        [Route("[controller]")]
        public IActionResult Index()
        {
35 36 37 38 39 40 41
            var user = _authenticator.GetUser();

            return Ok(_projectModel.GetWithAccess(user, UserRoles.Member, UserRoles.Owner).ToList()
                .Select((project) => _projectModel.CreateReturnObjectFromDatabaseObject(project))
                .OrderBy(element => element.DisplayName)
                );

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
42 43 44 45 46
        }

        [HttpGet("[controller]/{id}")]
        public IActionResult Get(string id)
        {
47 48 49 50
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
51 52 53 54 55 56 57 58
                SubProjectModel subProjectModel = new SubProjectModel();
                var subProjectRel = subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id);
                
                var parentProjectRelation = subProjectRel.FirstOrDefault();
                if (parentProjectRelation != null && _projectModel.HasAccess(user, parentProjectRelation.ProjectId, UserRoles.Member, UserRoles.Owner))
                {
                    return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project, parentProjectRelation.ProjectId));
                }
59 60 61 62 63 64
                return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
65 66
        }

67 68 69
        [HttpGet("[controller]/{id}/resources")]
        public IActionResult GetResources(string id)
        {
70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89
            var project = _projectModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();

            var resourceModel = new ResourceModel();
            var resourceTypeModel = new ResourceTypeModel();
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
                return Json(resourceModel.GetAllWhere((resource) =>
                        (from projectResource in resource.ProjectResourceResourceIdIds
                         where projectResource.ProjectId == project.Id
                         select projectResource).Any())
                        .Select((resource) =>
                        {
                            return resourceModel.CreateReturnObjectFromDatabaseObject(resource);
                        }).OrderBy(element => element.DisplayName));
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
90 91
        }

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
92 93 94
        [HttpPost("[controller]/{id}")]
        public IActionResult Update(string id)
        {
95 96 97 98 99 100 101 102 103 104 105
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);
            var project = _projectModel.GetById(Guid.Parse(id));
            if(_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                return Ok(_projectModel.UpdateByObject(project, projectObject));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
106 107
        }

108 109 110
        [HttpDelete("[controller]/{id}")]
        public IActionResult Delete(string id)
        {
111 112 113 114 115 116 117 118 119 120 121
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                DeleteProject(project);
                return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
122 123
        }

124
        public void DeleteProject(Database.Model.Project project)
125
        {
126
            var subProjectModel = new SubProjectModel();
127 128 129 130 131 132 133 134 135 136 137
            foreach(var subProject in subProjectModel.GetAllWhere((subProject) => subProject.ProjectId == project.Id))
            {
                subProjectModel.Delete(subProject);
                DeleteProject(_projectModel.GetById(subProject.SubProjectId));
            }

            foreach (var subProject in subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id))
            {
                subProjectModel.Delete(subProject);
            }

138
            var projectResourceModel = new ProjectResourceModel();
139 140 141 142 143 144 145
            ResourceModel resourceModel = new ResourceModel();
            foreach (var projectResource in projectResourceModel.GetAllWhere((projectResource) => projectResource.ProjectId == project.Id))
            {
                projectResourceModel.Delete(projectResource);
                resourceModel.Delete(resourceModel.GetById(projectResource.ResourceId));
            }

146
            var projectRoleModel = new ProjectRoleModel();
147 148 149 150 151
            foreach (var projectRole in projectRoleModel.GetAllWhere((projectRole) => projectRole.ProjectId == project.Id))
            {
                projectRoleModel.Delete(projectRole);
            }

152
            var projectDisciplineModel = new ProjectDisciplineModel();
153 154 155 156 157
            foreach (var projectDiscipline in projectDisciplineModel.GetAllWhere((projectDiscipline) => projectDiscipline.ProjectId == project.Id))
            {
                projectDisciplineModel.Delete(projectDiscipline);
            }

158
            var projectInstituteModel = new ProjectInstituteModel();
159 160 161 162 163
            foreach (var projectInstitute in projectInstituteModel.GetAllWhere((projectInstitute) => projectInstitute.ProjectId == project.Id))
            {
                projectInstituteModel.Delete(projectInstitute);
            }

164
            _emitter.EmitProjectDelete(new ProjectEventArgs(_configuration)
165
            {
166
                Project = project
167 168 169 170 171
            });

            _projectModel.Delete(project);
        }

172
        [HttpPost("[controller]")]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
173 174
        public IActionResult Store()
        {
175 176 177 178 179 180 181 182 183 184 185 186
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);

            if (projectObject.ParentId != null
                && projectObject.ParentId != new Guid()
                && !_projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                return Unauthorized("User is not allowed to create SubProjects.");
            }

            var project = _projectModel.StoreFromObject(projectObject, user);

187
            if (projectObject.ParentId != null
188 189 190 191 192 193 194 195 196 197 198 199 200 201 202
                && projectObject.ParentId != new Guid()
                // for now, only an owner can add subprojects to projects
                && _projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                var subProjectModel = new SubProjectModel();
                subProjectModel.LinkSubProject(projectObject.ParentId, project.Id);
            }

            _emitter.EmitProjectCreate(new ProjectEventArgs(_configuration)
            {
                Project = project,
                ProjectOwner = user
            });

            return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
203 204 205
        }
    }
}