ProjectController.cs 9.46 KB
Newer Older
1
using Coscine.Action;
2
using Coscine.Action.EventArgs;
Marcel Nellesen's avatar
Marcel Nellesen committed
3
4
using Coscine.Database.Models;
using Coscine.Database.ReturnObjects;
5
6
using Coscine.ApiCommons;
using Coscine.ApiCommons.Factories;
7
8
9
using Microsoft.AspNetCore.Mvc;
using System;
using System.Linq;
10
using Coscine.Configuration;
11
using Microsoft.AspNetCore.Authorization;
Marcel Nellesen's avatar
Marcel Nellesen committed
12
using Coscine.Database.Util;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
13
14
15

namespace Coscine.Api.Project.Controllers
{
16
    [Authorize]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
17
18
19
    public class ProjectController : Controller
    {
        private readonly Authenticator _authenticator;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
20
        private readonly ProjectModel _projectModel;
21
        private readonly IConfiguration _configuration;
22
        private readonly Emitter _emitter;
23

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
24
25
        public ProjectController()
        {
26
            _authenticator = new Authenticator(this, Program.Configuration);
27
            _configuration = Program.Configuration;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
28
            _projectModel = new ProjectModel();
29
            _emitter = new Emitter(_configuration);
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
30
31
32
33
34
        }

        [Route("[controller]")]
        public IActionResult Index()
        {
35
36
37
38
39
            var user = _authenticator.GetUser();

            return Ok(_projectModel.GetWithAccess(user, UserRoles.Member, UserRoles.Owner).ToList()
                .Select((project) => _projectModel.CreateReturnObjectFromDatabaseObject(project))
                .OrderBy(element => element.DisplayName)
40
            );
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
41
42
43
44
45
        }

        [HttpGet("[controller]/{id}")]
        public IActionResult Get(string id)
        {
46
47
48
49
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
50
                SubProjectModel subProjectModel = new SubProjectModel();
51
                var subProjectRel = subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id && project.Deleted == false);
52
53
54
55
56
57
                
                var parentProjectRelation = subProjectRel.FirstOrDefault();
                if (parentProjectRelation != null && _projectModel.HasAccess(user, parentProjectRelation.ProjectId, UserRoles.Member, UserRoles.Owner))
                {
                    return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project, parentProjectRelation.ProjectId));
                }
58
59
60
61
62
63
                return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
64
65
        }

66
67
68
        [HttpGet("[controller]/{id}/resources")]
        public IActionResult GetResources(string id)
        {
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
            var project = _projectModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();

            var resourceModel = new ResourceModel();
            var resourceTypeModel = new ResourceTypeModel();
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
                return Json(resourceModel.GetAllWhere((resource) =>
                        (from projectResource in resource.ProjectResourceResourceIdIds
                         where projectResource.ProjectId == project.Id
                         select projectResource).Any())
                        .Select((resource) =>
                        {
                            return resourceModel.CreateReturnObjectFromDatabaseObject(resource);
                        }).OrderBy(element => element.DisplayName));
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
89
90
        }

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
91
92
93
        [HttpPost("[controller]/{id}")]
        public IActionResult Update(string id)
        {
94
95
96
97
98
99
100
101
102
103
104
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);
            var project = _projectModel.GetById(Guid.Parse(id));
            if(_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                return Ok(_projectModel.UpdateByObject(project, projectObject));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
105
106
        }

107
108
109
        [HttpDelete("[controller]/{id}")]
        public IActionResult Delete(string id)
        {
110
111
112
113
114
115
116
117
118
119
120
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                DeleteProject(project);
                return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
121
122
        }

Marcel Nellesen's avatar
Marcel Nellesen committed
123
        public void DeleteProject(Database.DataModel.Project project, bool isHard = false, bool propegateAction = true)
124
        {
125
            var subProjectModel = new SubProjectModel();
126
127
128
129
            foreach (var subProject in subProjectModel.GetAllWhere(
                (subProject) => subProject.ProjectId == project.Id
                                && (subProject.SubProject_FK.Deleted == false || isHard)
            ))
130
            {
Marcel Nellesen's avatar
Marcel Nellesen committed
131
                Database.DataModel.Project subProjectObject;
132
133
134
                if (isHard)
                {
                    subProjectObject = _projectModel.GetByIdIncludingDeleted(subProject.SubProjectId);
135
                    subProjectModel.Delete(subProject);
136
137
138
139
140
141
                }
                else
                {
                    subProjectObject = _projectModel.GetById(subProject.SubProjectId);
                }
                DeleteProject(subProjectObject, isHard, propegateAction);
142
143
144
145
            }

            foreach (var subProject in subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id))
            {
146
147
148
149
                if (isHard)
                {
                    subProjectModel.Delete(subProject);
                }
150
151
            }

152
            var projectResourceModel = new ProjectResourceModel();
153
154
155
            ResourceModel resourceModel = new ResourceModel();
            foreach (var projectResource in projectResourceModel.GetAllWhere((projectResource) => projectResource.ProjectId == project.Id))
            {
156
157
158
159
160
                if (isHard)
                {
                    projectResourceModel.Delete(projectResource);
                    resourceModel.Delete(resourceModel.GetById(projectResource.ResourceId));
                }
161
162
            }

163
            var projectRoleModel = new ProjectRoleModel();
164
165
            foreach (var projectRole in projectRoleModel.GetAllWhere((projectRole) => projectRole.ProjectId == project.Id))
            {
166
167
168
169
                if (isHard)
                {
                    projectRoleModel.Delete(projectRole);
                }
170
171
            }

172
            var projectDisciplineModel = new ProjectDisciplineModel();
173
174
            foreach (var projectDiscipline in projectDisciplineModel.GetAllWhere((projectDiscipline) => projectDiscipline.ProjectId == project.Id))
            {
175
176
177
178
                if (isHard)
                {
                    projectDisciplineModel.Delete(projectDiscipline);
                }
179
180
            }

181
            var projectInstituteModel = new ProjectInstituteModel();
182
183
            foreach (var projectInstitute in projectInstituteModel.GetAllWhere((projectInstitute) => projectInstitute.ProjectId == project.Id))
            {
184
185
186
187
                if (isHard)
                {
                    projectInstituteModel.Delete(projectInstitute);
                }
188
189
            }

190
            if (isHard)
191
            {
192
193
194
195
196
197
198
199
                if (propegateAction)
                {
                    _emitter.EmitProjectDelete(new ProjectEventArgs(_configuration)
                    {
                        Project = project
                    });
                }
            }
200

201
202
203
204
205
206
207
208
            if (isHard)
            {
                _projectModel.HardDelete(project);
            } 
            else
            {
                _projectModel.Delete(project);
            }
209
210
        }

211
        [HttpPost("[controller]")]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
212
213
        public IActionResult Store()
        {
214
215
216
217
218
219
220
221
222
223
224
225
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);

            if (projectObject.ParentId != null
                && projectObject.ParentId != new Guid()
                && !_projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                return Unauthorized("User is not allowed to create SubProjects.");
            }

            var project = _projectModel.StoreFromObject(projectObject, user);

226
            if (projectObject.ParentId != null
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
                && projectObject.ParentId != new Guid()
                // for now, only an owner can add subprojects to projects
                && _projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                var subProjectModel = new SubProjectModel();
                subProjectModel.LinkSubProject(projectObject.ParentId, project.Id);
            }

            _emitter.EmitProjectCreate(new ProjectEventArgs(_configuration)
            {
                Project = project,
                ProjectOwner = user
            });

            return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
242
243
244
        }
    }
}