ProjectController.cs 36.8 KB
Newer Older
1
using Coscine.Action;
2
using Coscine.Action.EventArgs;
3
using Coscine.Action.Utils;
4
5
using Coscine.Api.Project.ParameterObjects;
using Coscine.Api.Project.ReturnObjects;
6
7
using Coscine.ApiCommons;
using Coscine.ApiCommons.Factories;
8
using Coscine.Configuration;
9
10
11
using Coscine.Database.DataModel;
using Coscine.Database.Models;
using Coscine.Database.ReturnObjects;
Marcel Nellesen's avatar
Marcel Nellesen committed
12
using Coscine.Database.Util;
13
using Coscine.Logging;
14
15
16
17
using Coscine.Metadata;
using Coscine.ResourceLoader;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
18
using Microsoft.Extensions.Logging;
19
using Newtonsoft.Json.Linq;
20
using System;
21
using System.Collections.Generic;
22
using System.Linq;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
23
24
25

namespace Coscine.Api.Project.Controllers
{
26
27
28
29

    /// <summary>
    ///  /// This controller represents the actions which can be taken with a project object.
    /// </summary>
30
    [Authorize]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
31
32
33
    public class ProjectController : Controller
    {
        private readonly Authenticator _authenticator;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
34
        private readonly ProjectModel _projectModel;
35
        private readonly IConfiguration _configuration;
36
        private readonly Emitter _emitter;
Marcel Nellesen's avatar
Marcel Nellesen committed
37
        private readonly ActivatedFeaturesModel _activatedFeaturesModel;
38
        private readonly ProjectRoleModel _projectRoleModel;
39
40
41
        private readonly ProjectQuotaModel _projectQuotaModel;
        private readonly ResourceTypeModel _resourceTypeModel;
        private readonly ResourceModel _resourceModel;
42
        private readonly CoscineLogger _coscineLogger;
43
        private readonly VisibilityModel _visibilityModel;
44
45
46
        private readonly InvitationModel _invitationModel;
        private readonly RoleModel _roleModel;
        private readonly UserModel _userModel;
47
        private readonly int _maxAvailable = 100;
48
49
50
        private readonly string _userUrlPrefix = "https://purl.org/coscine/users";
        private readonly Uri _orgPrefixUrl = new Uri("http://www.w3.org/ns/org#");
        private readonly RdfStoreConnector _rdfStoreConnector;
51

52
53
54
55
        /// <summary>
        /// ProjectController constructor
        /// </summary>
        /// <param name="logger">Logger</param>
56
        public ProjectController(ILogger<ProjectController> logger)
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
57
        {
58
            _authenticator = new Authenticator(this, Program.Configuration);
59
            _configuration = Program.Configuration;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
60
            _projectModel = new ProjectModel();
61
            _emitter = new Emitter(_configuration);
Marcel Nellesen's avatar
Marcel Nellesen committed
62
            _activatedFeaturesModel = new ActivatedFeaturesModel();
63
            _projectRoleModel = new ProjectRoleModel();
64
65
66
            _resourceTypeModel = new ResourceTypeModel();
            _resourceModel = new ResourceModel();
            _projectQuotaModel = new ProjectQuotaModel();
67
            _coscineLogger = new CoscineLogger(logger);
68
            _visibilityModel = new VisibilityModel();
69
70
71
72
            _rdfStoreConnector = new RdfStoreConnector(Program.Configuration.GetString("coscine/local/virtuoso/additional/url"));
            _invitationModel = new InvitationModel();
            _roleModel = new RoleModel();
            _userModel = new UserModel();
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
73
        }
74
75
76
77
78

        /// <summary>
        /// Returns all available projects (including sub projects)
        /// </summary>
        /// <returns>Ok</returns>
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
79
        [Route("[controller]")]
80
        public ActionResult<IEnumerable<ProjectObject>> Index()
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
81
        {
82
            var user = _authenticator.GetUser();
83
            var result = _projectModel.GetWithAccess(user, UserRoles.Member, UserRoles.Owner).ToList()
84
                .Select((project) => _projectModel.CreateReturnObjectFromDatabaseObject(project))
85
86
                .OrderBy(element => element.DisplayName);

87
88
89
            return Ok(result);
        }

90
91
92
93
        /// <summary>
        /// Retrieves all top level projects
        /// </summary>
        /// <returns>Ok</returns>
94
        [Route("[controller]/-/topLevel")]
95
        public ActionResult<IEnumerable<ProjectObject>> GetTopLevelProjects()
96
97
        {
            var user = _authenticator.GetUser();
98
            var projects = _projectModel.GetTopLevelWithAccess(user, UserRoles.Member, UserRoles.Owner).ToList()
99
100
101
102
                .Select((project) => _projectModel.CreateReturnObjectFromDatabaseObject(project))
                .OrderBy(element => element.DisplayName);

            if (Request.Query != null && Request.Query["noanalyticslog"] != "true")
103
            {
104
                LogAnalyticsViewHome(projects.Select(x => x.Id.ToString()).ToList());
105
            }
106

107
            return Ok(projects);
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
108
109
        }

110
111
112
113
114
        /// <summary>
        /// This returns the the project if the user has access to it
        /// </summary>
        /// <param name="id">Id of the resource</param>
        /// <returns>Ok or Statuscode 401</returns>
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
115
        [HttpGet("[controller]/{id}")]
116
        public ActionResult<ProjectObject> Get(string id)
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
117
        {
118
119
120
121
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
122
                SubProjectModel subProjectModel = new SubProjectModel();
123
                var subProjectRel = subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id && project.Deleted == false);
124

125
126
127
128
129
                var parentProjectRelation = subProjectRel.FirstOrDefault();
                if (parentProjectRelation != null && _projectModel.HasAccess(user, parentProjectRelation.ProjectId, UserRoles.Member, UserRoles.Owner))
                {
                    return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project, parentProjectRelation.ProjectId));
                }
130
131
132
133
134
135
                return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
136
137
        }

138
139
140
141
142
        /// <summary>
        /// Gets the resources
        /// </summary>
        /// <param name="id">Id of the resource</param>
        /// <returns>Json object or Statuscode 401</returns>
143
        [HttpGet("[controller]/{id}/resources")]
144
        public ActionResult<IEnumerable<ResourceObject>> GetResources(string id)
145
        {
146
147
148
149
150
151
152
            var project = _projectModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();

            var resourceModel = new ResourceModel();
            var resourceTypeModel = new ResourceTypeModel();
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
153
                var resources = resourceModel.GetAllWhere((resource) =>
154
                        (from projectResource in resource.ProjectResources
155
156
157
158
159
                         where projectResource.ProjectId == project.Id
                         select projectResource).Any())
                        .Select((resource) =>
                        {
                            return resourceModel.CreateReturnObjectFromDatabaseObject(resource);
160
                        }).OrderBy(element => element.DisplayName);
161
162
                if (Request.Query != null && Request.Query["noanalyticslog"] != "true")
                {
163
164
                    var projectObject = _projectModel.CreateReturnObjectFromDatabaseObject(_projectModel.GetById(project.Id));
                    LogAnalyticsViewProject(project, resources.ToList(), projectObject.Disciplines, projectObject.Organizations, user);
165
                }
166
                return Json(resources);
167
168
169
170
171
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
172
173
        }

174
        /// <summary>
175
        /// Retrieves the quota for the selected project.
176
        /// </summary>
177
178
179
180
        /// <param name="projectId">Id of the project.</param>
        /// <returns>List of project quotas</returns>
        [HttpGet("[controller]/{projectId}/quota/-/all")]
        public ActionResult<IEnumerable<ProjectQuota>> Quotas(string projectId)
181
182
        {
            var user = _authenticator.GetUser();
183
184
185
186
187
188
189
190
191

            if (!Guid.TryParse(projectId, out Guid projectGuid))
            {
                return BadRequest($"{projectId} is not a guid.");
            }

            var project = _projectModel.GetById(projectGuid);

            if (project == null)
192
            {
193
194
195
196
197
198
199
                return NotFound($"Could not find project with id: {projectId}");
            }

            if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                return Unauthorized("The user is not authorized to perform a get on the selected project!");
            }
200

201
            var resourceTypes = _resourceTypeModel.GetAllWhere(x => x.Enabled.HasValue && x.Enabled.Value);
202

203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
            return Json(resourceTypes.Select(x => CreateProjectQuotaReturnObject(x, projectGuid)));
        }

        private ProjectQuotaReturnObject CreateProjectQuotaReturnObject(ResourceType x, Guid projectGuid)
        {
            var projectQuota = _projectQuotaModel.GetWhere((y) =>
                    y.ProjectId == projectGuid &&
                    y.ResourceTypeId == x.Id);
            return new ProjectQuotaReturnObject
            {
                Id = x.Id,
                Name = x.DisplayName,
                Used = CalculateUsed(x, projectGuid),
                Allocated = projectQuota == null ? 0 : projectQuota.Quota
            };
218
219
220
221
222
223
224
        }

        private int CalculateUsed(ResourceType resourceType, Guid projectId)
        {
            var resourceTypeDefinition = ResourceTypeFactory.CreateResourceTypeObject(resourceType.DisplayName, _configuration);

            var resources = _resourceModel.GetAllWhere((resource) =>
225
                        (from projectResource in resource.ProjectResources
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
                         where projectResource.ProjectId == projectId
                         select projectResource).Any() &&
                         resource.TypeId == resourceType.Id);

            var used = resources.Sum(y => resourceTypeDefinition.GetResourceQuotaAvailable(y.Id.ToString(), _resourceModel.GetResourceTypeOptions(y.Id)).Result);
            return (int)used;
        }

        /// <summary>
        /// Retrieves the quota for the selected project and resource Type.
        /// </summary>
        /// <param name="projectId">Id of the project</param>
        /// <param name="resourceTypeId">Id of the resource type</param>
        /// <returns>The project quota for the resource type.</returns>
        [HttpGet("[controller]/{projectId}/quota/{resourceTypeId}")]
        public ActionResult<ProjectQuotaReturnObject> Quota(string projectId, string resourceTypeId)
        {
            var user = _authenticator.GetUser();

            if (!Guid.TryParse(projectId, out Guid projectGuid))
            {
                return BadRequest($"{projectId} is not a guid.");
248
            }
249
250
251
252
253
254
255
256
257

            var project = _projectModel.GetById(projectGuid);

            if (project == null)
            {
                return NotFound($"Could not find project with id: {projectId}");
            }

            if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
258
259
260
            {
                return Unauthorized("The user is not authorized to perform a get on the selected project!");
            }
261
262
263
264
265
266
267
268

            if (!Guid.TryParse(resourceTypeId, out Guid resourceTypeGuid))
            {
                return BadRequest($"{resourceTypeId} is not a guid.");
            }

            var resourceType = _resourceTypeModel.GetById(resourceTypeGuid);

269
            if (resourceType == null || !resourceType.Enabled.HasValue || !resourceType.Enabled.Value)
270
271
272
273
274
275
276
277
278
            {
                return NotFound($"Could not find resourceType with id: {resourceTypeId}");
            }

            var projectQuota =
                _projectQuotaModel.GetWhere((x) =>
                    x.ProjectId == projectGuid &&
                    x.ResourceTypeId == resourceTypeGuid);

279
280
281
282
283
284
285
            var projectQuotaReturnObject = new ProjectQuotaReturnObject
            {
                Id = resourceTypeGuid,
                Name = resourceType.DisplayName,
                Used = CalculateUsed(resourceType, projectGuid),
                Allocated = projectQuota.Quota
            };
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324

            return Json(projectQuotaReturnObject);
        }

        /// <summary>
        /// Get the max quota for a resource type.
        /// </summary>
        /// <param name="projectId">Id of the project.</param>
        /// <param name="resourceTypeId">Id of the resource</param>
        /// <returns>The maximum value for the quota.</returns>
        [HttpGet("[controller]/{projectId}/quota/{resourceTypeId}/max")]
        public ActionResult<MaxProjectQuota> GetQuotaMax(string projectId, string resourceTypeId)
        {
            var user = _authenticator.GetUser();

            if (!Guid.TryParse(projectId, out Guid projectGuid))
            {
                return BadRequest($"{projectId} is not a guid.");
            }

            var project = _projectModel.GetById(projectGuid);

            if (project == null)
            {
                return NotFound($"Could not find project with id: {projectId}");
            }

            if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                return Unauthorized("The user is not authorized to perform a get on the selected project!");
            }

            if (!Guid.TryParse(resourceTypeId, out Guid resourceTypeGuid))
            {
                return BadRequest($"{resourceTypeId} is not a guid.");
            }

            var resourceType = _resourceTypeModel.GetById(resourceTypeGuid);

325
            if (resourceType == null || !resourceType.Enabled.HasValue || !resourceType.Enabled.Value)
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
            {
                return NotFound($"Could not find resourceType with id: {resourceTypeId}");
            }

            return Json(new MaxProjectQuota { Id = resourceTypeGuid, Available = _maxAvailable });
        }

        /// <summary>
        /// Update the project quota.
        /// </summary>
        /// <param name="projectId">Id of the project.</param>
        /// <param name="resourceTypeId">Id of the resource.</param>
        /// <param name="updateProjectQuotaObject">Object containing the update values.</param>
        /// <returns>NoContent (204).</returns>
        [HttpPost("[controller]/{projectId}/quota/{resourceTypeId}")]
341
        public IActionResult UpdateQuota(string projectId, string resourceTypeId, [FromBody] UpdateProjectQuotaObject updateProjectQuotaObject)
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
        {
            var user = _authenticator.GetUser();

            if (!Guid.TryParse(projectId, out Guid projectGuid))
            {
                return BadRequest($"{projectId} is not a guid.");
            }

            var project = _projectModel.GetById(projectGuid);

            if (project == null)
            {
                return NotFound($"Could not find project with id: {projectId}");
            }

            if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                return Unauthorized("The user is not authorized to perform a get on the selected project!");
            }

            if (!Guid.TryParse(resourceTypeId, out Guid resourceTypeGuid))
            {
                return BadRequest($"{resourceTypeId} is not a guid.");
            }

            var resourceType = _resourceTypeModel.GetById(resourceTypeGuid);

369
            if (resourceType == null || !resourceType.Enabled.HasValue || !resourceType.Enabled.Value)
370
371
372
373
            {
                return NotFound($"Could not find resourceType with id: {resourceTypeId}");
            }

374
375
376
377
378
            if (resourceType.DisplayName.Equals("rdss3"))
            {
                return BadRequest($"Cannot adjust quota for rdss3.");
            }

379
380
381
382
383
384
385
386
            if (updateProjectQuotaObject.Allocated < 0)
            {
                return BadRequest($"Allocated {updateProjectQuotaObject.Allocated}. Cannot be less than 0.");
            }

            var projectQuotaForCurrent = _projectQuotaModel.GetWhere(x => x.ProjectId == projectGuid && x.ResourceTypeId == resourceTypeGuid);
            var used = CalculateUsed(resourceType, projectGuid);

387
            if (used > updateProjectQuotaObject.Allocated)
388
389
390
391
            {
                return BadRequest($"Cannot set quota ({updateProjectQuotaObject.Allocated}) below the used value ({used}).");
            }

392
            if (updateProjectQuotaObject.Allocated > _maxAvailable)
393
            {
394
                return BadRequest($"Cannot set quota to {updateProjectQuotaObject.Allocated}. It would exceed the limit of {_maxAvailable}");
395
396
397
398
399
400
            }

            projectQuotaForCurrent.Quota = updateProjectQuotaObject.Allocated;
            _projectQuotaModel.Update(projectQuotaForCurrent);

            return NoContent();
401
        }
402

403
404
405
406
407
        /// <summary>
        /// Updates the selected project 
        /// </summary>
        /// <param name="id">Id of the resource</param>
        /// <returns>Ok or Statuscode 401</returns>
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
408
409
410
        [HttpPost("[controller]/{id}")]
        public IActionResult Update(string id)
        {
411
412
413
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);
            var project = _projectModel.GetById(Guid.Parse(id));
414
            if (_projectModel.HasAccess(user, project, UserRoles.Owner))
415
            {
416
                LogAnalyticsEditProject(project, _projectModel.GetMetadataCompleteness(projectObject), projectObject.Disciplines, projectObject.Organizations, user);
417
418
419
420
421
422
                return Ok(_projectModel.UpdateByObject(project, projectObject));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
423
424
        }

425
426
427
428
429
        /// <summary>
        /// Deletes the selected project
        /// </summary>
        /// <param name="id">Id of the resource</param>
        /// <returns>Json object or Statuscode 401</returns>
430
431
432
        [HttpDelete("[controller]/{id}")]
        public IActionResult Delete(string id)
        {
433
434
435
436
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
437
438
                var projectObject = _projectModel.CreateReturnObjectFromDatabaseObject(_projectModel.GetById(project.Id));
                LogAnalyticsDeleteProject(project, projectObject.Disciplines, projectObject.Organizations, user);
439
440
441
442
443
444
445
                DeleteProject(project);
                return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
446
447
        }

448
449
450
451
452
453
        /// <summary>
        /// Deletes the project
        /// </summary>
        /// <param name="project">Project</param>
        /// <param name="isHard">isHard</param>
        /// <param name="propegateAction">propegate Action</param>
Marcel Nellesen's avatar
Marcel Nellesen committed
454
        public void DeleteProject(Database.DataModel.Project project, bool isHard = false, bool propegateAction = true)
455
        {
456
            var subProjectModel = new SubProjectModel();
457
458
            foreach (var subProject in subProjectModel.GetAllWhere(
                (subProject) => subProject.ProjectId == project.Id
459
                                && (subProject.SubProjectNavigation.Deleted == false || isHard)
460
            ))
461
            {
Marcel Nellesen's avatar
Marcel Nellesen committed
462
                Database.DataModel.Project subProjectObject;
463
464
465
                if (isHard)
                {
                    subProjectObject = _projectModel.GetByIdIncludingDeleted(subProject.SubProjectId);
466
                    subProjectModel.Delete(subProject);
467
468
469
470
471
472
                }
                else
                {
                    subProjectObject = _projectModel.GetById(subProject.SubProjectId);
                }
                DeleteProject(subProjectObject, isHard, propegateAction);
473
474
475
476
            }

            foreach (var subProject in subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id))
            {
477
478
479
480
                if (isHard)
                {
                    subProjectModel.Delete(subProject);
                }
481
482
            }

Marcel Nellesen's avatar
Marcel Nellesen committed
483
            if (isHard)
484
            {
Marcel Nellesen's avatar
Marcel Nellesen committed
485
                var projectResourceModel = new ProjectResourceModel();
486
487
                var resourceModel = new ResourceModel();
                var resourceTypeModel = new ResourceTypeModel();
Marcel Nellesen's avatar
Marcel Nellesen committed
488
                foreach (var projectResource in projectResourceModel.GetAllWhere((projectResource) => projectResource.ProjectId == project.Id))
489
                {
490
491
492
493
                    var resource = resourceModel.GetById(projectResource.ResourceId);
                    var resourceTypeOptions = resourceModel.GetResourceTypeOptions(projectResource.ResourceId);
                    var resourceTypeDefinition = ResourceTypeFactory.CreateResourceTypeObject(resourceTypeModel.GetById(resource.TypeId).DisplayName, _configuration);
                    resourceTypeDefinition.DeleteResource(projectResource.ResourceId.ToString(), resourceTypeOptions);
494
                    projectResourceModel.Delete(projectResource);
495
                    resourceModel.Delete(resource);
496
                }
497

Marcel Nellesen's avatar
Marcel Nellesen committed
498
499
                var projectRoleModel = new ProjectRoleModel();
                foreach (var projectRole in projectRoleModel.GetAllWhere((projectRole) => projectRole.ProjectId == project.Id))
500
501
502
                {
                    projectRoleModel.Delete(projectRole);
                }
503

Marcel Nellesen's avatar
Marcel Nellesen committed
504
505
                var projectDisciplineModel = new ProjectDisciplineModel();
                foreach (var projectDiscipline in projectDisciplineModel.GetAllWhere((projectDiscipline) => projectDiscipline.ProjectId == project.Id))
506
507
508
                {
                    projectDisciplineModel.Delete(projectDiscipline);
                }
509

Marcel Nellesen's avatar
Marcel Nellesen committed
510
511
                var projectInstituteModel = new ProjectInstituteModel();
                foreach (var projectInstitute in projectInstituteModel.GetAllWhere((projectInstitute) => projectInstitute.ProjectId == project.Id))
512
                {
513
                    projectInstituteModel.Delete(projectInstitute);
Marcel Nellesen's avatar
Marcel Nellesen committed
514
515
                }

516
                foreach (var projectQuota in _projectQuotaModel.GetAllWhere((Quota) => Quota.ProjectId == project.Id))
Marcel Nellesen's avatar
Marcel Nellesen committed
517
                {
518
                    _projectQuotaModel.Delete(projectQuota);
519
                }
520

521
522
523
524
525
                foreach (var invitation in _invitationModel.GetAllWhere((x) => x.Project == project.Id))
                {
                    _invitationModel.Delete(invitation);
                }

Marcel Nellesen's avatar
Marcel Nellesen committed
526
527
                _activatedFeaturesModel.DeactivateAllFeatures(project);

528
529
530
531
532
533
534
                if (propegateAction)
                {
                    _emitter.EmitProjectDelete(new ProjectEventArgs(_configuration)
                    {
                        Project = project
                    });
                }
535

536
                _projectModel.HardDelete(project);
Marcel Nellesen's avatar
Marcel Nellesen committed
537
            }
538
539
540
541
            else
            {
                _projectModel.Delete(project);
            }
542
543
        }

544
545
546
547
        /// <summary>
        /// Creates a project
        /// </summary>
        /// <returns>Json object or Statuscode 401</returns>
548
        [HttpPost("[controller]")]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
549
550
        public IActionResult Store()
        {
551
552
553
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);

554
            if (projectObject?.ParentId != new Guid()
555
556
557
558
559
                && !_projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                return Unauthorized("User is not allowed to create SubProjects.");
            }

560
            var project = _projectModel.StoreFromObject(projectObject, user, _rdfStoreConnector.GetQuotaDefault(user.Id.ToString()));
561

562
            if (projectObject.ParentId != new Guid()
563
564
565
566
567
568
569
570
571
572
573
574
575
                // for now, only an owner can add subprojects to projects
                && _projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                var subProjectModel = new SubProjectModel();
                subProjectModel.LinkSubProject(projectObject.ParentId, project.Id);
            }

            _emitter.EmitProjectCreate(new ProjectEventArgs(_configuration)
            {
                Project = project,
                ProjectOwner = user
            });

576
            LogAnalyticsAddProject(project, _projectModel.GetMetadataCompleteness(projectObject), projectObject.Disciplines, projectObject.Organizations, user);
577

578
            return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
579
        }
580

581
        /// <summary>
582
        /// List all invitations of a project.
583
        /// </summary>
584
585
586
587
        /// <param name="projectId">Project id of the project</param>
        /// <returns>List of invitations</returns>
        [HttpGet("[controller]/invitation/list/{projectId}")]
        public ActionResult<IEnumerable<InvitationReturnObject>> ListInvitations(Guid projectId)
588
        {
589
590
591
            var project = _projectModel.GetById(projectId);

            if (project == null)
592
            {
593
594
595
596
597
598
599
600
601
602
                return NotFound($@"The project ""{projectId}"" was not found.");
            }

            var user = _authenticator.GetUser();

            if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                return Unauthorized($"You are not an owner of the project.");
            }

603
            var invitations = _invitationModel.GetAllWhere(x => x.Project == projectId)
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
                .Select(x => new InvitationReturnObject
                {
                    Id = x.Id,
                    Expiration = x.Expiration,
                    Issuer = x.Issuer,
                    ProjectId = x.Project,
                    RoleId = x.Role,
                    UserMail = x.InviteeEmail 
                });

            return new ActionResult<IEnumerable<InvitationReturnObject>>(invitations);
        }

        /// <summary>
        /// Create and send an invitation to specified mail.
        /// </summary>
        /// <param name="sendInvitationObject">Informations for sending an invitation</param>
        /// <returns>NoContent</returns>
        [HttpPost("[controller]/invitation")]
623
        public IActionResult SendInvitation([FromBody] SendInvitationObject sendInvitationObject)
624
625
626
        {
            var user = _authenticator.GetUser();

627
            if (!IsValidEmail(sendInvitationObject.Email))
628
            {
629
                return BadRequest($@"The email ""{sendInvitationObject.Email}"" is invalid.");
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
            }

            var project = _projectModel.GetById(sendInvitationObject.Project);

            if (project == null)
            {
                return NotFound($@"The project ""{sendInvitationObject.Project}"" was not found.");
            }

            if (_roleModel.GetById(sendInvitationObject.Role) == null)
            {
                return NotFound($@"The role ""{sendInvitationObject.Role}"" was not found.");
            }

            if (!_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                return Unauthorized($"You are not an owner of the project.");
            }

            var invitations = _invitationModel.GetAllWhere(
                x => x.Project == sendInvitationObject.Project &&
651
                     x.InviteeEmail == sendInvitationObject.Email &&
652
653
654
                     x.Expiration > DateTime.UtcNow
            );

655
            if (invitations.Any())
656
657
658
659
            {
                return BadRequest("This invitee already has a valid invitation to this project.");
            }

660
661
662
663
664
665
666
667
668
669
670
            var expiredInvitations = _invitationModel.GetAllWhere(
                x => x.Project == sendInvitationObject.Project &&
                     x.InviteeEmail == sendInvitationObject.Email &&
                     x.Expiration <= DateTime.UtcNow
            );

            foreach (var expiredInvitation in expiredInvitations)
            {
                _invitationModel.Delete(expiredInvitation);
            }

671
            var token = _invitationModel.CreateInvitation(sendInvitationObject.Project, user.Id, sendInvitationObject.Role, sendInvitationObject.Email);
672
673
674
675
676
677
678

            var body = new JObject
            {
                ["Args"] = new JObject()
                {
                    ["placeholder"] = new JObject()
                    {
679
                        ["confirmation_link"] = $@"{_configuration.GetString("coscine/local/api/additional/url")}/SitePages/Home.aspx?token={token}"
680
681
682
683
                    }
                }
            };

684
            NotificationBusUtil.Send(Program.Configuration, "user_invitation", NotificationBusUtil.GetUserList(new User { EmailAddress = sendInvitationObject.Email }), sendInvitationObject.Project.ToString(), body);
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730

            return NoContent();
        }

        /// <summary>
        /// Deletes an invitation.
        /// </summary>
        /// <param name="invitationId">Id of a invitation</param>
        /// <returns>NoContent</returns>
        [HttpDelete("[controller]/invitation/{invitationId}")]
        public IActionResult DeleteInvitation(Guid invitationId)
        {
            var invitation = _invitationModel.GetById(invitationId);

            if(invitation == null)
            {
                return NotFound("Invitation was not found.");
            }

            var user = _authenticator.GetUser();

            if (!_projectModel.HasAccess(user, _projectModel.GetById(invitation.Project), UserRoles.Owner))
            {
                return Unauthorized($"You are not an owner of this project.");
            }

            _invitationModel.Delete(invitation);

            return NoContent();
        }

        /// <summary>
        /// Resolve an invitation for the current user.
        /// </summary>
        /// <param name="token">Token of a invitation</param>
        /// <returns>NoContent</returns>
        [HttpGet("[controller]/invitation/resolve/{token}")]
        public IActionResult ResolveInvitation(Guid token)
        {
            var user = _authenticator.GetUser();

            var invitation = _invitationModel.GetByToken(token);

            if(invitation == null)
            {
                return NotFound("Invitation was not found.");
731
            }
732

733
            if (invitation.Expiration < DateTime.UtcNow)
734
            {
735
                return BadRequest("The invitation has expired");
736
            }
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770

            var project = _projectModel.GetById(invitation.Project);

            if (!_projectModel.HasAccess(_userModel.GetById(invitation.Issuer), project, UserRoles.Owner))
            {
                return Unauthorized($"The issuer is not an owner of the project.");
            }

            if (_projectRoleModel.GetAllWhere(x => x.ProjectId == invitation.Project && x.UserId == user.Id).Any())
            {
                return BadRequest($"The invitee is already part of the project.");
            }

            var role = _roleModel.GetById(invitation.Role);

            _emitter.EmitUserAdd(new UserEventArgs(_configuration)
            {
                Project = project,
                Role = role,
                User = user,
            });

            var projectRole = new ProjectRole()
            {
                RelationId = Guid.NewGuid(),
                ProjectId = invitation.Project,
                UserId = user.Id,
                RoleId = invitation.Role
            };

            _projectRoleModel.Insert(projectRole);

            _invitationModel.Delete(invitation);

771
            return NoContent();
772
773
        }

774
775
776
777
778
779
780
781
782
783
784
785
        private static bool IsValidEmail(string email)
        {
            try
            {
                return new System.Net.Mail.MailAddress(email).Address == email;
            }
            catch
            {
                return false;
            }
        }
        
786
        private void LogAnalyticsViewHome(List<string> projectIds)
787
        {
788
789
790
791
792
793
794
795
796
797
798
799
800
801
            _coscineLogger.AnalyticsLog(
                new AnalyticsLogObject
                {
                    Type = "Action",
                    Operation = "View Home",
                    ProjectList = projectIds
                });
        }

        private void LogAnalyticsViewProject(Database.DataModel.Project project, List<ResourceObject> resources, IEnumerable<DisciplineObject> disciplines, IEnumerable<OrganizationObject> organizations, User user)
        {
            var resourceTypes = _resourceTypeModel.GetAllWhere(x => x.Enabled.HasValue && x.Enabled.Value);

            var objects = resourceTypes.Select(x => CreateProjectQuotaReturnObject(x, project.Id));
802

803
804
            _coscineLogger.AnalyticsLog(
                new AnalyticsLogObject
805
                {
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
                    Type = "Action",
                    Operation = "View Project",
                    RoleId = _projectRoleModel.GetGetUserRoleForProject(project.Id, user.Id).ToString(),
                    ProjectId = project.Id.ToString(),
                    QuotaSize = objects.Select(x => $"{x.Name}: {x.Used}/{x.Allocated}").ToList(),
                    Disciplines = disciplines.Select(x => x.DisplayNameEn).ToList(),
                    Organizations = organizations.Select(x => x.DisplayName).ToList(),
                    Visibility = project.VisibilityId.HasValue ? _visibilityModel.GetById(project.VisibilityId.Value)?.DisplayName : null,
                    ResourceList = resources.Select(x => x.Id.ToString()).ToList(),
                });
        }

        private void LogAnalyticsEditProject(Database.DataModel.Project project, string metadataCompletness, IEnumerable<DisciplineObject> disciplines, IEnumerable<OrganizationObject> organizations, User user)
        {
            var resourceTypes = _resourceTypeModel.GetAllWhere(x => x.Enabled.HasValue && x.Enabled.Value);

            var objects = resourceTypes.Select(x => CreateProjectQuotaReturnObject(x, project.Id));

            _coscineLogger.AnalyticsLog(
                new AnalyticsLogObject
826
                {
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
                    Type = "Action",
                    Operation = "Edit Project",
                    RoleId = _projectRoleModel.GetGetUserRoleForProject(project.Id, user.Id).ToString(),
                    ProjectId = project.Id.ToString(),
                    QuotaSize = objects.Select(x => $"{x.Name}: {x.Used}/{x.Allocated}").ToList(),
                    MetadataCompleteness = metadataCompletness,
                    Disciplines = disciplines.Select(x => x.DisplayNameEn).ToList(),
                    Organizations = organizations.Select(x => x.DisplayName).ToList(),
                    Visibility = project.VisibilityId.HasValue ? _visibilityModel.GetById(project.VisibilityId.Value)?.DisplayName : null,
                });
        }

        private void LogAnalyticsAddProject(Database.DataModel.Project project, string metadataCompletness, IEnumerable<DisciplineObject> disciplines, IEnumerable<OrganizationObject> organizations, User user)
        {
            var resourceTypes = _resourceTypeModel.GetAllWhere(x => x.Enabled.HasValue && x.Enabled.Value);

            var objects = resourceTypes.Select(x => CreateProjectQuotaReturnObject(x, project.Id));

            _coscineLogger.AnalyticsLog(
                new AnalyticsLogObject
847
                {
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
                    Type = "Action",
                    Operation = "Add Project",
                    RoleId = _projectRoleModel.GetGetUserRoleForProject(project.Id, user.Id).ToString(),
                    ProjectId = project.Id.ToString(),
                    QuotaSize = objects.Select(x => $"{x.Name}: {x.Used}/{x.Allocated}").ToList(),
                    MetadataCompleteness = metadataCompletness,
                    Disciplines = disciplines.Select(x => x.DisplayNameEn).ToList(),
                    Organizations = organizations.Select(x => x.DisplayName).ToList(),
                    Visibility = project.VisibilityId.HasValue ? _visibilityModel.GetById(project.VisibilityId.Value)?.DisplayName : null,
                });
        }

        private void LogAnalyticsDeleteProject(Database.DataModel.Project project, IEnumerable<DisciplineObject> disciplines, IEnumerable<OrganizationObject> organizations, User user)
        {
            var resourceTypes = _resourceTypeModel.GetAllWhere(x => x.Enabled.HasValue && x.Enabled.Value);

            var objects = resourceTypes.Select(x => CreateProjectQuotaReturnObject(x, project.Id));

            _coscineLogger.AnalyticsLog(
                new AnalyticsLogObject
                {
                    Type = "Action",
                    Operation = "Delete Project",
                    RoleId = _projectRoleModel.GetGetUserRoleForProject(project.Id, user.Id).ToString(),
                    ProjectId = project.Id.ToString(),
                    QuotaSize = objects.Select(x => $"{x.Name}: {x.Used}/{x.Allocated}").ToList(),
                    Disciplines = disciplines.Select(x => x.DisplayNameEn).ToList(),
                    Organizations = organizations.Select(x => x.DisplayName).ToList(),
                    Visibility = project.VisibilityId.HasValue ? _visibilityModel.GetById(project.VisibilityId.Value)?.DisplayName : null,
                });
878
        }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
879
880
    }
}