ProjectController.cs 8.28 KB
Newer Older
1
2
using Coscine.Action;
using Coscine.Action.EventArgs;
3
4
using Coscine.Api.Project.Models;
using Coscine.Api.Project.ReturnObjects;
5
6
using Coscine.ApiCommons;
using Coscine.ApiCommons.Factories;
7
8
9
using Microsoft.AspNetCore.Mvc;
using System;
using System.Linq;
10
using Coscine.Configuration;
11
12
using Microsoft.AspNetCore.Authorization;
using System.Collections.Generic;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
13
14
15

namespace Coscine.Api.Project.Controllers
{
16
    [Authorize]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
17
18
19
    public class ProjectController : Controller
    {
        private readonly Authenticator _authenticator;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
20
        private readonly ProjectModel _projectModel;
21
        private readonly IConfiguration _configuration;
22
        private readonly Emitter _emitter;
23

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
24
25
        public ProjectController()
        {
26
            _authenticator = new Authenticator(this, Program.Configuration);
27
            _configuration = Program.Configuration;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
28
            _projectModel = new ProjectModel();
29
            _emitter = new Emitter(_configuration);
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
30
31
32
33
34
        }

        [Route("[controller]")]
        public IActionResult Index()
        {
35
36
37
38
39
40
41
            var user = _authenticator.GetUser();

            return Ok(_projectModel.GetWithAccess(user, UserRoles.Member, UserRoles.Owner).ToList()
                .Select((project) => _projectModel.CreateReturnObjectFromDatabaseObject(project))
                .OrderBy(element => element.DisplayName)
                );

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
42
43
44
45
46
        }

        [HttpGet("[controller]/{id}")]
        public IActionResult Get(string id)
        {
47
48
49
50
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
51
52
53
54
55
56
57
58
                SubProjectModel subProjectModel = new SubProjectModel();
                var subProjectRel = subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id);
                
                var parentProjectRelation = subProjectRel.FirstOrDefault();
                if (parentProjectRelation != null && _projectModel.HasAccess(user, parentProjectRelation.ProjectId, UserRoles.Member, UserRoles.Owner))
                {
                    return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project, parentProjectRelation.ProjectId));
                }
59
60
61
62
63
64
                return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
65
66
        }

67
68
69
        [HttpGet("[controller]/{id}/resources")]
        public IActionResult GetResources(string id)
        {
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
            var project = _projectModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();

            var resourceModel = new ResourceModel();
            var resourceTypeModel = new ResourceTypeModel();
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
                return Json(resourceModel.GetAllWhere((resource) =>
                        (from projectResource in resource.ProjectResourceResourceIdIds
                         where projectResource.ProjectId == project.Id
                         select projectResource).Any())
                        .Select((resource) =>
                        {
                            return resourceModel.CreateReturnObjectFromDatabaseObject(resource);
                        }).OrderBy(element => element.DisplayName));
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
90
91
        }

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
92
93
94
        [HttpPost("[controller]/{id}")]
        public IActionResult Update(string id)
        {
95
96
97
98
99
100
101
102
103
104
105
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);
            var project = _projectModel.GetById(Guid.Parse(id));
            if(_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                return Ok(_projectModel.UpdateByObject(project, projectObject));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
106
107
        }

108
109
110
        [HttpDelete("[controller]/{id}")]
        public IActionResult Delete(string id)
        {
111
112
113
114
115
116
117
118
119
120
121
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                DeleteProject(project);
                return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
122
123
        }

124
        public void DeleteProject(Database.Model.Project project)
125
        {
126
            var subProjectModel = new SubProjectModel();
127
128
129
130
131
132
133
134
135
136
137
            foreach(var subProject in subProjectModel.GetAllWhere((subProject) => subProject.ProjectId == project.Id))
            {
                subProjectModel.Delete(subProject);
                DeleteProject(_projectModel.GetById(subProject.SubProjectId));
            }

            foreach (var subProject in subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id))
            {
                subProjectModel.Delete(subProject);
            }

138
            var projectResourceModel = new ProjectResourceModel();
139
140
141
142
143
144
145
            ResourceModel resourceModel = new ResourceModel();
            foreach (var projectResource in projectResourceModel.GetAllWhere((projectResource) => projectResource.ProjectId == project.Id))
            {
                projectResourceModel.Delete(projectResource);
                resourceModel.Delete(resourceModel.GetById(projectResource.ResourceId));
            }

146
            var projectRoleModel = new ProjectRoleModel();
147
148
149
150
151
            foreach (var projectRole in projectRoleModel.GetAllWhere((projectRole) => projectRole.ProjectId == project.Id))
            {
                projectRoleModel.Delete(projectRole);
            }

152
            var projectDisciplineModel = new ProjectDisciplineModel();
153
154
155
156
157
            foreach (var projectDiscipline in projectDisciplineModel.GetAllWhere((projectDiscipline) => projectDiscipline.ProjectId == project.Id))
            {
                projectDisciplineModel.Delete(projectDiscipline);
            }

158
            var projectInstituteModel = new ProjectInstituteModel();
159
160
161
162
163
            foreach (var projectInstitute in projectInstituteModel.GetAllWhere((projectInstitute) => projectInstitute.ProjectId == project.Id))
            {
                projectInstituteModel.Delete(projectInstitute);
            }

164
            _emitter.EmitProjectDelete(new ProjectEventArgs(_configuration)
165
            {
166
                Project = project
167
168
169
170
171
            });

            _projectModel.Delete(project);
        }

172
        [HttpPost("[controller]")]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
173
174
        public IActionResult Store()
        {
175
176
177
178
179
180
181
182
183
184
185
186
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);

            if (projectObject.ParentId != null
                && projectObject.ParentId != new Guid()
                && !_projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                return Unauthorized("User is not allowed to create SubProjects.");
            }

            var project = _projectModel.StoreFromObject(projectObject, user);

187
            if (projectObject.ParentId != null
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
                && projectObject.ParentId != new Guid()
                // for now, only an owner can add subprojects to projects
                && _projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                var subProjectModel = new SubProjectModel();
                subProjectModel.LinkSubProject(projectObject.ParentId, project.Id);
            }

            _emitter.EmitProjectCreate(new ProjectEventArgs(_configuration)
            {
                Project = project,
                ProjectOwner = user
            });

            return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
203
204
205
        }
    }
}