ProjectController.cs 9.35 KB
Newer Older
1
using Coscine.Action;
2
using Coscine.Action.EventArgs;
Marcel Nellesen's avatar
Marcel Nellesen committed
3
4
using Coscine.Database.Models;
using Coscine.Database.ReturnObjects;
5
6
using Coscine.ApiCommons;
using Coscine.ApiCommons.Factories;
7
8
9
using Microsoft.AspNetCore.Mvc;
using System;
using System.Linq;
10
using Coscine.Configuration;
11
using Microsoft.AspNetCore.Authorization;
Marcel Nellesen's avatar
Marcel Nellesen committed
12
using Coscine.Database.Util;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
13
14
15

namespace Coscine.Api.Project.Controllers
{
16
    [Authorize]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
17
18
19
    public class ProjectController : Controller
    {
        private readonly Authenticator _authenticator;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
20
        private readonly ProjectModel _projectModel;
21
        private readonly IConfiguration _configuration;
22
        private readonly Emitter _emitter;
23

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
24
25
        public ProjectController()
        {
26
            _authenticator = new Authenticator(this, Program.Configuration);
27
            _configuration = Program.Configuration;
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
28
            _projectModel = new ProjectModel();
29
            _emitter = new Emitter(_configuration);
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
30
31
32
33
34
        }

        [Route("[controller]")]
        public IActionResult Index()
        {
35
36
37
38
39
40
41
            var user = _authenticator.GetUser();

            return Ok(_projectModel.GetWithAccess(user, UserRoles.Member, UserRoles.Owner).ToList()
                .Select((project) => _projectModel.CreateReturnObjectFromDatabaseObject(project))
                .OrderBy(element => element.DisplayName)
                );

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
42
43
44
45
46
        }

        [HttpGet("[controller]/{id}")]
        public IActionResult Get(string id)
        {
47
48
49
50
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
51
                SubProjectModel subProjectModel = new SubProjectModel();
52
                var subProjectRel = subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id && project.Deleted == false);
53
54
55
56
57
58
                
                var parentProjectRelation = subProjectRel.FirstOrDefault();
                if (parentProjectRelation != null && _projectModel.HasAccess(user, parentProjectRelation.ProjectId, UserRoles.Member, UserRoles.Owner))
                {
                    return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project, parentProjectRelation.ProjectId));
                }
59
60
61
62
63
64
                return Ok(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
65
66
        }

67
68
69
        [HttpGet("[controller]/{id}/resources")]
        public IActionResult GetResources(string id)
        {
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
            var project = _projectModel.GetById(Guid.Parse(id));
            var user = _authenticator.GetUser();

            var resourceModel = new ResourceModel();
            var resourceTypeModel = new ResourceTypeModel();
            if (_projectModel.HasAccess(user, project, UserRoles.Member, UserRoles.Owner))
            {
                return Json(resourceModel.GetAllWhere((resource) =>
                        (from projectResource in resource.ProjectResourceResourceIdIds
                         where projectResource.ProjectId == project.Id
                         select projectResource).Any())
                        .Select((resource) =>
                        {
                            return resourceModel.CreateReturnObjectFromDatabaseObject(resource);
                        }).OrderBy(element => element.DisplayName));
            }
            else
            {
                return Unauthorized($"User is not allowed to see given the project {id}");
            }
90
91
        }

Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
92
93
94
        [HttpPost("[controller]/{id}")]
        public IActionResult Update(string id)
        {
95
96
97
98
99
100
101
102
103
104
105
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);
            var project = _projectModel.GetById(Guid.Parse(id));
            if(_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                return Ok(_projectModel.UpdateByObject(project, projectObject));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
106
107
        }

108
109
110
        [HttpDelete("[controller]/{id}")]
        public IActionResult Delete(string id)
        {
111
112
113
114
115
116
117
118
119
120
121
            var user = _authenticator.GetUser();
            var project = _projectModel.GetById(Guid.Parse(id));
            if (_projectModel.HasAccess(user, project, UserRoles.Owner))
            {
                DeleteProject(project);
                return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
            }
            else
            {
                return Unauthorized("The user is not authorized to perform an update on the selected project!");
            }
122
123
        }

Marcel Nellesen's avatar
Marcel Nellesen committed
124
        public void DeleteProject(Database.DataModel.Project project, bool isHard = false, bool propegateAction = true)
125
        {
126
            var subProjectModel = new SubProjectModel();
127
128
            foreach(var subProject in subProjectModel.GetAllWhere((subProject) => subProject.ProjectId == project.Id))
            {
Marcel Nellesen's avatar
Marcel Nellesen committed
129
                Database.DataModel.Project subProjectObject;
130
131
132
133
134
135
136
137
138
139
                if (isHard)
                {
                    subProjectModel.Delete(subProject);
                    subProjectObject = _projectModel.GetByIdIncludingDeleted(subProject.SubProjectId);
                }
                else
                {
                    subProjectObject = _projectModel.GetById(subProject.SubProjectId);
                }
                DeleteProject(subProjectObject, isHard, propegateAction);
140
141
142
143
            }

            foreach (var subProject in subProjectModel.GetAllWhere((subProject) => subProject.SubProjectId == project.Id))
            {
144
145
146
147
                if (isHard)
                {
                    subProjectModel.Delete(subProject);
                }
148
149
            }

150
            var projectResourceModel = new ProjectResourceModel();
151
152
153
            ResourceModel resourceModel = new ResourceModel();
            foreach (var projectResource in projectResourceModel.GetAllWhere((projectResource) => projectResource.ProjectId == project.Id))
            {
154
155
156
157
158
                if (isHard)
                {
                    projectResourceModel.Delete(projectResource);
                    resourceModel.Delete(resourceModel.GetById(projectResource.ResourceId));
                }
159
160
            }

161
            var projectRoleModel = new ProjectRoleModel();
162
163
            foreach (var projectRole in projectRoleModel.GetAllWhere((projectRole) => projectRole.ProjectId == project.Id))
            {
164
165
166
167
                if (isHard)
                {
                    projectRoleModel.Delete(projectRole);
                }
168
169
            }

170
            var projectDisciplineModel = new ProjectDisciplineModel();
171
172
            foreach (var projectDiscipline in projectDisciplineModel.GetAllWhere((projectDiscipline) => projectDiscipline.ProjectId == project.Id))
            {
173
174
175
176
                if (isHard)
                {
                    projectDisciplineModel.Delete(projectDiscipline);
                }
177
178
            }

179
            var projectInstituteModel = new ProjectInstituteModel();
180
181
            foreach (var projectInstitute in projectInstituteModel.GetAllWhere((projectInstitute) => projectInstitute.ProjectId == project.Id))
            {
182
183
184
185
                if (isHard)
                {
                    projectInstituteModel.Delete(projectInstitute);
                }
186
187
            }

188
            if (isHard)
189
            {
190
191
192
193
194
195
196
197
                if (propegateAction)
                {
                    _emitter.EmitProjectDelete(new ProjectEventArgs(_configuration)
                    {
                        Project = project
                    });
                }
            }
198

199
200
201
202
203
204
205
206
            if (isHard)
            {
                _projectModel.HardDelete(project);
            } 
            else
            {
                _projectModel.Delete(project);
            }
207
208
        }

209
        [HttpPost("[controller]")]
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
210
211
        public IActionResult Store()
        {
212
213
214
215
216
217
218
219
220
221
222
223
            var user = _authenticator.GetUser();
            var projectObject = ObjectFactory<ProjectObject>.DeserializeFromStream(Request.Body);

            if (projectObject.ParentId != null
                && projectObject.ParentId != new Guid()
                && !_projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                return Unauthorized("User is not allowed to create SubProjects.");
            }

            var project = _projectModel.StoreFromObject(projectObject, user);

224
            if (projectObject.ParentId != null
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
                && projectObject.ParentId != new Guid()
                // for now, only an owner can add subprojects to projects
                && _projectModel.HasAccess(user, _projectModel.GetById(projectObject.ParentId), UserRoles.Owner))
            {
                var subProjectModel = new SubProjectModel();
                subProjectModel.LinkSubProject(projectObject.ParentId, project.Id);
            }

            _emitter.EmitProjectCreate(new ProjectEventArgs(_configuration)
            {
                Project = project,
                ProjectOwner = user
            });

            return Json(_projectModel.CreateReturnObjectFromDatabaseObject(project));
Benedikt Heinrichs's avatar
Benedikt Heinrichs committed
240
241
242
        }
    }
}