Skip to content
Snippets Groups Projects
Select Git revision
  • 47e3d09809ae4e0587165b1725cf3fdd52057c92
  • master default protected
  • dev protected
  • Issue/3003-stsInstitute
  • gitkeep
  • Issue/2449-GuidPidSlugToProjectSettings
  • Issue/2309-docs
  • Fix/xxxx-updateDependencies
  • Issue/2364-testingKpiParser
  • Issue/2287-guestRole
  • Test/xxxx-pipelineTriggers
  • Issue/2102-gitLabResTypeRCV
  • Issue/2278-gitlabToS
  • Issue/2101-gitLabResTypeUi
  • Issue/1788-extractionCronjob
  • Issue/2183-kpiGeneratorResource
  • Issue/2222-resourceDateCreated
  • Issue/2221-projectDateCreated
  • Issue/1321-pidEnquiryOverhaul
  • Issue/1999-gitlabResourcesLib
  • Issue/1951-quotaImplementation
  • v2.22.0
  • v2.20.0
  • v2.19.1
  • v2.19.0
  • v2.18.0
  • v2.17.0
  • v2.16.2
  • v2.16.1
  • v2.16.0
  • v2.15.0
  • v2.14.0
  • v2.13.0
  • v2.12.1
  • v2.12.0
  • v2.11.1
  • v2.11.0
  • v2.10.1
  • v2.10.0
  • v2.9.1
  • v2.9.0
41 results

ResourceModel.cs

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    ResourceController.cs 5.89 KiB
    using Coscine.Api.Project.Models;
    using Coscine.Api.Project.ReturnObjects;
    using Coscine.ApiCommons;
    using Coscine.ApiCommons.Factories;
    using Microsoft.AspNetCore.Mvc;
    using System;
    using System.Linq;
    using Coscine.Action;
    using Coscine.Configuration;
    using Coscine.Action.EventArgs;
    using Microsoft.AspNetCore.Authorization;
    using Newtonsoft.Json.Linq;
    using Coscine.Database.Model;
    
    namespace Coscine.Api.Project.Controllers
    {
        [Authorize]
        public class ResourceController : Controller
        {
            private readonly Authenticator _authenticator;
            private readonly ResourceModel _resourceModel;
            private readonly IConfiguration _configuration;
            private readonly Emitter _emitter;
    
            public ResourceController()
            {
                _authenticator = new Authenticator(this, Program.Configuration);
                _configuration = Program.Configuration;
                _resourceModel = new ResourceModel();
                _emitter = new Emitter(this._configuration);
            }
    
            [Route("[controller]")]
            public IActionResult Index()
            {
                var user = _authenticator.GetUser();
                return Json(_resourceModel.GetAllWhere((resource) =>
                    (from projectResource in resource.ProjectResourceResourceIdIds
                     where (from projectRole in projectResource.Project.ProjectRolesProjectIdIds
                            where projectRole.User == user
                            && (projectRole.Role.DisplayName == "Owner" || projectRole.Role.DisplayName == "Member")
                            select projectRole).Any()
                     select projectResource).Any()
                ).Select((resource) => _resourceModel.CreateReturnObjectFromDatabaseObject(resource)));
            }
    
    
            [HttpGet("[controller]/{id}")]
            public IActionResult Get(string id)
            {
                var resource = _resourceModel.GetById(Guid.Parse(id));
                var user = _authenticator.GetUser();
                if (_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member))
                {
                    _resourceModel.SetType(resource);
                    return Json(_resourceModel.CreateReturnObjectFromDatabaseObject(resource));
                }
                else
                {
                    return Unauthorized("User does not own resource!");
                }
            }
    
            [HttpGet("[controller]/resource/{id}/isCreator")]
            public IActionResult IsUserResourceCreator(string id)
            {
                Resource resource = _resourceModel.GetById(Guid.Parse(id));
                var user = _authenticator.GetUser();
                var json = new JObject
                {
                    ["isResourceCreator"] = resource.Creator.Equals(user.Id)
                };
                return Json(json);
            }
    
            [HttpPost("[controller]/{id}")]
            public IActionResult Update(string id)
            {
                var resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body);
                var resource = _resourceModel.GetById(Guid.Parse(id));
                var user = _authenticator.GetUser();
    
                if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
                    (_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
                {
                    return Json(_resourceModel.UpdateByObject(resource, resourceObject));
                }
                else
                {
                    return Unauthorized("The user is not authorized to perform an update on the selected resource!");
                }
            }
    
            [HttpDelete("[controller]/{id}")]
            public IActionResult Delete(string id)
            {
                var resource = _resourceModel.GetById(Guid.Parse(id));
                var user = _authenticator.GetUser();
                if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
                    (_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
                {
                    var returnObject = _resourceModel.CreateReturnObjectFromDatabaseObject(resource);
                    _emitter.EmitResourceDelete(new ResourceEventArgs(_configuration)
                    {
                        Resource = resource
                    });
                    _resourceModel.DeleteResource(resource);
                    return Json(returnObject);
                }
                else
                {
                    return Unauthorized("The user is not authorized to perform an update on the selected resource!");
                }
            }
    
            [HttpPost("[controller]/project/{projectId}")]
            public IActionResult StoreToProject(string projectId)
            {
                var resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body);
                var projectModel = new ProjectModel();
                var resourceTypeModel = new ResourceTypeModel();
                var isResourceEnabled = resourceTypeModel.GetById(resourceObject.Type.Id).Enabled;
                var project = projectModel.GetById(Guid.Parse(projectId));
                var user = _authenticator.GetUser();
    
                if (projectModel.HasAccess(user, project, UserRoles.Owner, UserRoles.Member))
                {
                    if (!isResourceEnabled)
                    {
                        return Unauthorized("The user is not authorized to add a new resource of this type to the selected project!");
                    }
                    resourceObject.Creator = user.Id;
                    var resource = _resourceModel.StoreFromObject(resourceObject);
                    projectModel.AddResource(project, resource);
    
                    _emitter.EmitResourceCreate(new ResourceEventArgs(_configuration)
                    {
                        Resource = resource
                    });
    
                    return Json(_resourceModel.CreateReturnObjectFromDatabaseObject(resource));
                }
                else
                {
                    return Unauthorized("The user is not authorized to add a new resource to the selected project!");
                }
            }
        }
    }