Skip to content
Snippets Groups Projects
Select Git revision
  • 20c21de68a1ebf9c30b2646533249f750574c7f3
  • master default protected
  • dev protected
  • Issue/3130-onboardingUzK
  • Issue/3109-onboarding
  • Issue/2915-migrateSql2Linked
  • test_ci
  • Issue/xxxx-fixDevcontainer
  • Issue/xxxx-generateLatestTag
  • Issue/2980-fixContainerBuild
  • Issue/2967-fixGD
  • Issue/2944-gdShenanigans
  • Issue/2906-containerCron
  • Issue/2880-gd
  • petar.hristov-master-patch-9e49
  • Issue/2668-graphDeployer
  • gitkeep
  • Hotfix/xxxx-fastDeployment
  • Hotfix/2615-graphDeployerLag
  • Issue/2568-betterLogging
  • Issue/2518-docs
  • v2.1.11
  • v2.1.10
  • v2.1.9
  • v2.1.8
  • v2.1.7
  • v2.1.6
  • v2.1.5
  • v2.1.4
  • v2.1.3
  • v2.1.2
  • v2.1.1
  • v2.1.0
  • v2.0.1
  • v2.0.0
  • v1.2.11
  • v1.2.10
  • v1.2.9
  • v1.2.8
  • v1.2.7
  • v1.2.6
41 results

Program.cs

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    ResourceController.cs 5.89 KiB
    using Coscine.Api.Project.Models;
    using Coscine.Api.Project.ReturnObjects;
    using Coscine.ApiCommons;
    using Coscine.ApiCommons.Factories;
    using Microsoft.AspNetCore.Mvc;
    using System;
    using System.Linq;
    using Coscine.Action;
    using Coscine.Configuration;
    using Coscine.Action.EventArgs;
    using Microsoft.AspNetCore.Authorization;
    using Newtonsoft.Json.Linq;
    using Coscine.Database.Model;
    
    namespace Coscine.Api.Project.Controllers
    {
        [Authorize]
        public class ResourceController : Controller
        {
            private readonly Authenticator _authenticator;
            private readonly ResourceModel _resourceModel;
            private readonly IConfiguration _configuration;
            private readonly Emitter _emitter;
    
            public ResourceController()
            {
                _authenticator = new Authenticator(this, Program.Configuration);
                _configuration = Program.Configuration;
                _resourceModel = new ResourceModel();
                _emitter = new Emitter(this._configuration);
            }
    
            [Route("[controller]")]
            public IActionResult Index()
            {
                var user = _authenticator.GetUser();
                return Json(_resourceModel.GetAllWhere((resource) =>
                    (from projectResource in resource.ProjectResourceResourceIdIds
                     where (from projectRole in projectResource.Project.ProjectRolesProjectIdIds
                            where projectRole.User == user
                            && (projectRole.Role.DisplayName == "Owner" || projectRole.Role.DisplayName == "Member")
                            select projectRole).Any()
                     select projectResource).Any()
                ).Select((resource) => _resourceModel.CreateReturnObjectFromDatabaseObject(resource)));
            }
    
    
            [HttpGet("[controller]/{id}")]
            public IActionResult Get(string id)
            {
                var resource = _resourceModel.GetById(Guid.Parse(id));
                var user = _authenticator.GetUser();
                if (_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member))
                {
                    _resourceModel.SetType(resource);
                    return Json(_resourceModel.CreateReturnObjectFromDatabaseObject(resource));
                }
                else
                {
                    return Unauthorized("User does not own resource!");
                }
            }
    
            [HttpGet("[controller]/resource/{id}/isCreator")]
            public IActionResult IsUserResourceCreator(string id)
            {
                Resource resource = _resourceModel.GetById(Guid.Parse(id));
                var user = _authenticator.GetUser();
                var json = new JObject
                {
                    ["isResourceCreator"] = resource.Creator.Equals(user.Id)
                };
                return Json(json);
            }
    
            [HttpPost("[controller]/{id}")]
            public IActionResult Update(string id)
            {
                var resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body);
                var resource = _resourceModel.GetById(Guid.Parse(id));
                var user = _authenticator.GetUser();
    
                if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
                    (_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
                {
                    return Json(_resourceModel.UpdateByObject(resource, resourceObject));
                }
                else
                {
                    return Unauthorized("The user is not authorized to perform an update on the selected resource!");
                }
            }
    
            [HttpDelete("[controller]/{id}")]
            public IActionResult Delete(string id)
            {
                var resource = _resourceModel.GetById(Guid.Parse(id));
                var user = _authenticator.GetUser();
                if (_resourceModel.HasAccess(user, resource, UserRoles.Owner) ||
                    (_resourceModel.HasAccess(user, resource, UserRoles.Member) && resource.Creator.Equals(user.Id)))
                {
                    var returnObject = _resourceModel.CreateReturnObjectFromDatabaseObject(resource);
                    _emitter.EmitResourceDelete(new ResourceEventArgs(_configuration)
                    {
                        Resource = resource
                    });
                    _resourceModel.DeleteResource(resource);
                    return Json(returnObject);
                }
                else
                {
                    return Unauthorized("The user is not authorized to perform an update on the selected resource!");
                }
            }
    
            [HttpPost("[controller]/project/{projectId}")]
            public IActionResult StoreToProject(string projectId)
            {
                var resourceObject = ObjectFactory<ResourceObject>.DeserializeFromStream(Request.Body);
                var projectModel = new ProjectModel();
                var resourceTypeModel = new ResourceTypeModel();
                var isResourceEnabled = resourceTypeModel.GetById(resourceObject.Type.Id).Enabled;
                var project = projectModel.GetById(Guid.Parse(projectId));
                var user = _authenticator.GetUser();
    
                if (projectModel.HasAccess(user, project, UserRoles.Owner, UserRoles.Member))
                {
                    if (!isResourceEnabled)
                    {
                        return Unauthorized("The user is not authorized to add a new resource of this type to the selected project!");
                    }
                    resourceObject.Creator = user.Id;
                    var resource = _resourceModel.StoreFromObject(resourceObject);
                    projectModel.AddResource(project, resource);
    
                    _emitter.EmitResourceCreate(new ResourceEventArgs(_configuration)
                    {
                        Resource = resource
                    });
    
                    return Json(_resourceModel.CreateReturnObjectFromDatabaseObject(resource));
                }
                else
                {
                    return Unauthorized("The user is not authorized to add a new resource to the selected project!");
                }
            }
        }
    }