protected override async Task <SingleBudgetOutputModel> Execute(int parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
var budget = await _budgetRepository.GetBudget(parameter, cancellationToken);
if (budget == null)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, $"Budget with id {parameter} not found");
}
if (!principal.IsInRole(Roles.Admin) && principal.GetId() != budget.UserId)
{
throw AppExceptions.AuthorizationException();
}
return(new SingleBudgetOutputModel
{
Id = budget.Id,
Title = budget.Title,
Year = budget.Year,
Amount = budget.Amount,
Type = budget.BudgetType,
User = new User
{
Id = budget.User.Id,
FirstName = budget.User.FirstName,
LastName = budget.User.LastName,
}
});
}
protected override async Task <UserModel> Execute(RegisterUserModel parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
var username = principal.GetIdentifier(Claims.UserName);
if (string.IsNullOrWhiteSpace(username))
{
throw AppExceptions.AuthorizationException();
}
var user = await _userRepository.GetAsync(username);
if (user == null)
{
throw AppExceptions.AuthorizationException();
}
if (cancellationToken.IsCancellationRequested)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest);
}
user.UniqueIdentifier = principal.GetIdentifier(Claims.UniqueIndetifier);
user.FirstName = principal.GetIdentifier(Claims.FirstName);
user.LastName = principal.GetIdentifier(Claims.LastName);
await _unitOfWork.SaveChanges(cancellationToken);
return(user.ToModel());
}
protected override async Task <Request> Execute(int parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
var request = await _requestRepository.GetRequest(parameter, cancellationToken);
if (request == null)
{
_logger.LogWarning("Not a valid id");
throw new OperationErrorException(StatusCodes.Status400BadRequest, "Not a valid id");
}
var currentUser = await _userRepository.GetUser(principal.GetId(), cancellationToken);
var isAdmin = currentUser.IsAdmin;
var isViewer = currentUser.IsViewer;
if (currentUser.Id != request.User.Id && !isAdmin && !isViewer)
{
_logger.LogWarning("No access for request!");
throw AppExceptions.AuthorizationException();
}
return(new Request
{
Id = request.Id,
Title = request.Title,
Amount = request.Amount,
Date = request.Date,
});
}
protected override async Task Execute(RequestMassModel parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
var currentUser = await _userRepository.GetUser(principal.GetId(), cancellationToken);
if (!currentUser.IsAdmin)
{
throw AppExceptions.AuthorizationException();
}
var currentYear = DateTime.Now.Year;
var requests = new List <Request>();
foreach (var user in parameter.Users)
{
var userId = user.Id;
var budgets = await _budgetRepository.GetBudgetsByType(user.Id, BudgetTypeEnum.PersonalBudget, currentYear, cancellationToken);
if (budgets.Length > 1)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, $"User {user.Id} has multiple budgets of type {BudgetTypeEnum.PersonalBudget} for year {currentYear}");
}
var budget = budgets.Single();
if (parameter.Amount > await GetRemainingAmount(budget, cancellationToken))
{
continue;
}
var request = new Request
{
UserId = userId,
Year = currentYear,
Title = parameter.Title,
Amount = parameter.Amount,
Date = parameter.Date.ToLocalTime().Date,
CreateDate = DateTime.Now,
State = RequestState.Approved,
BudgetId = budget.Id,
Transactions = new[]
{
new Transaction
{
BudgetId = budget.Id,
UserId = userId,
Amount = parameter.Amount
}
}
};
requests.Add(request);
}
await _requestRepository.AddRequests(requests);
await _unitOfWork.SaveChanges(cancellationToken);
}
protected override async Task <UserModel> Execute(ClaimsPrincipal principal, CancellationToken cancellationToken)
{
var user = await _userRepository.GetUser(principal.GetId(), cancellationToken);
if (user == null)
{
throw AppExceptions.AuthorizationException();
}
return(user.ToModel());
}
protected override async Task Execute(PostRequestModel parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
var userId = principal.GetId();
var currentYear = DateTime.Now.Year;
var currentUser = await _userRepository.GetUser(userId, cancellationToken);
if (!currentUser.IsSuperior)
{
throw AppExceptions.AuthorizationException();
}
var budget = await _budgetRepository.GetBudget(parameter.BudgetId, cancellationToken);
if (budget == null)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, $"Budget {parameter.BudgetId} was not found.");
}
if (budget.BudgetType != BudgetTypeEnum.TeamBudget)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, "No Access for request!");
}
var teamBudgets = await _budgetRepository.GetTeamBudgets(userId, currentYear, cancellationToken);
var budgets = teamBudgets.ToTeamBudgets();
var availableFunds = budgets.Sum(_ => _.Amount);
if (availableFunds < parameter.Amount)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, $"Requested amount {parameter.Amount} exceeds the limit.");
}
var transactions = TransactionCalculator.Create(budgets, parameter.Amount);
var request = new Request
{
BudgetId = budget.Id,
UserId = userId,
Year = currentYear,
Title = parameter.Title,
Amount = parameter.Amount,
Date = parameter.Date.ToLocalTime(),
State = RequestState.Pending,
Transactions = transactions
};
await _requestRepository.AddRequest(request);
await _unitOfWork.SaveChanges(cancellationToken);
}
protected override async Task <BudgetOutputModel[]> Execute(int parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
var user = await _userRepository.GetUser(principal.GetId(), cancellationToken);
if (!user.IsSuperior)
{
throw AppExceptions.AuthorizationException();
}
var budgets = await _budgetRepository.GetTeamBudgets(user.Id, parameter, cancellationToken);
if (!budgets.Any())
{
return(Array.Empty <BudgetOutputModel>());
}
var masterBudget = budgets.SingleOrDefault(x => x.UserId == user.Id);
if (masterBudget == null)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, "Cumulative budget does not exists");
}
var amount = budgets.Sum(_ => _.Amount);
var amountLeft = amount - budgets.SelectMany(_ => _.Transactions.Where(x => x.Request.State != RequestState.Rejected)).Sum(_ => _.Amount);
var model = new BudgetOutputModel
{
Id = masterBudget.Id,
Year = masterBudget.Year,
Amount = amount,
AmountLeft = amountLeft,
Title = masterBudget.Title,
Type = masterBudget.BudgetType,
Requests = masterBudget.Requests.Select(_ => new RequestOutputModel
{
Id = _.Id,
Title = _.Title,
Amount = _.Amount,
Date = _.Date,
CreateDate = _.CreateDate,
State = _.State
})
};
return(new[] { model });
}
protected override async Task Execute(UpdateRequestModel parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
var userId = principal.GetId();
var currentUser = await _userRepository.GetUser(userId, cancellationToken);
if (!currentUser.IsSuperior)
{
throw AppExceptions.AuthorizationException();
}
var request = await _requestRepository.GetRequest(parameter.Id, cancellationToken);
if (request == null)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, $"Request with id {parameter.Id} not found.");
}
if (userId != request.UserId)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, "No Access for request!");
}
var teamBudgets = await _budgetRepository.GetTeamBudgets(userId, DateTime.Now.Year, cancellationToken);
if (teamBudgets.Any(x => x.BudgetType != BudgetTypeEnum.TeamBudget))
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, "No Access for request!");
}
var budgets = teamBudgets.ToTeamBudgets(x => x.RequestId != parameter.Id);
var availableFunds = budgets.Sum(_ => _.Amount);
if (availableFunds < parameter.Amount)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, $"Requested amount {parameter.Amount} exceeds the limit.");
}
var transactions = TransactionCalculator.Create(budgets, parameter.Amount);
request.Title = parameter.Title;
request.Amount = parameter.Amount;
request.Date = parameter.Date.ToLocalTime();
await _requestRepository.AddOrUpdateTransactions(request.Id, transactions);
await _unitOfWork.SaveChanges(cancellationToken);
}
protected override async Task Execute(InvoiceImageModel parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
throw new NotSupportedException();
var requestId = parameter.RequestId;
var request = await _requestRepository.GetRequest(requestId, cancellationToken);
if (!principal.IsInRole(Roles.Admin) && principal.GetId() != request.UserId)
{
throw AppExceptions.AuthorizationException();
}
byte[] buffer;
if (parameter.File == null)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest);
}
var fullName = parameter.File.FileName;
if (parameter.File.Length > 1048576)
{
throw new OperationErrorException(StatusCodes.Status413PayloadTooLarge);
}
using (var openReadStream = parameter.File.OpenReadStream())
{
buffer = new byte[parameter.File.Length];
openReadStream.Read(buffer, 0, buffer.Length);
}
var image = new InvoiceImage
{
Data = buffer,
Name = fullName,
RequestId = requestId
};
await _invoiceImageRepository.AddInvoiceImage(image, cancellationToken);
await _unitOfWork.SaveChanges(cancellationToken);
}
protected override async Task <ImageFileModel> Execute(int parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
throw new NotSupportedException();
var image = await _invoiceImageRepository.GetInvoiceImage(parameter, cancellationToken);
if (image == null)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, "Not a valid id");
}
var request = await _requestRepository.GetRequest(image.RequestId, cancellationToken);
if (request == null)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, "Not a valid id");
}
if (!principal.IsInRole(Roles.Admin) && !principal.IsInRole(Roles.Viewer) && principal.GetId() != request.UserId)
{
throw AppExceptions.AuthorizationException();
}
var provider = new FileExtensionContentTypeProvider();
if (!provider.TryGetContentType(image.Name, out var contentType))
{
contentType = "application/octet-stream";
}
return(new ImageFileModel
{
InvoiceImage = image,
ContentType = contentType
});
}
protected override async Task <IEnumerable <ImageOutputModel> > Execute(int parameter, ClaimsPrincipal principal, CancellationToken cancellationToken)
{
throw new NotSupportedException();
var request = await _requestRepository.GetRequest(parameter, cancellationToken);
if (request == null)
{
throw new OperationErrorException(StatusCodes.Status400BadRequest, "Not a valid id");
}
if (!principal.IsInRole(Roles.Admin) && !principal.IsInRole(Roles.Viewer) && principal.GetId() != request.UserId)
{
throw AppExceptions.AuthorizationException();
}
var imagesName = await _invoiceImageRepository.GetInvoiceImages(parameter, cancellationToken);
return(imagesName.Select(image => new ImageOutputModel
{
Id = image.Id,
Name = image.Name
}));
}
