public Task <IActionResult> Validate([FromBody] SubmitValidatorBody body) { if (body.ValidatorDefinition == null) { return(Task.FromResult <IActionResult>(BadRequest("Validator definition is null"))); } if (!NamingConventions.IsValidDataType(body.ValidatorDefinition.DataType)) { return(Task.FromResult <IActionResult>(BadRequest($"Data type '{body.ValidatorDefinition.DataType}' is not a valid name for a collection"))); } if (body.ValidatorDefinition.ValidatorType != ValidatorType.TextRules) { return(Task.FromResult <IActionResult>(StatusCode((int)HttpStatusCode.Forbidden, "Currently only text rule validators are supported"))); } if (body.ValidatorDefinition.ValidatorType == ValidatorType.Exe) { return(Task.FromResult <IActionResult>(StatusCode((int)HttpStatusCode.Forbidden, "Exe-validators are currently rejected because of security concerns."))); } var rulesetValidationResult = validatorManager.ValidateValidatorDefinition(body.ValidatorDefinition); return(Task.FromResult <IActionResult>(new ContentResult { ContentType = Conventions.JsonContentType, Content = JsonConvert.SerializeObject(rulesetValidationResult), StatusCode = (int)HttpStatusCode.OK })); }
private static HttpContent ConstructSubmitValidatorBody(ValidatorDefinition validatorDefinition, bool suppressAutoApprove) { var submitValidatorBody = new SubmitValidatorBody(validatorDefinition) { SuppressAutoApprove = suppressAutoApprove }; return(PostBodyBuilder.ConstructBody(submitValidatorBody)); }
public async Task <IActionResult> Submit([FromBody] SubmitValidatorBody body) { // Validate if (body.ValidatorDefinition == null) { return(BadRequest("Validator definition is null")); } if (!NamingConventions.IsValidDataType(body.ValidatorDefinition.DataType)) { return(BadRequest($"Data type '{body.ValidatorDefinition.DataType}' is not a valid name for a collection")); } if (body.ValidatorDefinition.ValidatorType != ValidatorType.TextRules) { return(StatusCode((int)HttpStatusCode.Forbidden, "Currently only text rule validators are supported")); } if (body.ValidatorDefinition.ValidatorType == ValidatorType.Exe) { return(StatusCode((int)HttpStatusCode.Forbidden, "Exe-validators are currently rejected because of security concerns.")); } var definitionValidationResult = validatorManager.ValidateValidatorDefinition(body.ValidatorDefinition); if (!definitionValidationResult.IsValid) { return(new ContentResult { ContentType = Conventions.JsonContentType, Content = JsonConvert.SerializeObject(definitionValidationResult), StatusCode = (int)HttpStatusCode.BadRequest }); } // Authroize var loggedInUsername = UsernameNormalizer.Normalize(HttpContext.User.Identity.Name); var authorizationResult = await authorizationModule.AuthorizeAsync( new AddValidatorResourceDescription(body.ValidatorDefinition.DataType), loggedInUsername); if (!authorizationResult.IsAuthorized) { return(StatusCode((int)HttpStatusCode.Unauthorized, "Not authorized")); } // Ensure that submitter is equal to the current user body.ValidatorDefinition.Submitter = authorizationResult.User.UserName; body.ValidatorDefinition.SubmitterEmail = authorizationResult.User.Email; if (body.ValidatorDefinition.IsApproved && !authorizationResult.User.Roles.Contains(Role.Admin)) { body.ValidatorDefinition.IsApproved = false; } try { validatorManager.AddValidatorDefinition(body.ValidatorDefinition, body.SuppressAutoApprove); apiEventLogger.Log(LogLevel.Info, $"User '{authorizationResult.User.UserName}' " + $"added validator for type '{body.ValidatorDefinition.DataType}' " + $"with ID '{body.ValidatorDefinition.Id}'"); return(Ok()); } catch (DocumentAlreadyExistsException) { return(Conflict($"Validator with ID '{body.ValidatorDefinition.Id}' for type '{body.ValidatorDefinition.DataType}' already exists")); } catch (Exception e) { return(StatusCode((int)HttpStatusCode.InternalServerError, e.Message)); } }