public Task <IActionResult> Validate([FromBody] SubmitValidatorBody body)
{
if (body.ValidatorDefinition == null)
{
return(Task.FromResult <IActionResult>(BadRequest("Validator definition is null")));
}
if (!NamingConventions.IsValidDataType(body.ValidatorDefinition.DataType))
{
return(Task.FromResult <IActionResult>(BadRequest($"Data type '{body.ValidatorDefinition.DataType}' is not a valid name for a collection")));
}
if (body.ValidatorDefinition.ValidatorType != ValidatorType.TextRules)
{
return(Task.FromResult <IActionResult>(StatusCode((int)HttpStatusCode.Forbidden, "Currently only text rule validators are supported")));
}
if (body.ValidatorDefinition.ValidatorType == ValidatorType.Exe)
{
return(Task.FromResult <IActionResult>(StatusCode((int)HttpStatusCode.Forbidden, "Exe-validators are currently rejected because of security concerns.")));
}
var rulesetValidationResult = validatorManager.ValidateValidatorDefinition(body.ValidatorDefinition);
return(Task.FromResult <IActionResult>(new ContentResult
{
ContentType = Conventions.JsonContentType,
Content = JsonConvert.SerializeObject(rulesetValidationResult),
StatusCode = (int)HttpStatusCode.OK
}));
}
private static HttpContent ConstructSubmitValidatorBody(ValidatorDefinition validatorDefinition, bool suppressAutoApprove)
{
var submitValidatorBody = new SubmitValidatorBody(validatorDefinition)
{
SuppressAutoApprove = suppressAutoApprove
};
return(PostBodyBuilder.ConstructBody(submitValidatorBody));
}
public async Task <IActionResult> Submit([FromBody] SubmitValidatorBody body)
{
// Validate
if (body.ValidatorDefinition == null)
{
return(BadRequest("Validator definition is null"));
}
if (!NamingConventions.IsValidDataType(body.ValidatorDefinition.DataType))
{
return(BadRequest($"Data type '{body.ValidatorDefinition.DataType}' is not a valid name for a collection"));
}
if (body.ValidatorDefinition.ValidatorType != ValidatorType.TextRules)
{
return(StatusCode((int)HttpStatusCode.Forbidden, "Currently only text rule validators are supported"));
}
if (body.ValidatorDefinition.ValidatorType == ValidatorType.Exe)
{
return(StatusCode((int)HttpStatusCode.Forbidden, "Exe-validators are currently rejected because of security concerns."));
}
var definitionValidationResult = validatorManager.ValidateValidatorDefinition(body.ValidatorDefinition);
if (!definitionValidationResult.IsValid)
{
return(new ContentResult
{
ContentType = Conventions.JsonContentType,
Content = JsonConvert.SerializeObject(definitionValidationResult),
StatusCode = (int)HttpStatusCode.BadRequest
});
}
// Authroize
var loggedInUsername = UsernameNormalizer.Normalize(HttpContext.User.Identity.Name);
var authorizationResult = await authorizationModule.AuthorizeAsync(
new AddValidatorResourceDescription(body.ValidatorDefinition.DataType),
loggedInUsername);
if (!authorizationResult.IsAuthorized)
{
return(StatusCode((int)HttpStatusCode.Unauthorized, "Not authorized"));
}
// Ensure that submitter is equal to the current user
body.ValidatorDefinition.Submitter = authorizationResult.User.UserName;
body.ValidatorDefinition.SubmitterEmail = authorizationResult.User.Email;
if (body.ValidatorDefinition.IsApproved && !authorizationResult.User.Roles.Contains(Role.Admin))
{
body.ValidatorDefinition.IsApproved = false;
}
try
{
validatorManager.AddValidatorDefinition(body.ValidatorDefinition, body.SuppressAutoApprove);
apiEventLogger.Log(LogLevel.Info, $"User '{authorizationResult.User.UserName}' "
+ $"added validator for type '{body.ValidatorDefinition.DataType}' "
+ $"with ID '{body.ValidatorDefinition.Id}'");
return(Ok());
}
catch (DocumentAlreadyExistsException)
{
return(Conflict($"Validator with ID '{body.ValidatorDefinition.Id}' for type '{body.ValidatorDefinition.DataType}' already exists"));
}
catch (Exception e)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, e.Message));
}
}
