public EntityDecisionController()
{
Get("/api/v1/entity/decisions/active/get", _ => {
var rules = new List <IValidatorRule>()
{
new ShouldHaveParameters(new[] { "entity_guid", "entity_type" }),
new EntityShouldExist("entity_guid", "entity_type"),
new ShouldBeCorrectEnumValue("entity_type", typeof(EntityType)),
};
var errors = ValidationProcessor.Process(Request, rules, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
var entityType = (EntityType)GetRequestEnum("entity_type", typeof(EntityType));
var entityId = EntityUtils.GetEntityId(GetRequestStr("entity_guid"), entityType);
var decisions = EntityDecisionRepository.GetActive(entityId, entityType);
return(HttpResponse.Item("decisions", new DecisionTransformer().Many(decisions)));
});
}
public EntityPermissionsController()
{
Get("/api/v1/entity/permissions/get", _ => {
var errors = ValidationProcessor.Process(Request, new IValidatorRule[] {
new ShouldHaveParameters(new[] { "entity_guid", "entity_type" }),
new ShouldBeCorrectEnumValue("entity_type", typeof(EntityType)),
new EntityShouldExist(),
}, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
var me = UserRepository.Find(CurrentRequest.UserId);
var entityType = (EntityType)GetRequestEnum("entity_type", typeof(EntityType));
var entityId = EntityUtils.GetEntityId(GetRequestStr("entity_guid"), entityType);
if (!PermissionUtils.HasEntityPermission(me, entityId, entityType))
{
return(HttpResponse.Item("permissions", new JArray()
{
}));
}
return(HttpResponse.Item("permissions", new JArray()
{
"read", "write"
}));
});
}
public static ProjectTeamMemberModel FindByProjectAndUser(string projectGuid, string userGuid)
{
var user = UserRepository.FindByGuid(userGuid);
return(ProjectTeamMemberModel.Find(
ProjectRepository.Find(EntityUtils.GetEntityId(projectGuid, EntityType.Project)), user
));
}
public static bool HasEntityPermission(User user, string entityGuid, EntityType entityType)
{
return(HasEntityPermission(
user,
EntityUtils.GetEntityId(entityGuid, entityType),
entityType
));
}
public HttpError Process(Request request)
{
var entityType = (EntityType)Enum.Parse(typeof(EntityType), (string)request.Query[_typeParameter]);
var entityId = EntityUtils.GetEntityId((string)request.Query[Parameter], entityType);
return(InvoiceUtils.ActiveInvoiceExists(_user, entityId, entityType)
? new HttpError(HttpStatusCode.Forbidden, $"Invoice for same {entityType.ToString()} already exists")
: null);
}
// TODO: add auth for getting user balance?
public FundingBalanceController()
{
Get("/api/v1/entity/funding/balances/get", _ => {
var errors = ValidationProcessor.Process(Request, new IValidatorRule[] {
new ShouldHaveParameters(new[] { "entity_guid", "entity_type" }),
new ShouldBeCorrectEnumValue("entity_type", typeof(EntityType)),
new EntityShouldExist(),
}, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
var entityType = (EntityType)GetRequestEnum("entity_type", typeof(EntityType));
var entityId = EntityUtils.GetEntityId(GetRequestStr("entity_guid"), entityType);
var balances = FundingBalanceRepository.Get(entityId, entityType);
return(HttpResponse.Item("balances", new FundingBalanceTransformer().Many(balances)));
});
}
public EntityDecisionCrudController()
{
// Options should be a valid json array ex. "['option 1', 'option2']"
Post("/api/v1/entity/decision/create", _ => {
var rules = new List <IValidatorRule>()
{
new ShouldHaveParameters(new[] {
"entity_guid", "entity_type", "title", "content", "deadline", "options"
}),
new MinLength("title", 3),
new MinLength("content", 10),
new ShouldBeCorrectEnumValue("entity_type", typeof(EntityType)),
new EntityShouldExist()
};
var errors = ValidationProcessor.Process(Request, rules, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
JArray options;
try {
options = JArray.Parse(GetRequestStr("options"));
}
catch (Exception e) {
return(HttpResponse.Error(
HttpStatusCode.UnprocessableEntity,
"For options please provide a valid JSON array"
));
}
var entityType = (EntityType)GetRequestEnum("entity_type", typeof(EntityType));
var entityId = EntityUtils.GetEntityId(GetRequestStr("entity_guid"), entityType);
if (entityType != EntityType.Project || entityType != EntityType.Board)
{
}
var deadline = DateTime.Parse(GetRequestStr("deadline"));
var minDeadline = DateTime.Now.AddDays(1);
if (deadline < minDeadline)
{
return(HttpResponse.Error(
HttpStatusCode.UnprocessableEntity,
"Deadline cannot be earlier than 1 day : " + minDeadline
));
}
var me = UserRepository.Find(CurrentRequest.UserId);
if (PermissionUtils.HasEntityPermission(me, entityId, entityType))
{
return(HttpResponse.Error(
HttpStatusCode.Unauthorized,
"You don't have decision edit access"
));
}
var decision = EntityDecisionRepository.Create(
me,
entityId,
entityType,
GetRequestStr("title"),
GetRequestStr("content"),
deadline
);
int optionOrder = 1;
foreach (var option in options)
{
EntityDecisionOptionRepository.Create(decision, option.Value <string>(), optionOrder);
optionOrder++;
if (optionOrder > 10)
{
break;
}
}
return(HttpResponse.Item(
"decision", new DecisionTransformer().Transform(decision), HttpStatusCode.Created
));
});
Patch("/api/v1/entity/decision/edit", _ => {
var rules = new List <IValidatorRule>()
{
new ShouldHaveParameters(new[] { "decision_guid" }),
new ExistsInTable("decision_guid", "entity_decisions", "guid")
};
var errors = ValidationProcessor.Process(Request, rules, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
var me = UserRepository.Find(CurrentRequest.UserId);
var decision = EntityDecisionRepository.FindByGuid(GetRequestStr("decision_guid"));
if (me.id != decision.creator_id)
{
return(HttpResponse.Error(HttpStatusCode.Unauthorized, "Only creator can update this decision"));
}
if (GetRequestStr("new_status") != "")
{
var newStatus = (DecisionStatus)GetRequestEnum("new_status", typeof(DecisionStatus));
switch (newStatus)
{
case DecisionStatus.Canceled:
decision.UpdateStatus(DecisionStatus.Canceled);
break;
case DecisionStatus.Open:
case DecisionStatus.Closed:
return(HttpResponse.Error(HttpStatusCode.Unauthorized, "You cannot set this status"));
}
}
decision = decision.Refresh();
return(HttpResponse.Item("decision", new DecisionTransformer().Transform(decision)));
});
Delete("/api/v1/entity/decision/delete", _ => {
var rules = new List <IValidatorRule>()
{
new ShouldHaveParameters(new[] { "decision_guid" }),
new ExistsInTable("decision_guid", "entity_decisions", "guid")
};
var errors = ValidationProcessor.Process(Request, rules, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
var me = UserRepository.Find(CurrentRequest.UserId);
var decision = EntityDecisionRepository.FindByGuid(GetRequestStr("decision_guid"));
if (me.id != decision.creator_id)
{
return(HttpResponse.Error(HttpStatusCode.Unauthorized, "Only creator can update this decision"));
}
decision.Delete();
return(HttpResponse.Item("decision", new DecisionTransformer().Transform(decision)));
});
}
public ProjectProductCrudController()
{
Post("/api/v1/project/product/new", _ => {
var projectGuid = GetRequestStr("project_guid");
var me = UserRepository.Find(CurrentRequest.UserId);
var errors = ValidationProcessor.Process(Request, new IValidatorRule[] {
new ShouldHaveParameters(new[] { "project_guid", "name", "description", "usd_price", "use_url" }),
new ExistsInTable("project_guid", "projects", "guid"),
new HasPermission(me, EntityUtils.GetEntityId(projectGuid, EntityType.Project), EntityType.Project)
});
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
var price = Convert.ToDecimal(GetRequestStr("usd_price"));
int priceInPennies = (int)(price * 100);
if (priceInPennies < 50)
{
return(HttpResponse.Error(
HttpStatusCode.UnprocessableEntity, "Price cannot be less than 0.5 USD"
));
}
var project = ProjectRepository.FindByGuid(GetRequestStr("project_guid"));
var product = ProjectProductRepository.Create(
project, GetRequestStr("name"),
GetRequestStr("description"),
GetRequestStr("url"),
GetRequestStr("use_url")
);
if (!String.IsNullOrEmpty(GetRequestStr("duration_hours")))
{
product.UpdateCol("duration_hours", GetRequestInt("duration_hours"));
}
product.UpdateCol("usd_price_pennies", priceInPennies);
return(HttpResponse.Item(
"product", new ProjectProductTransformer().Transform(product.Refresh()),
HttpStatusCode.Created
));
});
// TODO: ???
// Patch("/api/v1/project/product/edit", _ => {
// var me = UserRepository.Find(CurrentRequest.UserId);
//
// var product = ProjectProductRepository.FindByGuid(GetRequestStr("product_guid"));
//
// var errors = ValidationProcessor.Process(Request, new IValidatorRule[] {
// new ShouldHaveParameters(new[] {"product_guid"}),
// new ExistsInTable("product_guid", "project_products", "guid"),
// new HasPermission(me, product.project_id, EntityType.Project)
// }, true);
// if (errors.Count > 0) return HttpResponse.Errors(errors);
//
// if (!String.IsNullOrEmpty(GetRequestStr("name"))) {
// product.UpdateCol("name", GetRequestStr("name"));
// }
//
// if (!String.IsNullOrEmpty(GetRequestStr("description"))) {
// product.UpdateCol("description", GetRequestStr("description"));
// }
//
// if (!String.IsNullOrEmpty(GetRequestStr("url"))) {
// product.UpdateCol("url", GetRequestStr("url"));
// }
//
// if (!String.IsNullOrEmpty(GetRequestStr("set_url"))) {
// product.UpdateCol("set_url", GetRequestStr("set_url"));
// }
//
// if (!String.IsNullOrEmpty(GetRequestStr("usd_price"))) {
// var price = Convert.ToDecimal(GetRequestStr("usd_price"));
// int priceInPennies = (int) (price * 100);
//
// product.UpdateCol("usd_price_pennies", priceInPennies);
// }
//
// if (!String.IsNullOrEmpty(GetRequestStr("duration_hours"))) {
// product.UpdateCol("duration_hours", GetRequestInt("duration_hours"));
// }
//
// return HttpResponse.Item("product", new ProjectProductTransformer().Transform(product.Refresh()));
// });
Delete("/api/v1/project/product/delete", _ => {
var me = UserRepository.Find(CurrentRequest.UserId);
var product = ProjectProductRepository.FindByGuid(GetRequestStr("product_guid"));
var errors = ValidationProcessor.Process(Request, new IValidatorRule[] {
new ShouldHaveParameters(new[] { "product_guid" }),
new ExistsInTable("product_guid", "project_products", "guid"),
new HasPermission(me, product?.project_id ?? 0, EntityType.Project)
}, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
if (product != null && product.UsersCount() > 0)
{
return(HttpResponse.Error(HttpStatusCode.Forbidden, "You cannot delete product owned by others"));
}
product?.Delete();
return(HttpResponse.Item("product", new ProjectProductTransformer().Transform(product)));
});
}
public InvoiceController()
{
Post("/api/v1/invoice/new", _ => {
var me = DL.Model.User.User.Find(CurrentRequest.UserId);
var errors = ValidationProcessor.Process(Request, new IValidatorRule[] {
new ShouldHaveParameters(new[] { "entity_guid", "entity_type", "amount", "currency_type" }),
new ShouldBeCorrectEnumValue("entity_type", typeof(EntityType)),
new ShouldBeCorrectEnumValue("currency_type", typeof(CurrencyType)),
new EntityShouldExist(),
new UserActiveInvoicesLimit(me, InvoiceConfig.UserActiveInvoicesLimit),
}, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
var entityType = (EntityType)GetRequestEnum("entity_type", typeof(EntityType));
var currencyType = (CurrencyType)GetRequestEnum("currency_type", typeof(CurrencyType));
var wallet = CurrencyWalletRepository.FindRandom(currencyType);
var invoice = InvoiceRepository.Create(
me,
EntityUtils.GetEntityId(GetRequestStr("entity_guid"), entityType),
entityType,
(decimal)Request.Query["amount"],
currencyType,
InvoiceStatus.Created,
wallet
);
return(HttpResponse.Item(
"invoice", new InvoiceTransformer().Transform(invoice), HttpStatusCode.Created
));
});
Get("/api/v1/me/invoice/get", _ => {
var me = UserRepository.Find(CurrentRequest.UserId);
var errors = ValidationProcessor.Process(Request, new IValidatorRule[] {
new ShouldHaveParameters(new[] { "invoice_guid" }),
new ExistsInTable("invoice_guid", "invoices", "guid"),
new StringShouldBeSameInDb(
"invoice_guid", "invoices", "guid", "user_id", me.id.ToString()
)
}, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
return(HttpResponse.Item("invoice", new InvoiceTransformer().Transform(
InvoiceRepository.FindByGuid(GetRequestStr("invoice_guid"))
)));
});
Get("/api/v1/me/invoices/finished", _ => {
var me = UserRepository.Find(CurrentRequest.UserId);
var invoices = DL.Model.Funding.Invoice.GetForUserByStatuses(me, new [] {
InvoiceStatus.Confirmed, InvoiceStatus.Failed, InvoiceStatus.Done
});
return(HttpResponse.Item("invoices", new InvoiceTransformer().Many(invoices)));
});
Get("/api/v1/me/invoices/active", _ => {
var me = UserRepository.Find(CurrentRequest.UserId);
var invoices = DL.Model.Funding.Invoice.GetActiveForUser(me, 25);
return(HttpResponse.Item("invoices", new InvoiceTransformer().Many(invoices)));
});
Patch("/api/v1/me/invoice/status/update", _ => {
var me = UserRepository.Find(CurrentRequest.UserId);
var errors = ValidationProcessor.Process(Request, new IValidatorRule[] {
new ShouldHaveParameters(new[] { "invoice_guid", "status" }),
new ExistsInTable("invoice_guid", "invoices", "guid"),
new ShouldBeCorrectEnumValue("status", typeof(InvoiceStatus)),
new StringShouldBeSameInDb(
"invoice_guid", "invoices", "guid", "user_id", me.id.ToString()
)
}, true);
if (errors.Count > 0)
{
return(HttpResponse.Errors(errors));
}
var newStatus = (InvoiceStatus)GetRequestEnum("status", typeof(InvoiceStatus));
var invoice = InvoiceRepository.FindByGuid(GetRequestStr("invoice_guid"));
if (invoice.status != InvoiceStatus.Created)
{
return(HttpResponse.Error(new HttpError(HttpStatusCode.Forbidden, "Cannot update invoice with this status")));
}
var availableStatuses = new[] { InvoiceStatus.Failed, InvoiceStatus.RequiresConfirmation };
if (!availableStatuses.Contains(newStatus))
{
return(HttpResponse.Error(new HttpError(HttpStatusCode.Forbidden, "This status is not allowed")));
}
InvoiceRepository.UpdateStatus(invoice, newStatus);
return(HttpResponse.Item("invoice", new InvoiceTransformer().Transform(invoice.Refresh())));
});
}
