public async Task Instance_Post_WithInstantiationValidationFail() { string token = PrincipalUtil.GetToken(1337); HttpClient client = SetupUtil.GetTestClient(_factory, "tdd", "custom-validation"); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token); HttpRequestMessage httpRequestMessage = new HttpRequestMessage(HttpMethod.Post, "/tdd/custom-validation/instances?instanceOwnerPartyId=1337") { }; HttpResponseMessage response = await client.SendAsync(httpRequestMessage); string responseContent = await response.Content.ReadAsStringAsync(); InstantiationValidationResult validationResult = JsonConvert.DeserializeObject <InstantiationValidationResult>(responseContent); if (DateTime.Now.Hour < 15) { Assert.Equal(HttpStatusCode.Forbidden, response.StatusCode); Assert.False(validationResult.Valid); Assert.Equal("ERROR: Instantiation not possible before 3PM.", validationResult.Message); } else { Assert.Equal(HttpStatusCode.Created, response.StatusCode); Instance createdInstance = JsonConvert.DeserializeObject <Instance>(await response.Content.ReadAsStringAsync()); Assert.NotNull(createdInstance); Assert.Single(createdInstance.Data); Assert.Equal("default", createdInstance.Data[0].DataType); TestDataUtil.DeleteInstanceAndData("tdd", "custom-validering", 1337, new Guid(createdInstance.Id.Split('/')[1])); } }
public async Task <ActionResult <Instance> > Post( [FromRoute] string org, [FromRoute] string app, [FromQuery] int?instanceOwnerPartyId) { if (string.IsNullOrEmpty(org)) { return(BadRequest("The path parameter 'org' cannot be empty")); } if (string.IsNullOrEmpty(app)) { return(BadRequest("The path parameter 'app' cannot be empty")); } Application application = _appResourcesService.GetApplication(); if (application == null) { return(NotFound($"AppId {org}/{app} was not found")); } MultipartRequestReader parsedRequest = new MultipartRequestReader(Request); await parsedRequest.Read(); if (parsedRequest.Errors.Any()) { return(BadRequest($"Error when reading content: {JsonConvert.SerializeObject(parsedRequest.Errors)}")); } Instance instanceTemplate = await ExtractInstanceTemplate(parsedRequest); if (!instanceOwnerPartyId.HasValue && instanceTemplate == null) { return(BadRequest("Cannot create an instance without an instanceOwner.partyId. Either provide instanceOwner party Id as a query parameter or an instanceTemplate object in the body.")); } if (instanceOwnerPartyId.HasValue && instanceTemplate?.InstanceOwner?.PartyId != null) { return(BadRequest("You cannot provide an instanceOwnerPartyId as a query param as well as an instance template in the body. Choose one or the other.")); } RequestPartValidator requestValidator = new RequestPartValidator(application); string multipartError = requestValidator.ValidateParts(parsedRequest.Parts); if (!string.IsNullOrEmpty(multipartError)) { return(BadRequest($"Error when comparing content to application metadata: {multipartError}")); } if (instanceTemplate != null) { InstanceOwner lookup = instanceTemplate.InstanceOwner; if (lookup == null || lookup.PersonNumber == null && lookup.OrganisationNumber == null && lookup.PartyId == null) { return(BadRequest("Error: instanceOwnerPartyId query parameter is empty and InstanceOwner is missing from instance template. You must populate instanceOwnerPartyId or InstanceOwner")); } } else { // create minimum instance template instanceTemplate = new Instance { InstanceOwner = new InstanceOwner { PartyId = instanceOwnerPartyId.Value.ToString() } }; } Party party; try { party = await LookupParty(instanceTemplate); } catch (Exception partyLookupException) { return(NotFound($"Cannot lookup party: {partyLookupException.Message}")); } EnforcementResult enforcementResult = await AuthorizeAction(org, app, party.PartyId, "instantiate"); if (!enforcementResult.Authorized) { if (enforcementResult.FailedObligations != null && enforcementResult.FailedObligations.Count > 0) { return(StatusCode((int)HttpStatusCode.Forbidden, enforcementResult.FailedObligations)); } return(StatusCode((int)HttpStatusCode.Forbidden)); } if (!InstantiationHelper.IsPartyAllowedToInstantiate(party, application.PartyTypesAllowed)) { return(StatusCode((int)HttpStatusCode.Forbidden, $"Party {party.PartyId} is not allowed to instantiate this application {org}/{app}")); } // Run custom app logic to validate instantiation InstantiationValidationResult validationResult = await _altinnApp.RunInstantiationValidation(instanceTemplate); if (validationResult != null && !validationResult.Valid) { return(StatusCode((int)HttpStatusCode.Forbidden, validationResult)); } Instance instance; ProcessStateChange processResult; try { // start process and goto next task instanceTemplate.Process = null; string startEvent = await _altinnApp.OnInstantiateGetStartEvent(); processResult = _processService.ProcessStartAndGotoNextTask(instanceTemplate, startEvent, User); // create the instance instance = await _instanceService.CreateInstance(org, app, instanceTemplate); } catch (Exception exception) { return(ExceptionResponse(exception, $"Instantiation of appId {org}/{app} failed for party {instanceTemplate.InstanceOwner?.PartyId}")); } try { await StorePrefillParts(instance, application, parsedRequest.Parts); // get the updated instance instance = await _instanceService.GetInstance(app, org, int.Parse(instance.InstanceOwner.PartyId), Guid.Parse(instance.Id.Split("/")[1])); // notify app and store events await ProcessController.NotifyAppAboutEvents(_altinnApp, instance, processResult.Events); await _processService.DispatchProcessEventsToStorage(instance, processResult.Events); } catch (Exception exception) { return(ExceptionResponse(exception, $"Instantiation of data elements failed for instance {instance.Id} for party {instanceTemplate.InstanceOwner?.PartyId}")); } SelfLinkHelper.SetInstanceAppSelfLinks(instance, Request); string url = instance.SelfLinks.Apps; return(Created(url, instance)); }