/// <summary>
/// Checks for xss attacks in an object
/// </summary>
/// <param name="checkObject">Object to check</param>
private void CheckXssForObject(T checkObject)
{
foreach (FlexField curField in checkObject.Fields)
{
_xssChecker.CheckXss(curField.Value);
}
}
public async Task <IActionResult> CreatePage([FromBody] PageRequest page)
{
if (string.IsNullOrEmpty(page.Name))
{
return(StatusCode((int)HttpStatusCode.BadRequest));
}
_xssChecker.CheckXss(page.Name);
_xssChecker.CheckXss(page.Content);
try
{
GoNorthProject project = await _projectDbAccess.GetDefaultProject();
KirjaPage newPage = new KirjaPage();
newPage.ProjectId = project.Id;
newPage.Name = page.Name;
newPage.Content = page.Content;
newPage.Attachments = new List <KirjaPageAttachment>();
_pageParserService.ParsePage(newPage);
await this.SetModifiedData(_userManager, newPage);
newPage = await _pageDbAccess.CreatePage(newPage);
await SaveVersionOfPage(newPage);
await _timelineService.AddTimelineEntry(TimelineEvent.KirjaPageCreated, newPage.Name, newPage.Id);
return(Ok(newPage));
}
catch (Exception ex)
{
_logger.LogError(ex, "Could not create page {0}", page.Name);
return(StatusCode((int)HttpStatusCode.InternalServerError));
}
}
public async Task <IActionResult> CreateTaskGroup(string boardId, [FromBody] TaskGroup group)
{
// Validate Data
if (string.IsNullOrEmpty(boardId) || string.IsNullOrEmpty(group.Name))
{
return(StatusCode((int)HttpStatusCode.BadRequest));
}
_xssChecker.CheckXss(group.Name);
_xssChecker.CheckXss(group.Description);
// Get Task Board
TaskBoard updatedTaskBoard = await _taskBoardDbAccess.GetTaskBoardById(boardId);
if (updatedTaskBoard == null)
{
return(StatusCode((int)HttpStatusCode.NotFound));
}
// Create Task Group
TaskGroup newGroup = new TaskGroup();
newGroup.Id = Guid.NewGuid().ToString();
newGroup.TaskNumber = await _taskNumberDbAccess.GetNextTaskNumber(updatedTaskBoard.ProjectId);
newGroup.Name = group.Name;
newGroup.Description = group.Description;
newGroup.Status = group.Status;
newGroup.AssignedTo = group.AssignedTo;
newGroup.Tasks = new List <GoNorthTask>();
await this.SetModifiedData(_userManager, newGroup);
if (updatedTaskBoard.TaskGroups == null)
{
updatedTaskBoard.TaskGroups = new List <TaskGroup>();
}
updatedTaskBoard.TaskGroups.Add(newGroup);
try
{
await _taskBoardDbAccess.UpdateTaskBoard(updatedTaskBoard);
}
catch (Exception ex)
{
_logger.LogError(ex, "Could not updated task board for creating task group.");
return(StatusCode((int)HttpStatusCode.InternalServerError));
}
// Add Timeline entry
try
{
await _timelineService.AddTimelineEntry(TimelineEvent.TaskGroupCreated, updatedTaskBoard.Id, updatedTaskBoard.Name, newGroup.Name);
}
catch (Exception ex)
{
_logger.LogError(ex, "Could not create task group created timeline entry.");
return(StatusCode((int)HttpStatusCode.InternalServerError));
}
return(Ok(newGroup));
}