public async Task <FilesInfo> GetAttachmentsAndDocumentReferences(
int artifactId,
int?versionId = null,
int?subArtifactId = null,
bool addDrafts = true,
int?baselineId = null)
{
if (artifactId < 1 || (subArtifactId.HasValue && subArtifactId.Value < 1) || (versionId != null && baselineId != null))
{
throw new BadRequestException();
}
if (addDrafts && versionId != null)
{
addDrafts = false;
}
var userId = Session.UserId;
var itemId = subArtifactId.HasValue ? subArtifactId.Value : artifactId;
var isDeleted = await ArtifactVersionsRepository.IsItemDeleted(itemId);
var itemInfo = isDeleted && (versionId != null || baselineId != null) ?
(await ArtifactVersionsRepository.GetDeletedItemInfo(itemId)) :
(await ArtifactPermissionsRepository.GetItemInfo(itemId, userId, addDrafts));
if (itemInfo == null)
{
throw new ResourceNotFoundException("You have attempted to access an item that does not exist or you do not have permission to view.",
subArtifactId.HasValue ? ErrorCodes.SubartifactNotFound : ErrorCodes.ArtifactNotFound);
}
if (subArtifactId.HasValue && itemInfo.ArtifactId != artifactId)
{
throw new BadRequestException("Please provide a proper subartifact Id");
}
var result = await AttachmentsRepository.GetAttachmentsAndDocumentReferences(artifactId, userId, versionId, subArtifactId, addDrafts, baselineId);
var artifactIds = new List <int> {
artifactId
};
foreach (var documentReference in result.DocumentReferences)
{
artifactIds.Add(documentReference.ArtifactId);
}
var permissions = await ArtifactPermissionsRepository.GetArtifactPermissions(artifactIds, userId);
if (!SqlArtifactPermissionsRepository.HasPermissions(artifactId, permissions, RolePermissions.Read))
{
throw new AuthorizationException("You do not have permission to access the artifact");
}
var docRef = result.DocumentReferences.ToList();
foreach (var documentReference in docRef)
{
if (!SqlArtifactPermissionsRepository.HasPermissions(documentReference.ArtifactId, permissions, RolePermissions.Read))
{
result.DocumentReferences.Remove(documentReference);
}
}
return(result);
}
public async Task <ReviewRelationshipsResultSet> GetReviewRelationships(int artifactId, int userId, bool addDrafts = true, int?versionId = null)
{
var revisionId = await _itemInfoRepository.GetRevisionId(artifactId, userId, versionId);
var reviewType = new List <int> {
(int)LinkType.ReviewPackageReference
};
var reviewLinks = (await GetLinkInfo(artifactId, userId, addDrafts, revisionId, reviewType)).ToList();
var result = new ReviewRelationshipsResultSet {
};
if (reviewLinks != null)
{
var distinctReviewIds = reviewLinks.Select(a => a.SourceItemId).Distinct().ToList();
var reviewIdsWithAccess = new List <int>();
var reviewPermissions = await _artifactPermissionsRepository.GetArtifactPermissions(distinctReviewIds, userId);
foreach (var reviewId in distinctReviewIds)
{
if (SqlArtifactPermissionsRepository.HasPermissions(reviewId, reviewPermissions, RolePermissions.Read))
{
reviewIdsWithAccess.Add(reviewId);
}
}
var itemDetailsDictionary = (await _itemInfoRepository.GetItemsDetails(userId, reviewIdsWithAccess, true, revisionId))
.ToDictionary(a => a.HolderId);
var itemRawDataDictionary = (await _itemInfoRepository.GetItemsRawDataCreatedDate(userId, reviewIdsWithAccess, true, revisionId))
.ToDictionary(a => a.ItemId);
var referencedReviewArtifacts = new List <ReferencedReviewArtifact>();
ItemRawDataCreatedDate itemRawDataCreatedDate;
ItemDetails itemDetails;
foreach (var reviewId in reviewIdsWithAccess)
{
if ((itemRawDataDictionary.TryGetValue(reviewId, out itemRawDataCreatedDate)) && (itemDetailsDictionary.TryGetValue(reviewId, out itemDetails)))
{
var status = ReviewRawDataHelper.ExtractReviewStatus(itemRawDataCreatedDate.RawData);
referencedReviewArtifacts.Add(new ReferencedReviewArtifact
{
ItemId = reviewId,
Status = status,
CreatedDate = itemRawDataCreatedDate.CreatedDateTime,
ItemName = itemDetails.Name,
ItemTypePrefix = itemDetails.Prefix
});
}
}
result.ReviewArtifacts = referencedReviewArtifacts;
}
return(result);
}
private void ApplyRelationshipPermissions(Dictionary <int, RolePermissions> permissions, List <Relationship> relationships)
{
foreach (var relationship in relationships)
{
if (!SqlArtifactPermissionsRepository.HasPermissions(relationship.ArtifactId, permissions, RolePermissions.Read))
{
MakeRelationshipUnauthorized(relationship);
}
if ((SqlArtifactPermissionsRepository.HasPermissions(relationship.ArtifactId, permissions, RolePermissions.Trace) &&
SqlArtifactPermissionsRepository.HasPermissions(relationship.ArtifactId, permissions, RolePermissions.Edit)) == false)
{
relationship.ReadOnly = true;
}
}
}
public async Task <ReviewRelationshipsResultSet> GetReviewRelationships(int artifactId, bool addDrafts = true, int?versionId = null)
{
var userId = Session.UserId;
if (artifactId < 1 || versionId.HasValue && versionId.Value < 1)
{
throw new BadRequestException();
}
if (addDrafts && versionId != null)
{
addDrafts = false;
}
var isDeleted = await _artifactVersionsRepository.IsItemDeleted(artifactId);
var itemInfo = isDeleted && versionId != null ?
await _artifactVersionsRepository.GetDeletedItemInfo(artifactId) :
await _artifactPermissionsRepository.GetItemInfo(artifactId, userId, addDrafts);
if (itemInfo == null)
{
throw new ResourceNotFoundException();
}
// We do not need drafts for historical artifacts
var effectiveAddDraft = !versionId.HasValue && addDrafts;
var result = await _relationshipsRepository.GetReviewRelationships(artifactId, userId, effectiveAddDraft, versionId);
var artifactIds = new List <int> {
artifactId
};
var permissions = await _artifactPermissionsRepository.GetArtifactPermissions(artifactIds, userId);
if (!SqlArtifactPermissionsRepository.HasPermissions(artifactId, permissions, RolePermissions.Read))
{
throw new AuthorizationException("You do not have permission to access the artifact");
}
return(result);
}
public async Task <RelationshipExtendedInfo> GetRelationshipDetails(int artifactId, int?subArtifactId = null)
{
var userId = Session.UserId;
if (artifactId < 1)
{
throw new BadRequestException();
}
var isDeleted = await _artifactVersionsRepository.IsItemDeleted(artifactId);
var artifactInfo = isDeleted ?
await _artifactVersionsRepository.GetDeletedItemInfo(artifactId) :
await _artifactPermissionsRepository.GetItemInfo(artifactId, userId);
if (artifactInfo == null && !isDeleted) // artifact might have been deleted in draft only
{
artifactInfo = await _artifactPermissionsRepository.GetItemInfo(artifactId, userId, false);
}
if (artifactInfo == null)
{
throw new ResourceNotFoundException("You have attempted to access an item that does not exist or you do not have permission to view.",
ErrorCodes.ArtifactNotFound);
}
var itemIds = new List <int> {
artifactId
};
var permissions = await _artifactPermissionsRepository.GetArtifactPermissions(itemIds, userId);
if (!SqlArtifactPermissionsRepository.HasPermissions(artifactId, permissions, RolePermissions.Read))
{
throw new AuthorizationException("You do not have permission to access the artifact");
}
return(await _relationshipsRepository.GetRelationshipExtendedInfo(artifactId, userId, subArtifactId, isDeleted));
}
public async Task <RelationshipResultSet> GetRelationships(
int artifactId,
int?subArtifactId = null,
bool addDrafts = true,
int?versionId = null,
int?baselineId = null,
bool?allLinks = null)
{
var userId = Session.UserId;
if (artifactId < 1 || (subArtifactId.HasValue && subArtifactId.Value < 1) ||
versionId.HasValue && versionId.Value < 1 || (versionId != null && baselineId != null))
{
throw new BadRequestException();
}
if (addDrafts && versionId != null)
{
addDrafts = false;
}
var itemId = subArtifactId ?? artifactId;
var isDeleted = await _artifactVersionsRepository.IsItemDeleted(itemId);
var itemInfo = isDeleted && (versionId != null || baselineId != null) ?
await _artifactVersionsRepository.GetDeletedItemInfo(itemId) :
await _artifactPermissionsRepository.GetItemInfo(itemId, userId, addDrafts);
if (itemInfo == null)
{
throw new ResourceNotFoundException("You have attempted to access an item that does not exist or you do not have permission to view.",
subArtifactId.HasValue ? ErrorCodes.SubartifactNotFound : ErrorCodes.ArtifactNotFound);
}
if (subArtifactId.HasValue && itemInfo.ArtifactId != artifactId)
{
throw new BadRequestException("Please provide a proper subartifact Id");
}
// We do not need drafts for historical artifacts
var effectiveAddDraft = !versionId.HasValue && addDrafts;
var result = await _relationshipsRepository.GetRelationships(artifactId, userId, subArtifactId, effectiveAddDraft, allLinks.GetValueOrDefault(), versionId, baselineId);
var artifactIds = new List <int> {
artifactId
};
artifactIds = artifactIds.Union(result.ManualTraces.Select(a => a.ArtifactId)).Union(result.OtherTraces.Select(a => a.ArtifactId)).Distinct().ToList();
var permissions = await _artifactPermissionsRepository.GetArtifactPermissions(artifactIds, userId);
if (!SqlArtifactPermissionsRepository.HasPermissions(artifactId, permissions, RolePermissions.Read))
{
throw new AuthorizationException("You do not have permission to access the artifact");
}
ApplyRelationshipPermissions(permissions, result.ManualTraces);
ApplyRelationshipPermissions(permissions, result.OtherTraces);
result.CanEdit = SqlArtifactPermissionsRepository.HasPermissions(artifactId, permissions, RolePermissions.Trace) && SqlArtifactPermissionsRepository.HasPermissions(artifactId, permissions, RolePermissions.Edit);
return(result);
}
