public void AcceptTest(SyllabusManagerUser user, Syllabus input, Syllabus output, bool expectedResult)
{
// Arrange
var dbSetMock = new Mock <DbSet <Syllabus> >();
dbSetMock
.Setup(r => r.Find(input.Id))
.Returns(input);
var syllabusService = new SyllabusService(SyllabusTestRepository.GetInMemorySyllabusContext(), null, dbSetMock.Object);
// Act
var result = syllabusService.Accept(input.Id, user);
// Assert
Assert.Equal(expectedResult, result);
Assert.Equal(output.StudentGovernmentOpinion, input.StudentGovernmentOpinion);
Assert.Equal(output.State, input.State);
Assert.Equal(output.StudentRepresentativeName, input.StudentRepresentativeName);
if (output.ApprovalDate is null)
{
Assert.Null(input.ApprovalDate);
}
else
{
Assert.NotNull(input.ApprovalDate);
}
if (output.ValidFrom is null)
{
Assert.Null(input.ValidFrom);
}
else
{
Assert.NotNull(input.ValidFrom);
}
}
/// <summary>
/// Zapisuje obiekt w najnowsze wersji
/// </summary>
/// <param name="syllabus"></param>
/// <returns></returns>
public async Task <Syllabus> Save(Syllabus syllabus, SyllabusManagerUser user)
{
Syllabus currentDocument = await _dbSet.Include(s => s.FieldOfStudy)
.Include(s => s.Specialization)
.Include(s => s.Description)
.Include(s => s.SubjectDescriptions)
.ThenInclude(sd => sd.Subject)
.Include(s => s.PointLimits)
.OrderByDescending(s => s.Version)
.FirstOrDefaultAsync(s =>
s.FieldOfStudy.Code == syllabus.FieldOfStudy.Code &&
s.Specialization.Code == syllabus.Specialization.Code &&
s.AcademicYear == syllabus.AcademicYear &&
!s.IsDeleted);
if (currentDocument is null)
{
syllabus.Version = NewVersion();
syllabus.CreationDate = DateTime.Now;
syllabus.AuthorName = user.Name;
}
else
{
if (!AreChanges(currentDocument, syllabus))
{
return(syllabus);
}
syllabus.Version = IncreaseVersion(currentDocument.Version);
}
syllabus.Id = Guid.NewGuid();
syllabus.SubjectDescriptions.ForEach(sd =>
{
sd.Id = Guid.NewGuid();
if (sd.Subject != null)
{
Data.Models.Subjects.Subject subj = _dbContext.Subjects.Find(sd.Subject.Id);
sd.Subject = subj;
}
});
syllabus.PointLimits.ForEach(pl => pl.Id = Guid.NewGuid());
syllabus.Description.Id = Guid.NewGuid();
Data.Models.FieldOfStudies.FieldOfStudy fos = _dbContext.FieldsOfStudies.Find(syllabus.FieldOfStudy.Code);
syllabus.FieldOfStudy = fos;
syllabus.Specialization = _dbContext.Specializations.Find(syllabus.Specialization.Code);
syllabus.IsDeleted = false;
await _dbSet.AddAsync(syllabus);
await _dbContext.SaveChangesAsync();
return(syllabus);
}
public static UserDTO MakeDto(this SyllabusManagerUser syllabusUser, List <string> roles)
{
return(new UserDTO
{
Email = syllabusUser.Email,
Id = syllabusUser.Id,
Roles = roles,
Name = syllabusUser.Name
});
}
public async Task <UserCredentialsModel> Login(SyllabusManagerUser user)
{
Log.Information($"Login - attempting to log in for user {user.Email}");
IList <string> roles = await _userManager.GetRolesAsync(user);
JwtSecurityToken token = MakeToken(user, roles);
return(await MakeUserCredentials(token, user));
}
private JwtSecurityToken MakeToken(SyllabusManagerUser user, IList <string> roles)
{
List <Claim> claims = MakeClaims(user, roles);
SymmetricSecurityKey signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_authOptions.Value.Secret));
return(new JwtSecurityToken(
expires: DateTime.UtcNow.AddMinutes(_authOptions.Value.Expiration),
claims: claims,
signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256)));
}
private List <Claim> MakeClaims(SyllabusManagerUser user, IList <string> roles)
{
List <Claim> claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Id),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
claims.AddRoles(roles);
return(claims);
}
public async Task <IActionResult> Login([FromBody] LoginModel loginModel)
{
SyllabusManagerUser user = await _userManager.FindByEmailAsync(loginModel.Email);
if (user == null || !await _userManager.CheckPasswordAsync(user, loginModel.Password))
{
return(NotFound());
}
return(Ok(await _authService.Login(user)));
}
public async Task <IActionResult> Reject(Guid syllabusId)
{
SyllabusManagerUser user = await AuthenticationHelper.GetAuthorizedUser(HttpContext.User, _userManager);
var result = _syllabusService.Reject(syllabusId, user);
if (!result)
{
return(BadRequest());
}
return(Ok());
}
public async Task <UserDTO> GetByEmailAsync(string email)
{
SyllabusManagerUser syllabusUser = await _dbSet.Where(u => u.Email.ToUpper() == email.ToUpper()).FirstOrDefaultAsync();
if (syllabusUser is null)
{
return(null);
}
List <string> roles = (await _userManager.GetRolesAsync(syllabusUser)).ToList();
return(syllabusUser.MakeDto(roles));
}
/// <summary>
/// Zapisuje obiekt w najnowszej wersji ale jako inny obiekt o podanych parametrach
/// </summary>
/// <param name="fos"></param>
/// <param name="spec"></param>
/// <param name="year"></param>
/// <param name="syllabus"></param>
/// <returns></returns>
public async Task <Syllabus> SaveAs(string fosCode, string specCode, string academicYear, Syllabus syllabus,
SyllabusManagerUser user)
{
Syllabus currentSyllabus = await Latest(fosCode, specCode, academicYear);
currentSyllabus.ThesisCourse = syllabus.ThesisCourse;
currentSyllabus.Description = syllabus.Description;
currentSyllabus.IntershipType = syllabus.IntershipType;
currentSyllabus.OpinionDeadline = syllabus.OpinionDeadline;
currentSyllabus.ScopeOfDiplomaExam = syllabus.ScopeOfDiplomaExam;
currentSyllabus.PointLimits = syllabus.PointLimits;
return(await Save(currentSyllabus, user));
}
public bool Reject(Guid syllabusId, SyllabusManagerUser user)
{
var document = _dbSet.Find(syllabusId);
if (document.State == State.SentToAcceptance)
{
document.StudentGovernmentOpinion = Option.Rejected;
document.StudentRepresentativeName = user.Name;
document.State = State.Rejected;
_dbContext.SaveChanges();
return(true);
}
return(false);
}
public async Task <UserDTO> AddAsync(UserDTO user)
{
UserDTO dbUser = await GetByEmailAsync(user.Email);
if (dbUser != null)
{
return(null);
}
SyllabusManagerUser syllabusUser = user.MakeSyllabusManagerUser();
await _userManager.CreateAsync(syllabusUser, "S4#SAX@2WqS?mkr&");
await _userManager.AddToRolesAsync(syllabusUser, user.Roles);
return((await _userManager.FindByEmailAsync(user.Email)).MakeDto(user.Roles));
}
public async Task AdminValidationTest(SyllabusManagerUser user, SyllabusManagerUser inputUser, List <string> roles, bool expectedResult)
{
// Arrange
var store = new Mock <IUserStore <SyllabusManagerUser> >();
var userManagerMock = new Mock <UserManager <SyllabusManagerUser> >(store.Object, null, null, null, null, null, null, null, null);
userManagerMock
.Setup(r => r.GetRolesAsync(inputUser ?? user))
.ReturnsAsync(roles);
// Act
var actualResult = await AuthorizationHelper.CheckIfAdmin(user, userManagerMock.Object);
// Assert
Assert.Equal(expectedResult, actualResult);
}
public async Task <List <FieldOfStudy> > GetAllMy(SyllabusManagerUser user)
{
var all = await _dbSet.Where(e => !e.IsDeleted)
.Include(fos => fos.Specializations)
.Include(fos => fos.Supervisor)
.Where(f => f.Supervisor.Id == user.Id)
.AsNoTracking()
.ToListAsync();
return(all.Select(f =>
{
f.Specializations = f.Specializations.Where(s => !s.IsDeleted).ToList();
return f;
})
.ToList());
}
public async Task <UserDTO> RegisterUser(RegistrationModel registrationModel)
{
Log.Information($"RegisterUser - attempting for: {registrationModel.Email}");
SyllabusManagerUser syllabusUser = new SyllabusManagerUser
{
Name = $"{registrationModel.Name} {registrationModel.Surname}",
Email = registrationModel.Email
};
await _userManager.CreateAsync(syllabusUser, registrationModel.Password);
await _userManager.AddToRolesAsync(syllabusUser, registrationModel.Roles);
List <string> roles = (await _userManager.GetRolesAsync(syllabusUser)).ToList();
return(syllabusUser.MakeDto(roles));
}
public bool Accept(Guid syllabusId, SyllabusManagerUser user)
{
var document = _dbSet.Find(syllabusId);
if (document.State == State.SentToAcceptance)
{
document.StudentGovernmentOpinion = Option.Approved;
document.StudentRepresentativeName = user.Name;
document.State = State.Approved;
document.ApprovalDate = DateTime.Now;
document.ValidFrom = DateTime.Now;
_dbContext.SaveChanges();
return(true);
}
return(false);
}
public async Task <IActionResult> Save([FromBody] Syllabus syllabus)
{
if (!await CheckIfUserIsFosSupervisor(syllabus.FieldOfStudy.Code))
{
return(Forbid());
}
SyllabusManagerUser user = await AuthenticationHelper.GetAuthorizedUser(HttpContext.User, _userManager);
Syllabus result = await _syllabusService.Save(syllabus, user);
if (result is null)
{
return(BadRequest());
}
return(Ok(result));
}
public async Task <bool> SendToAcceptance(Syllabus syllabus, SyllabusManagerUser user)
{
if (!Verify(syllabus).Any() && syllabus.State != State.Approved)
{
var result = await Save(syllabus, user);
result.State = State.SentToAcceptance;
result.StudentGovernmentOpinion = Option.Pending;
result.StudentRepresentativeName = string.Empty;
result.OpinionDeadline = DateTime.Now.AddDays(14);
await _dbContext.SaveChangesAsync();
return(true);
}
return(false);
}
public async Task <bool> DeleteAsync(string id)
{
SyllabusManagerUser dbUser = await _dbSet.FindAsync(id);
if (dbUser == null)
{
return(false);
}
List <string> roles = (await _userManager.GetRolesAsync(dbUser)).ToList();
await _userManager.RemoveFromRolesAsync(dbUser, roles);
dbUser.Email = null;
dbUser.NormalizedEmail = null;
dbUser.PasswordHash = null;
dbUser.IsDeleted = true;
await _dbContext.SaveChangesAsync();
return(true);
}
public async Task <IActionResult> ImportFrom(Guid currentDocId,
[FromQuery] string fos,
[FromQuery] string spec,
[FromQuery] string year)
{
if (!await CheckIfUserIsFosSupervisor(currentDocId))
{
return(Forbid());
}
SyllabusManagerUser user = await AuthenticationHelper.GetAuthorizedUser(HttpContext.User, _userManager);
Syllabus result = await _syllabusService.ImportFrom(currentDocId, fos, spec, year, user);
if (result is null)
{
return(NotFound());
}
return(Ok());
}
public async Task <IActionResult> SaveAs([FromQuery] string fos,
[FromQuery] string spec,
[FromQuery] string year,
[FromBody] Syllabus syllabus)
{
if (!await CheckIfUserIsFosSupervisor(fos))
{
return(Forbid());
}
SyllabusManagerUser user = await AuthenticationHelper.GetAuthorizedUser(HttpContext.User, _userManager);
Syllabus result = await _syllabusService.SaveAs(fos, spec, year, syllabus, user);
if (result is null)
{
return(BadRequest());
}
return(Ok());
}
/// <summary>
/// Pobiera najnowszą wersję z obiektu o podanych parametrach i zapisuje jej kopię jako najnowsza wersja obiektu
/// </summary>
/// <param name="currentDocId"></param>
/// <param name="fos"></param>
/// <param name="spec"></param>
/// <param name="year"></param>
/// <returns></returns>
public async Task <Syllabus> ImportFrom(Guid currentDocId, string fosCode, string specCode, string academicYear,
SyllabusManagerUser user)
{
Syllabus currentSyllabus = await _dbSet.AsNoTracking()
.Include(s => s.FieldOfStudy)
.Include(s => s.Specialization)
.Include(s => s.SubjectDescriptions)
.ThenInclude(sd => sd.Subject)
.Include(s => s.Description)
.Include(s => s.PointLimits)
.FirstOrDefaultAsync(s =>
s.Id == currentDocId &&
!s.IsDeleted);
Syllabus syllabus = await _dbSet.AsNoTracking()
.Include(s => s.FieldOfStudy)
.Include(s => s.Specialization)
.Include(s => s.SubjectDescriptions)
.ThenInclude(sd => sd.Subject)
.Include(s => s.Description)
.Include(s => s.PointLimits)
.FirstOrDefaultAsync(s =>
s.FieldOfStudy.Code == fosCode &&
s.AcademicYear == academicYear &&
s.Specialization.Code == specCode &&
!s.IsDeleted);
if (currentSyllabus is null || syllabus?.FieldOfStudy is null || syllabus.Specialization is null)
{
return(null);
}
currentSyllabus.ThesisCourse = syllabus.ThesisCourse;
currentSyllabus.Description = syllabus.Description;
currentSyllabus.IntershipType = syllabus.IntershipType;
currentSyllabus.OpinionDeadline = syllabus.OpinionDeadline;
currentSyllabus.ScopeOfDiplomaExam = syllabus.ScopeOfDiplomaExam;
currentSyllabus.PointLimits = syllabus.PointLimits;
return(await Save(currentSyllabus, user));
}
public async Task <UserDTO> AddOrUpdateAsync(UserDTO user)
{
SyllabusManagerUser dbUser = await _dbSet.FindAsync(user.Id);
if (dbUser == null)
{
return(await AddAsync(user));
}
List <string> roles = (await _userManager.GetRolesAsync(dbUser)).ToList();
await _userManager.RemoveFromRolesAsync(dbUser, roles);
await _userManager.AddToRolesAsync(dbUser, user.Roles);
_dbContext.Entry(dbUser).CurrentValues.SetValues(user);
dbUser.NormalizedEmail = user.Email.ToUpper();
await _dbContext.SaveChangesAsync();
roles = (await _userManager.GetRolesAsync(dbUser)).ToList();
return(dbUser.MakeDto(roles));
}
public static async Task SetRolesAndAccounts(this IServiceCollection services)
{
ServiceProvider serviceProvider = services.BuildServiceProvider();
RoleManager <IdentityRole> roleManager = serviceProvider.GetRequiredService <RoleManager <IdentityRole> >();
UserManager <SyllabusManagerUser> userManager = serviceProvider.GetRequiredService <UserManager <SyllabusManagerUser> >();
foreach (string roleName in UsersRoles.All)
{
bool roleExist = await roleManager.RoleExistsAsync(roleName);
if (!roleExist)
{
await roleManager.CreateAsync(new IdentityRole(roleName));
}
}
SyllabusManagerUser admin = new SyllabusManagerUser()
{
Name = "admin",
UserName = "******",
Email = "*****@*****.**",
};
const string adminPassword = "******";
SyllabusManagerUser user = await userManager.FindByEmailAsync(admin.Email);
if (user == null)
{
IdentityResult result = await userManager.CreateAsync(admin, adminPassword);
if (result.Succeeded)
{
await userManager.AddToRoleAsync(admin, UsersRoles.Admin);
}
}
}
public async Task <bool> CheckIfFosSupervisor(SyllabusManagerUser user, string fosCode)
{
return(await AuthorizationHelper.CheckIfAdmin(user, _userManager) ||
_dbContext.FieldsOfStudies.Include(f => f.Supervisor)
.FirstOrDefault(f => f.Code == fosCode)?.Supervisor.Id == user.Id);
}
public async Task <bool> CheckIfFosSupervisor(SyllabusManagerUser user, Guid documentId)
{
var fosCode = GetFosCode(documentId);
return(!(fosCode is null) && await CheckIfFosSupervisor(user, fosCode));
}
private async Task <UserCredentialsModel> MakeUserCredentials(JwtSecurityToken token, SyllabusManagerUser user)
{
return(new UserCredentialsModel()
{
Token = new JwtSecurityTokenHandler().WriteToken(token),
Expiration = token.ValidTo,
Account = new AccountModel()
{
Id = user.Id,
Name = user.Name,
Email = user.Email,
Roles = await _userManager.GetRolesAsync(user)
}
});
}
public static async Task<bool> CheckIfAdmin(SyllabusManagerUser user,
UserManager<SyllabusManagerUser> userManager)
{
var roles = await userManager.GetRolesAsync(user);
return roles?.Contains(UsersRoles.Admin) ?? false;
}
public async Task <List <Subject> > GetAll(string fos, string spec, string year, SyllabusManagerUser user)
{
IEnumerable <Guid> latestIds = _dbSet.AsNoTracking()
.Include(s => s.FieldOfStudy)
.Include(s => s.Specialization)
.Where(s =>
s.FieldOfStudy.Code == fos &&
s.Specialization.Code == spec &&
s.AcademicYear == year &&
!s.IsDeleted).ToList()
.GroupBy(s => new { fos = s.FieldOfStudy.Code, spec = s.Specialization.Code, s.AcademicYear, s.Code })
.Select(g => g.OrderByDescending(s => s.Version)
.First().Id);
List <Subject> result = await _dbSet.Include(s => s.FieldOfStudy)
.ThenInclude(ss => ss.Supervisor)
.Include(s => s.Specialization)
.Include(s => s.Supervisor)
.Include(s => s.SubjectsTeachers)
.ThenInclude(st => st.Teacher)
.Where(s => latestIds.Contains(s.Id)).ToListAsync();
return(result.Select(r =>
{
r.IsSupervisor = r.Supervisor.Id == user.Id;
r.IsTeacher = r.SubjectsTeachers.Any(t => t.Teacher.Id == user.Id);
r.SubjectsTeachers = new List <SubjectTeacher>();
r.FieldOfStudy.Supervisor.SubjectsTeachers = new List <SubjectTeacher>();
return r;
}).ToList());
}
public async Task <Subject> Latest(string fos, string spec, string code, string year, SyllabusManagerUser user)
{
Subject subject = await _dbSet.Include(s => s.FieldOfStudy)
.Include(s => s.Specialization)
.Include(s => s.Supervisor)
.Include(s => s.CardEntries)
.ThenInclude(ce => ce.Entries)
.Include(s => s.LearningOutcomeEvaluations)
.Include(s => s.Lessons)
.ThenInclude(l => l.ClassForms)
.Include(s => s.Literature)
.Include(s => s.SubjectsTeachers)
.ThenInclude(st => st.Teacher)
.OrderByDescending(s => s.Version)
.FirstOrDefaultAsync(s =>
s.FieldOfStudy.Code == fos &&
s.Specialization.Code == spec &&
s.Code == code &&
s.AcademicYear == year &&
!s.IsDeleted);
if (subject != null)
{
if (subject.FieldOfStudy is null || subject.Specialization is null)
{
return(null);
}
subject.Teachers = subject.SubjectsTeachers.Select(st =>
{
st.Teacher.SubjectsTeachers = new List <SubjectTeacher>();
return(st.Teacher);
}).ToList();
subject.SubjectsTeachers = new List <SubjectTeacher>();
subject.IsSupervisor = subject.Supervisor.Id == user.Id;
subject.IsTeacher = subject.Teachers.Any(t => t.Id == user.Id);
}
return(subject);
}
