public async Task <ActionResult <Instance> > Post(
[FromRoute] string org,
[FromRoute] string app,
[FromQuery] int?instanceOwnerPartyId)
{
if (string.IsNullOrEmpty(org))
{
return(BadRequest("The path parameter 'org' cannot be empty"));
}
if (string.IsNullOrEmpty(app))
{
return(BadRequest("The path parameter 'app' cannot be empty"));
}
Application application = _appResourcesService.GetApplication();
if (application == null)
{
return(NotFound($"AppId {org}/{app} was not found"));
}
MultipartRequestReader parsedRequest = new MultipartRequestReader(Request);
await parsedRequest.Read();
if (parsedRequest.Errors.Any())
{
return(BadRequest($"Error when reading content: {JsonConvert.SerializeObject(parsedRequest.Errors)}"));
}
Instance instanceTemplate = await ExtractInstanceTemplate(parsedRequest);
if (!instanceOwnerPartyId.HasValue && instanceTemplate == null)
{
return(BadRequest("Cannot create an instance without an instanceOwner.partyId. Either provide instanceOwner party Id as a query parameter or an instanceTemplate object in the body."));
}
if (instanceOwnerPartyId.HasValue && instanceTemplate?.InstanceOwner?.PartyId != null)
{
return(BadRequest("You cannot provide an instanceOwnerPartyId as a query param as well as an instance template in the body. Choose one or the other."));
}
RequestPartValidator requestValidator = new RequestPartValidator(application);
string multipartError = requestValidator.ValidateParts(parsedRequest.Parts);
if (!string.IsNullOrEmpty(multipartError))
{
return(BadRequest($"Error when comparing content to application metadata: {multipartError}"));
}
if (instanceTemplate != null)
{
InstanceOwner lookup = instanceTemplate.InstanceOwner;
if (lookup == null || (lookup.PersonNumber == null && lookup.OrganisationNumber == null && lookup.PartyId == null))
{
return(BadRequest("Error: instanceOwnerPartyId query parameter is empty and InstanceOwner is missing from instance template. You must populate instanceOwnerPartyId or InstanceOwner"));
}
}
else
{
// create minimum instance template
instanceTemplate = new Instance
{
InstanceOwner = new InstanceOwner {
PartyId = instanceOwnerPartyId.Value.ToString()
}
};
}
Party party;
try
{
party = await LookupParty(instanceTemplate);
}
catch (Exception partyLookupException)
{
if (partyLookupException is ServiceException)
{
ServiceException sexp = partyLookupException as ServiceException;
if (sexp.StatusCode.Equals(HttpStatusCode.Unauthorized))
{
return(StatusCode((int)HttpStatusCode.Forbidden));
}
}
return(NotFound($"Cannot lookup party: {partyLookupException.Message}"));
}
EnforcementResult enforcementResult = await AuthorizeAction(org, app, party.PartyId, null, "instantiate");
if (!enforcementResult.Authorized)
{
return(Forbidden(enforcementResult));
}
if (!InstantiationHelper.IsPartyAllowedToInstantiate(party, application.PartyTypesAllowed))
{
return(StatusCode((int)HttpStatusCode.Forbidden, $"Party {party.PartyId} is not allowed to instantiate this application {org}/{app}"));
}
// Run custom app logic to validate instantiation
InstantiationValidationResult validationResult = await _altinnApp.RunInstantiationValidation(instanceTemplate);
if (validationResult != null && !validationResult.Valid)
{
return(StatusCode((int)HttpStatusCode.Forbidden, validationResult));
}
Instance instance;
ProcessStateChange processResult;
try
{
// start process and goto next task
instanceTemplate.Process = null;
string startEvent = await _altinnApp.OnInstantiateGetStartEvent();
processResult = _processService.ProcessStartAndGotoNextTask(instanceTemplate, startEvent, User);
string userOrgClaim = User.GetOrg();
if (userOrgClaim == null || !org.Equals(userOrgClaim, StringComparison.InvariantCultureIgnoreCase))
{
instanceTemplate.Status ??= new InstanceStatus();
instanceTemplate.Status.ReadStatus = ReadStatus.Read;
}
// create the instance
instance = await _instanceService.CreateInstance(org, app, instanceTemplate);
}
catch (Exception exception)
{
return(ExceptionResponse(exception, $"Instantiation of appId {org}/{app} failed for party {instanceTemplate.InstanceOwner?.PartyId}"));
}
try
{
await StorePrefillParts(instance, application, parsedRequest.Parts);
// get the updated instance
instance = await _instanceService.GetInstance(app, org, int.Parse(instance.InstanceOwner.PartyId), Guid.Parse(instance.Id.Split("/")[1]));
// notify app and store events
await ProcessController.NotifyAppAboutEvents(_altinnApp, instance, processResult.Events);
await _processService.DispatchProcessEventsToStorage(instance, processResult.Events);
}
catch (Exception exception)
{
return(ExceptionResponse(exception, $"Instantiation of data elements failed for instance {instance.Id} for party {instanceTemplate.InstanceOwner?.PartyId}"));
}
await RegisterInstanceCreatedEvent(instance);
SelfLinkHelper.SetInstanceAppSelfLinks(instance, Request);
string url = instance.SelfLinks.Apps;
return(Created(url, instance));
}
