public async Task <Response <DepartmentDTO> > Get(long id)
{
var currentUser = await _giraf._userManager.GetUserAsync(HttpContext.User);
if (currentUser == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.UserNotFound));
}
var isSuperUser = await _giraf._userManager.IsInRoleAsync(currentUser, GirafRole.SuperUser);
if (currentUser?.DepartmentKey != id && !isSuperUser)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.NotAuthorized));
}
//.Include is used to get information on members aswell when getting the Department
var department = _giraf._context.Departments
.Where(dep => dep.Key == id);
var depa = await department
.Include(dep => dep.Members)
.Include(dep => dep.Resources)
.FirstOrDefaultAsync();
if (depa == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.NotFound));
}
var members = DepartmentDTO.FindMembers(depa.Members, _roleManager, _giraf);
return(new Response <DepartmentDTO>(new DepartmentDTO(depa, members)));
}
public async Task <Response <DepartmentDTO> > RemoveResource(long resourceId)
{
//Fetch the department and check that it exists.
var usr = await _giraf.LoadUserWithResources(HttpContext.User);
//Fetch the department and check that it exists. No need to fetch dep ressources they are already on user
var department = await _giraf._context.Departments.Where(d => d.Key == usr.DepartmentKey)
.Include(d => d.Members)
.FirstOrDefaultAsync();
if (department == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.DepartmentNotFound));
}
//Fetch the resource with the given id, check that it exists.
var resource = await _giraf._context.Pictograms
.Where(f => f.Id == resourceId)
.FirstOrDefaultAsync();
if (resource == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.ResourceNotFound));
}
var resourceOwned = await _giraf.CheckProtectedOwnership(resource, usr);
if (!resourceOwned)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.NotAuthorized));
}
//Check if the department already owns the resource and remove if so.
var drrelation = await _giraf._context.DepartmentResources
.Where(dr => dr.PictogramKey == resource.Id && dr.OtherKey == department.Key)
.FirstOrDefaultAsync();
if (drrelation == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.ResourceNotOwnedByDepartment));
}
usr.Department.Resources.Remove(drrelation);
await _giraf._context.SaveChangesAsync();
//Return Ok and the department - the resource is now visible in deparment.Resources
var members = DepartmentDTO.FindMembers(department.Members, _roleManager, _giraf);
return(new Response <DepartmentDTO>(new DepartmentDTO(usr.Department, members)));
}
public async Task <Response <DepartmentDTO> > AddUser(long departmentId, string userId)
{
//Fetch user and department and check that they exist
if (userId == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.MissingProperties, "userId"));
}
var currentUser = await _giraf._userManager.GetUserAsync(HttpContext.User);
if (currentUser == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.UserNotFound));
}
var role = await _roleManager.findUserRole(_giraf._userManager, currentUser);
if (role == GirafRoles.Department || role == GirafRoles.Guardian)
{
// lets check that we are in the correct department
if (currentUser.DepartmentKey != departmentId)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.NotAuthorized));
}
}
var dep = await _giraf._context.Departments
.Where(d => d.Key == departmentId)
.Include(d => d.Members)
.Include(d => d.Resources)
.FirstOrDefaultAsync();
if (dep == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.DepartmentNotFound));
}
//Check if the user is already in the department
if (dep.Members.Any(u => u.Id == userId))
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.UserNameAlreadyTakenWithinDepartment));
}
var user = await _giraf._context.Users.Where(u => u.Id == userId).Include(u => u.Department)
.FirstOrDefaultAsync();
var RoleOfUserToAdd = await _roleManager.findUserRole(_giraf._userManager, user);
// only makes sense to add a guardian or citizen to a department
if (RoleOfUserToAdd == GirafRoles.SuperUser || RoleOfUserToAdd == GirafRoles.Department)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.Forbidden));
}
if (user == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.UserNotFound));
}
if (user.Department != null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.UserAlreadyHasDepartment));
}
user.DepartmentKey = dep.Key;
dep.Members.Add(user);
await _giraf._context.SaveChangesAsync();
var members = DepartmentDTO.FindMembers(dep.Members, _roleManager, _giraf);
return(new Response <DepartmentDTO>(new DepartmentDTO(dep, members)));
}
public async Task <Response <DepartmentDTO> > AddResource(long departmentId, long resourceId)
{
var usr = await _giraf.LoadUserWithResources(HttpContext.User);
//Fetch the department and check that it exists no need to load ressources already on user
var department = await _giraf._context.Departments.Where(d => d.Key == departmentId)
.Include(d => d.Members)
.FirstOrDefaultAsync();
if (department == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.DepartmentNotFound));
}
//Fetch the resource with the given id, check that it exists and that the user owns it.
var resource = await _giraf._context.Pictograms.Where(f => f.Id == resourceId).FirstOrDefaultAsync();
if (resource == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.ResourceNotFound));
}
var resourceOwned = await _giraf.CheckPrivateOwnership(resource, usr);
if (!resourceOwned)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.NotAuthorized));
}
//Check if the department already owns the resource
var alreadyOwned = await _giraf._context.DepartmentResources
.Where(depres => depres.OtherKey == departmentId &&
depres.PictogramKey == resourceId)
.AnyAsync();
if (alreadyOwned)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.DepartmentAlreadyOwnsResource));
}
//Remove resource from user
var usrResource = await _giraf._context.UserResources
.Where(ur => ur.PictogramKey == resource.Id && ur.OtherKey == usr.Id)
.FirstOrDefaultAsync();
if (usrResource == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.ResourceNotFound));
}
usr.Resources.Remove(usrResource);
await _giraf._context.SaveChangesAsync();
//Change resource AccessLevel to Protected from Private
resource.AccessLevel = AccessLevel.PROTECTED;
//Create a relationship between the department and the resource.
var dr = new DepartmentResource(usr.Department, resource);
await _giraf._context.DepartmentResources.AddAsync(dr);
await _giraf._context.SaveChangesAsync();
//Return Ok and the department - the resource is now visible in deparment.Resources
var members = DepartmentDTO.FindMembers(department.Members, _roleManager, _giraf);
return(new Response <DepartmentDTO>(new DepartmentDTO(usr.Department, members)));
}
public async Task <Response <DepartmentDTO> > Post([FromBody] DepartmentDTO depDTO)
{
try
{
if (depDTO?.Name == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.MissingProperties,
"Deparment name has to be specified!"));
}
var authenticatedUser = await _giraf.LoadBasicUserDataAsync(HttpContext.User);
if (authenticatedUser == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.UserNotFound));
}
var userRole = await _roleManager.findUserRole(_giraf._userManager, authenticatedUser);
if (userRole != GirafRoles.SuperUser)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.NotAuthorized));
}
//Add the department to the database.
Department department = new Department(depDTO);
//Add all members specified by either id or username in the DTO
if (depDTO.Members != null)
{
foreach (var mem in depDTO.Members)
{
var usr = await _giraf._context.Users
.Where(u => u.UserName == mem.UserName || u.Id == mem.UserId)
.FirstOrDefaultAsync();
if (usr == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.InvalidProperties,
"The member list contained an invalid id: " + mem));
}
department.Members.Add(usr);
usr.Department = department;
}
}
//Add all the resources with the given ids
if (depDTO.Resources != null)
{
foreach (var reso in depDTO.Resources)
{
var res = await _giraf._context.Pictograms
.Where(p => p.Id == reso)
.FirstOrDefaultAsync();
if (res == null)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.InvalidProperties,
"The list of resources contained an invalid resource id: " + reso));
}
var dr = new DepartmentResource(department, res);
await _giraf._context.DepartmentResources.AddAsync(dr);
}
}
await _giraf._context.Departments.AddAsync(department);
//Create a new user with the supplied information
var departmentUser = new GirafUser(depDTO.Name, department)
{
IsDepartment = true
};
//department.Members.Add(user);
var identityUser = await _giraf._userManager.CreateAsync(departmentUser, "0000");
if (identityUser.Succeeded == false)
{
return(new ErrorResponse <DepartmentDTO>(ErrorCode.CouldNotCreateDepartmentUser, string.Join("\n", identityUser.Errors)));
}
await _giraf._userManager.AddToRoleAsync(departmentUser, GirafRole.Department);
//Save the changes and return the entity
await _giraf._context.SaveChangesAsync();
var members = DepartmentDTO.FindMembers(department.Members, _roleManager, _giraf);
return(new Response <DepartmentDTO>(new DepartmentDTO(department, members)));
}
catch (System.Exception e)
{
var errorDescription = $"Exception in Post: {e.Message}, {e.InnerException}";
_giraf._logger.LogError(errorDescription);
return(new ErrorResponse <DepartmentDTO>(ErrorCode.Error, errorDescription));
}
}
