public OkResult RegisterUserFeedback([FromBody] RegisterUserFeedbackRequest request)
{
var botId = GetBotId();
if (!botId.HasValue)
{
throw new HttpStatusException(HttpStatusCode.BadRequest, "Invalid or missing botId in claim");
}
var report = _dbContext.Reports.FirstOrDefault(r => r.Id == request.ReportId);
if (report?.DashboardId != botId)
{
throw new HttpStatusException(HttpStatusCode.BadRequest, "Bot is not authorized to submit feedback to this report");
}
if (string.IsNullOrWhiteSpace(request.Feedback))
{
throw new HttpStatusException(HttpStatusCode.BadRequest, "Feedback type must be provided");
}
var allowedFeedback = _dbContext.ReportAllowedFeedbacks
.Include(raf => raf.Feedback)
.FirstOrDefault(raf => request.Feedback.Equals(raf.Feedback.Name, StringComparison.OrdinalIgnoreCase));
if (allowedFeedback == null)
{
throw new HttpStatusException(HttpStatusCode.BadRequest, "Feedback not allowed for report");
}
var user = _dbContext.GetOrCreateUser(request.UserId);
if (user.UserScopes.All(us => us.ScopeName != Scopes.SCOPE_REVIEWER))
{
throw new HttpStatusException(HttpStatusCode.BadRequest, "User is not authorized as a reviewer");
}
var existingFeedback = _dbContext.ReportFeedbacks.FirstOrDefault(rf => rf.UserId == request.UserId && rf.ReportId == request.ReportId);
if (existingFeedback == null)
{
_dbContext.ReportFeedbacks.Add(new DbReportFeedback
{
FeedbackId = allowedFeedback.FeedbackId,
ReportId = request.ReportId,
User = user
});
}
else
{
existingFeedback.FeedbackId = allowedFeedback.FeedbackId;
}
_dbContext.SaveChanges();
return(Ok());
}
public IActionResult RegisterDashboard([FromBody] CreateDashboardRequest request)
{
if (string.IsNullOrWhiteSpace(request.BotName))
{
return(BadRequest(new ErrorResponse("Name is required")));
}
if (string.IsNullOrWhiteSpace(request.Description))
{
return(BadRequest(new ErrorResponse("Description is required")));
}
if (string.IsNullOrWhiteSpace(request.Secret))
{
return(BadRequest(new ErrorResponse("Secret is required")));
}
if (_dbContext.Dashboards.Any(b => b.DashboardName == request.DashboardName))
{
return(BadRequest(new ErrorResponse($"Dashboard with name '{request.DashboardName}' already exists")));
}
var userId = User.GetUserId();
if (!userId.HasValue)
{
throw new HttpStatusException(HttpStatusCode.Unauthorized);
}
var dashboard = new DbDashboard
{
Scopes = new List <DbDashboardScope>(),
Feedbacks = new List <DbFeedback>(),
ConflictExceptions = new List <DbConflictException>()
};
FillDashboardDetails(dashboard, request);
if (request.OwnerAccountId.HasValue && User.HasClaim(Scopes.SCOPE_ADMIN))
{
dashboard.OwnerAccountId = request.OwnerAccountId.Value;
}
_dbContext.Dashboards.Add(dashboard);
_dbContext.DashboardScopes.Add(new DbDashboardScope
{
Dashboard = dashboard,
ScopeName = Scopes.SCOPE_BOT
});
_dbContext.SaveChanges();
return(Json(dashboard.Id));
}
public IActionResult SendFeedback([FromBody] SendFeedbackRequest request)
{
var allowedFeedbacks = _dbContext.ReportAllowedFeedbacks.Where(r => r.ReportId == request.ReportId && r.Feedback.IsEnabled).Select(f => f.FeedbackId).ToList();
var userId = User.GetUserId();
if (!userId.HasValue)
{
throw new HttpStatusException(HttpStatusCode.Unauthorized);
}
if (!allowedFeedbacks.Contains(request.FeedbackId))
{
throw new HttpStatusException(HttpStatusCode.BadRequest, "Invalid feedback id");
}
var existingFeedback = _dbContext.ReportFeedbacks.FirstOrDefault(rf => rf.UserId == userId && rf.ReportId == request.ReportId && rf.InvalidatedDate == null);
if (existingFeedback != null)
{
// No change
if (existingFeedback.FeedbackId == request.FeedbackId)
{
return(Ok());
}
existingFeedback.InvalidatedByUserId = userId.Value;
existingFeedback.InvalidatedDate = DateTime.UtcNow;
existingFeedback.InvalidationReason = "Feedback changed";
}
_dbContext.ReportFeedbacks.Add(new DbReportFeedback
{
FeedbackId = request.FeedbackId,
ReportId = request.ReportId,
UserId = userId.Value
});
_dbContext.SaveChanges();
_dbContext.ProcessReport(request.ReportId);
_dbContext.SaveChanges();
return(Ok());
}
public IActionResult AddFile([FromBody] AddFileRequest request)
{
var dbFile = new DbFile
{
ContentType = request.ContentType,
FileName = request.FileName,
Contents = Convert.FromBase64String(request.Contents)
};
_dbContext.Files.Add(dbFile);
_dbContext.SaveChanges();
return(Ok(dbFile));
}