public async Task <IActionResult> Delete(Guid instanceGuid, Guid dataId, int instanceOwnerId)
{
_logger.LogInformation($"//DataController // Delete // Starting method");
string instanceId = $"{instanceOwnerId}/{instanceGuid}";
// check if instance id exist and user is allowed to change the instance data
Instance instance = await _instanceRepository.GetOne(instanceId, instanceOwnerId);
if (instance == null)
{
return(NotFound("Provided instanceId is unknown to storage service"));
}
string dataIdString = dataId.ToString();
if (instance.Data.Exists(m => m.Id == dataIdString))
{
string storageFileName = DataElementHelper.DataFileName(instance.AppId, instanceGuid.ToString(), dataId.ToString());
bool result = await _dataRepository.DeleteDataInStorage(storageFileName);
if (result)
{
// Update instance record
DataElement data = instance.Data.Find(m => m.Id == dataIdString);
instance.Data.Remove(data);
Instance storedInstance = await _instanceRepository.Update(instance);
return(Ok(storedInstance));
}
}
return(BadRequest());
}
public async Task <ActionResult> GetMessageBoxInstance(int instanceOwnerId, Guid instanceGuid, [FromQuery] string language)
{
string[] acceptedLanguages = new string[] { "en", "nb", "nn-no" };
string languageId = "nb";
if (language != null && acceptedLanguages.Contains(language.ToLower()))
{
languageId = language;
}
string instanceId = instanceOwnerId.ToString() + "/" + instanceGuid.ToString();
Instance instance = await _instanceRepository.GetOne(instanceId, instanceOwnerId);
if (instance == null)
{
return(NotFound($"Could not find instance {instanceId}"));
}
// TODO: authorize
// Get title from app metadata
Dictionary <string, Dictionary <string, string> > appTitle = await _applicationRepository.GetAppTitles(new List <string> {
instance.AppId
});
// Simplify instances and return
MessageBoxInstance messageBoxInstance = InstanceHelper.ConvertToMessageBoxInstance(new List <Instance>()
{
instance
}, appTitle, languageId).First();
return(Ok(messageBoxInstance));
}
public async Task <ActionResult> GetMessageBoxInstance(int instanceOwnerPartyId, Guid instanceGuid, [FromQuery] string language)
{
string[] acceptedLanguages = { "en", "nb", "nn" };
string languageId = "nb";
if (language != null && acceptedLanguages.Contains(language.ToLower()))
{
languageId = language;
}
string instanceId = $"{instanceOwnerPartyId}/{instanceGuid}";
Instance instance = await _instanceRepository.GetOne(instanceId, instanceOwnerPartyId);
if (instance == null)
{
return(NotFound($"Could not find instance {instanceId}"));
}
MessageBoxInstance messageBoxInstance = InstanceHelper.ConvertToMessageBoxInstance(instance);
// Setting these two properties could be handled by custom PEP.
messageBoxInstance.AllowDelete = true;
messageBoxInstance.AuthorizedForWrite = true;
Dictionary <string, Dictionary <string, string> > appTitle = await _applicationRepository.GetAppTitles(new List <string> {
instance.AppId
});
InstanceHelper.AddTitleToInstances(new List <MessageBoxInstance> {
messageBoxInstance
}, appTitle, languageId);
return(Ok(messageBoxInstance));
}
public async Task <ActionResult> GetMessageBoxInstance(int instanceOwnerPartyId, Guid instanceGuid, [FromQuery] string language)
{
string[] acceptedLanguages = { "en", "nb", "nn" };
string languageId = "nb";
if (language != null && acceptedLanguages.Contains(language.ToLower()))
{
languageId = language;
}
string instanceId = $"{instanceOwnerPartyId}/{instanceGuid}";
Instance instance = await _instanceRepository.GetOne(instanceId, instanceOwnerPartyId);
if (instance == null)
{
return(NotFound($"Could not find instance {instanceId}"));
}
//// TODO: Authorise
Dictionary <string, Dictionary <string, string> > appTitle = await _applicationRepository.GetAppTitles(new List <string> {
instance.AppId
});
MessageBoxInstance messageBoxInstance = InstanceHelper.ConvertToMessageBoxInstance(new List <Instance> {
instance
}, appTitle, languageId).First();
return(Ok(messageBoxInstance));
}
/// <inheritdoc/>
public Task <Instance> GetInstance(string instanceId, int instanceOwnerId)
{
if (instanceOwnerId <= 0)
{
throw new ArgumentException("Instance owner id cannot be zero or negative");
}
return(_instanceRepository.GetOne(instanceId, instanceOwnerId));
}
/// <summary>
/// Get the instance from database based on request
/// </summary>
/// <param name="request">The request</param>
/// <returns>The instance identified by information in the request.</returns>
private async Task <Instance> GetInstance(XacmlJsonRequestRoot request)
{
string instanceId = string.Empty;
foreach (XacmlJsonCategory category in request.Request.Resource)
{
foreach (var atr in category.Attribute)
{
if (atr.AttributeId.Equals(AltinnXacmlUrns.InstanceId))
{
instanceId = atr.Value;
break;
}
}
}
if (string.IsNullOrEmpty(instanceId))
{
return(null);
}
Instance instance = await _instanceRepository.GetOne(instanceId, Convert.ToInt32(instanceId.Split("/")[0]));
return(instance);
}
public async Task <ActionResult <Instance> > Get(int instanceOwnerPartyId, Guid instanceGuid)
{
string instanceId = $"{instanceOwnerPartyId}/{instanceGuid}";
try
{
Instance result = await _instanceRepository.GetOne(instanceId, instanceOwnerPartyId);
result.SetPlatformSelfLinks(_storageBaseAndHost);
return(Ok(result));
}
catch (Exception e)
{
return(NotFound($"Unable to find instance {instanceId}: {e}"));
}
}
public async Task <ActionResult> Get(int instanceOwnerPartyId, Guid instanceGuid)
{
string instanceId = $"{instanceOwnerPartyId}/{instanceGuid}";
try
{
Instance result = await _instanceRepository.GetOne(instanceId, instanceOwnerPartyId);
AddSelfLinks(Request, result);
return(Ok(result));
}
catch (Exception e)
{
return(NotFound($"Unable to find instance {instanceId}: {e}"));
}
}
public async Task <ActionResult> GetMessageBoxInstance(
int instanceOwnerPartyId,
Guid instanceGuid,
[FromQuery] string language)
{
string[] acceptedLanguages = { "en", "nb", "nn" };
string languageId = "nb";
if (language != null && acceptedLanguages.Contains(language.ToLower()))
{
languageId = language;
}
string instanceId = $"{instanceOwnerPartyId}/{instanceGuid}";
Instance instance = await _instanceRepository.GetOne(instanceId, instanceOwnerPartyId);
if (instance == null)
{
return(NotFound($"Could not find instance {instanceId}"));
}
List <MessageBoxInstance> authorizedInstanceList =
await _authorizationHelper.AuthorizeMesseageBoxInstances(
HttpContext.User, new List <Instance> {
instance
});
if (authorizedInstanceList.Count <= 0)
{
return(Forbid());
}
MessageBoxInstance authorizedInstance = authorizedInstanceList.First();
// get app texts and exchange all text keys.
List <TextResource> texts = await _textRepository.Get(new List <string> {
instance.AppId
}, languageId);
InstanceHelper.ReplaceTextKeys(new List <MessageBoxInstance> {
authorizedInstance
}, texts, languageId);
return(Ok(authorizedInstance));
}
private async Task <(Instance Instance, ActionResult ErrorMessage)> GetInstanceAsync(Guid instanceGuid, int instanceOwnerPartyId)
{
Instance instance = await _instanceRepository.GetOne(instanceOwnerPartyId, instanceGuid);
if (instance == null)
{
return(null, NotFound($"Unable to find any instance with id: {instanceOwnerPartyId}/{instanceGuid}."));
}
return(instance, null);
}
public async Task <IActionResult> Delete(Guid instanceGuid, Guid dataId, int instanceOwnerPartyId)
{
_logger.LogInformation($"//DataController // Delete // Starting method");
string instanceId = $"{instanceOwnerPartyId}/{instanceGuid}";
// check if instance id exist and user is allowed to change the instance data
Instance instance = await _instanceRepository.GetOne(instanceId, instanceOwnerPartyId);
if (instance == null)
{
return(NotFound("Provided instanceId is unknown to storage service"));
}
DataElement dataElement = await _dataRepository.Read(instanceGuid, dataId);
if (dataElement == null)
{
return(NotFound("Provided dataId is unknown to storage service"));
}
// delete blob stored file and data element object
try
{
string storageFileName = DataElementHelper.DataFileName(instance.AppId, instanceGuid.ToString(), dataId.ToString());
bool result = await _dataRepository.DeleteDataInStorage(storageFileName);
await _dataRepository.Delete(dataElement);
await DispatchEvent(InstanceEventType.Deleted.ToString(), instance, dataElement);
return(Ok(true));
}
catch (Exception deleteException)
{
_logger.LogError($"Unable to delete data element {dataId} due to {deleteException}");
return(StatusCode(500, $"Unable to delete data element {dataId} due to {deleteException.Message}"));
}
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
XacmlResourceAttributes resourceAttributes = GetResourceAttributeValues(resourceContextAttributes);
bool resourceAttributeComplete = false;
if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
!string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
!string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
else if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
if (!resourceAttributeComplete)
{
Instance instanceData = await _instanceService.GetOne(resourceAttributes.InstanceValue, Convert.ToInt32(resourceAttributes.InstanceValue.Split('/')[0]));
if (instanceData != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.OrgAttribute, resourceAttributes.OrgValue, instanceData.Org);
string app = instanceData.AppId.Split("/")[1];
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.AppAttribute, resourceAttributes.AppValue, app);
if (instanceData.Process?.CurrentTask != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.TaskAttribute, resourceAttributes.TaskValue, instanceData.Process.CurrentTask.ElementId);
}
else if (instanceData.Process?.EndEvent != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.EndEventAttribute, null, instanceData.Process.EndEvent);
}
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.PartyAttribute, resourceAttributes.ResourcePartyValue, instanceData.InstanceOwner.PartyId);
resourceAttributes.ResourcePartyValue = instanceData.InstanceOwner.PartyId;
}
}
await EnrichSubjectAttributes(request, resourceAttributes.ResourcePartyValue);
}
public async Task <ActionResult <DataElement> > Delete(int instanceOwnerPartyId, Guid instanceGuid, Guid dataGuid)
{
_logger.LogInformation($"//DataController // Delete // Starting method");
string instanceId = $"{instanceOwnerPartyId}/{instanceGuid}";
Instance instance = await _instanceRepository.GetOne(instanceId, instanceOwnerPartyId);
if (instance == null)
{
return(NotFound("Provided instanceId is unknown to storage service"));
}
DataElement dataElement = await _dataRepository.Read(instanceGuid, dataGuid);
if (dataElement == null)
{
return(NotFound("Provided dataGuid is unknown to storage service"));
}
try
{
string storageFileName = DataElementHelper.DataFileName(instance.AppId, instanceGuid.ToString(), dataGuid.ToString());
await _dataRepository.DeleteDataInStorage(instance.Org, storageFileName);
await _dataRepository.Delete(dataElement);
await DispatchEvent(InstanceEventType.Deleted.ToString(), instance, dataElement);
return(Ok(dataElement));
}
catch (Exception deleteException)
{
_logger.LogError($"Unable to delete data element {dataGuid} due to {deleteException}");
return(StatusCode(500, $"Unable to delete data element {dataGuid} due to {deleteException.Message}"));
}
}
private async Task <(Instance, ActionResult)> GetInstanceAsync(string instanceId, int instanceOwnerPartyId)
{
ActionResult errorMessage;
try
{
Instance instance = await _instanceRepository.GetOne(instanceId, instanceOwnerPartyId);
return(instance, null);
}
catch (DocumentClientException dce)
{
if (dce.StatusCode == HttpStatusCode.NotFound)
{
errorMessage = NotFound($"Unable to find any instance with id: {instanceId}.");
}
else
{
throw;
}
}
return(null, errorMessage);
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
string orgAttributeValue = string.Empty;
string appAttributeValue = string.Empty;
string instanceAttributeValue = string.Empty;
string resourcePartyAttributeValue = string.Empty;
string taskAttributeValue = string.Empty;
string endEventAttribute = string.Empty;
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
foreach (XacmlAttribute attribute in resourceContextAttributes.Attributes)
{
if (attribute.AttributeId.OriginalString.Equals(orgAttributeId))
{
orgAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(appAttributeId))
{
appAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(instanceAttributeId))
{
instanceAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(taskAttributeId))
{
taskAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(partyAttributeId))
{
resourcePartyAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(endEventAttributeId))
{
endEventAttribute = attribute.AttributeValues.First().Value;
}
}
bool resourceAttributeComplete = false;
if (!string.IsNullOrEmpty(orgAttributeValue) &&
!string.IsNullOrEmpty(appAttributeValue) &&
!string.IsNullOrEmpty(instanceAttributeValue) &&
!string.IsNullOrEmpty(resourcePartyAttributeValue) &&
(!string.IsNullOrEmpty(taskAttributeValue) ||
!string.IsNullOrEmpty(endEventAttribute)))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
else if (!string.IsNullOrEmpty(orgAttributeValue) &&
!string.IsNullOrEmpty(appAttributeValue) &&
string.IsNullOrEmpty(instanceAttributeValue) &&
!string.IsNullOrEmpty(resourcePartyAttributeValue) &&
(!string.IsNullOrEmpty(taskAttributeValue) ||
!string.IsNullOrEmpty(endEventAttribute)))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
if (!resourceAttributeComplete)
{
Instance instanceData = await _instanceRepository.GetOne(instanceAttributeValue.Split('/')[1], Convert.ToInt32(instanceAttributeValue.Split('/')[0]));
if (string.IsNullOrEmpty(orgAttributeValue) && instanceData != null)
{
resourceContextAttributes.Attributes.Add(GetOrgAttribute(instanceData));
}
if (string.IsNullOrEmpty(appAttributeValue) && instanceData != null)
{
resourceContextAttributes.Attributes.Add(GetAppAttribute(instanceData));
}
if (string.IsNullOrEmpty(taskAttributeValue) && instanceData?.Process?.CurrentTask != null)
{
resourceContextAttributes.Attributes.Add(GetProcessElementAttribute(instanceData));
}
else if (string.IsNullOrEmpty(endEventAttribute) && instanceData?.Process?.EndEvent != null)
{
resourceContextAttributes.Attributes.Add(GetEndEventAttribute(instanceData));
}
if (string.IsNullOrEmpty(resourcePartyAttributeValue) && instanceData != null)
{
resourceContextAttributes.Attributes.Add(GetPartyAttribute(instanceData));
}
if (instanceData != null)
{
resourcePartyAttributeValue = instanceData.InstanceOwner.PartyId;
}
}
await EnrichSubjectAttributes(request, resourcePartyAttributeValue);
}
public async Task <ActionResult <Instance> > PutProcess(
int instanceOwnerPartyId,
Guid instanceGuid,
[FromBody] ProcessState processState)
{
string instanceId = $"{instanceOwnerPartyId}/{instanceGuid}";
Instance existingInstance;
try
{
existingInstance = await _instanceRepository.GetOne(instanceId, instanceOwnerPartyId);
}
catch (Exception e)
{
string message = $"Unable to find instance {instanceId} to update: {e}";
_logger.LogError(message);
return(NotFound(message));
}
if (existingInstance == null)
{
return(NotFound());
}
string altinnTaskType = existingInstance.Process?.CurrentTask?.AltinnTaskType;
string action;
switch (altinnTaskType)
{
case "data":
case "feedback":
action = "write";
break;
case "confirmation":
action = "confirm";
break;
default:
action = altinnTaskType;
break;
}
bool authorized = await _authorizationHelper.AuthorizeInstanceAction(HttpContext.User, existingInstance, action);
if (!authorized)
{
return(Forbid());
}
// Archiving instance if process was ended
if (existingInstance.Process.Ended == null && processState.Ended != null)
{
existingInstance.Status ??= new InstanceStatus();
existingInstance.Status.IsArchived = true;
existingInstance.Status.Archived = processState.Ended;
}
existingInstance.Process = processState;
existingInstance.LastChangedBy = User.GetUserOrOrgId();
existingInstance.LastChanged = DateTime.UtcNow;
Instance updatedInstance;
try
{
updatedInstance = await _instanceRepository.Update(existingInstance);
updatedInstance.SetPlatformSelfLinks(_storageBaseAndHost);
}
catch (Exception e)
{
_logger.LogError($"Unable to update instance object {instanceId}. Due to {e}");
return(StatusCode(500, $"Unable to update instance object {instanceId}: {e.Message}"));
}
return(Ok(updatedInstance));
}
public async Task <ActionResult <Instance> > PutProcess(
int instanceOwnerPartyId,
Guid instanceGuid,
[FromBody] ProcessState processState)
{
Instance existingInstance;
existingInstance = await _instanceRepository.GetOne(instanceOwnerPartyId, instanceGuid);
if (existingInstance == null)
{
return(NotFound());
}
string altinnTaskType = existingInstance.Process?.CurrentTask?.AltinnTaskType;
string taskId = null;
if (processState?.CurrentTask?.FlowType != null && !processState.CurrentTask.FlowType.Equals("CompleteCurrentMoveToNext"))
{
altinnTaskType = processState.CurrentTask.AltinnTaskType;
taskId = processState.CurrentTask.ElementId;
}
string action;
switch (altinnTaskType)
{
case "data":
case "feedback":
action = "write";
break;
case "confirmation":
action = "confirm";
break;
default:
action = altinnTaskType;
break;
}
bool authorized = await _authorizationHelper.AuthorizeInstanceAction(HttpContext.User, existingInstance, action, taskId);
if (!authorized)
{
return(Forbid());
}
// Archiving instance if process was ended
if (existingInstance.Process.Ended == null && processState?.Ended != null)
{
existingInstance.Status ??= new InstanceStatus();
existingInstance.Status.IsArchived = true;
existingInstance.Status.Archived = processState.Ended;
}
existingInstance.Process = processState;
existingInstance.LastChangedBy = User.GetUserOrOrgId();
existingInstance.LastChanged = DateTime.UtcNow;
Instance updatedInstance;
updatedInstance = await _instanceRepository.Update(existingInstance);
updatedInstance.SetPlatformSelfLinks(_storageBaseAndHost);
return(Ok(updatedInstance));
}
