feat: Initial commit

author: ivarlovlie <git@ivarlovlie.no> 2023-02-25 13:15:44 +0100
committer: ivarlovlie <git@ivarlovlie.no> 2023-02-25 13:15:44 +0100
commit: 900bb5e845c3ad44defbd427cae3d44a4a43321f (patch)
tree: df3d96a93771884add571e82336c29fc3d9c7a1c /code/api/src/Endpoints/V1
download: greatoffice-900bb5e845c3ad44defbd427cae3d44a4a43321f.tar.xz
greatoffice-900bb5e845c3ad44defbd427cae3d44a4a43321f.zip
11 files changed, 499 insertions, 0 deletions
diff --git a/code/api/src/Endpoints/V1/ApiSpecV1.cs b/code/api/src/Endpoints/V1/ApiSpecV1.cs
new file mode 100644
index 0000000..e4f9cc9
--- /dev/null
+++ b/code/api/src/Endpoints/V1/ApiSpecV1.cs
@@ -0,0 +1,18 @@
+namespace IOL.GreatOffice.Api.Endpoints.V1;
+
+public static class ApiSpecV1
+{
+	private const int MAJOR = 1;
+	private const int MINOR = 0;
+	public const string VERSION_STRING = "1.0";
+
+	public static ApiSpecDocument Document => new() {
+			Version = new ApiVersion(MAJOR, MINOR),
+			VersionName = VERSION_STRING,
+			SwaggerPath = $"/swagger/{VERSION_STRING}/swagger.json",
+			OpenApiInfo = new OpenApiInfo {
+					Title = AppConstants.API_NAME,
+					Version = VERSION_STRING
+			}
+	};
+}
diff --git a/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs b/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs
new file mode 100644
index 0000000..163ddb6
--- /dev/null
+++ b/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs
@@ -0,0 +1,58 @@
+using System.Text;
+
+namespace IOL.GreatOffice.Api.Endpoints.V1.ApiTokens;
+
+public class CreateTokenRoute : RouteBaseSync.WithRequest<CreateTokenRoute.Payload>.WithActionResult
+{
+    private readonly MainAppDatabase _database;
+    private readonly AppConfiguration _configuration;
+    private readonly ILogger<CreateTokenRoute> _logger;
+
+    public CreateTokenRoute(MainAppDatabase database, VaultService vaultService, ILogger<CreateTokenRoute> logger) {
+        _database = database;
+        _configuration = vaultService.GetCurrentAppConfiguration();
+        _logger = logger;
+    }
+
+    public class Payload
+    {
+        public DateTime ExpiryDate { get; set; }
+        public bool AllowRead { get; set; }
+        public bool AllowCreate { get; set; }
+        public bool AllowUpdate { get; set; }
+        public bool AllowDelete { get; set; }
+    }
+
+    /// <summary>
+    /// Create a new api token with the provided claims.
+    /// </summary>
+    /// <param name="request">The claims to set on the api token</param>
+    /// <returns></returns>
+    [ApiVersion(ApiSpecV1.VERSION_STRING)]
+    [HttpPost("~/v{version:apiVersion}/api-tokens/create")]
+    public override ActionResult Handle(Payload request) {
+        var user = _database.Users.SingleOrDefault(c => c.Id == LoggedInUser.Id);
+        if (user == default) {
+            return NotFound(new KnownProblemModel("User does not exist"));
+        }
+
+        var token_entropy = _configuration.APP_AES_KEY;
+        if (token_entropy.IsNullOrWhiteSpace()) {
+            _logger.LogWarning("No token entropy is available, Basic auth is disabled");
+            return NotFound();
+        }
+
+        var accessToken = new ApiAccessToken() {
+            User = user,
+            ExpiryDate = request.ExpiryDate.ToUniversalTime(),
+            AllowCreate = request.AllowCreate,
+            AllowRead = request.AllowRead,
+            AllowDelete = request.AllowDelete,
+            AllowUpdate = request.AllowUpdate
+        };
+
+        _database.AccessTokens.Add(accessToken);
+        _database.SaveChanges();
+        return Ok(Convert.ToBase64String(Encoding.UTF8.GetBytes(accessToken.Id.ToString().EncryptWithAes(token_entropy))));
+    }
+}
+\ No newline at end of file
diff --git a/code/api/src/Endpoints/V1/ApiTokens/DeleteTokenRoute.cs b/code/api/src/Endpoints/V1/ApiTokens/DeleteTokenRoute.cs
new file mode 100644
index 0000000..ee19e40
--- /dev/null
+++ b/code/api/src/Endpoints/V1/ApiTokens/DeleteTokenRoute.cs
@@ -0,0 +1,31 @@
+namespace IOL.GreatOffice.Api.Endpoints.V1.ApiTokens;
+
+public class DeleteTokenRoute : RouteBaseSync.WithRequest<Guid>.WithActionResult
+{
+    private readonly MainAppDatabase _database;
+    private readonly ILogger<DeleteTokenRoute> _logger;
+
+    public DeleteTokenRoute(MainAppDatabase database, ILogger<DeleteTokenRoute> logger) {
+        _database = database;
+        _logger = logger;
+    }
+
+    /// <summary>
+    /// Delete an api token, rendering it unusable
+    /// </summary>
+    /// <param name="id">Id of the token to delete</param>
+    /// <returns>Nothing</returns>
+    [ApiVersion(ApiSpecV1.VERSION_STRING)]
+    [HttpDelete("~/v{version:apiVersion}/api-tokens/delete")]
+    public override ActionResult Handle(Guid id) {
+        var token = _database.AccessTokens.SingleOrDefault(c => c.Id == id);
+        if (token == default) {
+            _logger.LogWarning("A deletion request of an already deleted (maybe) api token was received.");
+            return NotFound();
+        }
+
+        _database.AccessTokens.Remove(token);
+        _database.SaveChanges();
+        return Ok();
+    }
+}
+\ No newline at end of file
diff --git a/code/api/src/Endpoints/V1/ApiTokens/GetTokensRoute.cs b/code/api/src/Endpoints/V1/ApiTokens/GetTokensRoute.cs
new file mode 100644
index 0000000..ee46b34
--- /dev/null
+++ b/code/api/src/Endpoints/V1/ApiTokens/GetTokensRoute.cs
@@ -0,0 +1,36 @@
+namespace IOL.GreatOffice.Api.Endpoints.V1.ApiTokens;
+
+public class GetTokensRoute : RouteBaseSync.WithoutRequest.WithResult<ActionResult<List<GetTokensRoute.ResponseModel>>>
+{
+    private readonly MainAppDatabase _database;
+
+    public GetTokensRoute(MainAppDatabase database) {
+        _database = database;
+    }
+
+    public class ResponseModel
+    {
+        public DateTime ExpiryDate { get; set; }
+        public bool AllowRead { get; set; }
+        public bool AllowCreate { get; set; }
+        public bool AllowUpdate { get; set; }
+        public bool AllowDelete { get; set; }
+        public bool HasExpired => ExpiryDate < AppDateTime.UtcNow;
+    }
+
+    /// <summary>
+    /// Get all tokens, both active and inactive.
+    /// </summary>
+    /// <returns>A list of tokens</returns>
+    [ApiVersion(ApiSpecV1.VERSION_STRING)]
+    [HttpGet("~/v{version:apiVersion}/api-tokens")]
+    public override ActionResult<List<ResponseModel>> Handle() {
+        return Ok(_database.AccessTokens.Where(c => c.User.Id == LoggedInUser.Id).Select(c => new ResponseModel() {
+            AllowCreate = c.AllowCreate,
+            AllowRead = c.AllowRead,
+            AllowDelete = c.AllowDelete,
+            AllowUpdate = c.AllowUpdate,
+            ExpiryDate = c.ExpiryDate
+        }));
+    }
+}
+\ No newline at end of file
diff --git a/code/api/src/Endpoints/V1/Customers/CreateCustomerRoute.cs b/code/api/src/Endpoints/V1/Customers/CreateCustomerRoute.cs
new file mode 100644
index 0000000..e58aa37
--- /dev/null
+++ b/code/api/src/Endpoints/V1/Customers/CreateCustomerRoute.cs
@@ -0,0 +1,66 @@
+namespace IOL.GreatOffice.Api.Endpoints.V1.Customers;
+
+public class CreateCustomerRoute : RouteBaseAsync.WithRequest<CreateCustomerPayload>.WithActionResult
+{
+    private readonly MainAppDatabase _database;
+    private readonly ILogger<CreateCustomerRoute> _logger;
+    private readonly IStringLocalizer<SharedResources> _localizer;
+
+    public CreateCustomerRoute(MainAppDatabase database, ILogger<CreateCustomerRoute> logger, IStringLocalizer<SharedResources> localizer) {
+        _database = database;
+        _logger = logger;
+        _localizer = localizer;
+    }
+
+    [HttpPost("~/v{version:apiVersion}/customers/create")]
+    public override async Task<ActionResult> HandleAsync(CreateCustomerPayload request, CancellationToken cancellationToken = default) {
+        var problem = new KnownProblemModel();
+        if (request.Name.Trim().IsNullOrEmpty()) problem.AddError("name", _localizer["Name is a required field"]);
+        if (problem.Errors.Any()) {
+            problem.Title = _localizer["Invalid form"];
+            problem.Subtitle = _localizer["One or more validation errors occured"];
+            return KnownProblem(problem);
+        }
+
+        var customer = new Customer(LoggedInUser) {
+            CustomerNumber = request.CustomerNumber,
+            Name = request.Name,
+            Description = request.Description,
+            Address1 = request.Address1,
+            Address2 = request.Address2,
+            Country = request.Country,
+            Currency = request.Currency,
+            Email = request.Email,
+            Phone = request.Phone,
+            PostalCity = request.PostalCity,
+            PostalCode = request.PostalCode,
+            VATNumber = request.VATNumber,
+            ORGNumber = request.ORGNumber,
+            DefaultReference = request.DefaultReference,
+            Website = request.Website
+        };
+        customer.SetOwnerIds(default, LoggedInUser.TenantId);
+        _database.Customers.Add(customer);
+        await _database.SaveChangesAsync(cancellationToken);
+        return Ok();
+    }
+}
+
+public class CreateCustomerPayload
+{
+    public string CustomerNumber { get; set; }
+    public string Name { get; set; }
+    public string Description { get; set; }
+    public string Address1 { get; set; }
+    public string Address2 { get; set; }
+    public string PostalCode { get; set; }
+    public string PostalCity { get; set; }
+    public string Country { get; set; }
+    public string Phone { get; set; }
+    public string Email { get; set; }
+    public string VATNumber { get; set; }
+    public string ORGNumber { get; set; }
+    public string DefaultReference { get; set; }
+    public string Website { get; set; }
+    public string Currency { get; set; }
+}
+\ No newline at end of file
diff --git a/code/api/src/Endpoints/V1/Projects/CreateProjectRoute.cs b/code/api/src/Endpoints/V1/Projects/CreateProjectRoute.cs
new file mode 100644
index 0000000..bd37faf
--- /dev/null
+++ b/code/api/src/Endpoints/V1/Projects/CreateProjectRoute.cs
@@ -0,0 +1,83 @@
+namespace IOL.GreatOffice.Api.Endpoints.V1.Projects;
+
+public class CreateProjectRoute : RouteBaseAsync.WithRequest<CreateProjectPayload>.WithActionResult
+{
+    private readonly MainAppDatabase _database;
+    private readonly IStringLocalizer<SharedResources> _localizer;
+
+    public CreateProjectRoute(MainAppDatabase database, IStringLocalizer<SharedResources> localizer) {
+        _database = database;
+        _localizer = localizer;
+    }
+
+    [HttpPost("~/v{version:apiVersion}/projects/create")]
+    public override async Task<ActionResult> HandleAsync(CreateProjectPayload request, CancellationToken cancellationToken = default) {
+        var problem = new KnownProblemModel();
+
+        if (request.Name.IsNullOrEmpty()) {
+            problem.AddError("name", _localizer["Name is a required field"]);
+        }
+
+        var project = new Project(LoggedInUser) {
+            Name = request.Name,
+            Description = request.Description,
+            Start = request.Start,
+            Stop = request.Stop,
+        };
+
+        project.SetOwnerIds(default, LoggedInUser.TenantId);
+
+        foreach (var customerId in request.CustomerIds) {
+            var customer = _database.Customers.FirstOrDefault(c => c.Id == customerId);
+            if (customer == default) {
+                problem.AddError("customer_" + customerId, _localizer["Customer not found"]);
+                continue;
+            }
+
+            project.Customers.Add(customer);
+        }
+
+        foreach (var member in request.Members) {
+            var user = _database.Users.FirstOrDefault(c => c.Id == member.UserId);
+            if (user == default) {
+                problem.AddError("members_" + member.UserId, _localizer["User not found"]);
+                continue;
+            }
+
+            project.Members.Add(new ProjectMember() {
+                Project = project,
+                User = user,
+                Role = member.Role
+            });
+        }
+
+        if (problem.Errors.Any()) {
+            problem.Title = _localizer["Invalid form"];
+            problem.Subtitle = _localizer["One or more validation errors occured"];
+            return KnownProblem(problem);
+        }
+
+        _database.Projects.Add(project);
+        await _database.SaveChangesAsync(cancellationToken);
+        return Ok();
+    }
+}
+
+public class CreateProjectResponse
+{ }
+
+public class CreateProjectPayload
+{
+    public string Name { get; set; }
+    public string Description { get; set; }
+    public DateTime Start { get; set; }
+    public DateTime Stop { get; set; }
+    public List<Guid> CustomerIds { get; set; }
+    public List<ProjectMember> Members { get; set; }
+
+    public class ProjectMember
+    {
+        public Guid UserId { get; set; }
+        public ProjectRole Role { get; set; }
+    }
+}
+\ No newline at end of file
diff --git a/code/api/src/Endpoints/V1/Projects/GetProjectsRoute.cs b/code/api/src/Endpoints/V1/Projects/GetProjectsRoute.cs
new file mode 100644
index 0000000..8fe70a6
--- /dev/null
+++ b/code/api/src/Endpoints/V1/Projects/GetProjectsRoute.cs
@@ -0,0 +1,40 @@
+using MR.AspNetCore.Pagination;
+
+namespace IOL.GreatOffice.Api.Endpoints.V1.Projects;
+
+public class GetProjectsRoute : RouteBaseAsync.WithRequest<GetProjectsQueryParameters>.WithActionResult<KeysetPaginationResult<GetProjectsResponseDto>>
+{
+    private readonly MainAppDatabase _database;
+    private readonly PaginationService _pagination;
+
+    public GetProjectsRoute(MainAppDatabase database, PaginationService pagination) {
+        _database = database;
+        _pagination = pagination;
+    }
+
+    [HttpGet("~/v{version:apiVersion}/projects")]
+    public override async Task<ActionResult<KeysetPaginationResult<GetProjectsResponseDto>>> HandleAsync([FromQuery] GetProjectsQueryParameters request, CancellationToken cancellationToken = default) {
+        var result = await _pagination.KeysetPaginateAsync(
+            _database.Projects.ForTenant(LoggedInUser).ConditionalWhere(() => request.NameQuery.HasValue(), p => p.Name.Contains(request.NameQuery)),
+            b => b.Descending(x => x.CreatedAt),
+            async id => await _database.Projects.FindAsync(id),
+            query => query.Select(p => new GetProjectsResponseDto() {
+                Id = p.Id,
+                Name = p.Name
+            })
+        );
+        return Ok(result);
+    }
+}
+
+public class GetProjectsResponseDto
+{
+    public Guid Id { get; set; }
+    public string Name { get; set; }
+}
+
+public class GetProjectsQueryParameters
+{
+    [FromQuery(Name = "name")]
+    public string NameQuery { get; set; }
+}
+\ No newline at end of file
diff --git a/code/api/src/Endpoints/V1/Projects/_calls.http b/code/api/src/Endpoints/V1/Projects/_calls.http
new file mode 100644
index 0000000..af0eba6
--- /dev/null
+++ b/code/api/src/Endpoints/V1/Projects/_calls.http
@@ -0,0 +1,12 @@
+### Create Project
+GET https://localhost:5001/v1/projects/create
+Accept: application/json
+Content-Type: application/json
+Cookie: "" 
+
+{
+  "": ""
+}
+
+### Get Projects
+POST http://localhost
diff --git a/code/api/src/Endpoints/V1/RouteBaseAsync.cs b/code/api/src/Endpoints/V1/RouteBaseAsync.cs
new file mode 100644
index 0000000..33b6f5f
--- /dev/null
+++ b/code/api/src/Endpoints/V1/RouteBaseAsync.cs
@@ -0,0 +1,73 @@
+namespace IOL.GreatOffice.Api.Endpoints.V1;
+
+/// <summary>
+/// A base class for an endpoint that accepts parameters.
+/// </summary>
+public class RouteBaseAsync
+{
+	public class WithRequest<TRequest>
+	{
+		public abstract class WithResult<TResponse> : V1_EndpointBase
+		{
+			public abstract Task<TResponse> HandleAsync(
+					TRequest request,
+					CancellationToken cancellationToken = default
+			);
+		}
+
+		public abstract class WithoutResult : V1_EndpointBase
+		{
+			public abstract Task HandleAsync(
+					TRequest request,
+					CancellationToken cancellationToken = default
+			);
+		}
+
+		public abstract class WithActionResult<TResponse> : V1_EndpointBase
+		{
+			public abstract Task<ActionResult<TResponse>> HandleAsync(
+					TRequest request,
+					CancellationToken cancellationToken = default
+			);
+		}
+
+		public abstract class WithActionResult : V1_EndpointBase
+		{
+			public abstract Task<ActionResult> HandleAsync(
+					TRequest request,
+					CancellationToken cancellationToken = default
+			);
+		}
+	}
+
+	public static class WithoutRequest
+	{
+		public abstract class WithResult<TResponse> : V1_EndpointBase
+		{
+			public abstract Task<TResponse> HandleAsync(
+					CancellationToken cancellationToken = default
+			);
+		}
+
+		public abstract class WithoutResult : V1_EndpointBase
+		{
+			public abstract Task HandleAsync(
+					CancellationToken cancellationToken = default
+			);
+		}
+
+		public abstract class WithActionResult<TResponse> : V1_EndpointBase
+		{
+			public abstract Task<ActionResult<TResponse>> HandleAsync(
+					CancellationToken cancellationToken = default
+			);
+		}
+
+		public abstract class WithActionResult : V1_EndpointBase
+		{
+			public abstract Task<ActionResult> HandleAsync(
+					CancellationToken cancellationToken = default
+			);
+		}
+	}
+}
diff --git a/code/api/src/Endpoints/V1/RouteBaseSync.cs b/code/api/src/Endpoints/V1/RouteBaseSync.cs
new file mode 100644
index 0000000..6a86074
--- /dev/null
+++ b/code/api/src/Endpoints/V1/RouteBaseSync.cs
@@ -0,0 +1,53 @@
+namespace IOL.GreatOffice.Api.Endpoints.V1;
+
+/// <summary>
+/// A base class for an endpoint that accepts parameters.
+/// </summary>
+public static class RouteBaseSync
+{
+	public static class WithRequest<TRequest>
+	{
+		public abstract class WithResult<TResponse> : V1_EndpointBase
+		{
+			public abstract TResponse Handle(TRequest request);
+		}
+
+		public abstract class WithoutResult : V1_EndpointBase
+		{
+			public abstract void Handle(TRequest request);
+		}
+
+		public abstract class WithActionResult<TResponse> : V1_EndpointBase
+		{
+			public abstract ActionResult<TResponse> Handle(TRequest request);
+		}
+
+		public abstract class WithActionResult : V1_EndpointBase
+		{
+			public abstract ActionResult Handle(TRequest request);
+		}
+	}
+
+	public static class WithoutRequest
+	{
+		public abstract class WithResult<TResponse> : V1_EndpointBase
+		{
+			public abstract TResponse Handle();
+		}
+
+		public abstract class WithoutResult : V1_EndpointBase
+		{
+			public abstract void Handle();
+		}
+
+		public abstract class WithActionResult<TResponse> : V1_EndpointBase
+		{
+			public abstract ActionResult<TResponse> Handle();
+		}
+
+		public abstract class WithActionResult : V1_EndpointBase
+		{
+			public abstract ActionResult Handle();
+		}
+	}
+}
diff --git a/code/api/src/Endpoints/V1/V1_EndpointBase.cs b/code/api/src/Endpoints/V1/V1_EndpointBase.cs
new file mode 100644
index 0000000..08ce4ab
--- /dev/null
+++ b/code/api/src/Endpoints/V1/V1_EndpointBase.cs
@@ -0,0 +1,29 @@
+using System.Net.Http.Headers;
+
+namespace IOL.GreatOffice.Api.Endpoints.V1;
+
+[ApiVersion(ApiSpecV1.VERSION_STRING)]
+[Authorize(AuthenticationSchemes = AuthSchemes)]
+public class V1_EndpointBase : EndpointBase
+{
+    private const string AuthSchemes = CookieAuthenticationDefaults.AuthenticationScheme + "," + AppConstants.BASIC_AUTH_SCHEME;
+    
+    protected bool IsApiCall() {
+        if (!Request.Headers.ContainsKey("Authorization")) return false;
+        try {
+            var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
+            if (authHeader.Parameter == null) return false;
+        } catch {
+            return false;
+        }
+
+        return true;
+    }
+
+    protected bool HasApiPermission(string permission_key) {
+        var permission_claim = User.Claims.SingleOrDefault(c => c.Type == permission_key);
+        return permission_claim is {
+            Value: "True"
+        };
+    }
+}
+\ No newline at end of file
author	ivarlovlie <git@ivarlovlie.no>	2023-02-25 13:15:44 +0100
committer	ivarlovlie <git@ivarlovlie.no>	2023-02-25 13:15:44 +0100
commit	900bb5e845c3ad44defbd427cae3d44a4a43321f (patch)
tree	df3d96a93771884add571e82336c29fc3d9c7a1c /code/api/src/Endpoints/V1
download	greatoffice-900bb5e845c3ad44defbd427cae3d44a4a43321f.tar.xz greatoffice-900bb5e845c3ad44defbd427cae3d44a4a43321f.zip