diff options
Diffstat (limited to 'code/api/src/Endpoints')
23 files changed, 350 insertions, 170 deletions
diff --git a/code/api/src/Endpoints/EndpointBase.cs b/code/api/src/Endpoints/EndpointBase.cs new file mode 100644 index 0000000..c088976 --- /dev/null +++ b/code/api/src/Endpoints/EndpointBase.cs @@ -0,0 +1,27 @@ +using System.Diagnostics; + +namespace IOL.GreatOffice.Api.Endpoints; + +[ApiController] +public class EndpointBase : ControllerBase +{ + /// <summary> + /// User data for the currently logged on user. + /// </summary> + protected LoggedInUserModel LoggedInUser => new() { + Username = User.FindFirstValue(AppClaims.NAME), + Id = User.FindFirstValue(AppClaims.USER_ID).AsGuid(), + }; + + public ObjectResult KnownProblem(string title = default, string subtitle = default, Dictionary<string, string> errors = default) { + return new ObjectResult(new KnownProblemModel { + Title = title, + Subtitle = subtitle, + Errors = errors, + TraceId = Activity.Current?.Id, + RequestId = HttpContext.TraceIdentifier + }) { + StatusCode = (int) HttpStatusCode.BadRequest + }; + } +}
\ No newline at end of file diff --git a/code/api/src/Endpoints/Internal/Account/CreateAccountRoute.cs b/code/api/src/Endpoints/Internal/Account/CreateAccountRoute.cs index 954fbf5..0f4a383 100644 --- a/code/api/src/Endpoints/Internal/Account/CreateAccountRoute.cs +++ b/code/api/src/Endpoints/Internal/Account/CreateAccountRoute.cs @@ -22,16 +22,16 @@ public class CreateAccountRoute : RouteBaseAsync.WithRequest<CreateAccountPayloa [HttpPost("~/_/account/create")] public override async Task<ActionResult> HandleAsync(CreateAccountPayload request, CancellationToken cancellationToken = default) { if (request.Username.IsValidEmailAddress() == false) { - return BadRequest(new ErrorResult("Invalid form", request.Username + " does not look like a valid email")); + return BadRequest(new KnownProblemModel("Invalid form", request.Username + " does not look like a valid email")); } if (request.Password.Length < 6) { - return BadRequest(new ErrorResult("Invalid form", "The password requires 6 or more characters.")); + return BadRequest(new KnownProblemModel("Invalid form", "The password requires 6 or more characters.")); } var username = request.Username.Trim(); if (_context.Users.Any(c => c.Username == username)) { - return BadRequest(new ErrorResult("Username is not available", "There is already a user registered with email: " + username)); + return BadRequest(new KnownProblemModel("Username is not available", "There is already a user registered with email: " + username)); } var user = new User(username); diff --git a/code/api/src/Endpoints/Internal/Account/LoginRoute.cs b/code/api/src/Endpoints/Internal/Account/LoginRoute.cs index 5b41c61..e4ef54c 100644 --- a/code/api/src/Endpoints/Internal/Account/LoginRoute.cs +++ b/code/api/src/Endpoints/Internal/Account/LoginRoute.cs @@ -28,7 +28,7 @@ public class LoginRoute : RouteBaseAsync var user = _context.Users.SingleOrDefault(u => u.Username == request.Username); if (user == default || !user.VerifyPassword(request.Password)) { - return BadRequest(new ErrorResult("Invalid username or password")); + return BadRequest(new KnownProblemModel("Invalid username or password")); } await _userService.LogInUser(HttpContext, user, request.Persist); diff --git a/code/api/src/Endpoints/Internal/Account/UpdateAccountRoute.cs b/code/api/src/Endpoints/Internal/Account/UpdateAccountRoute.cs index a997dcb..31ff10b 100644 --- a/code/api/src/Endpoints/Internal/Account/UpdateAccountRoute.cs +++ b/code/api/src/Endpoints/Internal/Account/UpdateAccountRoute.cs @@ -24,11 +24,11 @@ public class UpdateAccountRoute : RouteBaseAsync.WithRequest<UpdatePayload>.With } if (request.Password.IsNullOrWhiteSpace() && request.Username.IsNullOrWhiteSpace()) { - return BadRequest(new ErrorResult("Invalid request", "No data was submitted")); + return BadRequest(new KnownProblemModel("Invalid request", "No data was submitted")); } if (request.Password.HasValue() && request.Password.Length < 6) { - return BadRequest(new ErrorResult("Invalid request", + return BadRequest(new KnownProblemModel("Invalid request", "The new password must contain at least 6 characters")); } @@ -37,7 +37,7 @@ public class UpdateAccountRoute : RouteBaseAsync.WithRequest<UpdatePayload>.With } if (request.Username.HasValue() && !request.Username.IsValidEmailAddress()) { - return BadRequest(new ErrorResult("Invalid request", + return BadRequest(new KnownProblemModel("Invalid request", "The new username does not look like a valid email address")); } diff --git a/code/api/src/Endpoints/Internal/Account/UserArchiveDto.cs b/code/api/src/Endpoints/Internal/Account/UserArchiveDto.cs new file mode 100644 index 0000000..5d259ab --- /dev/null +++ b/code/api/src/Endpoints/Internal/Account/UserArchiveDto.cs @@ -0,0 +1,131 @@ + +namespace IOL.GreatOffice.Api.Endpoints.Internal.Account; + +/// <summary> +/// Represents a user archive as it is provided to users. +/// </summary> +public class UserArchiveDto +{ + /// <inheritdoc cref="UserArchiveDto"/> + public UserArchiveDto(User user) { + Meta = new MetaDto { + GeneratedAt = AppDateTime.UtcNow.ToString("yyyy-MM-ddTHH:mm:ssZ") + }; + User = new UserDto(user); + Entries = new List<EntryDto>(); + } + + /// <summary> + /// Metadata for the user archive. + /// </summary> + public MetaDto Meta { get; } + + /// <summary> + /// Relevant user data for the archive. + /// </summary> + public UserDto User { get; } + + /// <summary> + /// List of entries that the user has created. + /// </summary> + public List<EntryDto> Entries { get; } + + public void CountEntries() { + Meta.EntryCount = Entries.Count; + } + + /// <summary> + /// Represents a time entry in the data archive. + /// </summary> + public class EntryDto + { + public string CreatedAt { get; init; } + + [JsonIgnore] + public DateTime StartDateTime { get; init; } + + /// <summary> + /// ISO 8601 string of the UTC date the time entry started. + /// </summary> + public string Start => StartDateTime.ToString("yyyy-MM-ddTHH:mm:ssZ"); + + [JsonIgnore] + public DateTime StopDateTime { get; init; } + + /// <summary> + /// ISO 8601 string of the UTC date the time entry stopped. + /// </summary> + public string Stop => StopDateTime.ToString("yyyy-MM-ddTHH:mm:ssZ"); + + /// <summary> + /// Total amount of minutes elapsed from start to stop on this time entry. + /// </summary> + public double Minutes => StopDateTime.Subtract(StartDateTime).TotalMinutes; + + public string Description { get; init; } + + /// <summary> + /// Archive spesific category for this time entry. + /// </summary> + public CategoryDto Category { get; init; } + + /// <summary> + /// Archive spesific list of labels for this time entry. + /// </summary> + public List<LabelDto> Labels { get; init; } + } + + /// <summary> + /// Time entry category as it is written to the user archive. + /// </summary> + public class CategoryDto + { + public string Name { get; init; } + public string Color { get; init; } + } + + /// <summary> + /// Time entry label as it is written to the user archive. + /// </summary> + public class LabelDto + { + public string Name { get; init; } + public string Color { get; init; } + } + + + /// <summary> + /// Represents the user who this archive's data is based on. + /// </summary> + public class UserDto + { + /// <inheritdoc cref="UserDto"/> + public UserDto(User user) { + Username = user.Username; + CreatedAt = user.CreatedAt; + } + + /// <summary> + /// UTC date this user was created. + /// </summary> + public DateTime CreatedAt { get; } + + public string Username { get; } + } + + /// <summary> + /// Represents the meta object which contains metdata for this archive. + /// </summary> + public class MetaDto + { + /// <summary> + /// ISO 8601 UTC date string for when this archive was created. + /// </summary> + public string GeneratedAt { get; init; } + + /// <summary> + /// Amount of entries in the archive. + /// </summary> + public int EntryCount { get; set; } + } +} diff --git a/code/api/src/Endpoints/Internal/BaseRoute.cs b/code/api/src/Endpoints/Internal/BaseRoute.cs deleted file mode 100644 index 3e2c6af..0000000 --- a/code/api/src/Endpoints/Internal/BaseRoute.cs +++ /dev/null @@ -1,16 +0,0 @@ -namespace IOL.GreatOffice.Api.Endpoints.Internal; - -[Authorize] -[ApiController] -[ApiExplorerSettings(IgnoreApi = true)] -[ApiVersionNeutral] -public class BaseRoute : ControllerBase -{ - /// <summary> - /// User data for the currently logged on user. - /// </summary> - protected LoggedInUserModel LoggedInUser => new() { - Username = User.FindFirstValue(AppClaims.NAME), - Id = User.FindFirstValue(AppClaims.USER_ID).AsGuid(), - }; -} diff --git a/code/api/src/Endpoints/Internal/INT_EndpointBase.cs b/code/api/src/Endpoints/Internal/INT_EndpointBase.cs new file mode 100644 index 0000000..699a976 --- /dev/null +++ b/code/api/src/Endpoints/Internal/INT_EndpointBase.cs @@ -0,0 +1,9 @@ +namespace IOL.GreatOffice.Api.Endpoints.Internal; + +[Authorize] +[ApiExplorerSettings(IgnoreApi = true)] +[ApiVersionNeutral] +public class INT_EndpointBase : EndpointBase +{ + +} diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/RequestModel.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/RequestModel.cs new file mode 100644 index 0000000..236c650 --- /dev/null +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/RequestModel.cs @@ -0,0 +1,6 @@ +namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests.Create; + +public class RequestModel +{ + public string Username { get; set; } +}
\ No newline at end of file diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/Route.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/Route.cs new file mode 100644 index 0000000..f837fc0 --- /dev/null +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/Route.cs @@ -0,0 +1,57 @@ +namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests.Create; + +public class Route : RouteBaseAsync.WithRequest<RequestModel>.WithActionResult +{ + private readonly ILogger<Route> _logger; + private readonly PasswordResetService _passwordResetService; + private readonly AppDbContext _context; + + public Route(ILogger<Route> logger, PasswordResetService passwordResetService, AppDbContext context) { + _logger = logger; + _passwordResetService = passwordResetService; + _context = context; + } + + /// <summary> + /// Create a new password reset request. + /// </summary> + /// <param name="request"></param> + /// <param name="cancellationToken"></param> + /// <returns></returns> + [AllowAnonymous] + [HttpPost("~/_/password-reset-request/create")] + public override async Task<ActionResult> HandleAsync(RequestModel request, CancellationToken cancellationToken = default) { + if (!request.Username.IsValidEmailAddress()) { + _logger.LogInformation("Username is invalid, not doing request for password change"); + return KnownProblem("Invalid email address", request.Username + " looks like an invalid email address"); + } + + Request.Headers.TryGetValue(AppHeaders.BROWSER_TIME_ZONE, out var timeZoneHeader); + var tz = TimeZoneInfo.FindSystemTimeZoneById(timeZoneHeader.ToString().HasValue() ? timeZoneHeader.ToString() : "UTC"); + var offset = tz.BaseUtcOffset.Hours; + + // this is fine as long as the client is not connecting from Australia: Lord Howe Island + // according to https://en.wikipedia.org/wiki/Daylight_saving_time_by_country + if (tz.IsDaylightSavingTime(AppDateTime.UtcNow)) { + offset++; + } + + _logger.LogInformation("Request time zone (" + tz.Id + ") offset is: " + offset + " hours"); + var requestDateTime = TimeZoneInfo.ConvertTimeFromUtc(AppDateTime.UtcNow, tz); + _logger.LogInformation("Creating forgot password request with date time: " + requestDateTime.ToString("u")); + + try { + var user = _context.Users.SingleOrDefault(c => c.Username.Equals(request.Username)); + if (user != default) { + await _passwordResetService.AddRequestAsync(user, tz, cancellationToken); + return Ok(); + } + + _logger.LogInformation("User was not found, not doing request for password change"); + return Ok(); + } catch (Exception e) { + _logger.LogError(e, "_/password-reset-request/create threw an exception"); + return Ok(); + } + } +}
\ No newline at end of file diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs deleted file mode 100644 index 8fbc9a0..0000000 --- a/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs +++ /dev/null @@ -1,59 +0,0 @@ -namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests; - -/// <inheritdoc /> -public class CreateResetRequestRoute : RouteBaseAsync.WithRequest<string>.WithActionResult -{ - private readonly ILogger<CreateResetRequestRoute> _logger; - private readonly PasswordResetService _passwordResetService; - private readonly AppDbContext _context; - - /// <inheritdoc /> - public CreateResetRequestRoute(ILogger<CreateResetRequestRoute> logger, PasswordResetService passwordResetService, AppDbContext context) { - _logger = logger; - _passwordResetService = passwordResetService; - _context = context; - } - - /// <summary> - /// Create a new password reset request. - /// </summary> - /// <param name="username"></param> - /// <param name="cancellationToken"></param> - /// <returns></returns> - [AllowAnonymous] - [HttpGet("~/_/forgot-password-requests/create")] - public override async Task<ActionResult> HandleAsync(string username, CancellationToken cancellationToken = default) { - if (!username.IsValidEmailAddress()) { - _logger.LogInformation("Username is invalid, not doing request for password change"); - return BadRequest(new ErrorResult("Invalid email address", username + " looks like an invalid email address")); - } - - Request.Headers.TryGetValue(AppHeaders.BROWSER_TIME_ZONE, out var timeZoneHeader); - var tz = TimeZoneInfo.FindSystemTimeZoneById(timeZoneHeader.ToString().HasValue() ? timeZoneHeader.ToString() : "UTC"); - var offset = tz.BaseUtcOffset.Hours; - - // this is fine as long as the client is not connecting from Australia: Lord Howe Island - // according to https://en.wikipedia.org/wiki/Daylight_saving_time_by_country - if (tz.IsDaylightSavingTime(AppDateTime.UtcNow)) { - offset++; - } - - _logger.LogInformation("Request time zone (" + tz.Id + ") offset is: " + offset + " hours"); - var requestDateTime = TimeZoneInfo.ConvertTimeFromUtc(AppDateTime.UtcNow, tz); - _logger.LogInformation("Creating forgot password request with date time: " + requestDateTime.ToString("u")); - - try { - var user = _context.Users.SingleOrDefault(c => c.Username.Equals(username)); - if (user != default) { - await _passwordResetService.AddRequestAsync(user, tz, cancellationToken); - return Ok(); - } - - _logger.LogInformation("User was not found, not doing request for password change"); - return Ok(); - } catch (Exception e) { - _logger.LogError(e, "ForgotAction failed badly"); - return Ok(); - } - } -} diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs index 96f344a..a0ad4d0 100644 --- a/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs @@ -18,7 +18,7 @@ public class FulfillResetRequestRoute : RouteBaseAsync.WithRequest<FulfillResetR /// <param name="cancellationToken"></param> /// <returns></returns> [AllowAnonymous] - [HttpPost("~/_/forgot-password-requests/fulfill")] + [HttpPost("~/_/password-reset-request/fulfill")] public override async Task<ActionResult> HandleAsync(FulfillResetRequestPayload request, CancellationToken cancellationToken = default) { try { var fulfilled = await _passwordResetService.FullFillRequestAsync(request.Id, request.NewPassword, cancellationToken); diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs index c4dcd22..917c4f0 100644 --- a/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs @@ -17,7 +17,7 @@ public class IsResetRequestValidRoute : RouteBaseAsync.WithRequest<Guid>.WithAct /// <param name="cancellationToken"></param> /// <returns></returns> [AllowAnonymous] - [HttpGet("~/_/forgot-password-requests/is-valid")] + [HttpGet("~/_/password-reset-request/is-valid")] public override async Task<ActionResult> HandleAsync(Guid id, CancellationToken cancellationToken = default) { var request = await _passwordResetService.GetRequestAsync(id, cancellationToken); if (request == default) { diff --git a/code/api/src/Endpoints/Internal/RouteBaseAsync.cs b/code/api/src/Endpoints/Internal/RouteBaseAsync.cs index 1bb0af0..a87facf 100644 --- a/code/api/src/Endpoints/Internal/RouteBaseAsync.cs +++ b/code/api/src/Endpoints/Internal/RouteBaseAsync.cs @@ -7,7 +7,7 @@ public static class RouteBaseAsync { public static class WithRequest<TRequest> { - public abstract class WithResult<TResponse> : BaseRoute + public abstract class WithResult<TResponse> : INT_EndpointBase { public abstract Task<TResponse> HandleAsync( TRequest request, @@ -15,7 +15,7 @@ public static class RouteBaseAsync ); } - public abstract class WithoutResult : BaseRoute + public abstract class WithoutResult : INT_EndpointBase { public abstract Task HandleAsync( TRequest request, @@ -23,7 +23,7 @@ public static class RouteBaseAsync ); } - public abstract class WithActionResult<TResponse> : BaseRoute + public abstract class WithActionResult<TResponse> : INT_EndpointBase { public abstract Task<ActionResult<TResponse>> HandleAsync( TRequest request, @@ -31,7 +31,7 @@ public static class RouteBaseAsync ); } - public abstract class WithActionResult : BaseRoute + public abstract class WithActionResult : INT_EndpointBase { public abstract Task<ActionResult> HandleAsync( TRequest request, @@ -42,28 +42,28 @@ public static class RouteBaseAsync public static class WithoutRequest { - public abstract class WithResult<TResponse> : BaseRoute + public abstract class WithResult<TResponse> : INT_EndpointBase { public abstract Task<TResponse> HandleAsync( CancellationToken cancellationToken = default ); } - public abstract class WithoutResult : BaseRoute + public abstract class WithoutResult : INT_EndpointBase { public abstract Task HandleAsync( CancellationToken cancellationToken = default ); } - public abstract class WithActionResult<TResponse> : BaseRoute + public abstract class WithActionResult<TResponse> : INT_EndpointBase { public abstract Task<ActionResult<TResponse>> HandleAsync( CancellationToken cancellationToken = default ); } - public abstract class WithActionResult : BaseRoute + public abstract class WithActionResult : INT_EndpointBase { public abstract Task<ActionResult> HandleAsync( CancellationToken cancellationToken = default diff --git a/code/api/src/Endpoints/Internal/RouteBaseSync.cs b/code/api/src/Endpoints/Internal/RouteBaseSync.cs index 173999d..9d9bd5a 100644 --- a/code/api/src/Endpoints/Internal/RouteBaseSync.cs +++ b/code/api/src/Endpoints/Internal/RouteBaseSync.cs @@ -7,22 +7,22 @@ public static class RouteBaseSync { public static class WithRequest<TRequest> { - public abstract class WithResult<TResponse> : BaseRoute + public abstract class WithResult<TResponse> : INT_EndpointBase { public abstract TResponse Handle(TRequest request); } - public abstract class WithoutResult : BaseRoute + public abstract class WithoutResult : INT_EndpointBase { public abstract void Handle(TRequest request); } - public abstract class WithActionResult<TResponse> : BaseRoute + public abstract class WithActionResult<TResponse> : INT_EndpointBase { public abstract ActionResult<TResponse> Handle(TRequest request); } - public abstract class WithActionResult : BaseRoute + public abstract class WithActionResult : INT_EndpointBase { public abstract ActionResult Handle(TRequest request); } @@ -30,22 +30,22 @@ public static class RouteBaseSync public static class WithoutRequest { - public abstract class WithResult<TResponse> : BaseRoute + public abstract class WithResult<TResponse> : INT_EndpointBase { public abstract TResponse Handle(); } - public abstract class WithoutResult : BaseRoute + public abstract class WithoutResult : INT_EndpointBase { public abstract void Handle(); } - public abstract class WithActionResult<TResponse> : BaseRoute + public abstract class WithActionResult<TResponse> : INT_EndpointBase { public abstract ActionResult<TResponse> Handle(); } - public abstract class WithActionResult : BaseRoute + public abstract class WithActionResult : INT_EndpointBase { public abstract ActionResult Handle(); } diff --git a/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs b/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs index 2086619..60b00ff 100644 --- a/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs +++ b/code/api/src/Endpoints/V1/ApiTokens/CreateTokenRoute.cs @@ -23,13 +23,13 @@ public class CreateTokenRoute : RouteBaseSync.WithRequest<ApiAccessToken.ApiAcce [ApiVersion(ApiSpecV1.VERSION_STRING)] [HttpPost("~/v{version:apiVersion}/api-tokens/create")] [ProducesResponseType(200, Type = typeof(string))] - [ProducesResponseType(404, Type = typeof(ErrorResult))] + [ProducesResponseType(404, Type = typeof(KnownProblemModel))] public override ActionResult Handle(ApiAccessToken.ApiAccessTokenDto request) { var user = _context.Users.SingleOrDefault(c => c.Id == LoggedInUser.Id); if (user == default) { - return NotFound(new ErrorResult("User does not exist")); + return NotFound(new KnownProblemModel("User does not exist")); } var token_entropy = _configuration.APP_AES_KEY; diff --git a/code/api/src/Endpoints/V1/BaseRoute.cs b/code/api/src/Endpoints/V1/BaseRoute.cs deleted file mode 100644 index e7d72ac..0000000 --- a/code/api/src/Endpoints/V1/BaseRoute.cs +++ /dev/null @@ -1,39 +0,0 @@ -using System.Net.Http.Headers; - -namespace IOL.GreatOffice.Api.Endpoints.V1; - -/// <inheritdoc /> -[ApiVersion(ApiSpecV1.VERSION_STRING)] -[Authorize(AuthenticationSchemes = AuthSchemes)] -[ApiController] -public class BaseRoute : ControllerBase -{ - private const string AuthSchemes = CookieAuthenticationDefaults.AuthenticationScheme + "," + AppConstants.BASIC_AUTH_SCHEME; - - /// <summary> - /// User data for the currently logged on user. - /// </summary> - protected LoggedInUserModel LoggedInUser => new() { - Username = User.FindFirstValue(AppClaims.NAME), - Id = User.FindFirstValue(AppClaims.USER_ID).AsGuid(), - }; - - protected bool IsApiCall() { - if (!Request.Headers.ContainsKey("Authorization")) return false; - try { - var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); - if (authHeader.Parameter == null) return false; - } catch { - return false; - } - - return true; - } - - protected bool HasApiPermission(string permission_key) { - var permission_claim = User.Claims.SingleOrDefault(c => c.Type == permission_key); - return permission_claim is { - Value: "True" - }; - } -} diff --git a/code/api/src/Endpoints/V1/Entries/CreateEntryRoute.cs b/code/api/src/Endpoints/V1/Entries/CreateEntryRoute.cs index 362e430..854ff59 100644 --- a/code/api/src/Endpoints/V1/Entries/CreateEntryRoute.cs +++ b/code/api/src/Endpoints/V1/Entries/CreateEntryRoute.cs @@ -16,27 +16,28 @@ public class CreateEntryRoute : RouteBaseSync.WithRequest<TimeEntry.TimeEntryDto [ApiVersion(ApiSpecV1.VERSION_STRING)] [BasicAuthentication(AppConstants.TOKEN_ALLOW_CREATE)] [ProducesResponseType(200)] - [ProducesResponseType(400, Type = typeof(ErrorResult))] - [ProducesResponseType(404, Type = typeof(ErrorResult))] + [ProducesResponseType(400, Type = typeof(KnownProblemModel))] + [ProducesResponseType(404, Type = typeof(KnownProblemModel))] [HttpPost("~/v{version:apiVersion}/entries/create")] public override ActionResult<TimeEntry.TimeEntryDto> Handle(TimeEntry.TimeEntryDto timeEntryTimeEntryDto) { if (timeEntryTimeEntryDto.Stop == default) { - return BadRequest(new ErrorResult("Invalid form", "A stop date is required")); + return BadRequest(new KnownProblemModel("Invalid form", "A stop date is required")); } if (timeEntryTimeEntryDto.Start == default) { - return BadRequest(new ErrorResult("Invalid form", "A start date is required")); + return BadRequest(new KnownProblemModel("Invalid form", "A start date is required")); } if (timeEntryTimeEntryDto.Category == default) { - return BadRequest(new ErrorResult("Invalid form", "A category is required")); + return BadRequest(new KnownProblemModel("Invalid form", "A category is required")); } var category = _context.TimeCategories .Where(c => c.UserId == LoggedInUser.Id) .SingleOrDefault(c => c.Id == timeEntryTimeEntryDto.Category.Id); + if (category == default) { - return NotFound(new ErrorResult("Not found", $"Could not find category {timeEntryTimeEntryDto.Category.Name}")); + return NotFound(new KnownProblemModel("Not found", $"Could not find category {timeEntryTimeEntryDto.Category.Name}")); } var entry = new TimeEntry(LoggedInUser.Id) { @@ -52,7 +53,7 @@ public class CreateEntryRoute : RouteBaseSync.WithRequest<TimeEntry.TimeEntryDto .Where(c => timeEntryTimeEntryDto.Labels.Select(p => p.Id).Contains(c.Id)) .ToList(); if (labels.Count != timeEntryTimeEntryDto.Labels.Count) { - return NotFound(new ErrorResult("Not found", "Could not find all of the specified labels")); + return NotFound(new KnownProblemModel("Not found", "Could not find all of the specified labels")); } entry.Labels = labels; diff --git a/code/api/src/Endpoints/V1/Entries/EntryQueryRoute.cs b/code/api/src/Endpoints/V1/Entries/EntryQueryRoute.cs index d431ac5..ec6003c 100644 --- a/code/api/src/Endpoints/V1/Entries/EntryQueryRoute.cs +++ b/code/api/src/Endpoints/V1/Entries/EntryQueryRoute.cs @@ -20,7 +20,7 @@ public class EntryQueryRoute : RouteBaseSync.WithRequest<EntryQueryPayload>.With [BasicAuthentication(AppConstants.TOKEN_ALLOW_READ)] [HttpPost("~/v{version:apiVersion}/entries/query")] [ProducesResponseType(204)] - [ProducesResponseType(400, Type = typeof(ErrorResult))] + [ProducesResponseType(400, Type = typeof(KnownProblemModel))] [ProducesResponseType(200, Type = typeof(EntryQueryResponse))] public override ActionResult<EntryQueryResponse> Handle(EntryQueryPayload entryQuery) { var result = new TimeQueryDto(); @@ -142,19 +142,19 @@ public class EntryQueryRoute : RouteBaseSync.WithRequest<EntryQueryPayload>.With break; case TimeEntryQueryDuration.DATE_RANGE: if (entryQuery.DateRange.From == default) { - return BadRequest(new ErrorResult("Invalid query", "From date cannot be empty")); + return BadRequest(new KnownProblemModel("Invalid query", "From date cannot be empty")); } var fromDate = DateTime.SpecifyKind(entryQuery.DateRange.From, DateTimeKind.Utc); if (entryQuery.DateRange.To == default) { - return BadRequest(new ErrorResult("Invalid query", "To date cannot be empty")); + return BadRequest(new KnownProblemModel("Invalid query", "To date cannot be empty")); } var toDate = DateTime.SpecifyKind(entryQuery.DateRange.To, DateTimeKind.Utc); if (DateTime.Compare(fromDate, toDate) > 0) { - return BadRequest(new ErrorResult("Invalid query", "To date cannot be less than From date")); + return BadRequest(new KnownProblemModel("Invalid query", "To date cannot be less than From date")); } var baseDateRangeEntries = baseQuery diff --git a/code/api/src/Endpoints/V1/Entries/TimeQueryDto.cs b/code/api/src/Endpoints/V1/Entries/TimeQueryDto.cs new file mode 100644 index 0000000..6c199d8 --- /dev/null +++ b/code/api/src/Endpoints/V1/Entries/TimeQueryDto.cs @@ -0,0 +1,34 @@ + +namespace IOL.GreatOffice.Api.Endpoints.V1.Entries; + +public class TimeQueryDto +{ + public TimeQueryDto() { + Results = new List<TimeEntry.TimeEntryDto>(); + } + + /// <summary> + /// List of entries. + /// </summary> + public List<TimeEntry.TimeEntryDto> Results { get; set; } + + /// <summary> + /// Curren page. + /// </summary> + public int Page { get; set; } + + /// <summary> + /// Maximum count of entries in a page. + /// </summary> + public int PageSize { get; set; } + + /// <summary> + /// Total count of entries. + /// </summary> + public int TotalSize { get; set; } + + /// <summary> + /// Total count of pages. + /// </summary> + public int TotalPageCount { get; set; } +} diff --git a/code/api/src/Endpoints/V1/Entries/UpdateEntryRoute.cs b/code/api/src/Endpoints/V1/Entries/UpdateEntryRoute.cs index ac233e0..09e3b9c 100644 --- a/code/api/src/Endpoints/V1/Entries/UpdateEntryRoute.cs +++ b/code/api/src/Endpoints/V1/Entries/UpdateEntryRoute.cs @@ -16,7 +16,7 @@ public class UpdateEntryRoute : RouteBaseSync.WithRequest<TimeEntry.TimeEntryDto [ApiVersion(ApiSpecV1.VERSION_STRING)] [BasicAuthentication(AppConstants.TOKEN_ALLOW_UPDATE)] [HttpPost("~/v{version:apiVersion}/entries/update")] - [ProducesResponseType(404, Type = typeof(ErrorResult))] + [ProducesResponseType(404, Type = typeof(KnownProblemModel))] [ProducesResponseType(200, Type = typeof(TimeEntry.TimeEntryDto))] public override ActionResult<TimeEntry.TimeEntryDto> Handle(TimeEntry.TimeEntryDto timeEntryTimeEntryDto) { var entry = _context.TimeEntries @@ -32,7 +32,7 @@ public class UpdateEntryRoute : RouteBaseSync.WithRequest<TimeEntry.TimeEntryDto .Where(c => c.UserId == LoggedInUser.Id) .SingleOrDefault(c => c.Id == timeEntryTimeEntryDto.Category.Id); if (category == default) { - return NotFound(new ErrorResult("Not found", $"Could not find category {timeEntryTimeEntryDto.Category.Name}")); + return NotFound(new KnownProblemModel("Not found", $"Could not find category {timeEntryTimeEntryDto.Category.Name}")); } entry.Start = timeEntryTimeEntryDto.Start.ToUniversalTime(); diff --git a/code/api/src/Endpoints/V1/RouteBaseAsync.cs b/code/api/src/Endpoints/V1/RouteBaseAsync.cs index 1d179f7..a75e9da 100644 --- a/code/api/src/Endpoints/V1/RouteBaseAsync.cs +++ b/code/api/src/Endpoints/V1/RouteBaseAsync.cs @@ -7,7 +7,7 @@ public static class RouteBaseAsync { public static class WithRequest<TRequest> { - public abstract class WithResult<TResponse> : BaseRoute + public abstract class WithResult<TResponse> : V1_EndpointBase { public abstract Task<TResponse> HandleAsync( TRequest request, @@ -15,7 +15,7 @@ public static class RouteBaseAsync ); } - public abstract class WithoutResult : BaseRoute + public abstract class WithoutResult : V1_EndpointBase { public abstract Task HandleAsync( TRequest request, @@ -23,7 +23,7 @@ public static class RouteBaseAsync ); } - public abstract class WithActionResult<TResponse> : BaseRoute + public abstract class WithActionResult<TResponse> : V1_EndpointBase { public abstract Task<ActionResult<TResponse>> HandleAsync( TRequest request, @@ -31,7 +31,7 @@ public static class RouteBaseAsync ); } - public abstract class WithActionResult : BaseRoute + public abstract class WithActionResult : V1_EndpointBase { public abstract Task<ActionResult> HandleAsync( TRequest request, @@ -42,28 +42,28 @@ public static class RouteBaseAsync public static class WithoutRequest { - public abstract class WithResult<TResponse> : BaseRoute + public abstract class WithResult<TResponse> : V1_EndpointBase { public abstract Task<TResponse> HandleAsync( CancellationToken cancellationToken = default ); } - public abstract class WithoutResult : BaseRoute + public abstract class WithoutResult : V1_EndpointBase { public abstract Task HandleAsync( CancellationToken cancellationToken = default ); } - public abstract class WithActionResult<TResponse> : BaseRoute + public abstract class WithActionResult<TResponse> : V1_EndpointBase { public abstract Task<ActionResult<TResponse>> HandleAsync( CancellationToken cancellationToken = default ); } - public abstract class WithActionResult : BaseRoute + public abstract class WithActionResult : V1_EndpointBase { public abstract Task<ActionResult> HandleAsync( CancellationToken cancellationToken = default diff --git a/code/api/src/Endpoints/V1/RouteBaseSync.cs b/code/api/src/Endpoints/V1/RouteBaseSync.cs index cb27c14..6a86074 100644 --- a/code/api/src/Endpoints/V1/RouteBaseSync.cs +++ b/code/api/src/Endpoints/V1/RouteBaseSync.cs @@ -7,22 +7,22 @@ public static class RouteBaseSync { public static class WithRequest<TRequest> { - public abstract class WithResult<TResponse> : BaseRoute + public abstract class WithResult<TResponse> : V1_EndpointBase { public abstract TResponse Handle(TRequest request); } - public abstract class WithoutResult : BaseRoute + public abstract class WithoutResult : V1_EndpointBase { public abstract void Handle(TRequest request); } - public abstract class WithActionResult<TResponse> : BaseRoute + public abstract class WithActionResult<TResponse> : V1_EndpointBase { public abstract ActionResult<TResponse> Handle(TRequest request); } - public abstract class WithActionResult : BaseRoute + public abstract class WithActionResult : V1_EndpointBase { public abstract ActionResult Handle(TRequest request); } @@ -30,22 +30,22 @@ public static class RouteBaseSync public static class WithoutRequest { - public abstract class WithResult<TResponse> : BaseRoute + public abstract class WithResult<TResponse> : V1_EndpointBase { public abstract TResponse Handle(); } - public abstract class WithoutResult : BaseRoute + public abstract class WithoutResult : V1_EndpointBase { public abstract void Handle(); } - public abstract class WithActionResult<TResponse> : BaseRoute + public abstract class WithActionResult<TResponse> : V1_EndpointBase { public abstract ActionResult<TResponse> Handle(); } - public abstract class WithActionResult : BaseRoute + public abstract class WithActionResult : V1_EndpointBase { public abstract ActionResult Handle(); } diff --git a/code/api/src/Endpoints/V1/V1_EndpointBase.cs b/code/api/src/Endpoints/V1/V1_EndpointBase.cs new file mode 100644 index 0000000..08ce4ab --- /dev/null +++ b/code/api/src/Endpoints/V1/V1_EndpointBase.cs @@ -0,0 +1,29 @@ +using System.Net.Http.Headers; + +namespace IOL.GreatOffice.Api.Endpoints.V1; + +[ApiVersion(ApiSpecV1.VERSION_STRING)] +[Authorize(AuthenticationSchemes = AuthSchemes)] +public class V1_EndpointBase : EndpointBase +{ + private const string AuthSchemes = CookieAuthenticationDefaults.AuthenticationScheme + "," + AppConstants.BASIC_AUTH_SCHEME; + + protected bool IsApiCall() { + if (!Request.Headers.ContainsKey("Authorization")) return false; + try { + var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); + if (authHeader.Parameter == null) return false; + } catch { + return false; + } + + return true; + } + + protected bool HasApiPermission(string permission_key) { + var permission_claim = User.Claims.SingleOrDefault(c => c.Type == permission_key); + return permission_claim is { + Value: "True" + }; + } +}
\ No newline at end of file |