Рефакторинг

1. Добавил проверку при удалении РТК 2. Сделал небольшой рефакторинг контроллеров
2023-10-05 09:33:38 +05:00 · 2023-10-05 09:33:38 +05:00 · 67113878a3
commit 67113878a3
parent 771ba06a6f
2 changed files with 58 additions and 46 deletions
--- a/AsbCloudWebApi/Controllers/ProcessMapController.cs
+++ b/AsbCloudWebApi/Controllers/ProcessMapController.cs
@ -12,6 +12,7 @@ using System.IO;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
+using AsbCloudApp.Exceptions;
 using Microsoft.AspNetCore.Http;

 namespace AsbCloudWebApi.Controllers
@ -141,13 +142,13 @@ namespace AsbCloudWebApi.Controllers
        /// <param name="value"></param>
        /// <param name="token"></param>
        /// <returns></returns>
-        [HttpPost]
        public override async Task<ActionResult<int>> InsertAsync([FromBody] ProcessMapPlanDto value, CancellationToken token)
        {
-            if (!await CanUserEditProcessMapAsync(value.IdWell, token))
-                return Forbid();
+            value.IdUser = User.GetUserId()
+                           ?? throw new ForbidException("Неизвестный пользователь");
+
+            await AssertUserHasAccessToProcessMapAsync(value.IdWell, token);
            
-            value.IdUser = User.GetUserId() ?? -1;
            var result = await base.InsertAsync(value, token);
            await NotifyUsersBySignalR(value.IdWell, token);
            return result;
@ -159,18 +160,25 @@ namespace AsbCloudWebApi.Controllers
        /// <param name="value">запись</param>
        /// <param name="token"></param>
        /// <returns>1 - успешно отредактировано, 0 - нет</returns>
-        [HttpPut]
        public override async Task<ActionResult<int>> UpdateAsync([FromBody] ProcessMapPlanDto value, CancellationToken token)
        {
-            if (!await CanUserEditProcessMapAsync(value.IdWell, token))
-                return Forbid();
+            value.IdUser = User.GetUserId()
+                           ?? throw new ForbidException("Неизвестный пользователь");
+
+            await AssertUserHasAccessToProcessMapAsync(value.IdWell, token);

-            value.IdUser = User.GetUserId() ?? -1;
            var result = await base.UpdateAsync(value, token);
            await NotifyUsersBySignalR(value.IdWell, token);
            return result;
        }

+        public override async Task<ActionResult<int>> DeleteAsync(int id, CancellationToken token)
+        {
+            await AssertUserHasAccessToProcessMapAsync(id, token);
+
+            return await base.DeleteAsync(id, token);
+        }
+
        /// <summary>
        /// Возвращает шаблон файла импорта плановой РТК
        /// </summary>
@ -199,13 +207,12 @@ namespace AsbCloudWebApi.Controllers
            [Required] IFormFile file,
            CancellationToken cancellationToken)
        {
-            int? idUser = User.GetUserId();
+            var idUser = User.GetUserId();
            
-            if (idUser is null)
-                return Forbid();
+            if (!idUser.HasValue)
+                throw new ForbidException("Неизвестный пользователь");

-            if (!await CanUserEditProcessMapAsync(idWell, cancellationToken))
-                return Forbid();
+            await AssertUserHasAccessToProcessMapAsync(idWell, cancellationToken);
            
            if (Path.GetExtension(file.FileName).ToLower() != ".xlsx")
                return this.ValidationBadRequest(nameof(file), "Требуется xlsx файл.");
@ -239,11 +246,6 @@ namespace AsbCloudWebApi.Controllers
        [ProducesResponseType(StatusCodes.Status204NoContent)]
        public async Task<IActionResult> ExportAsync(int idWell, CancellationToken cancellationToken)
        {
-            int? idUser = User.GetUserId();
-
-            if (idUser is null)
-                return Forbid();
-            
            var well = await wellService.GetOrDefaultAsync(idWell, cancellationToken);

            if (well is null)
@ -254,23 +256,22 @@ namespace AsbCloudWebApi.Controllers
            return File(stream, "application/octet-stream", fileName);
        }

-        private async Task<bool> CanUserEditProcessMapAsync(int idWell, CancellationToken token)
+        private async Task AssertUserHasAccessToProcessMapAsync(int idWell, CancellationToken cancellationToken)
        {
            var idUser = User.GetUserId();
-
-            if (!idUser.HasValue)
-                return false;
-            
            var idCompany = User.GetCompanyId();
-            if (!idCompany.HasValue || !await wellService.IsCompanyInvolvedInWellAsync(idCompany.Value, idWell, token))
-                return false;

-            var well = await wellService.GetOrDefaultAsync(idWell, token);
+            if (!idCompany.HasValue || !idUser.HasValue)
+                throw new ForbidException("Неизвестный пользователь");

-            if (well is null)
-                return false;
+            var well = await wellService.GetOrDefaultAsync(idWell, cancellationToken)
+                       ?? throw new ForbidException($"Скважины с {idWell} не существует");

-            return well.IdState != 2 || userRepository.HasPermission(idUser.Value, "ProcessMap.editCompletedWell");
+            if (!await wellService.IsCompanyInvolvedInWellAsync(idCompany.Value, idWell, cancellationToken))
+                throw new ForbidException("Нет доступа к скважине");
+
+            if (well.IdState == 2 && !userRepository.HasPermission(idUser.Value, "ProcessMap.editCompletedWell"))
+                throw new ForbidException("Недостаточно прав для редактирования РТК завершённой скважины");
        }

        private async Task NotifyUsersBySignalR(int idWell, CancellationToken token)
--- a/AsbCloudWebApi/Controllers/ProcessMapWellboreDevelopmentController.cs
+++ b/AsbCloudWebApi/Controllers/ProcessMapWellboreDevelopmentController.cs
@ -36,13 +36,12 @@ public class ProcessMapWellboreDevelopmentController : CrudWellRelatedController
 	/// <param name="value"></param>
 	/// <param name="token"></param>
 	/// <returns></returns>
-	/// <exception cref="ForbidException"></exception>
 	public override async Task<ActionResult<int>> InsertAsync(ProcessMapWellboreDevelopmentDto value, CancellationToken token)
 	{
 		value.IdUser = User.GetUserId() 
 						?? throw new ForbidException("Неизвестный пользователь");
 		
-		await AssertUserHasAccessToProcessMapWellboreDevelopmentAsync(value.IdWell, value.IdUser, token);
+		await AssertUserHasAccessToProcessMapWellboreDevelopmentAsync(value.IdWell, token);
 		
 		return await processMapWellboreDevelopmentService.InsertAsync(value, token);
 	}
@ -58,11 +57,18 @@ public class ProcessMapWellboreDevelopmentController : CrudWellRelatedController
 		value.IdUser = User.GetUserId() 
 						?? throw new ForbidException("Неизвестный пользователь");
 		
-		await AssertUserHasAccessToProcessMapWellboreDevelopmentAsync(value.IdWell, value.IdUser, token);
+		await AssertUserHasAccessToProcessMapWellboreDevelopmentAsync(value.IdWell, token);

 		return await processMapWellboreDevelopmentService.UpdateAsync(value, token);
 	}

+    public override async Task<ActionResult<int>> DeleteAsync(int id, CancellationToken token)
+    {
+        await AssertUserHasAccessToProcessMapWellboreDevelopmentAsync(id, token);
+
+        return await base.DeleteAsync(id, token);
+    }
+
    /// <summary>
 	/// Возвращает проработки по uid телеметрии
 	/// </summary>
@ -81,16 +87,21 @@ public class ProcessMapWellboreDevelopmentController : CrudWellRelatedController
 		return Ok(dto);
 	}

-	private async Task AssertUserHasAccessToProcessMapWellboreDevelopmentAsync(int idUser, int idWell, CancellationToken cancellationToken)
+	private async Task AssertUserHasAccessToProcessMapWellboreDevelopmentAsync(int idWell, CancellationToken cancellationToken)
    {
+        var idUser = User.GetUserId();
+        var idCompany = User.GetCompanyId();
+
+        if (!idCompany.HasValue || !idUser.HasValue)
+            throw new ForbidException("Неизвестный пользователь");
+
        var well = await wellService.GetOrDefaultAsync(idWell, cancellationToken) 
 					?? throw new ForbidException($"Скважины с {idWell} не существует");
        
-		var idCompany = User.GetCompanyId();
-		if (!idCompany.HasValue || !await wellService.IsCompanyInvolvedInWellAsync(idCompany.Value, idWell, cancellationToken))
+		if (!await wellService.IsCompanyInvolvedInWellAsync(idCompany.Value, idWell, cancellationToken))
 			throw new ForbidException("Нет доступа к скважине");

-		if (well.IdState == 2 && !userRepository.HasPermission(idUser, "ProcessMap.editCompletedWell"))
+		if (well.IdState == 2 && !userRepository.HasPermission(idUser.Value, "ProcessMap.editCompletedWell"))
 			throw new ForbidException("Недостаточно прав для редактирования РТК завершённой скважины");
 	}
 }