From d597bf729f86c24d09b7472163f95d0e6d4bc2ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A1=D1=82=D0=B5=D0=BF=D0=B0=D0=BD=D0=BE=D0=B2=20=D0=94?= =?UTF-8?q?=D0=BC=D0=B8=D1=82=D1=80=D0=B8=D0=B9?= Date: Fri, 8 Sep 2023 10:39:54 +0500 Subject: [PATCH] =?UTF-8?q?=D0=9F=D0=BE=D0=BF=D1=80=D0=B0=D0=B2=D0=BB?= =?UTF-8?q?=D0=B5=D0=BD=D1=8B=20=D0=BA=D0=BE=D0=BD=D1=82=D1=80=D0=BE=D0=BB?= =?UTF-8?q?=D0=BB=D0=B5=D1=80=D1=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Controllers/ManualController.cs | 62 ++++------ .../Controllers/ManualDirectoryController.cs | 113 ++++++++++++++++++ .../Controllers/ManualFolderController.cs | 94 --------------- 3 files changed, 133 insertions(+), 136 deletions(-) create mode 100644 AsbCloudWebApi/Controllers/ManualDirectoryController.cs delete mode 100644 AsbCloudWebApi/Controllers/ManualFolderController.cs diff --git a/AsbCloudWebApi/Controllers/ManualController.cs b/AsbCloudWebApi/Controllers/ManualController.cs index e43f973a..34818353 100644 --- a/AsbCloudWebApi/Controllers/ManualController.cs +++ b/AsbCloudWebApi/Controllers/ManualController.cs @@ -1,10 +1,9 @@ -using System.Collections.Generic; using System.ComponentModel.DataAnnotations; using System.Threading; using System.Threading.Tasks; -using AsbCloudApp.Data.Manuals; using AsbCloudApp.Repositories; using AsbCloudApp.Services; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; @@ -12,6 +11,7 @@ namespace AsbCloudWebApi.Controllers; [ApiController] [Route("api/[controller]")] +[Authorize] public class ManualController : ControllerBase { private readonly IManualCatalogService manualCatalogService; @@ -27,8 +27,7 @@ public class ManualController : ControllerBase /// /// Сохранение файла /// - /// Необязательный параметр. 30000 - АСУ ТП, 30001 - Технология бурения - /// Необязательный параметр. Id папки + /// Id директории /// Загружаемый файл /// /// @@ -37,23 +36,22 @@ public class ManualController : ControllerBase [ProducesResponseType(typeof(int), StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status400BadRequest)] [ProducesResponseType(StatusCodes.Status403Forbidden)] - public async Task SaveFileAsync( - [Range(minimum: 30000, maximum: 30001, ErrorMessage = "Категория файла недопустима. Допустимые: 30000, 30001")] - int? idCategory, - int? idFolder, + public async Task SaveFileAsync(int idDirectory, [Required] IFormFile file, CancellationToken cancellationToken) { - if(!CanUserAccess("Manual.edit")) + var idUser = User.GetUserId(); + + if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit")) return Forbid(); - + using var fileStream = file.OpenReadStream(); - var id = await manualCatalogService.SaveFileAsync(idCategory, idFolder, file.FileName, fileStream, cancellationToken); + var id = await manualCatalogService.SaveFileAsync(idDirectory, idUser.Value, file.FileName, fileStream, cancellationToken); return Ok(id); } - + /// /// Получение файла /// @@ -67,14 +65,16 @@ public class ManualController : ControllerBase [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task GetFileAsync(int id, CancellationToken cancellationToken) { - if(!CanUserAccess("Manual.view")) + var idUser = User.GetUserId(); + + if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get")) return Forbid(); - + var file = await manualCatalogService.GetFileAsync(id, cancellationToken); - + if (!file.HasValue) return NoContent(); - + return File(file.Value.stream, "application/octet-stream", file.Value.fileName); } @@ -90,33 +90,11 @@ public class ManualController : ControllerBase [ProducesResponseType(StatusCodes.Status403Forbidden)] public async Task DeleteFileAsync(int id, CancellationToken cancellationToken) { - if(!CanUserAccess("Manual.edit")) + var idUser = User.GetUserId(); + + if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit")) return Forbid(); - + return Ok(await manualCatalogService.DeleteFileAsync(id, cancellationToken)); } - - /// - /// Получение каталога с инструкциями - /// - /// - /// - [HttpGet] - [Permission] - [ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)] - [ProducesResponseType(StatusCodes.Status403Forbidden)] - public async Task GetCatalogAsync(CancellationToken cancellationToken) - { - if(!CanUserAccess("Manual.view")) - return Forbid(); - - return Ok(await manualCatalogService.GetCatalogAsync(cancellationToken)); - } - - private bool CanUserAccess(string permission) - { - var idUser = User.GetUserId(); - - return idUser.HasValue && userRepository.HasPermission(idUser.Value, permission); - } } \ No newline at end of file diff --git a/AsbCloudWebApi/Controllers/ManualDirectoryController.cs b/AsbCloudWebApi/Controllers/ManualDirectoryController.cs new file mode 100644 index 00000000..cad8e60a --- /dev/null +++ b/AsbCloudWebApi/Controllers/ManualDirectoryController.cs @@ -0,0 +1,113 @@ +using System.Collections.Generic; +using System.Threading; +using System.Threading.Tasks; +using AsbCloudApp.Data.Manuals; +using AsbCloudApp.Repositories; +using AsbCloudApp.Services; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Mvc; +namespace AsbCloudWebApi.Controllers; + +[ApiController] +[Route("api/[controller]")] +[Authorize] +public class ManualDirectoryController : ControllerBase +{ + private readonly IManualDirectoryRepository manualDirectoryRepository; + private readonly IManualCatalogService manualCatalogService; + private readonly IUserRepository userRepository; + + public ManualDirectoryController(IManualDirectoryRepository manualDirectoryRepository, + IManualCatalogService manualCatalogService, + IUserRepository userRepository) + { + this.manualDirectoryRepository = manualDirectoryRepository; + this.manualCatalogService = manualCatalogService; + this.userRepository = userRepository; + } + + /// + /// Создание директории + /// + /// Название + /// Необязательный параметр. Id родительской директории + /// + /// + [HttpPost] + [Permission] + [ProducesResponseType(typeof(int), StatusCodes.Status200OK)] + [ProducesResponseType(StatusCodes.Status400BadRequest)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] + public async Task AddDirectoryAsync(string name, int? idParent, CancellationToken cancellationToken) + { + var idUser = User.GetUserId(); + + if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit")) + return Forbid(); + + return Ok(await manualCatalogService.AddDirectoryAsync(name, idParent, cancellationToken)); + } + + /// + /// Обновление директории + /// + /// + /// Новое название директории + /// + /// + [HttpPut] + [Permission] + [ProducesResponseType(StatusCodes.Status400BadRequest)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] + public async Task UpdateDirectoryAsync(int id, string name, CancellationToken cancellationToken) + { + var idUser = User.GetUserId(); + + if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit")) + return Forbid(); + + await manualCatalogService.UpdateDirectoryAsync(id, name, cancellationToken); + + return Ok(); + } + + /// + /// Удаление директории + /// + /// Идентификатор директории + /// + /// + [HttpDelete] + [Permission] + [ProducesResponseType(typeof(int), StatusCodes.Status200OK)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] + public async Task DeleteDirectoryAsync(int id, CancellationToken cancellationToken) + { + var idUser = User.GetUserId(); + + if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit")) + return Forbid(); + + return Ok(await manualCatalogService.DeleteDirectoryAsync(id, cancellationToken)); + } + + /// + /// Получение дерева категорий + /// + /// + /// + [HttpGet] + [Permission] + [ProducesResponseType(typeof(IEnumerable), StatusCodes.Status200OK)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] + public async Task GetAsync(CancellationToken cancellationToken) + { + var idUser = User.GetUserId(); + + if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get")) + return Forbid(); + + return Ok(await manualDirectoryRepository.GetTreeAsync(cancellationToken)); + } +} \ No newline at end of file diff --git a/AsbCloudWebApi/Controllers/ManualFolderController.cs b/AsbCloudWebApi/Controllers/ManualFolderController.cs deleted file mode 100644 index fa97aef7..00000000 --- a/AsbCloudWebApi/Controllers/ManualFolderController.cs +++ /dev/null @@ -1,94 +0,0 @@ -using System.ComponentModel.DataAnnotations; -using System.Threading; -using System.Threading.Tasks; -using AsbCloudApp.Repositories; -using AsbCloudApp.Services; -using Microsoft.AspNetCore.Http; -using Microsoft.AspNetCore.Mvc; -namespace AsbCloudWebApi.Controllers; - -[ApiController] -[Route("api/[controller]")] -public class ManualFolderController : ControllerBase -{ - private readonly IManualCatalogService manualCatalogService; - private readonly IUserRepository userRepository; - - public ManualFolderController(IManualCatalogService manualCatalogService, - IUserRepository userRepository) - { - this.manualCatalogService = manualCatalogService; - this.userRepository = userRepository; - } - - /// - /// Создание папки - /// - /// Название - /// Необязательный параметр. Id родительской папки - /// Id категории. 30000 - АСУ ТП, 30001 - Технология бурения - /// - /// - [HttpPost] - [Permission] - [ProducesResponseType(typeof(int), StatusCodes.Status200OK)] - [ProducesResponseType(StatusCodes.Status400BadRequest)] - [ProducesResponseType(StatusCodes.Status403Forbidden)] - public async Task AddFolderAsync(string name, int? idParent, - [Required(ErrorMessage = "Обязательный параметр")] - [Range(minimum: 30000, maximum: 30001, ErrorMessage = "Категория файла недопустима. Допустимые: 30000, 30001")] - int idCategory, - CancellationToken cancellationToken) - { - if (!CanUserAccess()) - return Forbid(); - - return Ok(await manualCatalogService.AddFolderAsync(name, idParent, idCategory, cancellationToken)); - } - - /// - /// Обновление папки - /// - /// - /// Новое название папки - /// - /// - [HttpPut] - [Permission] - [ProducesResponseType(StatusCodes.Status400BadRequest)] - [ProducesResponseType(StatusCodes.Status403Forbidden)] - public async Task UpdateFolderAsync(int id, string name, CancellationToken cancellationToken) - { - if (!CanUserAccess()) - return Forbid(); - - await manualCatalogService.UpdateFolderAsync(id, name, cancellationToken); - - return Ok(); - } - - /// - /// Удаление папки - /// - /// - /// - /// - [HttpDelete] - [Permission] - [ProducesResponseType(typeof(int), StatusCodes.Status200OK)] - [ProducesResponseType(StatusCodes.Status403Forbidden)] - public async Task DeleteFolderAsync(int id, CancellationToken cancellationToken) - { - if (!CanUserAccess()) - return Forbid(); - - return Ok(await manualCatalogService.DeleteFolderAsync(id, cancellationToken)); - } - - private bool CanUserAccess() - { - var idUser = User.GetUserId(); - - return idUser.HasValue && userRepository.HasPermission(idUser.Value, "Manual.edit"); - } -} \ No newline at end of file