Поправлены контроллеры

AsbCloudWebApi/Controllers/ManualController.cs

@@ -1,10 +1,9 @@
-using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using System.Threading;
 using System.Threading.Tasks;
-using AsbCloudApp.Data.Manuals;
 using AsbCloudApp.Repositories;
 using AsbCloudApp.Services;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 
@@ -12,6 +11,7 @@ namespace AsbCloudWebApi.Controllers;
 
 [ApiController]
 [Route("api/[controller]")]
+[Authorize]
 public class ManualController : ControllerBase
 {
 	private readonly IManualCatalogService manualCatalogService;
@@ -27,8 +27,7 @@ public class ManualController : ControllerBase
 	/// <summary>
 	/// Сохранение файла
 	/// </summary>
-	/// <param name="idCategory">Необязательный параметр. 30000 - АСУ ТП, 30001 - Технология бурения</param>
+	/// <param name="idDirectory">Id директории</param>
-	/// <param name="idFolder">Необязательный параметр. Id папки</param>
 	/// <param name="file">Загружаемый файл</param>
 	/// <param name="cancellationToken"></param>
 	/// <returns></returns>
@@ -37,23 +36,22 @@ public class ManualController : ControllerBase
 	[ProducesResponseType(typeof(int), StatusCodes.Status200OK)]
 	[ProducesResponseType(StatusCodes.Status400BadRequest)]
 	[ProducesResponseType(StatusCodes.Status403Forbidden)]
-	public async Task<IActionResult> SaveFileAsync(
+	public async Task<IActionResult> SaveFileAsync(int idDirectory,
-		[Range(minimum: 30000, maximum: 30001, ErrorMessage = "Категория файла недопустима. Допустимые: 30000, 30001")]
-		int? idCategory,
-		int? idFolder,
 		[Required] IFormFile file,
 		CancellationToken cancellationToken)
 	{
-		if(!CanUserAccess("Manual.edit"))
+		var idUser = User.GetUserId();
+
+		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
 			return Forbid();
-		
+
 		using var fileStream = file.OpenReadStream();
 
-		var id = await manualCatalogService.SaveFileAsync(idCategory, idFolder, file.FileName, fileStream, cancellationToken);
+		var id = await manualCatalogService.SaveFileAsync(idDirectory, idUser.Value, file.FileName, fileStream, cancellationToken);
 
 		return Ok(id);
 	}
-	
+
 	/// <summary>
 	/// Получение файла
 	/// </summary>
@@ -67,14 +65,16 @@ public class ManualController : ControllerBase
 	[ProducesResponseType(StatusCodes.Status403Forbidden)]
 	public async Task<IActionResult> GetFileAsync(int id, CancellationToken cancellationToken)
 	{
-		if(!CanUserAccess("Manual.view"))
+		var idUser = User.GetUserId();
+
+		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get"))
 			return Forbid();
-		
+
 		var file = await manualCatalogService.GetFileAsync(id, cancellationToken);
-		
+
 		if (!file.HasValue)
 			return NoContent();
-        
+
 		return File(file.Value.stream, "application/octet-stream", file.Value.fileName);
 	}
 
@@ -90,33 +90,11 @@ public class ManualController : ControllerBase
 	[ProducesResponseType(StatusCodes.Status403Forbidden)]
 	public async Task<IActionResult> DeleteFileAsync(int id, CancellationToken cancellationToken)
 	{
-		if(!CanUserAccess("Manual.edit"))
+		var idUser = User.GetUserId();
+
+		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
 			return Forbid();
-		
+
 		return Ok(await manualCatalogService.DeleteFileAsync(id, cancellationToken));
 	}
-
-	/// <summary>
-	/// Получение каталога с инструкциями
-	/// </summary>
-	/// <param name="cancellationToken"></param>
-	/// <returns></returns>
-	[HttpGet]
-	[Permission]
-	[ProducesResponseType(typeof(IEnumerable<CatalogItemManualDto>), StatusCodes.Status200OK)]
-	[ProducesResponseType(StatusCodes.Status403Forbidden)]
-	public async Task<IActionResult> GetCatalogAsync(CancellationToken cancellationToken)
-	{
-		if(!CanUserAccess("Manual.view"))
-			return Forbid();
-
-		return Ok(await manualCatalogService.GetCatalogAsync(cancellationToken));
-	}
-
-	private bool CanUserAccess(string permission)
-	{
-		var idUser = User.GetUserId();
-		
-		return idUser.HasValue && userRepository.HasPermission(idUser.Value, permission);
-	}
 }

AsbCloudWebApi/Controllers/ManualDirectoryController.cs

@@ -0,0 +1,113 @@
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;
+using AsbCloudApp.Data.Manuals;
+using AsbCloudApp.Repositories;
+using AsbCloudApp.Services;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+namespace AsbCloudWebApi.Controllers;
+
+[ApiController]
+[Route("api/[controller]")]
+[Authorize]
+public class ManualDirectoryController : ControllerBase
+{
+	private readonly IManualDirectoryRepository manualDirectoryRepository;
+	private readonly IManualCatalogService manualCatalogService;
+	private readonly IUserRepository userRepository;
+
+	public ManualDirectoryController(IManualDirectoryRepository manualDirectoryRepository,
+		IManualCatalogService manualCatalogService,
+		IUserRepository userRepository)
+	{
+		this.manualDirectoryRepository = manualDirectoryRepository;
+		this.manualCatalogService = manualCatalogService;
+		this.userRepository = userRepository;
+	}
+	
+	/// <summary>
+	/// Создание директории
+	/// </summary>
+	/// <param name="name">Название</param>
+	/// <param name="idParent">Необязательный параметр. Id родительской директории</param>
+	/// <param name="cancellationToken"></param>
+	/// <returns></returns>
+	[HttpPost]
+	[Permission]
+	[ProducesResponseType(typeof(int), StatusCodes.Status200OK)]
+	[ProducesResponseType(StatusCodes.Status400BadRequest)]
+	[ProducesResponseType(StatusCodes.Status403Forbidden)]
+	public async Task<IActionResult> AddDirectoryAsync(string name, int? idParent, CancellationToken cancellationToken)
+	{
+		var idUser = User.GetUserId();
+
+		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
+			return Forbid();
+		
+		return Ok(await manualCatalogService.AddDirectoryAsync(name, idParent, cancellationToken));
+	}
+	
+	/// <summary>
+	/// Обновление директории
+	/// </summary>
+	/// <param name="id"></param>
+	/// <param name="name">Новое название директории</param>
+	/// <param name="cancellationToken"></param>
+	/// <returns></returns>
+	[HttpPut]
+	[Permission]
+	[ProducesResponseType(StatusCodes.Status400BadRequest)]
+	[ProducesResponseType(StatusCodes.Status403Forbidden)]
+	public async Task<IActionResult> UpdateDirectoryAsync(int id, string name, CancellationToken cancellationToken)
+	{
+		var idUser = User.GetUserId();
+
+		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
+			return Forbid();
+		
+		await manualCatalogService.UpdateDirectoryAsync(id, name, cancellationToken);
+	
+		return Ok();
+	}
+
+	/// <summary>
+	/// Удаление директории
+	/// </summary>
+	/// <param name="id">Идентификатор директории</param>
+	/// <param name="cancellationToken"></param>
+	/// <returns></returns>
+	[HttpDelete]
+	[Permission]
+	[ProducesResponseType(typeof(int), StatusCodes.Status200OK)]
+	[ProducesResponseType(StatusCodes.Status403Forbidden)]
+	public async Task<IActionResult> DeleteDirectoryAsync(int id, CancellationToken cancellationToken)
+	{
+		var idUser = User.GetUserId();
+
+		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.edit"))
+			return Forbid();
+		
+		return Ok(await manualCatalogService.DeleteDirectoryAsync(id, cancellationToken));
+	}
+	
+	/// <summary>
+	/// Получение дерева категорий
+	/// </summary>
+	/// <param name="cancellationToken"></param>
+	/// <returns></returns>
+	[HttpGet]
+	[Permission]
+	[ProducesResponseType(typeof(IEnumerable<ManualDirectoryDto>), StatusCodes.Status200OK)]
+	[ProducesResponseType(StatusCodes.Status403Forbidden)]
+	public async Task<IActionResult> GetAsync(CancellationToken cancellationToken)
+	{
+		var idUser = User.GetUserId();
+
+		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, "Manual.get"))
+			return Forbid();
+
+		return Ok(await manualDirectoryRepository.GetTreeAsync(cancellationToken));
+	}
+}

AsbCloudWebApi/Controllers/ManualFolderController.cs

@@ -1,94 +0,0 @@
-using System.ComponentModel.DataAnnotations;
-using System.Threading;
-using System.Threading.Tasks;
-using AsbCloudApp.Repositories;
-using AsbCloudApp.Services;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Mvc;
-namespace AsbCloudWebApi.Controllers;
-
-[ApiController]
-[Route("api/[controller]")]
-public class ManualFolderController : ControllerBase
-{
-	private readonly IManualCatalogService manualCatalogService;
-	private readonly IUserRepository userRepository;
-
-	public ManualFolderController(IManualCatalogService manualCatalogService,
-		IUserRepository userRepository)
-	{
-		this.manualCatalogService = manualCatalogService;
-		this.userRepository = userRepository;
-	}
-	
-	/// <summary>
-	/// Создание папки
-	/// </summary>
-	/// <param name="name">Название</param>
-	/// <param name="idParent">Необязательный параметр. Id родительской папки</param>
-	/// <param name="idCategory">Id категории. 30000 - АСУ ТП, 30001 - Технология бурения</param>
-	/// <param name="cancellationToken"></param>
-	/// <returns></returns>
-	[HttpPost]
-	[Permission]
-	[ProducesResponseType(typeof(int), StatusCodes.Status200OK)]
-	[ProducesResponseType(StatusCodes.Status400BadRequest)]
-	[ProducesResponseType(StatusCodes.Status403Forbidden)]
-	public async Task<IActionResult> AddFolderAsync(string name, int? idParent,
-		[Required(ErrorMessage = "Обязательный параметр")]
-		[Range(minimum: 30000, maximum: 30001, ErrorMessage = "Категория файла недопустима. Допустимые: 30000, 30001")]
-		int idCategory,
-		CancellationToken cancellationToken)
-	{
-		if (!CanUserAccess())
-			return Forbid();
-		
-		return Ok(await manualCatalogService.AddFolderAsync(name, idParent, idCategory, cancellationToken));
-	}
-	
-	/// <summary>
-	/// Обновление папки
-	/// </summary>
-	/// <param name="id"></param>
-	/// <param name="name">Новое название папки</param>
-	/// <param name="cancellationToken"></param>
-	/// <returns></returns>
-	[HttpPut]
-	[Permission]
-	[ProducesResponseType(StatusCodes.Status400BadRequest)]
-	[ProducesResponseType(StatusCodes.Status403Forbidden)]
-	public async Task<IActionResult> UpdateFolderAsync(int id, string name, CancellationToken cancellationToken)
-	{
-		if (!CanUserAccess())
-			return Forbid();
-		
-		await manualCatalogService.UpdateFolderAsync(id, name, cancellationToken);
-	
-		return Ok();
-	}
-
-	/// <summary>
-	/// Удаление папки
-	/// </summary>
-	/// <param name="id"></param>
-	/// <param name="cancellationToken"></param>
-	/// <returns></returns>
-	[HttpDelete]
-	[Permission]
-	[ProducesResponseType(typeof(int), StatusCodes.Status200OK)]
-	[ProducesResponseType(StatusCodes.Status403Forbidden)]
-	public async Task<IActionResult> DeleteFolderAsync(int id, CancellationToken cancellationToken)
-	{
-		if (!CanUserAccess())
-			return Forbid();
-		
-		return Ok(await manualCatalogService.DeleteFolderAsync(id, cancellationToken));
-	}
-	
-	private bool CanUserAccess()
-	{
-		var idUser = User.GetUserId();
-		
-		return idUser.HasValue && userRepository.HasPermission(idUser.Value, "Manual.edit");
-	}
-}