DD.WellWorkover.Cloud/AsbCloudWebApi/Controllers/ManualDirectoryController.cs

using System.Collections.Generic;
using System.Threading;
using System.Threading.Tasks;
using AsbCloudApp.Data.Manuals;
using AsbCloudApp.Exceptions;
using AsbCloudApp.Repositories;
using AsbCloudApp.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
namespace AsbCloudWebApi.Controllers;

[ApiController]
[Route("api/[controller]")]
[Authorize]
public class ManualDirectoryController : ControllerBase
{
	private readonly IManualDirectoryRepository manualDirectoryRepository;
	private readonly IManualCatalogService manualCatalogService;
	private readonly IUserRepository userRepository;

	public ManualDirectoryController(IManualDirectoryRepository manualDirectoryRepository,
		IManualCatalogService manualCatalogService,
		IUserRepository userRepository)
	{
		this.manualDirectoryRepository = manualDirectoryRepository;
		this.manualCatalogService = manualCatalogService;
		this.userRepository = userRepository;
	}
	
	/// <summary>
	/// Создание директории
	/// </summary>
	/// <param name="name">Название</param>
	/// <param name="idParent">Необязательный параметр. Id родительской директории</param>
	/// <param name="cancellationToken"></param>
	/// <returns></returns>
	[HttpPost]
	[Permission]
	[ProducesResponseType(typeof(int), StatusCodes.Status200OK)]
	[ProducesResponseType(StatusCodes.Status400BadRequest)]
	[ProducesResponseType(StatusCodes.Status403Forbidden)]
	public async Task<IActionResult> AddDirectoryAsync(string name, int? idParent, CancellationToken cancellationToken)
	{
		AssertUserHasAccessToManualDirectory("Manual.edit");

		return Ok(await manualCatalogService.AddDirectoryAsync(name, idParent, cancellationToken));
	}
	
	/// <summary>
	/// Обновление директории
	/// </summary>
	/// <param name="id"></param>
	/// <param name="name">Новое название директории</param>
	/// <param name="cancellationToken"></param>
	/// <returns></returns>
	[HttpPut]
	[Permission]
	[ProducesResponseType(StatusCodes.Status400BadRequest)]
	[ProducesResponseType(StatusCodes.Status403Forbidden)]
	public async Task<IActionResult> UpdateDirectoryAsync(int id, string name, CancellationToken cancellationToken)
	{
		AssertUserHasAccessToManualDirectory("Manual.edit");

		await manualCatalogService.UpdateDirectoryAsync(id, name, cancellationToken);
	
		return Ok();
	}

	/// <summary>
	/// Удаление директории
	/// </summary>
	/// <param name="id">Идентификатор директории</param>
	/// <param name="cancellationToken"></param>
	/// <returns></returns>
	[HttpDelete]
	[Permission]
	[ProducesResponseType(typeof(int), StatusCodes.Status200OK)]
	[ProducesResponseType(StatusCodes.Status403Forbidden)]
	public async Task<IActionResult> DeleteDirectoryAsync(int id, CancellationToken cancellationToken)
	{
		AssertUserHasAccessToManualDirectory("Manual.edit");

		return Ok(await manualCatalogService.DeleteDirectoryAsync(id, cancellationToken));
	}
	
	/// <summary>
	/// Получение дерева категорий
	/// </summary>
	/// <param name="cancellationToken"></param>
	/// <returns></returns>
	[HttpGet]
	[Permission]
	[ProducesResponseType(typeof(IEnumerable<ManualDirectoryDto>), StatusCodes.Status200OK)]
	[ProducesResponseType(StatusCodes.Status403Forbidden)]
	public async Task<IActionResult> GetAsync(CancellationToken cancellationToken)
	{
		AssertUserHasAccessToManualDirectory("Manual.get");

		return Ok(await manualDirectoryRepository.GetTreeAsync(cancellationToken));
	}

	private void AssertUserHasAccessToManualDirectory(string permissionName)
	{
		var idUser = User.GetUserId();
		
		if (!idUser.HasValue || !userRepository.HasPermission(idUser.Value, permissionName))
			throw new ForbidException("У вас недостаточно прав");
	}
}