fix: added few missing routes to project and company

isala404 · Dec 22, 2021 · e3e0eb3 · e3e0eb3
1 parent 07a90b9
commit e3e0eb3
Show file tree

Hide file tree

Showing 8 changed files with 134 additions and 28 deletions.
diff --git a/WorkFlow/Server/Controllers/CompanyController.cs b/WorkFlow/Server/Controllers/CompanyController.cs
@@ -5,6 +5,7 @@
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
 using WorkFlow.Shared.Dto;
 using WorkFlow.Shared.Interfaces;
 
@@ -82,6 +83,26 @@ public async Task<IActionResult> Put(Guid id, [FromBody] CompanyDto company)
             }
         }
 
+        // PATCH: api/company/5
+        [HttpPatch("{id:guid}")]
+        public async Task<IActionResult> Patch(Guid id, [FromBody] UserCompanyDto user)
+        {
+            try
+            {
+                var company = await CompanyModel.ModifyUser(id, user);
+                return Ok(company);
+            }
+            catch (Exception e)
+            {
+                return e switch
+                {
+                    InvalidDataException => BadRequest(e.Message),
+                    UnauthorizedAccessException => Unauthorized(e.Message),
+                    _ => e is DbUpdateException ? BadRequest(e.Message) : StatusCode(500, "Something went wrong")
+                };
+            }
+        }
+
         // DELETE: api/company/5
         [HttpDelete("{id:guid}")]
         public async Task<IActionResult> Delete(Guid id)

diff --git a/WorkFlow/Server/Controllers/ProjectController.cs b/WorkFlow/Server/Controllers/ProjectController.cs
@@ -39,6 +39,26 @@ public async Task<IActionResult> Get()
                 };
             }
         }
+
+        // GET: api/project/company/{companyID}
+        [HttpGet("company/{companyId:guid}")]
+        public async Task<IActionResult> GetByCompany(Guid companyId)
+        {
+            try
+            {
+                var companies = await ProjectModel.List(companyId);
+                return Ok(companies);
+            }
+            catch (Exception e)
+            {
+                return e switch
+                {
+                    InvalidDataException => BadRequest(e.Message),
+                    UnauthorizedAccessException => Unauthorized(e.Message),
+                    _ => e is DbUpdateException ? BadRequest(e.Message) : StatusCode(500, "Something went wrong")
+                };
+            }
+        }
 
         // GET: api/project/5
         [HttpGet("{id:guid}", Name = "Get")]

diff --git a/WorkFlow/Server/Models/CompanyModel.cs b/WorkFlow/Server/Models/CompanyModel.cs
@@ -37,15 +37,9 @@ public async Task<List<CompanyDto>> List()
 
         public async Task<CompanyDto> Get(Guid companyId)
         {
-            var user = await _utilityService.GetUser();
-            if (user == null) throw new InvalidDataException("Invalid User.");
-
-            var userCompany = await _context.UserCompany.FirstOrDefaultAsync(userCompany =>
-                userCompany.CompanyId == companyId && userCompany.UserId == user.Id);
+            (_, Company company) = await VerifyRequest(companyId);
 
-            if(userCompany == null)  throw new InvalidDataException("Invalid CompanyId.");
-
-            return new CompanyDto(userCompany.Company);
+            return new CompanyDto(company);
         }
 
         public async Task<CompanyDto> Create(CompanyDto company)
@@ -71,15 +65,8 @@ public async Task<CompanyDto> Create(CompanyDto company)
 
         public async Task<CompanyDto> Update(Guid companyId, CompanyDto company)
         {
-            var user = await _utilityService.GetUser();
-            if (user == null) throw new InvalidDataException("Invalid User.");
-
-            var userCompany = await _context.UserCompany.FirstOrDefaultAsync(userCompany =>
-                userCompany.CompanyId == companyId && userCompany.UserId == user.Id);
+            (_, Company targetCompany) = await VerifyRequest(companyId);
 
-            if(userCompany == null)  throw new InvalidDataException("Invalid CompanyId.");
-
-            var targetCompany = userCompany.Company;
             targetCompany.Name = company.Name;
             targetCompany.Uri = company.Uri;
 
@@ -88,19 +75,54 @@ public async Task<CompanyDto> Update(Guid companyId, CompanyDto company)
         }
 
         public async Task<bool> Delete(Guid companyId)
+        {
+            (_, Company company) = await VerifyRequest(companyId);
+
+            _context.Companies.Remove(company);
+            await _context.SaveChangesAsync();
+            return true;
+        }
+
+        public async Task<CompanyDto> ModifyUser(Guid companyId, UserCompanyDto userCompanyDto)
+        {
+            (_, Company company) = await VerifyRequest(companyId);
+
+            var user = await _context.Users.FirstOrDefaultAsync(u => u.Id == userCompanyDto.UserId);
+            if (user == null) throw new InvalidDataException("Invalid UserId.");
+
+            var userCompany = await _context.UserCompany.FirstOrDefaultAsync(uc =>
+                uc.UserId == userCompanyDto.UserId && uc.CompanyId == companyId);
+
+            if (userCompany != null)
+            {
+                company.Users.Remove(userCompany);
+            }
+            else
+            {
+                company.Users.Add(new UserCompany{UserId = userCompanyDto.UserId, CompanyId = companyId, Role = userCompanyDto.Role});   
+            }
+
+            await _context.SaveChangesAsync();
+
+            return new CompanyDto(company);
+        }
+
+        private async Task<Tuple<UserCompany, Company>> VerifyRequest(Guid companyId, bool admin = true)
         {
             var user = await _utilityService.GetUser();
             if (user == null) throw new InvalidDataException("Invalid User.");
 
+            var company = await _context.Companies.FirstOrDefaultAsync(company => company.Id == companyId);
+            if (company == null) throw new InvalidDataException("Invalid Company.");
+
             var userCompany = await _context.UserCompany.FirstOrDefaultAsync(userCompany =>
-                userCompany.CompanyId == companyId && userCompany.UserId == user.Id);
+                userCompany.Company == company && userCompany.User == user);
+
+            if (userCompany == null) throw new UnauthorizedAccessException("User does not have required permission");
 
-            if(userCompany == null)  throw new InvalidDataException("Invalid CompanyId.");
+            if (admin && userCompany.Role != UserRole.Admin) throw new UnauthorizedAccessException("User does not have required permission");
 
-            _context.Companies.Remove(userCompany.Company);
-            await _context.SaveChangesAsync();
-            return true;
+            return new Tuple<UserCompany, Company>(userCompany, company);
         }
-
     }
 }
diff --git a/WorkFlow/Server/Models/ProjectModel.cs b/WorkFlow/Server/Models/ProjectModel.cs
@@ -36,20 +36,38 @@ public async Task<List<ProjectDto>> List()
             return projects;
         }
 
+        public async Task<List<ProjectDto>> List(Guid companyId)
+        {
+            var user = await _utilityService.GetUser();
+            if (user == null) throw new InvalidDataException("Invalid User.");
+
+            var userCompany = await _context.UserCompany.FirstOrDefaultAsync(userCompany => userCompany.UserId == user.Id && userCompany.CompanyId == companyId);
+            if (userCompany == null) throw new InvalidDataException("Invalid Company.");
+
+            if (userCompany.Role != UserRole.Admin) throw new UnauthorizedAccessException("User does not have required permission");
+
+            List<ProjectDto> projects = new();
+
+            var userProjects = await _context.Projects.Where(project => project.Company.Id == userCompany.CompanyId).ToListAsync();
+            projects.AddRange(userProjects.Select(userProject => new ProjectDto(userProject)));
+
+            return projects;
+        }
+
         public async Task<ProjectDto> Get(Guid projectId)
         {
             var user = await _utilityService.GetUser();
             if (user == null) throw new InvalidDataException("Invalid User.");
 
             var project = await _context.Projects.FirstOrDefaultAsync(project => project.Id == projectId && project.Users.Contains(user));
-            if(project == null)  throw new InvalidDataException("Invalid projectId.");
+            if(project == null)  throw new InvalidDataException("Invalid ProjectId.");
 
             return new ProjectDto(project);
         }
 
         public async Task<ProjectDto> Create(ProjectDto project)
         {
-            (User user, Company company) = await VerifyRequest(project);
+            (_, Company company) = await VerifyRequest(project);
 
             var newProject = new Project
             {
@@ -117,7 +135,7 @@ public async Task<ProjectDto> ModifyUser(Guid projectId, UserDto userDto)
 
             return new ProjectDto(project);
         }
-        private async Task<Tuple<User, Company>> VerifyRequest(ProjectDto project)
+        private async Task<Tuple<User, Company>> VerifyRequest(ProjectDto project, bool admin = true)
         {
             var user = await _utilityService.GetUser();
             if (user == null) throw new InvalidDataException("Invalid User.");
@@ -128,10 +146,11 @@ public async Task<ProjectDto> ModifyUser(Guid projectId, UserDto userDto)
             var userCompany = await _context.UserCompany.FirstOrDefaultAsync(userCompany =>
                 userCompany.Company == company && userCompany.User == user);
 
-            if (userCompany is not {Role: UserRole.Admin}) throw new UnauthorizedAccessException("User does not have required permission");
+            if (userCompany == null) throw new UnauthorizedAccessException("User does not have required permission");
+
+            if (admin && userCompany.Role != UserRole.Admin) throw new UnauthorizedAccessException("User does not have required permission");
 
             return new Tuple<User, Company>(user, company);
         }
-
     }
 }
diff --git a/WorkFlow/Server/Program.cs b/WorkFlow/Server/Program.cs
@@ -37,6 +37,7 @@
 builder.Services.AddScoped<ITicket, TicketModel>();
 builder.Services.AddScoped<IUser, UserModel>();
 builder.Services.AddScoped<ICompany, CompanyModel>();
+builder.Services.AddScoped<IProject, ProjectModel>();
 
 var app = builder.Build();
 

diff --git a/WorkFlow/Shared/Dto/CompanyDto.cs b/WorkFlow/Shared/Dto/CompanyDto.cs
@@ -5,7 +5,10 @@ namespace WorkFlow.Shared.Dto
 {
     public class CompanyDto
     {
-        public CompanyDto(){}
+        public CompanyDto()
+        {
+        }
+
         public CompanyDto(Company company)
         {
             Id = company.Id;
@@ -18,4 +21,22 @@ public CompanyDto(Company company)
         // public virtual ICollection<Project> Projects { get; set; }
         // public virtual ICollection<UserCompany> Users { get; set; }
     }
+
+    public class UserCompanyDto
+    {
+        public UserCompanyDto()
+        {
+        }
+
+        public UserCompanyDto(UserCompany userCompany)
+        {
+            UserId = userCompany.UserId;
+            CompanyId = userCompany.CompanyId;
+            Role = userCompany.Role;
+        }
+
+        public String UserId { get; set; }
+        public Guid CompanyId { get; set; }
+        public UserRole Role { get; set; }
+    }
 }
diff --git a/WorkFlow/Shared/Interfaces/ICompany.cs b/WorkFlow/Shared/Interfaces/ICompany.cs
@@ -12,5 +12,6 @@ public interface ICompany
         Task<CompanyDto> Create(CompanyDto company);
         Task<CompanyDto> Update(Guid companyId, CompanyDto company);
         Task<bool> Delete(Guid companyId);
+        Task<CompanyDto> ModifyUser(Guid companyId, UserCompanyDto user);
     }
 }
diff --git a/WorkFlow/Shared/Interfaces/IProject.cs b/WorkFlow/Shared/Interfaces/IProject.cs
@@ -8,6 +8,7 @@ namespace WorkFlow.Shared.Interfaces
     public interface IProject
     {
         Task<List<ProjectDto>> List();
+        Task<List<ProjectDto>> List(Guid companyId);
         Task<ProjectDto> Get(Guid projectId);
         Task<ProjectDto> Create(ProjectDto project);
         Task<ProjectDto> Update(Guid projectId, ProjectDto project);