Refaktorisierung: Absicherung von DB-Operationen und Verbesserung der Geschäftslogik

- Implementierung von LINQ-Abfragen innerhalb der Core-Bibliothek zur Minderung von SQL-Injection-Anfälligkeiten für DB-Operationen von Umschlägen und Empfängern. - Aktualisierung der Geschäftslogik in der Service-Schicht für verbessertes Transaktionshandling. - Erweiterung der ServiceMessage um eine neue Flag-Funktion zum Verfolgen von Cybersecurity- und Datenintegritätsproblemen. - Hinzufügen spezifischer Benutzerverhaltensflags zur besseren Erkennung und Behandlung potenzieller Datenverletzungen.
2024-04-24 13:45:03 +02:00
parent f2e718565d
commit 6338b81571
47 changed files with 644 additions and 310 deletions
--- a/EnvelopeGenerator.Infrastructure/Repositories/EnvlopeReceiverRepository.cs
+++ b/EnvelopeGenerator.Infrastructure/Repositories/EnvlopeReceiverRepository.cs
@@ -3,6 +3,7 @@ using DigitalData.UserManager.Infrastructure.Repositories;
 using EnvelopeGenerator.Domain.Entities;
 using EnvelopeGenerator.Infrastructure.Contracts;
 using Microsoft.EntityFrameworkCore;
+using System;

 namespace EnvelopeGenerator.Infrastructure.Repositories
 {
@@ -12,14 +13,37 @@ namespace EnvelopeGenerator.Infrastructure.Repositories
        {
        }

-        public async Task<string?> ReadAccessCodeByEnvelopeUuid(string envelopeUuid)
+        private IQueryable<EnvelopeReceiver> ReadWhere(string? uuid = null, string? signature = null, bool withEnvelope = false, bool withReceiver = false)
        {
-            var accessCode = await _dbSet
-                .Where(er => er.Envelope != null && er.Envelope.Uuid == envelopeUuid)
+            var query = _dbSet.AsQueryable();
+
+            if(uuid is not null)
+                query = query.Where(er => er.Envelope != null && er.Envelope.Uuid == uuid);
+
+            if (signature is not null)
+                query = query.Where(er => er.Receiver != null && er.Receiver.Signature == signature);
+
+            if (withEnvelope)
+                query = query.Include(er => er.Envelope);
+
+            if (withReceiver)
+                query = query.Include(er => er.Receiver);
+
+            return query;
+        }
+
+        public async Task<IEnumerable<EnvelopeReceiver>> ReadByUuidAsync(string uuid, bool withEnvelope = true, bool withReceiver = false)
+            => await ReadWhere(uuid: uuid, withEnvelope: withEnvelope, withReceiver: withReceiver).ToListAsync();
+
+        public async Task<IEnumerable<EnvelopeReceiver>> ReadBySignatureAsync(string signature, bool withEnvelope = false, bool withReceiver = true) 
+            => await ReadWhere(signature: signature, withEnvelope: withEnvelope, withReceiver: withReceiver).ToListAsync();
+
+        public async Task<EnvelopeReceiver?> ReadByUuidSignatureAsync(string uuid, string signature, bool withEnvelope = true, bool withReceiver = true) 
+            => await ReadWhere(uuid: uuid, signature: signature, withEnvelope: withEnvelope, withReceiver: withReceiver).FirstOrDefaultAsync();
+
+        public async Task<string?> ReadAccessCodeAsync(string uuid, string signature) 
+            => await ReadWhere(uuid:uuid, signature:signature)
                .Select(er => er.AccessCode)
                .FirstOrDefaultAsync();
-
-            return accessCode;
-        }
    }
 }