Sicherheitsverbesserung: VerifyAccessCode implementiert und Verifizierungscode aus DTO entfernt

Die VerifyAccessCode-Methode wurde zur Validierung von Zugangscodes hinzugefügt und der Verifizierungscode aus Sicherheitsgründen aus dem DTO entfernt.
2024-04-08 12:53:55 +02:00
parent 501d48961e
commit db83eb90ee
10 changed files with 45 additions and 12 deletions
--- a/EnvelopeGenerator.Infrastructure/Contracts/IEnvelopeReceiverRepository.cs
+++ b/EnvelopeGenerator.Infrastructure/Contracts/IEnvelopeReceiverRepository.cs
@@ -5,5 +5,6 @@ namespace EnvelopeGenerator.Infrastructure.Contracts
 {
    public interface IEnvelopeReceiverRepository : ICRUDRepository<EnvelopeReceiver, int>
    {
+        Task<string?> ReadAccessCodeByEnvelopeUuid(string envelopeUuid);
    }
 }
--- a/EnvelopeGenerator.Infrastructure/EGDbContext.cs
+++ b/EnvelopeGenerator.Infrastructure/EGDbContext.cs
@@ -33,10 +33,10 @@ namespace DigitalData.UserManager.Infrastructure.Repositories
                .WithOne()
                .HasForeignKey(ed => ed.EnvelopeId);

-            modelBuilder.Entity<Envelope>()
-                .HasMany(e => e.Receivers)
-                .WithOne()
-                .HasForeignKey(er => er.EnvelopeId);
+            //modelBuilder.Entity<Envelope>()
+            //    .HasMany(e => e.Receivers)
+            //    .WithOne(er => er.Envelope)
+            //    .HasForeignKey(er => er.EnvelopeId);

            modelBuilder.Entity<Envelope>()
                .HasMany(e => e.History)
@@ -53,6 +53,10 @@ namespace DigitalData.UserManager.Infrastructure.Repositories
                .WithMany(ed => ed.Elements)
                .HasForeignKey(dre => dre.DocumentId);

+            //modelBuilder.Entity<Receiver>()
+            //    .HasMany(e => e.EnvelopeReceivers)
+            //    .WithOne(er => er.Receiver)
+            //    .HasForeignKey(er => er.ReceiverId);

            base.OnModelCreating(modelBuilder);
        }
--- a/EnvelopeGenerator.Infrastructure/Repositories/EnvlopeReceiverRepository.cs
+++ b/EnvelopeGenerator.Infrastructure/Repositories/EnvlopeReceiverRepository.cs
@@ -2,6 +2,7 @@
 using DigitalData.UserManager.Infrastructure.Repositories;
 using EnvelopeGenerator.Domain.Entities;
 using EnvelopeGenerator.Infrastructure.Contracts;
+using Microsoft.EntityFrameworkCore;

 namespace EnvelopeGenerator.Infrastructure.Repositories
 {
@@ -10,5 +11,15 @@ namespace EnvelopeGenerator.Infrastructure.Repositories
        public EnvelopeReceiverRepository(EGDbContext dbContext) : base(dbContext)
        {
        }
+
+        public async Task<string?> ReadAccessCodeByEnvelopeUuid(string envelopeUuid)
+        {
+            var accessCode = await _dbSet
+                .Where(er => er.Envelope != null && er.Envelope.Uuid == envelopeUuid)
+                .Select(er => er.AccessCode)
+                .FirstOrDefaultAsync();
+
+            return accessCode;
+        }
    }
 }