Replaced granular auditing interfaces with IUpdateAuditable and ICreationAuditable in ElementAnnotation, EnvelopeReceiverReadOnly, and Signature to modernize and consolidate auditing logic.
Moved auditing interfaces to EnvelopeGenerator.Domain.Interfaces.Auditing. Updated entity classes to reference the new namespace. Added ICreationAuditable and IUpdateAuditable interfaces to improve code organization and clarify auditing responsibilities.
Refactored Envelope, Receiver, and Signature entity classes to eliminate preprocessor directives around class and property definitions. Applied attributes directly and reformatted properties for clarity. Constructors are now always present, with default initializations still conditional where needed. Removed obsolete directives from IHasAddedWho. These changes improve code readability, maintainability, and cross-platform compatibility.
Large-scale cleanup of entity and interface classes:
- Removed obsolete #if NET/NETFRAMEWORK preprocessor blocks
- Unified class/property formatting and indentation
- Standardized use of data annotations
- Improved nullable reference type handling
- Simplified interfaces (IHasEnvelope, IHasReceiver)
- Removed redundant and dead code
- No changes to business logic or data model
These changes modernize and standardize the codebase for easier maintenance and .NET compatibility.
Introduced interfaces for audit fields (AddedWhen, ChangedWhen, ChangedWho, AddedWho) and updated domain entities to implement them. Adjusted properties for consistency and nullability. Updated MappingProfile to map audit fields between DTOs and entities. Improves auditability and standardization across the domain model.
Implement IRequest for CreateDocStatusCommand and add CreateDocStatusCommandHandler to enable MediatR request handling. Add necessary using directives and support repository injection in the handler.
Changed CreateCommandHandler to implement IRequestHandler<TCommand, TEntity> and updated method signatures to return the created entity. Adjusted generic constraints to require TCommand to implement IRequest<TEntity>.
Introduced a generic CreateCommandHandler class implementing MediatR's IRequestHandler to handle create commands. The handler uses a generic IRepository to perform asynchronous entity creation and supports dependency injection for repository access.
Refactored UpdateEmailTemplateCommand and its handler to inherit from generic UpdateCommand and UpdateCommandHandler base classes. Replaced QueryExpression with BuildQueryExpression(), removed redundant Update property, and cleaned up unused usings. This improves code reuse, modularity, and consistency across update commands.
Introduced abstract UpdateCommand<TUpdateDto, TEntity> and UpdateCommandHandler<TCommand, TUpdateDto, TEntity> in EnvelopeGenerator.Application.Common.Commands. This provides a reusable, type-safe pattern for update operations using a generic repository and MediatR, requiring implementers to supply an update DTO and a query expression for entity selection.
- Introduce EmailTemplateUpdateDto for update payloads.
- Expose Id and Type directly on UpdateEmailTemplateCommand; remove EmailTemplateQuery property.
- Add QueryExpression for flexible template selection by Id or Type.
- Remove AutoMapper and EmailTemplateDto usage from handler; update repository call to use EmailTemplateUpdateDto.
- Update MappingProfile to map EmailTemplateUpdateDto to EmailTemplate and set ChangedWhen to DateTime.UtcNow.
- Remove obsolete code and improve documentation.
Refactored ReadEmailTemplateQuery and handler to use non-nullable EmailTemplateDto, throwing NotFoundException when no template is found. Updated namespaces and using statements for consistency. Added detailed XML docs for query properties. Controller updated to reference new query namespace.
Introduced MappingProfile in EmailTemplates namespace.
Maps EmailTemplate to EmailTemplateDto and UpdateEmailTemplateCommand to EmailTemplate, ignoring Id and setting ChangedWhen to current time.
Updated XML comments in ResetEmailTemplateCommand and IEmailTemplateQuery to use HTML line breaks (<br/>) for example template types. This enhances readability in environments that render HTML in documentation. No functional changes were made.
Replaced EmailTemplateQueryBase record with IEmailTemplateQuery interface for email template queries. Updated all relevant commands, queries, and controller methods to use the new interface. Removed EmailTemplateQueryBase and migrated properties to implementing classes. Improved documentation to clarify query structure and Type property usage.
Replaced specific Update command import with general Commands namespace import to streamline access to all command classes. No functional changes made.
Changed namespace from .Commands.Reset to .Commands for ResetEmailTemplateCommand and its handler. Reformatted and re-indented code for readability; no functional changes were made.
ResetEmailTemplateCommandHandler and its dependencies were relocated from ResetEmailTemplateCommandHandler.cs to ResetEmailTemplateCommand.cs. The handler logic and Defaults collection remain unchanged. Using statements were updated to support the move.
Refactored by relocating UpdateEmailTemplateCommandHandler from its own file into UpdateEmailTemplateCommand.cs. Updated using statements accordingly. No logic changes; improves cohesion and maintainability. Removed the now-unnecessary UpdateEmailTemplateCommandHandler.cs file.
Refactored the EmailTemplateQuery record to EmailTemplateQueryBase across the codebase. Updated all references, method signatures, inheritance, and documentation to use the new base type. No functional changes; this improves clarity and generalization for email template queries.
The [Obsolete("Use IRepository")] attribute was removed from the Handle method in ReadEmailTemplateQueryHandler, eliminating related compiler warnings and indicating that the method is no longer considered obsolete.
Replaces IEmailTemplateRepository with IRepository<EmailTemplate> in ReadEmailTemplateQueryHandler. Updates method logic to use LINQ queries and FirstOrDefaultAsync. Cleans up obsolete attributes, comments, and using directives. Renames cancellation token parameter for consistency.
Replaced ReadEmailTemplateResponse with EmailTemplateDto as the standard DTO for email templates. Updated ReadEmailTemplateQuery and its handler to use EmailTemplateDto. Removed the obsolete MappingProfile and cleaned up EmailTemplateDto with improved documentation. Simplified UpdateEmailTemplateCommandHandler by removing conditional updates for Body and Subject. These changes streamline DTO usage and reduce redundancy in email template handling.
Removed ApiExplorerSettings attribute. Changed Body and Subject to nullable strings with init accessors and updated their documentation. Added AddedWhen and ChangedWhen timestamp properties to track template creation and modification dates. Cleaned up property formatting.
Refactored by moving ReadEmailTemplateQueryHandler and its implementation into ReadEmailTemplateQuery.cs. Updated using directives accordingly. Deleted the now-redundant ReadEmailTemplateQueryHandler.cs file. No logic changes were made. This consolidates related query and handler code for better maintainability.
- Enforce [Authorize(Policy = AuthPolicy.Sender)] on controller
- Switch to primary constructor for dependency injection
- Remove obsolete constructor and private fields
- Update method logic to use constructor parameters directly
- Improve XML documentation and code clarity
- Ensure consistent use of MediatR for command/query handling
Refactored DocumentController to use IAuthorizationService and async policy checks via IsUserInPolicyAsync instead of role checks. Implemented IAuthController interface and removed ILogger dependency. Updated usings for new authorization logic.
Refactored AuthController to implement IAuthController and expose AuthService. Removed the protected IsUserInPolicyAsync method in favor of using an extension method for policy checks. Updated the Logout logic to use the new approach. Consolidated using directives into a single line.
Introduced IAuthController with AuthService and User properties to standardize authentication handling. Added AuthorizationControllerExtensions with IsUserInPolicyAsync to simplify policy-based authorization checks. Included necessary using directives.
Deleted the AuthExtensions.cs file, which included the AuthorizePolicyAsync extension for IAuthorizationService. This method and related code were no longer needed.
Introduce IsUserInPolicyAsync for cleaner policy checks in AuthController and update Logout to use it. Adjust Logout's response type to void and improve documentation and formatting.
- Inject IAuthorizationService for flexible policy checks
- Replace role checks in Logout with async policy authorization
- Merge IsAuthenticated into Check endpoint with optional role
- Update Check response type and clean up imports
Added the ReceiverOrReceiverTFA constant to the AuthPolicy class in EnvelopeGenerator.Domain.Constants. This constant is defined as nameof(ReceiverOrReceiverTFA) + nameof(AuthPolicy).
Introduced a static AuthExtensions class providing an AuthorizePolicyAsync extension method for IAuthorizationService. This method streamlines policy-based authorization checks by returning a boolean result for a given user and policy name.
Renamed receiver roles FullyAuth → Receiver.Full and PreAuth → Receiver.TFA across the codebase for improved clarity and consistency. Updated all usages, [Authorize] attributes, role checks, authentication logic, and authorization policies to use the new role names. Marked old constants as obsolete and pointed them to the new values. This change enhances code readability and groups receiver roles under the Receiver static class.
Replaced direct role-based [Authorize] attributes with named
authorization policies (e.g., AuthPolicy.Receiver,
AuthPolicy.SenderOrReceiver) in AnnotationController,
DocumentController, and ReadOnlyController. Added and registered
new policies in Program.cs and updated AuthPolicy constants.
This centralizes and simplifies authorization management.
Added the ReceiverTFA constant to the AuthPolicy class in the EnvelopeGenerator.Domain.Constants namespace. This new constant can be used to represent authentication policies specific to two-factor authentication for receivers.
Replaced SenderOrReceiverFullyAuth and ReceiverFullyAuth policies with more general SenderOrReceiver and Receiver policies. Updated policy definitions in AuthPolicy.cs to use nameof for clarity. Adjusted AddAuthorizationBuilder configuration and [Authorize] attributes in controllers to use the new, less restrictive policies, simplifying authorization logic.
Renamed AuthorizationPolicies to AuthPolicy and updated all references to use the new naming convention for authorization policy constants. This improves consistency and clarity across the codebase.
Switched from AddAuthorization to AddAuthorizationBuilder for
defining authorization policies, resulting in more concise and
modern code. Policy logic and requirements remain unchanged.
Replaced role-based [Authorize] attributes with policy-based ones in AuthController and TfaRegistrationController. This centralizes authorization logic and allows for more flexible access control.
Introduce SenderOrReceiverFullyAuth and ReceiverFullyAuth policies for role-based authorization. Register these policies in Program.cs. Also, fix OpenApiReference type for Swagger security configuration.
- Change AuthController to use IOptions<AuthTokenKeys> for config
- Restrict Logout and new Check endpoints to Sender and Receiver.FullyAuth roles
- Update Logout logic to handle cookie deletion or sign-out based on user role
- Add GET /api/auth/check to verify user role via query param
- Add necessary using statements for new dependencies
Introduced AuthProxyDocumentFilter to programmatically document the POST /api/auth proxy login endpoint in Swagger. The filter defines request body schemas, example values, query parameter, and response codes. Registered the filter in Program.cs for OpenAPI generation.
Changed the default Audience property in AuthTokenKeys from "sign-flow-gen.digitaldata.works" to "sign-flow.digitaldata.works" to reflect the correct expected audience for authentication tokens.
Removed the previous Login method from AuthController, including its XML documentation and Swagger/OpenAPI annotations. This prepares the controller for a revised authentication implementation.
Integrated YARP by adding the Yarp.ReverseProxy package, including yarp.json for proxy configuration, and updating Program.cs to load and map reverse proxy routes. This enables the API to forward requests based on yarp.json settings.
Configured yarp.json to proxy POST /api/auth requests to the
auth-hub cluster at http://172.24.12.39:9090, rewriting the
path to /api/auth/sign-flow before forwarding.
