using EnvelopeGenerator.CommonServices; using EnvelopeGenerator.Web.Services; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using EnvelopeGenerator.Application.Extensions; using EnvelopeGenerator.Application.Interfaces.Services; using EnvelopeGenerator.Domain.Constants; using DigitalData.Core.Abstraction.Application.DTO; using EnvelopeGenerator.Web.Extensions; using MediatR; using System.Dynamic; using EnvelopeGenerator.Application.EnvelopeReceivers.Queries; using EnvelopeGenerator.Application.Notifications.DocSigned; using DigitalData.Core.Exceptions; namespace EnvelopeGenerator.Web.Controllers; [Authorize(Roles = ReceiverRole.FullyAuth)] [ApiController] [Route("api/[controller]")] public class EnvelopeController : ControllerBase { [Obsolete("Use MediatR")] private readonly IEnvelopeHistoryService _histService; [Obsolete("Use MediatR")] private readonly IEnvelopeReceiverService _envRcvService; private readonly IMediator _mediator; private readonly ILogger _logger; [Obsolete("Use MediatR")] public EnvelopeController( ILogger logger, IEnvelopeHistoryService envelopeHistoryService, IEnvelopeReceiverService envelopeReceiverService, IMediator mediator) { _histService = envelopeHistoryService; _envRcvService = envelopeReceiverService; _mediator = mediator; _logger = logger; } [Authorize(Roles = ReceiverRole.FullyAuth)] [HttpPost("{envelopeKey}")] public async Task CreateOrUpdate([FromRoute] string envelopeKey, [FromBody] ExpandoObject annotations, CancellationToken cancel = default) { // get claims var signature = User.GetAuthReceiverSignature(); var uuid = User.GetAuthEnvelopeUuid(); if (signature is null || uuid is null) { _logger.LogError("Authorization failed: authenticated user does not have a valid signature or envelope UUID."); return Unauthorized("User authentication is incomplete. Missing required claims for processing this request."); } // Again check if receiver has already signed if (await _mediator.IsSignedAsync(uuid, signature, cancel)) return Problem(statusCode: 403); var notification = await _mediator.ReadEnvelopeReceiverAsync(envelopeKey, cancel) .ToDocSignedNotification(annotations) ?? throw new NotFoundException("Envelope receiver is not found."); await _mediator.Publish(notification, cancel); return Ok(); } [Authorize(Roles = ReceiverRole.FullyAuth)] [HttpPost("reject")] [Obsolete("Use DigitalData.Core.Exceptions and .Middleware")] public async Task Reject([FromBody] string? reason = null) { var signature = User.GetAuthReceiverSignature(); var uuid = User.GetAuthEnvelopeUuid(); var mail = User.GetAuthReceiverMail(); if (uuid is null || signature is null || mail is null) { _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: @$"Unauthorized POST request in api\envelope\reject. One of claims, Envelope, signature or mail ({mail}) is null."); return Unauthorized(); } var envRcvRes = await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature); if (envRcvRes.IsFailed) { _logger.LogNotice(envRcvRes.Notices); return Unauthorized("you are not authirized"); } return await _histService.RecordAsync(envRcvRes.Data.EnvelopeId, userReference: mail, EnvelopeStatus.DocumentRejected, comment: reason).ThenAsync( Success: id => NoContent(), Fail: IActionResult (mssg, ntc) => { _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: "Unexpected error happend in api/envelope/reject"); _logger.LogNotice(ntc); return this.ViewInnerServiceError(); }); } }