using DigitalData.Core.DTO; using EnvelopeGenerator.Common; using EnvelopeGenerator.Web.Services; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using System.Text.Encodings.Web; using static EnvelopeGenerator.Common.Constants; using EnvelopeGenerator.Extensions; using EnvelopeGenerator.Application.Contracts.Services; namespace EnvelopeGenerator.Web.Controllers { [Authorize(Roles = ReceiverRole.FullyAuth)] [ApiController] [Route("api/[controller]")] public class EnvelopeController : BaseController { private readonly EnvelopeOldService envelopeService; private readonly ActionService? actionService; private readonly UrlEncoder _urlEncoder; private readonly IEnvelopeHistoryService _histService; private readonly IReceiverService _receiverService; private readonly IEnvelopeReceiverService _envRcvService; public EnvelopeController(DatabaseService database, EnvelopeOldService envelope, ILogger logger, UrlEncoder urlEncoder, IEnvelopeHistoryService envelopeHistoryService, IReceiverService receiverService, IEnvelopeReceiverService envelopeReceiverService) : base(database, logger) { envelopeService = envelope; actionService = database?.Services?.actionService; _urlEncoder = urlEncoder; _histService = envelopeHistoryService; _receiverService = receiverService; _envRcvService = envelopeReceiverService; } [NonAction] public async Task Get([FromRoute] string envelopeKey) { try { envelopeKey = _urlEncoder.Encode(envelopeKey); // Validate Envelope Key and load envelope envelopeService.EnsureValidEnvelopeKey(envelopeKey); EnvelopeReceiver response = await envelopeService.LoadEnvelope(envelopeKey); if (envelopeService.ReceiverAlreadySigned(response.Envelope, response.Receiver.Id) == true) { return Problem(statusCode: 403); } _logger.LogInformation("Loaded envelope [{0}] for receiver [{1}]", response.Envelope.Id, response.Envelope.Id); return Json(response); } catch (Exception e) { _logger.LogError(e, "{Message}", e.Message); return StatusCode(StatusCodes.Status500InternalServerError); } } [Authorize(Roles = ReceiverRole.FullyAuth)] [HttpPost("{envelopeKey}")] public async Task Update(string envelopeKey, int index) { try { envelopeKey = _urlEncoder.Encode(envelopeKey); var authSignature = this.GetAuthReceiverSignature(); if (authSignature != envelopeKey.GetReceiverSignature()) return Unauthorized(); // Validate Envelope Key and load envelope envelopeService.EnsureValidEnvelopeKey(envelopeKey); EnvelopeReceiver response = await envelopeService.LoadEnvelope(envelopeKey); // Again check if receiver has already signed if (envelopeService.ReceiverAlreadySigned(response.Envelope, response.Receiver.Id) == true) { return Problem(statusCode: 403); } var document = envelopeService.GetDocument(index, envelopeKey); string? annotationData = await envelopeService.EnsureValidAnnotationData(Request); envelopeService.InsertDocumentStatus(new Common.DocumentStatus() { EnvelopeId = response.Envelope.Id, ReceiverId = response.Receiver.Id, Value = annotationData, Status = Common.Constants.DocumentStatus.Signed }); var signResult = actionService?.SignEnvelope(response.Envelope, response.Receiver); return Ok(new object()); } catch (Exception e) { _logger.LogError(e, "{Message}", e.Message); return StatusCode(StatusCodes.Status500InternalServerError); } } [Authorize(Roles = ReceiverRole.FullyAuth)] [HttpPost("reject")] public async Task Reject([FromBody] string? reason = null) { try { var signature = this.GetAuthReceiverSignature(); var uuid = this.GetAuthEnvelopeUuid(); var mail = this.GetAuthReceiverMail(); if(uuid is null || signature is null || mail is null) { _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: @$"Unauthorized POST request in api\envelope\reject. One of claims, Envelope, signature or mail ({mail}) is null."); return Unauthorized(); } var envRcvRes = await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature); if (envRcvRes.IsFailed) { _logger.LogNotice(envRcvRes.Notices); return Unauthorized("you are not authirized"); } return await _histService.RecordAsync(envRcvRes.Data.EnvelopeId, userReference: mail, EnvelopeStatus.DocumentRejected, comment: reason).ThenAsync( Success: id => NoContent(), Fail: IActionResult (mssg, ntc) => { _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: "Unexpected error happend in api/envelope/reject"); _logger.LogNotice(ntc); return this.ViewInnerServiceError(); }); } catch (Exception e) { _logger.LogError(e, "{Message}", e.Message); return StatusCode(StatusCodes.Status500InternalServerError); } } } }