using EnvelopeGenerator.CommonServices; using EnvelopeGenerator.Web.Services; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using System.Text.Encodings.Web; using EnvelopeGenerator.Application.Extensions; using EnvelopeGenerator.Application.Interfaces.Services; using static EnvelopeGenerator.Domain.Constants; using EnvelopeGenerator.Domain.Entities; using DigitalData.Core.Abstraction.Application.DTO; using EnvelopeGenerator.Web.Extensions; using MediatR; using System.Dynamic; using EnvelopeGenerator.Application.EnvelopeReceivers.Queries; using EnvelopeGenerator.Application.DocStatus.Commands; using Newtonsoft.Json; namespace EnvelopeGenerator.Web.Controllers; [Authorize(Roles = ReceiverRole.FullyAuth)] [ApiController] [Route("api/[controller]")] public class EnvelopeController : BaseController { private readonly EnvelopeOldService envelopeService; private readonly ActionService? actionService; [Obsolete("Use MediatR")] private readonly IEnvelopeHistoryService _histService; [Obsolete("Use MediatR")] private readonly IEnvelopeReceiverService _envRcvService; private readonly IMediator _mediator; [Obsolete("Use MediatR")] public EnvelopeController(DatabaseService database, EnvelopeOldService envelope, ILogger logger, IEnvelopeHistoryService envelopeHistoryService, IEnvelopeReceiverService envelopeReceiverService, IMediator mediator) : base(database, logger) { envelopeService = envelope; actionService = database?.Services?.actionService; _histService = envelopeHistoryService; _envRcvService = envelopeReceiverService; _mediator = mediator; } [Authorize(Roles = ReceiverRole.FullyAuth)] [HttpPost("{envelopeKey}")] [Obsolete("Use MediatR")] public async Task CreateOrUpdate([FromRoute] string envelopeKey, int index, [FromBody] ExpandoObject annotations, CancellationToken cancel = default) { // get claims var signature = User.GetAuthReceiverSignature(); var uuid = User.GetAuthEnvelopeUuid(); if (signature is null || uuid is null) { _logger.LogError("Authorization failed: authenticated user does not have a valid signature or envelope UUID."); return Unauthorized("User authentication is incomplete. Missing required claims for processing this request."); } // Again check if receiver has already signed if (await _mediator.IsSignedAsync(uuid, signature, cancel)) return Problem(statusCode: 403); await _mediator.SignDocAsync(uuid, signature, JsonConvert.SerializeObject(annotations), cancel); EnvelopeReceiver response = await envelopeService.LoadEnvelope(envelopeKey); var signResult = actionService?.SignEnvelope(response.Envelope, ReceiverVM.From(response)); return Ok(new object()); } [Authorize(Roles = ReceiverRole.FullyAuth)] [HttpPost("reject")] [Obsolete("Use DigitalData.Core.Exceptions and .Middleware")] public async Task Reject([FromBody] string? reason = null) { var signature = User.GetAuthReceiverSignature(); var uuid = User.GetAuthEnvelopeUuid(); var mail = User.GetAuthReceiverMail(); if (uuid is null || signature is null || mail is null) { _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: @$"Unauthorized POST request in api\envelope\reject. One of claims, Envelope, signature or mail ({mail}) is null."); return Unauthorized(); } var envRcvRes = await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature); if (envRcvRes.IsFailed) { _logger.LogNotice(envRcvRes.Notices); return Unauthorized("you are not authirized"); } return await _histService.RecordAsync(envRcvRes.Data.EnvelopeId, userReference: mail, EnvelopeStatus.DocumentRejected, comment: reason).ThenAsync( Success: id => NoContent(), Fail: IActionResult (mssg, ntc) => { _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: "Unexpected error happend in api/envelope/reject"); _logger.LogNotice(ntc); return this.ViewInnerServiceError(); }); } }