using DigitalData.Core.Abstraction.Application.DTO; using DigitalData.Core.Exceptions; using EnvelopeGenerator.Application.Common.Extensions; using EnvelopeGenerator.Application.Common.Interfaces.Services; using EnvelopeGenerator.Application.Common.Notifications.DocSigned; using EnvelopeGenerator.Application.EnvelopeReceivers.Queries; using EnvelopeGenerator.Application.Histories.Queries; using EnvelopeGenerator.Domain.Constants; using EnvelopeGenerator.Web.Extensions; using MediatR; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace EnvelopeGenerator.Web.Controllers; [Authorize(Roles = ReceiverRole.FullyAuth)] [ApiController] [Route("api/[controller]")] public class AnnotationController : ControllerBase { [Obsolete("Use MediatR")] private readonly IEnvelopeHistoryService _histService; [Obsolete("Use MediatR")] private readonly IEnvelopeReceiverService _envRcvService; private readonly IMediator _mediator; private readonly ILogger _logger; [Obsolete("Use MediatR")] public AnnotationController( ILogger logger, IEnvelopeHistoryService envelopeHistoryService, IEnvelopeReceiverService envelopeReceiverService, IMediator mediator) { _histService = envelopeHistoryService; _envRcvService = envelopeReceiverService; _mediator = mediator; _logger = logger; } [Authorize(Roles = ReceiverRole.FullyAuth)] [HttpPost] public async Task CreateOrUpdate([FromBody] PsPdfKitAnnotation psPdfKitAnnotation, CancellationToken cancel = default) { // get claims var signature = User.GetAuthReceiverSignature(); var uuid = User.GetAuthEnvelopeUuid(); if (signature is null || uuid is null) { _logger.LogError("Authorization failed: authenticated user does not have a valid signature or envelope UUID."); return Unauthorized("User authentication is incomplete. Missing required claims for processing this request."); } // Again check if receiver has already signed if (await _mediator.IsSignedAsync(uuid, signature, cancel)) return Problem(statusCode: 409); else if (await _mediator.AnyHistoryAsync(uuid, new[] { EnvelopeStatus.EnvelopeRejected, EnvelopeStatus.DocumentRejected }, cancel)) return Problem(statusCode: 410); var docSignedNotification = await _mediator .ReadEnvelopeReceiverAsync(uuid, signature, cancel) .ToDocSignedNotification(psPdfKitAnnotation) ?? throw new NotFoundException("Envelope receiver is not found."); await _mediator.PublishSafely(docSignedNotification, cancel); await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); return Ok(); } [Authorize(Roles = ReceiverRole.FullyAuth)] [HttpPost("reject")] [Obsolete("Use DigitalData.Core.Exceptions and .Middleware")] public async Task Reject([FromBody] string? reason = null) { var signature = User.GetAuthReceiverSignature(); var uuid = User.GetAuthEnvelopeUuid(); var mail = User.GetAuthReceiverMail(); if (uuid is null || signature is null || mail is null) { _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: @$"Unauthorized POST request in api\envelope\reject. One of claims, Envelope, signature or mail ({mail}) is null."); return Unauthorized(); } var envRcvRes = await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature); if (envRcvRes.IsFailed) { _logger.LogNotice(envRcvRes.Notices); return Unauthorized("you are not authirized"); } var histRes = await _histService.RecordAsync(envRcvRes.Data.EnvelopeId, userReference: mail, EnvelopeStatus.DocumentRejected, comment: reason); if (histRes.IsSuccess) { await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); return NoContent(); } else { _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: "Unexpected error happend in api/envelope/reject"); _logger.LogNotice(histRes.Notices); return StatusCode(500, histRes.Messages); } } }