EnvelopeGenerator/EnvelopeGenerator.API/Controllers/AnnotationController.cs

using DigitalData.Core.Abstraction.Application.DTO;
using DigitalData.Core.Exceptions;
using EnvelopeGenerator.API.Extensions;
using EnvelopeGenerator.Application.Common.Dto;
using EnvelopeGenerator.Application.Common.Extensions;
using EnvelopeGenerator.Application.Common.Interfaces.Services;
using EnvelopeGenerator.Application.Common.Notifications.DocSigned;
using EnvelopeGenerator.Application.Documents.Queries;
using EnvelopeGenerator.Application.EnvelopeReceivers.Queries;
using EnvelopeGenerator.Application.Histories.Queries;
using EnvelopeGenerator.Domain.Constants;
using MediatR;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Components.Forms;
using Microsoft.AspNetCore.Mvc;

namespace EnvelopeGenerator.API.Controllers;

/// <summary>
/// Manages annotations and signature lifecycle for envelopes.
/// </summary>
[Authorize(Policy = AuthPolicy.Receiver)]
[ApiController]
[Route("api/[controller]")]
public class AnnotationController : ControllerBase
{
    [Obsolete("Use MediatR")]
    private readonly IEnvelopeHistoryService _historyService;

    [Obsolete("Use MediatR")]
    private readonly IEnvelopeReceiverService _envelopeReceiverService;

    private readonly IMediator _mediator;

    private readonly ILogger<AnnotationController> _logger;

    /// <summary>
    /// Initializes a new instance of <see cref="AnnotationController"/>.
    /// </summary>
    [Obsolete("Use MediatR")]
    public AnnotationController(
        ILogger<AnnotationController> logger,
        IEnvelopeHistoryService envelopeHistoryService,
        IEnvelopeReceiverService envelopeReceiverService,
        IMediator mediator)
    {
        _historyService = envelopeHistoryService;
        _envelopeReceiverService = envelopeReceiverService;
        _mediator = mediator;
        _logger = logger;
    }

    /// <summary>
    /// Creates or updates annotations for the authenticated envelope receiver.
    /// </summary>
    /// <param name="psPdfKitAnnotation">Annotation payload.</param>
    /// <param name="cancel">Cancellation token.</param>
    [Authorize(Policy = AuthPolicy.Receiver)]
    [HttpPost]
    [Obsolete("PSPDF Kit will no longer be used.")]
    public async Task<IActionResult> CreateOrUpdate([FromBody] PsPdfKitAnnotation? psPdfKitAnnotation = null, CancellationToken cancel = default)
    {
        var signature = User.GetReceiverSignatureOfReceiver();
        var uuid = User.GetEnvelopeUuidOfReceiver();

        var envelopeReceiver = await _mediator.ReadEnvelopeReceiverAsync(uuid, signature, cancel).ThrowIfNull(Exceptions.NotFound);

        if (!envelopeReceiver.Envelope!.ReadOnly && psPdfKitAnnotation is null)
            return BadRequest();

        if (await _mediator.IsSignedAsync(uuid, signature, cancel))
            return Problem(statusCode: StatusCodes.Status409Conflict);
        else if (await _mediator.AnyHistoryAsync(uuid, new[] { EnvelopeStatus.EnvelopeRejected, EnvelopeStatus.DocumentRejected }, cancel))
            return Problem(statusCode: StatusCodes.Status423Locked);

        var docSignedNotification = await _mediator
            .ReadEnvelopeReceiverAsync(uuid, signature, cancel)
            .ToDocSignedNotification(psPdfKitAnnotation)
            ?? throw new NotFoundException("Envelope receiver is not found.");

        await _mediator.PublishSafely(docSignedNotification, cancel);
        await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

        return Ok();
    }

    /// <summary>
    /// Rejects the document for the current receiver.
    /// </summary>
    /// <param name="reason">Optional rejection reason.</param>
    [Authorize(Policy = AuthPolicy.Receiver)]
    [HttpPost("reject")]
    [Obsolete("Use MediatR")]
    public async Task<IActionResult> Reject([FromBody] string? reason = null)
    {
        var signature = User.GetReceiverSignatureOfReceiver();
        var uuid = User.GetEnvelopeUuidOfReceiver();
        var mail = User.GetReceiverMailOfReceiver();

        var envRcvRes = await _envelopeReceiverService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature);

        if (envRcvRes.IsFailed)
        {
            _logger.LogNotice(envRcvRes.Notices);
            return Unauthorized("you are not authorized");
        }

        var histRes = await _historyService.RecordAsync(envRcvRes.Data.EnvelopeId, userReference: mail, EnvelopeStatus.DocumentRejected, comment: reason);
        if (histRes.IsSuccess)
        {
            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
            return NoContent();
        }

        _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: "Unexpected error happened in api/envelope/reject");
        _logger.LogNotice(histRes.Notices);
        return StatusCode(500, histRes.Messages);
    }
    
    //TODO: update to use 
    /// <summary>
    /// 
    /// </summary>
    /// <param name="envelopeKey"></param>
    /// <param name="cancel"></param>
    /// <returns></returns>
    [Authorize(Policy = AuthPolicy.Receiver)]
    [HttpGet("{envelopeKey}")]
    public async Task<IActionResult> GetAnnotsOfReceiver(string envelopeKey, CancellationToken cancel)
    {
        int envelopeId = User.GetEnvelopeIdOfReceiver();

        int receiverId = User.GetReceiverIdOfReceiver();

        var doc = await _mediator.Send(new ReadDocumentQuery() { EnvelopeId = envelopeId }, cancel);

        if (doc.Elements is not IEnumerable<SignatureDto> docSignatures)
            return NotFound("Document is empty.");

        var rcvSignatures = docSignatures.Where(s => s.ReceiverId == receiverId).ToList();

        if (rcvSignatures is null)
            return NotFound("No signatures found for the current receiver.");
        else
            return Ok(rcvSignatures);
    }
}