EnvelopeGenerator/EnvelopeGenerator.Web/Controllers/EnvelopeController.cs

using EnvelopeGenerator.CommonServices;
using EnvelopeGenerator.Web.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using EnvelopeGenerator.Application.Extensions;
using EnvelopeGenerator.Application.Interfaces.Services;
using EnvelopeGenerator.Domain.Constants;
using EnvelopeGenerator.Domain.Entities;
using DigitalData.Core.Abstraction.Application.DTO;
using EnvelopeGenerator.Web.Extensions;
using MediatR;
using System.Dynamic;
using EnvelopeGenerator.Application.EnvelopeReceivers.Queries;
using EnvelopeGenerator.Application.Notifications.DocSigned;
using DigitalData.Core.Exceptions;

namespace EnvelopeGenerator.Web.Controllers;

[Authorize(Roles = ReceiverRole.FullyAuth)]
[ApiController]
[Route("api/[controller]")]
public class EnvelopeController : BaseController
{
    private readonly EnvelopeOldService envelopeService;
    private readonly ActionService? actionService;

    [Obsolete("Use MediatR")]
    private readonly IEnvelopeHistoryService _histService;
    [Obsolete("Use MediatR")]
    private readonly IEnvelopeReceiverService _envRcvService;

    private readonly IMediator _mediator;

    [Obsolete("Use MediatR")]
    public EnvelopeController(DatabaseService database,
        EnvelopeOldService envelope,
        ILogger<EnvelopeController> logger,
        IEnvelopeHistoryService envelopeHistoryService,
        IEnvelopeReceiverService envelopeReceiverService, IMediator mediator) : base(database, logger)
    {
        envelopeService = envelope;
        actionService = database?.Services?.actionService;
        _histService = envelopeHistoryService;
        _envRcvService = envelopeReceiverService;
        _mediator = mediator;
    }

    [Authorize(Roles = ReceiverRole.FullyAuth)]
    [HttpPost("{envelopeKey}")]
    [Obsolete("Use MediatR")]
    public async Task<IActionResult> CreateOrUpdate([FromRoute] string envelopeKey, int index, [FromBody] ExpandoObject annotations, CancellationToken cancel = default)
    {
        // get claims
        var signature = User.GetAuthReceiverSignature();
        var uuid = User.GetAuthEnvelopeUuid();

        if (signature is null || uuid is null)
        {
            _logger.LogError("Authorization failed: authenticated user does not have a valid signature or envelope UUID.");
            return Unauthorized("User authentication is incomplete. Missing required claims for processing this request.");
        }

        // Again check if receiver has already signed
        if (await _mediator.IsSignedAsync(uuid, signature, cancel))
            return Problem(statusCode: 403);

        var notification = await _mediator.ReadEnvelopeReceiverAsync(envelopeKey, cancel)
            .ToDocSignedNotification(annotations)
            ?? throw new NotFoundException("Envelope receiver is not found.");

        await _mediator.Publish(notification, cancel);

        EnvelopeReceiver response = await envelopeService.LoadEnvelope(envelopeKey);

        var signResult = actionService?.SignEnvelope(response.Envelope, ReceiverVM.From(response));

        return Ok(new object());
    }

    [Authorize(Roles = ReceiverRole.FullyAuth)]
    [HttpPost("reject")]
    [Obsolete("Use DigitalData.Core.Exceptions and .Middleware")]
    public async Task<IActionResult> Reject([FromBody] string? reason = null)
    {
        var signature = User.GetAuthReceiverSignature();
        var uuid = User.GetAuthEnvelopeUuid();
        var mail = User.GetAuthReceiverMail();
        if (uuid is null || signature is null || mail is null)
        {
            _logger.LogEnvelopeError(uuid: uuid, signature: signature,
                message: @$"Unauthorized POST request in api\envelope\reject. One of claims, Envelope, signature or mail ({mail}) is null.");
            return Unauthorized();
        }

        var envRcvRes = await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature);

        if (envRcvRes.IsFailed)
        {
            _logger.LogNotice(envRcvRes.Notices);
            return Unauthorized("you are not authirized");
        }

        return await _histService.RecordAsync(envRcvRes.Data.EnvelopeId, userReference: mail, EnvelopeStatus.DocumentRejected, comment: reason).ThenAsync(
            Success: id => NoContent(),
            Fail: IActionResult (mssg, ntc) =>
            {
                _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: "Unexpected error happend in api/envelope/reject");
                _logger.LogNotice(ntc);
                return this.ViewInnerServiceError();
            });
    }
}