AppStd/EnvelopeGenerator
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
EnvelopeGenerator/EnvelopeGenerator.Web/Controllers/HomeController.cs
Developer 02 f5dd3cf8be PDF-Serialisierung erfolgt jetzt direkt auf Razor Page - Sicherheitsverbesserung 
Externer Fetch-Vorgang entfernt, PDF-Inhalt aus Sicherheitsgründen direkt auf der Razor Page serialisiert.
2024-04-10 09:21:56 +02:00

131 lines
5.2 KiB
C#
Raw Blame History

using EnvelopeGenerator.Application.Contracts;
using EnvelopeGenerator.Application.DTOs;
using EnvelopeGenerator.Application.Services;
using EnvelopeGenerator.Common;
using EnvelopeGenerator.Web.Models;
using EnvelopeGenerator.Web.Services;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Primitives;
using System.Diagnostics;
namespace EnvelopeGenerator.Web.Controllers
{
public class HomeController : BaseController
{
private readonly EnvelopeOldService envelopeOldService;
private readonly IConfiguration _config;
private readonly IEnvelopeReceiverService _envRcvService;
private readonly IEnvelopeService _envelopeService;
public HomeController(DatabaseService databaseService, EnvelopeOldService envelopeOldService, ILogger<HomeController> logger, IConfiguration configuration, IEnvelopeReceiverService envelopeReceiverService, IEnvelopeService envelopeService) : base(databaseService, logger)
{
this.envelopeOldService = envelopeOldService;
_envRcvService = envelopeReceiverService;
_envelopeService = envelopeService;
_config = configuration;
}
[HttpGet("/")]
public IActionResult Index()
{
return View();
}
[HttpPost("/")]
public IActionResult DebugEnvelopes([FromForm] string? password)
{
try
{
var passwordFromConfig = _config["Config:AdminPassword"] ?? throw new InvalidOperationException("No admin password configured!");
if (passwordFromConfig == null)
{
ViewData["error"] = "No admin password configured!";
return View("Index");
}
if (password != passwordFromConfig)
{
ViewData["error"] = "Wrong Password!";
return View("Index");
}
List<Envelope> envelopes = envelopeOldService.LoadEnvelopes();
return View(envelopes);
}
catch (Exception e)
{
ViewData["error"] = "Unknown error!";
return View("Index");
}
}
[HttpGet("/EnvelopeKey/{envelopeReceiverId}")]
public IActionResult ShowEnvelope([FromRoute] string envelopeReceiverId) => Redirect($"/EnvelopeKey/{envelopeReceiverId}/Locked");
[HttpPost("/EnvelopeKey/{envelopeReceiverId}/Locked")]
public async Task<IActionResult> ShowEnvelope([FromRoute] string envelopeReceiverId, [FromForm] string access_code)
{
var decodedId = envelopeReceiverId.DecodeEnvelopeReceiverId();
_logger.LogInformation($"Envelope UUID: [{decodedId.EnvelopeUuid}]");
_logger.LogInformation($"Receiver Signature: [{decodedId.ReceiverSignature}]");
var verification = await _envRcvService.VerifyAccessCode(decodedId.EnvelopeUuid, access_code);
EnvelopeResponse response = await envelopeOldService.LoadEnvelope(envelopeReceiverId);
if (verification.IsSuccess)
{
if (envelopeOldService.ReceiverAlreadySigned(response.Envelope, response.Receiver.Id) == true)
{
return Problem(statusCode: 403);
}
var envelope = await _envelopeService.ReadByUuidAsync(uuid: decodedId.EnvelopeUuid, signature: decodedId.ReceiverSignature, withAll: true);
database.Services.actionService.EnterCorrectAccessCode(response.Envelope, response.Receiver); //for history
ViewData["EnvelopeKey"] = envelopeReceiverId;
ViewData["EnvelopeResponse"] = response;
ViewData["EnvelopeResponse"] = response;
if (response.Envelope.Documents.Count() > 0)
{
var document = await envelopeOldService.GetDocument(response.Envelope.Documents[0].Id, envelopeReceiverId);
byte[] bytes = await envelopeOldService.GetDocumentContents(document);
ViewData["DocumentBytes"] = bytes;
}
else
ViewData["DocumentBytes"] = null;
return View("ShowEnvelope", envelope);
}
else
{
database.Services.actionService.EnterIncorrectAccessCode(response.Envelope, response.Receiver); //for history
return Unauthorized();
}
}
[HttpGet("/EnvelopeKey/{envelopeReceiverId}/Locked")]
public async Task<IActionResult> EnvelopeLocked([FromRoute] string envelopeReceiverId)
{
ViewData["EnvelopeKey"] = envelopeReceiverId;
return View();
}
[HttpGet("/EnvelopeKey/{EnvelopeReceiverId}/Success")]
public IActionResult EnvelopeSigned()
{
ViewData["EnvelopeKey"] = HttpContext.Request.RouteValues["EnvelopeReceiverId"];
return View();
}
[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
public IActionResult Error()
{
return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
}
}
}
Reference in New Issue View Git Blame Copy Permalink