TekH
6b23dcdba7
Replaced all usages of ReceiverRole with the new Role class in EnvelopeGenerator.Domain.Constants. Removed ReceiverRole.cs and added Role.cs with PreAuth and FullyAuth constants. Updated all [Authorize] attributes and role checks in controllers and authentication logic to use Role.FullyAuth and Role.PreAuth. This centralizes role management for improved maintainability and clarity.
119 lines
4.7 KiB
C#
119 lines
4.7 KiB
C#
using DigitalData.Core.Abstraction.Application.DTO;
|
|
using DigitalData.Core.Exceptions;
|
|
using EnvelopeGenerator.Application.Common.Extensions;
|
|
using EnvelopeGenerator.Application.Common.Interfaces.Services;
|
|
using EnvelopeGenerator.Application.Common.Notifications.DocSigned;
|
|
using EnvelopeGenerator.Application.EnvelopeReceivers.Queries;
|
|
using EnvelopeGenerator.Application.Histories.Queries;
|
|
using EnvelopeGenerator.Domain.Constants;
|
|
using EnvelopeGenerator.Web.Extensions;
|
|
using MediatR;
|
|
using Microsoft.AspNetCore.Authentication;
|
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
namespace EnvelopeGenerator.Web.Controllers;
|
|
|
|
[Authorize(Roles = Role.FullyAuth)]
|
|
[ApiController]
|
|
[Route("api/[controller]")]
|
|
public class AnnotationController : ControllerBase
|
|
{
|
|
[Obsolete("Use MediatR")]
|
|
private readonly IEnvelopeHistoryService _histService;
|
|
[Obsolete("Use MediatR")]
|
|
private readonly IEnvelopeReceiverService _envRcvService;
|
|
|
|
private readonly IMediator _mediator;
|
|
|
|
private readonly ILogger<AnnotationController> _logger;
|
|
|
|
[Obsolete("Use MediatR")]
|
|
public AnnotationController(
|
|
ILogger<AnnotationController> logger,
|
|
IEnvelopeHistoryService envelopeHistoryService,
|
|
IEnvelopeReceiverService envelopeReceiverService,
|
|
IMediator mediator)
|
|
{
|
|
_histService = envelopeHistoryService;
|
|
_envRcvService = envelopeReceiverService;
|
|
_mediator = mediator;
|
|
_logger = logger;
|
|
}
|
|
|
|
[Authorize(Roles = Role.FullyAuth)]
|
|
[HttpPost]
|
|
public async Task<IActionResult> CreateOrUpdate([FromBody] PsPdfKitAnnotation? psPdfKitAnnotation = null, CancellationToken cancel = default)
|
|
{
|
|
// get claims
|
|
var signature = User.GetAuthReceiverSignature();
|
|
var uuid = User.GetAuthEnvelopeUuid();
|
|
|
|
if (signature is null || uuid is null)
|
|
{
|
|
_logger.LogError("Authorization failed: authenticated user does not have a valid signature or envelope UUID.");
|
|
return Unauthorized("User authentication is incomplete. Missing required claims for processing this request.");
|
|
}
|
|
|
|
// check if non read-and-confirm envelope is signed without annotation
|
|
var er = await _mediator.ReadEnvelopeReceiverAsync(uuid, signature, cancel).ThrowIfNull(Exceptions.NotFound);
|
|
|
|
if (!er.Envelope!.ReadOnly && psPdfKitAnnotation is null)
|
|
return BadRequest();
|
|
|
|
// Again check if receiver has already signed
|
|
if (await _mediator.IsSignedAsync(uuid, signature, cancel))
|
|
return Problem(statusCode: 409);
|
|
else if (await _mediator.AnyHistoryAsync(uuid, new[] { EnvelopeStatus.EnvelopeRejected, EnvelopeStatus.DocumentRejected }, cancel))
|
|
return Problem(statusCode: 423);
|
|
|
|
var docSignedNotification = await _mediator
|
|
.ReadEnvelopeReceiverAsync(uuid, signature, cancel)
|
|
.ToDocSignedNotification(psPdfKitAnnotation)
|
|
?? throw new NotFoundException("Envelope receiver is not found.");
|
|
|
|
await _mediator.PublishSafely(docSignedNotification, cancel);
|
|
|
|
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
|
|
|
return Ok();
|
|
}
|
|
|
|
[Authorize(Roles = Role.FullyAuth)]
|
|
[HttpPost("reject")]
|
|
[Obsolete("Use DigitalData.Core.Exceptions and .Middleware")]
|
|
public async Task<IActionResult> Reject([FromBody] string? reason = null)
|
|
{
|
|
var signature = User.GetAuthReceiverSignature();
|
|
var uuid = User.GetAuthEnvelopeUuid();
|
|
var mail = User.GetAuthReceiverMail();
|
|
if (uuid is null || signature is null || mail is null)
|
|
{
|
|
_logger.LogEnvelopeError(uuid: uuid, signature: signature,
|
|
message: @$"Unauthorized POST request in api\envelope\reject. One of claims, Envelope, signature or mail ({mail}) is null.");
|
|
return Unauthorized();
|
|
}
|
|
|
|
var envRcvRes = await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature);
|
|
|
|
if (envRcvRes.IsFailed)
|
|
{
|
|
_logger.LogNotice(envRcvRes.Notices);
|
|
return Unauthorized("you are not authirized");
|
|
}
|
|
|
|
var histRes = await _histService.RecordAsync(envRcvRes.Data.EnvelopeId, userReference: mail, EnvelopeStatus.DocumentRejected, comment: reason);
|
|
if (histRes.IsSuccess)
|
|
{
|
|
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
|
return NoContent();
|
|
}
|
|
else
|
|
{
|
|
_logger.LogEnvelopeError(uuid: uuid, signature: signature, message: "Unexpected error happend in api/envelope/reject");
|
|
_logger.LogNotice(histRes.Notices);
|
|
return StatusCode(500, histRes.Messages);
|
|
}
|
|
}
|
|
} |