From 0ef327a0594162373860f7758eaeb433725c5ff2 Mon Sep 17 00:00:00 2001 From: Developer 02 Date: Fri, 25 Oct 2024 01:43:14 +0200 Subject: [PATCH] =?UTF-8?q?feat:=20ProfileObjStateController=20f=C3=BCr=20?= =?UTF-8?q?verbesserte=20CRUD-Funktionalit=C3=A4t=20aktualisiert?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - `GetAsync`-Methode mit zusätzlichen Filteroptionen für Profil-, Benutzer- und Zustandsdetails erweitert. - Verbesserte Autorisierungsprüfungen mit detaillierter Fehlerprotokollierung bei fehlenden oder ungültigen Benutzer-ID-Ansprüchen. - Identitätsprüfung in den Create- und Delete-Methoden hinzugefügt, um unbefugten Zugriff zu verhindern. - Fehlerbehandlung und Antwort verfeinert für robustere serverseitige Verarbeitung. --- .../Controllers/ProfileObjStateController.cs | 102 ++++++++++++++++++ 1 file changed, 102 insertions(+) diff --git a/WorkFlow.API/Controllers/ProfileObjStateController.cs b/WorkFlow.API/Controllers/ProfileObjStateController.cs index 308316a..668fc76 100644 --- a/WorkFlow.API/Controllers/ProfileObjStateController.cs +++ b/WorkFlow.API/Controllers/ProfileObjStateController.cs @@ -1,4 +1,5 @@ using DigitalData.Core.API; +using DigitalData.Core.DTO; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using WorkFlow.Application.Contracts; @@ -12,5 +13,106 @@ namespace WorkFlow.API.Controllers [Authorize] public class ProfileObjStateController(ILogger logger, IProfileObjStateService service) : CRUDControllerBaseWithErrorHandling(logger, service) { + [NonAction] + public override Task GetAll() => base.GetAll(); + + [NonAction] + public override Task Update(ProfileObjStateUpdateDto updateDto) => base.Update(updateDto); + + [HttpGet] + public async Task GetAsync( + bool withProfile = true, bool withUser = true, bool withState = true, + int? profileId = null, int? objId = null, bool? profileActive = null) + { + try + { + if (!this.TryGetUserId(out int? id)) + { + logger.LogError("Authorization failed: User ID claim not found."); + return StatusCode(StatusCodes.Status500InternalServerError, "Failed to retrieve user identity."); + } + else if (id is null) + { + logger.LogError("Invalid user ID: Retrieved ID is null or not an integer."); + return StatusCode(StatusCodes.Status500InternalServerError, "Invalid user ID."); + } + + return await _service.ReadAsync( + withProfile: withProfile, withUser: withUser, withState, + userId: id, + profileId: profileId, objId: objId, profileActive: profileActive) + .ThenAsync( + Success: pctf => pctf.Any() ? Ok(pctf) : NotFound(), + Fail: IActionResult (msg, ntc) => + { + logger.LogNotice(ntc); + return NotFound(); + }); + } + catch (Exception ex) + { + logger.LogError(ex, "An unexpected error occurred while processing the request: {Message}", ex.Message); + return StatusCode(StatusCodes.Status500InternalServerError, "An internal server error occurred."); + } + } + + [HttpPost] + public override async Task Create([FromBody] ProfileObjStateCreateDto createDto) + { + try + { + if (!this.TryGetUserId(out int? id)) + { + logger.LogError("Authorization failed: User ID claim not found."); + return StatusCode(StatusCodes.Status500InternalServerError, "Failed to retrieve user identity."); + } + else if (id is null) + { + logger.LogError("Invalid user ID: Retrieved ID is null or not an integer."); + return StatusCode(StatusCodes.Status500InternalServerError, "Invalid user ID."); + } + + if (createDto.UserId != id) + return Unauthorized(); + + return await base.Create(createDto); + } + catch (Exception ex) + { + logger.LogError(ex, "An unexpected error occurred while processing the request: {Message}", ex.Message); + return StatusCode(StatusCodes.Status500InternalServerError, "An internal server error occurred."); + } + } + + [HttpDelete] + public override async Task Delete([FromRoute] int id) + { + try + { + if (!this.TryGetUserId(out int? userId)) + { + logger.LogError("Authorization failed: User ID claim not found."); + return StatusCode(StatusCodes.Status500InternalServerError, "Failed to retrieve user identity."); + } + else if (userId is null) + { + logger.LogError("Invalid user ID: Retrieved ID is null or not an integer."); + return StatusCode(StatusCodes.Status500InternalServerError, "Invalid user ID."); + } + + return await _service.ReadByIdAsync(id).ThenAsync( + SuccessAsync: async pctf => pctf.UserId == userId ? await base.Delete(id) : Unauthorized(), + Fail: IActionResult (msg, ntc) => + { + _logger.LogNotice(ntc); + return ntc.HasFlag(Flag.NotFound) ? NotFound() : StatusCode(StatusCodes.Status500InternalServerError); + }); + } + catch (Exception ex) + { + logger.LogError(ex, "An unexpected error occurred while processing the request: {Message}", ex.Message); + return StatusCode(StatusCodes.Status500InternalServerError, "An internal server error occurred."); + } + } } } \ No newline at end of file