C'est un pAPI.

2022-11-05 07:55:09 -07:00
parent 0b7b9689b1
commit 4608cb5de8
5 changed files with 230 additions and 9 deletions
--- a/GrossesMitaines/GrossesMitainesAPI/Controllers/AddressController.cs
+++ b/GrossesMitaines/GrossesMitainesAPI/Controllers/AddressController.cs
@@ -0,0 +1,195 @@
+namespace GrossesMitainesAPI.Controllers;
+
+#region Dependencies
+using GrossesMitainesAPI.Data;
+using GrossesMitainesAPI.Models;
+using GrossesMitainesAPI.Services;
+using Microsoft.AspNet.Identity;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Cors;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.EntityFrameworkCore;
+
+#endregion
+
+[EnableCors("_myAllowSpecificOrigins"), ApiController, Route("api/[controller]"),
+ Authorize(AuthenticationSchemes = "Identity.Application")]
+public class AddressController : Controller {
+    #region DI Fields
+    private readonly ILogger<AddressController> _logger;
+    private readonly InventoryContext _context;
+    private readonly SignInManager<InventoryUser> _signInMan;
+    private readonly Microsoft.AspNetCore.Identity.UserManager<InventoryUser> _userMan;
+
+    #endregion
+
+    #region Ctor
+    public AddressController(ILogger<AddressController> logger,
+                             InventoryContext context,
+                             SignInManager<InventoryUser> signInMan,
+                             Microsoft.AspNetCore.Identity.UserManager<InventoryUser> userMan) {
+        _logger = logger;
+        _context = context;
+        _userMan = userMan;
+        _signInMan = signInMan;
+    }
+
+    #endregion
+
+    #region API Methods
+    [EnableCors("_myAllowSpecificOrigins"), HttpGet(Name = "Addresses"), Route("ListAddresses")]
+    public async Task<ActionResult<List<AddressModel>>> GetList(bool? all) {
+        IList<string> roles;
+        InventoryUser user;
+        string id;
+
+        try {
+            user = await _userMan.GetUserAsync(_signInMan.Context.User);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            return BadRequest();
+        }
+
+        try { // Trouver les rôles de l'utilisateur, assumer non-admin si impossible à trouver.
+            roles = await _userMan.GetRolesAsync(user);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            roles = new List<string>();
+        }
+
+        try {
+            id = _signInMan.Context.User.Identity.GetUserId();
+            if (all is not null && all == true && roles.Contains("Administrateur"))
+                return Ok(_context.Addresses.ToList());
+            else return Ok(user.Adresses.ToList());
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            return BadRequest();
+        }
+    }
+
+    [EnableCors("_myAllowSpecificOrigins"), HttpGet(Name = "Address")]
+    public async Task<ActionResult<AddressModel>> Get(int id) {
+        IList<string> roles;
+        string userId;
+        AddressModel ad;
+        InventoryUser user;
+
+        try {
+            user = await _userMan.GetUserAsync(_signInMan.Context.User);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            return BadRequest();
+        }
+
+        try {
+            roles = await _userMan.GetRolesAsync(user);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            roles = new List<string>();
+        }
+
+        try {
+            ad = _context.Addresses.First(a => a.Id == id);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            return BadRequest();
+        }
+
+        if (roles.Contains("Administrateur") ||
+           (user.Adresses.Contains(ad)))
+            return ad;
+        else return Unauthorized();
+    }
+
+    [EnableCors("_myAllowSpecificOrigins"), HttpPost(Name = "Address")]
+    public async Task<ActionResult<AddressModel>> Post(AddressModel ad) {
+        try {
+            var user = await _userMan.GetUserAsync(_signInMan.Context.User);
+            user.Adresses.Add(ad);
+            _context.SaveChanges();
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            return BadRequest();
+        }
+
+        return ad;
+    }
+
+    [EnableCors("_myAllowSpecificOrigins"), HttpPatch(Name = "Address")]
+    public async Task<ActionResult<AddressModel>> Patch(AddressModel ad) {
+        IList<string> roles;
+        InventoryUser user;
+
+        try {
+            user = await _userMan.GetUserAsync(_signInMan.Context.User);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            return BadRequest();
+        }
+
+        try {
+            roles = await _userMan.GetRolesAsync(user);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            roles = new List<string>();
+        }
+
+        if (roles.Contains("Administrateur") ||
+            user.Adresses.Contains(ad))
+            try {
+                _context.Addresses.Update(ad);
+                _context.SaveChanges();
+            } catch (Exception e) {
+                _logger.LogError(10, e.Message);
+                return BadRequest();
+            }
+        else return Unauthorized();
+        return ad;
+    }
+
+    [EnableCors("_myAllowSpecificOrigins"), HttpDelete(Name = "Address")]
+    public async Task<ActionResult<int>> Delete(int id) {
+        IList<string> roles;
+        AddressModel ad;
+        InventoryUser user;
+        int adId = 0;
+
+        try {
+            user = await _userMan.GetUserAsync(_signInMan.Context.User);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            return BadRequest();
+        }
+
+        try {
+            roles = await _userMan.GetRolesAsync(user);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            roles = new List<string>();
+        }
+
+        try {
+            ad = _context.Addresses.First(a => a.Id == id);
+        } catch (Exception e) {
+            _logger.LogError(10, e.Message);
+            return BadRequest();
+        }
+
+        adId = ad.Id;
+        if (roles.Contains("Administrateur") ||
+            user.Adresses.Contains(ad))
+            try {
+                user.Adresses.Remove(ad);
+                _context.SaveChanges();
+            } catch (Exception e) {
+                _logger.LogError(10, e.Message);
+                return BadRequest();
+            }
+        else return Unauthorized();
+        return adId;
+    }
+
+    #endregion
+}