New: Report-System using globally available Interfaces.

2026-02-12 19:01:30 +01:00
parent a94527f294
commit 28925a3cfa
21 changed files with 847 additions and 8 deletions
--- a/Server/Controllers/ReportSystemController.cs
+++ b/Server/Controllers/ReportSystemController.cs
@@ -0,0 +1,117 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Authorization;
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Http;
+using Oqtane.Shared;
+using Oqtane.Enums;
+using Oqtane.Infrastructure;
+using SZUAbsolventenverein.Module.AdminModules.Services;
+using Oqtane.Controllers;
+using System.Net;
+using System.Threading.Tasks;
+using SZUAbsolventenverein.Module.AdminModules.Models;
+using Oqtane.Models;
+using SZUAbsolventenverein.Module.ReportSystem.Models;
+using SZUAbsolventenverein.Module.ReportSystem.Services;
+
+namespace SZUAbsolventenverein.Module.ReportSystem.Controllers
+{
+    [Route(ControllerRoutes.ApiRoute)]
+    public class ReportSystemController : ModuleControllerBase
+    {
+        private readonly IReportSystemReportingService _reportSystemReportingService;
+
+        public ReportSystemController(IReportSystemReportingService reportSystemReportingService, ILogManager logger, IHttpContextAccessor accessor) : base(logger, accessor)
+        {
+            _reportSystemReportingService = reportSystemReportingService;
+        }
+
+        // GET: api/<controller>?moduleid=x
+        [HttpGet]
+        [Authorize(Policy = PolicyNames.ViewModule)]
+        public async Task<IEnumerable<Reporting>> Get(string moduleid)
+        {
+            int ModuleId;
+            if (int.TryParse(moduleid, out ModuleId) && IsAuthorizedEntityId(EntityNames.Module, ModuleId))
+            {
+                return await _reportSystemReportingService.GetReportsAsync(ModuleId);
+            }
+            else
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Get Attempt {ModuleId}", moduleid);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                return null;
+            }
+        }
+
+        // GET api/<controller>/5
+        [HttpGet("get/{id}/{moduleid}")]
+        [Authorize(Policy = PolicyNames.ViewModule)]
+        public async Task<Reporting> Get(int id, int moduleid)
+        {
+            if (IsAuthorizedEntityId(EntityNames.Module, moduleid))
+            {
+                return await _reportSystemReportingService.GetReportAsync(id, moduleid);
+            }
+            else
+            { 
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Get Attempt {Reporting} {ModuleId}", id, moduleid);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                return null;
+            }
+        }
+
+        // POST api/<controller>
+        [HttpPost]
+        [Authorize(Policy = PolicyNames.EditModule)]
+        public async Task<Reporting> Post([FromBody] Reporting Reporting)
+        {
+            if (ModelState.IsValid && IsAuthorizedEntityId(EntityNames.Module, Reporting.ModuleId))
+            {
+                Reporting = await _reportSystemReportingService.CreateReportAsync(Reporting);
+            }
+            else
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Post Attempt {Reporting}", Reporting);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                Reporting = null;
+            }
+            return Reporting;
+        }
+
+        // PUT api/<controller>/5
+        [HttpPut("{id}")]
+        [Authorize(Policy = PolicyNames.EditModule)]
+        public async Task<Reporting> Put(int id, [FromBody] Reporting Reporting)
+        {
+            if (ModelState.IsValid && Reporting.ReportingID == id && IsAuthorizedEntityId(EntityNames.Module, Reporting.ReportingID))
+            {
+                Reporting = await _reportSystemReportingService.UpdateReport(Reporting);
+            }
+            else
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Put Attempt {Reporting}", Reporting);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                Reporting = null;
+            }
+            return Reporting;
+        }
+
+        // DELETE api/<controller>/5
+        [HttpDelete("{id}/{moduleid}")]
+        [Authorize(Policy = PolicyNames.EditModule)]
+        public async Task Delete(int id, int moduleid)
+        {
+            Reporting Reporting = await _reportSystemReportingService.GetReportAsync(id, moduleid);
+            if (Reporting != null && IsAuthorizedEntityId(EntityNames.Module, Reporting.ReportingID))
+            {
+                await _reportSystemReportingService.DeleteReportingAsync(id, Reporting.ReportingID);
+            }
+            else
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Delete Attempt {ReportingID} {ModuleId}", id, moduleid);
+                HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
+            }
+        }
+    }
+}