From 7610235e63ec7758deec49cb20c5e7e407d084bb Mon Sep 17 00:00:00 2001
From: KoCoder <me@kocoder.xyz>
Date: Fri, 13 Feb 2026 17:10:40 +0100
Subject: [PATCH] FEAT: Fetch ModuleDefinition's Permission on Utilize for
 Reporting

---
 .../Services/ReportSystemReportingService.cs  | 30 ++++++++++++++-----
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/Server/Services/ReportSystemReportingService.cs b/Server/Services/ReportSystemReportingService.cs
index b733ca0..16282c7 100644
--- a/Server/Services/ReportSystemReportingService.cs
+++ b/Server/Services/ReportSystemReportingService.cs
@@ -7,42 +7,55 @@ using Microsoft.AspNetCore.Http;
 using Oqtane.Enums;
 using Oqtane.Infrastructure;
 using Oqtane.Models;
+using Oqtane.Repository;
 using Oqtane.Security;
 using Oqtane.Shared;
 using SZUAbsolventenverein.Module.ReportSystem.Models;
+using SZUAbsolventenverein.Module.ReportSystem.Permissions;
 using SZUAbsolventenverein.Module.ReportSystem.Repository;
 
 namespace SZUAbsolventenverein.Module.ReportSystem.Services
 {
     public class ServerReportSystemReportingService : IReportSystemReportingService, IReportingHandler
     {
+        private readonly IModuleDefinitionRepository _moduleDefinitionRepository;
         private readonly IReportingRepository _reportSystemRepository;
         private readonly IUserPermissions _userPermissions;
         private readonly ILogManager _logger;
         private readonly IHttpContextAccessor _accessor;
         private readonly Alias _alias;
+        private readonly int _moduleDefinitionId;
         
-        public ServerReportSystemReportingService(IReportingRepository reportSystemRepository, IUserPermissions userPermissions, ITenantManager tenantManager, ILogManager logger, IHttpContextAccessor accessor)
+        public ServerReportSystemReportingService(IModuleDefinitionRepository moduleDefinitionRepository, IReportingRepository reportSystemRepository, IUserPermissions userPermissions, ITenantManager tenantManager, ILogManager logger, IHttpContextAccessor accessor)
         {
+            _moduleDefinitionRepository = moduleDefinitionRepository;
             _reportSystemRepository = reportSystemRepository;
             _userPermissions = userPermissions;
             _logger = logger;
             _accessor = accessor;
             _alias = tenantManager.GetAlias();
+
+            ModuleDefinition md = moduleDefinitionRepository.GetModuleDefinitions(_alias.SiteId).ToList().Find(md => md.IsEnabled && md.Name == new ModuleInfo().ModuleDefinition.Name);
+            if (md == null)
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Reporting Module Not Found {ModuleName}", new ModuleInfo().ModuleDefinition.Name);
+            }
+            else
+            {
+                _moduleDefinitionId = md.ModuleDefinitionId;
+            }
         }
         
         public Task<Reporting> CreateReportAsync(Reporting Reporting)
         {
-            // true || 
-            Console.WriteLine("HELP");
-            if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.ModuleDefinition, 53, PermissionNames.Utilize))
+            if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.ModuleDefinition, _moduleDefinitionId, PermissionNames.Utilize))
             {
-                _logger.Log(LogLevel.Information, this, LogFunction.Update, "Reporting Updated {Reporting}", Reporting);
+                _logger.Log(LogLevel.Information, this, LogFunction.Update, "Reporting created {Reporting}", Reporting);
                 return Task.FromResult(_reportSystemRepository.AddReporting(Reporting));
             }
             else
             {
-                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Update Attempt {Reporting}", Reporting);
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting create attempt {Reporting}", Reporting);
                 return null;
             }
         }
@@ -108,7 +121,10 @@ namespace SZUAbsolventenverein.Module.ReportSystem.Services
             // if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, ModuleId, PermissionNames.Edit))
             {
                 Reporting reporting = await CreateReportAsync(new Reporting {ModuleId = reportable.ModuleID, EntityId = reportable.EntityID, Note = note, Reason = "Default Reason"});
-                _logger.Log(LogLevel.Information, this, LogFunction.Delete, "Reporting recieved {ReportingId}", reporting.ReportingID);
+                if (reporting != null)
+                {
+                    _logger.Log(LogLevel.Information, this, LogFunction.Delete, "Reporting recieved {ReportingId}", reporting.ReportingID);
+                }
             }
             // else
             {