using System; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; using Interfaces; using Microsoft.AspNetCore.Http; using Oqtane.Enums; using Oqtane.Infrastructure; using Oqtane.Models; using Oqtane.Repository; using Oqtane.Security; using Oqtane.Shared; using SZUAbsolventenverein.Module.ReportSystem.Models; using SZUAbsolventenverein.Module.ReportSystem.Permissions; using SZUAbsolventenverein.Module.ReportSystem.Repository; namespace SZUAbsolventenverein.Module.ReportSystem.Services { public class ServerReportSystemReportingService : IReportSystemReportingService, IReportingHandler { private readonly IModuleDefinitionRepository _moduleDefinitionRepository; private readonly IReportingRepository _reportSystemRepository; private readonly IUserPermissions _userPermissions; private readonly ILogManager _logger; private readonly IHttpContextAccessor _accessor; private readonly Alias _alias; private readonly int _moduleDefinitionId; public ServerReportSystemReportingService(IModuleDefinitionRepository moduleDefinitionRepository, IReportingRepository reportSystemRepository, IUserPermissions userPermissions, ITenantManager tenantManager, ILogManager logger, IHttpContextAccessor accessor) { _moduleDefinitionRepository = moduleDefinitionRepository; _reportSystemRepository = reportSystemRepository; _userPermissions = userPermissions; _logger = logger; _accessor = accessor; _alias = tenantManager.GetAlias(); ModuleDefinition md = moduleDefinitionRepository.GetModuleDefinitions(_alias.SiteId).ToList().Find(md => md.IsEnabled && md.Name == new ModuleInfo().ModuleDefinition.Name); if (md == null) { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Reporting Module Not Found {ModuleName}", new ModuleInfo().ModuleDefinition.Name); } else { _moduleDefinitionId = md.ModuleDefinitionId; } } public Task CreateReportAsync(Reporting Reporting) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.ModuleDefinition, _moduleDefinitionId, PermissionNames.Utilize)) { _logger.Log(LogLevel.Information, this, LogFunction.Update, "Reporting created {Reporting}", Reporting); return Task.FromResult(_reportSystemRepository.AddReporting(Reporting)); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting create attempt {Reporting}", Reporting); return null; } } public Task> GetReportsAsync(int ModuleId) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, ModuleId, PermissionNames.View)) { return Task.FromResult(_reportSystemRepository.GetReportings().ToList()); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reportings Get Attempt {ModuleId}", ModuleId); return null; } } public Task GetReportAsync(int ReportableId, int ModuleId) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, ModuleId, PermissionNames.View)) { return Task.FromResult(_reportSystemRepository.GetReporting(ReportableId)); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Get Attempt {ModuleId} {ReportableId}", ModuleId, ReportableId); return null; } } public Task UpdateReport(Reporting Reporting) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, Reporting.ReportingID, PermissionNames.Edit)) { Reporting = _reportSystemRepository.UpdateReporting(Reporting); _logger.Log(LogLevel.Information, this, LogFunction.Update, "Reporting Updated {Reporting}", Reporting); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Update Attempt {Reporting}", Reporting); Reporting = null; } return Task.FromResult(Reporting); } public Task DeleteReportingAsync(int ReportingId, int ModuleId) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, ModuleId, PermissionNames.Edit)) { _reportSystemRepository.DeleteReporting(ReportingId); _logger.Log(LogLevel.Information, this, LogFunction.Delete, "Reporting Deleted {ReportingId}", ReportingId); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Delete Attempt {ReportingId} {ModuleId}", ReportingId, ModuleId); } return Task.CompletedTask; } public async void Report(IReportable reportable, string note) { // if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, ModuleId, PermissionNames.Edit)) { Reporting reporting = await CreateReportAsync(new Reporting {ModuleId = reportable.ModuleID, EntityId = reportable.EntityID, Note = note, Reason = "Default Reason"}); if (reporting != null) { _logger.Log(LogLevel.Information, this, LogFunction.Delete, "Reporting recieved {ReportingId}", reporting.ReportingID); } } // else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Reporting Delete Attempt {EntityId} {ModuleId}", reportable.EntityID, reportable); } } } }