admin/marco.pms.api
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

Merge pull request 'Ashutosh_#375_To_#381' (#75) from Ashutosh_#375_To_#381 into Feature_Directory

Browse Source 
Reviewed-on: #75
This commit is contained in:
Vikas Nale 2025-05-27 07:49:17 +00:00
commit 7a0d85400f
2 changed files with 170 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
Marco.Pms.Services/Controllers/DirectoryController.cs
View File

@ -39,12 +39,17 @@ namespace Marco.Pms.Services.Controllers
{
return Ok(response);
}
else if (response.StatusCode == 401)
{
return Unauthorized(response);
}
else
{
return BadRequest(response);
}
}
[HttpGet("contact-bucket/{bucketId}")]
public async Task<IActionResult> GetContactsListByBucketId(Guid bucketId)
{
@ -98,6 +103,10 @@ namespace Marco.Pms.Services.Controllers
{
return NotFound(response);
}
else if (response.StatusCode == 401)
{
return Unauthorized(response);
}
else
{
return BadRequest(response);
@ -217,8 +226,19 @@ namespace Marco.Pms.Services.Controllers
public async Task<IActionResult> GetBucketList()
{
var response = await _directoryHelper.GetBucketList();
if (response.StatusCode == 200)
{
return Ok(response);
}
else if (response.StatusCode == 401)
{
return Unauthorized(response);
}
else
{
return BadRequest(response);
}
}
[HttpPost("bucket")]
public async Task<IActionResult> CreateBucket(CreateBucketDto bucketDto)
@ -241,6 +261,10 @@ namespace Marco.Pms.Services.Controllers
{
return Conflict(response);
}
else if (response.StatusCode == 401)
{
return Unauthorized(response);
}
else
{
return BadRequest(response);
@ -260,6 +284,10 @@ namespace Marco.Pms.Services.Controllers
{
return NotFound(response);
}
else if (response.StatusCode == 401)
{
return Unauthorized(response);
}
else
{
return BadRequest(response);

146
Marco.Pms.Services/Helpers/DirectoryHelper.cs
View File

@ -18,13 +18,18 @@ namespace Marco.Pms.Services.Helpers
private readonly ApplicationDbContext _context;
private readonly ILoggingService _logger;
private readonly UserHelper _userHelper;
private readonly Guid directoryAdmin;
private readonly Guid directoryManager;
private readonly Guid directoryUser;
public DirectoryHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper)
{
_context = context;
_logger = logger;
_userHelper = userHelper;
directoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda");
directoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5");
directoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb");
}
@ -33,9 +38,29 @@ namespace Marco.Pms.Services.Helpers
{
Guid tenantId = _userHelper.GetTenantId();
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync();
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync();
List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList();
List<Guid> filterbucketIds = employeeBuckets.Select(c => c.BucketId).ToList();
if (permissionIds.Contains(directoryAdmin))
{
var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync();
bucketIds = buckets.Select(b => b.Id).ToList();
}
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
{
var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
var createdBucketIds = buckets.Select(b => b.Id).ToList();
bucketIds.AddRange(createdBucketIds);
bucketIds = bucketIds.Distinct().ToList();
}
else
{
_logger.LogError("Employee {EmployeeId} attemped to access a contacts, but do not have permission", LoggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401);
}
List<Guid> filterbucketIds = bucketIds;
if (filterDto != null && filterDto.BucketIds != null && filterDto.BucketIds.Count > 0)
{
filterbucketIds = filterDto.BucketIds;
@ -160,12 +185,37 @@ namespace Marco.Pms.Services.Helpers
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
if (id != Guid.Empty)
{
EmployeeBucketMapping? employeeBucket = await _context.EmployeeBucketMappings.FirstOrDefaultAsync(em => em.BucketId == id && em.EmployeeId == LoggedInEmployee.Id);
Bucket? bucket = await _context.Buckets.FirstOrDefaultAsync(b => b.Id == id && b.TenantId == tenantId);
if (bucket == null)
{
_logger.LogInfo("Employee ID {EmployeeId} attempted access to bucket ID {BucketId}, but not found in database", LoggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("Bucket not found", "Bucket not found", 404);
}
List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(em => em.BucketId == id).ToListAsync();
var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync();
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
EmployeeBucketMapping? employeeBucket = null;
if (permissionIds.Contains(directoryAdmin))
{
employeeBucket = employeeBuckets.FirstOrDefault();
}
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
{
employeeBucket = employeeBuckets.FirstOrDefault(eb => eb.EmployeeId == LoggedInEmployee.Id);
}
else
{
_logger.LogError("Employee {EmployeeId} attemped to access a contacts with in bucket {BucketId}, but do not have permission", LoggedInEmployee.Id, id);
return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401);
}
if (employeeBucket == null)
{
_logger.LogInfo("Employee ID {EmployeeId} does not have access to bucket ID {BucketId}", LoggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("You do not have access to this bucket.", "You do not have access to this bucket.", 401);
}
List<ContactBucketMapping> contactBucket = await _context.ContactBucketMappings.Where(cb => cb.BucketId == id).ToListAsync() ?? new List<ContactBucketMapping>();
List<ContactVM> contactVMs = new List<ContactVM>();
if (contactBucket.Count > 0)
@ -426,6 +476,33 @@ namespace Marco.Pms.Services.Helpers
return ApiResponse<object>.ErrorResponse("Contact not found", "Contact not found", 404);
}
var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync();
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync();
List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList();
if (permissionIds.Contains(directoryAdmin))
{
var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync();
bucketIds = buckets.Select(b => b.Id).ToList();
}
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
{
var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
var createdBucketIds = buckets.Select(b => b.Id).ToList();
bucketIds.AddRange(createdBucketIds);
bucketIds = bucketIds.Distinct().ToList();
}
else
{
_logger.LogError("Employee {EmployeeId} attemped to update a contact, but do not have permission", LoggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401);
}
List<ContactBucketMapping> contactBuckets = await _context.ContactBucketMappings.AsNoTracking().Where(m => m.ContactId == contact.Id && bucketIds.Contains(m.BucketId)).ToListAsync();
bucketIds = contactBuckets.Select(b => b.BucketId).Distinct().ToList();
var newContact = updateContact.ToContactFromUpdateContactDto(tenantId, contact);
_context.Contacts.Update(newContact);
await _context.SaveChangesAsync();
@ -435,8 +512,7 @@ namespace Marco.Pms.Services.Helpers
List<ContactEmail> emails = await _context.ContactsEmails.AsNoTracking().Where(p => p.ContactId == contact.Id).ToListAsync();
var emailIds = emails.Select(p => p.Id).ToList();
List<ContactBucketMapping> contactBuckets = await _context.ContactBucketMappings.AsNoTracking().Where(m => m.ContactId == contact.Id).ToListAsync();
var bucketIds = contactBuckets.Select(b => b.BucketId).Distinct().ToList();
List<ContactTagMapping> contactTags = await _context.ContactTagMappings.AsNoTracking().Where(m => m.ContactId == contact.Id).ToListAsync();
var tagIds = contactTags.Select(t => t.ContactTagId).Distinct().ToList();
@ -926,20 +1002,38 @@ namespace Marco.Pms.Services.Helpers
{
Guid tenantId = _userHelper.GetTenantId();
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync();
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
List<EmployeeBucketMapping> employeeBuckets = await _context.EmployeeBucketMappings.Where(b => b.EmployeeId == LoggedInEmployee.Id).ToListAsync();
var bucketIds = employeeBuckets.Select(b => b.BucketId).ToList();
List<Bucket> bucketList = await _context.Buckets.Where(b => bucketIds.Contains(b.Id)).ToListAsync();
List<Bucket> bucketList = new List<Bucket>();
if (permissionIds.Contains(directoryAdmin))
{
bucketList = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync();
}
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser))
{
bucketList = await _context.Buckets.Where(b => bucketIds.Contains(b.Id) || b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
}
else
{
_logger.LogError("Employee {EmployeeId} attemped to access a buckets list, but do not have permission", LoggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401);
}
List<BucketVM> bucketVMs = new List<BucketVM>();
if (bucketList.Any())
{
foreach (var bucket in bucketList)
{
BucketVM bucketVM = bucket.ToBucketVMFromBucket();
bucketVMs.Add(bucketVM);
}
}
_logger.LogInfo("{count} Buckets are fetched by Employee with ID {LoggedInEmployeeId}", bucketVMs.Count, LoggedInEmployee.Id);
return ApiResponse<object>.SuccessResponse(bucketVMs, System.String.Format("{0} buckets fetched successfully", bucketVMs.Count), 200);
return ApiResponse<object>.SuccessResponse(bucketVMs, $"{bucketVMs.Count} buckets fetched successfully", 200);
}
public async Task<ApiResponse<object>> CreateBucket(CreateBucketDto bucketDto)
{
@ -947,6 +1041,15 @@ namespace Marco.Pms.Services.Helpers
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
if (bucketDto != null)
{
var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync();
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
var demo = !permissionIds.Contains(directoryUser);
if (!permissionIds.Contains(directoryAdmin) && !permissionIds.Contains(directoryManager) && !permissionIds.Contains(directoryUser))
{
_logger.LogError("Employee {EmployeeId} attemped to create a bucket, but do not have permission", LoggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401);
}
var existingBucket = await _context.Buckets.FirstOrDefaultAsync(b => b.Name == bucketDto.Name);
if (existingBucket != null)
{
@ -985,12 +1088,39 @@ namespace Marco.Pms.Services.Helpers
var LoggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
if (bucketDto != null && id == bucketDto.Id)
{
var bucket = await _context.Buckets.FirstOrDefaultAsync(b => b.Id == bucketDto.Id && b.TenantId == tenantId);
var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync();
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
var bucketIds = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToListAsync();
Bucket? bucket = await _context.Buckets.FirstOrDefaultAsync(b => b.Id == bucketDto.Id && b.TenantId == tenantId);
if (bucket == null)
{
_logger.LogWarning("Employee ID {LoggedInEmployeeId} attempted to update a bucket but not found in database.", LoggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("Bucket not found", "Bucket not found", 404);
}
Bucket? accessableBucket = null;
if (permissionIds.Contains(directoryAdmin))
{
accessableBucket = bucket;
}
else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(id))
{
accessableBucket = bucket;
}
else if (permissionIds.Contains(directoryUser))
{
if (bucket.CreatedByID == LoggedInEmployee.Id)
{
accessableBucket = bucket;
}
}
if (accessableBucket == null)
{
_logger.LogError("Employee {EmployeeId} attempted to access bucket {BucketId} without the necessary permissions.", LoggedInEmployee.Id, bucket.Id);
return ApiResponse<object>.ErrorResponse("You don't have permission to access this bucket", "You don't have permission to access this bucket", 401);
}
bucket.Name = bucketDto.Name ?? "";
bucket.Description = bucketDto.Description ?? "";