Skip to content

Commit

Permalink
Merge pull request #9 from ucdavis/Prototype
Browse files Browse the repository at this point in the history 
Prototype
  • Loading branch information
@bsedwards
bsedwards authored Jan 4, 2024
2 parents ca57771 + b48a310 commit df47a68
Show file tree
Hide file tree
Showing 375 changed files with 7,388 additions and 5,441 deletions.
206 changes: 206 additions & 0 deletions web/Areas/CMS/Controllers/CMSContentController.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,206 @@
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Viper.Areas.CMS.Models;
using Viper.Classes;
using Viper.Classes.SQLContext;
using Viper.Models.VIPER;
using Web.Authorization;

namespace Viper.Areas.CMS.Controllers
{
[Route("CMS/content")]
[Permission(Allow = "SVMSecure.CMS")]
public class CMSContentController : ApiController
{
private readonly VIPERContext _context;
public IUserHelper UserHelper;

public CMSContentController(VIPERContext context)
{
_context = context;
UserHelper = new UserHelper();
}

//GET: content
[HttpGet]
[Permission(Allow = "SVMSecure.CMS.ManageContentBlocks")]
public ActionResult<List<ContentBlock>> GetContentBlocks()
{
if (_context.ContentBlocks == null)
{
return NotFound();
}
return new Data.CMS().GetContentBlocks()?.ToList() ?? new List<ContentBlock>();
}

//PUT: content/5
[HttpPut("{contentBlockId}")]
[Permission(Allow = "SVMSecure.CMS.ManageContentBlocks")]
public async Task<ActionResult<ContentBlock>> UpdateContentBlock(int contentBlockId, CMSBlockAddEdit block)
{
//check data is valid and block is found
var existingBlock = _context.ContentBlocks.Find(contentBlockId);
if (existingBlock == null)
{
return NotFound();
}

if (contentBlockId != block.ContentBlockId)
{
return BadRequest();
}

string inputCheck = CheckBlockForRequiredFields(block);
if(!string.IsNullOrEmpty(inputCheck))
{
return BadRequest(inputCheck);
}

var friendlyNameCheck = new Data.CMS().GetContentBlocks(friendlyName: block.FriendlyName)?.FirstOrDefault();
if (friendlyNameCheck != null && friendlyNameCheck.ContentBlockId != contentBlockId)
{
return ValidationProblem("Friendly name must be unique");
}
else if (friendlyNameCheck != null)
{
_context.Entry(friendlyNameCheck).State = EntityState.Detached;
}

//modify database object
ModifyBlockWithUserInput(existingBlock, block);
_context.Entry(existingBlock).State = EntityState.Modified;

//save history
var contentHistory = new ContentHistory()
{
ContentBlockId = contentBlockId,
ContentBlockContent = block.Content,
ModifiedOn = DateTime.Now,
ModifiedBy = UserHelper.GetCurrentUser()?.LoginId
};
_context.ContentHistories.Add(contentHistory);

//save and return the saved block
await _context.SaveChangesAsync();
var returnBlock = new Data.CMS().GetContentBlocks(contentBlockId: contentBlockId)?.FirstOrDefault();
if(returnBlock == null)
{
return NotFound();
}
return returnBlock;
}

//POST: content
[HttpPost]
[Permission(Allow = "SVMSecure.CMS.ManageContentBlocks")]
public async Task<ActionResult<ContentBlock>> CreateContentBlock(CMSBlockAddEdit block)
{
string inputCheck = CheckBlockForRequiredFields(block);
if (!string.IsNullOrEmpty(inputCheck))
{
return BadRequest(inputCheck);
}
var friendlyNameCheck = new Data.CMS().GetContentBlocks(friendlyName: block.FriendlyName)?.FirstOrDefault();
if (friendlyNameCheck != null)
{
return ValidationProblem("Friendly name must be unique");
}

var newBlock = new ContentBlock();
ModifyBlockWithUserInput(newBlock, block);

_context.ContentBlocks.Add(newBlock);
await _context.SaveChangesAsync();

/*
foreach (var p in permissions)
{
block.ContentBlockToPermissions.Add(new ContentBlockToPermission
{
Permission = p,
ContentBlockId = block.ContentBlockId,
});
}
_context.Entry(block).State = EntityState.Modified;
*/

var contentHistory = new ContentHistory()
{
ContentBlockId = block.ContentBlockId,
ContentBlockContent = block.Content,
ModifiedOn = DateTime.Now,
ModifiedBy = UserHelper.GetCurrentUser()?.LoginId
};
_context.ContentHistories.Add(contentHistory);
await _context.SaveChangesAsync();

return newBlock;
}

//DELETE: content/5
[HttpDelete("{contentBlockId}")]
[Permission(Allow = "SVMSecure.CMS.ManageContentBlocks")]
public async Task<ActionResult<ContentBlock>> DeleteContentBlock(int contentBlockId)
{
var block = new Data.CMS().GetContentBlocks(contentBlockId: contentBlockId)?.FirstOrDefault();
if (block == null)
{
return NotFound();
}

block.DeletedOn = DateTime.Now;
block.ModifiedBy = UserHelper.GetCurrentUser()?.LoginId;
_context.Entry(block).State = EntityState.Modified;
await _context.SaveChangesAsync();
return block;
}

private string CheckBlockForRequiredFields(CMSBlockAddEdit userInput)
{
string errors = "";
if(string.IsNullOrEmpty(userInput.Title))
{
errors += "Title is required. ";
}
if (string.IsNullOrEmpty(userInput.System))
{
errors += "System is required. ";
}
return errors;
}

private void ModifyBlockWithUserInput(ContentBlock contentBlock, CMSBlockAddEdit userInput)
{
//update info
contentBlock.Title = userInput.Title;
contentBlock.Content = userInput.Content;
contentBlock.FriendlyName = userInput.FriendlyName;
contentBlock.System = userInput.System;
contentBlock.Application = userInput.Application;
contentBlock.Page = userInput.Page;
contentBlock.ViperSectionPath = userInput.ViperSectionPath;
contentBlock.AllowPublicAccess = userInput.AllowPublicAccess;
contentBlock.BlockOrder = userInput.BlockOrder;
contentBlock.ModifiedOn = DateTime.Now;
contentBlock.ModifiedBy = UserHelper.GetCurrentUser()?.LoginId;

//adjust permissions
//remove content block permisisons that are not in the user input
foreach (var cbp in contentBlock.ContentBlockToPermissions.Where(cbp => !userInput.Permissions.Contains(cbp.Permission)))
{
contentBlock.ContentBlockToPermissions.Remove(cbp);
}

//add new content block permissions, if they are not in the existing list
var existingPermissions = contentBlock.ContentBlockToPermissions.Select(p => p.Permission).ToList();
foreach (var p in userInput.Permissions.Where(p => !existingPermissions.Contains(p)))
{
contentBlock.ContentBlockToPermissions.Add(new ContentBlockToPermission
{
Permission = p,
ContentBlockId = userInput.ContentBlockId
});
}
}
}
}
13 changes: 8 additions & 5 deletions web/Areas/CMS/Data/CMS.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,7 @@ public CMS(VIPERContext viperContext, RAPSContext rapsContext) {
/// <summary>
/// Get content blocks without filtering on permissions
/// </summary>
/// <param name="contentBlockID"></param>
/// <param name="contentBlockId"></param>
/// <param name="friendlyName"></param>
/// <param name="system"></param>
/// <param name="viperSectionPath"></param>
Expand All @@ -133,14 +133,17 @@ public CMS(VIPERContext viperContext, RAPSContext rapsContext) {
/// <param name="allowPublicAccess"></param>
/// <param name="status"></param>
/// <returns>List of blocks</returns>
public IEnumerable<ContentBlock>? GetContentBlocks(int? contentBlockID, string? friendlyName, string? system, string? viperSectionPath, string? page, int? blockOrder, bool? allowPublicAccess, int? status)
public IEnumerable<ContentBlock>? GetContentBlocks(int? contentBlockId = null, string? friendlyName = null, string? system = null,
string? viperSectionPath = null, string? page = null, int? blockOrder = null,
bool? allowPublicAccess = null, int? status = null)
{
// get blocks based on paramenters
var blocks = _viperContext?.ContentBlocks
.Include(p => p.ContentBlockToPermissions)
.Include(f => f.ContentBlockToFiles)
.ThenInclude(cbf => cbf.File)
.Include(h => h.ContentHistories)
.Where(c => c.ContentBlockId.Equals(contentBlockID) || contentBlockID == null)
.Where(c => c.ContentBlockId.Equals(contentBlockId) || contentBlockId == null)
.Where(c => string.IsNullOrEmpty(c.FriendlyName) ? string.IsNullOrEmpty(friendlyName) : c.FriendlyName.Equals(friendlyName) || string.IsNullOrEmpty(friendlyName))
.Where(c => c.System.Equals(system) || string.IsNullOrEmpty(system))
.Where(c => string.IsNullOrEmpty(c.ViperSectionPath) ? string.IsNullOrEmpty(viperSectionPath) : c.ViperSectionPath.Equals(viperSectionPath) || string.IsNullOrEmpty(viperSectionPath))
Expand All @@ -160,8 +163,8 @@ public CMS(VIPERContext viperContext, RAPSContext rapsContext) {
foreach (var b in blocks)
{
// sanitize content
CleanResults results = antiSamy.Scan(b.ContentBlock1, policy);
b.ContentBlock1 = results.GetCleanHtml();
CleanResults results = antiSamy.Scan(b.Content, policy);
b.Content = results.GetCleanHtml();

}

Expand Down
81 changes: 81 additions & 0 deletions web/Areas/CMS/Data/LeftNavMenu.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
using Microsoft.EntityFrameworkCore;
using Viper.Areas.CMS.Models;
using Viper.Classes;
using Viper.Classes.SQLContext;
using Viper.Models.VIPER;

namespace Viper.Areas.CMS.Data
{
public class LeftNavMenu
{
private readonly VIPERContext? _viperContext;
private readonly RAPSContext? _rapsContext;

public IUserHelper UserHelper;

public LeftNavMenu()
{
this._viperContext = (VIPERContext?)HttpHelper.HttpContext?.RequestServices.GetService(typeof(VIPERContext));
this._rapsContext = (RAPSContext?)HttpHelper.HttpContext?.RequestServices.GetService(typeof(RAPSContext));
UserHelper = new UserHelper();
}

/// <summary>
/// Get one or more left nav
/// </summary>
/// <param name="leftNavMenuId">The primary key of the menu</param>
/// <param name="friendlyName">Friendly name of the menu</param>
/// <param name="system">System</param>
/// <param name="viperSectionPath">ViperSectionPath</param>
/// <param name="page">Page</param>
/// <param name="filterItemsByPermissions">If true, filter items based on the permission of the logged in user. Should be set to false for CMS management functions.</param>
/// <returns>List of menus matching the arguments</returns>
public IEnumerable<NavMenu>? GetLeftNavMenus(int? leftNavMenuId = null, string? friendlyName = null, string? system = null,
string? viperSectionPath = null, string? page = null, bool filterItemsByPermissions=true)
{
var menus = _viperContext?.LeftNavMenus
.Include(m => m.LeftNavItems
.OrderBy(i => i.DisplayOrder))
.ThenInclude(i => i.LeftNavItemToPermissions)
.Where(m => leftNavMenuId == null || m.LeftNavMenuId == leftNavMenuId)
.Where(m => string.IsNullOrEmpty(friendlyName) || m.FriendlyName == friendlyName)
.Where(m => string.IsNullOrEmpty(system) || m.System == system)
.Where(m => string.IsNullOrEmpty(viperSectionPath) || m.ViperSectionPath == viperSectionPath)
.Where(m => string.IsNullOrEmpty(page) || m.Page == page)
.ToList();
if(menus == null)
{
return null;
}

var currentUser = UserHelper.GetCurrentUser();
List<NavMenu> cmsMenus = new();
foreach(var m in menus)
{
//by default, filter items based on user permissions
List<NavMenuItem> items = new();
foreach(var item in m.LeftNavItems)
{
bool includeItem = !filterItemsByPermissions;
if(filterItemsByPermissions)
{
foreach (var p in item.LeftNavItemToPermissions)
{
if (UserHelper.HasPermission(_rapsContext, currentUser, p.Permission))
{
includeItem = true;
break;
}
}
}
if(includeItem)
{
items.Add(new(item));
}
}
cmsMenus.Add(new(m.MenuHeaderText, items));
}
return cmsMenus;
}
}
}
29 changes: 29 additions & 0 deletions web/Areas/CMS/Models/CMSBlockAddEdit.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
using Viper.Models.VIPER;

namespace Viper.Areas.CMS.Models
{
public class CMSBlockAddEdit
{
public int ContentBlockId { get; set; }

public string Content { get; set; } = null!;

public string? Title { get; set; }

public string System { get; set; } = null!;

public string? Application { get; set; }

public string? Page { get; set; }

public string? ViperSectionPath { get; set; }

public int? BlockOrder { get; set; }

public string? FriendlyName { get; set; }

public bool AllowPublicAccess { get; set; }

public ICollection<string> Permissions { get; set; } = new List<string>();
}
}
Loading

0 comments on commit df47a68

Please sign in to comment.