using CMS_CORE_Library.Models;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Security.Claims;
using System.Threading.Tasks;
using System.Web.Http;
using Thermo.Active.Database.Controllers;
using Thermo.Active.Model.DatabaseModels;
using Thermo.Active.Model.DTOModels;
using Thermo.Active.Model.DTOModels.MaintenanceModels;
using Thermo.Active.NC;
using Thermo.Active.Provider;
using static Thermo.Active.Config.ServerConfig;
using static Thermo.Active.Model.Constants;
namespace Thermo.Active.Controllers.WebApi
{
[RoutePrefix("api/maintenance_manager")]
public class ApiMaintenanceController : ApiController
{
///
/// Oggetto adapter condiviso da WebAPI
///
protected static NcAdapter ncAdapter = new NcAdapter();
[Route("maintenances"), HttpGet]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.READ)]
public IHttpActionResult GetMaintenances()
{
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
ncAdapter.Connect();
// Get list of maintenances with user's permission
CmsError libraryError = ncAdapter.GetMaintenancesWithPermissions(out List maintenances, Convert.ToInt32(userId.Value));
if (libraryError.IsError())
return BadRequest(libraryError.localizationKey);
return Ok(maintenances);
}
[Route("maintenance"), HttpPost]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.WRITE)]
public IHttpActionResult AddMaintenance([Required]DTONewMaintenanceModel newMaint)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
using (MaintenancesController maintenancesController = new MaintenancesController())
{
MaintenanceModel dbMaint = maintenancesController.Create(newMaint, Convert.ToInt32(userId.Value));
if (dbMaint.Type == MAINTENANCE_TYPE.MACHINE_INTERVAL)
{
ncAdapter.Connect();
CmsError libraryError = ncAdapter.GetMaintenanceDataById(dbMaint.MaintenanceId, Convert.ToInt32(userId.Value), out DTOMaintenanceModel maintenance);
if (libraryError.IsError())
{
maintenancesController.Delete(dbMaint);
return BadRequest(libraryError.localizationKey);
}
PerformedMaintenanceModel performed = maintenancesController.PerformeMaintenance(maintenance.OriginalPlcCounter / 60, dbMaint.MaintenanceId, Convert.ToInt32(userId.Value), -2);
if (performed == null)
{
maintenancesController.Delete(dbMaint);
return NotFound();
}
libraryError = ncAdapter.GetMaintenanceDataById(dbMaint.MaintenanceId, Convert.ToInt32(userId.Value), out DTOMaintenanceModel endMaintenance);
if (libraryError.IsError())
return BadRequest(libraryError.localizationKey);
return Ok(endMaintenance);
}
else
{
ncAdapter.Connect();
CmsError libraryError = ncAdapter.GetMaintenanceDataById(dbMaint.MaintenanceId, Convert.ToInt32(userId.Value), out DTOMaintenanceModel maintenance);
if (libraryError.IsError())
return BadRequest(libraryError.localizationKey);
return Ok(maintenance);
}
}
}
[Route("maintenance/{maintenanceId:int}"), HttpPut]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.WRITE)]
public IHttpActionResult EditMaintenance(int maintenanceId, [Required]DTOUpdateMaintenanceModel newMaint)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Find maintenance
MaintenanceModel dbMaint = maintenancesController.FindById(maintenanceId);
if (dbMaint == null)
return NotFound();
// Check if is created by CMS
if (dbMaint.UserId == null)
return Unauthorized();
using (MachinesUsersController machineUsersController = new MachinesUsersController())
{
// Check if user can edit the maintenance -> caller id - maintenance user id
int comparision = machineUsersController.CompareUsersRole(Convert.ToInt32(userId.Value), dbMaint.UserId.Value, MachineConfig.MachineId);
if (comparision < 0)
return Unauthorized();
}
// Update data
dbMaint = maintenancesController.Update(maintenanceId, newMaint);
ncAdapter.Connect();
CmsError libraryError = ncAdapter.GetMaintenanceDataById(dbMaint.MaintenanceId, Convert.ToInt32(userId.Value), out DTOMaintenanceModel maintenance);
if (libraryError.IsError())
return BadRequest(libraryError.localizationKey);
return Ok(maintenance);
}
}
[Route("maintenance/{maintenanceId:int}"), HttpDelete]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.WRITE)]
public IHttpActionResult DeleteMaintenance(int maintenanceId)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Check if maintenance id
MaintenanceModel dbMaint = maintenancesController.FindById(maintenanceId);
if (dbMaint == null)
return NotFound();
if (dbMaint.UserId == null)
return Unauthorized();
using (MachinesUsersController machineUsersController = new MachinesUsersController())
{
// Check if user can delete the maintenance -> caller id - maintenance user id
int comparision = machineUsersController.CompareUsersRole(Convert.ToInt32(userId.Value), dbMaint.UserId.Value, MachineConfig.MachineId);
if (comparision < 0)
return Unauthorized();
}
// Update data
maintenancesController.Delete(dbMaint);
return Ok();
}
}
[Route("maintenance/{maintenanceId:int}/performe"), HttpPost]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.WRITE)]
public IHttpActionResult PerformeMaintenance(int maintenanceId, DTOPasswordModel password)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
// Update data
ncAdapter.Connect();
CmsError libraryError = ncAdapter.GetMaintenanceDataById(maintenanceId, Convert.ToInt32(userId.Value), out DTOMaintenanceModel maintData);
if (libraryError.IsError())
return BadRequest(libraryError.localizationKey);
if (!maintData.CanPerform)
return Unauthorized();
using (MaintenancesController maintenancesController = new MaintenancesController())
{
libraryError = ncAdapter.GetNcGenericData(out DTONcGenericDataModel data);
if (libraryError.IsError())
return BadRequest(libraryError.localizationKey);
int controlWord = -1;
if (maintData.CreatedByCms)
{
bool passwordIsValid = maintenancesController.CheckPassword(password.Password, data.CmsMachineIdNumber, maintData.OriginalPlcCounter, out controlWord);
if (!passwordIsValid)
return BadRequest(API_ERROR_KEYS.PASSWORD_IS_INVALID);
}
// Check if maintenance id
PerformedMaintenanceModel performed = maintenancesController.PerformeMaintenance(maintData.OriginalPlcCounter / 60, maintenanceId, Convert.ToInt32(userId.Value), controlWord);
if (performed == null)
return NotFound();
libraryError = ncAdapter.GetMaintenanceDataById(maintenanceId, Convert.ToInt32(userId.Value), out maintData);
if (libraryError.IsError())
return BadRequest(libraryError.localizationKey);
return Ok(maintData);
}
}
public class DTOPasswordModel
{
public string Password { get; set; }
}
[Route("maintenance/{maintenanceId:int}/performs"), HttpGet]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.READ)]
public IHttpActionResult GetMaintenancePerforms(int maintenanceId)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Check if maintenance id
MaintenanceModel dbMaint = maintenancesController.FindById(maintenanceId);
if (dbMaint == null)
return NotFound();
// Update data
List performed = maintenancesController.GetPerformedMaintenancesFromId(maintenanceId);
return Ok(performed);
}
}
#region Note
[Route("maintenance/{maintenanceId:int}/note"), HttpGet]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.READ)]
public IHttpActionResult GetMaintenanceNotes(int maintenanceId)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Check if maintenance id
MaintenanceModel dbMaint = maintenancesController.FindById(maintenanceId);
if (dbMaint == null)
return NotFound();
// Update data
List notes = maintenancesController.GetNotesByMaintId(maintenanceId);
return Ok(notes);
}
}
[Route("maintenance/{maintenanceId:int}/note"), HttpPost]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.WRITE)]
public IHttpActionResult AddMaintenanceNote(int maintenanceId, DTONewMaintenanceNoteModel note)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Check if maintenance id
MaintenanceModel dbMaint = maintenancesController.FindById(maintenanceId);
if (dbMaint == null)
return NotFound();
// Update data
DTOMaintenanceNoteModel notes = maintenancesController.CreateNote(Convert.ToInt32(userId.Value), maintenanceId, note);
return Ok(notes);
}
}
[Route("maintenance/{maintenanceId:int}/note/{noteId:int}"), HttpPut]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.WRITE)]
public IHttpActionResult EditMaintenanceNote(int noteId, DTONewMaintenanceNoteModel newNote)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Check if maintenance id
MaintenanceNoteModel dbNote = maintenancesController.FindNoteById(noteId);
if (dbNote == null)
return NotFound();
// Check if user is different
if (dbNote.UserId != Convert.ToInt32(userId.Value))
return Unauthorized();
// Update data
DTOMaintenanceNoteModel notes = maintenancesController.UpdateNote(dbNote, newNote);
return Ok(notes);
}
}
[Route("maintenance/{maintenanceId:int}/note/{noteId:int}"), HttpDelete]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.WRITE)]
public IHttpActionResult DeleteMaintenanceNote(int noteId)
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Check if maintenance id
MaintenanceNoteModel dbNote = maintenancesController.FindNoteById(noteId);
if (dbNote == null)
return NotFound();
// Check if user is different
if (dbNote.UserId != Convert.ToInt32(userId.Value))
return Unauthorized();
// Update data
maintenancesController.DeleteNote(dbNote.Id);
return Ok();
}
}
#endregion Note
#region Attachment
[Route("maintenance/{maintenanceId:int}/attachments"), HttpGet]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.READ)]
public IHttpActionResult GetAttachments(int maintenanceId)
{
using (MaintenancesController maintenancesController = new MaintenancesController())
{
return Ok(maintenancesController.FindAttachmentByMaintenance(maintenanceId));
}
}
[Route("attachment/{attachmentId:int}"), HttpGet]
public IHttpActionResult GetAttachment(int attachmentId)
{
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Get single file
MaintenanceFileModel attachment = maintenancesController.FindAttachmentById(attachmentId);
// Check if exist in db or physically
if (attachment == null)
return NotFound();
if (!File.Exists(MAINTENANCE_ATTACHMENT_PATH + attachment.LocalFileName))
return NotFound();
return new FileResult(MAINTENANCE_ATTACHMENT_PATH + attachment.LocalFileName);
}
}
[Route("maintenance/{maintenanceId:int}/attachment"), HttpPost]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.WRITE)]
public async Task AddAttachment(int maintenanceId)
{
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
// Check whether the POST operation is MultiPart?
if (!Request.Content.IsMimeMultipartContent())
throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);
// Create CustomMultipartFormDataStreamProvider
CustomMultipartFormDataStreamProvider provider = new CustomMultipartFormDataStreamProvider(MAINTENANCE_ATTACHMENT_PATH);
// MultipartFormDataStreamProvider provider = new MultipartFormDataStreamProvider(MAINTENANCE_ATTACHMENT_PATH);
List files = new List();
// Read all contents of multipart message into CustomMultipartFormDataStreamProvider.
var result = await Request.Content.ReadAsMultipartAsync(provider);
MaintenanceFileModel attachment = null;
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Remove foreach
foreach (MultipartFileData file in provider.FileData)
{
var fileName = Path.GetFileName(file.LocalFileName);
files.Add(fileName);
attachment = maintenancesController.AddAttachment(file.Headers.ContentDisposition.FileName.Replace("\"", string.Empty), fileName, maintenanceId, Convert.ToInt32(userId.Value));
}
}
// Send OK Response along with saved file names to the client.
return Ok(attachment);
}
[Route("attachment/{attachmentId:int}"), HttpDelete]
[WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.MAINTENANCE, Action = ACTIONS.WRITE)]
public IHttpActionResult DeleteAttachment(int attachmentId)
{
var identity = User.Identity as ClaimsIdentity;
// Find user id from the bearer token
var userId = identity.Claims.FirstOrDefault(c => c.Type == USER_ID_KEY);
using (MaintenancesController maintenancesController = new MaintenancesController())
{
// Get single file
MaintenanceFileModel attachment = maintenancesController.FindAttachmentById(attachmentId);
// Check if exist in db or physically
if (attachment == null)
return NotFound();
// Check user
if (attachment.UserId != Convert.ToInt32(userId.Value))
return Unauthorized();
maintenancesController.DeleteAttachment(attachment);
return Ok();
}
}
#endregion Attachment
}
}