Endpoint to manage permissions

daniel-lerch · Jul 10, 2024 · 883ce3e · 883ce3e
1 parent 37407cc
commit 883ce3e
Show file tree

Hide file tree

Showing 3 changed files with 102 additions and 1 deletion.
diff --git a/server/Korga/Controllers/PermissionController.cs b/server/Korga/Controllers/PermissionController.cs
@@ -1,4 +1,5 @@
-using Korga.Filters;
+using Korga.Extensions;
+using Korga.Filters;
 using Korga.Filters.Entities;
 using Korga.Models.Json;
 using Microsoft.AspNetCore.Authorization;
@@ -51,4 +52,59 @@ public async Task<IActionResult> Get()
 
         return new JsonResult(response);
     }
+
+    [HttpPost("~/api/permission/{key}")]
+    public async Task<IActionResult> AddFilter(string key, [FromBody] PersonFilterRequest request)
+    {
+        if (!await filterService.HasPermission(User, "permissions:modify"))
+            return StatusCode(StatusCodes.Status403Forbidden);
+
+        Permission? permission = await database.Permissions.Include(p => p.PersonFilterList).FirstOrDefaultAsync(p => p.Key == key);
+
+        if (permission == null)
+            return StatusCode(StatusCodes.Status404NotFound);
+
+        try
+        {
+            PersonFilter filter = request.ToEntity();
+            if (permission.PersonFilterList == null)
+            {
+                permission.PersonFilterList = new() { Filters = [filter] };
+            }
+            else
+            {
+                filter.PersonFilterListId = permission.PersonFilterList.Id;
+                database.PersonFilters.Add(filter);
+            }
+            await database.SaveChangesAsync();
+        }
+        catch (DbUpdateException ex) when (ex.IsForeignKeyConstraintViolation())
+        {
+            return StatusCode(StatusCodes.Status400BadRequest);
+        }
+
+        return StatusCode(StatusCodes.Status204NoContent);
+    }
+
+    [HttpDelete("~/api/permission/{key}/{filterId}")]
+    public async Task<IActionResult> RemoveFilter(string key, int filterId)
+    {
+        if (!await filterService.HasPermission(User, "permissions:modify"))
+            return StatusCode(StatusCodes.Status403Forbidden);
+
+        Permission? permission = await database.Permissions.FirstOrDefaultAsync(p => p.Key == key);
+
+        if (permission == null)
+            return StatusCode(StatusCodes.Status404NotFound);
+
+        PersonFilter? filter = await database.PersonFilters.SingleOrDefaultAsync(f => f.Id == filterId && f.PersonFilterListId == permission.PersonFilterListId);
+
+        if (filter == null)
+            return StatusCode(StatusCodes.Status404NotFound);
+
+        database.PersonFilters.Remove(filter);
+        await database.SaveChangesAsync();
+
+        return StatusCode(StatusCodes.Status204NoContent);
+    }
 }
diff --git a/server/Korga/Extensions/DbUpdateExceptionExtensions.cs b/server/Korga/Extensions/DbUpdateExceptionExtensions.cs
@@ -9,4 +9,9 @@ public static bool IsUniqueConstraintViolation(this DbUpdateException exception)
     {
         return exception.InnerException is MySqlException sqlException && sqlException.Number == 1062;
     }
+
+    public static bool IsForeignKeyConstraintViolation(this DbUpdateException exception)
+    {
+        return exception.InnerException is MySqlException sqlException && sqlException.Number == 1452;
+    }
 }
diff --git a/server/Korga/Models/Json/PersonFilterRequest.cs b/server/Korga/Models/Json/PersonFilterRequest.cs
@@ -0,0 +1,40 @@
+using Korga.Filters.Entities;
+using System;
+
+namespace Korga.Models.Json;
+
+public class PersonFilterRequest
+{
+    public required string Discriminator { get; init; }
+    public int? StatusId { get; init; }
+    public int? GroupId { get; init; }
+    public int? GroupTypeId { get; init; }
+    public int? GroupRoleId { get; init; }
+    public int? PersonId { get; init; }
+
+    public PersonFilter ToEntity()
+    {
+        return Discriminator switch
+        {
+            nameof(StatusFilter) => new StatusFilter
+            {
+                StatusId = StatusId.GetValueOrDefault()
+            },
+            nameof(GroupFilter) => new GroupFilter
+            {
+                GroupId = GroupId.GetValueOrDefault(),
+                GroupRoleId = GroupRoleId
+            },
+            nameof(GroupTypeFilter) => new GroupTypeFilter
+            {
+                GroupTypeId = GroupTypeId.GetValueOrDefault(),
+                GroupRoleId = GroupRoleId
+            },
+            nameof(SinglePerson) => new SinglePerson
+            {
+                PersonId = PersonId.GetValueOrDefault()
+            },
+            _ => throw new ArgumentException($"Invalid filter type {Discriminator}")
+        };
+    }
+}