using Asp.Versioning;
using Core.Cerberos.Adapters.Attributes;
using Core.Cerberos.Adapters.Common.Constants;
using Core.Cerberos.Application.UseCases.Roles.Input;
using Lib.Architecture.BuildingBlocks;
using LSA.Dashboard.External.Clients.Dashboard;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using System.Text.Json;
namespace Core.Cerberos.BFF.Api.Controllers
{
///
/// Handles all requests for role authentication.
///
[ApiVersion("1.0")]
[Route("api/v{version:apiVersion}/[controller]")]
[Consumes("application/json")]
[Produces("application/json")]
[ApiController]
[Authorize(AuthenticationSchemes = Schemes.HeathScheme)]
public class RoleController(ICerberosServiceClient cerberosServiceClient, ILogger logger) : BaseController(logger)
{
///
/// Gets all the roles.
///
[HttpGet("GetAll")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
[Permission("RoleManagement.Read")]
public async Task GetAllRolesService(CancellationToken cancellationToken)
{
try
{
logger.LogInformation($"{nameof(GetAllRolesService)} - Request received - Payload: ");
return await Handle(() => cerberosServiceClient.GetAllRolesService(new GetAllRolesRequest { }, cancellationToken)).ConfigureAwait(false);
}
catch (Exception ex)
{
logger.LogError($"{nameof(GetAllRolesService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload");
throw;
}
}
///
/// Creates a new role.
///
[HttpPost("Create")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
[Permission("RoleManagement.Write")]
public async Task CreateRoleService(CreateRoleRequest request, CancellationToken cancellationToken)
{
try
{
logger.LogInformation($"{nameof(CreateRoleService)} - Request received - Payload: {JsonSerializer.Serialize(request)}");
if (request == null) return BadRequest("Invalid role object");
if (string.IsNullOrEmpty(request.Name)) return BadRequest("Invalid role name");
if (string.IsNullOrEmpty(request.Description)) return BadRequest("Invalid role description");
if (request.Applications?.Length <= 0) return BadRequest("Role must have at least one application");
if (request.Modules?.Length <= 0) return BadRequest("Role must have at least one module");
if (request.Permissions?.Length <= 0) return BadRequest("Role must have at least one permission");
return await Handle(() => cerberosServiceClient.CreateRoleService(request, cancellationToken)).ConfigureAwait(false);
}
catch (Exception ex)
{
logger.LogError($"{nameof(CreateRoleService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(request)}");
throw;
}
}
///
/// Gets the role by identifier.
///
[HttpPost("GetById")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
[Permission("RoleManagement.Read")]
public async Task GetRoleByIdService(GetRoleRequest request, CancellationToken cancellationToken)
{
try
{
logger.LogInformation($"{nameof(GetRoleByIdService)} - Request received - Payload: {JsonSerializer.Serialize(request)}");
if (string.IsNullOrEmpty(request.Id)) return BadRequest("Invalid role identifier");
return await Handle(() => cerberosServiceClient.GetRoleByIdService(request, cancellationToken)).ConfigureAwait(false);
}
catch (Exception ex)
{
logger.LogError($"{nameof(GetRoleByIdService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(request)}");
throw;
}
}
///
/// Updates a full role by identifier.
///
[HttpPut("Update")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
[Permission("RoleManagement.Write")]
public async Task UpdateRoleService(UpdateRoleRequest request, CancellationToken cancellationToken)
{
try
{
logger.LogInformation($"{nameof(UpdateRoleService)} - Request received - Payload: {JsonSerializer.Serialize(request)}");
if (request == null) return BadRequest("Invalid role object");
if (string.IsNullOrEmpty(request.Name)) return BadRequest("Invalid role name");
if (string.IsNullOrEmpty(request.Id)) return BadRequest("Invalid role identifier");
if (string.IsNullOrEmpty(request.Description)) return BadRequest("Invalid role description");
if (request.Applications?.Length <= 0) return BadRequest("Role must have at least one application");
if (request.Modules?.Length <= 0) return BadRequest("Role must have at least one module");
if (request.Permissions?.Length <= 0) return BadRequest("Role must have at least one permission");
return await Handle(() => cerberosServiceClient.UpdateRoleService(request, cancellationToken)).ConfigureAwait(false);
}
catch (Exception ex)
{
logger.LogError($"{nameof(UpdateRoleService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(request)}");
throw;
}
}
///
/// Changes the status of the role.
///
[HttpPatch]
[Route("ChangeStatus")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status204NoContent)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
[Permission("RoleManagement.Write")]
public async Task ChangeRoleStatusService([FromBody] ChangeRoleStatusRequest request, CancellationToken cancellationToken)
{
try
{
logger.LogInformation($"{nameof(ChangeRoleStatusService)} - Request received - Payload: {JsonSerializer.Serialize(request)}");
if (string.IsNullOrEmpty(request.Id)) { return BadRequest("Invalid role identifier"); }
return await Handle(() => cerberosServiceClient.ChangeRoleStatusService(request, cancellationToken)).ConfigureAwait(false);
}
catch (Exception ex)
{
logger.LogError($"{nameof(ChangeRoleStatusService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(request)}");
throw;
}
}
///
/// Adds an application to the role's list of applications.
///
[HttpPost]
[Route("AddApplication")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status204NoContent)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
[Permission("RoleManagement.Write")]
public async Task AddApplicationToRoleService([FromBody] AddApplicationToRoleRequest request, CancellationToken cancellationToken)
{
try
{
logger.LogInformation($"{nameof(AddApplicationToRoleService)} - Request received - Payload: {JsonSerializer.Serialize(request)}");
if (string.IsNullOrEmpty(request.RoleId)) { return BadRequest("Invalid role identifier"); }
return await Handle(() => cerberosServiceClient.AddApplicationToRoleService(request, cancellationToken)).ConfigureAwait(false);
}
catch (Exception ex)
{
logger.LogError($"{nameof(AddApplicationToRoleService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(request)}");
throw;
}
}
///
/// Removes an application from the role's list of applications.
///
[HttpDelete]
[Route("RemoveApplication")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status204NoContent)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status412PreconditionFailed)]
[ProducesResponseType(typeof(Notification), StatusCodes.Status422UnprocessableEntity)]
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
[Permission("RoleManagement.Write")]
public async Task RemoveApplicationFromRoleService([FromBody] RemoveApplicationFromRoleRequest request, CancellationToken cancellationToken)
{
try
{
logger.LogInformation($"{nameof(RemoveApplicationFromRoleService)} - Request received - Payload: {JsonSerializer.Serialize(request)}");
if (string.IsNullOrEmpty(request.RoleId)) { return BadRequest("Invalid role identifier"); }
return await Handle(() => cerberosServiceClient.RemoveApplicationFromRoleService(request, cancellationToken)).ConfigureAwait(false);
}
catch (Exception ex)
{
logger.LogError($"{nameof(RemoveApplicationFromRoleService)} - An Error Occurred- {ex.Message} - {ex.InnerException} - {ex.StackTrace} - with payload {JsonSerializer.Serialize(request)}");
throw;
}
}
}
}