dcovington
/
Campaign_Tracker
1
0
Fork 0
Koodi Ongelmat 4 Pull-pyynnöt 0 Julkaisut 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
45 Commitit
2 Branchit
17MB
Puu: 896c109d20
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '896c109d20'
${ noResults }
Campaign_Tracker/Campaign_Tracker.Server/Controllers/MunicipalityProfileControll...

162 lines
6.3KB
Raaka Blame Historia 

  1. using System.Security.Claims;

  2. using Campaign_Tracker.Server.Audit;

  3. using Campaign_Tracker.Server.Authorization;

  4. using Campaign_Tracker.Server.LegacyData;

  5. using Campaign_Tracker.Server.Municipalities;

  6. using Microsoft.AspNetCore.Authorization;

  7. using Microsoft.AspNetCore.Mvc;

  8. 

  9. namespace Campaign_Tracker.Server.Controllers;

  10. 

  11. /// <summary>

  12. /// Municipality account profile management (Story 1.10).

  13. /// Accessible to ClientServices and Admin roles (HasAny check includes Admin bypass).

  14. /// </summary>

  15. [ApiController]

  16. [Authorize(Policy = ApplicationPolicy.ClientServicesAccess)]

  17. [Route("api/municipalities/profiles")]

  18. public sealed class MunicipalityProfileController : ControllerBase

  19. {

  20.     private readonly IMunicipalityProfileRepository _profiles;

  21.     private readonly ILegacyDataAccess _legacyData;

  22.     private readonly IAuditService _audit;

  23.     private readonly TimeProvider _timeProvider;

  24. 

  25.     public MunicipalityProfileController(

  26.         IMunicipalityProfileRepository profiles,

  27.         ILegacyDataAccess legacyData,

  28.         IAuditService audit,

  29.         TimeProvider timeProvider)

  30.     {

  31.         _profiles = profiles;

  32.         _legacyData = legacyData;

  33.         _audit = audit;

  34.         _timeProvider = timeProvider;

  35.     }

  36. 

  37.     // ── Available legacy jurisdictions (JCode picker source) ─────────────────

  38. 

  39.     [HttpGet("/api/municipalities/jurisdictions")]

  40.     public async Task<ActionResult<IReadOnlyList<LegacyJurisdictionResponse>>> GetJurisdictions(

  41.         CancellationToken cancellationToken)

  42.     {

  43.         var jurisdictions = await _legacyData.GetAllJurisdictionsAsync(cancellationToken);

  44.         return Ok(jurisdictions

  45.             .Select(j => new LegacyJurisdictionResponse(j.JCode, j.Name))

  46.             .ToArray());

  47.     }

  48. 

  49.     // ── AC #1, AC #2: create and immediately return the combined view ─────────

  50. 

  51.     [HttpPost]

  52.     public async Task<ActionResult<MunicipalityProfileResponse>> Create(

  53.         [FromBody] CreateMunicipalityProfileRequest request,

  54.         CancellationToken cancellationToken)

  55.     {

  56.         var actor = GetActor();

  57.         var result = await _profiles.CreateAsync(request.JCode, request.DisplayName, actor, cancellationToken);

  58. 

  59.         if (!result.Saved || result.Profile is null)

  60.             return UnprocessableEntity(new MunicipalityProfileProblem(result.Error ?? "Save failed."));

  61. 

  62.         // AC #3: audit the creation

  63.         _audit.Record(new AuditEvent(

  64.             EventType: "MUNICIPALITY_PROFILE_CREATED",

  65.             ActorIdentity: actor,

  66.             Resource: $"municipalities/profiles/{result.Profile.ProfileId}",

  67.             Outcome: $"created JCode={result.Profile.JCode}",

  68.             TraceIdentifier: HttpContext.TraceIdentifier,

  69.             RecordedAt: _timeProvider.GetUtcNow()));

  70. 

  71.         var view = await _profiles.GetByIdAsync(result.Profile.ProfileId, cancellationToken);

  72.         if (view is null)

  73.             return StatusCode(500, new MunicipalityProfileProblem("Profile was saved but could not be retrieved."));

  74.         return Ok(MunicipalityProfileResponse.From(view));

  75.     }

  76. 

  77.     // ── AC #2: list all profiles with resolved legacy data ───────────────────

  78. 

  79.     [HttpGet]

  80.     public async Task<ActionResult<IReadOnlyList<MunicipalityProfileResponse>>> GetAll(

  81.         CancellationToken cancellationToken)

  82.     {

  83.         var views = await _profiles.GetAllAsync(cancellationToken);

  84.         return Ok(views.Select(MunicipalityProfileResponse.From).ToArray());

  85.     }

  86. 

  87.     [HttpGet("{profileId}")]

  88.     public async Task<ActionResult<MunicipalityProfileResponse>> GetById(

  89.         string profileId,

  90.         CancellationToken cancellationToken)

  91.     {

  92.         var view = await _profiles.GetByIdAsync(profileId, cancellationToken);

  93.         return view is null ? NotFound() : Ok(MunicipalityProfileResponse.From(view));

  94.     }

  95. 

  96.     // ── AC #3: update with audit log ─────────────────────────────────────────

  97. 

  98.     [HttpPut("{profileId}")]

  99.     public async Task<ActionResult<MunicipalityProfileResponse>> Update(

  100.         string profileId,

  101.         [FromBody] UpdateMunicipalityProfileRequest request,

  102.         CancellationToken cancellationToken)

  103.     {

  104.         var actor = GetActor();

  105.         var result = await _profiles.UpdateAsync(profileId, request.DisplayName, actor, cancellationToken);

  106. 

  107.         if (!result.Saved || result.Profile is null)

  108.         {

  109.             if (result.IsNotFound)

  110.                 return NotFound(new MunicipalityProfileProblem(result.Error ?? "Profile not found."));

  111.             return UnprocessableEntity(new MunicipalityProfileProblem(result.Error ?? "Update failed."));

  112.         }

  113. 

  114.         _audit.Record(new AuditEvent(

  115.             EventType: "MUNICIPALITY_PROFILE_UPDATED",

  116.             ActorIdentity: actor,

  117.             Resource: $"municipalities/profiles/{profileId}",

  118.             Outcome: "updated display name",

  119.             TraceIdentifier: HttpContext.TraceIdentifier,

  120.             RecordedAt: _timeProvider.GetUtcNow()));

  121. 

  122.         var view = await _profiles.GetByIdAsync(profileId, cancellationToken);

  123.         if (view is null)

  124.             return StatusCode(500, new MunicipalityProfileProblem("Profile was updated but could not be retrieved."));

  125.         return Ok(MunicipalityProfileResponse.From(view));

  126.     }

  127. 

  128.     private string GetActor() =>

  129.         User.Identity?.Name

  130.         ?? User.FindFirstValue(ClaimTypes.NameIdentifier)

  131.         ?? "unknown";

  132. }

  133. 

  134. public sealed record CreateMunicipalityProfileRequest(string JCode, string? DisplayName);

  135. 

  136. public sealed record UpdateMunicipalityProfileRequest(string? DisplayName);

  137. 

  138. public sealed record MunicipalityProfileResponse(

  139.     string ProfileId,

  140.     string JCode,

  141.     string? DisplayName,

  142.     string UpdatedAt,

  143.     string UpdatedBy,

  144.     string? LegacyName,

  145.     string? LegacyMailingAddress,

  146.     string? LegacyCityStateZip)

  147. {

  148.     public static MunicipalityProfileResponse From(MunicipalityProfileView view) =>

  149.         new(view.Profile.ProfileId,

  150.             view.Profile.JCode,

  151.             view.Profile.DisplayName,

  152.             view.Profile.UpdatedAt.ToString("O"),

  153.             view.Profile.UpdatedBy,

  154.             view.LegacyName,

  155.             view.LegacyMailingAddress,

  156.             view.LegacyCityStateZip);

  157. }

  158. 

  159. public sealed record MunicipalityProfileProblem(string Error);

  160. 

  161. public sealed record LegacyJurisdictionResponse(string JCode, string? Name);

Powered by TurnKey Linux.