DN-3423 feat: Events occuring multiple times (#34)

* DN-3423 feat: Events occuring multiple times

* DN-3423 Fixed some small issues

* DN-3423 Added nuget

* DN-3423 Store type of operation in eventlog (insert, update). Delete needs to be implmented in other branch

* DN-3423 Handle deletion of events

* DN-3423 Made eventlog operation enum and did some refactorings

* DN-3423 chore: formatting

* DN-3423 Fixed issue where enum wasnt serialized as string

---------

Co-authored-by: Gerrit Oomens <[email protected]>

Author: raboer

UvA.Workflow.Api/Actions/ActionsController.cs

@@ -1,12 +1,12 @@
 using UvA.Workflow.Api.Actions.Dtos;
 using UvA.Workflow.Api.Infrastructure;
-using UvA.Workflow.Api.WorkflowInstances;
 using UvA.Workflow.Api.WorkflowInstances.Dtos;
 
 namespace UvA.Workflow.Api.Actions;
 
 public class ActionsController(
     IWorkflowInstanceRepository workflowInstanceRepository,
+    IUserService userService,
     RightsService rightsService,
     TriggerService triggerService,
     WorkflowInstanceDtoFactory workflowInstanceDtoFactory,
@@ -17,6 +17,10 @@ InstanceService instanceService
     public async Task<ActionResult<ExecuteActionPayloadDto>> ExecuteAction([FromBody] ExecuteActionInputDto input,
         CancellationToken ct)
     {
+        var currentUser = await userService.GetCurrentUser(ct);
+        if (currentUser == null)
+            return Unauthorized();
+
         var instance = await workflowInstanceRepository.GetById(input.InstanceId, ct);
         if (instance == null)
             return WorkflowInstanceNotFound;
@@ -38,7 +42,7 @@ public async Task<ActionResult<ExecuteActionPayloadDto>> ExecuteAction([FromBody
                 if (action == null)
                     return Forbidden();
 
-                await triggerService.RunTriggers(instance, action.Triggers, ct, input.Mail);
+                await triggerService.RunTriggers(instance, action.Triggers, currentUser, ct, input.Mail);
                 await instanceService.UpdateCurrentStep(instance, ct);
                 break;
         }

UvA.Workflow.Api/Authentication/SurfConextAuthenticationHandler.cs

@@ -8,8 +8,8 @@ namespace UvA.Workflow.Api.Authentication;
 
 public class SurfConextAuthenticationHandler : AuthenticationHandler<SurfConextOptions>
 {
-    private const string SURFCONEXT_ERROR = "SurfConextError";
-    public static string Scheme => "SURFconext";
+    private const string SurfconextError = "SurfConextError";
+    public static string SchemeName => "SURFconext";
 
     /// <summary>
     /// implements the behavior of the SurfConext scheme to authenticate users.
@@ -56,7 +56,7 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
         var cacheKey = $"bt_{bearerToken}";
 
         if (cache.TryGetValue(cacheKey, out ClaimsPrincipal? cachedPrincipal))
-            return AuthenticateResult.Success(new AuthenticationTicket(cachedPrincipal!, Scheme));
+            return AuthenticateResult.Success(new AuthenticationTicket(cachedPrincipal!, SchemeName));
 
         var resp = await ValidateSurfBearerToken(bearerToken);
         if (resp == null)
@@ -81,7 +81,7 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
 
         await userService.AddOrUpdateUser(principal.Identity!.Name!, resp.FullName, resp.Email);
 
-        return AuthenticateResult.Success(new AuthenticationTicket(principal, Scheme));
+        return AuthenticateResult.Success(new AuthenticationTicket(principal, SchemeName));
     }
 
     protected override Task HandleChallengeAsync(AuthenticationProperties properties)
@@ -91,7 +91,7 @@ protected override Task HandleChallengeAsync(AuthenticationProperties properties
             {
                 Status = StatusCodes.Status401Unauthorized,
                 Title = "Unauthorized",
-                Detail = Context.Items[SURFCONEXT_ERROR] as string ?? "Unauthorized",
+                Detail = Context.Items[SurfconextError] as string ?? "Unauthorized",
                 Instance = Context.Request.Path.Value
             },
             new JsonSerializerOptions(JsonSerializerDefaults.Web));
@@ -112,7 +112,7 @@ protected override Task HandleChallengeAsync(AuthenticationProperties properties
                 "Token validation failed: SurfConext returned status {Code}: {Response}, ClientId:{ClientId}, Secret:{ClientSecret}",
                 response.StatusCode, content, OptionsMonitor.CurrentValue.ClientId,
                 OptionsMonitor.CurrentValue.ClientSecret?[..4]);
-            Context.Items[SURFCONEXT_ERROR] =
+            Context.Items[SurfconextError] =
                 $"Token validation failed: SurfConext returned status {response.StatusCode}, check the logs for details";
             return null;
         }
@@ -124,7 +124,7 @@ protected override Task HandleChallengeAsync(AuthenticationProperties properties
         catch (Exception ex)
         {
             Logger.LogError(ex, "Token validation failed: unable to deserialize response: {Response}", content);
-            Context.Items[SURFCONEXT_ERROR] =
+            Context.Items[SurfconextError] =
                 $"Token validation failed: unable to deserialize response from SurfConext, check the logs for details";
             return null;
         }
@@ -148,7 +148,7 @@ private static ClaimsPrincipal CreateClaimsPrincipal(IntrospectionResponse r)
 
         if (r.Uids is { Length: > 0 } && !string.IsNullOrWhiteSpace(r.Uids[0]))
         {
-            claims.Add(new Claim(ClaimTypes.NameIdentifier, r.Uids[0]));
+            claims.Add(new Claim(ClaimTypes.NameIdentifier, UvaClaimTypes.UvanetId));
             claims.Add(new Claim(UvaClaimTypes.UvanetId, r.Uids[0]));
         }
 
@@ -177,7 +177,7 @@ private static ClaimsPrincipal CreateClaimsPrincipal(IntrospectionResponse r)
             claims.Add(new Claim("updated_at",
                 r.UpdatedAt.Value.ToString(System.Globalization.CultureInfo.InvariantCulture)));
 
-        var identity = new ClaimsIdentity(claims, Scheme, UvaClaimTypes.UvanetId, ClaimTypes.Role);
+        var identity = new ClaimsIdentity(claims, SchemeName, UvaClaimTypes.UvanetId, ClaimTypes.Role);
         return new ClaimsPrincipal(identity);
     }
 }

UvA.Workflow.Api/Authentication/SurfConextExtensions.cs

@@ -31,7 +31,8 @@ public static IServiceCollection AddSurfConextAuthentication(this IServiceCollec
 
         services.AddAuthentication(authOptions =>
         {
-            authOptions.AddScheme<SurfConextAuthenticationHandler>(SurfConextAuthenticationHandler.Scheme, null);
+            authOptions.AddScheme<SurfConextAuthenticationHandler>(SurfConextAuthenticationHandler.SchemeName,
+                null);
         });
 
         services.AddSwaggerGen(c =>

UvA.Workflow.Api/Events/EventsController.cs

@@ -1,19 +1,27 @@
 using UvA.Workflow.Api.Infrastructure;
+using UvA.Workflow.Events;
 
 namespace UvA.Workflow.Api.Events;
 
 [Route("/WorkflowInstances/{instanceId}/Events")]
-public class EventsController(IWorkflowInstanceRepository workflowRepository, InstanceService instanceService)
+public class EventsController(
+    IWorkflowInstanceRepository workflowRepository,
+    IUserService userService,
+    IInstanceEventService eventService)
     : ApiControllerBase
 {
     [HttpDelete]
     [Route("{eventName}")]
     public async Task<IActionResult> DeleteEvent(string instanceId, string eventName, CancellationToken ct)
     {
+        var user = await userService.GetCurrentUser(ct);
+        if (user == null)
+            return Unauthorized();
+
         var instance = await workflowRepository.GetById(instanceId, ct);
         if (instance == null)
             return WorkflowInstanceNotFound;
-        await instanceService.DeleteEvent(instance, eventName, ct);
+        await eventService.DeleteEvent(instance, eventName, user, ct);
         return Ok();
     }
 }

UvA.Workflow.Api/Infrastructure/ServiceCollectionExtentions.cs

@@ -1,5 +1,6 @@
 using UvA.Workflow.Api.Screens;
 using UvA.Workflow.Api.Submissions.Dtos;
+using UvA.Workflow.Events;
 using UvA.Workflow.Infrastructure.Database;
 using UvA.Workflow.Persistence;
 using UvA.Workflow.Submissions;
@@ -26,6 +27,7 @@ public static IServiceCollection AddWorkflow(this IServiceCollection services, I
         // Register repositories - organized by domain feature
         services.AddScoped<IWorkflowInstanceRepository, WorkflowInstanceRepository>();
         services.AddScoped<IUserRepository, UserRepository>();
+        services.AddScoped<IInstanceEventRepository, InstanceEventRepository>();
 
         services.AddScoped<WorkflowInstanceService>();
         services.AddScoped<IUserService, UserService>();
@@ -39,6 +41,8 @@ public static IServiceCollection AddWorkflow(this IServiceCollection services, I
         services.AddScoped<AnswerDtoFactory>();
 
         services.AddScoped<InstanceService>();
+        services.AddScoped<IInstanceEventService, InstanceEventService>();
+
         services.AddScoped<RightsService>();
         services.AddScoped<TriggerService>();
         services.AddScoped<AnswerConversionService>();

UvA.Workflow.Api/Screens/ScreenDataService.cs

@@ -1,4 +1,5 @@
 using UvA.Workflow.Api.Screens.Dtos;
+using UvA.Workflow.Events;
 using UvA.Workflow.Tools;
 
 namespace UvA.Workflow.Api.Screens;

UvA.Workflow.Api/Submissions/Dtos/SubmissionDto.cs

@@ -1,4 +1,5 @@
 using UvA.Workflow.Api.Infrastructure;
+using UvA.Workflow.Events;
 using UvA.Workflow.Submissions;
 
 namespace UvA.Workflow.Api.Submissions.Dtos;

UvA.Workflow.Api/Submissions/SubmissionsController.cs

@@ -6,6 +6,7 @@
 namespace UvA.Workflow.Api.Submissions;
 
 public class SubmissionsController(
+    IUserService userService,
     ModelService modelService,
     SubmissionService submissionService,
     SubmissionDtoFactory submissionDtoFactory,
@@ -26,15 +27,19 @@ public async Task<ActionResult<SubmissionDto>> GetSubmission(string instanceId,
     public async Task<ActionResult<SubmitSubmissionResult>> SubmitSubmission(string instanceId, string submissionId,
         CancellationToken ct)
     {
+        var currentUser = await userService.GetCurrentUser(ct);
+        if (currentUser == null)
+            return Unauthorized();
         var context = await submissionService.GetSubmissionContext(instanceId, submissionId, ct);
         var (instance, sub, form, _) = context;
-        var result = await submissionService.SubmitSubmission(context, ct);
+        var result = await submissionService.SubmitSubmission(context, currentUser, ct);
 
         if (!result.Success)
         {
             var submissionDto = submissionDtoFactory.Create(instance, form, sub,
                 modelService.GetQuestionStatus(instance, form, true));
-            return Ok(new SubmitSubmissionResult(submissionDto, null, result.Errors, false));
+
+            return UnprocessableEntity(new SubmitSubmissionResult(submissionDto, null, result.Errors, false));
         }
 
         var finalSubmissionDto = submissionDtoFactory.Create(instance, form, instance.Events[submissionId],

UvA.Workflow.Api/WorkflowInstances/Dtos/WorkflowInstanceDto.cs

@@ -1,6 +1,7 @@
 using UvA.Workflow.Api.Actions.Dtos;
 using UvA.Workflow.Api.EntityTypes.Dtos;
 using UvA.Workflow.Api.Submissions.Dtos;
+using UvA.Workflow.Events;
 
 namespace UvA.Workflow.Api.WorkflowInstances.Dtos;
 

UvA.Workflow.Tests/Builders/EventBuilder.cs

@@ -1,3 +1,4 @@
+using UvA.Workflow.Events;
 using UvA.Workflow.WorkflowInstances;
 
 namespace UvA.Workflow.Tests;