filter/check documenten op eigenaar

ODPC.Server/Features/Documenten/DocumentBijwerken/DocumentBijwerkenController.cs

@@ -1,25 +1,40 @@
 using Microsoft.AspNetCore.Mvc;
 using ODPC.Apis.Odrc;
+using ODPC.Authentication;
 
 namespace ODPC.Features.Documenten.DocumentBijwerken
 {
     [ApiController]
-    public class DocumentBijwerkenController(IOdrcClientFactory clientFactory) : ControllerBase
+    public class DocumentBijwerkenController(IOdrcClientFactory clientFactory, OdpcUser user) : ControllerBase
     {
-        [HttpPut("api/{apiVersion}/documenten/{uuid:guid}")]
-        public async Task<IActionResult> Put(string apiVersion, Guid uuid, PublicatieDocument document, CancellationToken token)
+        [HttpPut("api/{version}/documenten/{uuid:guid}")]
+        public async Task<IActionResult> Put(string version, Guid uuid, PublicatieDocument document, CancellationToken token)
         {
             using var client = clientFactory.Create("Document bijwerken");
 
-            // TODO: check eigenaar
+            var url = $"/api/{version}/documenten/{uuid}";
 
-            var url = "/api/" + apiVersion + "/documenten/" + uuid;
+            // document ophalen
+            using var getResponse = await client.GetAsync(url, HttpCompletionOption.ResponseContentRead, token);
 
-            var response = await client.PutAsJsonAsync(url, document, token);
+            if (!getResponse.IsSuccessStatusCode)
+            {
+                return StatusCode(502);
+            }
 
-            response.EnsureSuccessStatusCode();
+            var json = await getResponse.Content.ReadFromJsonAsync<PublicatieDocument>(token);
 
-            var viewModel = await response.Content.ReadFromJsonAsync<PublicatieDocument>(token);
+            if (json?.Eigenaar?.identifier != user.Id)
+            {
+                return NotFound();
+            }
+
+            // document bijwerken
+            var putResponse = await client.PutAsJsonAsync(url, document, token);
+
+            putResponse.EnsureSuccessStatusCode();
+
+            var viewModel = await putResponse.Content.ReadFromJsonAsync<PublicatieDocument>(token);
 
             return Ok(viewModel);
         }

ODPC.Server/Features/Documenten/DocumentDownload/DocumentDownloadController.cs

@@ -1,28 +1,33 @@
 using Microsoft.AspNetCore.Mvc;
 using ODPC.Apis.Odrc;
+using ODPC.Authentication;
 
 namespace ODPC.Features.Documenten.DocumentDownload
 {
-    public class DocumentDownloadController(IOdrcClientFactory clientFactory) : ControllerBase
+    public class DocumentDownloadController(IOdrcClientFactory clientFactory, OdpcUser user) : ControllerBase
     {
-        [HttpGet("api/{apiVersion}/documenten/{uuid:guid}/download")]
-        public async Task<IActionResult> Get(string apiVersion, Guid uuid, CancellationToken token)
+        [HttpGet("api/{version}/documenten/{uuid:guid}/download")]
+        public async Task<IActionResult> Get(string version, Guid uuid, CancellationToken token)
         {
-            using var client = clientFactory.Create("Document downloaden");
+            using var client = clientFactory.Create("Document ophalen");
 
-            // TODO: check eigenaar
+            var url = $"/api/{version}/documenten/{uuid}";
 
-            var url = "/api/" + apiVersion + "/documenten/" + uuid + "/download";
+            using var response = await client.GetAsync(url, HttpCompletionOption.ResponseContentRead, token);
 
-            var response = await client.GetAsync(url, token);
+            if (!response.IsSuccessStatusCode)
+            {
+                return StatusCode(502);
+            }
 
-            response.EnsureSuccessStatusCode();
+            var json = await response.Content.ReadFromJsonAsync<PublicatieDocument>(token);
 
-            var contentType = response.Content.Headers.ContentType?.ToString() ?? "application/octet-stream";
-            var fileName = response.Content.Headers.ContentDisposition?.FileName?.Trim('"') ?? "woo_document";
-            var fileStream = await response.Content.ReadAsStreamAsync(token);
+            if (json?.Eigenaar?.identifier != user.Id)
+            {
+                return NotFound();
+            }
 
-            return File(fileStream, contentType, fileName);
+            return new DocumentDownloadResult(Request.Path, "Document downloaden");
         }
     }
 }

ODPC.Server/Features/Documenten/DocumentDownload/DocumentDownloadResult.cs

@@ -0,0 +1,24 @@
+using Microsoft.AspNetCore.Mvc;
+using ODPC.Apis.Odrc;
+
+namespace ODPC.Features.Documenten.DocumentDownload
+{
+    public class DocumentDownloadResult(string path, string reason) : IActionResult
+    {
+        public async Task ExecuteResultAsync(ActionContext context)
+        {
+            var response = context.HttpContext.Response;
+            var token = context.HttpContext.RequestAborted;
+
+            using var client = context.HttpContext.RequestServices.GetRequiredService<IOdrcClientFactory>().Create(reason);
+            using var httpResponse = await client.GetAsync(path, HttpCompletionOption.ResponseContentRead, token); ;
+
+            response.StatusCode = (int)httpResponse.StatusCode;
+            response.Headers.ContentLength = httpResponse.Content.Headers.ContentLength;
+            response.Headers.ContentDisposition = httpResponse.Content.Headers.ContentDisposition?.ToString();
+            response.Headers.ContentType = httpResponse.Content.Headers.ContentType?.ToString();
+
+            await httpResponse.Content.CopyToAsync(response.Body, token);
+        }
+    }
+}

ODPC.Server/Features/Documenten/DocumentenOverzicht/DocumentenOverzichtController.cs

@@ -1,18 +1,17 @@
-using System;
+using System.Net;
 using System.Text.Json.Nodes;
 using Microsoft.AspNetCore.Mvc;
 using ODPC.Apis.Odrc;
 using ODPC.Authentication;
-using ODPC.Features.Publicaties;
 
 namespace ODPC.Features.Documenten.DocumentenOverzicht
 {
     [ApiController]
     public class DocumentenOverzichtController(IOdrcClientFactory clientFactory) : ControllerBase
     {
-        [HttpGet("api/{apiVersion}/documenten")]
+        [HttpGet("api/{version}/documenten")]
         public async Task<IActionResult> Get(
-            string apiVersion,
+            string version,
             [FromQuery] string publicatie,
             OdpcUser user,
             CancellationToken token,
@@ -21,27 +20,18 @@ public async Task<IActionResult> Get(
             // documenten ophalen uit het ODRC
             using var client = clientFactory.Create("Documenten ophalen");
 
-            var noResult = new PagedResponseModel<JsonNode>
-            {
-                Results = new List<JsonNode>(),
-                Count = 0,
-                Next = null,
-                Previous = null
-            };
+            var url = $"/api/{version}/documenten?publicatie={publicatie}&eigenaar={WebUtility.UrlEncode(user.Id)}&page={page}";
 
-            // TODO: hiervoor komt filter op eigenaar in ODRC
-            var publicatieUrl = "/api/" + apiVersion + "/publicaties/" + publicatie;
-            var publicatieJson = await client.GetFromJsonAsync<Publicatie>(publicatieUrl, token);
+            using var response = await client.GetAsync(url, HttpCompletionOption.ResponseContentRead, token);
 
-            if (publicatieJson == null || publicatieJson.Eigenaar?.identifier != user.Id)
+            if (!response.IsSuccessStatusCode)
             {
-                return Ok(noResult);
+                return StatusCode(502);
             }
 
-            var documentenUrl = "/api/" + apiVersion + "/documenten?publicatie=" + publicatie + "&page=" + page;
-            var documentenJson = await client.GetFromJsonAsync<PagedResponseModel<JsonNode>>(documentenUrl, token);
+            var json = await response.Content.ReadFromJsonAsync<PagedResponseModel<JsonNode>>(token);
 
-            return documentenJson != null ? Ok(documentenJson) : Ok(noResult);
+            return Ok(json);
         }
     }
 }

ODPC.Server/Features/Documenten/InitialiseerDocument/InitialiseerDocumentController.cs

@@ -6,11 +6,11 @@ namespace ODPC.Features.Documenten.InitialiseerDocument
     [ApiController]
     public class InitialiseerDocumentController(IOdrcClientFactory clientFactory) : ControllerBase
     {
-        [HttpPost("api/{apiVersion}/documenten")]
-        public async Task<IActionResult> Post(string apiVersion, PublicatieDocument document, CancellationToken token)
+        [HttpPost("api/{version}/documenten")]
+        public async Task<IActionResult> Post(string version, PublicatieDocument document, CancellationToken token)
         {
             using var client = clientFactory.Create("Initialiseer document");
-            var url = "/api/" + apiVersion + "/documenten";
+            var url = $"/api/{version}/documenten";
 
             var response = await client.PostAsJsonAsync(url, document, token);
 

ODPC.Server/Features/Documenten/PublicatieDocument.cs

@@ -8,6 +8,7 @@ public class PublicatieDocument
         public required string OfficieleTitel { get; set; }
         public string? VerkorteTitel { get; set; }
         public string? Omschrijving { get; set; }
+        public Eigenaar? Eigenaar { get; set; }
         public string? Publicatiestatus { get; set; }
         public DateOnly Creatiedatum { get; set; }
         public required string Bestandsnaam { get; set; }
@@ -16,6 +17,12 @@ public class PublicatieDocument
         public List<Bestandsdeel>? Bestandsdelen { get; set; }
     }
 
+    public class Eigenaar
+    {
+        public string? identifier { get; set; }
+        public string? weergaveNaam { get; set; }
+    }
+
     public class Bestandsdeel
     {
         public required string Url { get; set; }

ODPC.Server/Features/Documenten/UploadBestandsdeel/UploadBestandsdeelController.cs

@@ -8,8 +8,8 @@ namespace ODPC.Features.Documenten.UploadBestandsdeel
     [RequestFormLimits(MultipartBodyLengthLimit = long.MaxValue)]
     public class UploadBestandsdeelController(IOdrcClientFactory clientFactory) : ControllerBase
     {
-        [HttpPut("api/{apiVersion}/documenten/{docUuid:guid}/bestandsdelen/{partUuid:guid}")]
-        public async Task<IActionResult> Put(string apiVersion, Guid docUuid, Guid partUuid, CancellationToken token)
+        [HttpPut("api/{version}/documenten/{docUuid:guid}/bestandsdelen/{partUuid:guid}")]
+        public async Task<IActionResult> Put(string version, Guid docUuid, Guid partUuid, CancellationToken token)
         {
             var form = await Request.ReadFormAsync(token);
 
@@ -25,7 +25,7 @@ public async Task<IActionResult> Put(string apiVersion, Guid docUuid, Guid partU
             content.Add(fileContent, "inhoud", file.FileName);
 
             using var client = clientFactory.Create("Upload bestandsdeel");
-            var url = "/api/" + apiVersion + "/documenten/" + docUuid + "/bestandsdelen/" + partUuid;
+            var url = $"/api/{version}/documenten/{docUuid}/bestandsdelen/{partUuid}";
 
             var response = await client.PutAsync(url, content, token);
 

ODPC.Server/Features/Informatiecategorieen/AlleInformatiecategorieen/InformatiecategorieenController.cs

@@ -7,14 +7,21 @@ namespace ODPC.Features.Informatiecategorieen.AlleInformatiecategorieen
     [ApiController]
     public class InformatiecategorieenController(IOdrcClientFactory clientFactory) : ControllerBase
     {
-        [HttpGet("api/{apiVersion}/informatiecategorieen")]
-        public async Task<IActionResult> Get(string apiVersion, CancellationToken token, [FromQuery] string? page = "1")
+        [HttpGet("api/{version}/informatiecategorieen")]
+        public async Task<IActionResult> Get(string version, CancellationToken token, [FromQuery] string? page = "1")
         {
             // infocategorien ophalen uit het ODRC
             using var client = clientFactory.Create("Informatiecategorieen ophalen");
-            var url = "/api/" + apiVersion + "/informatiecategorieen?page=" + page;
+            var url = $"/api/{version}/informatiecategorieen?page={page}";
 
-            var json = await client.GetFromJsonAsync<PagedResponseModel<JsonNode>>(url, token);
+            using var response = await client.GetAsync(url, HttpCompletionOption.ResponseContentRead, token);
+
+            if (!response.IsSuccessStatusCode)
+            {
+                return StatusCode(502);
+            }
+
+            var json = await response.Content.ReadFromJsonAsync<PagedResponseModel<JsonNode>>(token);
 
             return Ok(json);
         }

ODPC.Server/Features/Informatiecategorieen/MijnInformatiecategorieen/MijnInformatiecategorieenController.cs

@@ -9,15 +9,15 @@ namespace ODPC.Features.Informatiecategorieen.MijnInformatiecategorieen
     [ApiController]
     public class MijnInformatiecategorieenController(IOdrcClientFactory clientFactory, IGebruikerWaardelijstItemsService waardelijstItemsService) : ControllerBase
     {
-        [HttpGet("api/{apiVersion}/mijn-informatiecategorieen")]
-        public async IAsyncEnumerable<JsonObject> Get(string apiVersion, [EnumeratorCancellation] CancellationToken token)
+        [HttpGet("api/{version}/mijn-informatiecategorieen")]
+        public async IAsyncEnumerable<JsonObject> Get(string version, [EnumeratorCancellation] CancellationToken token)
         {
             var categorieen = await waardelijstItemsService.GetAsync(token);
 
             if (categorieen.Count == 0) yield break;
 
             using var client = clientFactory.Create("Eigen informatiecategorieen ophalen");
-            var url = "/api/" + apiVersion + "/informatiecategorieen";
+            var url = $"/api/{version}/informatiecategorieen";
 
             // omdat we zelf moeten filteren obv van de waardelijstitems waar de gebruiker toegang toe heeft,
             // kunnen we geen paginering gebruiker. we lopen door alle pagina's van de ODRC

ODPC.Server/Features/Organisaties/AlleOrganisaties/OrganisatiesController.cs

@@ -7,14 +7,21 @@ namespace ODPC.Features.Organisaties.AlleOrganisaties
     [ApiController]
     public class OrganisatiesController(IOdrcClientFactory clientFactory) : ControllerBase
     {
-        [HttpGet("api/{apiVersion}/organisaties")]
-        public async Task<IActionResult> Get(string apiVersion, CancellationToken token, [FromQuery] string? page = "1")
+        [HttpGet("api/{version}/organisaties")]
+        public async Task<IActionResult> Get(string version, CancellationToken token, [FromQuery] string? page = "1")
         {
             // organisaties ophalen uit het ODRC
             using var client = clientFactory.Create("Organisaties ophalen");
-            var url = "/api/" + apiVersion + "/organisaties?page=" + page;
+            var url = $"/api/{version}/organisaties?page={page}";
 
-            var json = await client.GetFromJsonAsync<PagedResponseModel<JsonNode>>(url, token);
+            using var response = await client.GetAsync(url, HttpCompletionOption.ResponseContentRead, token);
+
+            if (!response.IsSuccessStatusCode)
+            {
+                return StatusCode(502);
+            }
+
+            var json = await response.Content.ReadFromJsonAsync<PagedResponseModel<JsonNode>>(token);
 
             return Ok(json);
         }

ODPC.Server/Features/Organisaties/MijnOrganisaties/MijnOrganisatiesController.cs

@@ -7,15 +7,15 @@ namespace ODPC.Features.Organisaties.MijnOrganisaties
 {
     public class MijnOrganisatiesController(IOdrcClientFactory clientFactory, IGebruikerWaardelijstItemsService waardelijstItemsService) : ControllerBase
     {
-        [HttpGet("api/{apiVersion}/mijn-organisaties")]
-        public async IAsyncEnumerable<JsonObject> Get(string apiVersion, [EnumeratorCancellation] CancellationToken token)
+        [HttpGet("api/{version}/mijn-organisaties")]
+        public async IAsyncEnumerable<JsonObject> Get(string version, [EnumeratorCancellation] CancellationToken token)
         {
             var organisaties = await waardelijstItemsService.GetAsync(token);
 
             if (organisaties.Count == 0) yield break;
 
             using var client = clientFactory.Create("Eigen organisaties ophalen");
-            var url = "/api/" + apiVersion + "/organisaties";
+            var url = $"/api/{version}/organisaties";
 
             // omdat we zelf moeten filteren obv van de waardelijstitems waar de gebruiker toegang toe heeft,
             // kunnen we geen paginering gebruiker. we lopen door alle pagina's van de ODRC

ODPC.Server/Features/Publicaties/PublicatieBijwerken/PublicatieBijwerkenController.cs

@@ -10,8 +10,8 @@ public class PublicatieBijwerkenController(
         IGebruikerWaardelijstItemsService waardelijstItemsService,
         OdpcUser user) : ControllerBase
     {
-        [HttpPut("api/{apiVersion}/publicaties/{uuid:guid}")]
-        public async Task<IActionResult> Put(string apiVersion, Guid uuid, Publicatie publicatie, CancellationToken token)
+        [HttpPut("api/{version}/publicaties/{uuid:guid}")]
+        public async Task<IActionResult> Put(string version, Guid uuid, Publicatie publicatie, CancellationToken token)
         {
             var waardelijstItems = await waardelijstItemsService.GetAsync(token);
 
@@ -29,22 +29,29 @@ public async Task<IActionResult> Put(string apiVersion, Guid uuid, Publicatie pu
 
             using var client = clientFactory.Create("Publicatie bijwerken");
 
+            var url = $"/api/{version}/publicaties/{uuid}";
+
             // publicatie ophalen
-            var url = "/api/" + apiVersion + "/publicaties/" + uuid;
+            using var getResponse = await client.GetAsync(url, HttpCompletionOption.ResponseContentRead, token);
+
+            if (!getResponse.IsSuccessStatusCode)
+            {
+                return StatusCode(502);
+            }
 
-            var publicatieJson = await client.GetFromJsonAsync<Publicatie>(url, token);
+            var json = await getResponse.Content.ReadFromJsonAsync<Publicatie>(token);
 
-            if (publicatieJson == null || publicatieJson.Eigenaar?.identifier != user.Id)
+            if (json?.Eigenaar?.identifier != user.Id)
             {
                 return NotFound();
             }
 
             // publicatie bijwerken
-            var response = await client.PutAsJsonAsync(url, publicatie, token);
+            var putResponse = await client.PutAsJsonAsync(url, publicatie, token);
 
-            response.EnsureSuccessStatusCode();
+            putResponse.EnsureSuccessStatusCode();
 
-            var viewModel = await response.Content.ReadFromJsonAsync<Publicatie>(token);
+            var viewModel = await putResponse.Content.ReadFromJsonAsync<Publicatie>(token);
 
             return Ok(viewModel);
         }

ODPC.Server/Features/Publicaties/PublicatieDetails/PublicatieDetailsController.cs

@@ -7,15 +7,23 @@ namespace ODPC.Features.Publicaties.PublicatieDetails
     [ApiController]
     public class PublicatieDetailsController(IOdrcClientFactory clientFactory, OdpcUser user) : ControllerBase
     {
-        [HttpGet("api/{apiVersion}/publicaties/{uuid:guid}")]
-        public async Task<IActionResult> Put(string apiVersion, Guid uuid, CancellationToken token)
+        [HttpGet("api/{version}/publicaties/{uuid:guid}")]
+        public async Task<IActionResult> Put(string version, Guid uuid, CancellationToken token)
         {
             using var client = clientFactory.Create("Publicatie ophalen");
 
-            var url = "/api/" + apiVersion + "/publicaties/" + uuid;
-            var json = await client.GetFromJsonAsync<Publicatie>(url, token);
+            var url = $"/api/{version}/publicaties/{uuid}";
 
-            return json != null && json.Eigenaar?.identifier == user.Id ? Ok(json) : NotFound();
+            using var response = await client.GetAsync(url, HttpCompletionOption.ResponseContentRead, token);
+
+            if (!response.IsSuccessStatusCode)
+            {
+                return StatusCode(502);
+            }
+
+            var json = await response.Content.ReadFromJsonAsync<Publicatie>(token);
+
+            return json?.Eigenaar?.identifier == user.Id ? Ok(json) : NotFound();
         }
     }
 }