tweaks

Author: retailcoder

rubberduckvba.Server/Api/Admin/AdminController.cs

@@ -4,6 +4,7 @@
 using Microsoft.Extensions.Options;
 using rubberduckvba.Server.Model.Entity;
 using rubberduckvba.Server.Services;
+using System.Security.Principal;
 
 namespace rubberduckvba.Server.Api.Admin;
 
@@ -44,7 +45,7 @@ public IActionResult ClearCache()
     }
 
     [Authorize("github")]
-    [HttpGet("admin/audits")]
+    [HttpGet("admin/audits/pending")]
     public async Task<IActionResult> GetPendingAudits()
     {
         var edits = await audits.GetPendingItems<FeatureEditEntity>();
@@ -53,6 +54,88 @@ public async Task<IActionResult> GetPendingAudits()
         return Ok(new { edits = edits.ToArray(), other = ops.ToArray() });
     }
 
+    [Authorize("github")]
+    [HttpGet("admin/audits/{featureId}")]
+    public async Task<IActionResult> GetPendingAudits([FromRoute] int featureId)
+    {
+        var edits = await audits.GetPendingItems<FeatureEditEntity>(featureId);
+        var ops = await audits.GetPendingItems<FeatureOpEntity>(featureId);
+
+        return Ok(new { edits = edits.ToArray(), other = ops.ToArray() });
+    }
+
+    [Authorize("github")]
+    [HttpPost("admin/audits/approve/{id}")]
+    public async Task<IActionResult> ApprovePendingAudit([FromRoute] int id)
+    {
+        if (User.Identity is not IIdentity identity)
+        {
+            // this is arguably a bug in the authentication middleware, but we can handle it gracefully here
+            return Unauthorized("User identity is not available.");
+        }
+
+        var edits = await audits.GetPendingItems<FeatureEditEntity>();
+        AuditEntity? audit;
+
+        audit = edits.SingleOrDefault(e => e.Id == id);
+        if (audit is null)
+        {
+            var ops = await audits.GetPendingItems<FeatureOpEntity>();
+            audit = ops.SingleOrDefault(e => e.Id == id);
+        }
+
+        if (audit is null)
+        {
+            // TODO log this
+            return BadRequest("Invalid ID");
+        }
+
+        if (!audit.IsPending)
+        {
+            // TODO log this
+            return BadRequest($"This operation has already been audited");
+        }
+
+        await audits.Approve(audit, identity);
+        return Ok("Operation was approved successfully.");
+    }
+
+    [Authorize("github")]
+    [HttpPost("admin/audits/reject/{id}")]
+    public async Task<IActionResult> RejectPendingAudit([FromRoute] int id)
+    {
+        if (User.Identity is not IIdentity identity)
+        {
+            // this is arguably a bug in the authentication middleware, but we can handle it gracefully here
+            return Unauthorized("User identity is not available.");
+        }
+
+        var edits = await audits.GetPendingItems<FeatureEditEntity>();
+        AuditEntity? audit;
+
+        audit = edits.SingleOrDefault(e => e.Id == id);
+        if (audit is null)
+        {
+            var ops = await audits.GetPendingItems<FeatureOpEntity>();
+            audit = ops.SingleOrDefault(e => e.Id == id);
+        }
+
+        if (audit is null)
+        {
+            // TODO log this
+            return BadRequest("Invalid ID");
+        }
+
+        if (!audit.IsPending)
+        {
+            // TODO log this
+            return BadRequest($"This operation has already been audited");
+        }
+
+        await audits.Reject(audit, identity);
+        return Ok("Operation was rejected successfully.");
+    }
+
 #if DEBUG
     [AllowAnonymous]
     [HttpGet("admin/config/current")]

rubberduckvba.Server/Api/Features/FeatureEditViewModel.cs

@@ -29,7 +29,7 @@ public Feature ToFeature()
         return new Feature
         {
             Id = Id ?? default,
-            ParentId = FeatureId,
+            FeatureId = FeatureId,
             RepositoryId = RepositoryId,
             Name = Name,
             Title = Title,
@@ -43,7 +43,7 @@ public Feature ToFeature()
     public FeatureEditViewModel(Feature model, FeatureOptionViewModel[] features, RepositoryOptionViewModel[] repositories)
     {
         Id = model.Id;
-        FeatureId = model.ParentId;
+        FeatureId = model.FeatureId;
         RepositoryId = model.RepositoryId;
 
         Name = model.Name;

rubberduckvba.Server/Api/Features/FeatureViewModel.cs

@@ -11,7 +11,7 @@ public FeatureViewModel(Feature model, bool summaryOnly = false)
         DateInserted = model.DateTimeInserted;
         DateUpdated = model.DateTimeUpdated;
 
-        FeatureId = model.ParentId;
+        FeatureId = model.FeatureId;
         FeatureName = model.FeatureName;
 
         Name = model.Name;

rubberduckvba.Server/Api/Features/FeaturesController.cs

@@ -218,7 +218,7 @@ public async Task<ActionResult<FeatureEditViewModel>> Update([FromBody] FeatureE
 
     [HttpPost("features/delete")]
     [Authorize("github")]
-    public async Task Delete([FromBody] IFeature model)
+    public async Task Delete([FromBody] Feature model)
     {
         if (model.Id == default)
         {

rubberduckvba.Server/Data/FeaturesRepository.cs

@@ -17,7 +17,7 @@ public FeaturesRepository(IOptions<ConnectionSettings> settings)
     a.[DateTimeInserted],
     a.[DateTimeUpdated],
     a.[RepositoryId],
-    a.[ParentId] AS [FeatureId],
+    a.[ParentId],
     f.[Name] AS [FeatureName],
     a.[Name],
     a.[Title],

rubberduckvba.Server/Model/Entity/FeatureEntity.cs

@@ -26,6 +26,14 @@ public record class AuditEntity
     public DateTime DateInserted { get; init; }
     public DateTime? DateModified { get; init; }
     public string Author { get; init; } = string.Empty;
+
+    public string? ApprovedBy { get; init; }
+    public DateTime? ApprovedAt { get; init; }
+    public string? RejectedBy { get; init; }
+    public DateTime? RejectedAt { get; init; }
+
+    public bool IsPending => !ApprovedAt.HasValue && !RejectedAt.HasValue;
+    public bool IsApproved => ApprovedAt.HasValue && !RejectedAt.HasValue;
 }
 
 public record class FeatureEditEntity : AuditEntity
@@ -34,10 +42,6 @@ public record class FeatureEditEntity : AuditEntity
     public string FieldName { get; init; } = string.Empty;
     public string? ValueBefore { get; init; }
     public string ValueAfter { get; init; } = string.Empty;
-    public string? ApprovedBy { get; init; }
-    public DateTime? ApprovedAt { get; init; }
-    public string? RejectedBy { get; init; }
-    public DateTime? RejectedAt { get; init; }
 }
 
 public enum FeatureOperation
@@ -52,7 +56,6 @@ public record class FeatureOpEntity : AuditEntity
 
     public int? ParentId { get; init; }
     public string FeatureName { get; init; } = default!;
-    public int RepositoryId { get; init; }
     public string Title { get; init; } = default!;
     public string ShortDescription { get; init; } = default!;
     public string Description { get; init; } = default!;

rubberduckvba.Server/Model/Feature.cs

@@ -27,7 +27,7 @@ public Feature(FeatureEntity entity) : this()
         DateTimeInserted = entity.DateTimeInserted;
         DateTimeUpdated = entity.DateTimeUpdated;
         Name = entity.Name;
-        ParentId = entity.ParentId;
+        FeatureId = entity.ParentId;
         FeatureName = entity.FeatureName;
         RepositoryId = (Services.RepositoryId)entity.RepositoryId;
         Title = entity.Title;
@@ -45,7 +45,7 @@ public Feature(FeatureEntity entity) : this()
     public DateTime? DateTimeUpdated { get; init; }
     public string Name { get; init; } = string.Empty;
 
-    public int? ParentId { get; init; }
+    public int? FeatureId { get; init; }
     public string FeatureName { get; init; } = string.Empty;
     public Services.RepositoryId RepositoryId { get; init; } = Services.RepositoryId.Rubberduck;
     public string Title { get; init; } = string.Empty;
@@ -69,7 +69,7 @@ public Feature(FeatureEntity entity) : this()
         IsNew = IsNew,
         Name = Name,
         ShortDescription = ShortDescription,
-        ParentId = ParentId,
+        ParentId = FeatureId,
         FeatureName = FeatureName,
         RepositoryId = (int)Services.RepositoryId.Rubberduck,
         Title = Title,

rubberduckvba.Server/Services/RubberduckDbService.cs

@@ -67,7 +67,7 @@ public interface IAuditService
     Task UpdateFeature(Feature feature, IIdentity identity);
 
 
-    Task<IEnumerable<T>> GetPendingItems<T>() where T : AuditEntity;
+    Task<IEnumerable<T>> GetPendingItems<T>(int? featureId = default) where T : AuditEntity;
 
     Task Approve<T>(T entity, IIdentity identity) where T : AuditEntity;
     Task Reject<T>(T entity, IIdentity identity) where T : AuditEntity;
@@ -107,8 +107,8 @@ public async Task Reject<T>(T entity, IIdentity identity) where T : AuditEntity
     {
         var procName = entity switch
         {
-            FeatureOpEntity => "audits.ApproveFeatureOp",
-            FeatureEditEntity => "audits.ApproveFeatureEdit",
+            FeatureOpEntity => "audits.RejectFeatureOp",
+            FeatureEditEntity => "audits.RejectFeatureEdit",
             _ => throw new NotSupportedException($"The entity type {typeof(T).Name} is not supported for approval."),
         };
         await ApproveOrReject(procName, entity.Id, identity);
@@ -149,7 +149,7 @@ private async Task SubmitFeatureOp(Feature feature, IIdentity identity, FeatureO
             login,
             name = feature.Name,
             action = Convert.ToInt32(operation),
-            parentId = feature.ParentId,
+            parentId = feature.FeatureId,
             title = feature.Title,
             summary = feature.ShortDescription,
             description = feature.Description,
@@ -203,16 +203,29 @@ private async Task SubmitFeatureEdit(Feature feature, IIdentity identity)
         });
     }
 
-    public async Task<IEnumerable<T>> GetPendingItems<T>() where T : AuditEntity
+    public async Task<IEnumerable<T>> GetPendingItems<T>(int? featureId = default) where T : AuditEntity
     {
         using var db = await GetDbConnection();
-        var tableName = typeof(T).Name switch
+        var (tableName, columns) = typeof(T).Name switch
         {
-            nameof(FeatureOpEntity) => "audits.FeatureOps",
-            nameof(FeatureEditEntity) => "audits.FeatureEdits",
+            nameof(FeatureOpEntity) => ("audits.FeatureOps src", string.Join(',', typeof(FeatureOpEntity).GetProperties().Where(p => p.CanWrite).Select(p => $"src.[{p.Name}]"))),
+            nameof(FeatureEditEntity) => ("audits.FeatureEdits src", string.Join(',', typeof(FeatureEditEntity).GetProperties().Where(p => p.CanWrite).Select(p => $"src.[{p.Name}]"))),
             _ => throw new NotSupportedException($"The entity type {typeof(T).Name} is not supported for pending items retrieval."),
         };
-        return await db.QueryAsync<T>($"SELECT * FROM {tableName} WHERE ApprovedBy IS NULL AND RejectedBy IS NULL ORDER BY DateInserted DESC");
+
+        const string pendingFilter = "src.[ApprovedBy] IS NULL AND src.[RejectedBy] IS NULL";
+
+        var sql = featureId.HasValue
+            ? typeof(T).Name switch
+            {
+                nameof(FeatureOpEntity) => $"SELECT {columns} FROM {tableName} INNER JOIN dbo.Features f ON src.[FeatureName] = f.[Name] WHERE {pendingFilter} AND f.[Id] = {featureId}",
+                nameof(FeatureEditEntity) => $"SELECT {columns} FROM {tableName} WHERE {pendingFilter} AND src.[FeatureId] = {featureId}",
+                _ => throw new NotSupportedException($"The entity type {typeof(T).Name} is not supported for pending items retrieval."),
+            }
+            : $"SELECT {columns} FROM {tableName} WHERE {pendingFilter}";
+
+        sql += " ORDER BY src.[DateInserted] DESC";
+        return await db.QueryAsync<T>(sql);
     }
 }
 
@@ -257,7 +270,7 @@ public async Task<FeatureGraph> ResolveFeature(RepositoryId repositoryId, string
     {
         var features = _featureServices.Get(topLevelOnly: false).ToList();
         var feature = features.Single(e => string.Equals(e.Name, name, StringComparison.OrdinalIgnoreCase));
-        var children = features.Where(e => e.ParentId == feature.Id);
+        var children = features.Where(e => e.FeatureId == feature.Id);
         return new FeatureGraph(feature.ToEntity())
         {
             Features = children.ToArray()

rubberduckvba.Server/Services/rubberduckdb/FeatureServices.cs

@@ -14,9 +14,11 @@ public class FeatureServices(
     public int? GetId(string name) => featureRepository.TryGetId(name, out var id) ? id : null;
     public IEnumerable<Feature> Get(bool topLevelOnly = true)
     {
-        return featureRepository.GetAll()
-            .Where(e => !topLevelOnly || e.ParentId is null)
-            .Select(e => new Feature(e));
+        var features = featureRepository.GetAll();
+        return features
+            .Where(e => e.ParentId == null || !topLevelOnly)
+            .Select(e => new Feature(e))
+            .ToList();
     }
 
     public Inspection GetInspection(string name)

rubberduckvba.client/src/app/components/auth-menu/auth-menu.component.ts

@@ -39,7 +39,7 @@ export class AuthMenuComponent implements OnInit {
 
   ngOnInit(): void {
     this.getUserInfo();
-    this.api.getPendingAudits().subscribe(e => this.pendingAudits = e.edits.length + e.other.length);
+    this.api.getAllPendingAudits().subscribe(e => {if (e) { this.pendingAudits = e.edits.length + e.other.length }});
   }
 
   getUserInfo(): void {