From 6cf7208790d6b0ff442e7fb43b65c346c88d29d9 Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Mon, 9 Dec 2024 15:20:34 -0700 Subject: [PATCH 01/12] Removed id being sent in aggregation methods --- .../AggregationAnalysisController.cs | 67 ++++++++++++++----- .../compare-individual.component.ts | 2 +- .../compare-individual.component.ts | 4 +- .../compare-summary.component.ts | 4 +- .../trend-analytics.component.ts | 8 +-- .../compare-report-m.component.ts | 6 +- .../compare-report.component.ts | 8 +-- .../trend-report/trend-report.component.ts | 10 +-- .../src/app/services/aggregation.service.ts | 44 ++++++------ 9 files changed, 93 insertions(+), 60 deletions(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationAnalysisController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationAnalysisController.cs index c290b45560..6c9e3ed6ef 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationAnalysisController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationAnalysisController.cs @@ -37,9 +37,13 @@ public AggregationAnalysisController(ITokenManager tokenManager, ITrendDataProce [HttpPost] [Route("api/aggregation/analysis/overallcompliancescore")] - public IActionResult OverallComplianceScore([FromBody] AggBody body) + public IActionResult OverallComplianceScore() { - int aggregationID = body.AggregationID; + var aggregationID = _tokenManager.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } var assessmentList = _context.AGGREGATION_ASSESSMENT.Where(x => x.Aggregation_Id == aggregationID) .Include(x => x.Assessment) .Include(x => x.Assessment.STANDARD_SELECTION) @@ -115,9 +119,13 @@ public IActionResult OverallComplianceScore([FromBody] AggBody body) /// [HttpPost] [Route("api/aggregation/analysis/top5")] - public IActionResult Top5([FromBody] AggBody body) + public IActionResult Top5() { - int aggregationID = body.AggregationID; + var aggregationID = _tokenManager.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } var response = new LineChart(); response.reportType = "Top 5 Most Improved Areas"; _trendData.Process(_context, (int?)aggregationID ?? 0, response, "TOP"); @@ -132,9 +140,14 @@ public IActionResult Top5([FromBody] AggBody body) /// [HttpPost] [Route("api/aggregation/analysis/bottom5")] - public IActionResult Bottom5([FromBody] AggBody body) + public IActionResult Bottom5() { - int aggregationID = body.AggregationID; + var aggregationID = _tokenManager.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } + var response = new LineChart(); response.reportType = "Top 5 Areas of Concern (Bottom 5)"; @@ -150,8 +163,13 @@ public IActionResult Bottom5([FromBody] AggBody body) /// [HttpPost] [Route("api/aggregation/analysis/categorypercentcompare")] - public IActionResult CategoryPercentCompare(int aggregationID) + public IActionResult CategoryPercentCompare() { + var aggregationID = _tokenManager.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } DataTable dt = new DataTable(); dt.Columns.Add("AssessmentId", typeof(int)); dt.Columns.Add("Alias"); @@ -252,14 +270,14 @@ orderby an.Question_Group_Heading /// [HttpPost] [Route("api/aggregation/analysis/overallaverages")] - public IActionResult GetOverallAverages(int aggregationID) + public IActionResult GetOverallAverages() { - //var aggregationID = _tokenManager.PayloadInt("aggreg"); - //if (aggregationID == null) - //{ - // return Ok(); - //} - + var aggregationID = _tokenManager.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } + var response = new HorizBarChart(); response.ReportTitle = "Overall Average Summary"; @@ -419,8 +437,13 @@ public IActionResult GetComponentsAnswerDistribution() [HttpPost] [Route("api/aggregation/analysis/categoryaverages")] - public IActionResult GetCategoryAverages(int aggregationID) + public IActionResult GetCategoryAverages() { + var aggregationID = _tokenManager.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } var dict = new Dictionary>(); var assessmentList = _context.AGGREGATION_ASSESSMENT.Where(x => x.Aggregation_Id == aggregationID) @@ -473,8 +496,13 @@ public IActionResult GetCategoryAverages(int aggregationID) /// [HttpPost] [Route("api/aggregation/analysis/getanswertotals")] - public IActionResult GetAnswerTotals(int aggregationID) + public IActionResult GetAnswerTotals() { + var aggregationID = _tokenManager.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } var assessmentList = _context.AGGREGATION_ASSESSMENT.Where(x => x.Aggregation_Id == aggregationID) .Include(x => x.Assessment).OrderBy(x => x.Assessment.Assessment_Date) .ToList(); @@ -518,8 +546,13 @@ public IActionResult GetAnswerTotals(int aggregationID) /// [HttpPost] [Route("api/aggregation/analysis/maturity/answertotals")] - public IActionResult GetMaturityAnswerTotalsFlexible(int aggregationID) + public IActionResult GetMaturityAnswerTotalsFlexible() { + var aggregationID = _tokenManager.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } var assessmentList = _context.AGGREGATION_ASSESSMENT.Where(x => x.Aggregation_Id == aggregationID) .Include(x => x.Assessment).OrderBy(x => x.Assessment.Assessment_Date) .ToList(); diff --git a/CSETWebNg/src/app/aggregation/compare-analytics/maturity-based/compare-individual/compare-individual.component.ts b/CSETWebNg/src/app/aggregation/compare-analytics/maturity-based/compare-individual/compare-individual.component.ts index ebb258f0ca..fb6954039e 100644 --- a/CSETWebNg/src/app/aggregation/compare-analytics/maturity-based/compare-individual/compare-individual.component.ts +++ b/CSETWebNg/src/app/aggregation/compare-analytics/maturity-based/compare-individual/compare-individual.component.ts @@ -59,7 +59,7 @@ export class CompareMaturityIndividualComponent implements OnInit { const aggId: number = +localStorage.getItem("aggregationId"); // Assessment Answer Summary - tabular data - this.aggregationSvc.getMaturityAnswerTotals(aggId).subscribe((x: any) => { + this.aggregationSvc.getMaturityAnswerTotals().subscribe((x: any) => { // this.answerCounts = x; diff --git a/CSETWebNg/src/app/aggregation/compare-analytics/standards-based/compare-individual/compare-individual.component.ts b/CSETWebNg/src/app/aggregation/compare-analytics/standards-based/compare-individual/compare-individual.component.ts index 1e4c4960a0..3a42b6e416 100644 --- a/CSETWebNg/src/app/aggregation/compare-analytics/standards-based/compare-individual/compare-individual.component.ts +++ b/CSETWebNg/src/app/aggregation/compare-analytics/standards-based/compare-individual/compare-individual.component.ts @@ -54,7 +54,7 @@ export class CompareIndividualComponent implements OnInit { const aggregationId = this.aggregationSvc.id(); var aggId: number = +localStorage.getItem("aggregationId"); // Assessment Answer Summary - tabular data - this.aggregationSvc.getAnswerTotals(aggId).subscribe((x: any) => { + this.aggregationSvc.getAnswerTotals().subscribe((x: any) => { // this.answerCounts = x; }); @@ -80,7 +80,7 @@ export class CompareIndividualComponent implements OnInit { // Category Percentage Comparison - this.aggregationSvc.getCategoryPercentageComparisons(aggId).subscribe((x: any) => { + this.aggregationSvc.getCategoryPercentageComparisons().subscribe((x: any) => { this.chartCategoryPercent = this.chartSvc.buildCategoryPercentChart('canvasCategoryPercent', x); (this.chartCategoryPercent.canvas.parentNode).style.height = this.chartSvc.calcHbcHeightPixels(x); }); diff --git a/CSETWebNg/src/app/aggregation/compare-analytics/standards-based/compare-summary/compare-summary.component.ts b/CSETWebNg/src/app/aggregation/compare-analytics/standards-based/compare-summary/compare-summary.component.ts index 8d9dcfe7dd..c07f1bf46a 100644 --- a/CSETWebNg/src/app/aggregation/compare-analytics/standards-based/compare-summary/compare-summary.component.ts +++ b/CSETWebNg/src/app/aggregation/compare-analytics/standards-based/compare-summary/compare-summary.component.ts @@ -67,7 +67,7 @@ export class CompareSummaryComponent implements OnInit { const aggId: number = +localStorage.getItem("aggregationId"); // Overall Average - this.aggregationSvc.getOverallAverageSummary(aggId).subscribe((x: any) => { + this.aggregationSvc.getOverallAverageSummary().subscribe((x: any) => { // apply visual attributes x.datasets.forEach(ds => { @@ -103,7 +103,7 @@ export class CompareSummaryComponent implements OnInit { // Category Averages - this.aggregationSvc.getCategoryAverages(aggId).subscribe((x: any) => { + this.aggregationSvc.getCategoryAverages().subscribe((x: any) => { // apply visual attributes x.datasets.forEach(ds => { diff --git a/CSETWebNg/src/app/aggregation/trend-analytics/trend-analytics.component.ts b/CSETWebNg/src/app/aggregation/trend-analytics/trend-analytics.component.ts index a3f92e06c4..fe96168523 100644 --- a/CSETWebNg/src/app/aggregation/trend-analytics/trend-analytics.component.ts +++ b/CSETWebNg/src/app/aggregation/trend-analytics/trend-analytics.component.ts @@ -67,22 +67,22 @@ export class TrendAnalyticsComponent implements OnInit { //const aggregationId = this.aggregationSvc.id(); var aggId: number = +localStorage.getItem("aggregationId"); // Overall Compliance - this.aggregationSvc.getOverallComplianceScores(aggId).subscribe((x: any) => { + this.aggregationSvc.getOverallComplianceScores().subscribe((x: any) => { this.chartOverallCompl = this.chartSvc.buildLineChart('canvasOverallCompliance', x); }); // Top 5 - this.aggregationSvc.getTrendTop5(aggId).subscribe((x: any) => { + this.aggregationSvc.getTrendTop5().subscribe((x: any) => { this.chartTop5 = this.chartSvc.buildLineChart('canvasTop5', x); }); // Bottom 5 - this.aggregationSvc.getTrendBottom5(aggId).subscribe((x: any) => { + this.aggregationSvc.getTrendBottom5().subscribe((x: any) => { this.chartBottom5 = this.chartSvc.buildLineChart('canvasBottom5', x); }); // Category Percentage Comparison - this.aggregationSvc.getCategoryPercentageComparisons(aggId).subscribe((x: any) => { + this.aggregationSvc.getCategoryPercentageComparisons().subscribe((x: any) => { this.chartCategoryPercent = this.chartSvc.buildCategoryPercentChart('canvasCategoryPercent', x); (this.chartCategoryPercent.canvas.parentNode).style.height = this.chartSvc.calcHbcHeightPixels(x); }); diff --git a/CSETWebNg/src/app/reports/compare-report-m/compare-report-m.component.ts b/CSETWebNg/src/app/reports/compare-report-m/compare-report-m.component.ts index 527e0b670c..105b120eea 100644 --- a/CSETWebNg/src/app/reports/compare-report-m/compare-report-m.component.ts +++ b/CSETWebNg/src/app/reports/compare-report-m/compare-report-m.component.ts @@ -86,7 +86,7 @@ export class CompareReportMComponent implements OnInit, AfterViewChecked { populateCharts(aggId: number) { // Overall Average - this.aggregationSvc.getOverallAverageSummary(aggId).subscribe((x: any) => { + this.aggregationSvc.getOverallAverageSummary().subscribe((x: any) => { // Makes the Compliance Summary chart a light blue color instead of grey const chartColors = new ChartColors(); @@ -98,7 +98,7 @@ export class CompareReportMComponent implements OnInit, AfterViewChecked { }); // Assessment Answer Summary - tabular data - this.aggregationSvc.getMaturityAnswerTotals(aggId).subscribe((x: any) => { + this.aggregationSvc.getMaturityAnswerTotals().subscribe((x: any) => { // this.answerCounts = x; @@ -132,7 +132,7 @@ export class CompareReportMComponent implements OnInit, AfterViewChecked { }); }); // Category Percentage Comparison - this.aggregationSvc.getCategoryPercentageComparisons(aggId).subscribe((x: any) => { + this.aggregationSvc.getCategoryPercentageComparisons().subscribe((x: any) => { this.chartCategoryPercent = this.chartSvc.buildCategoryPercentChart('canvasCategoryPercent', x); (this.chartCategoryPercent.canvas.parentNode).style.height = this.chartSvc.calcHbcHeightPixels(x); }); diff --git a/CSETWebNg/src/app/reports/compare-report/compare-report.component.ts b/CSETWebNg/src/app/reports/compare-report/compare-report.component.ts index 63d15562f2..df37e33522 100644 --- a/CSETWebNg/src/app/reports/compare-report/compare-report.component.ts +++ b/CSETWebNg/src/app/reports/compare-report/compare-report.component.ts @@ -79,7 +79,7 @@ export class CompareReportComponent implements OnInit, AfterViewChecked { populateCharts(aggId: number) { // Overall Average - this.aggregationSvc.getOverallAverageSummary(aggId).subscribe((x: any) => { + this.aggregationSvc.getOverallAverageSummary().subscribe((x: any) => { // Makes the Compliance Summary chart a light blue color instead of grey const chartColors = new ChartColors(); @@ -91,12 +91,12 @@ export class CompareReportComponent implements OnInit, AfterViewChecked { }); // Assessment Answer Summary - tabular data - this.aggregationSvc.getAnswerTotals(aggId).subscribe((x: any) => { + this.aggregationSvc.getAnswerTotals().subscribe((x: any) => { this.answerCounts = x; }); // Category Averages - this.aggregationSvc.getCategoryAverages(aggId).subscribe((x: any) => { + this.aggregationSvc.getCategoryAverages().subscribe((x: any) => { // Makes the Category Average chart a nice green color instead of grey x.datasets.forEach(ds => { @@ -114,7 +114,7 @@ export class CompareReportComponent implements OnInit, AfterViewChecked { }); // Category Percentage Comparison - this.aggregationSvc.getCategoryPercentageComparisons(aggId).subscribe((x: any) => { + this.aggregationSvc.getCategoryPercentageComparisons().subscribe((x: any) => { this.chartCategoryPercent = this.chartSvc.buildCategoryPercentChart('canvasCategoryPercent', x); (this.chartCategoryPercent.canvas.parentNode).style.height = this.chartSvc.calcHbcHeightPixels(x); }); diff --git a/CSETWebNg/src/app/reports/trend-report/trend-report.component.ts b/CSETWebNg/src/app/reports/trend-report/trend-report.component.ts index d3a73996f1..4fa168bd34 100644 --- a/CSETWebNg/src/app/reports/trend-report/trend-report.component.ts +++ b/CSETWebNg/src/app/reports/trend-report/trend-report.component.ts @@ -99,27 +99,27 @@ export class TrendReportComponent implements OnInit, AfterViewChecked { // Populate charts // Overall Compliance - this.aggregationSvc.getOverallComplianceScores(aggId).subscribe((x: any) => { + this.aggregationSvc.getOverallComplianceScores().subscribe((x: any) => { this.chartOverallCompl = this.chartSvc.buildLineChart('canvasOverallCompliance', x); }); // Assessment Answer Summary - tabular data - this.aggregationSvc.getAnswerTotals(aggId).subscribe((x: any) => { + this.aggregationSvc.getAnswerTotals().subscribe((x: any) => { this.answerCounts = x; }); // Top 5 - this.aggregationSvc.getTrendTop5(aggId).subscribe((x: any) => { + this.aggregationSvc.getTrendTop5().subscribe((x: any) => { this.chartTop5 = this.chartSvc.buildLineChart('canvasTop5', x); }); // Bottom 5 - this.aggregationSvc.getTrendBottom5(aggId).subscribe((x: any) => { + this.aggregationSvc.getTrendBottom5().subscribe((x: any) => { this.chartBottom5 = this.chartSvc.buildLineChart('canvasBottom5', x); }); // Category Percentage Comparison - this.aggregationSvc.getCategoryPercentageComparisons(aggId).subscribe((x: any) => { + this.aggregationSvc.getCategoryPercentageComparisons().subscribe((x: any) => { this.chartCategoryPercent = this.chartSvc.buildCategoryPercentChart('canvasCategoryPercent', x); (this.chartCategoryPercent.canvas.parentNode).style.height = this.chartSvc.calcHbcHeightPixels(x); }); diff --git a/CSETWebNg/src/app/services/aggregation.service.ts b/CSETWebNg/src/app/services/aggregation.service.ts index 820da4f92c..aaee5fae1e 100644 --- a/CSETWebNg/src/app/services/aggregation.service.ts +++ b/CSETWebNg/src/app/services/aggregation.service.ts @@ -164,56 +164,56 @@ export class AggregationService { { aliasAssessment: assessment, assessmentList: aliasData }, { responseType: 'text' }); } - getAnswerTotals(aggId) { - return this.http.post(this.apiUrl + 'analysis/getanswertotals?aggregationID=' + aggId, ''); + getAnswerTotals() { + return this.http.post(this.apiUrl + 'analysis/getanswertotals', null); } - getMaturityAnswerTotals(aggId) { - return this.http.post(this.apiUrl + 'analysis/maturity/answertotals?aggregationID=' + aggId, ''); + getMaturityAnswerTotals() { + return this.http.post(this.apiUrl + 'analysis/maturity/answertotals', null); } //////////////////////////////// Trend ////////////////////////////////// - getOverallComplianceScores(aggId) { - return this.http.post(this.apiUrl + 'analysis/overallcompliancescore', { aggregationID: aggId }); + getOverallComplianceScores() { + return this.http.post(this.apiUrl + 'analysis/overallcompliancescore', null); } - getTrendTop5(aggId) { - return this.http.post(this.apiUrl + 'analysis/top5', { aggregationID: aggId }); + getTrendTop5() { + return this.http.post(this.apiUrl + 'analysis/top5', null); } - getTrendBottom5(aggId) { - return this.http.post(this.apiUrl + 'analysis/bottom5', { aggregationID: aggId }); + getTrendBottom5() { + return this.http.post(this.apiUrl + 'analysis/bottom5', null); } - getCategoryPercentageComparisons(aggId) { - return this.http.post(this.apiUrl + 'analysis/categorypercentcompare?aggregationID=' + aggId, {}); + getCategoryPercentageComparisons() { + return this.http.post(this.apiUrl + 'analysis/categorypercentcompare', null); } //////////////////////////////// Compare ////////////////////////////////// - getOverallAverageSummary(aggId: number) { - return this.http.post(this.apiUrl + 'analysis/overallaverages?aggregationID=' + aggId, {}); + getOverallAverageSummary() { + return this.http.post(this.apiUrl + 'analysis/overallaverages', null); } getOverallComparison() { - return this.http.post(this.apiUrl + 'analysis/overallcomparison', {}); + return this.http.post(this.apiUrl + 'analysis/overallcomparison', null); } getStandardsAnswers() { - return this.http.post(this.apiUrl + 'analysis/standardsanswers', {}); + return this.http.post(this.apiUrl + 'analysis/standardsanswers', null); } getComponentsAnswers() { - return this.http.post(this.apiUrl + 'analysis/componentsanswers', {}); + return this.http.post(this.apiUrl + 'analysis/componentsanswers', null); } - getCategoryAverages(aggId) { - return this.http.post(this.apiUrl + 'analysis/categoryaverages?aggregationID=' + aggId, {}); + getCategoryAverages() { + return this.http.post(this.apiUrl + 'analysis/categoryaverages', null); } getAggregationCompliance(aggId) { @@ -226,11 +226,11 @@ export class AggregationService { } getSalComparison() { - return this.http.post(this.apiUrl + 'analysis/salcomparison', {}); + return this.http.post(this.apiUrl + 'analysis/salcomparison', null); } getBestToWorst() { - return this.http.post(this.apiUrl + 'analysis/getbesttoworst', ''); + return this.http.post(this.apiUrl + 'analysis/getbesttoworst', null); } /** @@ -244,7 +244,7 @@ export class AggregationService { * Get the maturity "best to worst" model */ getMaturityBestToWorst() { - return this.http.post(this.apiUrl + 'analysis/maturity/besttoworst', ''); + return this.http.post(this.apiUrl + 'analysis/maturity/besttoworst', null); } From 76ae64b767614019e7d91e573966c64a4976299a Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Tue, 10 Dec 2024 08:19:48 -0700 Subject: [PATCH 02/12] Aggregation analysis controller aggregationID refactor --- .../AggregationAnalysisController.cs | 4 +++- .../Controllers/AggregationController.cs | 11 +++++++++- .../AggregationMaturityController.cs | 21 ++++++++++++++----- .../compare-individual.component.ts | 5 +---- .../compare-report-m.component.ts | 6 +++--- .../src/app/services/aggregation.service.ts | 4 ++-- 6 files changed, 35 insertions(+), 16 deletions(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationAnalysisController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationAnalysisController.cs index 6c9e3ed6ef..062672894d 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationAnalysisController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationAnalysisController.cs @@ -15,10 +15,12 @@ using CSETWebCore.Model.Analysis; using Microsoft.EntityFrameworkCore; using Snickler.EFCore; +using CSETWebCore.Business.Authorization; + namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] [ApiController] public class AggregationAnalysisController : ControllerBase { diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationController.cs index d1105be2c5..62107ecc5b 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationController.cs @@ -4,6 +4,8 @@ // // //////////////////////////////// + +using System; using CSETWebCore.Business.Aggregation; using CSETWebCore.DataLayer.Model; using CSETWebCore.Interfaces.Helpers; @@ -17,6 +19,8 @@ namespace CSETWebCore.Api.Controllers { [CsetAuthorize] [ApiController] + [Obsolete("This controller is no longer used")] + public class AggregationController : ControllerBase { private readonly ITokenManager _token; @@ -75,7 +79,7 @@ public IActionResult GetAggregation() [HttpPost] - [Route("api/aggregation/update")] + [Route("api/aggregation/update")] public IActionResult UpdateAggregation([FromBody] Aggregation aggregation) { var aggregationID = _token.PayloadInt("aggreg"); @@ -94,6 +98,11 @@ public IActionResult UpdateAggregation([FromBody] Aggregation aggregation) [Route("api/aggregation/delete")] public IActionResult DeleteAggregation([FromQuery] int aggregationId) { + var aggregationID = _token.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } var manager = new AggregationBusiness(_context, _token); manager.DeleteAggregation(aggregationId); return Ok(); diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationMaturityController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationMaturityController.cs index 42af310910..3a75881b13 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationMaturityController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AggregationMaturityController.cs @@ -6,22 +6,28 @@ //////////////////////////////// using Microsoft.AspNetCore.Mvc; using CSETWebCore.Business.Aggregation; +using CSETWebCore.Business.Authorization; using CSETWebCore.DataLayer.Model; +using CSETWebCore.Interfaces.Helpers; namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] public class AggregationMaturityController : Controller { private CSETContext _context; + private readonly ITokenManager _tokenManager; + /// /// CTOR /// - public AggregationMaturityController(CSETContext context) + public AggregationMaturityController(ITokenManager tokenManager, CSETContext context) { _context = context; + _tokenManager = tokenManager; + } @@ -34,10 +40,15 @@ public AggregationMaturityController(CSETContext context) /// [HttpGet] [Route("api/aggregation/analysis/maturity/compliance")] - public IActionResult GetComplianceByModelAndDomain([FromQuery] int aggregationId) - { + public IActionResult GetComplianceByModelAndDomain() + { + var aggregationID = _tokenManager.PayloadInt("aggreg"); + if (aggregationID == null) + { + return Ok(); + } var amb = new AggregationMaturityBusiness(_context); - var resp = amb.GetMaturityModelComplianceChart(aggregationId); + var resp = amb.GetMaturityModelComplianceChart(aggregationID.Value); return Ok(resp); } diff --git a/CSETWebNg/src/app/aggregation/compare-analytics/maturity-based/compare-individual/compare-individual.component.ts b/CSETWebNg/src/app/aggregation/compare-analytics/maturity-based/compare-individual/compare-individual.component.ts index fb6954039e..6cbb3e1387 100644 --- a/CSETWebNg/src/app/aggregation/compare-analytics/maturity-based/compare-individual/compare-individual.component.ts +++ b/CSETWebNg/src/app/aggregation/compare-analytics/maturity-based/compare-individual/compare-individual.component.ts @@ -56,8 +56,6 @@ export class CompareMaturityIndividualComponent implements OnInit { * */ populateCharts() { - const aggId: number = +localStorage.getItem("aggregationId"); - // Assessment Answer Summary - tabular data this.aggregationSvc.getMaturityAnswerTotals().subscribe((x: any) => { // @@ -71,9 +69,8 @@ export class CompareMaturityIndividualComponent implements OnInit { }); }); - // Maturity Compliance By Model/Domain - this.aggregationSvc.getAggregationCompliance(aggId).subscribe((resp: any) => { + this.aggregationSvc.getAggregationCompliance().subscribe((resp: any) => { let showLegend = true; if (!resp.length) { diff --git a/CSETWebNg/src/app/reports/compare-report-m/compare-report-m.component.ts b/CSETWebNg/src/app/reports/compare-report-m/compare-report-m.component.ts index 105b120eea..a1d4c40f8e 100644 --- a/CSETWebNg/src/app/reports/compare-report-m/compare-report-m.component.ts +++ b/CSETWebNg/src/app/reports/compare-report-m/compare-report-m.component.ts @@ -79,11 +79,11 @@ export class CompareReportMComponent implements OnInit, AfterViewChecked { error => console.log('Compare report load Error: ' + (error).message) ); - this.populateCharts(aggId); + this.populateCharts(); } - populateCharts(aggId: number) { + populateCharts() { // Overall Average this.aggregationSvc.getOverallAverageSummary().subscribe((x: any) => { @@ -112,7 +112,7 @@ export class CompareReportMComponent implements OnInit, AfterViewChecked { // Maturity Compliance By Model/Domain - this.aggregationSvc.getAggregationCompliance(aggId).subscribe((resp: any) => { + this.aggregationSvc.getAggregationCompliance().subscribe((resp: any) => { let showLegend = true; if (!resp.length) { diff --git a/CSETWebNg/src/app/services/aggregation.service.ts b/CSETWebNg/src/app/services/aggregation.service.ts index aaee5fae1e..d445f7d721 100644 --- a/CSETWebNg/src/app/services/aggregation.service.ts +++ b/CSETWebNg/src/app/services/aggregation.service.ts @@ -216,8 +216,8 @@ export class AggregationService { return this.http.post(this.apiUrl + 'analysis/categoryaverages', null); } - getAggregationCompliance(aggId) { - return this.http.get(this.apiUrl + 'analysis/maturity/compliance?aggregationId=' + aggId, {}); + getAggregationCompliance() { + return this.http.get(this.apiUrl + 'analysis/maturity/compliance', null); } From c89abd4721c01d64971e1ffed50269d9131a40bf Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Tue, 10 Dec 2024 11:52:08 -0700 Subject: [PATCH 03/12] Obsolete methods --- .../Controllers/AssessmentController.cs | 1 + .../assess-compare-analytics.service.ts | 17 +++++++++-------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AssessmentController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AssessmentController.cs index 510ff36c54..41e7e6ec51 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AssessmentController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AssessmentController.cs @@ -267,6 +267,7 @@ public IActionResult GetAssessmentsCompletion() [HttpGet] [Route("api/getAssessmentById")] + [Obsolete("Method no longer in use.")] public IActionResult GetAssessmentById(int assessmentId) { var assessment = _assessmentBusiness.GetAssessmentById(assessmentId); diff --git a/CSETWebNg/src/app/services/assess-compare-analytics.service.ts b/CSETWebNg/src/app/services/assess-compare-analytics.service.ts index f965eaa22f..d37f71583d 100644 --- a/CSETWebNg/src/app/services/assess-compare-analytics.service.ts +++ b/CSETWebNg/src/app/services/assess-compare-analytics.service.ts @@ -47,14 +47,15 @@ export class AssessCompareAnalyticsService { private assessSvc: AssessmentService, private router: Router ) { } - - analyticsAssessment(assessId: number) { - this.http.get( - this.configSvc.apiUrl + "tsa/getAssessmentById", - headers, - ) - this.router.navigate(["/assessment-comparison-analytics"], { queryParamsHandling: 'preserve' }); - } + + // Method no longer in use + // analyticsAssessment(assessId: number) { + // this.http.get( + // this.configSvc.apiUrl + "tsa/getAssessmentById", + // headers, + // ) + // this.router.navigate(["/assessment-comparison-analytics"], { queryParamsHandling: 'preserve' }); + // } loadAssessment(id: number) { this.getAssessmentToken(id).then(() => { From 8a3d33ba247df0decbfc64fa62ac95bc92d683b5 Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Tue, 10 Dec 2024 11:58:18 -0700 Subject: [PATCH 04/12] Switched to getting assessmentID from JWT --- .../CSETWeb_ApiCore/Controllers/ContactsController.cs | 3 ++- .../app/initial/my-assessments/my-assessments.component.ts | 2 +- CSETWebNg/src/app/services/assessment.service.ts | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ContactsController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ContactsController.cs index 4146d8d0ca..a3bf420235 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ContactsController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ContactsController.cs @@ -646,8 +646,9 @@ public IActionResult SaveUserLanguage([FromBody] UserLanguage lang) /// [HttpPost] [Route("api/contacts/ValidateRemoval")] - public IActionResult ValidateMyRemoval(int assessmentId) + public IActionResult ValidateMyRemoval() { + int assessmentId = _token.AssessmentForUser(); _token.IsAuthenticated(); if (_token.AmILastAdminWithUsers(assessmentId)) { diff --git a/CSETWebNg/src/app/initial/my-assessments/my-assessments.component.ts b/CSETWebNg/src/app/initial/my-assessments/my-assessments.component.ts index 056ef3b832..1474d2edb2 100644 --- a/CSETWebNg/src/app/initial/my-assessments/my-assessments.component.ts +++ b/CSETWebNg/src/app/initial/my-assessments/my-assessments.component.ts @@ -308,7 +308,7 @@ export class MyAssessmentsComponent implements OnInit { removeAssessment(assessment: UserAssessment, assessmentIndex: number) { // first, call the API to see if this is a legal move this.assessSvc - .isDeletePermitted(assessment.assessmentId) + .isDeletePermitted() .subscribe(canDelete => { if (!canDelete) { this.dialog.open(AlertComponent, { diff --git a/CSETWebNg/src/app/services/assessment.service.ts b/CSETWebNg/src/app/services/assessment.service.ts index afdd2de60d..0cc91e7a6b 100644 --- a/CSETWebNg/src/app/services/assessment.service.ts +++ b/CSETWebNg/src/app/services/assessment.service.ts @@ -402,9 +402,9 @@ export class AssessmentService { * Checks to see if deleting the assessment would leave it without * an ADMIN contact */ - isDeletePermitted(assessmentId: number) { + isDeletePermitted() { return this.http.post( - this.apiUrl + 'contacts/validateremoval?assessmentId=' + assessmentId, + this.apiUrl + 'contacts/validateremoval', null, headers ); From b54057b5d7b2a231348df370b4467f1dc3006250 Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Tue, 10 Dec 2024 11:58:31 -0700 Subject: [PATCH 05/12] removed unused imports --- .../CSETWeb_ApiCore/Controllers/CmuController.cs | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/CmuController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/CmuController.cs index c20a60a015..9f7f5ab7a3 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/CmuController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/CmuController.cs @@ -5,16 +5,6 @@ using CSETWebCore.Interfaces.Helpers; using CSETWebCore.Interfaces.Reports; using Microsoft.AspNetCore.Mvc; -using CSETWebCore.Helpers.ReportWidgets; -using System.Xml.Linq; -using System.Xml.XPath; -using System.Linq; -using System.Collections.Generic; -using CSETWebCore.Business.Maturity; -using CSETWebCore.Business.Reports; -using CSETWebCore.Reports.Models; -using CSETWebCore.Api.Models; -using Newtonsoft.Json; using CSETWebCore.Interfaces.Cmu; namespace CSETWebCore.Api.Controllers From 5876d3b3384c476a9026f372e0149c506072be92 Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Tue, 10 Dec 2024 11:59:10 -0700 Subject: [PATCH 06/12] Added CSETAuthroize decorator --- .../CSETWeb_ApiCore/Controllers/AssessmentImportController.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AssessmentImportController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AssessmentImportController.cs index 1d462db7dc..b2947714ff 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AssessmentImportController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/AssessmentImportController.cs @@ -14,11 +14,13 @@ using System; using System.IO; using System.Threading.Tasks; +using CSETWebCore.Business.Authorization; using ICSharpCode.SharpZipLib.Zip; namespace CSETWebCore.Api.Controllers { + [CsetAuthorize] public class AssessmentImportController : ControllerBase { private ITokenManager _tokenManager; @@ -39,7 +41,6 @@ public AssessmentImportController(ITokenManager token, CSETContext context, IImp } [HttpGet] - // [CSETAuthorize] [Route("api/assessment/legacy/import/installed")] public IActionResult LegacyImportIsInstalled() { @@ -48,7 +49,6 @@ public IActionResult LegacyImportIsInstalled() [HttpPost] - // [CSETAuthorize] [Route("api/assessment/legacy/import")] public async Task ImportLegacyAssessment() { From 1da72fea373d9525b6a985054659615571babfa4 Mon Sep 17 00:00:00 2001 From: Marcus Goectau Date: Wed, 11 Dec 2024 15:09:28 -0800 Subject: [PATCH 07/12] Use wildcard for starting hosting bundle --- setup_enterprise.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup_enterprise.ps1 b/setup_enterprise.ps1 index 6f4580cf12..a18cd26528 100644 --- a/setup_enterprise.ps1 +++ b/setup_enterprise.ps1 @@ -26,8 +26,8 @@ Install-WindowsFeature -Name Web-Server -IncludeManagementTools # Install URL Rewrite module for IIS Start-Process rewrite_amd64_en-US.msi -Wait -# Install dotnet 6 hosting bundle -Start-Process dotnet-hosting-8.0.1-win.exe -Wait +# Install dotnet hosting bundle +Start-Process -FilePath (Resolve-Path -Path "dotnet-hosting-*") -Wait # Update enviornment path to ensure sqlcmd works after installing SQL server $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine") From 493185401675aef755afed704a9da9d9188aaa93 Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Thu, 12 Dec 2024 10:24:20 -0700 Subject: [PATCH 08/12] demographic jwt security --- .../CSETWeb_ApiCore/Controllers/DemographicsController.cs | 6 ++++++ .../Controllers/DemographicsExtendedContoller.cs | 3 ++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/DemographicsController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/DemographicsController.cs index 676714f962..1c829bf845 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/DemographicsController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/DemographicsController.cs @@ -4,10 +4,13 @@ // // //////////////////////////////// + +using System; using Microsoft.AspNetCore.Mvc; using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; +using CSETWebCore.Business.Authorization; using CSETWebCore.DataLayer.Model; using CSETWebCore.Interfaces.Assessment; using CSETWebCore.Interfaces.Demographic; @@ -20,6 +23,7 @@ namespace CSETWebCore.Api.Controllers { + [CsetAuthorize] [ApiController] public class DemographicsController : ControllerBase { @@ -51,6 +55,7 @@ public DemographicsController(ITokenManager token, IAssessmentBusiness assessmen /// [HttpGet] [Route("api/demographics")] + [Obsolete("No longer in use anymore")] public IActionResult Get() { int assessmentId = _token.AssessmentForUser(); @@ -63,6 +68,7 @@ public IActionResult Get() /// [HttpPost] [Route("api/demographics")] + [Obsolete("No longer in use anymore")] public IActionResult Post([FromBody] Demographics demographics) { demographics.AssessmentId = _token.AssessmentForUser(); diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/DemographicsExtendedContoller.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/DemographicsExtendedContoller.cs index 308288fe08..bc7a516964 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/DemographicsExtendedContoller.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/DemographicsExtendedContoller.cs @@ -8,6 +8,7 @@ using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; +using CSETWebCore.Business.Authorization; using CSETWebCore.DataLayer.Model; using CSETWebCore.Interfaces.Assessment; using CSETWebCore.Interfaces.Demographic; @@ -21,7 +22,7 @@ using CSETWebCore.Business.Demographic; namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] [ApiController] public class DemographicsExtendedController : ControllerBase { From 9be666a23a9e7c8c275397e76017516dfd20de58 Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Thu, 12 Dec 2024 10:26:03 -0700 Subject: [PATCH 09/12] Added CSETAuthorize decorator --- .../CSETWeb_ApiCore/Controllers/FrameworkController.cs | 4 +++- .../CSETWeb_ApiCore/Controllers/GeneralSalController.cs | 3 ++- .../CSETWeb_Api/CSETWeb_ApiCore/Controllers/IRPController.cs | 3 ++- .../CSETWeb_ApiCore/Controllers/MaturityC2M2Controller.cs | 3 ++- .../CSETWeb_ApiCore/Controllers/MaturityCpgController.cs | 5 ++++- .../CSETWeb_ApiCore/Controllers/ModuleBuilderController.cs | 3 ++- .../CSETWeb_ApiCore/Controllers/ReportsCmmcController.cs | 3 ++- .../CSETWeb_Api/CSETWeb_ApiCore/Controllers/SalController.cs | 3 ++- .../CSETWeb_ApiCore/Controllers/StandardsController.cs | 3 ++- 9 files changed, 21 insertions(+), 9 deletions(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/FrameworkController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/FrameworkController.cs index fe74e720fc..b65db064df 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/FrameworkController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/FrameworkController.cs @@ -4,6 +4,8 @@ // // //////////////////////////////// + +using CSETWebCore.Business.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using CSETWebCore.Interfaces.Framework; @@ -11,7 +13,7 @@ using CSETWebCore.Model.Framework; namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] [ApiController] public class FrameworkController : ControllerBase { diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/GeneralSalController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/GeneralSalController.cs index 9b7e585533..79c813abf1 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/GeneralSalController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/GeneralSalController.cs @@ -15,10 +15,11 @@ using System.Data; using System.Linq; using CSETWebCore.Business; +using CSETWebCore.Business.Authorization; using CSETWebCore.Business.Sal; namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] [ApiController] public class GeneralSalController : ControllerBase { diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/IRPController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/IRPController.cs index dc38904574..eeed2d060a 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/IRPController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/IRPController.cs @@ -10,13 +10,14 @@ using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; +using CSETWebCore.Business.Authorization; using CSETWebCore.DataLayer.Model; using CSETWebCore.Interfaces.Helpers; using CSETWebCore.Interfaces.IRP; using CSETWebCore.Model.Acet; namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] [ApiController] public class IRPController : ControllerBase { diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityC2M2Controller.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityC2M2Controller.cs index 0b620b8bf6..226defe178 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityC2M2Controller.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityC2M2Controller.cs @@ -5,6 +5,7 @@ // //////////////////////////////// using CSETWebCore.Business.Aggregation; +using CSETWebCore.Business.Authorization; using CSETWebCore.Business.Maturity; using CSETWebCore.DataLayer.Model; using CSETWebCore.Interfaces.AdminTab; @@ -15,7 +16,7 @@ namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] public class MaturityC2M2Controller : ControllerBase { private readonly ITokenManager _tokenManager; diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityCpgController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityCpgController.cs index 3c914a85e5..3917bc60d0 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityCpgController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityCpgController.cs @@ -4,6 +4,8 @@ // // //////////////////////////////// + +using CSETWebCore.Business.Authorization; using Microsoft.AspNetCore.Mvc; using CSETWebCore.Business.Maturity; using CSETWebCore.DataLayer.Model; @@ -13,7 +15,8 @@ namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] + /// /// /// diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ModuleBuilderController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ModuleBuilderController.cs index 5f21535708..0a5e775fb1 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ModuleBuilderController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ModuleBuilderController.cs @@ -10,13 +10,14 @@ using System.Collections.Generic; using System.Linq; using System.Threading.Tasks; +using CSETWebCore.Business.Authorization; using CSETWebCore.Interfaces.ModuleBuilder; using CSETWebCore.Model.Document; using CSETWebCore.Model.Set; using CSETWebCore.Helpers; namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] [ApiController] public class ModuleBuilderController : ControllerBase { diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ReportsCmmcController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ReportsCmmcController.cs index c3085f9204..2396ac64a9 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ReportsCmmcController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/ReportsCmmcController.cs @@ -15,9 +15,10 @@ using System.IO; using System.Linq; using System.Text; +using CSETWebCore.Business.Authorization; namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] [ApiController] public class ReportsCmmcController : ControllerBase { diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/SalController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/SalController.cs index efdc6323dc..37bc07f5a6 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/SalController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/SalController.cs @@ -15,11 +15,12 @@ using System; using System.Linq; using System.Threading.Tasks; +using CSETWebCore.Business.Authorization; using CSETWebCore.Interfaces.Helpers; using CSETWebCore.Interfaces.Standards; namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] [ApiController] public class SalController : ControllerBase { diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/StandardsController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/StandardsController.cs index 96baa30a0a..cec972b67d 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/StandardsController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/StandardsController.cs @@ -11,9 +11,10 @@ using CSETWebCore.Interfaces.Question; using Microsoft.AspNetCore.Mvc; using System.Collections.Generic; +using CSETWebCore.Business.Authorization; namespace CSETWebCore.Api.Controllers -{ +{ [CsetAuthorize] public class StandardsController : ControllerBase { private readonly ITokenManager _tokenManager; From 01bb11441c3f232116778e559c8ff98fd93f4106 Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Thu, 12 Dec 2024 10:26:29 -0700 Subject: [PATCH 10/12] Added Obsolete decorator to methods no longer used --- .../CSETWeb_ApiCore/Controllers/GalleryEditorController.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/GalleryEditorController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/GalleryEditorController.cs index c215eac2c0..46bddf2ae4 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/GalleryEditorController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/GalleryEditorController.cs @@ -15,7 +15,7 @@ using Microsoft.EntityFrameworkCore; namespace CSETWebCore.Api.Controllers -{ +{ [Obsolete("No longer in use")] [ApiController] public class GalleryEditorController : ControllerBase { From 738ade1b48441085bf566aa0b7bea6d6c40475dc Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Thu, 12 Dec 2024 10:26:41 -0700 Subject: [PATCH 11/12] Method no longer used --- .../CSETWeb_ApiCore/Controllers/MaturityController.cs | 1 + 1 file changed, 1 insertion(+) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityController.cs index ef3d7a14e0..7c1958ae62 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/MaturityController.cs @@ -1015,6 +1015,7 @@ public IActionResult GetMvraScoring() [HttpGet] [Route("api/maturity/mvra/mvraTree")] + [Obsolete("No longer in use")] public IActionResult GetMvraTree([FromQuery] int id) { //int assessemntId = _tokenManager.AssessmentForUser(); From 67340a3ac4a179da1a5aaa0c9ffe67665a957f1c Mon Sep 17 00:00:00 2001 From: Natalie Hergesheimer Date: Thu, 12 Dec 2024 10:27:08 -0700 Subject: [PATCH 12/12] Refactored to use JWT assessmentID --- .../CSETWeb_ApiCore/Controllers/QuestionsController.cs | 10 ++++++---- .../assessment/questions/issues/issues.component.ts | 2 +- CSETWebNg/src/app/services/questions.service.ts | 6 +++--- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/QuestionsController.cs b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/QuestionsController.cs index 37f9bee95f..e9f7a78f55 100644 --- a/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/QuestionsController.cs +++ b/CSETWebApi/CSETWeb_Api/CSETWeb_ApiCore/Controllers/QuestionsController.cs @@ -150,9 +150,10 @@ public IActionResult GetComponentOverridesList() /// [HttpGet] [Route("api/GetChildAnswers")] - public IList GetChildAnswers([FromQuery] int parentId, [FromQuery] int assessId) + public IList GetChildAnswers([FromQuery] int parentId) { - return _context.Get_Children_Answers(parentId, assessId); + int assessmentId = _token.AssessmentForUser(); + return _context.Get_Children_Answers(parentId, assessmentId); } /// @@ -630,9 +631,10 @@ public IActionResult RenameDocument([FromQuery] int id, [FromQuery] string title /// The document ID [HttpPost] [Route("api/DeleteDocument")] - public IActionResult DeleteDocument([FromQuery] int id, [FromQuery] int questionId, [FromQuery] int assessId) + public IActionResult DeleteDocument([FromQuery] int id, [FromQuery] int questionId) { - _document.DeleteDocument(id, questionId, assessId); + int assessmentId = _token.AssessmentForUser(); + _document.DeleteDocument(id, questionId, assessmentId); return Ok(); } diff --git a/CSETWebNg/src/app/assessment/questions/issues/issues.component.ts b/CSETWebNg/src/app/assessment/questions/issues/issues.component.ts index c452abcf12..374cdf49a5 100644 --- a/CSETWebNg/src/app/assessment/questions/issues/issues.component.ts +++ b/CSETWebNg/src/app/assessment/questions/issues/issues.component.ts @@ -86,7 +86,7 @@ export class IssuesComponent implements OnInit { this.update(); }); - this.questionsSvc.getChildAnswers(this.questionID, this.assessmentId).subscribe( + this.questionsSvc.getChildAnswers(this.questionID).subscribe( (data: any) => { this.questionData = data; }); diff --git a/CSETWebNg/src/app/services/questions.service.ts b/CSETWebNg/src/app/services/questions.service.ts index 3c91cb8ad0..fa798e9d1c 100644 --- a/CSETWebNg/src/app/services/questions.service.ts +++ b/CSETWebNg/src/app/services/questions.service.ts @@ -117,8 +117,8 @@ export class QuestionsService { * Grab all the child question's answers for a specific parent question. * Currently set up for use in an ISE assessment. */ - getChildAnswers(parentId: number, assessId: number) { - headers.params = headers.params.set('parentId', parentId).set('assessId', assessId); + getChildAnswers(parentId: number) { + headers.params = headers.params.set('parentId', parentId); return this.http.get(this.configSvc.apiUrl + 'GetChildAnswers', headers); } @@ -202,7 +202,7 @@ export class QuestionsService { * Deletes a document. */ deleteDocument(id: number, questionId: number) { - return this.http.post(this.configSvc.apiUrl + 'deletedocument?id=' + id + "&questionId=" + questionId + "&assessId=" + localStorage.getItem('assessmentId'), headers); + return this.http.post(this.configSvc.apiUrl + 'deletedocument?id=' + id + "&questionId=" + questionId, headers); } /**