Merge pull request #701 from VocaDB/feat/598-web-core-add-controllers

Copy `Controllers` from VocaDbWeb to VocaDbWeb.Core

Author: ycanardeau

VocaDbModel/Domain/Globalization/RegionCollection.cs

@@ -8,6 +8,7 @@ namespace VocaDb.Model.Domain.Globalization
 {
 	public class RegionCollection
 	{
+		// FIXME
 		public static readonly string[] RegionCodes = CultureInfo.GetCultures(CultureTypes.SpecificCultures)
 			.Select(culture => new RegionInfo(culture.Name).TwoLetterISORegionName)
 			.OrderBy(c => c)

VocaDbWeb.Core/Code/ErrorLogger.cs

@@ -0,0 +1,61 @@
+#nullable disable
+
+using System;
+using System.Net;
+using AngleSharp.Io;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Http.Extensions;
+using NLog;
+
+namespace VocaDb.Web.Code
+{
+	public static class ErrorLogger
+	{
+		public const int Code_BadRequest = (int)HttpStatusCode.BadRequest;
+		public const int Code_Forbidden = (int)HttpStatusCode.Forbidden;
+		public const int Code_NotFound = (int)HttpStatusCode.NotFound;
+		public const int Code_InternalServerError = (int)HttpStatusCode.InternalServerError;
+
+		private static readonly Logger s_log = LogManager.GetCurrentClassLogger();
+
+		/// <summary>
+		/// Logs HTTP error code sent to a client.
+		/// This method is mostly for client errors (status code 4xx).
+		/// 
+		/// Client info and error summary will be logged.
+		/// Full exceptions should be logged separately using <see cref="LogException"/>.
+		/// </summary>
+		/// <param name="request">HTTP request. Cannot be null.</param>
+		/// <param name="code">HTTP response code.</param>
+		/// <param name="msg">Optional simple message, usually exception message.</param>
+		/// <param name="level">Logging level, optional.</param>
+		public static void LogHttpError(HttpRequest request, int code, string msg = null, LogLevel level = null)
+		{
+			if (string.IsNullOrEmpty(msg))
+				s_log.Log(level ?? LogLevel.Warn, RequestInfo($"HTTP error code {code} for", request));
+			else
+				s_log.Log(level ?? LogLevel.Warn, RequestInfo($"HTTP error code {code} ({msg}) for", request));
+		}
+
+		public static void LogException(HttpRequest request, Exception ex, LogLevel level = null)
+		{
+			s_log.Log(level ?? LogLevel.Error, ex, RequestInfo("Exception for", request));
+		}
+
+		public static void LogMessage(HttpRequest request, string msg, LogLevel level = null)
+		{
+			s_log.Log(level ?? LogLevel.Error, RequestInfo(msg + " for", request));
+		}
+
+		public static string RequestInfo(string msg, HttpRequest request)
+		{
+			var userHostAddress = request.HttpContext.Connection.RemoteIpAddress;
+			var userHostName = request.GetTypedHeaders().Host;
+			var httpMethod = request.Method;
+			var pathAndQuery = request.GetEncodedPathAndQuery();
+			var userAgent = request.Headers[HeaderNames.UserAgent];
+			var urlReferrer = request.GetTypedHeaders().Referer;
+			return $"{msg} '{userHostAddress}' [{userHostName}], URL {httpMethod} '{pathAndQuery}', UA '{userAgent}', referrer '{urlReferrer}'";
+		}
+	}
+}

VocaDbWeb.Core/Code/IdNotNumberConstraint.cs

@@ -0,0 +1,14 @@
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Routing;
+
+namespace VocaDb.Web.Code
+{
+	public class IdNotNumberConstraint : IRouteConstraint
+	{
+		public bool Match(HttpContext? httpContext, IRouter? route, string routeKey, RouteValueDictionary values, RouteDirection routeDirection)
+		{
+			var val = values[routeKey]?.ToString();
+			return !int.TryParse(val, out _);
+		}
+	}
+}

VocaDbWeb.Core/Code/JsonModelBinder.cs

@@ -0,0 +1,48 @@
+using System;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Mvc.ModelBinding;
+using Newtonsoft.Json;
+using NLog;
+
+namespace VocaDb.Web.Code
+{
+	public class JsonModelBinder : IModelBinder
+	{
+		private static readonly ILogger s_log = LogManager.GetCurrentClassLogger();
+
+		// Code from: https://docs.microsoft.com/en-us/aspnet/core/mvc/advanced/custom-model-binding?view=aspnetcore-5.0
+		public Task BindModelAsync(ModelBindingContext bindingContext)
+		{
+			if (bindingContext == null)
+				throw new ArgumentNullException(nameof(bindingContext));
+
+			var modelName = bindingContext.ModelName;
+
+			var valueProviderResult = bindingContext.ValueProvider.GetValue(modelName);
+			if (valueProviderResult == ValueProviderResult.None)
+				return Task.CompletedTask;
+
+			bindingContext.ModelState.SetModelValue(modelName, valueProviderResult);
+
+			var value = valueProviderResult.FirstValue;
+			if (string.IsNullOrEmpty(value))
+				return Task.CompletedTask;
+
+			object obj;
+
+			try
+			{
+				obj = JsonConvert.DeserializeObject(value, bindingContext.ModelMetadata.ModelType, new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore });
+			}
+			catch (JsonReaderException x)
+			{
+				s_log.Error(x, "Unable to process JSON, content is " + value);
+				throw;
+			}
+
+			bindingContext.Result = ModelBindingResult.Success(obj);
+
+			return Task.CompletedTask;
+		}
+	}
+}

VocaDbWeb.Core/Code/Web/AspNetCoreHttpPostedFile.cs

@@ -0,0 +1,22 @@
+using System.IO;
+using Microsoft.AspNetCore.Http;
+using VocaDb.Model.Domain.Web;
+
+namespace VocaDb.Web
+{
+	public class AspNetCoreHttpPostedFile : IHttpPostedFile
+	{
+		public AspNetCoreHttpPostedFile(IFormFile file)
+		{
+			_file = file;
+		}
+
+		private readonly IFormFile _file;
+
+		public string ContentType => _file.ContentType;
+
+		public string FileName => _file.FileName;
+
+		public void SaveAs(string path) => _file.CopyTo(new FileStream(path, FileMode.Create));
+	}
+}

VocaDbWeb.Core/Code/WebApi/AuthenticatedCorsApiAttribute.cs

@@ -0,0 +1,57 @@
+using System;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Cors.Infrastructure;
+using Microsoft.AspNetCore.Http;
+using VocaDb.Model.Utils;
+
+namespace VocaDb.Web.Code.WebApi
+{
+	// Code from: https://github.com/aspnet/AspNetWebStack/blob/ba26cfbfbf958d548e4c0a96e853250f13450dc6/src/System.Web.Mvc/HttpVerbs.cs
+	[Flags]
+	public enum HttpVerbs
+	{
+		Get = 1 << 0,
+		Post = 1 << 1,
+		Put = 1 << 2,
+		Delete = 1 << 3,
+		Head = 1 << 4,
+		Patch = 1 << 5,
+		Options = 1 << 6,
+	}
+
+	/// <summary>
+	/// CORS policy for APIs that require authentication. Origins are restricted.
+	/// </summary>
+	[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, AllowMultiple = false)]
+	public class AuthenticatedCorsApiAttribute : Attribute, ICorsPolicyProvider
+	{
+		private readonly CorsPolicy _policy;
+
+		public AuthenticatedCorsApiAttribute(HttpVerbs verbs)
+		{
+			_policy = new CorsPolicy
+			{
+				SupportsCredentials = true
+			};
+
+			// Verbs are case sensitive
+			if (verbs.HasFlag(HttpVerbs.Get))
+				_policy.Methods.Add("GET");
+			if (verbs.HasFlag(HttpVerbs.Post))
+				_policy.Methods.Add("POST");
+			if (verbs.HasFlag(HttpVerbs.Put))
+				_policy.Methods.Add("PUT");
+			if (verbs.HasFlag(HttpVerbs.Options))
+				_policy.Methods.Add("OPTIONS");
+
+			var origins = AppConfig.AllowedCorsOrigins;
+			if (!string.IsNullOrEmpty(origins))
+			{
+				if (origins != "*")
+					Array.ForEach(origins.Split(','), _policy.Origins.Add);
+			}
+		}
+
+		public Task<CorsPolicy> GetPolicyAsync(HttpContext context, string policyName) => Task.FromResult(_policy);
+	}
+}

VocaDbWeb.Core/Code/WebApi/RequireSslAttribute.cs

@@ -0,0 +1,29 @@
+using System;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Http.Extensions;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace VocaDb.Web.Code.WebApi
+{
+	[Obsolete]
+	[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, AllowMultiple = false)]
+	public class RequireSslAttribute : ActionFilterAttribute
+	{
+		// Code from: https://stackoverflow.com/questions/31617345/what-is-the-asp-net-core-mvc-equivalent-to-request-requesturi/40721652#40721652
+		private static bool IsSSL(HttpRequest request) => request is not null && new Uri(request.GetDisplayUrl()) is Uri requestUri && requestUri.Scheme == Uri.UriSchemeHttps;
+
+		public override void OnActionExecuting(ActionExecutingContext context)
+		{
+#if DEBUG
+			return;
+#endif
+
+			if (!IsSSL(context.HttpContext.Request))
+			{
+				// 403.4 - SSL required.
+				context.Result = new ForbidResult("This API requires SSL");
+			}
+		}
+	}
+}

VocaDbWeb.Core/Code/WebApi/RestrictBannedIPAttribute.cs

@@ -0,0 +1,31 @@
+using System;
+using Microsoft.AspNetCore.Http.Extensions;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.Extensions.DependencyInjection;
+using NLog;
+using VocaDb.Model.Service.Security;
+using VocaDb.Web.Helpers;
+
+namespace VocaDb.Web.Code.WebApi
+{
+	public class RestrictBannedIPAttribute : ActionFilterAttribute
+	{
+		private static readonly Logger s_log = LogManager.GetCurrentClassLogger();
+
+		public override void OnActionExecuting(ActionExecutingContext context)
+		{
+			var ipRules = context.HttpContext.RequestServices.GetRequiredService<IPRuleManager>();
+
+			var host = WebHelper.GetRealHost(context.HttpContext.Request);
+
+			if (!ipRules.IsAllowed(host))
+			{
+				// Code from: https://stackoverflow.com/questions/31617345/what-is-the-asp-net-core-mvc-equivalent-to-request-requesturi/40721652#40721652
+				s_log.Warn($"Restricting banned host '{host}' for '{new Uri(context.HttpContext.Request.GetDisplayUrl())}'.");
+
+				context.Result = new ForbidResult();
+			}
+		}
+	}
+}

VocaDbWeb.Core/Code/WebApi/VoidAndTaskTo204NoContentFilter.cs

@@ -0,0 +1,32 @@
+// Code from: https://stackoverflow.com/questions/50325969/how-do-i-make-an-asp-net-core-void-task-action-method-return-204-no-content/60563876#60563876
+
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc.Controllers;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace VocaDb.Web.Code.WebApi
+{
+	/// <summary>
+	/// A filter that transforms http status code 200 OK to 204 No Content for controller actions that return nothing,
+	/// i.e. <see cref="System.Void"/> or <see cref="Task"/>.
+	/// </summary>
+	internal class VoidAndTaskTo204NoContentFilter : IResultFilter
+	{
+		/// <inheritdoc/>
+		public void OnResultExecuting(ResultExecutingContext context)
+		{
+			if (context.ActionDescriptor is ControllerActionDescriptor actionDescriptor)
+			{
+				var returnType = actionDescriptor.MethodInfo.ReturnType;
+				if (returnType == typeof(void) || returnType == typeof(Task))
+					context.HttpContext.Response.StatusCode = StatusCodes.Status204NoContent;
+			}
+		}
+
+		/// <inheritdoc/>
+		public void OnResultExecuted(ResultExecutedContext context)
+		{
+		}
+	}
+}

VocaDbWeb.Core/Controllers/ActivityEntryController.cs

@@ -0,0 +1,45 @@
+#nullable disable
+
+using System;
+using Microsoft.AspNetCore.Mvc;
+using VocaDb.Model.Service;
+
+namespace VocaDb.Web.Controllers
+{
+	public class ActivityEntryController : ControllerBase
+	{
+		private new const int EntriesPerPage = 50;
+
+		private readonly ActivityFeedService _service;
+
+		private ActivityFeedService Service => _service;
+
+		public ActivityEntryController(ActivityFeedService service)
+		{
+			_service = service;
+		}
+
+		public ActionResult FollowedArtistActivity()
+		{
+			var result = Service.GetFollowedArtistActivity(EntriesPerPage);
+			return View(result.Items);
+		}
+
+		//
+		// GET: /ActivityEntry/
+
+		public ActionResult Index(DateTime? before)
+		{
+			ViewBag.Before = before;
+
+			return View("Index");
+		}
+	}
+
+	public class DetailedPageResult
+	{
+		public DateTime? LastEntryDate { get; set; }
+
+		public string ViewHtml { get; set; }
+	}
+}