spouliot
54defc158f
All typed repository methods that previously relied solely on global query filters now require an explicit companyId parameter, providing defense-in- depth so IgnoreQueryFilters calls cannot leak cross-tenant data. - IBillRepository/BillRepository: GetForIndexAsync, LoadForViewAsync, LoadForEditAsync, GetLastBillNumberAsync, GetLastPaymentNumberAsync, GetForDateRangeAsync all scoped to companyId - IJobRepository/JobRepository: LoadForDetailsAsync, LoadForEditAsync, LoadForStatusChangeAsync, GetChangeHistoryAsync, LoadForTemplateSnapshotAsync, GetReworkJobCountAsync - IQuoteRepository/QuoteRepository: LoadForDetailsAsync, GetChangeHistoryAsync, GetItemsWithCoatsAsync - IInvoiceRepository/InvoiceRepository: LoadForViewAsync - ICustomerRepository/CustomerRepository: LoadForDetailsAsync - INotificationLogRepository/NotificationLogRepository: all 6 FK methods - BillsController: ITenantContext injected, all call sites updated - AccountingExportController, InvoicesController, JobsController, JobTemplatesController, QuotesController: call sites updated Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
112 lines
4.3 KiB
C#
112 lines
4.3 KiB
C#
using Microsoft.EntityFrameworkCore;
|
|
using PowderCoating.Core.Entities;
|
|
using PowderCoating.Core.Interfaces.Repositories;
|
|
using PowderCoating.Infrastructure.Data;
|
|
|
|
namespace PowderCoating.Infrastructure.Repositories;
|
|
|
|
/// <summary>
|
|
/// Typed repository for <see cref="Quote"/> that provides domain-specific queries previously
|
|
/// scattered as inline EF expressions across <c>QuotesController</c> and
|
|
/// <c>QuoteApprovalController</c>.
|
|
/// </summary>
|
|
public class QuoteRepository : Repository<Quote>, IQuoteRepository
|
|
{
|
|
public QuoteRepository(ApplicationDbContext context) : base(context) { }
|
|
|
|
/// <inheritdoc/>
|
|
public async Task<Quote?> LoadForDetailsAsync(int id, int companyId)
|
|
{
|
|
var quote = await _context.Quotes
|
|
.Where(q => q.Id == id && q.CompanyId == companyId && !q.IsDeleted)
|
|
.Include(q => q.Customer)
|
|
.Include(q => q.PreparedBy)
|
|
.Include(q => q.QuoteStatus)
|
|
.Include(q => q.OvenCost)
|
|
.Include(q => q.QuotePrepServices.Where(qps => !qps.IsDeleted))
|
|
.ThenInclude(qps => qps.PrepService)
|
|
.FirstOrDefaultAsync();
|
|
|
|
if (quote == null) return null;
|
|
|
|
// QuoteItems with nested coats and prep services loaded separately to avoid
|
|
// cartesian explosion from multiple collection includes in a single query.
|
|
quote.QuoteItems = await _context.QuoteItems
|
|
.Where(qi => qi.QuoteId == id && qi.CompanyId == companyId && !qi.IsDeleted)
|
|
.Include(qi => qi.Coats)
|
|
.ThenInclude(c => c.InventoryItem)
|
|
.Include(qi => qi.Coats)
|
|
.ThenInclude(c => c.Vendor)
|
|
.Include(qi => qi.CatalogItem)
|
|
.Include(qi => qi.PrepServices)
|
|
.ThenInclude(ps => ps.PrepService)
|
|
.ToListAsync();
|
|
|
|
return quote;
|
|
}
|
|
|
|
/// <inheritdoc/>
|
|
public async Task<Quote?> GetByApprovalTokenAsync(string token)
|
|
{
|
|
// IgnoreQueryFilters: approval portal is unauthenticated — no tenant context on the request.
|
|
return await _context.Quotes
|
|
.IgnoreQueryFilters()
|
|
.Include(q => q.Customer)
|
|
.Include(q => q.QuoteStatus)
|
|
.Include(q => q.QuoteItems.Where(qi => !qi.IsDeleted))
|
|
.FirstOrDefaultAsync(q => q.ApprovalToken == token && !q.IsDeleted);
|
|
}
|
|
|
|
/// <inheritdoc/>
|
|
public async Task<List<QuoteChangeHistory>> GetChangeHistoryAsync(int quoteId, int companyId)
|
|
{
|
|
return await _context.QuoteChangeHistories
|
|
.Where(h => h.QuoteId == quoteId && h.CompanyId == companyId && !h.IsDeleted)
|
|
.Include(h => h.ChangedBy)
|
|
.OrderByDescending(h => h.ChangedAt)
|
|
.AsNoTracking()
|
|
.ToListAsync();
|
|
}
|
|
|
|
/// <inheritdoc/>
|
|
public async Task<QuoteIndexStats> GetIndexStatsAsync(List<int> openStatusIds, List<int> approvedConvertedStatusIds)
|
|
{
|
|
var stats = await _context.Quotes
|
|
.Where(q => !q.IsDeleted)
|
|
.Select(q => new { q.QuoteStatusId, q.Total })
|
|
.ToListAsync();
|
|
|
|
return new QuoteIndexStats(
|
|
OpenCount: stats.Count(q => openStatusIds.Contains(q.QuoteStatusId)),
|
|
ApprovedConvertedCount: stats.Count(q => approvedConvertedStatusIds.Contains(q.QuoteStatusId)),
|
|
TotalValue: stats.Sum(q => q.Total));
|
|
}
|
|
|
|
/// <inheritdoc/>
|
|
public async Task<List<QuoteItem>> GetItemsWithCoatsAsync(int quoteId, int companyId)
|
|
{
|
|
return await _context.QuoteItems
|
|
.Where(qi => qi.QuoteId == quoteId && qi.CompanyId == companyId && !qi.IsDeleted)
|
|
.Include(qi => qi.Coats)
|
|
.ThenInclude(c => c.InventoryItem)
|
|
.Include(qi => qi.Coats)
|
|
.ThenInclude(c => c.Vendor)
|
|
.Include(qi => qi.CatalogItem)
|
|
.Include(qi => qi.PrepServices)
|
|
.ThenInclude(ps => ps.PrepService)
|
|
.AsNoTracking()
|
|
.ToListAsync();
|
|
}
|
|
|
|
/// <inheritdoc/>
|
|
public async Task<string?> GetLastQuoteNumberByPrefixAsync(int companyId, string prefix)
|
|
{
|
|
return await _context.Quotes
|
|
.IgnoreQueryFilters()
|
|
.Where(q => q.CompanyId == companyId && q.QuoteNumber.StartsWith(prefix))
|
|
.OrderByDescending(q => q.QuoteNumber)
|
|
.Select(q => q.QuoteNumber)
|
|
.FirstOrDefaultAsync();
|
|
}
|
|
}
|