digdir · oskogstad · Sep 3, 2024 · Sep 3, 2024
@@ -8,4 +8,5 @@ public static class Constants
     public static readonly Uri UnauthorizedUri = new("urn:dialogporten:unauthorized");
     public const string CorrespondenceScope = "digdir:dialogporten.correspondence";
     public const string ServiceOwnerAdminScope = "digdir:dialogporten.serviceprovider.admin";
+    public const string LegacyHtmlScope = "digdir:dialogporten.serviceprovider.legacyhtml";
 }
@@ -1,4 +1,7 @@
+using Digdir.Domain.Dialogporten.Application.Common.Authorization;
+using Digdir.Domain.Dialogporten.Application.Common.Extensions;
 using Digdir.Domain.Dialogporten.Application.Common.Extensions.FluentValidation;
+using Digdir.Domain.Dialogporten.Application.Externals.Presentation;
 using Digdir.Domain.Dialogporten.Application.Features.V1.Common.Localizations;
 using Digdir.Domain.Dialogporten.Domain;
 using Digdir.Domain.Dialogporten.Domain.Dialogs.Entities.Contents;
@@ -14,19 +17,19 @@ internal interface IIgnoreOnAssemblyScan;
 
 internal sealed class ContentValueDtoValidator : AbstractValidator<ContentValueDto>, IIgnoreOnAssemblyScan
 {
+    private const string LegacyHtmlMediaType = "text/html";
+
     public ContentValueDtoValidator(DialogTransmissionContentType contentType)
     {
         RuleFor(x => x.MediaType)
             .NotEmpty()
             .Must(value => value is not null && contentType.AllowedMediaTypes.Contains(value))
             .WithMessage($"{{PropertyName}} '{{PropertyValue}}' is not allowed for content type {contentType.Name}. " +
                          $"Allowed media types are {string.Join(", ", contentType.AllowedMediaTypes.Select(x => $"'{x}'"))}");
-        RuleForEach(x => x.Value)
-            .ContainsValidHtml()
-            .When(x => x.MediaType is not null and MediaTypes.Html);
+
         RuleForEach(x => x.Value)
             .ContainsValidMarkdown()
-            .When(x => x.MediaType is not null and MediaTypes.Markdown);
+            .When(x => x.MediaType is MediaTypes.Markdown);
         RuleForEach(x => x.Value)
             .Must(x => Uri.TryCreate(x.Value, UriKind.Absolute, out var uri) && uri.Scheme == Uri.UriSchemeHttps)
             .When(x => x.MediaType is not null && x.MediaType.StartsWith(MediaTypes.EmbeddablePrefix, StringComparison.InvariantCultureIgnoreCase))
@@ -36,19 +39,20 @@ public ContentValueDtoValidator(DialogTransmissionContentType contentType)
             .SetValidator(_ => new LocalizationDtosValidator(contentType.MaxLength));
     }
 
-    public ContentValueDtoValidator(DialogContentType contentType)
+    public ContentValueDtoValidator(DialogContentType contentType, IUser? user = null)
     {
+        var allowedMediaTypes = GetAllowedMediaTypes(contentType, user);
         RuleFor(x => x.MediaType)
             .NotEmpty()
-            .Must(value => value is not null && contentType.AllowedMediaTypes.Contains(value))
+            .Must(value => value is not null && allowedMediaTypes.Contains(value))
             .WithMessage($"{{PropertyName}} '{{PropertyValue}}' is not allowed for content type {contentType.Name}. " +
-                         $"Allowed media types are {string.Join(", ", contentType.AllowedMediaTypes.Select(x => $"'{x}'"))}");
+                         $"Allowed media types are {string.Join(", ", allowedMediaTypes.Select(x => $"'{x}'"))}");
         RuleForEach(x => x.Value)
             .ContainsValidHtml()
-            .When(x => x.MediaType is not null and MediaTypes.Html);
+            .When(x => x.MediaType.Equals(LegacyHtmlMediaType, StringComparison.OrdinalIgnoreCase));
         RuleForEach(x => x.Value)
             .ContainsValidMarkdown()
-            .When(x => x.MediaType is not null and MediaTypes.Markdown);
+            .When(x => x.MediaType is MediaTypes.Markdown);
         RuleForEach(x => x.Value)
             .Must(x => Uri.TryCreate(x.Value, UriKind.Absolute, out var uri) && uri.Scheme == Uri.UriSchemeHttps)
             .When(x => x.MediaType is not null && x.MediaType.StartsWith(MediaTypes.EmbeddablePrefix, StringComparison.InvariantCultureIgnoreCase))
@@ -57,4 +61,18 @@ public ContentValueDtoValidator(DialogContentType contentType)
             .NotEmpty()
             .SetValidator(_ => new LocalizationDtosValidator(contentType.MaxLength));
     }
+
+    private static string[] GetAllowedMediaTypes(DialogContentType contentType, IUser? user)
+    {
+        if (user == null)
+        {
+            return contentType.AllowedMediaTypes;
+        }
+
+        var allowHtmlSupport = user.GetPrincipal().HasScope(Constants.LegacyHtmlScope);
+
+        return allowHtmlSupport
+            ? contentType.AllowedMediaTypes.Append(LegacyHtmlMediaType).ToArray()
+            : contentType.AllowedMediaTypes;
+    }
 }
@@ -1,7 +1,7 @@
 using System.Reflection;
 using Digdir.Domain.Dialogporten.Application.Common.Extensions.Enumerables;
 using Digdir.Domain.Dialogporten.Application.Common.Extensions.FluentValidation;
-using Digdir.Domain.Dialogporten.Application.Features.V1.Common;
+using Digdir.Domain.Dialogporten.Application.Externals.Presentation;
 using Digdir.Domain.Dialogporten.Application.Features.V1.Common.Content;
 using Digdir.Domain.Dialogporten.Application.Features.V1.Common.Localizations;
 using Digdir.Domain.Dialogporten.Domain.Actors;
@@ -168,7 +168,7 @@ internal sealed class CreateDialogContentDtoValidator : AbstractValidator<Create
         })
         .ToDictionary(x => x.Property.Name, StringComparer.InvariantCultureIgnoreCase);
 
-    public CreateDialogContentDtoValidator()
+    public CreateDialogContentDtoValidator(IUser? user)
     {
         foreach (var (propertyName, propMetadata) in SourcePropertyMetaDataByName)
         {
@@ -179,12 +179,12 @@ public CreateDialogContentDtoValidator()
                         .NotNull()
                         .WithMessage($"{propertyName} must not be empty.")
                         .SetValidator(new ContentValueDtoValidator(
-                            DialogContentType.Parse(propertyName))!);
+                            DialogContentType.Parse(propertyName), user)!);
                     break;
                 case NullabilityState.Nullable:
                     RuleFor(x => propMetadata.Property.GetValue(x) as ContentValueDto)
                         .SetValidator(new ContentValueDtoValidator(
-                            DialogContentType.Parse(propertyName))!)
+                            DialogContentType.Parse(propertyName), user)!)
                         .When(x => propMetadata.Property.GetValue(x) is not null);
                     break;
                 case NullabilityState.Unknown:

@@ -1,6 +1,7 @@
 using System.Reflection;
 using Digdir.Domain.Dialogporten.Application.Common.Extensions.Enumerables;
 using Digdir.Domain.Dialogporten.Application.Common.Extensions.FluentValidation;
+using Digdir.Domain.Dialogporten.Application.Externals.Presentation;
 using Digdir.Domain.Dialogporten.Application.Features.V1.Common;
 using Digdir.Domain.Dialogporten.Application.Features.V1.Common.Content;
 using Digdir.Domain.Dialogporten.Application.Features.V1.Common.Localizations;
@@ -222,7 +223,7 @@ internal sealed class UpdateDialogContentDtoValidator : AbstractValidator<Update
             })
             .ToDictionary(x => x.Property.Name, StringComparer.InvariantCultureIgnoreCase);
 
-    public UpdateDialogContentDtoValidator()
+    public UpdateDialogContentDtoValidator(IUser? user)
     {
         foreach (var (propertyName, propMetadata) in SourcePropertyMetaDataByName)
         {
@@ -233,12 +234,12 @@ public UpdateDialogContentDtoValidator()
                         .NotNull()
                         .WithMessage($"{propertyName} must not be empty.")
                         .SetValidator(
-                            new ContentValueDtoValidator(DialogContentType.Parse(propertyName))!);
+                            new ContentValueDtoValidator(DialogContentType.Parse(propertyName), user)!);
                     break;
                 case NullabilityState.Nullable:
                     RuleFor(x => propMetadata.Property.GetValue(x) as ContentValueDto)
                         .SetValidator(
-                            new ContentValueDtoValidator(DialogContentType.Parse(propertyName))!)
+                            new ContentValueDtoValidator(DialogContentType.Parse(propertyName), user)!)
                         .When(x => propMetadata.Property.GetValue(x) is not null);
                     break;
                 case NullabilityState.Unknown:

@@ -51,7 +51,7 @@ public enum Values
             Required = false,
             MaxLength = 1023,
             OutputInList = false,
-            AllowedMediaTypes = [MediaTypes.Html, MediaTypes.PlainText, MediaTypes.Markdown]
+            AllowedMediaTypes = [MediaTypes.PlainText, MediaTypes.Markdown]
         },
         Values.ExtendedStatus => new(id)
         {

@@ -7,5 +7,4 @@ public static class MediaTypes
 
     public const string Markdown = "text/markdown";
     public const string PlainText = "text/plain";
-    public const string Html = "text/html";
 }