SilverLABS/littleshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
02994d45a7
littleshop/LittleShop/Data/LittleShopContext.cs
SysAdmin 622bdcf111 🔒 SECURITY: Emergency fixes and hardening 
EMERGENCY FIXES:
 DELETE MockSilverPayService.cs - removed fake payment system
 REMOVE mock service registration - no fake payments possible
 GENERATE new JWT secret - replaced hardcoded key
 FIX HttpClient disposal - proper resource management

SECURITY HARDENING:
 ADD production guards - prevent mock services in production
 CREATE environment configs - separate dev/prod settings
 ADD config validation - fail fast on misconfiguration

IMPACT:
- Mock payment system completely eliminated
- JWT authentication now uses secure keys
- Production deployment now validated on startup
- Resource leaks fixed in TeleBot currency API

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-22 05:45:49 +01:00

314 lines
11 KiB
C#
Raw Blame History

using Microsoft.EntityFrameworkCore;
using LittleShop.Models;
namespace LittleShop.Data;
public class LittleShopContext : DbContext
{
public LittleShopContext(DbContextOptions<LittleShopContext> options) : base(options)
{
}
public DbSet<User> Users { get; set; }
public DbSet<Category> Categories { get; set; }
public DbSet<Product> Products { get; set; }
public DbSet<ProductPhoto> ProductPhotos { get; set; }
public DbSet<ProductMultiBuy> ProductMultiBuys { get; set; }
public DbSet<ProductVariant> ProductVariants { get; set; }
public DbSet<BotActivity> BotActivities { get; set; }
public DbSet<Order> Orders { get; set; }
public DbSet<OrderItem> OrderItems { get; set; }
public DbSet<CryptoPayment> CryptoPayments { get; set; }
public DbSet<ShippingRate> ShippingRates { get; set; }
public DbSet<Bot> Bots { get; set; }
public DbSet<BotMetric> BotMetrics { get; set; }
public DbSet<BotSession> BotSessions { get; set; }
public DbSet<Customer> Customers { get; set; }
public DbSet<CustomerMessage> CustomerMessages { get; set; }
public DbSet<PushSubscription> PushSubscriptions { get; set; }
public DbSet<Review> Reviews { get; set; }
public DbSet<BotContact> BotContacts { get; set; }
public DbSet<SystemSetting> SystemSettings { get; set; }
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
base.OnModelCreating(modelBuilder);
// User entity
modelBuilder.Entity<User>(entity =>
{
entity.HasIndex(e => e.Username).IsUnique();
});
// Category entity
modelBuilder.Entity<Category>(entity =>
{
entity.HasMany(c => c.Products)
.WithOne(p => p.Category)
.HasForeignKey(p => p.CategoryId)
.OnDelete(DeleteBehavior.Restrict);
});
// Product entity
modelBuilder.Entity<Product>(entity =>
{
entity.HasMany(p => p.Photos)
.WithOne(pp => pp.Product)
.HasForeignKey(pp => pp.ProductId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasMany(p => p.MultiBuys)
.WithOne(pmb => pmb.Product)
.HasForeignKey(pmb => pmb.ProductId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasMany(p => p.Variants)
.WithOne(pv => pv.Product)
.HasForeignKey(pv => pv.ProductId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasMany(p => p.Activities)
.WithOne(ba => ba.Product)
.HasForeignKey(ba => ba.ProductId)
.OnDelete(DeleteBehavior.SetNull);
entity.HasMany(p => p.OrderItems)
.WithOne(oi => oi.Product)
.HasForeignKey(oi => oi.ProductId)
.OnDelete(DeleteBehavior.Restrict);
});
// ProductMultiBuy entity
modelBuilder.Entity<ProductMultiBuy>(entity =>
{
entity.HasIndex(e => new { e.ProductId, e.Quantity }).IsUnique(); // One multi-buy per quantity per product
entity.HasIndex(e => new { e.ProductId, e.SortOrder });
entity.HasIndex(e => e.IsActive);
entity.HasMany(pmb => pmb.OrderItems)
.WithOne(oi => oi.ProductMultiBuy)
.HasForeignKey(oi => oi.ProductMultiBuyId)
.OnDelete(DeleteBehavior.Restrict);
});
// ProductVariant entity
modelBuilder.Entity<ProductVariant>(entity =>
{
entity.HasIndex(e => new { e.ProductId, e.Name }).IsUnique(); // Unique variant names per product
entity.HasIndex(e => new { e.ProductId, e.SortOrder });
entity.HasIndex(e => e.IsActive);
});
// BotActivity entity
modelBuilder.Entity<BotActivity>(entity =>
{
entity.HasOne(ba => ba.Bot)
.WithMany()
.HasForeignKey(ba => ba.BotId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasOne(ba => ba.Product)
.WithMany(p => p.Activities)
.HasForeignKey(ba => ba.ProductId)
.OnDelete(DeleteBehavior.SetNull);
entity.HasOne(ba => ba.Order)
.WithMany()
.HasForeignKey(ba => ba.OrderId)
.OnDelete(DeleteBehavior.SetNull);
entity.HasIndex(e => new { e.BotId, e.Timestamp });
entity.HasIndex(e => e.SessionIdentifier);
entity.HasIndex(e => e.ActivityType);
entity.HasIndex(e => e.Timestamp);
});
// Order entity
modelBuilder.Entity<Order>(entity =>
{
entity.HasOne(o => o.Customer)
.WithMany(c => c.Orders)
.HasForeignKey(o => o.CustomerId)
.OnDelete(DeleteBehavior.Restrict)
.IsRequired(false); // Make customer optional for transition
entity.HasMany(o => o.Items)
.WithOne(oi => oi.Order)
.HasForeignKey(oi => oi.OrderId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasMany(o => o.Payments)
.WithOne(cp => cp.Order)
.HasForeignKey(cp => cp.OrderId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasIndex(e => e.CustomerId);
entity.HasIndex(e => e.IdentityReference);
entity.HasIndex(e => e.CreatedAt);
});
// OrderItem entity
modelBuilder.Entity<OrderItem>(entity =>
{
entity.HasKey(oi => oi.Id);
});
// CryptoPayment entity
modelBuilder.Entity<CryptoPayment>(entity =>
{
entity.HasIndex(e => e.BTCPayInvoiceId);
entity.HasIndex(e => e.WalletAddress);
});
// Bot entity
modelBuilder.Entity<Bot>(entity =>
{
entity.HasIndex(e => e.BotKey).IsUnique();
entity.HasIndex(e => e.Name);
entity.HasIndex(e => e.Status);
entity.HasMany(b => b.Metrics)
.WithOne(m => m.Bot)
.HasForeignKey(m => m.BotId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasMany(b => b.Sessions)
.WithOne(s => s.Bot)
.HasForeignKey(s => s.BotId)
.OnDelete(DeleteBehavior.Cascade);
});
// BotMetric entity
modelBuilder.Entity<BotMetric>(entity =>
{
entity.HasIndex(e => new { e.BotId, e.RecordedAt });
entity.HasIndex(e => e.MetricType);
});
// BotSession entity
modelBuilder.Entity<BotSession>(entity =>
{
entity.HasIndex(e => new { e.BotId, e.SessionIdentifier });
entity.HasIndex(e => e.StartedAt);
entity.HasIndex(e => e.LastActivityAt);
});
// Customer entity
modelBuilder.Entity<Customer>(entity =>
{
entity.HasIndex(e => e.TelegramUserId).IsUnique();
entity.HasIndex(e => e.TelegramUsername);
entity.HasIndex(e => e.Email);
entity.HasIndex(e => e.CreatedAt);
entity.HasIndex(e => e.LastActiveAt);
entity.HasIndex(e => e.DataRetentionDate);
entity.HasMany(c => c.Orders)
.WithOne(o => o.Customer)
.HasForeignKey(o => o.CustomerId)
.OnDelete(DeleteBehavior.Restrict);
entity.HasMany(c => c.Messages)
.WithOne(m => m.Customer)
.HasForeignKey(m => m.CustomerId)
.OnDelete(DeleteBehavior.Cascade);
});
// CustomerMessage entity
modelBuilder.Entity<CustomerMessage>(entity =>
{
entity.HasOne(m => m.Customer)
.WithMany(c => c.Messages)
.HasForeignKey(m => m.CustomerId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasOne(m => m.Order)
.WithMany()
.HasForeignKey(m => m.OrderId)
.OnDelete(DeleteBehavior.SetNull);
entity.HasOne(m => m.AdminUser)
.WithMany()
.HasForeignKey(m => m.AdminUserId)
.OnDelete(DeleteBehavior.SetNull);
entity.HasOne(m => m.ParentMessage)
.WithMany(m => m.Replies)
.HasForeignKey(m => m.ParentMessageId)
.OnDelete(DeleteBehavior.Restrict);
entity.HasIndex(e => new { e.CustomerId, e.CreatedAt });
entity.HasIndex(e => e.OrderId);
entity.HasIndex(e => e.Status);
entity.HasIndex(e => e.Direction);
entity.HasIndex(e => e.Type);
entity.HasIndex(e => e.ScheduledFor);
entity.HasIndex(e => e.ThreadId);
entity.HasIndex(e => e.ParentMessageId);
});
// PushSubscription entity
modelBuilder.Entity<PushSubscription>(entity =>
{
entity.HasOne(ps => ps.User)
.WithMany()
.HasForeignKey(ps => ps.UserId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasOne(ps => ps.Customer)
.WithMany()
.HasForeignKey(ps => ps.CustomerId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasIndex(e => e.Endpoint).IsUnique();
entity.HasIndex(e => e.UserId);
entity.HasIndex(e => e.CustomerId);
entity.HasIndex(e => e.SubscribedAt);
entity.HasIndex(e => e.IsActive);
});
// Review entity
modelBuilder.Entity<Review>(entity =>
{
entity.HasOne(r => r.Product)
.WithMany(p => p.Reviews)
.HasForeignKey(r => r.ProductId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasOne(r => r.Customer)
.WithMany()
.HasForeignKey(r => r.CustomerId)
.OnDelete(DeleteBehavior.Cascade);
entity.HasOne(r => r.Order)
.WithMany()
.HasForeignKey(r => r.OrderId)
.OnDelete(DeleteBehavior.Restrict);
entity.HasOne(r => r.ApprovedByUser)
.WithMany()
.HasForeignKey(r => r.ApprovedByUserId)
.OnDelete(DeleteBehavior.SetNull);
// Indexes for performance
entity.HasIndex(e => e.ProductId);
entity.HasIndex(e => e.CustomerId);
entity.HasIndex(e => e.OrderId);
entity.HasIndex(e => e.Rating);
entity.HasIndex(e => e.IsApproved);
entity.HasIndex(e => e.IsActive);
entity.HasIndex(e => e.CreatedAt);
// Composite indexes for common queries
entity.HasIndex(e => new { e.ProductId, e.IsApproved, e.IsActive });
entity.HasIndex(e => new { e.CustomerId, e.ProductId }).IsUnique(); // One review per customer per product
});
// SystemSetting entity
modelBuilder.Entity<SystemSetting>(entity =>
{
entity.HasKey(e => e.Key);
entity.HasIndex(e => e.Key).IsUnique();
});
}
}
Reference in New Issue View Git Blame Copy Permalink