Beispiel #1
0
        protected override void Handle(CreateSystemAdminRequest request, DtoResponse <SystemAccountDto> response)
        {
            var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);
            var role          = _roleRepository.GetInternalRoleKeyByName("System Admin");

            if (role != null)
            {
                if (systemAccount == null)
                {
                    var identityServiceResponse = _systemAccountIdentityServiceManager.Create(request.Username, request.Email);
                    if (identityServiceResponse.Sucess)
                    {
                        systemAccount = _systemAccountFactory.CreateSystemAdmin(request.Email, new Email(request.Email));
                        var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
                        response.DataTransferObject = systemAccountDto;
                        systemAccount.AddRole(role);
                    }
                    else
                    {
                        var result        = identityServiceResponse.ErrorMessage;
                        var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
                        response.DataTransferObject = new SystemAccountDto();
                        response.DataTransferObject.AddDataErrorInfo(dataErrorInfo);
                    }
                }
                else
                {
                    var result        = "System account already in use.";
                    var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
                    response.DataTransferObject = new SystemAccountDto();
                    response.DataTransferObject.AddDataErrorInfo(dataErrorInfo);
                }
            }
        }
Beispiel #2
0
        /// <summary>
        ///     Handles the specified request.
        /// </summary>
        /// <param name="request">The request.</param>
        /// <param name="response">The response.</param>
        protected override void Handle(CreateSystemAdminRequest request, DtoResponse <SystemAccountDto> response)
        {
            var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);
            var roleKey       = _roleRepository.GetInternalRoleKeyByName("System Admin");

            if (roleKey.HasValue)
            {
                if (systemAccount == null)
                {
                    var result = _systemAccountIdentityServiceManager.Create(request.Email);
                    if (result.Sucess)
                    {
                        var systemAccountFactory = new SystemAccountFactory();
                        systemAccount = systemAccountFactory.Create(Guid.Empty, request.Email, new Email(request.Email));
                        systemAccount.AddRole(roleKey.Value);
                        var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
                        response.DataTransferObject = systemAccountDto;
                    }
                    else
                    {
                        var dataErrorInfo = new DataErrorInfo(result.ErrorMessage, ErrorLevel.Error);
                        response.DataTransferObject = new SystemAccountDto();
                        response.DataTransferObject.AddDataErrorInfo(dataErrorInfo);
                    }
                }
                else
                {
                    var dataErrorInfo = new DataErrorInfo("System Admin already exists.", ErrorLevel.Error);
                    response.DataTransferObject = new SystemAccountDto();
                    response.DataTransferObject.AddDataErrorInfo(dataErrorInfo);
                }
            }
        }
        /// <summary>
        ///     Handles the specified request.
        /// </summary>
        /// <param name="request">The request.</param>
        /// <param name="response">The response.</param>
        protected override void Handle(CreateOrganizationAdminRequest request, CreateOrganizationAdminResponse response)
        {
            var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);
            var addRole       = false;

            if (systemAccount == null)
            {
                var result = _systemAccountIdentityServiceManager.Create(request.Email);
                if (result.Sucess)
                {
                    var systemAccountFactory = new SystemAccountFactory();
                    systemAccount = systemAccountFactory.Create(request.OrganizationKey, request.Email, new Email(request.Email));
                    var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
                    response.SystemAccountDto = systemAccountDto;
                    addRole = true;
                }
                else
                {
                    var dataErrorInfo = new DataErrorInfo(result.ErrorMessage, ErrorLevel.Error);
                    response.SystemAccountDto = new SystemAccountDto();
                    response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
                }
            }
            else
            {
                var result = _systemAccountIdentityServiceManager.ResetPassword(systemAccount.Identifier);
                if (result.Sucess)
                {
                    var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
                    response.SystemAccountDto = systemAccountDto;
                    addRole = true;
                }
                else
                {
                    var dataErrorInfo = new DataErrorInfo(result.ErrorMessage, ErrorLevel.Error);
                    response.SystemAccountDto = new SystemAccountDto();
                    response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
                }
            }
            if (addRole)
            {
                var role = _roleFactory.Create("Default Organization Admin", request.OrganizationKey);
                role.AddPermision(BasicAccessPermission.AccessUserInterfacePermission);
                role.AddPermision(OrganizationPermission.OrganizationViewPermission);
                role.AddPermision(OrganizationPermission.OrganizationEditPermission);
                role.AddPermision(StaffPermission.StaffAddRolePermission);
                role.AddPermision(StaffPermission.StaffCreateAccountPermission);
                role.AddPermision(StaffPermission.StaffEditPermission);
                role.AddPermision(StaffPermission.StaffLinkAccountPermission);
                role.AddPermision(StaffPermission.StaffRemoveRolePermission);
                role.AddPermision(StaffPermission.StaffViewPermission);
                role.AddPermision(RolePermission.RoleAddPermissionPermission);
                role.AddPermision(RolePermission.RoleEditPermission);
                role.AddPermision(RolePermission.RoleRemovePermissionPermission);
                role.AddPermision(RolePermission.RoleViewPermission);
                systemAccount.AddRole(role.Key);
            }
        }
        protected override void Handle(CreateOrganizationAdminRequest request, CreateOrganizationAdminResponse response)
        {
            var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);
            var organization  = _organizationRepository.GetByKey(request.OrganizationKey);

            if (systemAccount == null)
            {
                var identityServiceResponse = _systemAccountIdentityServiceManager.Create(request.Username, request.Email);
                if (identityServiceResponse.Sucess)
                {
                    systemAccount = _systemAccountFactory.Create(organization, request.Email, new Email(request.Email));
                    var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
                    response.SystemAccountDto = systemAccountDto;

                    var role = _roleFactory.Create(organization, "Default Organization Admin");
                    role.AddPermision(BasicAccessPermission.AccessUserInterfacePermission);
                    role.AddPermision(OrganizationPermission.OrganizationViewPermission);
                    role.AddPermision(OrganizationPermission.OrganizationEditPermission);
                    role.AddPermision(StaffPermission.StaffAddRolePermission);
                    role.AddPermision(StaffPermission.StaffCreateAccountPermission);
                    role.AddPermision(StaffPermission.StaffEditPermission);
                    role.AddPermision(StaffPermission.StaffLinkAccountPermission);
                    role.AddPermision(StaffPermission.StaffRemoveRolePermission);
                    role.AddPermision(StaffPermission.StaffViewPermission);
                    role.AddPermision(RolePermission.RoleAddPermissionPermission);
                    role.AddPermision(RolePermission.RoleEditPermission);
                    role.AddPermision(RolePermission.RoleRemovePermissionPermission);
                    role.AddPermision(RolePermission.RoleViewPermission);
                    role.AddPermision(PatientPermission.PatientEditPermission);
                    role.AddPermision(PatientPermission.PatientViewPermission);
                    role.AddPermision(AssessmentPermission.AssessmentEditPermission);
                    role.AddPermision(AssessmentPermission.AssessmentViewPermission);
                    role.AddPermision(StaffPermission.ResetPasswordPermission);
                    systemAccount.AddRole(role);
                }
                else
                {
                    var result        = identityServiceResponse.ErrorMessage;
                    var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
                    response.SystemAccountDto = new SystemAccountDto();
                    response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
                }
            }
            else
            {
                _systemAccountIdentityServiceManager.ResetPassword(systemAccount.Email.Address);
            }
        }
Beispiel #5
0
        public void ProcessRequest(HttpContext context)
        {
            // var identity = _currentClaimsPrincipalService.GetCurrentPrincipal ().Identity;
            var identity       = _currentClaimsPrincipalService.GetCurrentPrincipal().Identity as IClaimsIdentity;
            var nameIdentifier = identity.Claims.First(c => c.ClaimType == ClaimTypes.NameIdentifier).Value;

            // check this for security reason
            if (identity.IsAuthenticated)
            {
                var staffKeyString = context.Request["staffKey"];
                var staffKey       = string.IsNullOrEmpty(staffKeyString) ? 0 : long.Parse(staffKeyString);
                var account        = _accountRepository.GetByIdentifier(nameIdentifier);

                // check this for security reason
                if (account.StaffMembers.Any(x => x.Key == staffKey))
                {
                    var staff = _staffRepository.GetByKey(staffKey);
                    _signOnService.LoginAs(staff);

                    context.Response.Redirect("~/Client.aspx");
                }
            }
        }
Beispiel #6
0
        protected override void Handle(CreateOrganizationAdminRequest request, CreateOrganizationAdminResponse response)
        {
            var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);

            if (systemAccount == null)
            {
                using (var httpClient = new HttpClient {
                    BaseAddress = new Uri(request.BaseIdentityServerUri)
                })
                {
                    httpClient.SetToken("Session", request.Token);
                    var httpResponseMessage = httpClient.GetAsync("api/membership/Create/" + request.Username + "?email=" + request.Email).Result;
                    if (httpResponseMessage.StatusCode == HttpStatusCode.OK)
                    {
                        var membershipUserDto    = httpResponseMessage.Content.ReadAsAsync <MembershipUserDto>().Result;
                        var systemAccountFactory = new SystemAccountFactory();
                        systemAccount = systemAccountFactory.Create(request.OrganizationKey, membershipUserDto.NameIdentifier, new Email(membershipUserDto.Email));
                        var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
                        response.SystemAccountDto = systemAccountDto;
                    }
                    else
                    {
                        var result        = httpResponseMessage.Content.ReadAsStringAsync().Result;
                        var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
                        response.SystemAccountDto = new SystemAccountDto();
                        response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
                    }
                }
            }
            else
            {
                //Reset password....
            }
            //if (request.SystemAccountDto.CreateNew)
            //{
            //    var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
            //    if (systemAccount != null) // account existing
            //    {
            //        var dataErrorInfo = new DataErrorInfo(string.Format("Cannot create account because an account with the email {0} already exists.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
            //        response.SystemAccountDto = request.SystemAccountDto;
            //        response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
            //    }
            //    else
            //    {
            //        // 1. create member login in Identity server
            //        // 2. Create System account in domain
            //        // 3. assign system account to the new staff or patient
            //        // 4. error handling: if the login/account is taken or cannot create new login
            //        using (var httpClient = new HttpClient {BaseAddress = new Uri(request.BaseIdentityServerUri)})
            //        {
            //            httpClient.SetToken("Session", request.Token);
            //            var httpResponseMessage = httpClient.GetAsync("api/membership/Create/" + request.SystemAccountDto.Username + "?email=" + request.SystemAccountDto.Email).Result;
            //            if (httpResponseMessage.StatusCode == HttpStatusCode.OK)
            //            {
            //                var membershipUserDto = httpResponseMessage.Content.ReadAsAsync<MembershipUserDto>().Result;
            //                var systemAccountFactory = new SystemAccountFactory();
            //                systemAccount = systemAccountFactory.Create(request.OrganizationKey, membershipUserDto.NameIdentifier, new Email(membershipUserDto.Email));
            //                if (request.StaffKey != Guid.Empty)
            //                {
            //                    systemAccount.AssignToStaff(request.StaffKey);
            //                }
            //                if (request.PatientKey != Guid.Empty)
            //                {
            //                    systemAccount.AssignToPatient(request.PatientKey);

            //                    Guid? portalRoleKey;
            //                    using (var connection = _dbConnectionFactory.CreateConnection())
            //                    {
            //                        portalRoleKey = connection.Query<Guid?>("SELECT [RoleKey] FROM [SecurityModule].[Role] WHERE Name=@Name", new {Name = "Patient Portal"}).FirstOrDefault();
            //                    }
            //                    if (portalRoleKey.HasValue)
            //                    {
            //                        systemAccount.AddRole(portalRoleKey.Value);
            //                    }
            //                    else
            //                    {
            //                        Logger.Error("Cannot find Patient portal built in role.");
            //                    }
            //                }
            //                var systemAccountDto = Mapper.Map<SystemAccount, SystemAccountDto>(systemAccount);
            //                response.SystemAccountDto = systemAccountDto;
            //            }
            //            else
            //            {
            //                var result = httpResponseMessage.Content.ReadAsStringAsync().Result;
            //                var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
            //                response.SystemAccountDto = request.SystemAccountDto;
            //                response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
            //            }
            //        }
            //    }
            //}
            //else
            //{
            //    var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
            //    if (systemAccount != null) // account existing
            //    {
            //        if (systemAccount.StaffKey == null)
            //        {
            //            systemAccount.AssignToStaff(request.StaffKey);
            //            var systemAccountDto = Mapper.Map<SystemAccount, SystemAccountDto>(systemAccount);
            //            response.SystemAccountDto = systemAccountDto;
            //        }
            //        else
            //        {
            //            var dataErrorInfo = new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} has been assigned to another staff.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
            //            response.SystemAccountDto = request.SystemAccountDto;
            //            response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
            //        }
            //    }
            //    else
            //    {
            //        var dataErrorInfo = new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} does not exist.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
            //        response.SystemAccountDto = request.SystemAccountDto;
            //        response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
            //    }
            //}
        }
Beispiel #7
0
 protected override void Handle(AssignAccountRequest request, AssignAccountResponse response)
 {
     if (request.SystemAccountDto.CreateNew)
     {
         var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
         var staff         = _staffRepository.GetByKey(request.StaffKey);
         if (systemAccount != null) // account existing
         {
             var dataErrorInfo = new DataErrorInfo(string.Format("Cannot create account because an account with the email {0} already exists.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
             response.SystemAccountDto = request.SystemAccountDto;
             response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
         }
         else
         {
             // 1. create member login in Identity server
             // 2. Create System account in domain
             // 3. assign system account to the new staff
             // 4. error handling: if the login/account is taken or cannot create new login
             if (staff != null)
             {
                 var identityServerResponse = _systemAccountIdentityServiceManager.Create(request.SystemAccountDto.Username, request.SystemAccountDto.Email);
                 if (identityServerResponse.Sucess)
                 {
                     var organization = _organizationRepository.GetByKey(UserContext.OrganizationKey);
                     systemAccount = _systemAccountFactory.Create(organization,
                                                                  request.SystemAccountDto.Email,
                                                                  new Email(request.SystemAccountDto.Email));
                     systemAccount.AssignToStaff(staff);
                     var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
                     response.SystemAccountDto = systemAccountDto;
                 }
                 else
                 {
                     var result        = identityServerResponse.ErrorMessage;
                     var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
                     response.SystemAccountDto = request.SystemAccountDto;
                     response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
                 }
             }
             else
             {
                 Logger.Error(string.Format("Tried assigning invalid staff {0} to systemaccount {1}", request.StaffKey, systemAccount.Key));
                 response.SystemAccountDto.AddDataErrorInfo(new DataErrorInfo("Invalid staff key.", ErrorLevel.Error));
             }
         }
     }
     else
     {
         var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
         var staff         = _staffRepository.GetByKey(request.StaffKey);
         if (systemAccount != null) // account existing
         {
             if (systemAccount.Staff == null)
             {
                 systemAccount.AssignToStaff(staff);
                 var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
                 response.SystemAccountDto = systemAccountDto;
             }
             else
             {
                 var dataErrorInfo = new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} has been assigned to another staff.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
                 response.SystemAccountDto = request.SystemAccountDto;
                 response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
             }
         }
         else
         {
             var dataErrorInfo = new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} does not exist.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
             response.SystemAccountDto = request.SystemAccountDto;
             response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
         }
     }
 }
Beispiel #8
0
        /// <summary>
        ///     Handles the specified request.
        /// </summary>
        /// <param name="request">The request.</param>
        /// <param name="response">The response.</param>
        /// <exception cref="System.InvalidOperationException">Cannot find Patient portal built in role.</exception>
        protected override void Handle(AssignAccountRequest request, AssignAccountResponse response)
        {
            if (request.SystemAccountDto.CreateNew)
            {
                var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
                if (systemAccount != null)
                {
                    // account existing
                    var dataErrorInfo =
                        new DataErrorInfo(string.Format("Cannot create account because an account with the email {0} already exists.", request.SystemAccountDto.Identifier),
                                          ErrorLevel.Error);
                    response.SystemAccountDto = request.SystemAccountDto;
                    response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
                }
                else
                {
                    var identityServiceResponse = _systemAccountIdentityServiceManager.Create(request.SystemAccountDto.Email);
                    if (identityServiceResponse.Sucess)
                    {
                        var systemAccountFactory = new SystemAccountFactory();
                        systemAccount = systemAccountFactory.Create(request.OrganizationKey, request.SystemAccountDto.Email, new Email(request.SystemAccountDto.Email));
                        if (request.StaffKey != Guid.Empty)
                        {
                            systemAccount.AssignToStaff(request.StaffKey);
                        }
                        if (request.PatientKey != Guid.Empty)
                        {
                            systemAccount.AssignToPatient(request.PatientKey);

                            Guid?portalRoleKey;
                            using (var connection = _dbConnectionFactory.CreateConnection())
                            {
                                portalRoleKey =
                                    connection.Query <Guid?> ("SELECT [RoleKey] FROM [SecurityModule].[Role] WHERE Name=@Name", new { Name = "Patient Portal" }).FirstOrDefault();
                            }
                            if (portalRoleKey.HasValue)
                            {
                                systemAccount.AddRole(portalRoleKey.Value);
                            }
                            else
                            {
                                throw new InvalidOperationException("Cannot find Patient portal built in role.");
                            }
                        }
                        var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
                        response.SystemAccountDto = systemAccountDto;
                    }
                    else
                    {
                        var result = identityServiceResponse.ErrorMessage;
                        //// remove the message from the JSON
                        var identityError = (IdentityServerError)JsonConvert.DeserializeObject(result, typeof(IdentityServerError));
                        var dataErrorInfo = new DataErrorInfo(identityError.Message, ErrorLevel.Error);
                        response.SystemAccountDto = request.SystemAccountDto;
                        response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
                    }
                }
            }
            else
            {
                var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
                if (systemAccount != null)
                {
                    // account existing
                    if (systemAccount.StaffKey == null)
                    {
                        systemAccount.AssignToStaff(request.StaffKey);
                        var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
                        response.SystemAccountDto = systemAccountDto;
                    }
                    else
                    {
                        var dataErrorInfo =
                            new DataErrorInfo(
                                string.Format(
                                    "Cannot link account because an account with the email {0} has been assigned to another staff.",
                                    request.SystemAccountDto.Identifier),
                                ErrorLevel.Error);
                        response.SystemAccountDto = request.SystemAccountDto;
                        response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
                    }
                }
                else
                {
                    var dataErrorInfo =
                        new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} does not exist.", request.SystemAccountDto.Identifier),
                                          ErrorLevel.Error);
                    response.SystemAccountDto = request.SystemAccountDto;
                    response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
                }
            }
        }