Beispiel #1
0
        /// <summary>
        /// Update the specified user.
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        public async Task <Guid> UpdateUserAsync(Models.UserModel user)
        {
            var json     = user.Serialize();
            var content  = new StringContent(json, Encoding.UTF8, "application/json");
            var response = await _client.PutAsync($"{this.Options.Admin.Authority}/users/{user.Id}", content);

            return(response.HandleResponse(user.Id));
        }
Beispiel #2
0
        /// <summary>
        /// Create a new user.
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        public async Task <Models.UserModel> CreateUserAsync(Models.UserModel user)
        {
            var json     = user.Serialize();
            var content  = new StringContent(json, Encoding.UTF8, "application/json");
            var response = await _client.PostAsync($"{this.Options.Admin.Authority}/users", content);

            return(await response.HandleResponseAsync <Models.UserModel>());
        }
Beispiel #3
0
        /// <summary>
        /// Save the updated user in keycloak and database.
        /// </summary>
        /// <param name="update"></param>
        /// <param name="euser"></param>
        /// <param name="kuser"></param>
        /// <returns></returns>
        private async Task <Entity.PimsUser> SaveUserChanges(Entity.PimsUser update, Entity.PimsUser euser, KModel.UserModel kuser, bool resetRoles = false)
        {
            // Update PIMS
            euser.BusinessIdentifierValue = kuser.Username; // PIMS must use whatever username is set in keycloak.
            euser.Person.FirstName        = update.Person.FirstName;
            euser.Person.MiddleNames      = update.Person.MiddleNames;
            euser.Person.Surname          = update.Person.Surname;
            euser.Position   = update.Position;
            euser.Note       = update.Note;
            euser.IsDisabled = update.IsDisabled;
            euser.ConcurrencyControlNumber = update.ConcurrencyControlNumber;

            //TODO: currently the PIMS contact method screen does not support the concept of multiple contact methods, so for now simply overwrite any work email addresses.
            euser.Person.PimsContactMethods.RemoveAll(c => c.ContactMethodTypeCode == ContactMethodTypes.WorkEmail);
            update.Person.PimsContactMethods.ForEach(c =>
            {
                euser.Person.PimsContactMethods.Add(new PimsContactMethod(c.Person, c.Organization, c.ContactMethodTypeCode, c.ContactMethodValue));
            });

            euser = _pimsRepository.User.UpdateOnly(euser);

            // Now update keycloak
            var kmodel = _mapper.Map <KModel.UserModel>(update);

            if (resetRoles)
            {
                // Remove all keycloak groups from user.  // TODO: Only add/remove the ones that should be removed.
                var userGroups = await _keycloakService.GetUserGroupsAsync(euser.GuidIdentifierValue.Value);

                foreach (var group in userGroups)
                {
                    await _keycloakService.RemoveGroupFromUserAsync(update.GuidIdentifierValue.Value, group.Id);
                }
            }

            var roleIds = update.PimsUserRoles.Select(r => r.RoleId);

            foreach (var roleId in roleIds)
            {
                var role = _pimsRepository.Role.Find(roleId) ?? throw new KeyNotFoundException("Cannot assign a role to a user, when the role does not exist.");
                if (role.KeycloakGroupId == null)
                {
                    throw new KeyNotFoundException("PIMS has not been synced with Keycloak.");
                }
                _logger.LogInformation($"Adding keycloak group '{role.Name}' to user '{euser.BusinessIdentifierValue}'.");
                await _keycloakService.AddGroupToUserAsync(update.GuidIdentifierValue.Value, role.KeycloakGroupId.Value);
            }

            kmodel.Attributes = new Dictionary <string, string[]>
            {
                ["displayName"] = new[] { update.BusinessIdentifierValue }
            };
            _logger.LogInformation($"Updating keycloak user '{euser.BusinessIdentifierValue}'.");
            await _keycloakService.UpdateUserAsync(kmodel);

            return(_pimsRepository.User.Get(euser.Id));
        }