public ActionResult AddPermission(string groupid, string email, int accessType)
{
if (email == null)
{
return(Ok(new { Data = "User not found..." }));
}
string userid = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.');
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid);
if (user != null)
{
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_WorkSpace", ""));
}
if (group == null)
{
group = QuantApp.Kernel.Group.CreateGroup(groupid, groupid);
}
group.Add(user, typeof(QuantApp.Kernel.User), (AccessType)accessType);
return(Ok(new { Data = "ok" }));
}
return(Ok(new { Data = "User not found..." }));
}
public ActionResult RemovePermission(string pid, string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(pid);
if (permissible == null)
{
permissible = QuantApp.Kernel.User.FindUserBySecret(pid);
}
if (permissible == null)
{
permissible = FileRepository.File(pid);
}
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (permissible != null)
{
group.Remove(permissible);
return(Ok(new { Data = "ok" }));
}
return(BadRequest(new { Data = "Permissible ID not found" }));
}
public ActionResult SubGroups(string groupid, bool aggregated)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid);
if (role == null)
{
return(BadRequest(new { Data = "Group not found" }));
}
List <Group> sgroups = role.SubGroups(aggregated);
List <object> jres = new List <object>();
foreach (Group group in sgroups)
{
jres.Add(new
{
ID = group.ID,
Name = group.Name,
Description = group.Description,
ParentID = group.Parent == null ? null : group.Parent.ID
});
}
return(Ok(jres));
}
public ActionResult SubGroupsApp(string groupid, bool aggregated)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid);
List <Group> sgroups = role.SubGroups(aggregated);
List <object> jres = new List <object>();
foreach (Group group in sgroups)
{
AccessType ac = group.Permission(null, user);
if (ac != AccessType.Denied)
{
jres.Add(new
{
ID = group.ID,
Name = group.Name,
Description = group.Description,
Permission = ac.ToString(),
});
}
}
return(Ok(jres));
}
public IActionResult Group(string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
return(BadRequest(new { Data = "Group not found" }));
}
AccessType ac = group.Permission(null, user);
if (ac != AccessType.Denied)
{
return(Ok(new {
ID = group.ID,
Name = group.Name,
ParentID = group.Parent == null ? null : group.Parent.ID,
Description = group.Description
}));
}
return(BadRequest(new { Data = "Group access denied" }));
}
public ActionResult SetPermission(string userid, string groupid, int accessType)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (group == null)
{
group = QuantApp.Kernel.Group.CreateGroup(groupid, groupid);
}
group.Add(user, typeof(QuantApp.Kernel.User), (AccessType)accessType);
return(Ok(new { Data = "ok" }));
}
public async Task<IActionResult> Files(string groupid)
{
string userId = this.User.QID();
if (userId == null)
return Unauthorized();
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid);
if(role == null)
return BadRequest(new { Data = "Group not found "});
List<object> jres = new List<object>();
List<IPermissible> files = role.List(user, typeof(FilePermission), false);
foreach (FilePermission file_mem in files)
{
FilePermission file = FileRepository.File(file_mem.ID);
if (file != null)
jres.Add(new {
ID = file.ID,
Name = file.Name,
Owner = file.Owner.FirstName + " " + file.Owner.LastName,
Size = file.Size,
Date = (file.Timestamp.ToString("yyyy/MM/dd")),
Type = file.Type,
Permission = (int)role.Permission(null, file_mem)
});
else
role.Remove(file_mem);
}
return Ok(jres);
}
public IActionResult Users(string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid);
if (role == null)
{
role = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (role == null)
{
role = QuantApp.Kernel.Group.CreateGroup(groupid, groupid);
}
List <IPermissible> users = role.Master.List(QuantApp.Kernel.User.CurrentUser, typeof(QuantApp.Kernel.User), false);
List <object> jres = new List <object>();
foreach (QuantApp.Kernel.User user_mem in users)
{
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(user_mem.ID);
if (quser != null)
{
var ac = role.Permission(null, user_mem);
var exp = role.Expiry(null, user_mem);
if (quser.ID != "System")
{
jres.Add(new
{
ID = quser.ID,
FirstName = quser.FirstName,
LastName = quser.LastName,
Email = quser.Email,
Permission = ac.ToString(),
Expiry = new { year = exp.Year, month = exp.Month, day = exp.Day },
MetaData = quser.MetaData,
});
}
}
else
{
role.Remove(user_mem);
}
}
return(Ok(jres));
}
public ActionResult UserData(string id, string groupid, bool aggregated)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(id);
QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid);
if (role == null)
{
return(null);
}
List <Group> sgroups = role.SubGroups(aggregated);
List <object> jres = new List <object>();
var lastLogin = UserRepository.LastUserLogin(id);
foreach (QuantApp.Kernel.Group group in sgroups)
{
if (!group.Name.StartsWith("Personal: "))
{
AccessType accessType = group.Permission(null, quser);
jres.Add(
new
{
ID = group.ID,
Name = group.Name,
Permission = accessType.ToString()
}
);
}
}
return(Ok(new {
ID = quser.ID,
Email = quser.Email,
Permission = role.Permission(null, quser).ToString(),
MetaData = quser.MetaData,
FirstName = quser.FirstName,
LastName = quser.LastName,
LastLogin = lastLogin,
Groups = jres
}));
}
public ActionResult SetPermission(string pid, string groupid, int accessType, int year = 9999, int month = 12, int day = 31)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(pid);
if (permissible == null)
{
permissible = QuantApp.Kernel.User.FindUserBySecret(pid);
}
if (permissible == null)
{
permissible = FileRepository.File(pid);
}
if (permissible == null)
{
return(BadRequest(new { Data = "Permissible ID was not found" }));
}
try
{
var testAccesss = (AccessType)accessType;
}
catch
{
return(BadRequest(new { Data = "accessType needs to be an integer between -2 and 2" }));
}
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (group == null)
{
group = QuantApp.Kernel.Group.CreateGroup(groupid, groupid);
}
group.Add(permissible, typeof(QuantApp.Kernel.User), (AccessType)accessType, new DateTime(year, month, day));
return(Ok(new { Data = "ok" }));
}
public async Task <IActionResult> UserData(string groupid, string type)
{
string userId = this.User.QID();
if (userId == null)
{
return(Unauthorized());
}
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
return(Ok(Newtonsoft.Json.JsonConvert.DeserializeObject(quser.GetData(group, type))));
}
public ActionResult AddPermission(string groupid, string email, int accessType, int year = 9999, int month = 12, int day = 31)
{
if (email == null)
{
return(BadRequest(new { Data = "User not found..." }));
}
try
{
var testAccesss = (AccessType)accessType;
}
catch
{
return(BadRequest(new { Data = "accessType needs to be an integer between -2 and 2" }));
}
string userid = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.');
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid);
if (user != null)
{
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (group == null)
{
group = QuantApp.Kernel.Group.CreateGroup(groupid, groupid);
}
group.Add(user, typeof(QuantApp.Kernel.User), (AccessType)accessType, new DateTime(year, month, day));
return(Ok(new { Data = "ok" }));
}
return(BadRequest(new { Data = "User not found..." }));
}
public ActionResult RemovePermission(string userid, string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_WorkSpace", ""));
}
group.Remove(user);
return(Ok("done"));
}
public async Task <IActionResult> SaveUserData([FromBody] SaveUserDataClass data)
{
string userId = this.User.QID();
if (userId == null)
{
return(Unauthorized());
}
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(data.UserID);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(data.GroupID);
if (group == null)
{
return(BadRequest(new { Data = "Group not found" }));
}
quser.SaveData(group, data.Type, data.ToString());
return(Ok(new { Result = "ok" }));
}
public ActionResult GetPermission(string pid, string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(pid);
if (permissible == null)
{
permissible = FileRepository.File(pid);
}
if (permissible == null)
{
return(BadRequest(new { Data = "Permissible ID not found" }));
}
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (group == null)
{
return(BadRequest(new { Data = "Group ID not found" }));
}
if (permissible != null)
{
return(Ok(new { Data = group.Permission(null, permissible) }));
}
return(Ok(new { Data = AccessType.Denied }));
}
public ActionResult GetExpiry(string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (permissible != null && group != null)
{
return(Ok(new { Data = group.Expiry(null, permissible) }));
}
return(Ok(new { Data = DateTime.MaxValue }));
}
public ActionResult GetPermission(string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.IPermissible permissible = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (permissible != null && group != null)
{
return(Ok(new { Data = group.Permission(null, permissible) }));
}
return(Ok(new { Data = AccessType.Denied }));
}
public IActionResult GroupDataApp(string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
string profile = group.GetProperty("Profile");
string url = group.Master.GetProperty("URL");
List <object> jres_apps = new List <object>();
object jres = null;
AccessType ac = group.Permission(null, user);
if (ac != AccessType.Denied)
{
jres = new
{
ID = group.ID,
Name = group.Name,
Master = group == group.Master,
Description = group.Description,
Profile = profile,
URL = url
}
}
;
return(Ok(jres));
}
public ActionResult RemovePermission(string userid, string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userid);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup(groupid);
if (group == null)
{
group = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (user != null)
{
group.Remove(user);
return(Ok(new { Data = "ok" }));
}
return(Ok(new { Data = "error" }));
}
public static List <object> GraphGroups(string access_code)
{
if (!(Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null))
{
return(null);
}
var defGroupId = Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"] != null ? Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"].ToString() : "";
var defGroup = QuantApp.Kernel.Group.FindGroup(defGroupId);
string res = "";
var result = new List <object>();
Task.Run(async() => {
using (HttpClient httpClient = new HttpClient()){
httpClient.Timeout = Timeout.InfiniteTimeSpan;
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", access_code);
var req = new HttpRequestMessage(HttpMethod.Get, "https://graph.microsoft.com/v1.0/groups");
var data = await httpClient.SendAsync(req);
res = await data.Content.ReadAsStringAsync();
var groups = JObject.Parse(res);
foreach (var group in groups["value"])
{
var id = group["id"].ToString();
var name = group["displayName"].ToString();
req = new HttpRequestMessage(HttpMethod.Get, "https://graph.microsoft.com/v1.0/groups/" + id + "/members?$select=identities,surname,givenName");
data = await httpClient.SendAsync(req);
res = await data.Content.ReadAsStringAsync();
var members = JObject.Parse(res);
var sub_result = new List <object>();
// Create Group
var qgroup = QuantApp.Kernel.Group.FindGroup(id);
if (qgroup == null)
{
qgroup = QuantApp.Kernel.Group.CreateGroup(name, id);
qgroup.Parent = defGroup;
}
foreach (var member in members["value"])
{
var email = "";
foreach (var identity in member["identities"])
{
if (identity["signInType"].ToString() == "emailAddress")
{
email = identity["issuerAssignedId"].ToString();
}
}
var firstName = member["givenName"].ToString();
var lastName = member["surname"].ToString();
sub_result.Add(new { Email = email, FirstName = firstName, LastName = lastName });
if (email != "")
{
var qid = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.');
var quser = QuantApp.Kernel.User.FindUser(qid);
if (quser == null)
{
var nuser = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure");
nuser.FirstName = firstName != null ? firstName : "No first name";
nuser.LastName = lastName != null ? lastName : "No last name";
nuser.Email = email.ToLower();
nuser.TenantName = qid;
nuser.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(System.Guid.NewGuid().ToString());
nuser.Secret = QuantApp.Engine.Code.GetMd5Hash(qid);
quser = QuantApp.Kernel.User.FindUser(qid);
QuantApp.Kernel.Group publicGroup = QuantApp.Kernel.Group.FindGroup("Public");
publicGroup.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited);
if (defGroup != null)
{
defGroup.Add(quser, typeof(QuantApp.Kernel.User), AccessType.View);
}
}
if (qgroup != null)
{
qgroup.Add(quser, typeof(QuantApp.Kernel.User), AccessType.View);
}
}
}
List <IPermissible> users = qgroup.Master.List(QuantApp.Kernel.User.CurrentUser, typeof(QuantApp.Kernel.User), false);
foreach (var u in users)
{
var qu = u as QuantApp.Kernel.User;
var emails = sub_result.Where(x => {
dynamic d = x;
return(d.Email == qu.Email);
});
var perm = qgroup.Permission(null, qu);
if (emails.Count() == 0 && perm != AccessType.Write)
{
qgroup.Remove(qu);
}
}
result.Add(new { ID = id, Name = name, Members = sub_result });
}
}
}).Wait();
return(result);
}
public async Task <ActionResult> Register([FromBody] SecureRegisterViewModel model)
{
if (ModelState.IsValid)
{
string id = "QuantAppSecure_" + model.Email.ToLower().Replace('@', '.').Replace(':', '.');
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(id);
if (quser == null)
{
var user = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure");
user.FirstName = model.FirstName;
user.LastName = model.LastName;
user.Email = model.Email.ToLower();
string profile = model.GroupID;
user.TenantName = id;
user.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(model.Password);
if (model.Secret != null)
{
if (_secrets.ContainsKey(model.Secret))
{
user.Secret = _secrets[model.Secret];
}
}
var sessionKey = System.Guid.NewGuid().ToString();
sessionKeys.TryAdd(sessionKey, user.Secret);
revSessionKeys.TryAdd(user.Secret, sessionKey);
Response.Cookies.Append("coflows", sessionKey, new CookieOptions()
{
Expires = DateTime.Now.AddHours(24)
});
var claims = new[]
{
new Claim(ClaimTypes.Email, user.Email)
};
var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(Program.jwtKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: "coflows-ce",
audience: "coflows-ce",
claims: claims,
expires: DateTime.Now.AddDays(10),
signingCredentials: creds);
quser = QuantApp.Kernel.User.FindUser(id);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public");
group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited);
QuantApp.Kernel.Group gp = Group.FindGroup(profile);
if (gp != null)
{
gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited);
}
return(Ok(new
{
User = quser.ToUserData(),
token = new JwtSecurityTokenHandler().WriteToken(token),
Secret = quser.Secret,
Session = sessionKey
}));
}
else
{
return(BadRequest(new { Value = false, ID = "Email is already in use..." }));
}
}
string messages = string.Join("<br\\> ", ModelState.Values
.SelectMany(x => x.Errors)
.Select(x => x.ErrorMessage));
return(Ok(new { Value = false, ID = messages }));
}
public static string QID(this IPrincipal user)
{
if (user == null)
{
return(null);
}
var identity = user.Identity as ClaimsIdentity;
if (identity != null)
{
var email = identity.Claims.SingleOrDefault(c => c.Type.Equals(ClaimTypes.Email, StringComparison.OrdinalIgnoreCase));
if (email == null)
{
email = identity.Claims.SingleOrDefault(c => c.Type.Equals("emails", StringComparison.OrdinalIgnoreCase));
}
if (email != null && !string.IsNullOrEmpty(email.Value))
{
AzureAD.Sync();
var id = "QuantAppSecure_" + email.Value.ToLower().Replace('@', '.').Replace(':', '.');
var quser = QuantApp.Kernel.User.FindUser(id);
if (quser == null)
{
var nuser = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure");
var firstName = identity.Claims.SingleOrDefault(c => c.Type.Equals(ClaimTypes.GivenName, StringComparison.OrdinalIgnoreCase));
var lastName = identity.Claims.SingleOrDefault(c => c.Type.Equals(ClaimTypes.Surname, StringComparison.OrdinalIgnoreCase));
nuser.FirstName = firstName != null ? firstName.Value : "No first name";
nuser.LastName = lastName != null ? lastName.Value : "No last name";
nuser.Email = email.Value.ToLower();
nuser.TenantName = id;
nuser.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(System.Guid.NewGuid().ToString());
nuser.Secret = QuantApp.Engine.Code.GetMd5Hash(id);
quser = QuantApp.Kernel.User.FindUser(id);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public");
group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited);
// QuantApp.Kernel.Group gp = GroupRepository.FindByProfile(profile);
var defGroupId = Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"] != null ? Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"].ToString() : "";
QuantApp.Kernel.Group gp = Group.FindGroup(defGroupId);
if (gp != null)
{
gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.View);
}
}
return(id);
}
else if (user.Identity.Name != null && user.Identity.Name.StartsWith("QuantAppSecure_"))
{
return(user.Identity.Name);
}
}
return(null);
}
public IActionResult UsersApp_contacts(string groupid, bool agreements)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
if (user == null)
{
return(null);
}
QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid);
if (role == null)
{
role = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_WorkSpace", ""));
}
if (role == null)
{
return(null);
}
List <IPermissible> users = role.Master.List(user, typeof(QuantApp.Kernel.User), false);
Dictionary <string, List <string> > lastLogin = UserRepository.LastUserLogins(role);
List <object> jres = new List <object>();
foreach (QuantApp.Kernel.User user_mem in users)
{
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(user_mem.ID);
if (quser != null)
{
List <object> jres_tracks = new List <object>();
var ac = role.Permission(null, user_mem);
jres.Add(new
{
ID = quser.ID,
first = quser.FirstName,
last = quser.LastName,
email = quser.Email,
group = ac.ToString(),
meta = quser.MetaData,
LastLoginDate = !lastLogin.ContainsKey(quser.ID) ? "" : lastLogin[quser.ID][0],
LastLoginIP = !lastLogin.ContainsKey(quser.ID) ? "" : lastLogin[quser.ID][1],
});
}
else
{
role.Remove(user_mem);
}
}
return(Ok(new { items = jres }));
}
public async void GitHub(string groupid, string code)
{
if (Program.config["Server"]["OAuth"] == null || Program.config["Server"]["OAuth"]["GitHub"] == null)
{
return;
}
string access_code = "";
using (HttpClient httpClient = new HttpClient()){
httpClient.Timeout = Timeout.InfiniteTimeSpan;
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var res = httpClient.PostAsync(
"https://github.com/login/oauth/access_token",
new {
client_id = Program.config["Server"]["OAuth"]["GitHub"]["ClientId"].ToString(),
client_secret = Program.config["Server"]["OAuth"]["GitHub"]["ClientSecret"].ToString(),
code = code
}.AsJson()).Result;
var data = res.Content.ReadAsStringAsync().Result;
dynamic d = JObject.Parse(data);
access_code = d.access_token;
}
string email = "";
string name = "";
//Name & Email
try
{
using (HttpClient httpClient = new HttpClient()){
httpClient.Timeout = Timeout.InfiniteTimeSpan;
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("token", access_code);
httpClient.DefaultRequestHeaders.Add("User-Agent", "CoFlows");
var res = httpClient.GetAsync("https://api.github.com/user").Result;
var data = res.Content.ReadAsStringAsync().Result;
dynamic d = JObject.Parse(data);
email = d.Email;
name = d.Name;
}
}
catch { }
if (string.IsNullOrEmpty(email))
{
//If Email fails above...
using (HttpClient httpClient = new HttpClient()){
httpClient.Timeout = Timeout.InfiniteTimeSpan;
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("token", access_code);
httpClient.DefaultRequestHeaders.Add("User-Agent", "CoFlows");
var res = httpClient.GetAsync("https://api.github.com/user/emails").Result;
var data = res.Content.ReadAsStringAsync().Result;
var d = JArray.Parse(data);
email = d[0]["email"].ToString();
}
}
string id = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.');
var quser = QuantApp.Kernel.User.FindUser(id);
if (quser == null)
{
var user = UserRepository.CreateUser(System.Guid.NewGuid().ToString(), "QuantAppSecure");
user.FirstName = "";
user.LastName = "";
user.Email = email.ToLower();
user.TenantName = id;
quser = QuantApp.Kernel.User.FindUser(id);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public");
group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited);
QuantApp.Kernel.Group gp = QuantApp.Kernel.Group.FindGroup(groupid);
if (gp != null)
{
gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited);
}
}
if (String.IsNullOrEmpty(quser.Secret))
{
var secret_key = QuantApp.Engine.Code.GetMd5Hash(quser.ID);
quser.Secret = secret_key;
}
var sessionKey = System.Guid.NewGuid().ToString();
AccountController.sessionKeys.TryAdd(sessionKey, quser.Secret);
Response.Cookies.Append("coflows", sessionKey, new CookieOptions()
{
Expires = DateTime.Now.AddHours(24)
});
var claims = new[]
{
new Claim(ClaimTypes.Email, quser.Email)
};
var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes(Program.jwtKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: "coflows-ce",
audience: "coflows-ce",
claims: claims,
expires: DateTime.Now.AddDays(10),
signingCredentials: creds);
Response.Redirect("/authentication/token/" + new JwtSecurityTokenHandler().WriteToken(token), true);
}
public async Task <ActionResult> WhoAmI()
{
var userId = User.QID();
if (userId == null)
{
userId = "anonymous";
}
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(userId);
bool loggedin = false;
string uid = "";
string username = "";
string firstname = "";
string lastname = "";
string email = "";
string groupID = "";
string groupName = "";
string groupDescription = "";
string groupPermission = "";
string masterGroupID = "";
string masterGroupName = "";
string masterGroupDescription = "";
string masterGroupPermission = "";
string metadata = "";
string secret = "";
if (quser != null && quser.ID != "anonymous")
{
List <object> groups_serialized = new List <object>();
loggedin = true;
uid = quser.ID;
username = quser.FirstName + " " + quser.LastName;
firstname = quser.FirstName;
lastname = quser.LastName;
email = quser.Email;
metadata = quser.MetaData;
secret = quser.Secret;
Response.Cookies.Append("coflows", quser.Secret, new CookieOptions()
{
Expires = DateTime.Now.AddHours(24)
});
var appCookie = Request.Cookies["QuantAppProfile"];
string profile = appCookie != null ? appCookie : null;
QuantApp.Kernel.Group group = string.IsNullOrWhiteSpace(profile) ? null : GroupRepository.FindByProfile(profile);
if (group == null)
{
var location = new Uri($"{Request.Scheme}://{Request.Host}{Request.Path}{Request.QueryString}");
group = GroupRepository.FindByURL(location.AbsoluteUri);
}
groupID = (group != null ? group.ID : "Public");
var qgroup = QuantApp.Kernel.Group.FindGroup(groupID);
groupName = qgroup.Name;
groupPermission = qgroup.Permission(null, quser).ToString();
masterGroupID = qgroup.Master.ID;
masterGroupName = qgroup.Master.Name;
masterGroupPermission = qgroup.Master.Permission(null, quser).ToString();
var groups = quser.MasterGroups();
if (groups != null)
{
foreach (var s_group in groups)
{
groups_serialized.Add(new
{
ID = s_group.ID,
Name = (s_group.Name.StartsWith("Personal:") ? "Personal" : s_group.Name),
Permission = s_group.Permission(null, quser).ToString()
});
}
}
List <string> lastLogin = UserRepository.LastUserHistory(quser.ID);
return(Ok(new
{
User = new
{
Loggedin = loggedin,
ID = uid,
Name = username,
FirstName = firstname,
LastName = lastname,
Email = email,
Administrator = QuantApp.Kernel.Group.FindGroup("Administrator").Permission(null, quser).ToString(),
MetaData = metadata,
LastLoginDate = lastLogin == null ? null : lastLogin[0],
LastLoginIP = lastLogin == null ? null : lastLogin[1],
Secret = secret
},
Group = new
{
ID = groupID,
Name = groupName,
Description = groupDescription,
Permission = groupPermission
},
MasterGroup = new
{
ID = masterGroupID,
Name = masterGroupName,
Description = masterGroupDescription,
Permission = masterGroupPermission
},
Groups = groups_serialized,
}));
}
else
{
return(Ok());
}
}
public IActionResult Users(string groupid)
{
string userId = this.User.QID();
if (userId == null)
{
return(null);
}
QuantApp.Kernel.User user = QuantApp.Kernel.User.FindUser(userId);
if (user == null)
{
return(null);
}
QuantApp.Kernel.Group role = QuantApp.Kernel.Group.FindGroup(groupid);
if (role == null)
{
role = QuantApp.Kernel.Group.FindGroup(groupid.Replace("_Workflow", ""));
}
if (role == null)
{
role = QuantApp.Kernel.Group.CreateGroup(groupid, groupid);
// return null;
}
List <IPermissible> users = role.Master.List(QuantApp.Kernel.User.CurrentUser, typeof(QuantApp.Kernel.User), false);
// Dictionary<string, List<string>> lastLogin = UserRepository.LastUserLogins(role);
List <object> jres = new List <object>();
foreach (QuantApp.Kernel.User user_mem in users)
{
QuantApp.Kernel.User quser = QuantApp.Kernel.User.FindUser(user_mem.ID);
if (quser != null)
{
List <object> jres_tracks = new List <object>();
var ac = role.Permission(null, user_mem);
jres.Add(new
{
ID = quser.ID,
FirstName = quser.FirstName,
LastName = quser.LastName,
Email = quser.Email,
Permission = ac.ToString(),
MetaData = quser.MetaData,
// LastLoginDate = !lastLogin.ContainsKey(quser.ID) ? "" : lastLogin[quser.ID][0],
// LastLoginIP = !lastLogin.ContainsKey(quser.ID) ? "" : lastLogin[quser.ID][1],
});
}
else
{
role.Remove(user_mem);
}
}
return(Ok(jres));
}
public static List <object> GraphUsers(string access_code)
{
if (!(Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null))
{
return(null);
}
var defGroupId = Program.config["Server"]["OAuth"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"] != null && Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"] != null ? Program.config["Server"]["OAuth"]["AzureAdB2C"]["DefaultGroupId"].ToString() : "";
string res = "";
Task.Run(async() => {
using (HttpClient httpClient = new HttpClient()){
httpClient.Timeout = Timeout.InfiniteTimeSpan;
// string access_code = getToken();
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", access_code);
var req = new HttpRequestMessage(HttpMethod.Get, "https://graph.microsoft.com/v1.0/users?$select=identities,surname,givenName");
var data = await httpClient.SendAsync(req);
res = await data.Content.ReadAsStringAsync();
}
}).Wait();
var users = JObject.Parse(res);
var result = new List <object>();
foreach (var user in users["value"])
{
var email = "";
foreach (var identity in user["identities"])
{
if (identity["signInType"].ToString() == "emailAddress")
{
email = identity["issuerAssignedId"].ToString();
}
}
var firstName = user["givenName"].ToString();
var lastName = user["surname"].ToString();
result.Add(new { Email = email, FirstName = firstName, LastName = lastName });
//Sync to CoFlows users.
if (email != "")
{
var qid = "QuantAppSecure_" + email.ToLower().Replace('@', '.').Replace(':', '.');
var quser = QuantApp.Kernel.User.FindUser(qid);
if (quser == null)
{
Console.WriteLine("--- CREATE NEW USER: "******"QuantAppSecure");
nuser.FirstName = firstName != null ? firstName : "No first name";
nuser.LastName = lastName != null ? lastName : "No last name";
nuser.Email = email.ToLower();
nuser.TenantName = qid;
nuser.Hash = QuantApp.Kernel.Adapters.SQL.Factories.SQLUserFactory.GetMd5Hash(System.Guid.NewGuid().ToString());
nuser.Secret = QuantApp.Engine.Code.GetMd5Hash(qid);
quser = QuantApp.Kernel.User.FindUser(qid);
QuantApp.Kernel.Group group = QuantApp.Kernel.Group.FindGroup("Public");
group.Add(quser, typeof(QuantApp.Kernel.User), AccessType.Invited);
QuantApp.Kernel.Group gp = Group.FindGroup(defGroupId);
if (gp != null)
{
gp.Add(quser, typeof(QuantApp.Kernel.User), AccessType.View);
}
}
}
}
return(result);
}
