/// <summary>
/// We need a way to generate users on the fly.
/// </summary>
/// <param name="addRecipientRequest"></param>
/// <returns></returns>
private async Task <UserModel> GenerateUserForEDiscovery(AddRecipientRequest addRecipientRequest, string password)
{
await InitializePrivilegedConnectionAsync();
var folderIdentifier = addRecipientRequest.FolderIdentifier;
var userModel = new UserModel
{
Identifier = ModuleUtility.GetFolderScopedUserIdentifier(folderIdentifier, addRecipientRequest.RecipientEmail),
EmailAddress = addRecipientRequest.RecipientEmail,
FirstName = addRecipientRequest.FirstName,
LastName = addRecipientRequest.LastName,
};
userModel = await privilegedConnection.User.PostAsync(userModel);
await privilegedConnection.User.PasswordPutAsync(userModel.Identifier, password);
var accessIdentifiers = new[]
{
$"o:{folderIdentifier.OrganizationKey}",
$"r:eDiscovery{{{folderIdentifier.FolderKey.Replace(" ", "_")}}}", // used to actually control access
$"r:eDiscovery", // used to test whether a given user is an eDiscovery user
$"x:pcms", // disable PCMS rules
$"x:leo", // disable LEO rules
};
await privilegedConnection.User.AccessIdentifiersPutAsync(userModel.Identifier, accessIdentifiers);
return(userModel);
}
public async Task <RecipientResponse> AddRecipientAsync(AddRecipientRequest addRecipientRequest, string landingLocation, string passphrase)
{
var folder = await connection.Folder.GetAsync(addRecipientRequest.FolderIdentifier);
DateTime?expirationDate = ModuleUtility.GetLinkExpirationDate(folder, MetadataKeyConstants.E_DISCOVERY_EXPIRATION_LENGTH_SECONDS);
var password = ModuleUtility.GeneratePassword(folder, MetadataKeyConstants.E_DISCOVERY_RND_PASSWORD_LENGTH, EDiscoveryUtility.E_DISCOVERY_DEFAULT_PASSWORD_LENGTH, MetadataKeyConstants.E_DISCOVERY_RND_PASSWORD_CHARS);
// We're going to generate a user for eDicsovery. This user will have restricted priveleges.
var user = await GenerateUserForEDiscovery(addRecipientRequest, password.Plain);
string completeUrl = ModuleUtility.CreateMagicLink(addRecipientRequest, landingLocation, passphrase, folder.Identifier, expirationDate, user.Identifier);
folder.MetaEDiscoveryRecipientListUpsert(new ExternalUser()
{
Email = addRecipientRequest.RecipientEmail,
FirstName = addRecipientRequest.FirstName,
LastName = addRecipientRequest.LastName,
PasswordHash = password.Hashed,
MagicLink = completeUrl,
ExpirationDate = expirationDate.GetValueOrDefault()
});
await connection.Folder.PutAsync(folder);
await EnsureFolderSecurityConfiguration(folder.Identifier);
await this.auditLogStore.AddEntry(
new AuditLogEntry()
{
EntryType = AuditLogEntryType.eDiscoveryRecipientAdded,
Message = $"An eDiscovery User has been added. {addRecipientRequest.RecipientEmail}",
ModuleType = Modules.ModuleType.eDiscovery
},
folder.Identifier
);
// build up the response
return(new RecipientResponse()
{
Email = addRecipientRequest.RecipientEmail,
ExpirationDate = expirationDate.GetValueOrDefault(),
MagicLink = completeUrl,
Password = password.Plain,
FirstName = addRecipientRequest.FirstName,
LastName = addRecipientRequest.LastName,
});
}
public async Task <RecipientResponse> AddRecipient([FromBody] AddRecipientRequest addRecipientRequest)
{
var folder = await connection.Folder.GetAsync(addRecipientRequest.FolderIdentifier);
var recipients = folder.MetaEDiscoveryRecipientListRead();
var recipient = recipients.Where(rec => rec.Email.ToLower() == addRecipientRequest.RecipientEmail.ToLower()).FirstOrDefault();
if (recipient != null)
{
throw new RecipientAlreadyPresentException($"You can't add: {addRecipientRequest.RecipientEmail} this recipient as they are already present in the list of recipients.");
}
return(await eDiscovery.AddRecipientAsync(
addRecipientRequest,
managerConfiguration.EDiscoveryLandingLocation,
managerConfiguration.EDiscoveryLinkEncryptionKey
));
}
