public IActionResult AskForInvite([FromBody] GroupInviteDto data)
{
var userId = ClaimsReader.GetUserId(Request);
var group = context.Groups.SingleOrDefault(a => a.Id == data.Id);
if (group == null)
{
return(NotFound());
}
var connection = new UserGroup
{
UserId = userId,
GroupId = group.Id,
Relation = group.IsPrivate ? GroupRelation.Requesting : GroupRelation.User
};
context.UserGroups.Add(connection);
try
{
context.SaveChanges();
return(Ok());
}
catch (Exception)
{
return(BadRequest());
}
}
public async Task InviteMemberToGroupAndPlatformAsync(Guid adminUserId, Guid?groupId, string email, CancellationToken cancellationToken)
{
if (Guid.Empty == adminUserId)
{
throw new ArgumentOutOfRangeException(nameof(adminUserId));
}
var userCanPerformAction = await _permissionsService.UserCanPerformActionAsync(adminUserId, AddMembersRole, cancellationToken);
if (!userCanPerformAction)
{
_logger.LogError($"Error: InviteMemberToGroupAndPlatformAsync - User:{0} does not have access to perform admin actions", adminUserId);
throw new SecurityException($"Error: User does not have access");
}
if (string.IsNullOrEmpty(email))
{
throw new ArgumentNullException($"Email was not provided");
}
if (email.Length > 254)
{
throw new ArgumentOutOfRangeException($"Email must be less than 254 characters");
}
MailAddress emailAddress;
try
{
emailAddress = new MailAddress(email);
}
catch (Exception)
{
throw new ArgumentOutOfRangeException($"Email is not in a valid format");
}
var userInvite = new GroupInviteDto
{
EmailAddress = emailAddress.Address.ToLowerInvariant(),
GroupId = groupId,
CreatedAtUTC = _systemClock.UtcNow.UtcDateTime,
};
var registrationLink = CreateRegistrationLink();
var personalisation = new Dictionary <string, dynamic>
{
{ "registration_link", registrationLink }
};
await _userCommand.CreateInviteUserAsync(userInvite, cancellationToken);
await _emailService.SendEmailAsync(emailAddress, _registrationEmailId, personalisation);
}
public async Task CreateInviteUserAsync(GroupInviteDto entityLike, CancellationToken cancellationToken)
{
try
{
const string query =
@"
INSERT INTO [dbo].[GroupInvite]
([EmailAddress]
,[GroupId]
,[CreatedAtUTC]
,[ExpiresAtUTC])
VALUES
(@EmailAddress
,@GroupId
,@CreatedAtUTC
,@ExpiresAtUTC)";
var queryDefinition = new CommandDefinition(query, new
{
EmailAddress = entityLike.EmailAddress,
GroupId = entityLike.GroupId,
CreatedAtUTC = entityLike.CreatedAtUTC,
ExpiresAtUTC = entityLike.ExpiresAtUTC
}, cancellationToken: cancellationToken);
using var dbConnection = await _connectionFactory.GetReadWriteConnectionAsync(cancellationToken);
var result = await dbConnection.ExecuteAsync(queryDefinition);
if (result != 1)
{
_logger.LogError("Error: CreateInviteUserAsync - User request to create was not successful.", queryDefinition);
throw new DBConcurrencyException("Error: User request was not successful.");
}
}
catch (SqlException ex)
{
_logger.LogError(ex, "Error: CreateInviteUserAsync - User request to create was not successful.");
throw new DBConcurrencyException("Error: User request was not successful.");
}
}