public virtual IActionResult BceidOwnersGet() { // get business string businessGuid = UserAccountHelper.GetBusinessGuid(_httpContext, _env); HetBusiness business = _context.HetBusiness.AsNoTracking() .FirstOrDefault(x => x.BceidBusinessGuid.ToLower().Trim() == businessGuid.ToLower().Trim()); if (business == null) { return(StatusCode(StatusCodes.Status401Unauthorized)); } // check access if (!CanAccessBusiness(business.BusinessId)) { return(StatusCode(StatusCodes.Status401Unauthorized)); } // get business HetBusiness businessDetail = _context.HetBusiness.AsNoTracking() .Include(x => x.HetOwner) .ThenInclude(y => y.PrimaryContact) .Include(x => x.HetOwner) .ThenInclude(y => y.Business) .Include(x => x.HetOwner) .ThenInclude(y => y.LocalArea.ServiceArea.District) .FirstOrDefault(a => a.BusinessId == business.BusinessId); return(new ObjectResult(new HetsResponse(businessDetail))); }
/// <summary> /// Get user record using the user id from the http context /// </summary> /// <param name="context"></param> /// <param name="httpContext"></param> /// <returns></returns> public static User GetUser(DbAppContext context, HttpContext httpContext) { User user = new User(); // is this a business? bool isBusinessUser = IsBusiness(httpContext); string userId = GetUserId(httpContext); if (!isBusinessUser) { HetUser tmpUser = context.HetUser.AsNoTracking() .FirstOrDefault(x => x.SmUserId.ToLower().Equals(userId.ToLower())); if (tmpUser != null) { user.Id = tmpUser.UserId; user.SmUserId = tmpUser.SmUserId; user.GivenName = tmpUser.GivenName; user.Surname = tmpUser.Surname; user.DisplayName = tmpUser.GivenName + " " + tmpUser.Surname; user.UserGuid = tmpUser.Guid; user.BusinessUser = false; user.SmAuthorizationDirectory = tmpUser.SmAuthorizationDirectory; user.AgreementCity = tmpUser.AgreementCity; } } else { HetBusinessUser tmpUser = context.HetBusinessUser.AsNoTracking() .FirstOrDefault(x => x.BceidUserId.ToLower().Equals(userId.ToLower())); if (tmpUser != null) { // get business HetBusiness business = context.HetBusiness.AsNoTracking() .First(x => x.BusinessId == tmpUser.BusinessId); user.Id = tmpUser.BusinessUserId; user.SmUserId = tmpUser.BceidUserId; user.GivenName = tmpUser.BceidFirstName; user.Surname = tmpUser.BceidLastName; user.DisplayName = tmpUser.BceidDisplayName; user.UserGuid = tmpUser.BceidGuid; user.BusinessUser = true; user.BusinessId = tmpUser.BusinessId; user.BusinessGuid = business.BceidBusinessGuid; user.SmAuthorizationDirectory = "BCeID"; } } return(user); }
public virtual IActionResult BceidOwnerIdGet([FromRoute] int id) { // get business string businessGuid = UserAccountHelper.GetBusinessGuid(_httpContext, _env); HetBusiness business = _context.HetBusiness.AsNoTracking() .FirstOrDefault(x => x.BceidBusinessGuid.ToLower().Trim() == businessGuid.ToLower().Trim()); if (business == null) { return(StatusCode(StatusCodes.Status401Unauthorized)); } // check access if (!CanAccessOwner(business.BusinessId, id)) { return(StatusCode(StatusCodes.Status401Unauthorized)); } return(new ObjectResult(new HetsResponse(OwnerHelper.GetRecord(id, _context, _configuration)))); }
public virtual IActionResult BceidOwnerEquipmentGet([FromRoute] int id) { // get business string businessGuid = UserAccountHelper.GetBusinessGuid(_httpContext, _env); HetBusiness business = _context.HetBusiness.AsNoTracking() .FirstOrDefault(x => x.BceidBusinessGuid.ToLower().Trim() == businessGuid.ToLower().Trim()); if (business == null) { return(StatusCode(StatusCodes.Status401Unauthorized)); } // check access if (!CanAccessOwner(business.BusinessId, id)) { return(StatusCode(StatusCodes.Status401Unauthorized)); } // retrieve the data and return HetOwner owner = _context.HetOwner.AsNoTracking() .Include(x => x.HetEquipment) .ThenInclude(x => x.LocalArea.ServiceArea.District.Region) .Include(x => x.HetEquipment) .ThenInclude(x => x.DistrictEquipmentType) .Include(x => x.HetEquipment) .ThenInclude(x => x.Owner) .Include(x => x.HetEquipment) .ThenInclude(x => x.HetEquipmentAttachment) .Include(x => x.HetEquipment) .ThenInclude(x => x.HetNote) .Include(x => x.HetEquipment) .ThenInclude(x => x.HetDigitalFile) .Include(x => x.HetEquipment) .ThenInclude(x => x.HetHistory) .First(a => a.OwnerId == id); return(new ObjectResult(new HetsResponse(owner.HetEquipment))); }
public virtual IActionResult BceidBusinessGet() { string businessGuid = UserAccountHelper.GetBusinessGuid(_httpContext, _env); if (businessGuid == null) { return(new NotFoundObjectResult(new HetsResponse(""))); } HetBusiness business = _context.HetBusiness.AsNoTracking() .Include(x => x.HetOwner) .ThenInclude(y => y.PrimaryContact) .Include(x => x.HetOwner) .ThenInclude(y => y.LocalArea) .ThenInclude(z => z.ServiceArea.District) .FirstOrDefault(x => x.BceidBusinessGuid.ToLower().Trim() == businessGuid.ToLower().Trim()); if (business == null) { return(new NotFoundObjectResult(new HetsResponse(""))); } return(new ObjectResult(new HetsResponse(business))); }
private bool CanAccessBusiness(int businessId) { // validate that the current user can access this record string userId = UserAccountHelper.GetUserId(_httpContext); bool isBusiness = UserAccountHelper.IsBusiness(_httpContext); // not a business user if (string.IsNullOrEmpty(userId) || !isBusiness) { return(false); } // get business record HetBusiness business = _context.HetBusiness.AsNoTracking() .Include(x => x.HetBusinessUser) .FirstOrDefault(x => x.BusinessId == businessId); // get user HetBusinessUser user = business?.HetBusinessUser .FirstOrDefault(x => x.BceidUserId.Equals(userId, StringComparison.InvariantCultureIgnoreCase)); // no access to business or business doesn't exist return(user != null); }
public virtual IActionResult BceidValidateOwner([FromQuery] string sharedKey, [FromQuery] string postalCode) { string businessGuid = UserAccountHelper.GetBusinessGuid(_httpContext, _env); if (string.IsNullOrEmpty(sharedKey)) { // shared key not provided return(new BadRequestObjectResult(new HetsResponse("HETS-19", ErrorViewModel.GetDescription("HETS-19", _configuration)))); } if (string.IsNullOrEmpty(postalCode)) { // postal code not provided return(new BadRequestObjectResult(new HetsResponse("HETS-22", ErrorViewModel.GetDescription("HETS-22", _configuration)))); } bool exists = _context.HetBusiness.Any(a => a.BceidBusinessGuid.ToLower().Trim() == businessGuid.ToLower().Trim()); // not found if (!exists) { return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } // get business HetBusiness business = _context.HetBusiness.AsNoTracking() .First(x => x.BceidBusinessGuid.ToLower().Trim() == businessGuid.ToLower().Trim()); // find owner using shred key & postal code (exact match) HetOwner owner = _context.HetOwner .Include(a => a.Business) .FirstOrDefault(a => a.SharedKey.Equals(sharedKey) && a.PostalCode.Replace(" ", "").ToLower().Equals(postalCode.Replace(" ", "").ToLower(), StringComparison.InvariantCultureIgnoreCase)); // validate the key if (owner == null) { // shared key not found return(new BadRequestObjectResult(new HetsResponse("HETS-20", ErrorViewModel.GetDescription("HETS-20", _configuration)))); } if (owner.BusinessId != null) { // shared key already used return(new BadRequestObjectResult(new HetsResponse("HETS-21", ErrorViewModel.GetDescription("HETS-21", _configuration)))); } // update owner int ownerId = owner.OwnerId; owner.BusinessId = business.BusinessId; owner.SharedKey = null; _context.SaveChanges(); // get updated business record and return to the UI business = _context.HetBusiness.AsNoTracking() .Include(x => x.HetOwner) .ThenInclude(y => y.PrimaryContact) .Include(x => x.HetOwner) .ThenInclude(y => y.Business) .Include(x => x.HetOwner) .ThenInclude(y => y.LocalArea.ServiceArea.District) .FirstOrDefault(a => a.BusinessId == business.BusinessId); // get updated owner record (linked owner) and return to the UI too if (business != null) { business.LinkedOwner = _context.HetOwner.AsNoTracking() .FirstOrDefault(x => x.OwnerId == ownerId); } return(new ObjectResult(new HetsResponse(business))); }
public virtual IActionResult UsersCurrentGet() { _logger.LogDebug("Get Current User"); // get the current user id string businessGuid = _context.SmBusinessGuid; string userId = _context.SmUserId; _logger.LogDebug("User Id: {0}", userId); _logger.LogDebug("Business Guid: {0}", businessGuid); // not found - return an HTTP 401 error response if (string.IsNullOrEmpty(userId)) { return(StatusCode(401)); } User user = new User(); if (string.IsNullOrEmpty(businessGuid)) { HetUser currentUser = _context.HetUser .Include(x => x.District) .Include(x => x.HetUserRole) .ThenInclude(y => y.Role) .ThenInclude(z => z.HetRolePermission) .ThenInclude(z => z.Permission) .First(x => x.SmUserId == userId); // remove inactive roles for (int i = currentUser.HetUserRole.Count - 1; i >= 0; i--) { if (currentUser.HetUserRole.ElementAt(i).EffectiveDate > DateTime.UtcNow || (currentUser.HetUserRole.ElementAt(i).ExpiryDate != null && currentUser.HetUserRole.ElementAt(i).ExpiryDate < DateTime.UtcNow)) { currentUser.HetUserRole.Remove(currentUser.HetUserRole.ElementAt(i)); } } user.Id = currentUser.UserId; user.SmUserId = currentUser.SmUserId; user.GivenName = currentUser.GivenName; user.Surname = currentUser.Surname; user.DisplayName = currentUser.GivenName + " " + currentUser.Surname; user.UserGuid = currentUser.Guid; user.BusinessUser = false; user.District = currentUser.District; user.HetUserDistrict = currentUser.HetUserDistrict; user.HetUserRole = currentUser.HetUserRole; user.SmAuthorizationDirectory = currentUser.SmAuthorizationDirectory; // set environment user.Environment = "Development"; if (_env.IsProduction()) { user.Environment = "Production"; } else if (_env.IsStaging()) { user.Environment = "Test"; } else if (_env.IsEnvironment("Training")) { user.Environment = "Training"; } else if (_env.IsEnvironment("UAT")) { user.Environment = "UAT"; } } else { HetBusinessUser tmpUser = _context.HetBusinessUser.AsNoTracking() .Include(x => x.HetBusinessUserRole) .ThenInclude(y => y.Role) .ThenInclude(z => z.HetRolePermission) .ThenInclude(z => z.Permission) .FirstOrDefault(x => x.BceidUserId.Equals(userId, StringComparison.InvariantCultureIgnoreCase)); if (tmpUser != null) { // get business HetBusiness business = _context.HetBusiness.AsNoTracking() .First(x => x.BusinessId == tmpUser.BusinessId); user.Id = tmpUser.BusinessUserId; user.SmUserId = tmpUser.BceidUserId; user.GivenName = tmpUser.BceidFirstName; user.Surname = tmpUser.BceidLastName; user.DisplayName = tmpUser.BceidDisplayName; user.UserGuid = tmpUser.BceidGuid; user.BusinessUser = true; user.BusinessId = tmpUser.BusinessId; user.BusinessGuid = business.BceidBusinessGuid; user.SmAuthorizationDirectory = "BCeID"; int id = 0; foreach (HetBusinessUserRole role in tmpUser.HetBusinessUserRole) { id++; HetUserRole userRole = new HetUserRole { UserRoleId = id, UserId = role.BusinessUserId, RoleId = role.RoleId, Role = role.Role }; if (user.HetUserRole == null) { user.HetUserRole = new List <HetUserRole>(); } user.HetUserRole.Add(userRole); } } } return(new ObjectResult(new HetsResponse(user))); }
/// <summary> /// Get business user record /// </summary> /// <param name="context"></param> /// <param name="httpContext"></param> /// <param name="userId"></param> /// <param name="businessGuid"></param> /// <param name="guid"></param> /// <returns></returns> public static HetBusinessUser GetBusinessUser(DbAppContext context, HttpContext httpContext, string userId, string businessGuid, string guid = null) { // find the business HetBusiness business = context.HetBusiness.AsNoTracking() .FirstOrDefault(x => x.BceidBusinessGuid.ToLower().Trim() == businessGuid.ToLower().Trim()); // setup the business if (business == null) { business = new HetBusiness { BceidBusinessGuid = businessGuid.ToLower().Trim(), AppCreateUserDirectory = "BCeID", AppCreateUserGuid = guid, AppCreateUserid = userId, AppCreateTimestamp = DateTime.UtcNow, AppLastUpdateUserDirectory = "BCeID", AppLastUpdateUserGuid = guid, AppLastUpdateUserid = userId, AppLastUpdateTimestamp = DateTime.UtcNow }; // get additional business data string legalName = httpContext.Request.Headers[ConstSiteMinderBusinessLegalName]; string businessNumber = httpContext.Request.Headers[ConstSiteMinderBusinessNumber]; if (!string.IsNullOrEmpty(legalName)) { business.BceidLegalName = legalName; } if (!string.IsNullOrEmpty(businessNumber)) { business.BceidBusinessNumber = businessNumber; } // save record context.HetBusiness.Add(business); context.SaveChanges(); } else { // update business information string legalName = httpContext.Request.Headers[ConstSiteMinderBusinessLegalName]; string businessNumber = httpContext.Request.Headers[ConstSiteMinderBusinessNumber]; if (!string.IsNullOrEmpty(legalName)) { business.BceidLegalName = legalName; } if (!string.IsNullOrEmpty(businessNumber)) { business.BceidBusinessNumber = businessNumber; } business.AppLastUpdateUserDirectory = "BCeID"; business.AppLastUpdateUserGuid = guid; business.AppLastUpdateUserid = userId; business.AppLastUpdateTimestamp = DateTime.UtcNow; context.SaveChanges(); } // ok - now find the user HetBusinessUser user = context.HetBusinessUser .FirstOrDefault(x => x.BusinessId == business.BusinessId && x.BceidUserId == userId); if (user == null) { // auto register the user user = new HetBusinessUser { BceidUserId = userId, BceidGuid = guid, BusinessId = business.BusinessId, AppCreateUserDirectory = "BCeID", AppCreateUserGuid = guid, AppCreateUserid = userId, AppCreateTimestamp = DateTime.UtcNow, AppLastUpdateUserDirectory = "BCeID", AppLastUpdateUserGuid = guid, AppLastUpdateUserid = userId, AppLastUpdateTimestamp = DateTime.UtcNow }; // get additional user data string displayName = httpContext.Request.Headers[ConstSiteMinderUserDisplayName]; string email = httpContext.Request.Headers[ConstSiteMinderEmail]; if (!string.IsNullOrEmpty(displayName)) { user.BceidDisplayName = displayName; } if (!string.IsNullOrEmpty(email)) { user.BceidEmail = email; } // add the "Business Logon" role HetBusinessUserRole userRole = new HetBusinessUserRole { RoleId = StatusHelper.GetRoleId("Business BCeID", context), EffectiveDate = DateTime.UtcNow.AddMinutes(-10), AppCreateUserDirectory = "BCeID", AppCreateUserGuid = guid, AppCreateUserid = userId, AppCreateTimestamp = DateTime.UtcNow, AppLastUpdateUserDirectory = "BCeID", AppLastUpdateUserGuid = guid, AppLastUpdateUserid = userId, AppLastUpdateTimestamp = DateTime.UtcNow }; user.HetBusinessUserRole.Add(userRole); // save record context.HetBusinessUser.Add(user); context.SaveChanges(); } else { // update the user string displayName = httpContext.Request.Headers[ConstSiteMinderUserDisplayName]; string email = httpContext.Request.Headers[ConstSiteMinderEmail]; if (!string.IsNullOrEmpty(displayName)) { user.BceidDisplayName = displayName; } if (!string.IsNullOrEmpty(email)) { user.BceidEmail = email; } context.SaveChanges(); } // get complete user record (with roles) and return user = context.HetBusinessUser.AsNoTracking() .Where(x => x.BusinessId == business.BusinessId && x.BceidUserId == userId) .Include(u => u.HetBusinessUserRole) .ThenInclude(r => r.Role) .ThenInclude(rp => rp.HetRolePermission) .ThenInclude(p => p.Permission) .FirstOrDefault(); // detach user and return if (user != null) { context.Entry(user).State = EntityState.Detached; } return(user); }