public void LogAccessRequest(AccessRequest request, string requesterEmail)
{
_context.RunInRetryableTransaction(() =>
{
var requester = _context
.GetUsers(requesterEmail)
.Include(x => x.OrganisationUsers)
.ThenInclude(x => x.Organisation)
.Single();
var requestedIfExists = _context
.GetUsers(request.EmailAddress)
.Include(x => x.OrganisationUsers)
.ThenInclude(x => x.Organisation)
.SingleOrDefault();
var entity = _context.AccessRequests.Add(new Domain.Models.AccessRequest()
{
RequestDateUtc = DateTime.UtcNow,
Requester = requester,
RequesterEmail = requester.Email,
FirstName = request.FirstName,
LastName = request.LastName,
EmailAddress = request.EmailAddress,
Organisation = request.Organisation,
Reason = request.Reason,
Status = Domain.Models.AccessRequest.RequestStatus.Requested
});
_context.Save();
_emailService.SendAccessRequestEmailToSupport(entity.Entity, requester, requestedIfExists);
});
}
public void Invite(string email)
{
var mcUser = _context.GetUsers(email).SingleOrDefault();
if (mcUser == null)
{
throw new McUserNotFoundException();
}
var inviteEmailModel = new InviteEmailModel(mcUser);
_inviteEmailService.Send(inviteEmailModel);
if (mcUser.InviteDateUtc == null)
{
mcUser.InviteDateUtc = _clock.UtcNow;
_context.Save();
}
}
public IActionResult Index()
{
var email = this.HttpContext.User.Identity.Name;
if (string.IsNullOrWhiteSpace(email))
{
throw new InvalidOperationException($"Accept terms attempted on unauthorised user");
}
var user = context.GetUsers(email).SingleOrDefault();
if (user == null)
{
return(NotFound());
}
user.AcceptTermsDateUtc = DateTime.UtcNow;
context.Save();
return(Ok());
}
/// <inheritdoc />
public async Task <User> GetAndUpdateUserAsync(JsonUserDetails userDetails)
{
var mcUser = await _context.Users.SingleOrDefaultAsync(u => u.SignInUserId == userDetails.Subject);
if (mcUser == null)
{
// fall back to email address for users where we don't yet know their sign-in id
mcUser = await _context.GetUsers(userDetails.Email).SingleOrDefaultAsync();
if (mcUser != null)
{
// record the sign-in id and use that in future
mcUser.SignInUserId = userDetails.Subject;
}
}
if (mcUser == null)
{
throw new McUserNotFoundException();
}
UpdateMcUserFromSignIn(mcUser, userDetails);
_context.Save();
return(mcUser);
}
public void OnActionExecuting(ActionExecutingContext context)
{
var exemption = (context.ActionDescriptor as ControllerActionDescriptor).MethodInfo.CustomAttributes.FirstOrDefault(x => x.AttributeType == typeof(ExemptFromAcceptTermsAttribute));
if (exemption != null)
{
// leave out the AcceptTerms POST
return;
}
var userEmail = context.HttpContext.User.Identity.Name;
if (string.IsNullOrWhiteSpace(userEmail))
{
throw new InvalidOperationException("AcceptTermsFilter invoked without a user being authenticated");
}
var users = dbContext.GetUsers(userEmail).ToList();
if (users.Count > 1)
{
throw new InvalidOperationException($"multiple users found for {userEmail}");
}
if (users.Count == 0)
{
throw new InvalidOperationException("user not found");
}
if (users[0].AcceptTermsDateUtc == null)
{
// consent hasn't been given, return a status code in order to supress Action execution.
context.Result = new StatusCodeResult(451);
}
// otherwise consent has been given, just return to proceed to the Action
}
