/// <summary>
/// Initializes a new instance of the <see cref="GenericDocNetRepo{TObject}"/> class.
/// </summary>
/// <param name="entities"></param>
/// <param name="lazyLoadingEnabled">
/// Lazy Load
/// </param>
public GenericDocNetRepo(WutNuContext entities, bool lazyLoadingEnabled = false)
{
Context = entities;
Context.Configuration.LazyLoadingEnabled = lazyLoadingEnabled;
Context.Configuration.ProxyCreationEnabled = false;
}
public static string UniqueShortUrl(WutNuContext models)
{
string short_url = RandomCharacters();
//todo: this is a little dangerous recursion but how many times can the random number really duplicate? #buyLotto
return((IsUnique(short_url, models)) ? short_url : UniqueShortUrl(models));
}
private static User GetUser(ClaimsIdentity ident, string loginString, WutNuContext wutContext)
{
var oid = ident.Claims.SingleOrDefault(c => c.Type == CustomClaimTypes.ObjectIdentifier).Value;
var user = wutContext.Users.SingleOrDefault(u => u.UserOID == oid);
if (user == null)
{
user = new User
{
UserOID = oid,
PrimaryEmail = loginString,
ApiKey = SiteUtils.GenApiKey()
};
user = wutContext.Users.Add(user);
//update any existing user assignments with the new userid
var assignments = wutContext.UserAssignments.Where(u => u.UserEmail == user.PrimaryEmail && u.UserId == null);
assignments.ForEach(a =>
{
a.UserId = user.UserId;
});
wutContext.SaveChanges();
}
return(user);
}
public static void DeleteUrl(WutLinkPoco oUrl, WutNuContext models)
{
var item = models.WutLinks.Single(u => u.ShortUrl == oUrl.ShortUrl);
models.WutLinks.Remove(item);
models.SaveChanges();
}
public static WutLink AddUrlToDatabase(WutLink oUrl, WutNuContext models)
{
oUrl.ShortUrl = UniqueShortUrl(models);
models.WutLinks.Add(oUrl);
models.SaveChanges();
return(oUrl);
}
private static string AddErrorLogItem(Exception ex, HttpContextBase htxBase, WutNuContext entities)
{
//todo: we don't have OWIN context available here...???
var eid = Logging.WriteDebugInfoToErrorLog("WebAPI Error", ex, entities, htxBase);
htxBase.Items.Add("ErrorID", eid);
return(eid);
}
public ErrorMgrDb(WutNuContext entities, HttpContextBase ctx)
{
if (entities == null)
{
_isNewContext = true;
entities = new WutNuContext();
}
_entities = entities;
_ctx = ctx;
}
public ErrorMgr(WutNuContext entities, HttpContextBase ctx)
{
_mgr = new ErrorMgrDb(entities, ctx);
/*
* switch (destination)
* {
* case ErrorDest.Sql:
* _mgr = new ErrorMgrDb(entities, ctx);
* break;
* }
*/
}
protected BaseApiController(WutCache cache, WutNuContext models)
{
WebContextBase = new HttpContextWrapper(HttpContext.Current);
Wutcontext = models;
Wutcache = cache;
var uid = WebContextBase.User.Identity;
if (uid.IsAuthenticated)
{
UserId = uid.GetClaim <int>(CustomClaimTypes.UserId);
OwnerOID = uid.GetClaim(CustomClaimTypes.ObjectIdentifier);
UserEmail = uid.GetClaim(ClaimTypes.Email);
}
}
///// <summary>
///// Log an exception in the Error table. Includes all details from the WebAPI ActionContext filter.
///// </summary>
///// <param name="message"></param>
///// <param name="actionContext"></param>
///// <param name="ctx"></param>
///// <returns>ErrorID (string)</returns>
//public static string WriteDebugInfoToErrorLog(string message, HttpActionExecutedContext actionContext, HttpContextBase ctx)
//{
// return WriteDebugInfoToErrorLog(message, actionContext.Exception, ctx, ctx.GetOwinContext().Get<WutNuContext>("WutNuContext"));
//}
/// <summary>
/// Log an exception in the Error table. Includes exception details and user environment.
/// Optionally include user comments.
/// </summary>
/// <param name="message"></param>
/// <param name="ex"></param>
/// <param name="ctx"></param>
/// <param name="entities"></param>
/// <param name="userComment"></param>
/// <returns>ErrorID (string)</returns>
public static string WriteDebugInfoToErrorLog(string message, Exception ex, WutNuContext entities, HttpContextBase ctx, string userComment = "")
{
using (IErrorMgr emgr = new ErrorMgr.ErrorMgr(entities, ctx))
{
var res = emgr.InsertError(ex, message, userComment);
//if (AlertsEnabled)
//{
// MailSender.SendMessage(AlertRecipients, "Wutnu Application Log Error", FormatAlertMessage(message, (ex == null) ? "Unknown" : ex.Source));
//}
return(res.DbErrorId);
}
}
public static WutLinkPoco UpdateUrl(WutLinkPoco oUrl, WutNuContext models, int UserId)
{
try
{
var item = models.WutLinks.Include("UserAssignments").Single(u => u.ShortUrl == oUrl.ShortUrl);
if (item.UserId != UserId)
{
throw new UnauthorizedAccessException("You attempted to save a URL that is owned by someone else.");
}
item.Comments = oUrl.Comments;
item.IsProtected = oUrl.IsProtected;
item.RealUrl = oUrl.RealUrl;
item.ShortUrl = oUrl.ShortUrl;
var hasEmails = (oUrl.UserEmails.Trim().Length > 0);
if (item.UserAssignments.Any())
{
//remove existing user assignments
models.UserAssignments.RemoveRange(item.UserAssignments);
}
if (hasEmails)
{
var emails = oUrl.UserEmails.Split(',');
foreach (var email in emails)
{
//var assignedUser = models.Users.SingleOrDefault(u => u.PrimaryEmail == email);
//assignmentId = (assignedUser != null) ? assignedUser.UserId : (int?)null;
models.UserAssignments.Add(new UserAssignment
{
UserEmail = email.Trim(),
WutLinkId = item.WutLinkId,
UserId = null
});
}
}
models.SaveChanges();
return(oUrl);
}
catch (Exception ex)
{
throw new Exception("Error saving Url", ex);
}
}
private static User GetUser(ClaimsIdentity ident, string loginString, WutNuContext wutContext)
{
//have to check source to get an object ID: AAD is using OID, B2C is using nameidentifier
string oid = null;
var issuer = ident.Claims.First().Issuer;
if (issuer.IndexOf("b2clogin.com") > -1)
{
oid = ident.GetClaim(ClaimTypes.NameIdentifier);
if (!ident.HasClaim(CustomClaimTypes.ObjectIdentifier))
{
ident.AddClaim(new Claim(CustomClaimTypes.ObjectIdentifier, oid));
}
}
else
{
oid = ident.GetClaim(CustomClaimTypes.ObjectIdentifier);
}
var user = wutContext.Users.SingleOrDefault(u => u.UserOID == oid);
if (user == null)
{
user = new User
{
UserOID = oid,
PrimaryEmail = loginString,
ApiKey = SiteUtils.GenApiKey()
};
user = wutContext.Users.Add(user);
//update any existing user assignments with the new userid
var assignments = wutContext.UserAssignments.Where(u => u.UserEmail == user.PrimaryEmail && u.UserId == null);
assignments.ForEach(a =>
{
a.UserId = user.UserId;
});
}
user.iss = ident.GetClaim("iss");
user.idp = ident.GetClaim(CustomClaimTypes.IdentityProvider);
wutContext.SaveChanges();
return(user);
}
/// <summary>
/// Initializes a new instance of the <see cref="BaseBusinessLayer"/> class.
/// </summary>
/// <param name="httpContext">The HTTP context.</param>
public BaseBusinessLayer(HttpContextBase httpContext, WutNuContext context)
{
io = context;
htxBase = httpContext;
//io.Configuration.ProxyCreationEnabled = false;
//io.Configuration.AutoDetectChangesEnabled = false;
io.Configuration.LazyLoadingEnabled = true;
//Wutcache = httpContext.GetOwinContext().Get<WutCache>("WutCache");
var ident = httpContext.User.Identity;
if (ident.IsAuthenticated)
{
UserIO = ident.GetClaim(CustomClaimTypes.ObjectIdentifier);
}
}
public static WutLinkPoco RetrieveUrlFromDatabase(string internalUrl, WutNuContext models, int?userId = null, string authEmail = null)
{
//todo: need to ensure that this search is case-sensitive - check code page on SQL DB
var item = models.WutLinks.Include("UserAssignments").SingleOrDefault(u => u.ShortUrl == internalUrl);
if (item == null)
{
return(null);
}
UserAssignment user = null;
if (item.IsProtected)
{
user = item.UserAssignments.SingleOrDefault(u => u.UserEmail == authEmail);
if (user == null)
{
//user is authenticated but not authorized for this file
return(null);
}
//feels like I should do this somewhere else but this will work for now
//(refreshing the UserAssignments table with UserID - assigner only had email)
if (userId != null)
{
//user is authenticated but not authorized for this file
user.UserId = userId;
models.SaveChanges();
}
}
var res = WutLinkPoco.GetPocoFromObject(item);
if (user != null)
{
res.UserAuthenticated = true;
}
return(res);
}
protected BaseController(WutCache cache, WutNuContext models)
{
try
{
Wutcontext = models;
Wutcache = cache;
var uid = System.Web.HttpContext.Current.User.Identity;
if (uid.IsAuthenticated)
{
UserId = uid.GetClaim <int>(CustomClaimTypes.UserId);
OwnerOID = uid.GetClaim(CustomClaimTypes.ObjectIdentifier);
UserEmail = uid.GetClaim(ClaimTypes.Email);
}
}
catch (System.Exception ex)
{
Logging.WriteDebugInfoToErrorLog(ex.Message, ex);
throw;
}
}
public ListController(WutCache cache, WutNuContext models)
: base(cache, models)
{
}
public ReportsController(WutCache cache, WutNuContext models)
: base(cache, models)
{
}
public FileController(WutCache cache, WutNuContext models)
: base(cache, models)
{
containerName = OwnerOID;
}
public UpdateErrorController(WutCache cache, WutNuContext models)
: base(cache, models)
{
}
public ErrorLogController(WutCache cache, WutNuContext models)
: base(cache, models)
{
}
public ReportController(WutCache cache, WutNuContext context)
: base(cache, context)
{
_repo = new ReportRepo(context);
}
public HealthcheckController(WutCache cache, WutNuContext models)
{
_context = models;
_cache = cache;
}
private static ClaimsIdentity InitAuth(ClaimsIdentity ident, HttpContextBase hctx, WutNuContext wutContext)
{
try
{
//this claim seems to be returned for local logins
var authClassRef = ident.Claims.SingleOrDefault(c => c.Type == "http://schemas.microsoft.com/claims/authnclassreference");
//ClaimsPrincipal.Current.FindFirst(Startup.AcrClaimType)
//this claim was returned after a password reset of a local login
var tfp = ident.Claims.SingleOrDefault(c => c.Type == "tfp");
Claim claimEmail;
Claim claimName;
string loginString;
var identProvider = ident.Claims.FirstOrDefault(c => c.Type == CustomClaimTypes.IdentityProvider);
if (identProvider == null)
{
//local sign-in - TODO: validate that the claim type is unique for local logins... :/
claimEmail = ident.Claims.FirstOrDefault(c => c.Type == "emails");
if (claimEmail != null)
{
ident.AddClaim(new Claim(CustomClaimTypes.IdentityProvider, "local"));
}
else
{
claimEmail = ident.Claims.FirstOrDefault(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name");
if (claimEmail == null)
{
Logging.WriteDebugInfoToErrorLog("Error during InitAuth.", new Exception("Unable to determine email claim from account."), wutContext, hctx);
return(null);
}
ident.AddClaim(new Claim(CustomClaimTypes.IdentityProvider, "B2EMultiTenant"));
}
loginString = claimEmail.Value;
}
else
{
claimEmail = ident.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Email);
claimName = ident.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Name);
loginString = (claimEmail != null) ? claimEmail.Value : (claimName != null) ? claimName.Value : null;
}
var user = GetUser(ident, loginString, wutContext);
ident = TransformClaims(ident, user);
return(ident);
}
catch (Exception ex)
{
Debug.Assert(hctx.Session != null, "hctx.Session != null");
hctx.Session["AuthError"] = "There was an error authenticating. Please contact the system administrator.";
Logging.WriteDebugInfoToErrorLog("Error during InitAuth.", ex, wutContext, hctx);
throw;
}
}
public ErrorItemBL(HttpContextBase httpContext, WutNuContext io, bool disposeEntity = true)
: base(httpContext, io)
{
_repo = new ErrorItemsRepo(io);
}
/// <summary>
/// Initializes a new instance of the <see cref="ErrorItemsRepo" /> class.
/// </summary>
/// <param name="context">The context.</param>
public ErrorItemsRepo(WutNuContext context)
: base(context)
{
_context = context;
}
public ProfileController(WutCache cache, WutNuContext models)
: base(cache, models)
{
_repo = new UserRepo(models);
}
private static bool IsUnique(string url, WutNuContext models)
{
var count = models.WutLinks.Count(u => u.ShortUrl == url);
return(count == 0);
}
public ErrorLogController(WutCache cache, WutNuContext models)
: base(cache, models)
{
_err = new ErrorItemBL(WebContextBase, Wutcontext);
}
public ReportRepo(WutNuContext context)
{
_context = context;
}
public ProfileController(WutCache cache, WutNuContext models)
: base(cache, models)
{
}
