public IHttpActionResult GetMenu()
{
var start = DateTime.Now;
int userid;
IEnumerable <string> headerId;
if (!Request.Headers.TryGetValues("id", out headerId))
{
return(BadRequest());
}
if (!Int32.TryParse(headerId.FirstOrDefault(), out userid))
{
return(BadRequest());
}
var user = _context.CustomUsers.Include(x => x.People).FirstOrDefault(cu => cu.Id == userid);
if (user == null)
{
return(Unauthorized());
}
var uexist = DateTime.Now;
var rls = activeDirectory.getUserRols(user).Select(x => x.Id);
var ugetrols = DateTime.Now;
var br = activeDirectory.getUserBranches(user);
var ugetbr = DateTime.Now;
List <Access> access;
// activeDirectory.AddUserToGroup("*****@*****.**", "Personas.Segmentos.Cochabamba");
//if admin return all
if (activeDirectory.memberOf(user, "Personas.Admin"))
{
access = _context.Accesses
.Include(a => a.Resource.Module)
.Include(a => a.Resource).ToList();
}
// else search all the user access
else
{
access = _context.RolshaAccesses.Include(a => a.Access)
.Include(a => a.Rol)
.Include(a => a.Access.Resource.Module)
.Include(a => a.Access.Resource).ToList()
.Where(r => rls.Contains(r.Rolid)).Select(a => a.Access).ToList();
}
List <dynamic> res = new List <dynamic>();
var listModules = access.Select(a => a.Resource.Module).Distinct().OrderBy(x => x.Id);
var listResources = access.Select(a => a.Resource).Distinct().OrderBy(x => x.Id);
foreach (var module in listModules)
{
List <dynamic> children = new List <dynamic>();
foreach (var child in listResources.Where(c => c.ModuleId == module.Id))
{
var listmethods = access.Where(a => a.ResourceId == child.Id).Select(a => a.Method).Distinct();
dynamic c = new JObject();
c.name = child.Name;
c.path = child.Path;
c.methods = JArray.FromObject(listmethods.ToArray());
children.Add(c);
}
dynamic r = new JObject();
r.name = module.Name;
r.icon = module.Icon;
r.collapsed = true;
r.children = JArray.FromObject(children.ToArray());
res.Add(r);
}
var caljson = DateTime.Now;
var t1 = uexist - start;
var t2 = ugetrols - uexist;
var t3 = ugetbr - ugetrols;
var t4 = caljson - ugetbr;
return(Ok(res));
}
public IHttpActionResult GetToken([FromBody] JObject credentials)
{
if (credentials["username"] == null || credentials["password"] == null)
{
return(BadRequest());
}
string username = credentials["username"].ToString().ToUpper();
string password = credentials["password"].ToString();
string system = credentials["system"].ToString();
CustomUser user = _context.CustomUsers.FirstOrDefault(u => u.UserPrincipalName == username);
if (!activeDirectory.ActiveDirectoryAuthenticate(username, password))
{
return(Unauthorized());
}
if (system == "COMPRAS")
{
if (activeDirectory.memberOf(user, "addon.procesoscompras"))
{
user.Token = validator.getToken(user);
user.TokenCreatedAt = DateTime.Now;
user.RefreshToken = validator.getRefreshToken(user);
user.RefreshTokenCreatedAt = DateTime.Now;
_context.SaveChanges();
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK);
response.Headers.Add("Id", user.Id.ToString());
response.Headers.Add("Token", user.Token);
response.Headers.Add("RefreshToken", user.RefreshToken);
response.Headers.Add("name", user.UserPrincipalName);
dynamic respose = new JObject();
respose.Id = user.Id;
respose.Token = user.Token;
respose.RefreshToken = user.RefreshToken;
respose.name = user.UserPrincipalName;
respose.ExpiresIn = validateauth.tokenLife;
respose.RefreshExpiresIn = validateauth.refeshtokenLife;
return(Ok(respose));
}
else
{
return(Unauthorized());
}
}
else
{
if (system == "VLIR")
{
if (activeDirectory.memberOf(user, "addon.vlir"))
{
user.Token = validator.getToken(user);
user.TokenCreatedAt = DateTime.Now;
user.RefreshToken = validator.getRefreshToken(user);
user.RefreshTokenCreatedAt = DateTime.Now;
_context.SaveChanges();
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK);
response.Headers.Add("Id", user.Id.ToString());
response.Headers.Add("Token", user.Token);
response.Headers.Add("RefreshToken", user.RefreshToken);
response.Headers.Add("name", user.UserPrincipalName);
dynamic respose = new JObject();
respose.Id = user.Id;
respose.Token = user.Token;
respose.RefreshToken = user.RefreshToken;
respose.name = user.UserPrincipalName;
respose.ExpiresIn = validateauth.tokenLife;
respose.RefreshExpiresIn = validateauth.refeshtokenLife;
return(Ok(respose));
}
else
{
return(Unauthorized());
}
}
else
{
if (system == "PRESUPUESTO")
{
if (activeDirectory.memberOf(user, "addon.presup"))
{
user.Token = validator.getToken(user);
user.TokenCreatedAt = DateTime.Now;
user.RefreshToken = validator.getRefreshToken(user);
user.RefreshTokenCreatedAt = DateTime.Now;
_context.SaveChanges();
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK);
response.Headers.Add("Id", user.Id.ToString());
response.Headers.Add("Token", user.Token);
response.Headers.Add("RefreshToken", user.RefreshToken);
response.Headers.Add("name", user.UserPrincipalName);
dynamic respose = new JObject();
respose.Id = user.Id;
respose.Token = user.Token;
respose.RefreshToken = user.RefreshToken;
respose.name = user.UserPrincipalName;
respose.ExpiresIn = validateauth.tokenLife;
respose.RefreshExpiresIn = validateauth.refeshtokenLife;
return(Ok(respose));
}
else
{
return(Unauthorized());
}
}
}
}
return(Unauthorized());
}
