public RegisterAuditMessage(User user)
 {
     AffectedEntity = new Entity
     {
         Type = UserTypeName,
         Id   = user.Id
     };
     Category          = "CREATED";
     Description       = $"User registered with email address {user.Email}";
     ChangedProperties = new List <PropertyUpdate>
     {
         PropertyUpdate.FromString(nameof(user.FirstName), user.FirstName),
         PropertyUpdate.FromString(nameof(user.LastName), user.LastName),
         PropertyUpdate.FromString(nameof(user.Email), user.Email),
         PropertyUpdate.FromString(nameof(user.Password), PasswordAuditValue),
         PropertyUpdate.FromString(nameof(user.Salt), SaltAuditValue),
         PropertyUpdate.FromString(nameof(user.PasswordProfileId), user.PasswordProfileId),
         PropertyUpdate.FromBool(nameof(user.IsActive), user.IsActive)
     };
     for (var i = 0; i < user.SecurityCodes.Length; i++)
     {
         var code = user.SecurityCodes[i];
         ChangedProperties.Add(PropertyUpdate.FromString($"{nameof(user.SecurityCodes)}[{i}].{nameof(code.Code)}", code.Code));
         ChangedProperties.Add(PropertyUpdate.FromString($"{nameof(user.SecurityCodes)}[{i}].{nameof(code.CodeType)}", code.CodeType.ToString()));
         ChangedProperties.Add(PropertyUpdate.FromDateTime($"{nameof(user.SecurityCodes)}[{i}].{nameof(code.ExpiryTime)}", code.ExpiryTime));
     }
 }
 private async Task AddAuditEntry(AddPayeToAccountCommand message, long accountId)
 {
     await _mediator.SendAsync(new CreateAuditCommand
     {
         EasAuditMessage = new EasAuditMessage
         {
             Category          = "CREATED",
             Description       = $"Paye scheme {message.Empref} added to account {accountId}",
             ChangedProperties = new List <PropertyUpdate>
             {
                 PropertyUpdate.FromString("Ref", message.Empref),
                 PropertyUpdate.FromString("AccessToken", message.AccessToken),
                 PropertyUpdate.FromString("RefreshToken", message.RefreshToken),
                 PropertyUpdate.FromString("Name", message.EmprefName),
                 PropertyUpdate.FromString("Aorn", message.Aorn)
             },
             RelatedEntities = new List <Entity> {
                 new Entity {
                     Id = accountId.ToString(), Type = "Account"
                 }
             },
             AffectedEntity = new Entity {
                 Type = "Paye", Id = message.Empref
             }
         }
     });
 }
        private async Task CreateAuditEntries(CreateUserAccountCommand message, CreateUserAccountResult returnValue, string hashedAccountId, User user)
        {
            //Account
            await _mediator.SendAsync(new CreateAuditCommand
            {
                EasAuditMessage = new EasAuditMessage
                {
                    Category          = "CREATED",
                    Description       = $"Account {message.OrganisationName} created with id {returnValue.AccountId}",
                    ChangedProperties = new List <PropertyUpdate>
                    {
                        PropertyUpdate.FromLong("AccountId", returnValue.AccountId),
                        PropertyUpdate.FromString("HashedId", hashedAccountId),
                        PropertyUpdate.FromString("Name", message.OrganisationName),
                        PropertyUpdate.FromDateTime("CreatedDate", DateTime.UtcNow),
                    },
                    AffectedEntity = new Entity {
                        Type = "Account", Id = returnValue.AccountId.ToString()
                    },
                    RelatedEntities = new List <Entity>()
                }
            });

            //Membership Account
            await _mediator.SendAsync(new CreateAuditCommand
            {
                EasAuditMessage = new EasAuditMessage
                {
                    Category          = "CREATED",
                    Description       = $"User {message.ExternalUserId} added to account {returnValue.AccountId} as owner",
                    ChangedProperties = new List <PropertyUpdate>
                    {
                        PropertyUpdate.FromLong("AccountId", returnValue.AccountId),
                        PropertyUpdate.FromString("UserId", message.ExternalUserId),
                        PropertyUpdate.FromString("Role", Role.Owner.ToString()),
                        PropertyUpdate.FromDateTime("CreatedDate", DateTime.UtcNow)
                    },
                    RelatedEntities = new List <Entity>
                    {
                        new Entity {
                            Id = returnValue.AccountId.ToString(), Type = "Account"
                        },
                        new Entity {
                            Id = user.Id.ToString(), Type = "User"
                        }
                    },
                    AffectedEntity = new Entity {
                        Type = "Membership", Id = message.ExternalUserId
                    }
                }
            });
        }
 public MessageQueueDeleteAuditMessage(IEnumerable <string> ids)
 {
     AffectedEntity = new Entity
     {
         Type = "QueueMessages",
         Id   = Guid.NewGuid().ToString()
     };
     Category          = "DELETE_QUEUE_MESSAGES";
     Description       = $"Delete queue messages";
     ChangedProperties = new List <PropertyUpdate>
     {
         PropertyUpdate.FromString("ids", JsonConvert.SerializeObject(ids))
     };
 }
Example #5
0
 public MessageQueueReplayAuditMessage(QueueMessage message)
 {
     AffectedEntity = new Entity
     {
         Type = "QueueMessage",
         Id   = message.Id
     };
     Category          = "REPLAY_QUEUE_MESSAGE";
     Description       = $"Replay queue message of id : {message.Id} with CorrelationId : {message.OriginalMessage.CorrelationId}";
     ChangedProperties = new List <PropertyUpdate>
     {
         PropertyUpdate.FromString("meessage", JsonConvert.SerializeObject(message.OriginalMessage?.UserProperties))
     };
 }
Example #6
0
 public CompleteChangeEmailAuditMessage(User user, string oldEmail)
 {
     AffectedEntity = new Entity
     {
         Type = UserTypeName,
         Id   = user.Id
     };
     Category          = "UPDATE";
     Description       = $"User {user.Email} completed changing their email address from {oldEmail}";
     ChangedProperties = new List <PropertyUpdate>
     {
         PropertyUpdate.FromString(nameof(user.Email), user.Email)
     };
 }
 public PasswordResetAuditMessage(User user)
 {
     Category       = "PASSWORD_RESET";
     AffectedEntity = new Entity
     {
         Type = UserTypeName,
         Id   = user.Id
     };
     Description       = $"User {user.Email} (id: {user.Id}) has reset their password";
     ChangedProperties = new List <PropertyUpdate>
     {
         PropertyUpdate.FromString(nameof(user.Password), PasswordAuditValue),
         PropertyUpdate.FromString(nameof(user.Salt), SaltAuditValue)
     };
 }
 public RequestChangeEmailAuditMessage(User user, SecurityCode code)
 {
     AffectedEntity = new Entity
     {
         Type = UserTypeName,
         Id   = user.Id
     };
     Category          = "CHANGE_EMAIL";
     Description       = $"User {user.Email} (id: {user.Id}) has requested to change their email to {code.PendingValue}. They have been issued code {code.Code}";
     ChangedProperties = new List <PropertyUpdate>
     {
         PropertyUpdate.FromString("SecurityCodes.Code", code.Code),
         PropertyUpdate.FromDateTime("SecurityCodes.ExpiryTime", code.ExpiryTime)
     };
 }
Example #9
0
        public ResendActivationCodeAuditMessage(User user)
        {
            var activationCode = user.SecurityCodes.Where(x => x.CodeType == SecurityCodeType.AccessCode)
                                 .OrderByDescending(x => x.ExpiryTime)
                                 .FirstOrDefault();

            AffectedEntity = new Entity
            {
                Type = UserTypeName,
                Id   = user.Id
            };
            Category          = "RESEND_ACTIVATION_CODE";
            Description       = $"User {user.Email} (id: {user.Id}) has request activation code {activationCode?.Code} be resent";
            ChangedProperties = new List <PropertyUpdate>
            {
                PropertyUpdate.FromString(nameof(user.SecurityCodes), activationCode?.Code)
            };
        }
Example #10
0
        public PasswordResetCodeAuditMessage(User user)
        {
            //Get the latest security code
            var securityCode = user.SecurityCodes.Where(x => x.CodeType == SecurityCodeType.PasswordResetCode)
                               .OrderByDescending(x => x.ExpiryTime)
                               .FirstOrDefault();

            Category       = "PASSWORD_RESET_CODE";
            AffectedEntity = new Entity
            {
                Type = UserTypeName,
                Id   = user.Id
            };
            Description       = $"User {user.Email} (id: {user.Id}) has reset their security code";
            ChangedProperties = new List <PropertyUpdate>
            {
                PropertyUpdate.FromString("SecurityCode", securityCode?.Code)
            };
        }
Example #11
0
 private async Task CreateAuditEntry(AcceptInvitationCommand message, User user, Invitation existing)
 {
     await _auditService.SendAuditMessage(new EasAuditMessage
     {
         Category    = "UPDATED",
         Description =
             $"Member {user.Email} has accepted and invitation to account {existing.AccountId} as {existing.Role}",
         ChangedProperties = new List <PropertyUpdate>
         {
             PropertyUpdate.FromString("Status", InvitationStatus.Accepted.ToString())
         },
         RelatedEntities = new List <Entity>
         {
             new Entity {
                 Id = $"Account Id [{existing.AccountId}], User Id [{user.Id}]", Type = "Membership"
             }
         },
         AffectedEntity = new Entity {
             Type = "Invitation", Id = message.Id.ToString()
         }
     });
 }
 private async Task AddAuditEntry(long accountId, string employerAgreementId)
 {
     await _mediator.SendAsync(new CreateAuditCommand
     {
         EasAuditMessage = new EasAuditMessage
         {
             Category          = "UPDATED",
             Description       = $"EmployerAgreement {employerAgreementId} removed from account {accountId}",
             ChangedProperties = new List <PropertyUpdate>
             {
                 PropertyUpdate.FromString("Status", EmployerAgreementStatus.Removed.ToString())
             },
             RelatedEntities = new List <Entity> {
                 new Entity {
                     Id = accountId.ToString(), Type = "Account"
                 }
             },
             AffectedEntity = new Entity {
                 Type = "EmployerAgreement", Id = employerAgreementId
             }
         }
     });
 }
Example #13
0
 private async Task AddAuditEntry(SignEmployerAgreementCommand message, long accountId, long agreementId)
 {
     await _mediator.SendAsync(new CreateAuditCommand
     {
         EasAuditMessage = new EasAuditMessage
         {
             Category          = "UPDATED",
             Description       = $"Agreement {agreementId} added to account {accountId}",
             ChangedProperties = new List <PropertyUpdate>
             {
                 PropertyUpdate.FromString("UserId", message.ExternalUserId),
                 PropertyUpdate.FromString("SignedDate", message.SignedDate.ToString("U"))
             },
             RelatedEntities = new List <Entity> {
                 new Entity {
                     Id = accountId.ToString(), Type = "Account"
                 }
             },
             AffectedEntity = new Entity {
                 Type = "Agreement", Id = agreementId.ToString()
             }
         }
     });
 }
Example #14
0
        private async Task CreateAuditEntries(CreateAccountCommand message, CreateAccountResult returnValue, string hashedAccountId, User user)
        {
            //Account
            await _mediator.SendAsync(new CreateAuditCommand
            {
                EasAuditMessage = new EasAuditMessage
                {
                    Category          = "CREATED",
                    Description       = $"Account {message.OrganisationName} created with id {returnValue.AccountId}",
                    ChangedProperties = new List <PropertyUpdate>
                    {
                        PropertyUpdate.FromLong("AccountId", returnValue.AccountId),
                        PropertyUpdate.FromString("HashedId", hashedAccountId),
                        PropertyUpdate.FromString("Name", message.OrganisationName),
                        PropertyUpdate.FromDateTime("CreatedDate", DateTime.UtcNow),
                    },
                    AffectedEntity = new Entity {
                        Type = "Account", Id = returnValue.AccountId.ToString()
                    },
                    RelatedEntities = new List <Entity>()
                }
            });

            //LegalEntity
            var changedProperties = new List <PropertyUpdate>
            {
                PropertyUpdate.FromLong("Id", returnValue.LegalEntityId),
                PropertyUpdate.FromString("Name", message.OrganisationName),
                PropertyUpdate.FromString("Code", message.OrganisationReferenceNumber),
                PropertyUpdate.FromString("RegisteredAddress", message.OrganisationAddress),
                PropertyUpdate.FromString("OrganisationType", message.OrganisationType.ToString()),
                PropertyUpdate.FromString("PublicSectorDataSource", message.PublicSectorDataSource.ToString()),
                PropertyUpdate.FromString("Sector", message.Sector)
            };

            if (message.OrganisationDateOfInception != null)
            {
                changedProperties.Add(PropertyUpdate.FromDateTime("DateOfIncorporation", message.OrganisationDateOfInception.Value));
            }

            await _mediator.SendAsync(new CreateAuditCommand
            {
                EasAuditMessage = new EasAuditMessage
                {
                    Category          = "CREATED",
                    Description       = $"Legal Entity {message.OrganisationName} created of type {message.OrganisationType} with id {returnValue.LegalEntityId}",
                    ChangedProperties = changedProperties,
                    AffectedEntity    = new Entity {
                        Type = "LegalEntity", Id = returnValue.LegalEntityId.ToString()
                    },
                    RelatedEntities = new List <Entity>()
                }
            });

            //EmployerAgreement
            await _mediator.SendAsync(new CreateAuditCommand
            {
                EasAuditMessage = new EasAuditMessage
                {
                    Category          = "CREATED",
                    Description       = $"Employer Agreement Created for {message.OrganisationName} legal entity id {returnValue.LegalEntityId}",
                    ChangedProperties = new List <PropertyUpdate>
                    {
                        PropertyUpdate.FromLong("Id", returnValue.EmployerAgreementId),
                        PropertyUpdate.FromLong("LegalEntityId", returnValue.LegalEntityId),
                        PropertyUpdate.FromString("TemplateId", hashedAccountId),
                        PropertyUpdate.FromInt("StatusId", 2),
                    },
                    RelatedEntities = new List <Entity> {
                        new Entity {
                            Id = returnValue.EmployerAgreementId.ToString(), Type = "LegalEntity"
                        }
                    },
                    AffectedEntity = new Entity {
                        Type = "EmployerAgreement", Id = returnValue.EmployerAgreementId.ToString()
                    }
                }
            });

            //AccountEmployerAgreement Account Employer Agreement
            await _mediator.SendAsync(new CreateAuditCommand
            {
                EasAuditMessage = new EasAuditMessage
                {
                    Category          = "CREATED",
                    Description       = $"Employer Agreement Created for {message.OrganisationName} legal entity id {returnValue.LegalEntityId}",
                    ChangedProperties = new List <PropertyUpdate>
                    {
                        PropertyUpdate.FromLong("AccountId", returnValue.AccountId),
                        PropertyUpdate.FromLong("EmployerAgreementId", returnValue.EmployerAgreementId),
                    },
                    RelatedEntities = new List <Entity>
                    {
                        new Entity {
                            Id = returnValue.EmployerAgreementId.ToString(), Type = "LegalEntity"
                        },
                        new Entity {
                            Id = returnValue.AccountId.ToString(), Type = "Account"
                        }
                    },
                    AffectedEntity = new Entity {
                        Type = "AccountEmployerAgreement", Id = returnValue.EmployerAgreementId.ToString()
                    }
                }
            });

            //Paye
            await _mediator.SendAsync(new CreateAuditCommand
            {
                EasAuditMessage = new EasAuditMessage
                {
                    Category          = "CREATED",
                    Description       = $"Paye scheme {message.PayeReference} added to account {returnValue.AccountId}",
                    ChangedProperties = new List <PropertyUpdate>
                    {
                        PropertyUpdate.FromString("Ref", message.PayeReference),
                        PropertyUpdate.FromString("AccessToken", message.AccessToken),
                        PropertyUpdate.FromString("RefreshToken", message.RefreshToken),
                        PropertyUpdate.FromString("Name", message.EmployerRefName)
                    },
                    RelatedEntities = new List <Entity> {
                        new Entity {
                            Id = returnValue.AccountId.ToString(), Type = "Account"
                        }
                    },
                    AffectedEntity = new Entity {
                        Type = "Paye", Id = message.PayeReference
                    }
                }
            });

            //Membership Account
            await _mediator.SendAsync(new CreateAuditCommand
            {
                EasAuditMessage = new EasAuditMessage
                {
                    Category          = "CREATED",
                    Description       = $"User {message.ExternalUserId} added to account {returnValue.AccountId} as owner",
                    ChangedProperties = new List <PropertyUpdate>
                    {
                        PropertyUpdate.FromLong("AccountId", returnValue.AccountId),
                        PropertyUpdate.FromString("UserId", message.ExternalUserId),
                        PropertyUpdate.FromString("RoleId", Role.Owner.ToString()),
                        PropertyUpdate.FromDateTime("CreatedDate", DateTime.UtcNow)
                    },
                    RelatedEntities = new List <Entity>
                    {
                        new Entity {
                            Id = returnValue.AccountId.ToString(), Type = "Account"
                        },
                        new Entity {
                            Id = user.Id.ToString(), Type = "User"
                        }
                    },
                    AffectedEntity = new Entity {
                        Type = "Membership", Id = message.ExternalUserId
                    }
                }
            });
        }
        protected override async Task HandleCore(CreateInvitationCommand message)
        {
            var validationResult = await _validator.ValidateAsync(message);

            if (!validationResult.IsValid())
            {
                throw new InvalidRequestException(validationResult.ValidationDictionary);
            }

            if (validationResult.IsUnauthorized)
            {
                throw new UnauthorizedAccessException();
            }

            var caller = await _membershipRepository.GetCaller(message.HashedAccountId, message.ExternalUserId);

            ////Verify the email is not used by an existing invitation for the account
            var existingInvitation = await _invitationRepository.Get(caller.AccountId, message.EmailOfPersonBeingInvited);

            if (existingInvitation != null && existingInvitation.Status != InvitationStatus.Deleted && existingInvitation.Status != InvitationStatus.Accepted)
            {
                throw new InvalidRequestException(new Dictionary <string, string> {
                    { "ExistingMember", $"{message.EmailOfPersonBeingInvited} is already invited" }
                });
            }

            var expiryDate = DateTimeProvider.Current.UtcNow.Date.AddDays(8);

            var invitationId = 0L;

            if (existingInvitation == null)
            {
                invitationId = await _invitationRepository.Create(new Invitation
                {
                    AccountId  = caller.AccountId,
                    Email      = message.EmailOfPersonBeingInvited,
                    Name       = message.NameOfPersonBeingInvited,
                    Role       = message.RoleOfPersonBeingInvited,
                    Status     = InvitationStatus.Pending,
                    ExpiryDate = expiryDate
                });
            }
            else
            {
                existingInvitation.Name       = message.NameOfPersonBeingInvited;
                existingInvitation.Role       = message.RoleOfPersonBeingInvited;
                existingInvitation.Status     = InvitationStatus.Pending;
                existingInvitation.ExpiryDate = expiryDate;

                await _invitationRepository.Resend(existingInvitation);

                invitationId = existingInvitation.Id;
            }

            var existingUser = await _userRepository.Get(message.EmailOfPersonBeingInvited);

            await _mediator.SendAsync(new CreateAuditCommand
            {
                EasAuditMessage = new EasAuditMessage
                {
                    Category          = "CREATED",
                    Description       = $"Member {message.EmailOfPersonBeingInvited} added to account {caller.AccountId} as {message.RoleOfPersonBeingInvited}",
                    ChangedProperties = new List <PropertyUpdate>
                    {
                        PropertyUpdate.FromString("AccountId", caller.AccountId.ToString()),
                        PropertyUpdate.FromString("Email", message.EmailOfPersonBeingInvited),
                        PropertyUpdate.FromString("Name", message.NameOfPersonBeingInvited),
                        PropertyUpdate.FromString("Role", message.RoleOfPersonBeingInvited.ToString()),
                        PropertyUpdate.FromString("Status", InvitationStatus.Pending.ToString()),
                        PropertyUpdate.FromDateTime("ExpiryDate", expiryDate)
                    },
                    RelatedEntities = new List <Entity> {
                        new Entity {
                            Id = caller.AccountId.ToString(), Type = "Account"
                        }
                    },
                    AffectedEntity = new Entity {
                        Type = "Invitation", Id = invitationId.ToString()
                    }
                }
            });

            await _mediator.SendAsync(new SendNotificationCommand
            {
                Email = new Email
                {
                    RecipientsAddress = message.EmailOfPersonBeingInvited,
                    TemplateId        = existingUser?.UserRef != null ? "InvitationExistingUser" : "InvitationNewUser",
                    ReplyToAddress    = "*****@*****.**",
                    Subject           = "x",
                    SystemId          = "x",
                    Tokens            = new Dictionary <string, string> {
                        { "account_name", caller.AccountName },
                        { "first_name", message.NameOfPersonBeingInvited },
                        { "inviter_name", $"{caller.FirstName} {caller.LastName}" },
                        { "base_url", _employerApprenticeshipsServiceConfiguration.DashboardUrl },
                        { "expiry_date", expiryDate.ToString("dd MMM yyy") }
                    }
                }
            });

            var callerExternalUserId = Guid.Parse(caller.UserRef);

            await PublishUserInvitedEvent(caller.AccountId, message.NameOfPersonBeingInvited, caller.FullName(), callerExternalUserId);
        }
        protected override async Task HandleCore(AcceptInvitationCommand message)
        {
            var validationResult = _validator.Validate(message);

            if (!validationResult.IsValid())
            {
                throw new InvalidRequestException(validationResult.ValidationDictionary);
            }

            var existing = await _invitationRepository.Get(message.Id);

            if (existing == null)
            {
                throw new InvalidRequestException(new Dictionary <string, string> {
                    { "Invitation", "Invitation not found" }
                });
            }

            var user = await _userAccountRepository.Get(existing.Email);

            if (user == null)
            {
                throw new InvalidRequestException(new Dictionary <string, string> {
                    { "User", "User not found" }
                });
            }

            var membership = await _membershipRepository.GetCaller(existing.AccountId, user.UserRef);

            if (membership != null)
            {
                throw new InvalidRequestException(new Dictionary <string, string> {
                    { "Membership", "User already member of Account" }
                });
            }

            if (existing.Status != InvitationStatus.Pending)
            {
                throw new InvalidRequestException(new Dictionary <string, string> {
                    { "Invitation", "Invitation is not pending" }
                });
            }
            if (existing.ExpiryDate < DateTimeProvider.Current.UtcNow)
            {
                throw new InvalidRequestException(new Dictionary <string, string> {
                    { "Invitation", "Invitation has expired" }
                });
            }

            await _invitationRepository.Accept(existing.Email, existing.AccountId, (short)existing.RoleId);

            await _auditService.SendAuditMessage(new EasAuditMessage
            {
                Category          = "UPDATED",
                Description       = $"Member {user.Email} has accepted and invitation to account {existing.AccountId} as {existing.RoleId}",
                ChangedProperties = new List <PropertyUpdate>
                {
                    PropertyUpdate.FromString("Status", InvitationStatus.Accepted.ToString())
                },
                RelatedEntities = new List <Entity> {
                    new Entity {
                        Id = $"Account Id [{existing.AccountId}], User Id [{user.Id}]", Type = "Membership"
                    }
                },
                AffectedEntity = new Entity {
                    Type = "Invitation", Id = message.Id.ToString()
                }
            });
        }