/// <summary> /// We need a way to generate users on the fly. /// </summary> /// <param name="addRecipientRequest"></param> /// <returns></returns> private async Task <UserModel> GenerateUserForEDiscovery(AddRecipientRequest addRecipientRequest, string password) { await InitializePrivilegedConnectionAsync(); var folderIdentifier = addRecipientRequest.FolderIdentifier; var userModel = new UserModel { Identifier = ModuleUtility.GetFolderScopedUserIdentifier(folderIdentifier, addRecipientRequest.RecipientEmail), EmailAddress = addRecipientRequest.RecipientEmail, FirstName = addRecipientRequest.FirstName, LastName = addRecipientRequest.LastName, }; userModel = await privilegedConnection.User.PostAsync(userModel); await privilegedConnection.User.PasswordPutAsync(userModel.Identifier, password); var accessIdentifiers = new[] { $"o:{folderIdentifier.OrganizationKey}", $"r:eDiscovery{{{folderIdentifier.FolderKey.Replace(" ", "_")}}}", // used to actually control access $"r:eDiscovery", // used to test whether a given user is an eDiscovery user $"x:pcms", // disable PCMS rules $"x:leo", // disable LEO rules }; await privilegedConnection.User.AccessIdentifiersPutAsync(userModel.Identifier, accessIdentifiers); return(userModel); }
public async Task <RecipientResponse> AddRecipientAsync(AddRecipientRequest addRecipientRequest, string landingLocation, string passphrase) { var folder = await connection.Folder.GetAsync(addRecipientRequest.FolderIdentifier); DateTime?expirationDate = ModuleUtility.GetLinkExpirationDate(folder, MetadataKeyConstants.E_DISCOVERY_EXPIRATION_LENGTH_SECONDS); var password = ModuleUtility.GeneratePassword(folder, MetadataKeyConstants.E_DISCOVERY_RND_PASSWORD_LENGTH, EDiscoveryUtility.E_DISCOVERY_DEFAULT_PASSWORD_LENGTH, MetadataKeyConstants.E_DISCOVERY_RND_PASSWORD_CHARS); // We're going to generate a user for eDicsovery. This user will have restricted priveleges. var user = await GenerateUserForEDiscovery(addRecipientRequest, password.Plain); string completeUrl = ModuleUtility.CreateMagicLink(addRecipientRequest, landingLocation, passphrase, folder.Identifier, expirationDate, user.Identifier); folder.MetaEDiscoveryRecipientListUpsert(new ExternalUser() { Email = addRecipientRequest.RecipientEmail, FirstName = addRecipientRequest.FirstName, LastName = addRecipientRequest.LastName, PasswordHash = password.Hashed, MagicLink = completeUrl, ExpirationDate = expirationDate.GetValueOrDefault() }); await connection.Folder.PutAsync(folder); await EnsureFolderSecurityConfiguration(folder.Identifier); await this.auditLogStore.AddEntry( new AuditLogEntry() { EntryType = AuditLogEntryType.eDiscoveryRecipientAdded, Message = $"An eDiscovery User has been added. {addRecipientRequest.RecipientEmail}", ModuleType = Modules.ModuleType.eDiscovery }, folder.Identifier ); // build up the response return(new RecipientResponse() { Email = addRecipientRequest.RecipientEmail, ExpirationDate = expirationDate.GetValueOrDefault(), MagicLink = completeUrl, Password = password.Plain, FirstName = addRecipientRequest.FirstName, LastName = addRecipientRequest.LastName, }); }
public async Task <RecipientResponse> AddRecipient([FromBody] AddRecipientRequest addRecipientRequest) { var folder = await connection.Folder.GetAsync(addRecipientRequest.FolderIdentifier); var recipients = folder.MetaEDiscoveryRecipientListRead(); var recipient = recipients.Where(rec => rec.Email.ToLower() == addRecipientRequest.RecipientEmail.ToLower()).FirstOrDefault(); if (recipient != null) { throw new RecipientAlreadyPresentException($"You can't add: {addRecipientRequest.RecipientEmail} this recipient as they are already present in the list of recipients."); } return(await eDiscovery.AddRecipientAsync( addRecipientRequest, managerConfiguration.EDiscoveryLandingLocation, managerConfiguration.EDiscoveryLinkEncryptionKey )); }