public IHttpActionResult UpdateById([FromBody] UserUpdateDetails updateDetails)
{
Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims();
var user = _context.Users.UpdateById(authenticatedUserId, updateDetails);
return(Ok(ConvertToServiceLayerUser(user)));
}
public void Refer(string refName, string refEmail)
{
var firstName = ClaimsHelper.GetClaimValue(WebUI.Common.Common.GetToken(System.Web.HttpContext.Current), Constants.ClaimFirstName);
var lastName = ClaimsHelper.GetClaimValue(WebUI.Common.Common.GetToken(System.Web.HttpContext.Current), Constants.ClaimLastName);
MessagingService.Referral(refEmail, refName, firstName + " " + lastName);
}
public IActionResult DeleteItemFromCart(int itemId)
{
var email = ClaimsHelper.GetClaim(User, "name");
_shoppingCartService.RemoveCartItem(email, itemId);
return(NoContent());
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null)
{
throw new ArgumentNullException("httpContext");
}
IPrincipal user = httpContext.User;
if (!user.Identity.IsAuthenticated)
{
return(false);
}
//Compare the list of roles required against those in the users token. Is no intersection then return false (unauthorized)
if (base.Roles != string.Empty)
{
var _rolesSplit = base.Roles.Split(',').ToList();
var userRoles = ClaimsHelper.GetUserRoles(WebUI.Common.Common.GetToken(System.Web.HttpContext.Current));
if (_rolesSplit.Count > 0 && _rolesSplit.Intersect(userRoles).Count() == 0)
{
return(false);
}
}
return(true);
}
/// <inheritdoc />
public ApplicationUserMapperConfiguration()
{
CreateMap <RegisterViewModel, ApplicationUser>()
.ForMember(x => x.UserName, o => o.MapFrom(p => p.Email))
.ForMember(x => x.Email, o => o.MapFrom(p => p.Email))
.ForMember(x => x.EmailConfirmed, o => o.MapFrom(src => true))
.ForMember(x => x.FirstName, o => o.MapFrom(p => p.FirstName))
.ForMember(x => x.LastName, o => o.MapFrom(p => p.LastName))
.ForMember(x => x.PhoneNumberConfirmed, o => o.MapFrom(src => true))
.ForAllOtherMembers(x => x.Ignore());
CreateMap <ClaimsIdentity, ApplicationUserProfileViewModel>()
.ForMember(x => x.Id, o => o.MapFrom(claims => ClaimsHelper.GetValue <Guid>(claims, JwtClaimTypes.Subject)))
.ForMember(x => x.PositionName, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, ClaimTypes.Actor)))
.ForMember(x => x.FirstName, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, JwtClaimTypes.GivenName)))
.ForMember(x => x.LastName, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, ClaimTypes.Surname)))
.ForMember(x => x.Roles, o => o.MapFrom(claims => ClaimsHelper.GetValues <string>(claims, JwtClaimTypes.Role)))
.ForMember(x => x.Email, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, JwtClaimTypes.Name)))
.ForMember(x => x.EmailVerified, o => o.MapFrom(claims => ClaimsHelper.GetValue <bool>(claims, JwtClaimTypes.EmailVerified)))
.ForMember(x => x.PreferredUserName, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, JwtClaimTypes.PreferredUserName)))
.ForMember(x => x.PhoneNumber, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, JwtClaimTypes.PhoneNumber)))
.ForMember(x => x.PhoneNumberVerified, o => o.MapFrom(claims => ClaimsHelper.GetValue <bool>(claims, JwtClaimTypes.PhoneNumberVerified)))
.ForMember(x => x.AdditionalEmails, o => o.MapFrom(claims => ClaimsHelper.GetValue <string>(claims, "AdditionalEmails")))
.ForAllOtherMembers(x => x.Ignore());
}
public async Task <IViewComponentResult> InvokeAsync(string selectedOwnerId, string selectedRepoId, string area)
{
if (User?.Identity == null || !User.Identity.IsAuthenticated || !ClaimsHelper.OwnerExistsInUserClaims(User.Identity as ClaimsIdentity, selectedOwnerId))
{
// dash view model
var publicDash = new DashboardMenuViewModel
{
SelectedOwnerId = selectedOwnerId,
SelectedRepoId = selectedRepoId,
ActiveArea = area
};
//note: when public, the avatar URL cannot be retrieved from the user claims, so needs to be retrieved from data storage / cache
return(View("Public", publicDash));
}
// user view model
var uvm = new UserViewModel();
uvm.Populate(User.Identity as ClaimsIdentity);
// dash view model
this.DashboardMenuViewModel = new DashboardMenuViewModel
{
SelectedOwnerId = selectedOwnerId,
SelectedRepoId = selectedRepoId,
UserViewModel = uvm,
ActiveArea = area
};
this.DashboardMenuViewModel.Owners.Add(uvm.UserOwner);
this.DashboardMenuViewModel.Owners.AddRange(uvm.Organisations);
this.DashboardMenuViewModel.SelectedOwnerAvatarUrl = this.DashboardMenuViewModel.Owners.FirstOrDefault(o => o.OwnerId.Equals(selectedOwnerId, StringComparison.InvariantCultureIgnoreCase))?.AvatarUrl;
await PopulateRepositoryList();
return(View(this.DashboardMenuViewModel));
}
public async Task <IActionResult> GetVoucher([FromQuery] String voucherCode,
[FromQuery] String applicationVersion,
CancellationToken cancellationToken)
{
if (ClaimsHelper.IsPasswordToken(this.User) == false)
{
return(this.Forbid());
}
// Do the software version check
try
{
VersionCheckRequest versionCheckRequest = VersionCheckRequest.Create(applicationVersion);
await this.Mediator.Send(versionCheckRequest, cancellationToken);
}
catch (VersionIncompatibleException vex)
{
Logger.LogError(vex);
return(this.StatusCode(505));
}
Guid estateId = Guid.Parse(ClaimsHelper.GetUserClaim(this.User, "estateId").Value);
Guid contractId = Guid.Parse(ClaimsHelper.GetUserClaim(this.User, "contractId").Value);
// Now do the GET
GetVoucherRequest request = GetVoucherRequest.Create(estateId, contractId, voucherCode);
GetVoucherResponse response = await this.Mediator.Send(request, cancellationToken);
return(this.Ok(this.ModelFactory.ConvertFrom(response)));
}
public async Task <ActionResult> GetActivitiesByUser()
{
var eventProps = GetDefaultCustomProperties();
try
{
var userObjectId = ClaimsHelper.GetUserObjectIdClaim((ClaimsIdentity)HttpContext.User.Identity);
var results = await Database.GetActivitiesByUserAsync(userObjectId).ConfigureAwait(false);
Logger.TrackEvent(EventNames.ActivitiesQueriedByUser, eventProps);
return(Ok(results));
}
catch (ClaimsValidationException ex)
{
eventProps.Add("User.Claims", ex.GetClaims());
Logger.TrackEvent(EventNames.ClaimsValidationError, eventProps);
return(Unauthorized());
}
catch (ModelValidationException ex)
{
return(BadRequest(ex.Message));
}
catch (Exception ex)
{
Logger.TrackException(ex);
return(StatusCode(StatusCodes.Status500InternalServerError));
}
}
/// <summary>
/// Obtem a Matrícula e o Nome Completo do Usuário Logado
/// </summary>
/// <returns></returns>
public static string ObterMatriculaComNomeCompleto()
{
string matricula = ClaimsHelper.ObterClaim(Claims.Matricula)?.Value;
string nomeCompleto = ClaimsHelper.ObterClaim(Claims.NomeCompleto)?.Value;
return($"{matricula} - {nomeCompleto}");
}
public IActionResult GetPayments()
{
var email = ClaimsHelper.GetClaim(User, "name");
var paymentCards = _paymentService.GetStoredPaymentCards(email);
return(Ok(paymentCards));
}
public async Task <ActionResult> RemoveLiftingActivity([FromRoute] long activityId)
{
var eventProps = GetDefaultCustomProperties();
try
{
var userId = ClaimsHelper.GetUserObjectIdClaim((ClaimsIdentity)HttpContext.User.Identity);
await Database.RemoveLiftingActivityAsync(activityId, userId).ConfigureAwait(false);
eventProps.Add("ActivityType", nameof(DistanceActivity));
eventProps.Add("ActivityID", activityId.ToString());
Logger.TrackEvent(EventNames.LiftingActivityRemoved, eventProps);
}
catch (ClaimsValidationException ex)
{
eventProps.Add("User.Claims", ex.GetClaims());
Logger.TrackEvent(EventNames.ClaimsValidationError, eventProps);
return(Unauthorized());
}
catch (ModelValidationException ex)
{
return(BadRequest(ex.Message));
}
catch (Exception ex)
{
Logger.TrackException(ex);
return(StatusCode(StatusCodes.Status500InternalServerError));
}
return(Ok());
}
public IHttpActionResult DeleteById(Guid id)
{
Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims();
_context.Projects.DeleteById(id, authenticatedUserId);
return(Ok());
}
public IHttpActionResult DeleteById()
{
Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims();
_context.Users.DeleteById(authenticatedUserId);
return(Ok());
}
public IHttpActionResult UpdatePasswordById([FromBody] Service.PasswordUpdate passwordUpdate)
{
Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims();
var user = _context.Users.UpdatePasswordById(authenticatedUserId, passwordUpdate.Password);
return(Ok(ConvertToServiceLayerUser(user)));
}
public async Task <IActionResult> CreateGolfClub([FromBody] CreateGolfClubRequest request,
CancellationToken cancellationToken)
{
if (ClaimsHelper.IsPasswordToken(this.User) == false)
{
return(this.Forbid());
}
// Get the user id (subject) for the user
Claim subjectIdClaim = ClaimsHelper.GetUserClaim(this.User, JwtClaimTypes.Subject);
// Get the Golf Club Id claim from the user
Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId);
Guid golfClubId = Guid.Parse(golfClubIdClaim.Value);
Guid securityUserId = Guid.Parse(subjectIdClaim.Value);
// Create the command
CreateGolfClubCommand command = CreateGolfClubCommand.Create(golfClubId, securityUserId, request);
// Route the command
await this.CommandRouter.Route(command, cancellationToken);
// return the result
return(this.Created($"{GolfClubController.ControllerRoute}/{golfClubId}", new CreateGolfClubResponsev2
{
GolfClubId = golfClubId
}));
}
public async Task <IActionResult> GetPlayer([FromRoute] Guid playerId,
[FromQuery] Boolean includeMemberships,
[FromQuery] Boolean includeTournamentSignups,
CancellationToken cancellationToken)
{
// Get the Player Id claim from the user
Claim playerIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.PlayerId, playerId.ToString());
Boolean validationResult = ClaimsHelper.ValidateRouteParameter(playerId, playerIdClaim);
if (validationResult == false)
{
return(this.Forbid());
}
GetPlayerDetailsResponse playerDetails = await this.Manager.GetPlayerDetails(Guid.Parse(playerIdClaim.Value), cancellationToken);
List <ClubMembershipResponse> membershipList = null;
if (includeMemberships)
{
membershipList = await this.Manager.GetPlayersClubMemberships(Guid.Parse(playerIdClaim.Value), cancellationToken);
}
PlayerSignedUpTournamentsResponse signedUpTournaments = null;
if (includeTournamentSignups)
{
signedUpTournaments = await this.Manager.GetPlayerSignedUpTournaments(Guid.Parse(playerIdClaim.Value), cancellationToken);
}
GetPlayerResponse playerResponse = this.ConvertGetPlayerDetailsResponse(playerId, playerDetails, membershipList, signedUpTournaments);
return(this.Ok(playerResponse));
}
public IActionResult DeleteAddressById(int addressId)
{
var email = ClaimsHelper.GetClaim(User, "name");
_addressService.DeleteAddress(email, addressId);
return(NoContent());
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
return(false);
}
if (!ValidaAmbiente(httpContext))
{
return(false);
}
var isAuthorized = base.AuthorizeCore(httpContext);
if (!isAuthorized)
{
string usuario = ClaimsHelper.ObterClaim(Claims.Matricula).Value;
Exception exception = new HttpException(401, $"Usuário {HttpContext.Current.User.Identity.Name} - {usuario} não autorizado para acessar a página: {HttpContext.Current.Request.Url.AbsoluteUri}");
ErrorSignal.FromCurrentContext().Raise(exception, HttpContext.Current);
}
return(isAuthorized);
}
public AuthenticationRequestParameters(
IServiceBundle serviceBundle,
ITokenCacheInternal tokenCache,
AcquireTokenCommonParameters commonParameters,
RequestContext requestContext)
{
_serviceBundle = serviceBundle;
_commonParameters = commonParameters;
Authority = Authority.CreateAuthorityForRequest(serviceBundle.Config.AuthorityInfo, commonParameters.AuthorityOverride);
ClientId = serviceBundle.Config.ClientId;
CacheSessionManager = new CacheSessionManager(tokenCache, this);
Scope = ScopeHelper.CreateSortedSetFromEnumerable(commonParameters.Scopes);
RedirectUri = new Uri(serviceBundle.Config.RedirectUri);
RequestContext = requestContext;
IsBrokerConfigured = serviceBundle.Config.IsBrokerEnabled;
// Set application wide query parameters.
ExtraQueryParameters = serviceBundle.Config.ExtraQueryParameters ?? new Dictionary <string, string>();
// Copy in call-specific query parameters.
if (commonParameters.ExtraQueryParameters != null)
{
foreach (KeyValuePair <string, string> kvp in commonParameters.ExtraQueryParameters)
{
ExtraQueryParameters[kvp.Key] = kvp.Value;
}
}
ClaimsAndClientCapabilities = ClaimsHelper.GetMergedClaimsAndClientCapabilities(
_commonParameters.Claims,
_serviceBundle.Config.ClientCapabilities);
}
public async Task <IActionResult> GetGolfClubList([FromQuery] Boolean includeMembers,
[FromQuery] Boolean includeMeasuredCourses,
[FromQuery] Boolean includeUsers,
[FromQuery] Boolean includeTournaments,
CancellationToken cancellationToken)
{
// Get the Golf Club Id claim from the user
Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId);
if (String.IsNullOrEmpty(golfClubIdClaim.Value) == false)
{
// A golf club user cannot be calling this method
return(this.Forbid());
}
List <GetGolfClubResponsev1> golfClubList = await this.Manager.GetGolfClubList(cancellationToken);
List <GetGolfClubResponsev2> response = new List <GetGolfClubResponsev2>();
foreach (GetGolfClubResponsev1 getGolfClubResponse in golfClubList)
{
GetGolfClubResponsev2 getGolfClubResponsev2 = this.ConvertGetGolfClubResponse(getGolfClubResponse);
response.Add(getGolfClubResponsev2);
}
return(this.Ok(response));
}
public async Task <IActionResult> SendEmail([FromBody] SendEmailRequestDTO sendEmailRequest,
CancellationToken cancellationToken)
{
// Reject password tokens
if (ClaimsHelper.IsPasswordToken(this.User))
{
return(this.Forbid());
}
Guid messageId = sendEmailRequest.MessageId.HasValue ? sendEmailRequest.MessageId.Value : Guid.NewGuid();
// Create the command
SendEmailRequest request = SendEmailRequest.Create(sendEmailRequest.ConnectionIdentifier,
messageId,
sendEmailRequest.FromAddress,
sendEmailRequest.ToAddresses,
sendEmailRequest.Subject,
sendEmailRequest.Body,
sendEmailRequest.IsHtml);
// Route the command
await this.Mediator.Send(request, cancellationToken);
// return the result
return(this.Created($"{EmailController.ControllerRoute}/{messageId}",
new SendEmailResponseDTO
{
MessageId = messageId
}));
}
public async Task <IActionResult> AddMeasuredCourseToGolfClub([FromRoute] Guid golfClubId,
[FromBody] AddMeasuredCourseToClubRequest request,
CancellationToken cancellationToken)
{
// Get the Golf Club Id claim from the user
Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId, golfClubId.ToString());
Boolean validationResult = ClaimsHelper.ValidateRouteParameter(golfClubId, golfClubIdClaim);
if (validationResult == false)
{
return(this.Forbid());
}
Guid golfClubIdValue = Guid.Parse(golfClubIdClaim.Value);
Guid measuredCourseId = Guid.NewGuid();
// Create the command
AddMeasuredCourseToClubCommand command = AddMeasuredCourseToClubCommand.Create(golfClubIdValue, measuredCourseId, request);
// Route the command
await this.CommandRouter.Route(command, cancellationToken);
// return the result
return(this.Created($"{GolfClubController.ControllerRoute}/{golfClubId}/measuredcourses/{measuredCourseId}",
new AddMeasuredCourseToClubResponse
{
GolfClubId = golfClubIdValue,
MeasuredCourseId = measuredCourseId
}));
}
protected override string Handle(GetRolesRequest request)
{
var user = _httpContextAccessor.HttpContext.User;
var roles = ClaimsHelper.GetValues <string>((ClaimsIdentity)user.Identity, "role");
return($"Current user ({user.Identity.Name}) have following roles: {string.Join("|", roles)}");
}
public async Task <IActionResult> CreateMatchSecretary([FromRoute] Guid golfClubId,
[FromBody] CreateMatchSecretaryRequest request,
CancellationToken cancellationToken)
{
// Get the Golf Club Id claim from the user
Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId, golfClubId.ToString());
Boolean validationResult = ClaimsHelper.ValidateRouteParameter(golfClubId, golfClubIdClaim);
if (validationResult == false)
{
return(this.Forbid());
}
CreateMatchSecretaryCommand command = CreateMatchSecretaryCommand.Create(Guid.Parse(golfClubIdClaim.Value), request);
await this.CommandRouter.Route(command, cancellationToken);
// return the result
return(this.Created($"{GolfClubController.ControllerRoute}/{golfClubId}/users/{request.EmailAddress}",
new CreateMatchSecretaryResponse
{
GolfClubId = golfClubId,
UserName = request.EmailAddress
}));
}
public async Task <IActionResult> IssueVoucher(IssueVoucherRequest issueVoucherRequest,
CancellationToken cancellationToken)
{
// Reject password tokens
if (ClaimsHelper.IsPasswordToken(this.User))
{
return(this.Forbid());
}
Guid voucherId = Guid.NewGuid();
DateTime issuedDateTime = issueVoucherRequest.IssuedDateTime.HasValue ? issueVoucherRequest.IssuedDateTime.Value : DateTime.Now;
BusinessLogic.Requests.IssueVoucherRequest request = BusinessLogic.Requests.IssueVoucherRequest.Create(voucherId,
issueVoucherRequest.OperatorIdentifier,
issueVoucherRequest.EstateId,
issueVoucherRequest.TransactionId,
issuedDateTime,
issueVoucherRequest.Value,
issueVoucherRequest.RecipientEmail,
issueVoucherRequest.RecipientMobile);
IssueVoucherResponse response = await this.Mediator.Send(request, cancellationToken);
// TODO: Populate the GET route
return(this.Created("", this.ModelFactory.ConvertFrom(response)));
}
public async Task <IActionResult> AddTournamentDivision([FromRoute] Guid golfClubId,
[FromBody] AddTournamentDivisionToGolfClubRequest request,
CancellationToken cancellationToken)
{
// Get the Golf Club Id claim from the user
Claim golfClubIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.GolfClubId, golfClubId.ToString());
Boolean validationResult = ClaimsHelper.ValidateRouteParameter(golfClubId, golfClubIdClaim);
if (validationResult == false)
{
return(this.Forbid());
}
// Create the command
AddTournamentDivisionToGolfClubCommand command = AddTournamentDivisionToGolfClubCommand.Create(Guid.Parse(golfClubIdClaim.Value), request);
// Route the command
await this.CommandRouter.Route(command, cancellationToken);
// return the result
return(this.Created($"{GolfClubController.ControllerRoute}/{golfClubId}/tournamentdivisions/{request.Division}",
new AddTournamentDivisionToGolfClubResponse
{
GolfClubId = golfClubId,
TournamentDivision = request.Division
}));
}
public IActionResult ClearCart()
{
var email = ClaimsHelper.GetClaim(User, "name");
_shoppingCartService.ClearCart(email);
return(NoContent());
}
public async Task <IActionResult> RequestClubMembership([FromRoute] Guid golfClubId,
[FromRoute] Guid playerId,
CancellationToken cancellationToken)
{
// Get the Player Id claim from the user
Claim playerIdClaim = ClaimsHelper.GetUserClaim(this.User, CustomClaims.PlayerId, playerId.ToString());
Boolean validationResult = ClaimsHelper.ValidateRouteParameter(playerId, playerIdClaim);
if (validationResult == false)
{
return(this.Forbid());
}
// Create the command
RequestClubMembershipCommand command = RequestClubMembershipCommand.Create(Guid.Parse(playerIdClaim.Value), golfClubId);
// Route the command
await this.CommandRouter.Route(command, cancellationToken);
// return the result
return(this.Created($"api/players/{playerId}",
new RequestClubMembershipResponse
{
GolfClubId = golfClubId,
PlayerId = playerId,
MembershipId = Guid.Empty
}));
}
public IActionResult Get()
{
//Get Roles for current user
var roles = ClaimsHelper.GetValues <string>((ClaimsIdentity)User.Identity, "role");
return(Ok($"Current user ({User.Identity.Name}) have following roles: {string.Join("|", roles)}"));
}
public Service.User GetCurrentUser()
{
Guid authenticatedUserId = ClaimsHelper.GetUserIdFromClaims();
var user = _context.Users.GetById(authenticatedUserId);
return(ConvertToServiceLayerUser(user));
}
