public async Task <ListResponseModel <CollectionResponseModel> > Get(string orgId)
{
var orgIdGuid = new Guid(orgId);
if (!await _currentContext.ViewAllCollections(orgIdGuid) && !await _currentContext.ManageUsers(orgIdGuid))
{
throw new NotFoundException();
}
IEnumerable <Collection> orgCollections;
if (await _currentContext.OrganizationOwner(orgIdGuid))
{
// User may be a Provider for the organization, in which case GetManyByUserIdAsync won't return any results
// But they have access to all organization collections, so we can safely get by orgId instead
orgCollections = await _collectionRepository.GetManyByOrganizationIdAsync(orgIdGuid);
}
else
{
var collections = await _collectionRepository.GetManyByUserIdAsync(_currentContext.UserId.Value);
orgCollections = collections.Where(c => c.OrganizationId == orgIdGuid);
}
var responses = orgCollections.Select(c => new CollectionResponseModel(c));
return(new ListResponseModel <CollectionResponseModel>(responses));
}
public async Task RedeemSponsorship([FromQuery] string sponsorshipToken, [FromBody] OrganizationSponsorshipRedeemRequestModel model)
{
if (!await _organizationsSponsorshipService.ValidateRedemptionTokenAsync(sponsorshipToken, (await CurrentUser).Email))
{
throw new BadRequestException("Failed to parse sponsorship token.");
}
if (!await _currentContext.OrganizationOwner(model.SponsoredOrganizationId))
{
throw new BadRequestException("Can only redeem sponsorship for an organization you own.");
}
await _organizationsSponsorshipService.SetUpSponsorshipAsync(
await _organizationSponsorshipRepository
.GetByOfferedToEmailAsync((await CurrentUser).Email),
// Check org to sponsor's product type
await _organizationRepository.GetByIdAsync(model.SponsoredOrganizationId));
}
public async Task <OrganizationResponseModel> Get(string id)
{
var orgIdGuid = new Guid(id);
if (!await _currentContext.OrganizationOwner(orgIdGuid))
{
throw new NotFoundException();
}
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
if (organization == null)
{
throw new NotFoundException();
}
return(new OrganizationResponseModel(organization));
}
public async Task RedeemSponsorship([FromQuery] string sponsorshipToken, [FromBody] OrganizationSponsorshipRedeemRequestModel model)
{
var(valid, sponsorship) = await _validateRedemptionTokenCommand.ValidateRedemptionTokenAsync(sponsorshipToken, (await CurrentUser).Email);
if (!valid)
{
throw new BadRequestException("Failed to parse sponsorship token.");
}
if (!await _currentContext.OrganizationOwner(model.SponsoredOrganizationId))
{
throw new BadRequestException("Can only redeem sponsorship for an organization you own.");
}
await _setUpSponsorshipCommand.SetUpSponsorshipAsync(
sponsorship,
await _organizationRepository.GetByIdAsync(model.SponsoredOrganizationId));
}
private async Task <bool> HasPermissionAsync(Guid?organizationId, OrganizationConnectionType?type = null)
{
if (!organizationId.HasValue)
{
return(false);
}
return(type switch
{
OrganizationConnectionType.Scim => await _currentContext.ManageScim(organizationId.Value),
_ => await _currentContext.OrganizationOwner(organizationId.Value),
});
public async Task <ListResponseModel <CipherMiniDetailsResponseModel> > GetOrganizationCollections(
string organizationId)
{
var userId = _userService.GetProperUserId(User).Value;
var orgIdGuid = new Guid(organizationId);
if (!await _currentContext.ViewAllCollections(orgIdGuid) && !await _currentContext.AccessReports(orgIdGuid))
{
throw new NotFoundException();
}
IEnumerable <Cipher> orgCiphers;
if (await _currentContext.OrganizationOwner(orgIdGuid))
{
// User may be a Provider for the organization, in which case GetManyByUserIdAsync won't return any results
// But they have access to all organization ciphers, so we can safely get by orgId instead
orgCiphers = await _cipherRepository.GetManyByOrganizationIdAsync(orgIdGuid);
}
else
{
var ciphers = await _cipherRepository.GetManyByUserIdAsync(userId, true);
orgCiphers = ciphers.Where(c => c.OrganizationId == orgIdGuid);
}
var orgCipherIds = orgCiphers.Select(c => c.Id);
var collectionCiphers = await _collectionCipherRepository.GetManyByOrganizationIdAsync(orgIdGuid);
var collectionCiphersGroupDict = collectionCiphers
.Where(c => orgCipherIds.Contains(c.CipherId))
.GroupBy(c => c.CipherId).ToDictionary(s => s.Key);
var responses = orgCiphers.Select(c => new CipherMiniDetailsResponseModel(c, _globalSettings,
collectionCiphersGroupDict));
var providerId = await _currentContext.ProviderIdForOrg(orgIdGuid);
if (providerId.HasValue)
{
await _providerService.LogProviderAccessToOrganizationAsync(orgIdGuid);
}
return(new ListResponseModel <CipherMiniDetailsResponseModel>(responses));
}
private async Task <bool> HasPermissionAsync(Guid?organizationId) => organizationId.HasValue && await _currentContext.OrganizationOwner(organizationId.Value);
