public async Task HandleAsync(CreateAccessRecord message, IRequestInfo requestInfo)
{
IUserDocument userDocument = await _userRepository.GetByCodeAsync(message.Code);
if (userDocument is null)
{
_publisher.PublishEvent(new AccessRecordRejected(Codes.InvalidId, "The code used is invalid."), requestInfo);
_logger.LogError($"User with code: {message.Code} could not be found.");
return;
}
if (!await _servicesRepository.IsSiteIdValid(message.SiteId))
{
_publisher.PublishEvent(new AccessRecordRejected(Codes.InvalidId, "The site could not be found."), requestInfo);
_logger.LogError($"Site with id: {message.SiteId} could not be found.");
return;
}
await _userStatusService.Update(userDocument.Id, message.Action, message.SiteId);
var record = _factory.Create(userDocument.Id, message.SiteId, message.Action, userDocument.BusinessId);
await _accessRecordRepository.AddAsync(record);
_publisher.PublishEvent(new AccessRecordCreated(), requestInfo);
string action = message.Action == AccessAction.In ? "in" : "out";
_logger.LogInformation($"{userDocument.FirstName + " " + userDocument.SecondName} signed {action} on : {record.TimeStamp}.", LoggingCategories.Access);
}
public async Task ResetPassword(Guid code, string email, string password, string passwordConfirm)
{
var request = await _resetRequestRepository.GetAsync(code);
if (request is null || request.Email != email || request.RequestedAt > (DateTime.UtcNow + _passwordExpiryTime))
{
_logger.LogWarning($"The password reset failed for user with email: {email} and code: {code}.");
throw new VmsException(Codes.InvalidCode, "The reset request cannot be found or may have expired.");
}
if (password != passwordConfirm)
{
_logger.LogWarning("Reset rejected as passwords do not match");
throw new VmsException(Codes.InvalidCredentials, "The passwords provided do not match.");
}
var identity = await _identityRepository.GetByEmail(email);
if (identity is null || identity.Role == Roles.SystemAdmin)
{
_logger.LogError("The identity could not be resolved to reset the password");
throw new VmsException(Codes.InvalidEmail, "The email provided could not resolve an account.");
}
var encryptedPassword = _passwordManager.EncryptPassword(password);
identity.UpdatePassword(encryptedPassword.Hash, encryptedPassword.Salt);
await _identityRepository.UpdateAsync(identity);
_logger.LogInformation($"Password successfully reset for user with email: {email}.");
}
public async Task Validate(Guid businessId, IEnumerable <VisitorDataEntry> data)
{
var dataSpecs = await _specificationRepository.GetEntriesAsync(businessId);
var dataSpecificationDocuments = dataSpecs.ToList();
var visitorDataEntries = data.ToList();
if (!dataSpecificationDocuments.Any())
{
_logger.LogError($"No data specs for business with id {businessId}");
throw new VmsException(Codes.InvalidBusinessId, "There are no data fields for the business.");
}
foreach (var dataSpecificationDocument in dataSpecificationDocuments)
{
if (visitorDataEntries.FirstOrDefault(d => d.FieldId == dataSpecificationDocument.Id) == null)
{
throw new VmsException(Codes.InvalidFieldCount, "All the data fields have not been specified.");
}
}
foreach (var entry in visitorDataEntries)
{
var spec = dataSpecificationDocuments.FirstOrDefault(s => s.Id == entry.FieldId);
if (spec is null)
{
_logger.LogError($"No data specification found with id: {entry.FieldId}");
throw new VmsException(Codes.InvalidId, "The data presented does not match our specification");
}
if (!_specificationValidator.IsDataValid(entry.Value, spec.ValidationCode))
{
throw new VmsException(Codes.ValidationError, spec.ValidationMessage);
}
}
}
public async Task <IEnumerable <AccessRecordDto> > HandleAsync(GetPersonalAccessRecords query)
{
var user = query.AccountId == Guid.Empty ?
await _userRepository.GetAsync(query.UserId) :
await _userRepository.GetFromAccountId(query.AccountId);
if (user is null)
{
_logger.LogError($"User not found with id: {query.AccountId}");
throw new VmsException(Codes.InvalidId, "The user with that id requested cannot be found.");
}
var records = await _accessRecordRepository.GetForUser(user.Id);
var ret = new List <AccessRecordDto>();
foreach (var accessRecord in records)
{
var site = await _siteRepository.GetSiteNameAsync(accessRecord.SiteId);
ret.Add(new AccessRecordDto
{
Action = accessRecord.Action == AccessAction.In ? "in" : "out",
Id = accessRecord.Id,
SiteId = accessRecord.SiteId,
Date = accessRecord.TimeStamp.ToShortDateString(),
Time = accessRecord.TimeStamp.ToShortTimeString(),
TimeStamp = accessRecord.TimeStamp,
SiteName = site
});
}
return(ret.OrderByDescending(r => r.TimeStamp));
}