/// <summary>
/// See status of user opt-in
/// </summary>
/// <param name="db"></param>
/// <param name="type"></param>
/// <returns></returns>
public static bool IsOptInActive(NancyBlackDatabase db, NancyContext ctx, string type)
{
NcbUser user = ctx.CurrentUser as NcbUser;
if (user.IsAnonymous)
{
return(false);
}
var optin = db.Query <FacebookMessengerOptIn>()
.Where(o => o.NcbUserId == user.Id && o.OptInType == type)
.FirstOrDefault();
return(optin != null);
}
/// <summary>
/// Determine whether current user has permission to perform action on the given type
/// </summary>
/// <param name="context"></param>
/// <param name="typeName"></param>
/// <param name="action"></param>
/// <returns></returns>
public static bool HasPermission(NancyContext context, string typeName, string action)
{
NcbUser user = context.CurrentUser as NcbUser;
if (user.HasClaim("admin"))
{
return(true);
}
var sitesettings = context.GetSiteSettings();
if (sitesettings.tablesec == null)
{
return(true); // tablesec was not configured, default to allow
}
if (sitesettings.tablesec.enable == false)
{
return(true); // tablesec was turned off
}
var normalizedName = DataTypeFactory.NormalizeTypeName(typeName);
JObject permission = sitesettings.tablesec[normalizedName];
if (permission == null)
{
return(false);
}
if (permission[action] == null)
{
return(false);
}
return((bool)permission[action]["enable"] == true);
}
/// <summary>
/// Refresh access token for given user
/// </summary>
public static void RefreshTokenIfRequired(NancyBlackDatabase db, dynamic siteSettings, NcbUser user)
{
if (user.GoogleOAuthToken == null ||
user.GoogleOAuthToken.refresh_token == null)
{
throw new ArgumentException("User was never authenticated with google or does not have refresh_token");
}
// No need to refresh token
if (((DateTime)user.GoogleOAuthToken.Expiry).Subtract(DateTime.Now).TotalMinutes > 2)
{
return;
}
// Gets the token
{
var client = new RestClient("https://www.googleapis.com/");
var req = new RestRequest("/oauth2/v4/token");
req.Method = Method.POST;
req.AddParameter("client_id", siteSettings.google.ClientID);
req.AddParameter("client_secret", siteSettings.google.ClientSecret);
req.AddParameter("refresh_token", user.GoogleOAuthToken.refresh_token);
req.AddParameter("grant_type", "refresh_token");
var response = client.Execute(req);
if (response.StatusCode != System.Net.HttpStatusCode.OK)
{
throw new InvalidOperationException(response.Content);
}
dynamic result = JObject.Parse(response.Content);
user.GoogleOAuthToken.access_token = result.access_token;
user.GoogleOAuthToken.expires_in = result.expires_in;
user.GoogleOAuthToken.Expiry = DateTime.Now.AddSeconds((int)user.GoogleOAuthToken.expires_in);
db.UpsertRecord(user);
}
}
