public async Task <IActionResult> AcceptOrganisationInvite(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "OrganisationInvite/{OrganisationInviteId}")] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function(AcceptOrganisationInvite) processed a request.");
try
{
var accessTokenResult = _tokenProvider.ValidateToken(req);
if (accessTokenResult.Status != AccessTokenStatus.Valid)
{
return(new UnauthorizedResult());
}
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var organisationInvite = JsonConvert.DeserializeObject <OrganisationInvite>(requestBody);
Guid userAccountId = new Guid(accessTokenResult.Principal.Claims.First(c => c.Type == "UserAccount").Value);
var organisationInviteRepo = new OrganisationInviteRepository();
organisationInvite = organisationInviteRepo.GetOrganisationInviteById(organisationInvite.OrganisationInviteId);
if (userAccountId != organisationInvite.InviteeId)
{
return(new BadRequestObjectResult("User sending request is not the invitee"));
}
var organisationMembership = new OrganisationMembership()
{
OrganisationId = organisationInvite.OrganisationId,
UserAccountId = organisationInvite.InviteeId,
OrganisationInviteId = organisationInvite.OrganisationInviteId,
UserType = organisationInvite.InviteUserType
};
var organisationMembershipRepo = new OrganisationMembershipRepository();
if (organisationMembershipRepo.AlreadyHasAMembershipInOrganisation(userAccountId, organisationInvite.OrganisationId))
{
return(new BadRequestObjectResult("User already a member of this Organisation."));
}
organisationMembershipRepo.CreateOrganisationMembership(organisationMembership);
organisationInviteRepo.UseOrganisationInvite(organisationInvite.OrganisationInviteId);
// return JWT with the newly joined Organisation's Id
var jwt = _tokenCreator.CreateToken(userAccountId, organisationInvite.OrganisationId);
return(new OkObjectResult(jwt));
}
catch (Exception exception)
{
return(new BadRequestObjectResult(exception.Message));
}
}
public async Task <IActionResult> CreateOrganisation(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "Organisation/CreateOrganisation")] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function(CreateOrganisation) processed a request.");
try
{
var accessTokenResult = _tokenProvider.ValidateToken(req);
if (accessTokenResult.Status == AccessTokenStatus.Valid)
{
Guid userAccountId = new Guid(accessTokenResult.Principal.Claims.First(c => c.Type == "UserAccount").Value);
log.LogInformation($"JWT validated for UserAccount: {userAccountId}.");
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var organisationCreateModel = JsonConvert.DeserializeObject <OrganisationCreateModel>(requestBody);
var organisation = new Organisation()
{
OrganisationName = organisationCreateModel.OrganisationName,
CreatedById = userAccountId
};
var organisationRepo = new OrganisationRepository();
var organisationId = organisationRepo.CreateOrganisation(organisation);
var organisationMembership = new OrganisationMembership()
{
OrganisationId = organisationId,
UserAccountId = userAccountId,
UserType = UserType.OrganisationOwner,
OrganisationInviteId = null
};
// store the OrganisationMembership
var organisationMembershipRepo = new OrganisationMembershipRepository();
organisationMembershipRepo.CreateOrganisationMembership(organisationMembership);
// create JWT with the OrganisationId as
var jwt = _tokenCreator.CreateToken(userAccountId, organisationId);
return(new OkObjectResult(jwt));
}
else
{
return(new UnauthorizedResult());
}
}
catch (Exception exception)
{
return(new BadRequestObjectResult(exception.Message));
}
}
public async Task <IActionResult> DeleteOrganisation(
[HttpTrigger(AuthorizationLevel.Anonymous, "delete", Route = "Organisation/DeleteOrganisation")] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function(DeleteOrganisation) processed a request.");
try
{
// Validate JWT
var accessTokenResult = _tokenProvider.ValidateToken(req);
if (accessTokenResult.Status != AccessTokenStatus.Valid)
{
return(new UnauthorizedResult());
}
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var userAccountCreateModel = JsonConvert.DeserializeObject <UserAccountCreateModel>(requestBody);
// Validate Email/Password
var loginManager = new LoginManager();
var loginResult = loginManager.AttemptLogin(userAccountCreateModel.EmailAddress, userAccountCreateModel.Password);
if (loginResult.Status != LoginStatus.Success)
{
return(new BadRequestObjectResult(loginResult.FailureReason));
}
Guid userAccountId = new Guid(accessTokenResult.Principal.Claims.First(c => c.Type == "UserAccount").Value);
Guid organisationId = new Guid(accessTokenResult.Principal.Claims.First(c => c.Type == "Organisation").Value);
// Make sure this UserAccount is the Organisation Owner
var organisationMembershipRepository = new OrganisationMembershipRepository();
var organisationMembership = organisationMembershipRepository.GetOrganisationMembership(userAccountId, organisationId);
if (organisationMembership.UserType == UserType.OrganisationOwner)
{
var organisationRepo = new OrganisationRepository();
bool deleted = organisationRepo.DeleteOrganisation(organisationId);
return(new OkObjectResult(deleted));
}
else
{
return(new UnauthorizedResult());
}
}
catch (Exception exception)
{
return(new BadRequestObjectResult(exception.Message));
}
}
public async Task <IActionResult> ChangeActiveOrganisation([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "Organisation/ChangeActiveOrganisation")] HttpRequest req, ILogger log)
{
log.LogInformation("C# HTTP trigger function(ChangeActiveOrganisation) processed a request.");
try
{
// Validate JWT
var accessTokenResult = _tokenProvider.ValidateToken(req);
if (accessTokenResult.Status != AccessTokenStatus.Valid)
{
return(new UnauthorizedResult());
}
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
// not sure if I should check if this organisation exists first?
var targetOrganisation = JsonConvert.DeserializeObject <Organisation>(requestBody);
Guid userAccountId = new Guid(accessTokenResult.Principal.Claims.First(c => c.Type == "UserAccount").Value);
Guid organisationId = new Guid(accessTokenResult.Principal.Claims.First(c => c.Type == "Organisation").Value);
// Make sure this user is a member of the organisation
var organisationMembershipRepository = new OrganisationMembershipRepository();
var organisationMembership = organisationMembershipRepository.GetOrganisationMembership(userAccountId, organisationId);
if (organisationMembership != null)
{
// return JWT with UserAccountId
var jwt = _tokenCreator.CreateToken(userAccountId, targetOrganisation.OrganisationId);
return(new OkObjectResult(jwt));
}
else
{
return(new ConflictObjectResult("User is not a member of this Organisation. Please contact support."));
}
}
catch (Exception exception)
{
return(new BadRequestObjectResult(exception.Message));
}
}
