public DocumentForSignatureValidator( IAlfrescoHttpClient alfrescoHttpClient, IIdentityUser identityUser, IAlfrescoConfiguration alfrescoConfiguration, ISimpleMemoryCache simpleMemoryCache, ISystemLoginService systemLoginService) { var adminHttpClient = new AlfrescoHttpClient(alfrescoConfiguration, new AdminAuthentification(simpleMemoryCache, alfrescoConfiguration, systemLoginService)); RuleFor(o => o) .Cascade(CascadeMode.StopOnFirstFailure) .MustAsync(async(context, cancellationToken) => { _nodeEntry = await alfrescoHttpClient.GetNodeInfo(context.NodeId, ImmutableList <Parameter> .Empty .Add(new Parameter(AlfrescoNames.Headers.Include, $"{AlfrescoNames.Includes.Path}", ParameterType.QueryString))); _groupPagingCurrentUser = await alfrescoHttpClient.GetPersonGroups(identityUser.Id); _groupPagingNextOwner = await adminHttpClient.GetPersonGroups(context.Body.User); return(_nodeEntry?.Entry?.Id != null && _groupPagingCurrentUser != null && _groupPagingNextOwner != null); }) .WithName(x => nameof(x.NodeId)) .WithMessage("Something went wrong with alfresco server.") .DependentRules(() => { RuleFor(x => x) .Must(y => _groupPagingCurrentUser?.List?.Entries?.Any(q => q.Entry.Id == identityUser.RequestGroup) ?? false) .WithName(x => "Group") .WithMessage($"User isn't member of group {identityUser.RequestGroup}."); RuleFor(x => x) .Must(y => _groupPagingNextOwner?.List?.Entries?.Any(q => q.Entry.Id == $"{y.Body.Group}_Sign") ?? false) .WithName(x => "Group") .WithMessage("User for signing isn't member of group with postfix _Sign."); RuleFor(x => x.NodeId) .Must(x => _nodeEntry?.Entry?.NodeType == SpisumNames.NodeTypes.Document) .WithMessage($"NodeId must be type of {SpisumNames.NodeTypes.Document}."); RuleFor(x => x) .Must(x => _nodeEntry?.Entry?.Path?.Name?.StartsWith(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.Evidence, StringComparison.OrdinalIgnoreCase) == true) .OnAnyFailure(x => throw new BadRequestException("Document must be in evidence site.")); RuleFor(x => x.NodeId) .Must(x => _nodeEntry.Entry.Path.Name.Equals(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.EvidenceDocumentsForProcessing(identityUser.RequestGroup)) || _nodeEntry.Entry.Path.Name.Equals(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.EvidenceFilesDocumentsForProcessing(identityUser.RequestGroup))) .WithMessage($"NodeId must be in path {SpisumNames.Paths.EvidenceDocumentsForProcessing(identityUser.RequestGroup)} or {SpisumNames.Paths.EvidenceFilesDocumentsForProcessing(identityUser.RequestGroup)}."); }); RuleFor(x => x) .Must(x => !string.IsNullOrEmpty(x?.Body?.User)) .When(x => x?.Body != null) .WithName(x => nameof(x.Body.User)) .WithMessage("You have to fill user."); RuleFor(x => x) .Must(x => !string.IsNullOrEmpty(x?.Body?.Group)) .When(x => x?.Body != null) .WithName(x => nameof(x.Body.Group)) .WithMessage("You have to fill group."); }
public async Task <byte[]> DownloadFile(string token, string componentId) { var alfrescoClient = new AlfrescoHttpClient(_alfrescoConfiguration, new SignerAuthentification(_simpleMemoryCache, token)); var fileContent = await alfrescoClient.NodeContent(componentId); return(fileContent.File); }
public async Task UploadFile(string token, string documentId, string componentId, byte[] newComponent) { var alfrescoClient = new AlfrescoHttpClient(_alfrescoConfiguration, new SignerAuthentification(_simpleMemoryCache, token)); var nodeService = new NodesService(_alfrescoConfiguration, alfrescoClient, _auditLogService, _identityUser, _mapper, _simpleMemoryCache, _transactionHistoryService, _systemLoginService, _repositoryService); var componentService = new ComponentService(alfrescoClient, nodeService, _personService, _identityUser, _auditLogService); var nodeEntry = await alfrescoClient.GetNodeInfo(componentId, ImmutableList <Parameter> .Empty .Add(new Parameter(AlfrescoNames.Headers.Include, $"{AlfrescoNames.Includes.Properties}, {AlfrescoNames.Includes.Path}", ParameterType.QueryString))); var properties = nodeEntry?.Entry?.Properties?.As <JObject>().ToDictionary(); var pdfValidation = await _signerClient.Validate(newComponent); var certValidation = await _signerClient.ValidateCertificate(pdfValidation?.Report?.sigInfos[0]?.signCert.Data); await UnlockNode(alfrescoClient, documentId); await UnlockNode(alfrescoClient, componentId); await componentService.UploadNewVersionComponent(documentId, componentId, newComponent, Path.ChangeExtension(properties.GetNestedValueOrDefault(SpisumNames.Properties.FileName)?.ToString(), ".pdf"), MediaTypeNames.Application.Pdf); var node = await alfrescoClient.UpdateNode(componentId, GetSignerProperties(pdfValidation, certValidation, true)); await LockNode(alfrescoClient, documentId); await LockNode(alfrescoClient, componentId); try { var componentPid = nodeEntry?.GetPid(); // Audit log for a document if (node?.Entry?.NodeType == SpisumNames.NodeTypes.Document) { await _auditLogService.Record(documentId, SpisumNames.NodeTypes.Component, componentPid, NodeTypeCodes.Komponenta, EventCodes.PripojeniPodpisu, TransactinoHistoryMessages.DocumentSignComponent); } // Audit log for a file var documentFileParent = await _alfrescoHttpClient.GetNodeParents(documentId, ImmutableList <Parameter> .Empty .Add(new Parameter(AlfrescoNames.Headers.Include, AlfrescoNames.Includes.Properties, ParameterType.QueryString)) .Add(new Parameter(AlfrescoNames.Headers.Where, $"(assocType='{SpisumNames.Associations.Documents}')", ParameterType.QueryString)) .Add(new Parameter(AlfrescoNames.Headers.MaxItems, "1", ParameterType.QueryString))); var fileId = documentFileParent?.List?.Entries?.FirstOrDefault()?.Entry?.Id; if (fileId != null) { await _auditLogService.Record(fileId, SpisumNames.NodeTypes.Component, componentPid, NodeTypeCodes.Komponenta, EventCodes.PripojeniPodpisu, TransactinoHistoryMessages.DocumentSignComponent); } } catch (Exception ex) { Log.Logger?.Error(ex, "Audit log failed"); } }
public DocumentBorrowValidator(IAlfrescoHttpClient alfrescoHttpClient, IIdentityUser identityUser, IAlfrescoConfiguration alfrescoConfiguration, ISimpleMemoryCache simpleMemoryCache, ISystemLoginService systemLoginService) { var adminHttpClient = new AlfrescoHttpClient(alfrescoConfiguration, new AdminAuthentification(simpleMemoryCache, alfrescoConfiguration, systemLoginService)); _identityUser = identityUser; RuleFor(o => o) .Cascade(CascadeMode.StopOnFirstFailure) .MustAsync(async(context, cancellationToken) => { _nodeEntry = await alfrescoHttpClient.GetNodeInfo(context.NodeId, ImmutableList <Parameter> .Empty .Add(new Parameter(AlfrescoNames.Headers.Include, AlfrescoNames.Includes.Path, ParameterType.QueryString))); var documentProperties = _nodeEntry?.Entry?.Properties?.As <JObject>().ToDictionary(); _borrowedUser = documentProperties.GetNestedValueOrDefault(SpisumNames.Properties.Borrower)?.ToString(); _groupPaging = await alfrescoHttpClient.GetPersonGroups(identityUser.Id); _groupRepository = await alfrescoHttpClient.GetGroupMembers(SpisumNames.Groups.RepositoryGroup, ImmutableList <Parameter> .Empty.Add(new Parameter(AlfrescoNames.Headers.Where, AlfrescoNames.MemberType.Group, ParameterType.QueryString))); _groupPagingNextOwner = await adminHttpClient.GetPersonGroups(context.Body.User); return(_nodeEntry?.Entry?.Id != null && _groupPaging != null && _groupPagingNextOwner != null && _groupRepository != null); }) .WithName(x => nameof(x.NodeId)) .WithMessage("Something went wrong with alfresco server.") .DependentRules(() => { RuleFor(x => x) .Must(y => { return(_groupPagingNextOwner?.List?.Entries?.Any(q => q.Entry.Id == y.Body.Group) ?? false); }) .WithName(x => "User") .WithMessage("User isn't member of the Group."); RuleFor(x => x) .Must(y => { return(_groupRepository?.List?.Entries?.Any(x => x.Entry.Id == identityUser.RequestGroup) ?? false); }) .WithName(x => "User") .WithMessage("User isn't member of repository group"); RuleFor(x => x) .Must(y => _groupPaging?.List?.Entries?.Any(q => q.Entry.Id == identityUser.RequestGroup) ?? false) .WithName(x => "Group") .WithMessage($"User isn't member of group {identityUser.RequestGroup}."); RuleFor(x => x.NodeId) .Must(x => _nodeEntry.Entry.NodeType == SpisumNames.NodeTypes.Document) .WithMessage($"NodeId must be type of {SpisumNames.NodeTypes.Document}."); RuleFor(x => x) .Must(x => _nodeEntry?.Entry?.Path?.Name?.StartsWith(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.RepositoryDocuments, StringComparison.OrdinalIgnoreCase) == true) .OnAnyFailure(x => throw new BadRequestException("Document must be in repository site.")); RuleFor(x => x) .Must(x => string.IsNullOrWhiteSpace(_borrowedUser)) .WithMessage("Document is already borrowed"); }); }
public DocumentOwnerHandOverValidator( IAlfrescoHttpClient alfrescoHttpClient, IIdentityUser identityUser, IAlfrescoConfiguration alfrescoConfiguration, ISimpleMemoryCache simpleMemoryCache, ISystemLoginService systemLoginService) { var adminHttpClient = new AlfrescoHttpClient(alfrescoConfiguration, new AdminAuthentification(simpleMemoryCache, alfrescoConfiguration, systemLoginService)); _identityUser = identityUser; RuleFor(o => o) .Cascade(CascadeMode.StopOnFirstFailure) .MustAsync(async(context, cancellationToken) => { _nodeEntry = await alfrescoHttpClient.GetNodeInfo(context.NodeId, ImmutableList <Parameter> .Empty .Add(new Parameter(AlfrescoNames.Headers.Include, $"{AlfrescoNames.Includes.Properties},{AlfrescoNames.Includes.Permissions},{AlfrescoNames.Includes.Path}", ParameterType.QueryString))); _groupPagingCurrentUser = await alfrescoHttpClient.GetPersonGroups(identityUser.Id); if (context?.Body?.NextOwner != null) { _groupPagingNextOwner = await adminHttpClient.GetPersonGroups(context.Body.NextOwner); } return(_nodeEntry?.Entry?.Id != null && _groupPagingCurrentUser != null); }) .WithName(x => nameof(x.NodeId)) .WithMessage("Something went wrong with alfresco server.") .DependentRules(() => { RuleFor(x => x) .Must(y => { if (y?.Body?.NextOwner == null) { return(true); } return(_groupPagingNextOwner?.List?.Entries?.Any(q => q.Entry.Id == y.Body.NextGroup) ?? false); }) .WithName(x => "Group") .WithMessage("NextOwner isn't member of group NextGroup."); RuleFor(x => x) .Must(y => _groupPagingCurrentUser?.List?.Entries?.Any(q => q.Entry.Id == identityUser.RequestGroup) ?? false) .WithName(x => "Group") .WithMessage($"User isn't member of group {identityUser.RequestGroup}."); RuleFor(x => x) .Must(x => _nodeEntry?.Entry?.Path?.Name?.StartsWith(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.Evidence, StringComparison.OrdinalIgnoreCase) == true) .OnAnyFailure(x => throw new BadRequestException("Document must be in evidence site.")); RuleFor(x => x.NodeId) .Must(x => _nodeEntry?.Entry?.NodeType == SpisumNames.NodeTypes.Document || _nodeEntry?.Entry?.NodeType == SpisumNames.NodeTypes.File || _nodeEntry?.Entry?.NodeType == SpisumNames.NodeTypes.Concept) .WithMessage($"NodeId must be type of {SpisumNames.NodeTypes.Document} or {SpisumNames.NodeTypes.File} or {SpisumNames.NodeTypes.Concept}"); RuleFor(x => x.NodeId) .Must(HasAction) .WithName(x => nameof(x.NodeId)) .WithMessage("NodeIs is being handled to different owner. You have cancel it first."); RuleFor(x => x.NodeId) .Must(CanUserMakeAction) .WithMessage("User has no access to this action."); }); RuleFor(x => x) .Must(x => !string.IsNullOrEmpty(x?.Body?.NextOwner) || !string.IsNullOrEmpty(x?.Body?.NextGroup)) .WithName(x => nameof(x.Body.NextOwner)) .WithMessage("You have to fill nextGroup or nextOwner."); RuleFor(x => x) .Must(x => x?.Body?.NextOwner == null || !string.IsNullOrEmpty(x?.Body?.NextGroup)) .WithName(x => nameof(x.Body.NextGroup)) .WithMessage("You have to fill NextGroup."); }