public virtual IActionResult UserDistrictsIdDeletePost([FromRoute] int id)
{
bool exists = _context.HetUserDistrict.Any(a => a.UserDistrictId == id);
// not found
if (!exists)
{
return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
// get record
HetUserDistrict item = _context.HetUserDistrict
.Include(x => x.User)
.First(a => a.UserDistrictId == id);
int userId = item.User.UserId;
// remove record
_context.HetUserDistrict.Remove(item);
_context.SaveChanges();
// return the updated user district records
List <HetUserDistrict> result = _context.HetUserDistrict.AsNoTracking()
.Include(x => x.User)
.Include(x => x.District)
.Where(x => x.User.UserId == userId)
.ToList();
return(new ObjectResult(new HetsResponse(result)));
}
public virtual IActionResult UsersPost([FromBody] HetUser item)
{
// not found
if (item == null)
{
return(new ObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
HetUser user = new HetUser
{
Active = item.Active,
Email = item.Email,
GivenName = item.GivenName,
Surname = item.Surname,
SmUserId = item.SmUserId,
DistrictId = item.District.DistrictId,
AgreementCity = item.AgreementCity
};
HetUserDistrict newUserDistrict = new HetUserDistrict
{
DistrictId = item.District.DistrictId,
IsPrimary = true
};
user.HetUserDistrict.Add(newUserDistrict);
_context.HetUser.Add(user);
_context.SaveChanges();
int id = user.UserId;
// get updated user record and return to UI
return(new ObjectResult(new HetsResponse(UserHelper.GetRecord(id, _context))));
}
public virtual IActionResult UserDistrictsIdSwitchPost([FromRoute] int id)
{
bool exists = _context.HetUserDistrict.Any(a => a.UserDistrictId == id);
// not found
if (!exists)
{
return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
// get record
HetUserDistrict userDistrict = _context.HetUserDistrict.First(a => a.UserDistrictId == id);
string userId = UserAccountHelper.GetUserId(_httpContext);
HetUser user = _context.HetUser.First(a => a.SmUserId == userId);
user.DistrictId = userDistrict.DistrictId;
_context.SaveChanges();
// create new district switch cookie
_httpContext.Response.Cookies.Append(
"HETSDistrict",
userDistrict.DistrictId.ToString(),
new CookieOptions
{
Path = "/",
SameSite = SameSiteMode.None
}
);
return(new ObjectResult(new HetsResponse(user)));
}
public virtual IActionResult UsersCurrentLogoffPost()
{
// get the current user id
string userId = _context.SmUserId;
// not found
if (userId == null)
{
return(new ObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
// get user district
HetUserDistrict userDistrict = _context.HetUserDistrict.AsNoTracking()
.Include(x => x.User)
.Include(x => x.District)
.FirstOrDefault(x => x.User.SmUserId == userId &&
x.IsPrimary);
// if we don't find a primary - look for the first one in the list
if (userDistrict == null)
{
userDistrict = _context.HetUserDistrict.AsNoTracking()
.Include(x => x.User)
.Include(x => x.District)
.FirstOrDefault(x => x.User.SmUserId == userId);
}
// update the current district for the user
if (userDistrict != null)
{
HetUser user = _context.HetUser.First(a => a.SmUserId == userId);
user.DistrictId = userDistrict.District.DistrictId;
_context.SaveChanges();
}
// get the correct logoff url and return
string logoffUrl = _configuration.GetSection("Constants:LogoffUrl-Development").Value;
if (_env.IsProduction())
{
logoffUrl = _configuration.GetSection("Constants:LogoffUrl-Production").Value;
}
else if (_env.IsStaging())
{
logoffUrl = _configuration.GetSection("Constants:LogoffUrl-Test").Value;
}
LogoffModel response = new LogoffModel {
LogoffUrl = logoffUrl
};
return(new ObjectResult(new HetsResponse(response)));
}
public virtual IActionResult UsersPost([FromBody] HetUser item)
{
// not found
if (item == null)
{
return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
// validate that user id is unique
// HETS-1033 - Post Live: Add validation on User ID while adding a new user
item.SmUserId = item.SmUserId?.Trim().ToLower();
HetUser existingUser = _context.HetUser.AsNoTracking()
.FirstOrDefault(x => x.SmUserId.ToLower() == item.SmUserId);
if (existingUser != null)
{
return(new BadRequestObjectResult(new HetsResponse("HETS-38", ErrorViewModel.GetDescription("HETS-38", _configuration))));
}
// add new user
HetUser user = new HetUser
{
Active = item.Active,
Email = item.Email?.Trim(),
GivenName = item.GivenName?.Trim(),
Surname = item.Surname?.Trim(),
SmUserId = item.SmUserId,
DistrictId = item.District.DistrictId,
AgreementCity = item.AgreementCity
};
HetUserDistrict newUserDistrict = new HetUserDistrict
{
DistrictId = item.District.DistrictId,
IsPrimary = true
};
user.HetUserDistrict.Add(newUserDistrict);
_context.HetUser.Add(user);
_context.SaveChanges();
int id = user.UserId;
// get updated user record and return to UI
return(new ObjectResult(new HetsResponse(UserHelper.GetRecord(id, _context))));
}
/// <summary>
/// Process Authentication Request
/// </summary>
/// <returns></returns>
protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
// get SiteMinder headers
_logger.LogDebug("Parsing the HTTP headers for SiteMinder authentication credential");
SiteMinderAuthOptions options = new SiteMinderAuthOptions();
try
{
HttpContext context = Request.HttpContext;
DbAppContext dbAppContext = (DbAppContext)context.RequestServices.GetService(typeof(DbAppContext));
IHostingEnvironment hostingEnv = (IHostingEnvironment)context.RequestServices.GetService(typeof(IHostingEnvironment));
UserSettings userSettings = new UserSettings();
string userId = "";
string siteMinderGuid = "";
string businessGuid = "";
string url = context.Request.GetDisplayUrl().ToLower();
_logger.LogWarning("Timestamp: {0:dd-MM-yyyy HH:mm:ss.FFFF} | Url: {1} | Remote Ip: {0}",
DateTime.Now, url, context.Connection.RemoteIpAddress.ToString());
// ********************************************************
// if this is an Error or Authentication API - Ignore
// ********************************************************
if (url.Contains("/authentication/dev") ||
url.Contains("/error") ||
url.Contains("/hangfire") ||
url.Contains("/swagger"))
{
_logger.LogInformation("Bypassing authentication process ({0})", url);
return(Task.FromResult(AuthenticateResult.NoResult()));
}
// **************************************************
// check if we have a Dev Environment Cookie
// **************************************************
string tempToken = context.Request.Cookies[options.DevAuthenticationTokenKey];
if (hostingEnv.IsDevelopment() && !string.IsNullOrEmpty(tempToken))
{
_logger.LogInformation("Dev Authentication token found ({0})", tempToken);
userId = tempToken;
}
else if ((context.Connection.RemoteIpAddress.ToString().StartsWith("::1") ||
context.Connection.RemoteIpAddress.ToString().StartsWith("::ffff:127.0.0.1")) &&
url.StartsWith("http://*****:*****@"LOCK TABLE ""HET_USER"" IN EXCLUSIVE MODE;");
HetUser user = dbAppContext.HetUser.First(x => x.UserId == updUserId);
user.DistrictId = districtId;
dbAppContext.HetUser.Update(user);
// update user record
dbAppContext.SaveChanges();
// commit
transaction.Commit();
}
}
}
userSettings.SiteMinderGuid = siteMinderGuid;
userSettings.UserAuthenticated = true;
userSettings.BusinessUser = false;
}
// **************************************************
// validate / check user permissions
// **************************************************
_logger.LogInformation("Validating user permissions");
ClaimsPrincipal userPrincipal;
if (userSettings.BusinessUser &&
userSettings.UserAuthenticated &&
userSettings.HetsBusinessUser != null)
{
userPrincipal = userSettings.HetsBusinessUser.ToClaimsPrincipal(options.Scheme);
if (!userPrincipal.HasClaim(HetUser.PermissionClaim, HetPermission.BusinessLogin))
{
_logger.LogWarning(options.MissingDbUserIdError + " (" + userId + ")");
return(Task.FromResult(AuthenticateResult.Fail(options.InvalidPermissions)));
}
}
else
{
userPrincipal = userSettings.HetsUser.ToClaimsPrincipal(options.Scheme);
if (!userPrincipal.HasClaim(HetUser.PermissionClaim, HetPermission.Login) &&
!userPrincipal.HasClaim(HetUser.PermissionClaim, HetPermission.BusinessLogin))
{
_logger.LogWarning(options.MissingDbUserIdError + " (" + userId + ")");
return(Task.FromResult(AuthenticateResult.Fail(options.InvalidPermissions)));
}
}
// **************************************************
// create authenticated user
// **************************************************
_logger.LogInformation("Authentication successful: " + userId);
_logger.LogInformation("Setting identity and creating session for: " + userId);
// **************************************************
// done!
// **************************************************
ClaimsPrincipal principal = userPrincipal;
return(Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(principal, null, Options.Scheme))));
}
catch (Exception exception)
{
_logger.LogError(exception.Message);
Console.WriteLine(exception);
throw;
}
}
public virtual IActionResult UserDistrictsIdPost([FromRoute] int id, [FromBody] HetUserDistrict item)
{
// not found
if (id != item.UserDistrictId)
{
return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
// not found
if (item.User == null)
{
return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
int userId = item.User.UserId;
// get record
List <HetUserDistrict> userDistricts = _context.HetUserDistrict
.Include(x => x.User)
.Include(x => x.District)
.Where(x => x.User.UserId == userId)
.ToList();
bool districtExists;
bool hasPrimary = false;
// add or update user district
if (item.UserDistrictId > 0)
{
int index = userDistricts.FindIndex(a => a.UserDistrictId == item.UserDistrictId);
// not found
if (index < 0)
{
return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
// check if this district already exists
districtExists = userDistricts.Exists(a => a.District.DistrictId == item.District.DistrictId);
// update the record
if (!districtExists)
{
if (item.User != null)
{
userDistricts.ElementAt(index).UserId = item.User.UserId;
}
else
{
// user required
return(new BadRequestObjectResult(new HetsResponse("HETS-17",
ErrorViewModel.GetDescription("HETS-17", _configuration))));
}
if (item.District != null)
{
userDistricts.ElementAt(index).DistrictId = item.District.DistrictId;
}
else
{
// district required
return(new BadRequestObjectResult(new HetsResponse("HETS-18",
ErrorViewModel.GetDescription("HETS-18", _configuration))));
}
}
// manage the primary attribute
if (item.IsPrimary)
{
userDistricts.ElementAt(index).IsPrimary = true;
foreach (HetUserDistrict existingUserDistrict in userDistricts)
{
if (existingUserDistrict.IsPrimary &&
existingUserDistrict.UserDistrictId != item.UserDistrictId)
{
existingUserDistrict.IsPrimary = false;
break;
}
}
}
else
{
userDistricts[index].IsPrimary = false;
foreach (HetUserDistrict existingUserDistrict in userDistricts)
{
if (existingUserDistrict.IsPrimary &&
existingUserDistrict.UserDistrictId != item.UserDistrictId)
{
hasPrimary = true;
break;
}
}
if (!hasPrimary)
{
userDistricts[index].IsPrimary = true;
}
}
}
else // add user district
{
// check if this district already exists
districtExists = userDistricts.Exists(a => a.District.DistrictId == item.District.DistrictId);
// add the record
if (!districtExists)
{
if (item.User != null)
{
item.User = _context.HetUser.FirstOrDefault(a => a.UserId == item.User.UserId);
}
else
{
// user required
return(new BadRequestObjectResult(new HetsResponse("HETS-17", ErrorViewModel.GetDescription("HETS-17", _configuration))));
}
if (item.District != null)
{
item.District = _context.HetDistrict.FirstOrDefault(a => a.DistrictId == item.District.DistrictId);
}
else
{
// district required
return(new BadRequestObjectResult(new HetsResponse("HETS-18", ErrorViewModel.GetDescription("HETS-18", _configuration))));
}
if (item.IsPrimary)
{
item.IsPrimary = true;
foreach (HetUserDistrict existingUserDistrict in userDistricts)
{
if (existingUserDistrict.IsPrimary)
{
existingUserDistrict.IsPrimary = false;
break;
}
}
}
else
{
item.IsPrimary = false;
foreach (HetUserDistrict existingUserDistrict in userDistricts)
{
if (existingUserDistrict.IsPrimary)
{
hasPrimary = true;
break;
}
}
if (!hasPrimary)
{
item.IsPrimary = true;
}
}
_context.HetUserDistrict.Add(item);
}
}
_context.SaveChanges();
// return the updated user district records
List <HetUserDistrict> result = _context.HetUserDistrict.AsNoTracking()
.Include(x => x.User)
.Include(x => x.District)
.Where(x => x.User.UserId == userId)
.ToList();
return(new ObjectResult(new HetsResponse(result)));
}
public virtual IActionResult UsersIdPut([FromRoute] int id, [FromBody] HetUser item)
{
if (item == null || id != item.UserId)
{
// not found
return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
bool exists = _context.HetUser.Any(x => x.UserId == id);
// not found
if (!exists)
{
return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
}
// get record
HetUser user = _context.HetUser
.Include(x => x.District)
.Include(x => x.HetUserDistrict)
.First(x => x.UserId == id);
// validate that user id is unique
// HETS-1033 - Post Live: Add validation on User ID while editing a user
string smUserId = item.SmUserId?.Trim().ToLower();
HetUser existingUser = _context.HetUser.AsNoTracking()
.FirstOrDefault(x => x.SmUserId.ToLower() == smUserId && x.UserId != user.UserId);
if (existingUser != null)
{
return(new BadRequestObjectResult(new HetsResponse("HETS-38", ErrorViewModel.GetDescription("HETS-38", _configuration))));
}
user.ConcurrencyControlNumber = item.ConcurrencyControlNumber;
user.Active = item.Active;
user.Email = item.Email;
user.GivenName = item.GivenName;
user.Surname = item.Surname;
user.SmUserId = item.SmUserId;
user.AgreementCity = item.AgreementCity;
if (item.District != null)
{
bool districtExists = _context.HetDistrict.Any(x => x.DistrictId == item.District.DistrictId);
if (districtExists)
{
HetDistrict district = _context.HetDistrict
.Include(x => x.Region)
.First(x => x.DistrictId == item.District.DistrictId);
user.DistrictId = district.DistrictId;
// check if we need to add this to the User District List too
bool userDistrictExists = false;
foreach (HetUserDistrict userDistrict in user.HetUserDistrict)
{
if (userDistrict.DistrictId == item.District.DistrictId)
{
userDistrictExists = true;
break;
}
}
// if not found - then add it!
if (!userDistrictExists)
{
HetUserDistrict newUserDistrict = new HetUserDistrict
{
UserId = item.UserId,
DistrictId = district.DistrictId
};
if (user.HetUserDistrict == null)
{
user.HetUserDistrict = new List <HetUserDistrict>();
newUserDistrict.IsPrimary = true;
}
user.HetUserDistrict.Add(newUserDistrict);
}
}
}
// save changes
_context.SaveChanges();
// get updated user record and return to UI
return(new ObjectResult(new HetsResponse(UserHelper.GetRecord(id, _context))));
}
/// <summary>
/// Map data
/// </summary>
/// <param name="dbContext"></param>
/// <param name="oldObject"></param>
/// <param name="user"></param>
/// <param name="systemId"></param>
/// <param name="smUserId"></param>
/// <param name="firstName"></param>
/// <param name="lastName"></param>
/// <param name="maxUserIndex"></param>
private static void CopyToInstance(DbAppContext dbContext, ImportModels.UserHets oldObject,
ref HetUser user, string systemId, string smUserId, string firstName, string lastName,
ref int maxUserIndex)
{
try
{
// file contains multiple records per user (1 for each district they can access)
// we are currently importing 1 only -> where Default_Service_Area = Y
if (oldObject.Default_Service_Area != "Y")
{
return;
}
// check if this user already exists in the db
bool userExists = dbContext.HetUser.Any(x => x.SmUserId == smUserId);
if (userExists)
{
user = dbContext.HetUser.First(x => x.SmUserId == smUserId);
// *******************************************************************
// check if this is a different district
// *******************************************************************
int serviceAreaId;
try
{
serviceAreaId = int.Parse(oldObject.Service_Area_Id);
}
catch
{
// not mapped correctly
throw new ArgumentException(string.Format("User Error - Invalid Service Area (userId: {0}", user.SmUserId));
}
HetServiceArea serviceArea = dbContext.HetServiceArea.AsNoTracking()
.FirstOrDefault(x => x.MinistryServiceAreaId == serviceAreaId);
if (serviceArea == null)
{
// not mapped correctly
throw new ArgumentException(string.Format("User Error - Invalid Service Area (userId: {0}", user.SmUserId));
}
int tempUserId = user.UserId;
int?tempDistrictId = serviceArea.DistrictId;
if (tempDistrictId != null)
{
HetUserDistrict userDistrict = dbContext.HetUserDistrict.AsNoTracking()
.FirstOrDefault(x => x.User.UserId == tempUserId &&
x.District.DistrictId == tempDistrictId);
// ***********************************************
// create user district record
// ***********************************************
if (userDistrict == null)
{
userDistrict = new HetUserDistrict
{
UserId = tempUserId,
DistrictId = tempDistrictId,
AppCreateTimestamp = DateTime.UtcNow,
AppCreateUserid = systemId,
AppLastUpdateUserid = systemId,
AppLastUpdateTimestamp = DateTime.UtcNow
};
dbContext.HetUserDistrict.Add(userDistrict);
dbContext.SaveChangesForImport();
}
}
}
else
{
user = new HetUser
{
UserId = ++maxUserIndex,
Active = true,
SmUserId = smUserId,
SmAuthorizationDirectory = "IDIR"
};
if (!string.IsNullOrEmpty(firstName))
{
user.GivenName = firstName;
}
if (!string.IsNullOrEmpty(lastName))
{
user.Surname = lastName;
}
// *******************************************************************
// create initials
// *******************************************************************
string temp = "";
if (!string.IsNullOrEmpty(lastName) && lastName.Length > 0)
{
temp = lastName.Substring(0, 1).ToUpper();
}
if (!string.IsNullOrEmpty(firstName) && firstName.Length > 0)
{
temp = temp + firstName.Substring(0, 1).ToUpper();
}
if (!string.IsNullOrEmpty(temp))
{
user.Initials = temp;
}
// *******************************************************************
// map user to the correct service area
// *******************************************************************
int serviceAreaId;
try
{
serviceAreaId = int.Parse(oldObject.Service_Area_Id);
}
catch
{
// not mapped correctly
throw new ArgumentException(string.Format("User Error - Invalid Service Area (userId: {0}", user.SmUserId));
}
HetServiceArea serviceArea = dbContext.HetServiceArea.AsNoTracking()
.FirstOrDefault(x => x.MinistryServiceAreaId == serviceAreaId);
if (serviceArea == null)
{
// not mapped correctly
throw new ArgumentException(string.Format("User Error - Invalid Service Area (userId: {0}", user.SmUserId));
}
user.DistrictId = serviceArea.DistrictId;
// *******************************************************************
// set the user's role
// ** all new users will be added with basic access only
// *******************************************************************
HetUserRole userRole = new HetUserRole();
HetRole role = dbContext.HetRole.FirstOrDefault(x => x.Name == "HETS District User");
int roleId = -1;
if (role != null)
{
roleId = role.RoleId;
}
// ***********************************************
// create user
// ***********************************************
user.AppCreateTimestamp = DateTime.UtcNow;
user.AppCreateUserid = systemId;
user.AppLastUpdateUserid = systemId;
user.AppLastUpdateTimestamp = DateTime.UtcNow;
userRole.Role = dbContext.HetRole.First(x => x.RoleId == roleId);
userRole.EffectiveDate = DateTime.UtcNow.AddDays(-1);
userRole.AppCreateTimestamp = DateTime.UtcNow;
userRole.AppCreateUserid = systemId;
userRole.AppLastUpdateUserid = systemId;
userRole.AppLastUpdateTimestamp = DateTime.UtcNow;
user.HetUserRole = new List <HetUserRole> {
userRole
};
dbContext.HetUser.Add(user);
dbContext.SaveChangesForImport();
// ***********************************************
// create user district record
// ***********************************************
HetUserDistrict userDistrict = new HetUserDistrict
{
UserId = user.UserId,
DistrictId = user.DistrictId,
IsPrimary = true,
AppCreateTimestamp = DateTime.UtcNow,
AppCreateUserid = systemId,
AppLastUpdateUserid = systemId,
AppLastUpdateTimestamp = DateTime.UtcNow
};
dbContext.HetUserDistrict.Add(userDistrict);
dbContext.SaveChangesForImport();
}
}
catch (Exception ex)
{
Debug.WriteLine("***Error*** - Employee Id: " + oldObject.Popt_Id);
Debug.WriteLine("***Error*** - Master User Index: " + maxUserIndex);
Debug.WriteLine(ex.Message);
throw;
}
}
