public async Task <ActionResult <IEnumerable <UserDto> > > AddSmartLockUser(Guid smartLockId,
                                                                                    SmartLockUserCreationDto smartLockUser)
        {
            var client = await MicrosoftGraphClient.GetGraphServiceClient();

            try
            {
                await _azureAdRepository.GetUser(client, smartLockUser.UserId.ToString());
            }
            catch (ServiceException e)
            {
                if (e.StatusCode == HttpStatusCode.NotFound)
                {
                    _logger.LogWarning("User was not found on Azure AD");
                    ModelState.AddModelError("azureAdUserNotFound",
                                             $"User with id: {smartLockUser.UserId} was not found on Azure AD");
                }
            }
            if (!ModelState.IsValid)
            {
                return(ValidationProblem(ModelState));
            }

            var userExists = await _smartLockRepository.SmartLockUserExists(smartLockId, smartLockUser.UserId);

            if (userExists)
            {
                _logger.LogWarning("User already exists for this smart lock");
                return(Conflict("User already exists for this smart lock"));
            }

            _smartLockRepository.AddSmartLockUser(smartLockId, smartLockUser.UserId);
            await _smartLockRepository.Save();

            return(CreatedAtAction("GetSmartLockUser", new { smartLockId = smartLockId, userId = smartLockUser.UserId },
                                   smartLockUser));
        }
Esempio n. 2
0
        public async Task <UserAccessDto> GetUserAccessStatus(SmartLockUserAccessDto smartLockUser)
        {
            var client = await MicrosoftGraphClient.GetGraphServiceClient();

            var smartLockUserExists =
                await _smartLockRepository.SmartLockUserExists(smartLockUser.SmartLockId, smartLockUser.UserId);

            if (smartLockUserExists)
            {
                var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId);

                if (smartLock.Status != Types.Status.Active)
                {
                    var inactiveLockAccess = new Access
                    {
                        UserId      = smartLockUser.UserId,
                        SmartLockId = smartLockUser.SmartLockId,
                        IsValid     = false,
                        Info        = "Lock was in inactive state"
                    };
                    _accessRepository.AddAccess(inactiveLockAccess);
                    await _accessRepository.Save();

                    return(new UserAccessDto
                    {
                        AccessAuthorized = false
                    });
                }
                var user = await _userRepository.GetUser(smartLockUser.UserId);

                if (user.Status != Types.Status.Active)
                {
                    var inactiveUserAccess = new Access
                    {
                        UserId      = smartLockUser.UserId,
                        SmartLockId = smartLockUser.SmartLockId,
                        IsValid     = false,
                        Info        = "User was in inactive state"
                    };
                    _accessRepository.AddAccess(inactiveUserAccess);
                    await _accessRepository.Save();

                    return(new UserAccessDto
                    {
                        AccessAuthorized = false
                    });
                }
                var validAccess = new Access
                {
                    UserId      = smartLockUser.UserId,
                    SmartLockId = smartLockUser.SmartLockId,
                    IsValid     = true,
                    Info        = "Access was permitted for user"
                };
                _accessRepository.AddAccess(validAccess);
                await _accessRepository.Save();

                return(new UserAccessDto
                {
                    AccessAuthorized = true
                });
            }

            var userGroupsIdsFromAzureAd = await _azureAdRepository
                                           .GetUserGroupsIds(client, smartLockUser.UserId.ToString());

            foreach (var groupId in userGroupsIdsFromAzureAd)
            {
                var smartLockGroupExists =
                    await _smartLockRepository.SmartLockGroupExists(smartLockUser.SmartLockId, Guid.Parse(groupId));

                if (smartLockGroupExists)
                {
                    var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId);

                    if (smartLock.Status != Types.Status.Active)
                    {
                        var inactiveLockAccess = new Access
                        {
                            UserId      = smartLockUser.UserId,
                            SmartLockId = smartLockUser.SmartLockId,
                            IsValid     = false,
                            Info        = "Lock was in inactive state"
                        };
                        _accessRepository.AddAccess(inactiveLockAccess);
                        await _accessRepository.Save();

                        return(new UserAccessDto
                        {
                            AccessAuthorized = false
                        });
                    }
                    var group = await _groupRepository.GetGroup(Guid.Parse(groupId));

                    if (group.Status != Status.Active)
                    {
                        var inactiveGroupAccess = new Access
                        {
                            UserId      = smartLockUser.UserId,
                            SmartLockId = smartLockUser.SmartLockId,
                            IsValid     = false,
                            Info        = "User group was in inactive state"
                        };
                        _accessRepository.AddAccess(inactiveGroupAccess);
                        await _accessRepository.Save();

                        return(new UserAccessDto
                        {
                            AccessAuthorized = false
                        });
                    }
                    var validGroupAccess = new Access
                    {
                        UserId      = smartLockUser.UserId,
                        SmartLockId = smartLockUser.SmartLockId,
                        IsValid     = true,
                        Info        = "Access is permitted for group user"
                    };
                    _accessRepository.AddAccess(validGroupAccess);
                    await _accessRepository.Save();

                    return(new UserAccessDto
                    {
                        AccessAuthorized = true
                    });
                }
            }

            var notValidAccess = new Access
            {
                UserId      = smartLockUser.UserId,
                SmartLockId = smartLockUser.SmartLockId,
                IsValid     = false,
                Info        = "Access was denied"
            };

            _accessRepository.AddAccess(notValidAccess);
            await _accessRepository.Save();

            return(new UserAccessDto
            {
                AccessAuthorized = false
            });
        }