private async Task SyncRoles(User user)
{
var adminRole = await SecurityRole.SelectByCode("Admins");
var dwUserToRole = await SecurityUserToSecurityRole.SelectByUser(user.WorkflowUserId.Value);
if (user.HasRole(RoleName.SuperAdmin))
{
// Make sure User is in "Admins" Role
if (!dwUserToRole.Any(utr => utr.SecurityRoleId == adminRole.Id))
{
var newAdmin = new SecurityUserToSecurityRole
{
Id = Guid.NewGuid(),
SecurityRoleId = adminRole.Id,
SecurityUserId = user.WorkflowUserId.Value
};
await SecurityUserToSecurityRole.ApplyAsync(newAdmin);
}
}
else
{
// Make sure User is not "Admins" Role
var userAdminRole = dwUserToRole.FirstOrDefault(dtr => dtr.SecurityRoleId == adminRole.Id);
if (userAdminRole != null)
{
await SecurityUserToSecurityRole.DeleteAsync(userAdminRole.Id);
}
}
}
private Dictionary <Guid, SecurityUserToSecurityRole> GetHashDwAdmins(List <Guid> userids)
{
var adminRole = SecurityRole.SelectByCode("Admins").Result;
var usersToAdminRoles = SecurityUserToSecurityRole.SelectByRole(adminRole.Id).Result;
var hash = usersToAdminRoles
.Where(ur => ur.SecurityRoleId == adminRole.Id && userids.Any(uid => uid == ur.SecurityUserId))
.ToDictionary(ur => ur.SecurityUserId, ur => ur);
return(hash);
}
public IEnumerable <string> RoleGet(ProcessInstance processInstance, WorkflowRuntime runtime, string parameter)
{
var role = SecurityRole.SelectByCode(parameter).Result;
if (role == null)
{
return(new List <string>());
}
var roleUserModel = SecurityUserToSecurityRole.SelectByRole(role.Id).Result;
return(roleUserModel.Select(r => r.SecurityUserId.ToString()).Distinct());
}
public static async Task CheckDefaultRole(Guid userId, string roleCode)
{
if (await SecurityUserToSecurityRole.HasUserRole(userId, roleCode))
{
return;
}
var role = await SecurityRole.SelectByCode(roleCode);
if (role != null)
{
var suroles = new SecurityUserToSecurityRole()
{
Id = Guid.NewGuid(),
SecurityRoleId = role.Id,
SecurityUserId = userId
};
await suroles.ApplyAsync();
}
}
private async Task SyncDatabaseTablesAsync()
{
// Remove DWUsers that are not in Users
var users = UserRepository
.Get()
.Include(u => u.UserRoles)
.ThenInclude(ur => ur.Role)
.ToList();
var dwusers = SecurityUser.SelectAsync().Result;
var hashUsers = GetHashUsers(users);
var hashDwUsers = GetHashDwUsers(dwusers);
var removeUsers = hashDwUsers.Keys.Except(hashUsers.Keys).ToList();
if (removeUsers.Any())
{
try
{
// Must remove SecurityUserToSecurityRole first or there
// would be an exception attempting to delete the user where
// the relationship is still there
var removeAdmins = GetHashDwAdmins(removeUsers);
await SecurityUserToSecurityRole.DeleteAsync(removeAdmins.Values.ToList());
await SecurityUser.DeleteAsync(removeUsers);
hashDwUsers = hashDwUsers
.Where(kvp => !removeUsers.Contains(kvp.Key))
.ToDictionary(kvp => kvp.Key, kvp => kvp.Value);
}
catch (Exception ex)
{
// TODO: SendNotification
Log.Error(ex, $"Failed to Delete DwSecurityUsers: {String.Join(", ", removeUsers.ToArray())}");
}
}
// Add DWUsers where User.WorkflowUserId is null
foreach (var user in users.Where(user => !user.WorkflowUserId.HasValue))
{
try
{
var dwuser = await CreateDwUser(user);
hashDwUsers.Add(dwuser.Id, dwuser);
hashUsers.Add(user.WorkflowUserId.Value, user);
}
catch (Exception ex)
{
// TODO: SendNotification
Log.Error(ex, $"Failed to Create DwSecurityUser for User: id={user.Id}, name={user.Name}");
}
}
// Sync properties
foreach (var user in users)
{
try
{
var dwuser = hashDwUsers[user.WorkflowUserId.Value];
dwuser.StartTracking();
SyncUserToDwUser(user, dwuser);
await dwuser.ApplyAsync();
await EnsureSecurityCredentials(user, dwuser);
await SyncRoles(user);
}
catch (Exception ex)
{
// TODO: SendNotification
Log.Error(ex, $"Failed to Sync DwSecurityUser To User: id={user.Id}, name={user.Name}, WorkflowUserId={user.WorkflowUserId.GetValueOrDefault()}");
}
}
}
