public async Task <ActionResult <UserAccessDto> > AccessSmartLock(SmartLockUserAccessDto smartLockUser)
{
var userExists = await _userRepository.UserExists(smartLockUser.UserId);
if (!userExists)
{
return(NotFound());
}
var smartLockExists = await _smartLockRepository.SmartLockExists(smartLockUser.SmartLockId);
if (!smartLockExists)
{
return(NotFound());
}
var client = await MicrosoftGraphClient.GetGraphServiceClient();
try
{
await _azureAdRepository.GetUser(client, smartLockUser.UserId.ToString());
}
catch (ServiceException e)
{
if (e.StatusCode == HttpStatusCode.NotFound)
{
ModelState.AddModelError("azureAdUserNotFound",
$"User with id: {smartLockUser.UserId} was not found on Azure AD");
}
}
if (!ModelState.IsValid)
{
return(ValidationProblem(ModelState));
}
var userAccessStatus = await _accessService.GetUserAccessStatus(smartLockUser);
return(Ok(userAccessStatus));
}
public async Task <UserAccessDto> GetUserAccessStatus(SmartLockUserAccessDto smartLockUser)
{
var client = await MicrosoftGraphClient.GetGraphServiceClient();
var smartLockUserExists =
await _smartLockRepository.SmartLockUserExists(smartLockUser.SmartLockId, smartLockUser.UserId);
if (smartLockUserExists)
{
var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId);
if (smartLock.Status != Types.Status.Active)
{
var inactiveLockAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "Lock was in inactive state"
};
_accessRepository.AddAccess(inactiveLockAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}
var user = await _userRepository.GetUser(smartLockUser.UserId);
if (user.Status != Types.Status.Active)
{
var inactiveUserAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "User was in inactive state"
};
_accessRepository.AddAccess(inactiveUserAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}
var validAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = true,
Info = "Access was permitted for user"
};
_accessRepository.AddAccess(validAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = true
});
}
var userGroupsIdsFromAzureAd = await _azureAdRepository
.GetUserGroupsIds(client, smartLockUser.UserId.ToString());
foreach (var groupId in userGroupsIdsFromAzureAd)
{
var smartLockGroupExists =
await _smartLockRepository.SmartLockGroupExists(smartLockUser.SmartLockId, Guid.Parse(groupId));
if (smartLockGroupExists)
{
var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId);
if (smartLock.Status != Types.Status.Active)
{
var inactiveLockAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "Lock was in inactive state"
};
_accessRepository.AddAccess(inactiveLockAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}
var group = await _groupRepository.GetGroup(Guid.Parse(groupId));
if (group.Status != Status.Active)
{
var inactiveGroupAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "User group was in inactive state"
};
_accessRepository.AddAccess(inactiveGroupAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}
var validGroupAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = true,
Info = "Access is permitted for group user"
};
_accessRepository.AddAccess(validGroupAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = true
});
}
}
var notValidAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "Access was denied"
};
_accessRepository.AddAccess(notValidAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}
