public async Task <ActionResult <UserAccessDto> > AccessSmartLock(SmartLockUserAccessDto smartLockUser) { var userExists = await _userRepository.UserExists(smartLockUser.UserId); if (!userExists) { return(NotFound()); } var smartLockExists = await _smartLockRepository.SmartLockExists(smartLockUser.SmartLockId); if (!smartLockExists) { return(NotFound()); } var client = await MicrosoftGraphClient.GetGraphServiceClient(); try { await _azureAdRepository.GetUser(client, smartLockUser.UserId.ToString()); } catch (ServiceException e) { if (e.StatusCode == HttpStatusCode.NotFound) { ModelState.AddModelError("azureAdUserNotFound", $"User with id: {smartLockUser.UserId} was not found on Azure AD"); } } if (!ModelState.IsValid) { return(ValidationProblem(ModelState)); } var userAccessStatus = await _accessService.GetUserAccessStatus(smartLockUser); return(Ok(userAccessStatus)); }
public async Task <UserAccessDto> GetUserAccessStatus(SmartLockUserAccessDto smartLockUser) { var client = await MicrosoftGraphClient.GetGraphServiceClient(); var smartLockUserExists = await _smartLockRepository.SmartLockUserExists(smartLockUser.SmartLockId, smartLockUser.UserId); if (smartLockUserExists) { var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId); if (smartLock.Status != Types.Status.Active) { var inactiveLockAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "Lock was in inactive state" }; _accessRepository.AddAccess(inactiveLockAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); } var user = await _userRepository.GetUser(smartLockUser.UserId); if (user.Status != Types.Status.Active) { var inactiveUserAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "User was in inactive state" }; _accessRepository.AddAccess(inactiveUserAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); } var validAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = true, Info = "Access was permitted for user" }; _accessRepository.AddAccess(validAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = true }); } var userGroupsIdsFromAzureAd = await _azureAdRepository .GetUserGroupsIds(client, smartLockUser.UserId.ToString()); foreach (var groupId in userGroupsIdsFromAzureAd) { var smartLockGroupExists = await _smartLockRepository.SmartLockGroupExists(smartLockUser.SmartLockId, Guid.Parse(groupId)); if (smartLockGroupExists) { var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId); if (smartLock.Status != Types.Status.Active) { var inactiveLockAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "Lock was in inactive state" }; _accessRepository.AddAccess(inactiveLockAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); } var group = await _groupRepository.GetGroup(Guid.Parse(groupId)); if (group.Status != Status.Active) { var inactiveGroupAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "User group was in inactive state" }; _accessRepository.AddAccess(inactiveGroupAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); } var validGroupAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = true, Info = "Access is permitted for group user" }; _accessRepository.AddAccess(validGroupAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = true }); } } var notValidAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "Access was denied" }; _accessRepository.AddAccess(notValidAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); }