Esempio n. 1
0
 /// PUT api/Orgs/5
 /// <summary>
 /// UPDATE's the orgName if your an admin, currently not in use and returns null
 /// </summary>
 public HttpResponseMessage PutOrgs(int id, Orgs orgs)
 {
     return null;
 }
        public HttpResponseMessage PostFBUsers(IEnumerable<Users> usr)
        {
            //if (ModelState.IsValid)
                //{
                    // loop users
                    foreach (Users users in usr)
                    {
                        if (Auth.FB.IsOrgAdmin(users.defaultOrg))
                        {

                            //Check to see FB ID already exists
                            Users existingUser = db.Users.FirstOrDefault(u => u.fbUserId == users.fbUserId);
                            if (existingUser == null)
                            {
                                // new user
                                // create account
                                Users newUser = new Users();
                                var now = DateTime.Now.ToString("O");
                                newUser.defaultOrg = 1;
                                newUser.fbUserId = users.fbUserId;
                                newUser.created_at = now;
                                newUser.isSystemAdmin = false;
                                newUser.updated_at = now;
                                newUser.name = users.name;

                                db.Users.Add(newUser);
                                db.SaveChanges();

                                // add the user to an org with there name as the orgName
                                Orgs newOrg = new Orgs();
                                newOrg.created_at = now;
                                newOrg.orgName = users.name;
                                newOrg.updated_at = now;

                                // save new org to the Org DB
                                db.Orgs.Add(newOrg);
                                db.SaveChanges();

                                // Map user to the org that was just created and make him the admin
                                db.OrgUserMappings.Add(new OrgUserMappings { usersId = newUser.id, isOrgAdmin = true, orgsId = newOrg.id });

                                // add an org user mapping
                                db.OrgUserMappings.Add(new OrgUserMappings { usersId = newUser.id, isOrgAdmin = users.isSystemAdmin, orgsId = users.defaultOrg });

                                db.SaveChanges();

                                // set the default org for the user
                                newUser.defaultOrg = newOrg.id;
                                db.Entry(newUser).State = EntityState.Modified;
                                db.SaveChanges();
                            }
                            else
                            {
                                // if usr exists
                                // add an org user mapping, if one does not already exist
                                OrgUserMappings existingMapping = db.OrgUserMappings.FirstOrDefault(ou => ou.orgsId == users.defaultOrg && ou.usersId == existingUser.id);
                                if (existingMapping != null)
                                {
                                    // update mapping
                                    existingMapping.isOrgAdmin = users.isSystemAdmin;
                                    db.Entry(existingMapping).State = EntityState.Modified;
                                }
                                else
                                {
                                    // create mapping
                                    db.OrgUserMappings.Add(new OrgUserMappings { isOrgAdmin = users.isSystemAdmin, orgsId = users.defaultOrg, usersId = existingUser.id });
                                }

                                db.SaveChanges();

                            }
                         }

                    }

                    return Request.CreateResponse(HttpStatusCode.OK);

                //}
                //else
                //{
                //    return Request.CreateResponse(HttpStatusCode.BadRequest);
                //}

            //else
            //{
            //    throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized));
            //}
        }
Esempio n. 3
0
        /// POST api/Orgs
        /// <summary>
        /// CREATEs a new org, the person who adds it is automatically the admin, only sys admins can add an org
        /// </summary> 
        public HttpResponseMessage PostOrgs(Orgs orgs)
        {
            if (Auth.FB.IsSystemAdmin())
            {

                if (ModelState.IsValid)
                {
                    // save new org to the Org DB
                    db.Orgs.Add(orgs);
                    db.SaveChanges();

                    // Map user to the org that was just created and make him the admin
                    db.OrgUserMappings.Add(new OrgUserMappings { usersId = uId, isOrgAdmin = true, orgsId = orgs.id });
                    db.SaveChanges();

                    HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, orgs);
                    response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = orgs.id }));
                    return response;
                }
                else
                {
                    return Request.CreateResponse(HttpStatusCode.BadRequest);
                }

            }
            else
            {
                return Request.CreateResponse(HttpStatusCode.Unauthorized);
            }
        }
Esempio n. 4
0
            public override void OnAuthorization(HttpActionContext actionContext)
            {
                MyDatabase db = new MyDatabase();

                try
                {
                    // get api token from the user header ApiToken
                    IEnumerable<string> token = actionContext.Request.Headers.GetValues("ApiToken");
                    _apiToken = token.First();

                    // get facebook credential based on fb token passed in
                    IEnumerable<string> fbToken = actionContext.Request.Headers.GetValues("FbToken");
                    Debug.Write(fbToken.First());
                    _fbToken = fbToken.First();

                    // Check is user is Legit
                    // authenicated
                    if (_apiToken == _apiTokenSecret)
                    {
                        // the api token is good, is the facebook token valid ? and who are you ?
                        var client = new FacebookClient(_fbToken);
                        dynamic result = client.Get("me", new { fields = "name,id" });
                        // set the users identity
                        _fbUserid = result.id;
                        var _fbName = result.name;

                        if (_fbUserid != "")
                        {

                            // get the userid (internal id ) from the db -  user.Id
                            var user = db.Users.Where(u => u.fbUserId == _fbUserid).FirstOrDefault();

                            // Brand new user to add
                            if (user == null)
                            {
                                //_isAuth = false;
                                // add user to db
                                Users newUser = new Users();
                                var now = DateTime.Now.ToString("O");
                                newUser.defaultOrg = 1;
                                newUser.fbUserId = _fbUserid;
                                newUser.created_at = now;
                                newUser.isSystemAdmin = false;
                                newUser.updated_at = now;
                                newUser.name = _fbName;

                                db.Users.Add(newUser);
                                db.SaveChanges();

                                // add the user to an org with there name as the orgName
                                Orgs newOrg = new Orgs();
                                newOrg.created_at = now;
                                newOrg.orgName = _fbName;
                                newOrg.updated_at = now;

                                // save new org to the Org DB
                                db.Orgs.Add(newOrg);
                                db.SaveChanges();

                                // Map user to the org that was just created and make him the admin
                                db.OrgUserMappings.Add(new OrgUserMappings { usersId = newUser.id, isOrgAdmin = true, orgsId = newOrg.id});
                                db.SaveChanges();

                                // set the default org for the user
                                newUser.defaultOrg = newOrg.id;
                                db.SaveChanges();

                                _userId = newUser.id;

                                // Set up the identity object that our Controllers can use
                                GenericIdentity identity = new GenericIdentity(_fbUserid);
                                System.Threading.Thread.CurrentPrincipal =
                                    new GenericPrincipal(identity, _roles);

                                _isAuth = true;

                            }
                            else
                            {
                                _userId = user.id;

                                // Set up the identity object that our Controllers can use
                                GenericIdentity identity = new GenericIdentity(_fbUserid);
                                System.Threading.Thread.CurrentPrincipal =
                                    new GenericPrincipal(identity, _roles);

                                _isAuth = true;

                            }

                        }
                        else
                        {
                            _isAuth = false;
                        }

                    }
                    // not authenicated
                    else
                    {
                        _isAuth = false;
                    }

                    //authenicated
                    if (_isAuth)
                    {
                        Debug.WriteLine("You're authenicated");

                    }
                    // not authenicated
                    else
                    {
                        // 417 - so we can specify a message
                        actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                        actionContext.Response.ReasonPhrase = "Invalid token";
                        actionContext.Response.Content = new StringContent("Invalid token");

                    }
                }
                catch (FacebookOAuthException e)
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                    actionContext.Response.ReasonPhrase = e.Message;
                    actionContext.Response.Content = new StringContent(e.InnerException.ToString());
                }
                catch (FacebookApiLimitException e)
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                    actionContext.Response.ReasonPhrase = e.Message;
                    actionContext.Response.Content = new StringContent(e.InnerException.ToString());

                }
                catch (FacebookApiException e)
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                    actionContext.Response.ReasonPhrase = e.Message;
                    actionContext.Response.Content = new StringContent(e.InnerException.ToString());
                }
                catch (Exception e)
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                    actionContext.Response.ReasonPhrase = e.Message;
                    actionContext.Response.Content = new StringContent(e.InnerException.ToString());
                }
                finally
                {
                    db.Dispose();
                }
            }