private async Task _validate(ChangedUser model)
{
if ((await Exists(model.Id)).Equals(false))
{
throw new ResourceNotFound();
}
await Task.CompletedTask;
}
public async Task <ActionResult <User> > AddOrUpdateUser([FromBody] ChangedUser model)
{
AuthorizeAny(
() => Actor.IsAdmin
);
return(Ok(
await _svc.AddOrUpdate(model)
));
}
public async Task Update([FromBody] ChangedUser model)
{
AuthorizeAny(
() => Actor.IsRegistrar,
() => model.Id == Actor.Id
);
await Validate(model);
await UserService.Update(model, Actor.IsRegistrar || Actor.IsAdmin, Actor.IsAdmin);
}
public async Task Update(ChangedUser model, bool sudo, bool admin = false)
{
var entity = await Store.Retrieve(model.Id);
if (!sudo)
{
Mapper.Map(
Mapper.Map <SelfChangedUser>(model),
entity
);
}
else
{
if (!admin && model.Role != entity.Role)
{
throw new ActionForbidden();
}
Mapper.Map(model, entity);
}
// check uniqueness
bool found = await Store.DbSet.AnyAsync(p =>
p.Id != entity.Id &&
p.Name == entity.Name
);
if (found)
{
entity.NameStatus = AppConstants.NameStatusNotUnique;
}
else if (entity.NameStatus == AppConstants.NameStatusNotUnique)
{
entity.NameStatus = "";
}
if (entity.Name == entity.ApprovedName)
{
entity.NameStatus = "";
}
await Store.Update(entity);
_localcache.Remove(entity.Id);
}
public async Task <User> AddOrUpdate(ChangedUser model)
{
var entity = model.Id.NotEmpty()
? await _store.Retrieve(model.Id)
: null
;
if (entity is Data.User)
{
await _store.Update(
Mapper.Map(model, entity)
);
}
else
{
entity = await _store.Create(
Mapper.Map <Data.User>(model)
);
}
_cache.Remove(entity.Id);
return(Mapper.Map <User>(entity));
}
public void Update()
{
using (AdoDataConnection connection = new AdoDataConnection("securityProvider"))
using (AdoDataConnection connection2 = new AdoDataConnection("systemSettings"))
{
IEnumerable <UserAccount> userAccounts = new TableOperations <UserAccount>(connection).QueryRecordsWhere("UseADAuthentication = 1");
foreach (UserAccount userAccount in userAccounts)
{
try
{
// Grab LdapPath From Configuration File
ConfigurationFile configFile = ConfigurationFile.Current;
CategorizedSettingsElementCollection securityProviderSettings = configFile.Settings["securityProvider"];
securityProviderSettings.Add("LdapPath", "", "Specifies the LDAP path used to initialize the security provider.");
string ldapPath = securityProviderSettings["LdapPath"].Value;
string accountName = UserInfo.SIDToAccountName(userAccount.Name);
UserInfo userInfo = new UserInfo(accountName, ldapPath);
bool changed = false;
ChangedUser changedUser = new ChangedUser()
{
ID = userAccount.ID,
FirstName = userAccount.FirstName,
LastName = userAccount.LastName,
UserAccount = accountName,
OldTitle = userAccount.Title,
OldDepartment = userAccount.Department,
OldDepartmentNumber = userAccount.DepartmentNumber,
NewTitle = userAccount.Title,
NewDepartment = userAccount.Department,
NewDepartmentNumber = userAccount.DepartmentNumber
};
if (userInfo.UserName != userAccount.Name)
{
// update metadata that does not invoke change flag
userAccount.Phone = userInfo.Telephone;
userAccount.MobilePhone = userInfo.GetUserPropertyValue("mobile");
userAccount.FirstName = userInfo.FirstName;
userAccount.LastName = userInfo.LastName;
userAccount.Email = userInfo.Email;
// update metadata that does invoke change flag
if (userAccount.Title != userInfo.Title)
{
userAccount.Title = userInfo.Title;
if (userInfo.Title != string.Empty)
{
AdditionalUserFieldValue additionalFieldValue = new TableOperations <AdditionalUserFieldValue>(connection).GetValue(userAccount.Name, "Role");
ValueList roleValue = new TableOperations <ValueList>(connection2).GetAltValue("Role", userInfo.Title, true);
if (roleValue != null && roleValue.Value != additionalFieldValue.Value)
{
additionalFieldValue.Value = roleValue.ID.ToString();
new TableOperations <AdditionalUserFieldValue>(connection).AddNewOrUpdateRecord(additionalFieldValue);
}
}
changedUser.NewTitle = userAccount.Title;
changed = true;
}
if (userAccount.Department != userInfo.Department)
{
userAccount.Department = userInfo.Department;
changedUser.NewDepartment = userAccount.Department;
changed = true;
}
string departmentNumber = userInfo.GetUserPropertyValue("departmentnumber");
departmentNumber = departmentNumber == string.Empty ? null : departmentNumber;
if (userAccount.DepartmentNumber != departmentNumber)
{
userAccount.DepartmentNumber = departmentNumber;
changedUser.NewDepartmentNumber = userAccount.DepartmentNumber;
if (userAccount.DepartmentNumber != string.Empty)
{
AdditionalUserFieldValue additionalFieldValue = new TableOperations <AdditionalUserFieldValue>(connection).GetValue(userAccount.Name, "TSC");
ValueList roleValue = new TableOperations <ValueList>(connection2).GetAltValue("TSC", userAccount.DepartmentNumber, true);
if (roleValue != null && roleValue.Value != additionalFieldValue.Value)
{
additionalFieldValue.Value = roleValue.ID.ToString();
new TableOperations <AdditionalUserFieldValue>(connection).AddNewOrUpdateRecord(additionalFieldValue);
}
}
changed = true;
}
new TableOperations <UserAccount>(connection).UpdateRecord(userAccount);
}
else
{
changedUser.NewTitle = "User no longer in active directory.";
changedUser.NewDepartment = "User no longer in active directory.";
changedUser.NewDepartmentNumber = "User no longer in active directory.";
}
if (changed)
{
ChangedUserAccounts.Add(changedUser);
}
}
catch (Exception ex) {
Log.Error(ex.Message, ex);
}
}
try
{
if (!ChangedUserAccounts.Any())
{
return;
}
string tableRows = string.Join("\n", ChangedUserAccounts.Select(cua => $"<tr><td>{cua.FirstName}</td><td>{cua.LastName}</td><td>{cua.OldTitle}</td><td>{cua.NewTitle}</td><td>{cua.OldDepartment}</td><td>{cua.NewDepartment}</td><td>{cua.OldDepartmentNumber}</td><td>{cua.NewDepartmentNumber}</td><td><a href='{Url}/index.cshtml?name=User&UserAccountID={cua.ID}'>Link</a></td></tr>"));
string html = @"
<html>
<style>
th, td{
padding: 10px;
}
</style>
<body>
<h2>Attention!!</h2>
<p>The following users have either changed jobs or departments since the last verification.</p>
<hr/>
<table>
<tr><th>First Name</th><th>Last Name</th><th>Old Title</th><th>New Title</th><th>Old Department</th><th>New Department</th><th>Old Department Number</th><th>New Department Number</th><th>System Center Page</th></tr>
" + tableRows + @"
</table>
</body>
</html>
";
SendEmail("Active Directory Changes", html);
}
catch (Exception ex) {
Log.Error(ex.Message, ex);
}
}
}
