protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PrivateApiRequirement requirement)
{
string userIdClaim;
if ((userIdClaim = ClaimsExtractor.GetUserIdClaim(context.User.Claims)) == null)
{
context.Fail();
return;
}
var user = await usersRepository.GetByIdAsync(userIdClaim);
if (user == null)
{
context.Fail();
return;
}
if (user.IsAdmin)
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PublicApiRequirement requirement)
{
string userIdClaim;
if ((userIdClaim = ClaimsExtractor.GetUserIdClaim(context.User.Claims)) == null)
{
context.Fail();
return;
}
var user = await usersRepository.GetByIdAsync(userIdClaim);
if (user == null)
{
context.Fail();
return;
}
if (user.LockoutEnd == null || user.LockoutEnd <= DateTime.UtcNow)
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
}
public async Task <IActionResult> UploadFile([FromForm] UploadFileRequest request)
{
if (request.file.Length > 1024 * 1024 * MaxFileLengthMB)
{
return(BadRequest(new ResponseApiModel <MessageAttachment>
{
ErrorMessage = $"File was larger than {MaxFileLengthMB} Mb",
IsSuccessfull = false
}));
}
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
try
{
var savedFile = await filesService.SaveMessageFile(request.file, request.file.FileName,
request.ChatId, thisUserId);
return(Ok(new ResponseApiModel <MessageAttachment>
{
IsSuccessfull = true,
Response = savedFile
}));
}
catch (Exception ex)
{
return(BadRequest(new ResponseApiModel <MessageAttachment>
{
IsSuccessfull = false,
ErrorMessage = "Failed to upload. Exception type: " + ex.GetType().Name
}));
}
}
public async Task InvokeAsync(HttpContext context, RequestDelegate next)
{
//update online status for each authorized request.
if (context.User.Identity.IsAuthenticated)
{
var user = await repository.GetByIdAsync(ClaimsExtractor.GetUserIdClaim(context.User.Claims));
if (user == null)
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
try
{
await repository.MakeUserOnline(user);
await repository.UpdateAsync(user);
await unitOfWork.Commit();
}
catch (DbUpdateConcurrencyException e)
{
//could happen if signalR event and api call came in at the same time.
logger.LogWarning("Error while updating user 'online' state, exception:" + e.Message);
}
}
await next(context);
}
public async Task <IActionResult> Create([FromBody] CreateChatRequest request)
{
try
{
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
var result = await mChatsService.CreateConversation(
request.ConversationName,
thisUserId,
request.DialogUserId,
request.ImageUrl,
request.IsGroup,
request.IsPublic,
request.IsSecure,
request.DeviceId);
return(Ok(new ResponseApiModel <Chat>
{
IsSuccessfull = true,
ErrorMessage = null,
Response = result
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> FindUsers(
[FromBody] FindUsersInChatRequest credentials, int chatId)
{
try
{
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
var result =
await mChatsService.FindUsersInChat(chatId, credentials.UsernameToFind,
thisUserId);
return(Ok(new ResponseApiModel <UsersByNickNameResultApiModel>
{
IsSuccessfull = true,
ErrorMessage = null,
Response = new UsersByNickNameResultApiModel {
UsersFound = result
}
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> Get([FromBody] GetMessagesRequest credentials)
{
try
{
var result = await messagesService.GetMessages(
credentials.ConversationID,
credentials.MessagesOffset,
credentials.Count,
credentials.MaxMessageId,
credentials.History,
credentials.SetLastMessage,
ClaimsExtractor.GetUserIdClaim(User.Claims));
return(Ok(new ResponseApiModel <List <Message> >
{
IsSuccessfull = true,
Response = result
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception ex)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> Search([FromBody] SearchMessagesRequest request)
{
try
{
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
var messages = await messagesService.SearchForMessages(
request.deviceId,
request.searchString,
request.offset,
request.count,
thisUserId);
return(Ok(new ResponseApiModel <List <Message> >
{
IsSuccessfull = true,
Response = messages
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> GetAttachments([FromBody] GetAttachmentsRequest request)
{
try
{
var result = await messagesService.GetAttachments(
request.kind,
request.conversationId,
ClaimsExtractor.GetUserIdClaim(User.Claims),
request.offset,
request.count);
return(Ok(new ResponseApiModel <List <Message> >
{
IsSuccessfull = true,
ErrorMessage = null,
Response = result
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception ex)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> UpdateThumbnail(
[FromForm] UpdateThumbnailRequest updateThumbnail, int chatId)
{
try
{
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
var result = await mChatsService.UpdateThumbnail(chatId,
updateThumbnail.thumbnail, thisUserId);
return(Ok(new ResponseApiModel <UpdateThumbnailResponse>
{
IsSuccessfull = true,
Response = result
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> GetAll(string deviceId)
{
try
{
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
var result = await mChatsService.GetChats(deviceId, thisUserId);
return(Ok(new ResponseApiModel <List <Chat> >
{
IsSuccessfull = true,
ErrorMessage = null,
Response = result
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception ex)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> Delete(
[FromBody] DeleteMessagesRequest messagesInfo)
{
try
{
await messagesService.DeleteMessages(
messagesInfo.MessagesId,
messagesInfo.ConversationId,
ClaimsExtractor.GetUserIdClaim(User.Claims));
return(Ok(new ResponseApiModel <string>
{
IsSuccessfull = true
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> UpdateAuthKey([FromBody] UpdateAuthKeyRequest request, int chatId)
{
try
{
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
await mChatsService.UpdateAuthKey(chatId, request.AuthKeyId, request.deviceId,
thisUserId);
return(Ok(new ResponseApiModel <bool>
{
IsSuccessfull = true,
Response = true
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> ChangePublicState(
int chatId)
{
try
{
await mChatsService.ChangePublicState(chatId,
ClaimsExtractor.GetUserIdClaim(User.Claims));
return(Ok(new ResponseApiModel <bool>
{
IsSuccessfull = true,
Response = true
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> Search([FromBody] SearchRequest request)
{
try
{
var result = await mChatsService.SearchForGroups(request.SearchString,
ClaimsExtractor.GetUserIdClaim(User.Claims));
return(Ok(new ResponseApiModel <List <Chat> >
{
IsSuccessfull = true,
Response = result
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> Get()
{
try
{
var result = await mUsersService.GetContacts(ClaimsExtractor.GetUserIdClaim(User.Claims));
return(Ok(new ResponseApiModel <List <AppUserDto> >
{
IsSuccessfull = true,
Response = result
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (UnauthorizedAccessException ex)
{
return(StatusCode((int)HttpStatusCode.Forbidden, new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> GetById(string id)
{
try
{
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
var user = await mUsersService.GetUserById(id, thisUserId);
return(Ok(new ResponseApiModel <AppUserDto>
{
IsSuccessfull = true,
Response = user
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <AppUserDto>
{
IsSuccessfull = false,
ErrorMessage = ex.Message,
Response = null
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <AppUserDto>
{
IsSuccessfull = false,
ErrorMessage = ex.Message,
Response = null
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <AppUserDto>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> UpdateProfilePicture(
[FromForm] UpdateProfilePictureRequest request)
{
try
{
var result =
await mUsersService.UpdateThumbnail(request.picture, ClaimsExtractor.GetUserIdClaim(User.Claims));
return(Ok(new ResponseApiModel <UpdateProfilePictureResponse>
{
IsSuccessfull = true,
Response = result
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> ChangeName([FromBody] ChangeNameRequest request)
{
try
{
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
await mUsersService.ChangeName(request.newName, thisUserId);
return(Ok(new ResponseApiModel <bool>
{
IsSuccessfull = true
}));
}
catch (InvalidDataException ex)
{
return(BadRequest(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (KeyNotFoundException ex)
{
return(NotFound(new ResponseApiModel <bool>
{
IsSuccessfull = false,
ErrorMessage = ex.Message
}));
}
catch (Exception)
{
return(StatusCode((int)HttpStatusCode.InternalServerError, new ResponseApiModel <bool>
{
IsSuccessfull = false
}));
}
}
public async Task <IActionResult> UploadImages([FromForm] UploadImagesRequest request)
{
var result = new FilesUploadResponse {
UploadedFiles = new List <MessageAttachment>()
};
if (!request.images.Any())
{
return(BadRequest(new ResponseApiModel <FilesUploadResponse>
{
ErrorMessage = "No files were provided.",
IsSuccessfull = false,
Response = null
}));
}
foreach (var image in request.images)
{
if (image.Length > 1024 * 1024 * MaxImageLengthMB)
{
return(BadRequest(new ResponseApiModel <FilesUploadResponse>
{
ErrorMessage = $"Some of the files were larger than {MaxImageLengthMB} Mb",
IsSuccessfull = false
}));
}
}
var error = string.Empty;
var thisUserId = ClaimsExtractor.GetUserIdClaim(User.Claims);
var errorLock = new object();
var resultLock = new object();
Parallel.ForEach(request.images, file =>
{
try
{
var uploadedFile = filesService
.SaveMessagePicture(file, file.FileName, request.ChatId, thisUserId).GetAwaiter()
.GetResult();
lock (resultLock)
{
result.UploadedFiles.Add(uploadedFile);
}
}
catch (Exception ex)
{
lock (errorLock)
{
error = "Some of the files failed to upload. Exception type for last file was: " +
ex.GetType();
}
}
});
return(Ok(new ResponseApiModel <FilesUploadResponse>
{
ErrorMessage = error == string.Empty ? null : error,
IsSuccessfull = error == string.Empty,
Response = result
}));
}