public LmsAdminGroupRepo(EcatContext mainCtx)//, BbWsCnet bbWs)
{
ctxManager = new EFPersistenceManager <EcatContext>(mainCtx);
//_bbWs = bbWs;
Faculty = ctxManager.Context.Faculty.Where(f => f.PersonId == loggedInUserId).SingleOrDefault();
}
private static async Task <FacResultForStudent> GetFacSpResult(int studId, int wgId)
{
using (var mainCtx = new EcatContext())
{
var result = await mainCtx.WorkGroups
.Where(wg => wg.WorkGroupId == wgId)
.Select(wg => new FacResultForStudent
{
FacSpCommentFlag = wg.FacSpComments
.FirstOrDefault(comment => comment.RecipientPersonId == studId).Flag,
FacSpComment = wg.FacSpComments.FirstOrDefault(comment => comment.RecipientPersonId == studId),
FacResponses = wg.FacSpResponses
.Where(response => !response.IsDeleted &&
response.AssesseePersonId == studId).ToList()
}).SingleOrDefaultAsync();
return(result);
}
}
public override async Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
{
await base.OnAuthorizationAsync(actionContext, cancellationToken);
#region Check if userId is in the claims
var principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
//if (principal == null || !principal.Identity.IsAuthenticated)
if (principal == null)
{
if (!SkipAuthorization(actionContext))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
await Task.FromResult <object>(null);
return;
}
var parsedUid = 0;
var stringUid = principal.FindFirst(ClaimTypes.PrimarySid).Value;
if (stringUid != null)
{
int.TryParse(stringUid, out parsedUid);
}
if (parsedUid == 0)
{
actionContext.Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
"Unable to locate user from Authorization Filter");
}
#endregion
#region Check if known roles is present
var roleClaim = RoleMap.Unknown;
var stringRoleClaim = principal.FindFirst(ClaimTypes.Role).Value;
if (stringRoleClaim != null)
{
Enum.TryParse(stringRoleClaim, out roleClaim);
}
if (Is != null && !Is.Contains(roleClaim))
{
actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "Unauthorized access");
}
#endregion
Person user;
using (var ctx = new EcatContext())
{
user = await((DbSet <Person>)ctx.People).FindAsync(cancellationToken, parsedUid);
if (Is != null && Is.Contains(RoleMap.CrseAdmin))
{
await ctx.Entry(user).Reference(u => u.Faculty).LoadAsync(cancellationToken);
if (user.Faculty == null || !user.Faculty.IsCourseAdmin)
{
actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, "Unauthorized access");
}
}
}
if (user == null)
{
actionContext.Request.CreateErrorResponse(HttpStatusCode.Unauthorized,
"Unable to locate user from Authorization Filter using data store");
}
var controller = actionContext.ControllerContext.Controller as EcatBaseBreezeController;
Contract.Assert(controller != null);
controller.SetUser(user);
}
public StudentRepo(EcatContext context)
{
ctxManager = new EFPersistenceManager <EcatContext>(context);
}
public FacultyRepo(EcatContext context)
{
ctxManager = new EFPersistenceManager <EcatContext>(context);
}
public override async Task HandleTokenRequest(HandleTokenRequestContext context)
{
if (context.Request.IsPasswordGrantType())
{
var username = context.Request.Username;
var password = context.Request.Password;
//TODO: Fix so it reads connection string from app.config -- injecting not working due to newing in startup
//var ecatCtx = new EcatContext();
var ecatCtx = new EcatContext("Data Source=(localdb)\\MSSQLLocalDB;Initial Catalog=ecatlocaldev;Integrated Security=True;Connect Timeout=30;Encrypt=False;TrustServerCertificate=True;ApplicationIntent=ReadWrite;MultiSubnetFailover=False");
//get the person with their security entry and faculty profile if they have one
var person = await ecatCtx.People.Where(p => p.Email == username)
.Include(p => p.Security)
.Include(p => p.Faculty)
.SingleOrDefaultAsync();
if (person == null)
{
context.Reject(
error: OpenIdConnectConstants.Errors.InvalidGrant,
description: "Username not found");
return;
}
var validPass = PasswordHash.ValidatePassword(password, person.Security.PasswordHash);
if (!validPass)
{
context.Reject(
error: OpenIdConnectConstants.Errors.InvalidGrant,
description: "Invalid Credentials");
return;
}
var identity = new ClaimsIdentity(
OpenIdConnectServerDefaults.AuthenticationScheme, OpenIdConnectConstants.Claims.Name, OpenIdConnectConstants.Claims.Role);
//required for ASOS
identity.AddClaim(OpenIdConnectConstants.Claims.Subject, person.PersonId.ToString());
switch (person.MpInstituteRole)
{
case "ECAT_05_Student":
identity.AddClaim(OpenIdConnectConstants.Claims.Role, "Student", OpenIdConnectConstants.Destinations.AccessToken);
break;
case "ECAT_04_Faculty":
identity.AddClaim(OpenIdConnectConstants.Claims.Role, "Faculty", OpenIdConnectConstants.Destinations.AccessToken);
//ISA isn't seperate from faculty, just a flag
if (person.Faculty.IsCourseAdmin)
{
identity.AddClaim(OpenIdConnectConstants.Claims.Role, "ISA", OpenIdConnectConstants.Destinations.AccessToken);
}
break;
default:
identity.AddClaim(OpenIdConnectConstants.Claims.Role, "Student", OpenIdConnectConstants.Destinations.AccessToken);
break;
}
//identity token information
identity.AddClaim("lastName", person.LastName, OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim("firstName", person.FirstName, OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim("email", person.Email, OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim("mpAffiliation", person.MpAffiliation, OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim("mpComponent", person.MpComponent, OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim("mpPaygrade", person.MpPaygrade, OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim("mpGender", person.MpGender, OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim("mpInstituteRole", person.MpInstituteRole, OpenIdConnectConstants.Destinations.IdentityToken);
var ticket = new AuthenticationTicket(
new ClaimsPrincipal(identity), new AuthenticationProperties(), context.Options.AuthenticationScheme);
ticket.Properties.IssuedUtc = DateTime.Now;
ticket.Properties.ExpiresUtc = DateTime.Now.Add(TimeSpan.FromHours(1));
ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId);
ticket.SetResources("ecat_server");
context.Validate(ticket);
await Task.FromResult(context.IsValidated);
}
}
