public GroupFullResult CreateGroup(string vaultId, string groupName, string userId)
{
var parms = new Dictionary <string, object>
{
{ "name", groupName },
{ "policy", EncodeHelper.EncodeToBase64("[{\"Activities\": \"CRUD\", \"Resources\": [\"Vault::.*\", \"Vault::" + vaultId + "\", \"Vault::" + vaultId + "::Schema::.*\", \"Vault::" + vaultId + "::Document::.*\", \"Vault::" + vaultId + "::Blob::.*\", \"Vault::" + vaultId + "::Search::.*\"]}]") },
{ "user_ids", userId }
};
try
{
var result = WebHelper.MultipartFormDataPost <GroupFullResult>(BaseUrl + "groups", parms, this.apiKey);
return(result);
}
catch (WebException exception)
{
if (exception.Status == WebExceptionStatus.ProtocolError)
{
return(this.GetGroupByName(groupName));
}
else
{
throw;
}
}
}
public ServiceResponse <UserItem> Impersonate(Guid u)
{
if (!base.IsFactStaff)
{
throw new Exception("Not Authorized");
}
var currentUser = base.Email;
this.Logout();
DateTime startTime = DateTime.Now;
var userFacade = this.Container.GetInstance <UserFacade>();
var auditLogFacade = this.Container.GetInstance <AuditLogFacade>();
var trueVaultManager = this.Container.GetInstance <TrueVaultManager>();
try
{
var user = userFacade.GetById(u);
if (user == null)
{
return(new ServiceResponse <UserItem>
{
});
}
var token = trueVaultManager.GetAccessToken(user.DocumentLibraryUserId);
if (token.Result != TrueVaultManager.Success)
{
throw new Exception("Cannot log into True Vault");
}
var userItem = ModelConversions.Convert(user, true, true);
userItem.DocumentLibraryAccessToken = EncodeHelper.EncodeToBase64(token.User.Access_token + ":");
var identity = this.GenerateUserIdentity(user, "", userItem.DocumentLibraryAccessToken, currentUser, true);
this.AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
this.AuthenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = true
}, identity);
auditLogFacade.AddAuditLog(currentUser, base.IPAddress, $"User Impersonation as {user.EmailAddress}");
base.LogMessage("Impersonate", DateTime.Now - startTime);
return(new ServiceResponse <UserItem>
{
Item = userItem
});
}
catch (Exception ex)
{
return(base.HandleException <UserItem>(ex));
}
}
public ServiceResponse <UserItem> Login(LoginViewModel model)
{
DateTime startTime = DateTime.Now;
var userFacade = this.Container.GetInstance <UserFacade>();
var auditLogFacade = this.Container.GetInstance <AuditLogFacade>();
var trueVaultManager = this.Container.GetInstance <TrueVaultManager>();
var userManager = this.Container.GetInstance <UserManager>();
try
{
var user = userFacade.Login(model.UserName, model.Password);
if (user == null || user.Item1 == null)
{
auditLogFacade.AddAuditLog(base.Email, base.IPAddress, "Login Attempt - Failed");
return(new ServiceResponse <UserItem>
{
});
}
else if (user.Item2)
{
return(new ServiceResponse <UserItem>
{
HasError = true,
Message = "Password Expired"
});
}
var token = trueVaultManager.GetAccessToken(user.Item1.DocumentLibraryUserId);
if (token.Result != TrueVaultManager.Success)
{
throw new Exception("Cannot log into True Vault");
}
var userItem = ModelConversions.Convert(user.Item1, true, true);
userItem.Code = EncryptionHelper.Encrypt(user.Item1.Id.ToString(), "code", true);
userItem.DocumentLibraryAccessToken = EncodeHelper.EncodeToBase64(token.User.Access_token + ":");
var identity = this.GenerateUserIdentity(user.Item1, userItem.Code, userItem.DocumentLibraryAccessToken);
this.AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
this.AuthenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = true
}, identity);
auditLogFacade.AddAuditLog(model.UserName, base.IPAddress, "Login Attempt - Successful");
base.LogMessage("Login", DateTime.Now - startTime);
return(new ServiceResponse <UserItem>
{
Item = userItem
});
}
catch (Exception ex)
{
return(base.HandleException <UserItem>(ex));
}
}