public async Task AddProfileAsync(HardwareVault vault)
{
var previousProfileTask = await _hardwareVaultTaskRepository
.Query()
.FirstOrDefaultAsync(x => x.HardwareVaultId == vault.Id && x.Operation == TaskOperation.Profile);
var newProfileTask = new HardwareVaultTask
{
CreatedAt = DateTime.UtcNow,
Operation = TaskOperation.Profile,
Timestamp = UnixTime.GetUnixTimeUtcNow(),
HardwareVaultId = vault.Id,
Password = vault.MasterPassword,
};
using (TransactionScope transactionScope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled))
{
if (previousProfileTask != null)
{
await _hardwareVaultTaskRepository.DeleteAsync(previousProfileTask);
}
await _hardwareVaultTaskRepository.AddAsync(newProfileTask);
transactionScope.Complete();
}
}
private async Task ProfileVaultAsync(Device remoteDevice, HardwareVaultTask task)
{
var accessParams = await _hardwareVaultService.GetAccessParamsAsync(task.HardwareVaultId);
var key = ConvertUtils.HexStringToBytes(task.Password);
await remoteDevice.Access(DateTime.UtcNow, key, accessParams);
}
private async Task DeleteAccountAsync(Device remoteDevice, HardwareVaultTask task)
{
var account = await _accountService.GetAccountByIdNoTrackingAsync(task.AccountId);
bool isPrimary = account.Employee.PrimaryAccountId == task.AccountId;
var storageId = new StorageId(account.StorageId);
var pm = new DevicePasswordManager(remoteDevice, null);
await pm.DeleteAccount(storageId, isPrimary);
}
private async Task SetAccountAsPrimaryAsync(Device remoteDevice, HardwareVaultTask task)
{
var account = await _accountService.GetAccountByIdNoTrackingAsync(task.AccountId);
var storageId = new StorageId(account.StorageId);
var pm = new DevicePasswordManager(remoteDevice, null);
await pm.SaveOrUpdateAccount(storageId, task.Timestamp, null, null, null, null, null, null, true, new AccountFlagsOptions()
{
IsReadOnly = true
});
}
private async Task AddAccountAsync(Device remoteDevice, HardwareVaultTask task)
{
var account = await _accountService.GetAccountByIdNoTrackingAsync(task.AccountId);
bool isPrimary = account.Employee.PrimaryAccountId == task.AccountId;
var pm = new DevicePasswordManager(remoteDevice, null);
await pm.SaveOrUpdateAccount(new StorageId(account.StorageId), task.Timestamp, account.Name, task.Password, account.Login, task.OtpSecret, account.Apps, account.Urls, isPrimary, new AccountFlagsOptions()
{
IsReadOnly = true
});
}
private async Task ExecuteRemoteTask(Device remoteDevice, HardwareVaultTask task)
{
switch (task.Operation)
{
case TaskOperation.Create:
if (task.Account.UpdateInActiveDirectory)
{
var ldapSettings = await _appSettingsService.GetLdapSettingsAsync();
if (ldapSettings?.Password == null)
{
throw new Exception("Active Directory Credentials Required"); // TODO use Communication.dll ex
}
await _ldapService.SetUserPasswordAsync(task.HardwareVault.EmployeeId, task.Password, ldapSettings);
}
await AddAccountAsync(remoteDevice, task);
break;
case TaskOperation.Update:
await UpdateAccountAsync(remoteDevice, task);
break;
case TaskOperation.Delete:
await DeleteAccountAsync(remoteDevice, task);
break;
case TaskOperation.Primary:
await SetAccountAsPrimaryAsync(remoteDevice, task);
break;
case TaskOperation.Profile:
await ProfileVaultAsync(remoteDevice, task);
break;
}
}
public async Task AddPrimaryAsync(string vaultId, string accountId)
{
var previousTask = await _hardwareVaultTaskRepository
.Query()
.FirstOrDefaultAsync(x => x.HardwareVaultId == vaultId && x.Operation == TaskOperation.Primary);
if (previousTask != null)
{
await _hardwareVaultTaskRepository.DeleteAsync(previousTask);
}
var task = new HardwareVaultTask()
{
CreatedAt = DateTime.UtcNow,
Operation = TaskOperation.Primary,
Timestamp = UnixTime.GetUnixTimeUtcNow(),
HardwareVaultId = vaultId,
AccountId = accountId
};
await _hardwareVaultTaskRepository.AddAsync(task);
}
public async Task AddTaskAsync(HardwareVaultTask vaultTask)
{
await _hardwareVaultTaskRepository.AddAsync(vaultTask);
}
public async Task DeleteTaskAsync(HardwareVaultTask vaultTask)
{
await _hardwareVaultTaskRepository.DeleteAsync(vaultTask);
}
