public async Task <IActionResult> Put(Guid providerId)
{
_logger.LogInformation($"PUT - Approval request for provider: {providerId}");
var existingProvider = await _repo.GetProviderAccountByIdAsync(providerId);
if (existingProvider != null && existingProvider.Status.StatusText != Status.Approved)
{
Auth0Helper auth0 = _authHelperFactory.Create(Request);
if (existingProvider.Email != auth0.Email)
{
return(Forbid());
}
var authUser = await auth0.Client.Users.GetUsersByEmailAsync(auth0.Email);
// Remove unapproved_provider role
if (auth0.Roles.Contains(Auth0Helper.UnapprovedProviderRole))
{
await auth0.RemoveRoleAsync(authUser[0].UserId, Auth0Helper.UnapprovedProviderRole);
}
// Add approved_provider
await auth0.AddRoleAsync(authUser[0].UserId, Auth0Helper.ApprovedProviderRole);
existingProvider.Status.StatusText = Status.Approved;
await _repo.UpdateProviderAccountAsync(existingProvider);
await _repo.SaveAsync();
_logger.LogInformation($"Approval set to true for id: {providerId}");
return(NoContent());
}
_logger.LogWarning($"Account already is approved, no change for id: {providerId}");
return(NotFound());
}
public async Task <ActionResult> Get()
{
_logger.LogInformation($"GET - Retrieving user ID and verifying correct metadata is in token.");
try
{
var auth0 = _authHelperFactory.Create(Request);
var authUser = await auth0.Client.Users.GetUsersByEmailAsync(auth0.Email);
var authRoles = await auth0.Client.Roles.GetAllAsync(new GetRolesRequest());
var id = await _repo.GetCoordinatorIdByEmailAsync(auth0.Email);
if (id != Guid.Empty)
{
// If their roles arent set properly, set them
if (!auth0.Roles.Contains(Auth0Helper.CoordinatorRole))
{
await auth0.AddRoleAsync(authUser[0].UserId, authRoles.First(r => r.Name == Auth0Helper.CoordinatorRole).Id);
}
}
else
{
// Check the provider db
id = await _repo.GetProviderIdByEmailAsync(auth0.Email);
if (id != Guid.Empty &&
!auth0.Roles.Contains(Auth0Helper.UnapprovedProviderRole) &&
!auth0.Roles.Contains(Auth0Helper.ApprovedProviderRole))
{
// They have no role, so set them as unapproved
await auth0.AddRoleAsync(authUser[0].UserId, authRoles.First(r => r.Name == Auth0Helper.UnapprovedProviderRole).Id);
}
}
if (id == Guid.Empty)
{
// They have no account anywhere - check roles for coordinator role
if (auth0.Roles.Contains(Auth0Helper.CoordinatorRole))
{
// They have been set as a coordinator on the Auth0 site, so make a new account
var coordinator = new CoordinatorAccount
{
Name = authUser[0].FirstName != null && authUser[0].LastName != null
? authUser[0].FirstName + " " + authUser[0].LastName
: "No Name",
Email = auth0.Email,
TrainingCenterName = "No Name",
TrainingCenterAddress = "No Address"
};
// Add them
_repo.AddCoordinatorAccount(coordinator);
}
else
{
// Make a new provider
var provider = new ProviderAccount
{
Name = authUser[0].FirstName != null && authUser[0].LastName != null
? authUser[0].FirstName + " " + authUser[0].LastName
: "No Name",
Email = auth0.Email,
Status = new Status(Status.Pending),
AccountCreatedAt = DateTime.Now,
AccountExpiresAt = DateTime.Now.AddDays(7)
};
// Add them
_repo.AddProviderAccountAsync(provider);
// No notification is made. This is handled in the frontend when
// they select a training center and click 'request approval'
// They have no role, so set them as unapproved
await auth0.AddRoleAsync(authUser[0].UserId, authRoles.First(r => r.Name == Auth0Helper.UnapprovedProviderRole).Id);
}
// Db was modified either way, save changes
await _repo.SaveAsync();
// Get their id
id = await _repo.GetProviderIdByEmailAsync(auth0.Email);
}
// Update the app_metadata if it doesnt contain the correct id
await auth0.UpdateMetadataWithIdAsync(authUser[0].UserId, id);
return(Ok(id));
}
catch (Exception e)
{
_logger.LogError(e, "Error occurred in token setup");
return(new StatusCodeResult(StatusCodes.Status500InternalServerError));
}
}
