public async Task <CollectionGroupDetailsResponseModel> GetDetails(string orgId, string id) { var orgIdGuid = new Guid(orgId); if (!await ViewAtLeastOneCollectionAsync(orgIdGuid) && !await _currentContext.ManageUsers(orgIdGuid)) { throw new NotFoundException(); } var idGuid = new Guid(id); if (await _currentContext.ViewAllCollections(orgIdGuid)) { var collectionDetails = await _collectionRepository.GetByIdWithGroupsAsync(idGuid); if (collectionDetails?.Item1 == null || collectionDetails.Item1.OrganizationId != orgIdGuid) { throw new NotFoundException(); } return(new CollectionGroupDetailsResponseModel(collectionDetails.Item1, collectionDetails.Item2)); } else { var collectionDetails = await _collectionRepository.GetByIdWithGroupsAsync(idGuid, _currentContext.UserId.Value); if (collectionDetails?.Item1 == null || collectionDetails.Item1.OrganizationId != orgIdGuid) { throw new NotFoundException(); } return(new CollectionGroupDetailsResponseModel(collectionDetails.Item1, collectionDetails.Item2)); } }
public async Task <CipherMiniResponseModel> GetAdmin(string id) { var cipher = await _cipherRepository.GetOrganizationDetailsByIdAsync(new Guid(id)); if (cipher == null || !cipher.OrganizationId.HasValue || !await _currentContext.ViewAllCollections(cipher.OrganizationId.Value)) { throw new NotFoundException(); } return(new CipherMiniResponseModel(cipher, _globalSettings, cipher.OrganizationUseTotp)); }
public async Task <IEnumerable <Collection> > GetOrganizationCollections(Guid organizationId) { if (!await _currentContext.ViewAllCollections(organizationId) && !await _currentContext.ManageUsers(organizationId)) { throw new NotFoundException(); } IEnumerable <Collection> orgCollections; if (await _currentContext.OrganizationAdmin(organizationId) || await _currentContext.ViewAllCollections(organizationId)) { // Admins, Owners, Providers and Custom (with collection management permissions) can access all items even if not assigned to them orgCollections = await _collectionRepository.GetManyByOrganizationIdAsync(organizationId); } else { var collections = await _collectionRepository.GetManyByUserIdAsync(_currentContext.UserId.Value); orgCollections = collections.Where(c => c.OrganizationId == organizationId); } return(orgCollections); }
public async Task<ListResponseModel<GroupResponseModel>> Get(string orgId) { var orgIdGuid = new Guid(orgId); var canAccess = await _currentContext.ManageGroups(orgIdGuid) || await _currentContext.ViewAssignedCollections(orgIdGuid) || await _currentContext.ViewAllCollections(orgIdGuid) || await _currentContext.ManageUsers(orgIdGuid); if (!canAccess) { throw new NotFoundException(); } var groups = await _groupRepository.GetManyByOrganizationIdAsync(orgIdGuid); var responses = groups.Select(g => new GroupResponseModel(g)); return new ListResponseModel<GroupResponseModel>(responses); }
public async Task <ListResponseModel <OrganizationUserUserDetailsResponseModel> > Get(string orgId) { var orgGuidId = new Guid(orgId); if (!await _currentContext.ViewAllCollections(orgGuidId) && !await _currentContext.ViewAssignedCollections(orgGuidId) && !await _currentContext.ManageGroups(orgGuidId) && !await _currentContext.ManageUsers(orgGuidId)) { throw new NotFoundException(); } var organizationUsers = await _organizationUserRepository.GetManyDetailsByOrganizationAsync(orgGuidId); var responseTasks = organizationUsers.Select(async o => new OrganizationUserUserDetailsResponseModel(o, await _userService.TwoFactorIsEnabledAsync(o))); var responses = await Task.WhenAll(responseTasks); return(new ListResponseModel <OrganizationUserUserDetailsResponseModel>(responses)); }