protected override void Handle(CreateSystemAdminRequest request, DtoResponse <SystemAccountDto> response)
{
var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);
var role = _roleRepository.GetInternalRoleKeyByName("System Admin");
if (role != null)
{
if (systemAccount == null)
{
var identityServiceResponse = _systemAccountIdentityServiceManager.Create(request.Username, request.Email);
if (identityServiceResponse.Sucess)
{
systemAccount = _systemAccountFactory.CreateSystemAdmin(request.Email, new Email(request.Email));
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
response.DataTransferObject = systemAccountDto;
systemAccount.AddRole(role);
}
else
{
var result = identityServiceResponse.ErrorMessage;
var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
response.DataTransferObject = new SystemAccountDto();
response.DataTransferObject.AddDataErrorInfo(dataErrorInfo);
}
}
else
{
var result = "System account already in use.";
var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
response.DataTransferObject = new SystemAccountDto();
response.DataTransferObject.AddDataErrorInfo(dataErrorInfo);
}
}
}
/// <summary>
/// Handles the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="response">The response.</param>
protected override void Handle(CreateSystemAdminRequest request, DtoResponse <SystemAccountDto> response)
{
var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);
var roleKey = _roleRepository.GetInternalRoleKeyByName("System Admin");
if (roleKey.HasValue)
{
if (systemAccount == null)
{
var result = _systemAccountIdentityServiceManager.Create(request.Email);
if (result.Sucess)
{
var systemAccountFactory = new SystemAccountFactory();
systemAccount = systemAccountFactory.Create(Guid.Empty, request.Email, new Email(request.Email));
systemAccount.AddRole(roleKey.Value);
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
response.DataTransferObject = systemAccountDto;
}
else
{
var dataErrorInfo = new DataErrorInfo(result.ErrorMessage, ErrorLevel.Error);
response.DataTransferObject = new SystemAccountDto();
response.DataTransferObject.AddDataErrorInfo(dataErrorInfo);
}
}
else
{
var dataErrorInfo = new DataErrorInfo("System Admin already exists.", ErrorLevel.Error);
response.DataTransferObject = new SystemAccountDto();
response.DataTransferObject.AddDataErrorInfo(dataErrorInfo);
}
}
}
/// <summary>
/// Handles the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="response">The response.</param>
protected override void Handle(CreateOrganizationAdminRequest request, CreateOrganizationAdminResponse response)
{
var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);
var addRole = false;
if (systemAccount == null)
{
var result = _systemAccountIdentityServiceManager.Create(request.Email);
if (result.Sucess)
{
var systemAccountFactory = new SystemAccountFactory();
systemAccount = systemAccountFactory.Create(request.OrganizationKey, request.Email, new Email(request.Email));
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
response.SystemAccountDto = systemAccountDto;
addRole = true;
}
else
{
var dataErrorInfo = new DataErrorInfo(result.ErrorMessage, ErrorLevel.Error);
response.SystemAccountDto = new SystemAccountDto();
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
else
{
var result = _systemAccountIdentityServiceManager.ResetPassword(systemAccount.Identifier);
if (result.Sucess)
{
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
response.SystemAccountDto = systemAccountDto;
addRole = true;
}
else
{
var dataErrorInfo = new DataErrorInfo(result.ErrorMessage, ErrorLevel.Error);
response.SystemAccountDto = new SystemAccountDto();
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
if (addRole)
{
var role = _roleFactory.Create("Default Organization Admin", request.OrganizationKey);
role.AddPermision(BasicAccessPermission.AccessUserInterfacePermission);
role.AddPermision(OrganizationPermission.OrganizationViewPermission);
role.AddPermision(OrganizationPermission.OrganizationEditPermission);
role.AddPermision(StaffPermission.StaffAddRolePermission);
role.AddPermision(StaffPermission.StaffCreateAccountPermission);
role.AddPermision(StaffPermission.StaffEditPermission);
role.AddPermision(StaffPermission.StaffLinkAccountPermission);
role.AddPermision(StaffPermission.StaffRemoveRolePermission);
role.AddPermision(StaffPermission.StaffViewPermission);
role.AddPermision(RolePermission.RoleAddPermissionPermission);
role.AddPermision(RolePermission.RoleEditPermission);
role.AddPermision(RolePermission.RoleRemovePermissionPermission);
role.AddPermision(RolePermission.RoleViewPermission);
systemAccount.AddRole(role.Key);
}
}
protected override void Handle(CreateOrganizationAdminRequest request, CreateOrganizationAdminResponse response)
{
var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);
var organization = _organizationRepository.GetByKey(request.OrganizationKey);
if (systemAccount == null)
{
var identityServiceResponse = _systemAccountIdentityServiceManager.Create(request.Username, request.Email);
if (identityServiceResponse.Sucess)
{
systemAccount = _systemAccountFactory.Create(organization, request.Email, new Email(request.Email));
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
response.SystemAccountDto = systemAccountDto;
var role = _roleFactory.Create(organization, "Default Organization Admin");
role.AddPermision(BasicAccessPermission.AccessUserInterfacePermission);
role.AddPermision(OrganizationPermission.OrganizationViewPermission);
role.AddPermision(OrganizationPermission.OrganizationEditPermission);
role.AddPermision(StaffPermission.StaffAddRolePermission);
role.AddPermision(StaffPermission.StaffCreateAccountPermission);
role.AddPermision(StaffPermission.StaffEditPermission);
role.AddPermision(StaffPermission.StaffLinkAccountPermission);
role.AddPermision(StaffPermission.StaffRemoveRolePermission);
role.AddPermision(StaffPermission.StaffViewPermission);
role.AddPermision(RolePermission.RoleAddPermissionPermission);
role.AddPermision(RolePermission.RoleEditPermission);
role.AddPermision(RolePermission.RoleRemovePermissionPermission);
role.AddPermision(RolePermission.RoleViewPermission);
role.AddPermision(PatientPermission.PatientEditPermission);
role.AddPermision(PatientPermission.PatientViewPermission);
role.AddPermision(AssessmentPermission.AssessmentEditPermission);
role.AddPermision(AssessmentPermission.AssessmentViewPermission);
role.AddPermision(StaffPermission.ResetPasswordPermission);
systemAccount.AddRole(role);
}
else
{
var result = identityServiceResponse.ErrorMessage;
var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
response.SystemAccountDto = new SystemAccountDto();
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
else
{
_systemAccountIdentityServiceManager.ResetPassword(systemAccount.Email.Address);
}
}
public void ProcessRequest(HttpContext context)
{
// var identity = _currentClaimsPrincipalService.GetCurrentPrincipal ().Identity;
var identity = _currentClaimsPrincipalService.GetCurrentPrincipal().Identity as IClaimsIdentity;
var nameIdentifier = identity.Claims.First(c => c.ClaimType == ClaimTypes.NameIdentifier).Value;
// check this for security reason
if (identity.IsAuthenticated)
{
var staffKeyString = context.Request["staffKey"];
var staffKey = string.IsNullOrEmpty(staffKeyString) ? 0 : long.Parse(staffKeyString);
var account = _accountRepository.GetByIdentifier(nameIdentifier);
// check this for security reason
if (account.StaffMembers.Any(x => x.Key == staffKey))
{
var staff = _staffRepository.GetByKey(staffKey);
_signOnService.LoginAs(staff);
context.Response.Redirect("~/Client.aspx");
}
}
}
protected override void Handle(CreateOrganizationAdminRequest request, CreateOrganizationAdminResponse response)
{
var systemAccount = _systemAccountRepository.GetByIdentifier(request.Email);
if (systemAccount == null)
{
using (var httpClient = new HttpClient {
BaseAddress = new Uri(request.BaseIdentityServerUri)
})
{
httpClient.SetToken("Session", request.Token);
var httpResponseMessage = httpClient.GetAsync("api/membership/Create/" + request.Username + "?email=" + request.Email).Result;
if (httpResponseMessage.StatusCode == HttpStatusCode.OK)
{
var membershipUserDto = httpResponseMessage.Content.ReadAsAsync <MembershipUserDto>().Result;
var systemAccountFactory = new SystemAccountFactory();
systemAccount = systemAccountFactory.Create(request.OrganizationKey, membershipUserDto.NameIdentifier, new Email(membershipUserDto.Email));
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
response.SystemAccountDto = systemAccountDto;
}
else
{
var result = httpResponseMessage.Content.ReadAsStringAsync().Result;
var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
response.SystemAccountDto = new SystemAccountDto();
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
}
else
{
//Reset password....
}
//if (request.SystemAccountDto.CreateNew)
//{
// var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
// if (systemAccount != null) // account existing
// {
// var dataErrorInfo = new DataErrorInfo(string.Format("Cannot create account because an account with the email {0} already exists.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
// response.SystemAccountDto = request.SystemAccountDto;
// response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
// }
// else
// {
// // 1. create member login in Identity server
// // 2. Create System account in domain
// // 3. assign system account to the new staff or patient
// // 4. error handling: if the login/account is taken or cannot create new login
// using (var httpClient = new HttpClient {BaseAddress = new Uri(request.BaseIdentityServerUri)})
// {
// httpClient.SetToken("Session", request.Token);
// var httpResponseMessage = httpClient.GetAsync("api/membership/Create/" + request.SystemAccountDto.Username + "?email=" + request.SystemAccountDto.Email).Result;
// if (httpResponseMessage.StatusCode == HttpStatusCode.OK)
// {
// var membershipUserDto = httpResponseMessage.Content.ReadAsAsync<MembershipUserDto>().Result;
// var systemAccountFactory = new SystemAccountFactory();
// systemAccount = systemAccountFactory.Create(request.OrganizationKey, membershipUserDto.NameIdentifier, new Email(membershipUserDto.Email));
// if (request.StaffKey != Guid.Empty)
// {
// systemAccount.AssignToStaff(request.StaffKey);
// }
// if (request.PatientKey != Guid.Empty)
// {
// systemAccount.AssignToPatient(request.PatientKey);
// Guid? portalRoleKey;
// using (var connection = _dbConnectionFactory.CreateConnection())
// {
// portalRoleKey = connection.Query<Guid?>("SELECT [RoleKey] FROM [SecurityModule].[Role] WHERE Name=@Name", new {Name = "Patient Portal"}).FirstOrDefault();
// }
// if (portalRoleKey.HasValue)
// {
// systemAccount.AddRole(portalRoleKey.Value);
// }
// else
// {
// Logger.Error("Cannot find Patient portal built in role.");
// }
// }
// var systemAccountDto = Mapper.Map<SystemAccount, SystemAccountDto>(systemAccount);
// response.SystemAccountDto = systemAccountDto;
// }
// else
// {
// var result = httpResponseMessage.Content.ReadAsStringAsync().Result;
// var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
// response.SystemAccountDto = request.SystemAccountDto;
// response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
// }
// }
// }
//}
//else
//{
// var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
// if (systemAccount != null) // account existing
// {
// if (systemAccount.StaffKey == null)
// {
// systemAccount.AssignToStaff(request.StaffKey);
// var systemAccountDto = Mapper.Map<SystemAccount, SystemAccountDto>(systemAccount);
// response.SystemAccountDto = systemAccountDto;
// }
// else
// {
// var dataErrorInfo = new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} has been assigned to another staff.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
// response.SystemAccountDto = request.SystemAccountDto;
// response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
// }
// }
// else
// {
// var dataErrorInfo = new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} does not exist.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
// response.SystemAccountDto = request.SystemAccountDto;
// response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
// }
//}
}
protected override void Handle(AssignAccountRequest request, AssignAccountResponse response)
{
if (request.SystemAccountDto.CreateNew)
{
var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
var staff = _staffRepository.GetByKey(request.StaffKey);
if (systemAccount != null) // account existing
{
var dataErrorInfo = new DataErrorInfo(string.Format("Cannot create account because an account with the email {0} already exists.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
response.SystemAccountDto = request.SystemAccountDto;
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
else
{
// 1. create member login in Identity server
// 2. Create System account in domain
// 3. assign system account to the new staff
// 4. error handling: if the login/account is taken or cannot create new login
if (staff != null)
{
var identityServerResponse = _systemAccountIdentityServiceManager.Create(request.SystemAccountDto.Username, request.SystemAccountDto.Email);
if (identityServerResponse.Sucess)
{
var organization = _organizationRepository.GetByKey(UserContext.OrganizationKey);
systemAccount = _systemAccountFactory.Create(organization,
request.SystemAccountDto.Email,
new Email(request.SystemAccountDto.Email));
systemAccount.AssignToStaff(staff);
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
response.SystemAccountDto = systemAccountDto;
}
else
{
var result = identityServerResponse.ErrorMessage;
var dataErrorInfo = new DataErrorInfo(result, ErrorLevel.Error);
response.SystemAccountDto = request.SystemAccountDto;
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
else
{
Logger.Error(string.Format("Tried assigning invalid staff {0} to systemaccount {1}", request.StaffKey, systemAccount.Key));
response.SystemAccountDto.AddDataErrorInfo(new DataErrorInfo("Invalid staff key.", ErrorLevel.Error));
}
}
}
else
{
var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
var staff = _staffRepository.GetByKey(request.StaffKey);
if (systemAccount != null) // account existing
{
if (systemAccount.Staff == null)
{
systemAccount.AssignToStaff(staff);
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto>(systemAccount);
response.SystemAccountDto = systemAccountDto;
}
else
{
var dataErrorInfo = new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} has been assigned to another staff.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
response.SystemAccountDto = request.SystemAccountDto;
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
else
{
var dataErrorInfo = new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} does not exist.", request.SystemAccountDto.Identifier), ErrorLevel.Error);
response.SystemAccountDto = request.SystemAccountDto;
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
}
/// <summary>
/// Handles the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="response">The response.</param>
/// <exception cref="System.InvalidOperationException">Cannot find Patient portal built in role.</exception>
protected override void Handle(AssignAccountRequest request, AssignAccountResponse response)
{
if (request.SystemAccountDto.CreateNew)
{
var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
if (systemAccount != null)
{
// account existing
var dataErrorInfo =
new DataErrorInfo(string.Format("Cannot create account because an account with the email {0} already exists.", request.SystemAccountDto.Identifier),
ErrorLevel.Error);
response.SystemAccountDto = request.SystemAccountDto;
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
else
{
var identityServiceResponse = _systemAccountIdentityServiceManager.Create(request.SystemAccountDto.Email);
if (identityServiceResponse.Sucess)
{
var systemAccountFactory = new SystemAccountFactory();
systemAccount = systemAccountFactory.Create(request.OrganizationKey, request.SystemAccountDto.Email, new Email(request.SystemAccountDto.Email));
if (request.StaffKey != Guid.Empty)
{
systemAccount.AssignToStaff(request.StaffKey);
}
if (request.PatientKey != Guid.Empty)
{
systemAccount.AssignToPatient(request.PatientKey);
Guid?portalRoleKey;
using (var connection = _dbConnectionFactory.CreateConnection())
{
portalRoleKey =
connection.Query <Guid?> ("SELECT [RoleKey] FROM [SecurityModule].[Role] WHERE Name=@Name", new { Name = "Patient Portal" }).FirstOrDefault();
}
if (portalRoleKey.HasValue)
{
systemAccount.AddRole(portalRoleKey.Value);
}
else
{
throw new InvalidOperationException("Cannot find Patient portal built in role.");
}
}
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
response.SystemAccountDto = systemAccountDto;
}
else
{
var result = identityServiceResponse.ErrorMessage;
//// remove the message from the JSON
var identityError = (IdentityServerError)JsonConvert.DeserializeObject(result, typeof(IdentityServerError));
var dataErrorInfo = new DataErrorInfo(identityError.Message, ErrorLevel.Error);
response.SystemAccountDto = request.SystemAccountDto;
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
}
else
{
var systemAccount = _systemAccountRepository.GetByIdentifier(request.SystemAccountDto.Identifier);
if (systemAccount != null)
{
// account existing
if (systemAccount.StaffKey == null)
{
systemAccount.AssignToStaff(request.StaffKey);
var systemAccountDto = Mapper.Map <SystemAccount, SystemAccountDto> (systemAccount);
response.SystemAccountDto = systemAccountDto;
}
else
{
var dataErrorInfo =
new DataErrorInfo(
string.Format(
"Cannot link account because an account with the email {0} has been assigned to another staff.",
request.SystemAccountDto.Identifier),
ErrorLevel.Error);
response.SystemAccountDto = request.SystemAccountDto;
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
else
{
var dataErrorInfo =
new DataErrorInfo(string.Format("Cannot link account because an account with the email {0} does not exist.", request.SystemAccountDto.Identifier),
ErrorLevel.Error);
response.SystemAccountDto = request.SystemAccountDto;
response.SystemAccountDto.AddDataErrorInfo(dataErrorInfo);
}
}
}
