public async Task <ActionResult <Model.AuthUser> > Put(int id, Model.InsertRequests.AuthUserInsertRequest insert)
{
Models.AuthUser authUser = _mapper.Map <Models.AuthUser>(insert);
authUser.Id = id;
try
{
var input = _mapper.Map <AuthoAPI.Models.AuthUser>(authUser);
_context.Entry(input).State = EntityState.Modified;
var result = await _context.AuthUser.FindAsync(id);
await _context.SaveChangesAsync();
return(_mapper.Map <Model.AuthUser>(result));
}
catch (DbUpdateConcurrencyException)
{
if (!AuthUserExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
}
/// <summary>
/// Return entity from xlsx file by rowNum
/// </summary>
/// <param name="rowNum"></param>
/// <returns></returns>
private Models.AuthUser GetEntry(int rowNum, string FileName, string Folder)
{
Models.AuthUser user = new Models.AuthUser();
string FileShareResources = System.Configuration.ConfigurationManager.AppSettings["FileShareResources"].ToString();
string PhonesDruzhba = System.IO.Path.Combine(FileShareResources, "Phones", Folder, FileName);
int f = 0;
using (var sr = System.IO.File.OpenRead(PhonesDruzhba))
{
NPOI.XSSF.UserModel.XSSFWorkbook wb = new NPOI.XSSF.UserModel.XSSFWorkbook(sr);
user.isDep =
wb.GetSheet("TDSheet").GetRow(rowNum).Cells[1] == null ||
wb.GetSheet("TDSheet").GetRow(rowNum).Cells[1].ToString().Trim() == "" ||
int.TryParse(wb.GetSheet("TDSheet").GetRow(rowNum).Cells[1].ToString(), out f);
if (user.isDep)
{
user.DepName = wb.GetSheet("TDSheet").GetRow(rowNum).Cells[0].ToString();
}
else
{
user.FIO = wb.GetSheet("TDSheet").GetRow(rowNum).Cells[1].ToString();
user.post = wb.GetSheet("TDSheet").GetRow(rowNum).Cells[0].ToString();
user.Birthday = wb.GetSheet("TDSheet").GetRow(rowNum).Cells[4].ToString();
user.email = wb.GetSheet("TDSheet").GetRow(rowNum).Cells[8].ToString();
user.phone = wb.GetSheet("TDSheet").GetRow(rowNum).Cells[5].ToString();
user.mobile = wb.GetSheet("TDSheet").GetRow(rowNum).Cells[7].ToString();
}
}
return(user);
}
public async Task <ActionResult <Model.AuthUser> > PostAuthUser(Model.AuthUser insert)
{
Models.AuthUser input = _mapper.Map <Models.AuthUser>(insert);
_context.AuthUser.Add(input);
await _context.SaveChangesAsync();
var result = await _context.AuthUser.FindAsync(input.Id);
return(_mapper.Map <Model.AuthUser>(result));
//return CreatedAtAction("Get", new { id = authUser.Id }, authUser);
}
public static void SaveUser(Models.AuthUser user)
{
using (OfficeMapper.Models.PhonesDataContext model = new Models.PhonesDataContext())
{
if (model.Users.Count(x => x.UTNLogin == user.UTNLogin) == 0)
{
model.Users.InsertOnSubmit(new Models.User()
{
UTNLogin = user.UTNLogin,
Domain = user.domain,
FIO = user.FIO,
Email = user.email
});
model.SubmitChanges();
}
}
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
Models.AuthUser user = Lib.ADAuth.Authenticate(model.Name, model.Password, model.Domain);
if (user != null)
{
FormsAuthentication.SetAuthCookie(model.Email, false);
var authTicket = new FormsAuthenticationTicket(1, user.UTNLogin, DateTime.Now
, DateTime.Now.AddMinutes(20), false
, model.Domain);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContext.Response.Cookies.Add(authCookie);
//return RedirectToAction("Index", "Apps");
return(RedirectToLocal(returnUrl));
}
else
{
ModelState.AddModelError("", "Invalid login attempt.");
return(View(model));
}
//// This doesn't count login failures towards account lockout
//// To enable password failures to trigger account lockout, change to shouldLockout: true
//var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
//switch (result)
//{
// case SignInStatus.Success:
// return RedirectToLocal(returnUrl);
// case SignInStatus.LockedOut:
// return View("Lockout");
// case SignInStatus.RequiresVerification:
// return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
// case SignInStatus.Failure:
// default:
// ModelState.AddModelError("", "Invalid login attempt.");
// return View(model);
//}
}
public static Models.AuthUser GetUserByEmail(string email)
{
Models.AuthUser user = null;
using (OfficeMapper.Models.PhonesDataContext model = new Models.PhonesDataContext())
{
if (model.Users.Count(x => x.Email == email) > 0)
{
user = new Models.AuthUser();
user = model.Users.Where(x => x.Email == email)
.Select(x => new Models.AuthUser()
{
UTNLogin = x.UTNLogin,
domain = x.Domain,
email = x.Email,
FIO = x.FIO,
post = x.Post
}).First();
}
}
return(user);
}
public static Models.AuthUser GetUser(string username)
{
Models.AuthUser user = null;
using (OfficeMapper.Models.PhonesDataContext model = new Models.PhonesDataContext())
{
if (model.Users.Count(x => x.UTNLogin == username) > 0)
{
user = new Models.AuthUser();
user = model.Users.Where(x => x.UTNLogin == username)
.ToList()
.Select(x => new Models.AuthUser()
{
UTNLogin = x.UTNLogin,
domain = x.Domain,
email = x.Email,
FIO = x.FIO,
post = x.Post,
ITResponsible = model.Acceptors.Count(f => f.username == x.UTNLogin && f.serviceDomain != null) > 0
}).First();
}
}
return(user);
}
/// <summary>
/// Возвращает перечень сервисов для пользователя
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public List <Models.ApplicationEntry> GetApplications(Models.AuthUser user)
{
List <Models.ApplicationEntry> apps = new List <Models.ApplicationEntry>();
user = Lib.ADAuth.GetUser(user.UTNLogin);
string FileSharesCode = System.Configuration.ConfigurationManager.AppSettings["FileSharesCode"].ToString().Trim();
using (OfficeMapper.Models.PhonesDataContext model = new Models.PhonesDataContext())
{
apps = model.UserServices.ToList()
.Where(x => !string.IsNullOrEmpty(x.Id) &&
x.Id != FileSharesCode &&
!x.Id.StartsWith(FileSharesCode + ".") &&
ApplicationFilter(x.Department, user.UTNLogin))
.Select(x => new Models.ApplicationEntry()
{
Id = x.Id,
Name = x.Id.Contains('.')?x.ServiceName:x.Group,
Description = x.Description,
Type = x.Id.Contains('.')?Models.ServiceLevelEnum.Service.ToString():
Models.ServiceLevelEnum.Group.ToString(),
HelpDocumentationLink = x.HelpDocumentationLink,
DeprecationText = x.DeprecationText != null? x.DeprecationText:""
})
.ToList();
///---Проставляю статусы по каждому сервису
foreach (var app in apps)
{
if (model.AssignedServices.Count(x => x.ServiceId == app.Id &&
x.UTNLogin == user.UTNLogin) > 0)
{
///---Отображение состояние "заказанности" пользователем
var assign = model.AssignedServices.First(x => x.ServiceId == app.Id &&
x.UserId == user.Id);
app.UserClamed = assign.UserClaimed.Value;
///---Отображение состояния "Подтвержденности IT"
if (assign.ITApproved != null && assign.ITApproved == true &&
assign.ITApprovedBy != null && assign.ITApprovedBy != "")
{
///---Получаю данные о пользователе, который подписал со стороны IT
Models.AuthUser itUser = Lib.ADAuth.GetUser(assign.ITApprovedBy);
if (itUser == null)
{
itUser = new Models.AuthUser();
}
app.AcceptedIT = assign.ITApproved.Value;
app.AcceptedITBy = itUser;
}
else
{
app.AcceptedITBy = new Models.AuthUser();
app.AcceptedITBy.UTNLogin = "";
}
///---Отображение состояние "инвентаризации" пользователем
var assign1 = model.AssignedServices.First(x => x.ServiceId == app.Id &&
x.UserId == user.Id);
app.AcceptedTechnicalResponsible = assign1.TechnicalResponsibleApproved != null && assign1.TechnicalResponsibleApproved.Value;
///---Отображение необходимости и состояния "Подтвержденности Владельца"
if (assign.OwnerApproved != null && assign.OwnerApproved == true &&
assign.OwnerApprovedBy != null && assign.OwnerApprovedBy != "")
{
///---Получаю данные о пользователе, который подписал со стороны IT
Models.AuthUser ownerUser = Lib.ADAuth.GetUser(assign.OwnerApprovedBy);
if (ownerUser == null)
{
ownerUser = new Models.AuthUser();
}
app.AcceptedOwner = assign.OwnerApproved.Value;
app.AcceptedOwnerBy = ownerUser;
app.AcceptedITBy.UTNLogin = "";
}
else
{
app.AcceptedOwnerBy = new Models.AuthUser();
app.AcceptedOwnerBy.UTNLogin = "";
}
}
///---Нужно ли подтверждать владельцу сервиса
app.NeedAcceptedOwner = Lib.MailHelper.ExistsApproval(Models.AcceptRoleEnum.owner.ToString(), app.Id);
}
}
return(apps);
}
/// <summary>
/// Сохраняю запросы пользователя на приложения
/// акцептирование айтишниками и владельцами
/// </summary>
/// <param name="data"></param>
public void SaveApplications(Models.ApplicationView data)
{
using (OfficeMapper.Models.PhonesDataContext model = new Models.PhonesDataContext())
{
Models.AuthUser user = Lib.ADAuth.GetUser(data.User.UTNLogin);
#region TODO: Applications
/////----Проверяю все поданные заявки и сохраняю их в базе
//foreach (var app in data.Applications)
//{
// ///---Если записи нет - добавляю
// if(model.AssignedServices.Count(x=>x.UserId == user.Id
// && x.ServiceId == app.Id) == 0 && app.UserClamed == true)
// {
// model.AssignedServices.InsertOnSubmit(new Models.AssignedService() {
// ServiceId = app.Id,
// UserId = user.Id,
// UserClaimed = app.UserClamed
// });
// model.SubmitChanges();
// ///---Если это не режим инвентаризации, отправляю заявки по каждому приложению отдельно
// if(bool.Parse(System.Configuration.ConfigurationManager.AppSettings["learningMode"]) != true)
// {
// ///---Создаем новый запрос на сервис
// AcceptRequest ar = new AcceptRequest() {
// ServiceId = app.Id,
// ServiceType = ServiceTypeEnum.UserService,
// RequestDate = DateTime.Now,
// UserId = user.sAMAccountName,
// RequestStage = StageEnum.NewRequest,
// Secret =Guid.NewGuid().ToString()
// };
// var wfManager = new StandardKernel(new AcceptingWorkflowBindingModule(ServiceTypeEnum.UserService)).Get<AcceptingWorkflowManager>();
// wfManager.Save(ar);
// //ApproveClaimRequest(user.sAMAccountName, app.Id);
// }
// }
// ///--Если запись есть, но нет галки - удаляю
// if (model.AssignedServices.Count(x => x.UserId == user.Id
// && x.ServiceId == app.Id) > 0 && app.UserClamed == false)
// {
// var deleteRec = model.AssignedServices.First(x => x.UserId == user.Id
// && x.ServiceId == app.Id);
// model.AssignedServices.DeleteOnSubmit(deleteRec);
// model.SubmitChanges();
// }
//}
#endregion
#region TODO: Shares
/////----Проверяю все поданные заявки и сохраняю их в базе
//foreach (var app in data.Applications)
//{
// ///---Если записи нет - добавляю
// if (model.AssignedServices.Count(x => x.UserId == user.Id
// && x.ServiceId == app.Id) == 0 && app.UserClamed == true)
// {
// model.AssignedServices.InsertOnSubmit(new Models.AssignedService()
// {
// ServiceId = app.Id,
// UserId = user.Id,
// UserClaimed = app.UserClamed
// });
// model.SubmitChanges();
// ///---Если это не режим инвентаризации, отправляю заявки по каждому приложению отдельно
// if (bool.Parse(System.Configuration.ConfigurationManager.AppSettings["learningMode"]) != true)
// {
// ///---Создаем новый запрос на сервис
// AcceptRequest ar = new AcceptRequest()
// {
// ServiceId = app.Id,
// ServiceType = ServiceTypeEnum.UserService,
// RequestDate = DateTime.Now,
// UserId = user.sAMAccountName,
// RequestStage = StageEnum.NewRequest,
// Secret = Guid.NewGuid().ToString()
// };
// var wfManager = new StandardKernel(new AcceptingWorkflowBindingModule(ServiceTypeEnum.UserService)).Get<AcceptingWorkflowManager>();
// wfManager.Save(ar);
// //ApproveClaimRequest(user.sAMAccountName, app.Id);
// }
// }
// ///--Если запись есть, но нет галки - удаляю
// if (model.AssignedServices.Count(x => x.UserId == user.Id
// && x.ServiceId == app.Id) > 0 && app.UserClamed == false)
// {
// var deleteRec = model.AssignedServices.First(x => x.UserId == user.Id
// && x.ServiceId == app.Id);
// model.AssignedServices.DeleteOnSubmit(deleteRec);
// model.SubmitChanges();
// }
//}
#endregion
#region Application Inventarization
///---Если это режим инвентаризации, перечень всех приложений на утверждение Техответственных
if (bool.Parse(System.Configuration.ConfigurationManager.AppSettings["learningMode"]) == true)
{
///---Создаю пачку запросов с одним Secret для
List <AcceptRequest> ars = new List <AcceptRequest>();
string Secret = Guid.NewGuid().ToString();
foreach (var app in data.Applications.Where(x => x.UserClamed == true).ToList())
{
model.AssignedServices.InsertOnSubmit(new Models.AssignedService()
{
ServiceId = app.Id,
UserId = user.Id,
UserClaimed = app.UserClamed,
UTNLogin = data.User.UTNLogin
});
model.SubmitChanges();
AcceptRequest ar = new AcceptRequest()
{
ServiceId = app.Id,
ServiceType = ServiceTypeEnum.UserService,
RequestDate = DateTime.Now,
UTNLogin = user.UTNLogin,
RequestStage = StageEnum.NewRequest,
Secret = Secret
};
ars.Add(ar);
}
///---Принимаю запросы на новые сеервисы, которые уже используются, но не проинвенчены
//foreach (var newService in )
//{
//}
///---Сохраняю запрос
var wfManager = new StandardKernel(new AcceptingWorkflowBindingModule(ServiceTypeEnum.UserService)).Get <AcceptingWorkflowManager>();
wfManager.Save(ars);
}
#endregion
#region TODO: Shares Inventarization
/////---Если это режим инвентаризации, перечень всех приложений на утверждение Техответственных
//if (bool.Parse(System.Configuration.ConfigurationManager.AppSettings["learningMode"]) == true)
//{
// ///---Создаю пачку запросов с одним Secret для
// List<AcceptRequest> ars = new List<AcceptRequest>();
// string Secret = Guid.NewGuid().ToString();
// foreach (var app in data.Applications.Where(x => x.UserClamed == true).ToList())
// {
// AcceptRequest ar = new AcceptRequest()
// {
// ServiceId = app.Id,
// ServiceType = ServiceTypeEnum.UserService,
// RequestDate = DateTime.Now,
// UserId = user.sAMAccountName,
// RequestStage = StageEnum.NewRequest,
// Secret = Secret
// };
// ars.Add(ar);
// }
// var wfManager = new StandardKernel(new AcceptingWorkflowBindingModule(ServiceTypeEnum.UserService)).Get<AcceptingWorkflowManager>();
// wfManager.Save(ars);
//}
#endregion
}
}
/// <summary>
/// Возвращает данные пользователя из AD
/// </summary>
/// <param name="login"></param>
/// <returns></returns>
public static Models.AuthUser GetUserFromAD(string login)
{
Models.AuthUser user = new Models.AuthUser();
string domainNetBIOS = login.Split('\\')[0];
string samAccountName = login.Split('\\')[1];
string controller = "";
string username = "";
string password = "";
string domain = "";
string ldap = "";
try {
switch (domainNetBIOS)
{
case "UKRTRANSNAFTA":
controller = System.Configuration.ConfigurationManager.AppSettings["kyivDC"];
username = "******";
password = "";
domain = "ukrtransnafta.com";
ldap = "DC=ukrtransnafta,DC=com";
break;
case "ODESSA":
controller = System.Configuration.ConfigurationManager.AppSettings["odessaDC"];
username = "******";
password = "";
domain = "odessa.ukrtransnafta.com";
ldap = "DC=odessa,DC=ukrtransnafta,DC=com";
break;
case "KREMEN":
controller = System.Configuration.ConfigurationManager.AppSettings["kremenDC"];
username = "******";
password = "";
domain = "kremen.ukrtransnafta.com";
ldap = "DC=kremen,DC=ukrtransnafta,DC=com";
break;
case "DRUZHBA_AD":
controller = System.Configuration.ConfigurationManager.AppSettings["lvivDC"];
username = "******";
password = "";
domain = "druzhba.ukrtransnafta.com";
ldap = "DC=druzhba,DC=ukrtransnafta,DC=com";
break;
case "DRUZHBA":
controller = System.Configuration.ConfigurationManager.AppSettings["lvivDCOLD"];
domain = "druzhba.lviv.ua";
ldap = "DC=druzhba,DC=lviv,DC=ua";
var ldapPort = 389;
var pageSize = 1000;
var openLDAPHelper = new LDAPHelper(
ldap,
controller,
ldapPort,
AuthType.Basic,
pageSize);
var searchFilter = "uid=" + samAccountName;
var attributesToLoad = new[] { "mail", "cn", "displayName" };
var pagedSearchResults = openLDAPHelper.PagedSearch(
searchFilter,
attributesToLoad);
foreach (var searchResultEntryCollection in pagedSearchResults)
{
foreach (SearchResultEntry searchResultEntry in searchResultEntryCollection)
{
if (searchResultEntry.Attributes.Count > 0)
{
user.email = searchResultEntry.Attributes["mail"][0].ToString();
user.FIO = searchResultEntry.Attributes["displayName"][0].ToString();
}
}
}
break;
}
if (domainNetBIOS != "DRUZHBA")
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, controller);
UserPrincipal u = UserPrincipal.FindByIdentity(ctx, samAccountName);
if (u != null)
{
user.email = u.EmailAddress;
user.FIO = u.DisplayName;
}
}
}
catch (Exception ex)
{
}
return(user);
}
public static Models.AuthUser Authenticate(string username, string password, string domain)
{
Models.AuthUser user = null;
string controller = "";
switch (domain.ToLower())
{
case "kremen":
controller = System.Configuration.ConfigurationManager.AppSettings["kremenDC"];
break;
case "odessa":
controller = System.Configuration.ConfigurationManager.AppSettings["odessaDC"];
break;
case "lviv":
controller = System.Configuration.ConfigurationManager.AppSettings["lvivDC"];
break;
case "kyiv":
controller = System.Configuration.ConfigurationManager.AppSettings["kyivDC"];
break;
}
try
{
LdapConnection lcon = new LdapConnection(controller);
NetworkCredential nc = new NetworkCredential(username, password, domain);
lcon.Credential = nc;
lcon.AuthType = AuthType.Negotiate;
// user has authenticated at this point,
// as the credentials were used to login to the dc.
lcon.Bind(nc);
///---TODO Вычитываем данные из домена для сохранения в базе
user = new Models.AuthUser();
DirectoryEntry de = new DirectoryEntry(@"LDAP://" + controller, username, password);
DirectorySearcher ds = new DirectorySearcher(de);
ds.SearchScope = System.DirectoryServices.SearchScope.Subtree;
ds.Filter = "(&(objectCategory=User) (samAccountName=" + username + "))";
ds.PropertiesToLoad.Add("mail");
ds.PropertiesToLoad.Add("phone");
SearchResult result = ds.FindOne();
user.UTNLogin = username + @"@" + domain;
user.domain = domain;
user.email = result.Properties["mail"].Count > 0? result.Properties["mail"][0].ToString():"";
user.FIO = result.Path.Split(',').Count() > 0
? result.Path.Split(',')[0].Split('=').Count() > 1
? result.Path.Split(',')[0].Split('=')[1]
: ""
: "";
///---Если прошли аутентификацию сохраняем пользователя в базе
SaveUser(user);
}
catch (LdapException ex)
{
user = null;
}
return(user);
}
