public IActionResult СhangeOfCalendarStorage(string change)
{
if (!GetTenant(change, out Tenant tenant, out object error))
{
return(BadRequest(error));
}
try
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, change + ConfirmType.Auth);
SendToApi(Request.Scheme, tenant, "calendar/change_to_storage", new Dictionary <string, string> {
{ "change", change }, { "key", validationKey }
});
}
catch (Exception ex)
{
Log.Error("Error change_to_storage", ex);
return(StatusCode(StatusCodes.Status500InternalServerError, new
{
error = "apiError",
message = ex.Message
}));
}
return(Ok());
}
private static string GetConfirmLink(Guid newOwnerId, string email)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(email + ConfirmType.PortalOwnerChange.ToString() + newOwnerId);
return(CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx") +
string.Format("?type={0}&email={1}&key={2}&uid={3}", ConfirmType.PortalOwnerChange.ToString(), email, validationKey, newOwnerId));
}
public IActionResult CaldavDeleteEvent(string eventInfo)
{
if (!GetTenant(eventInfo, out Tenant tenant, out object error))
{
return(BadRequest(error));
}
try
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, eventInfo + ConfirmType.Auth);
SendToApi(Request.Scheme, tenant, "calendar/caldav_delete_event", new Dictionary <string, string> {
{ "eventInfo", eventInfo }, { "key", validationKey }
});
}
catch (Exception ex)
{
Log.Error("Error caldav_delete_event", ex);
return(StatusCode(StatusCodes.Status500InternalServerError, new
{
error = "apiError",
message = ex.Message
}));
}
return(Ok());
}
public static string GetFileStreamUrl(File file)
{
if (file == null)
{
throw new ArgumentNullException("file", FilesCommonResource.ErrorMassage_FileNotFound);
}
const int uriLengthLimit = 1024;
using (var fileDao = Global.DaoFactory.GetFileDao())
{
if (fileDao.IsSupportedPreSignedUri(file))
{
var uri = fileDao.GetPreSignedUri(file, Global.StreamUrlExpire).ToString();
if (uri.Length < uriLengthLimit)
{
return(uri);
}
Global.Logger.Debug("Very long link: " + uri.Length);
}
}
//NOTE: Always build path to handler!
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(FilesLinkUtility.FileHandlerPath));
Global.Logger.Debug("FileStreamUrl: " + uriBuilder.Uri);
var query = uriBuilder.Query;
query += FilesLinkUtility.Action + "=stream&";
query += FilesLinkUtility.FileId + "=" + HttpUtility.UrlEncode(file.ID.ToString()) + "&";
query += FilesLinkUtility.Version + "=" + file.Version + "&";
query += FilesLinkUtility.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(file.ID + file.Version.ToString(CultureInfo.InvariantCulture));
return(uriBuilder.Uri + "?" + query);
}
private string GetConfirmLink(string email, ConfirmType confirmType)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(email.ToLower() + confirmType.ToString().ToLower());
return(CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx") +
string.Format("?type={0}&email={1}&key={2}", confirmType.ToString().ToLower(), HttpUtility.UrlEncode(email), validationKey));;
}
private void SendInvite(UserInfo user, string inviteMessage, bool join, EmployeeType emplType)
{
var email = user.Email;
var validationKey = EmailValidationKeyProvider.GetEmailKey(email + ConfirmType.EmpInvite.ToString() + (int)emplType);
var inviteUrl = String.Format("~/confirm.aspx?type={2}&email={0}&firstname={4}&lastname={5}&key={1}&emplType={3}&uid={6}",
HttpUtility.UrlEncode(email),
validationKey,
ConfirmType.EmpInvite.ToString(),
(int)emplType,
HttpUtility.UrlEncode(user.FirstName),
HttpUtility.UrlEncode(user.LastName),
SecurityContext.CurrentAccount.ID);
client.SendNoticeToAsync(
join ? Constants.ActionJoinUsers : Constants.ActionInviteUsers,
null,
RecipientFromEmail(new string[] { email }, join), /*if it's invite - don't check activation status*/
new[] { EMailSenderName },
null,
new TagValue(Constants.TagUserName, SecurityContext.IsAuthenticated ? DisplayUserSettings.GetFullUserName(SecurityContext.CurrentAccount.ID) : ((HttpContext.Current != null) ? HttpContext.Current.Request.UserHostAddress : null)),
new TagValue(Constants.TagInviteLink, CommonLinkUtility.GetFullAbsolutePath(inviteUrl)),
new TagValue(Constants.TagBody, inviteMessage ?? string.Empty),
Constants.TagTableTop(),
Constants.TagTableItem(1),
Constants.TagTableItem(2),
Constants.TagTableItem(3),
Constants.TagTableBottom(),
new TagValue("WithPhoto", "photo"),
new TagValue("UserDisplayName", (user.DisplayUserName() ?? "").Trim()),
CreateSendFromTag());
}
public Uri GetUri(IDictionary <string, string> additionalParam)
{
var builder = new UriBuilder(_notifyUri);
//Form query string
var queryBuilder = new StringBuilder();
queryBuilder.AppendFormat("{1}={0}&", Uri.EscapeDataString(_action), WebNotifyHandlerConstants.ActionKey);
queryBuilder.AppendFormat("{1}={0}&", _userId.ToString("N"), WebNotifyHandlerConstants.UserIdKey);
queryBuilder.AppendFormat("{1}={0}&", _currentTenantId.ToString(CultureInfo.InvariantCulture),
WebNotifyHandlerConstants.TenantIdKey);
if (additionalParam != null)
{
foreach (var param in additionalParam)
{
queryBuilder.AppendFormat("{1}={0}&", Uri.EscapeDataString(param.Value), param.Key);
}
}
//Form key
var key =
string.Join("|", new[] { _action, _currentTenantId.ToString(CultureInfo.InvariantCulture), _userId.ToString("N") });
queryBuilder.AppendFormat("{1}={0}", EmailValidationKeyProvider.GetEmailKey(key), WebNotifyHandlerConstants.ValidationKey);
builder.Query = queryBuilder.ToString();
return(builder.Uri);
}
public IActionResult IsCaldavAuthenticated(JObject data)
{
if (data == null)
{
Log.Error("CalDav authenticated data is null");
return(BadRequest(new
{
value = "false",
error = "portalNameEmpty",
message = "Argument is required"
}));
}
var username = data.Value <string>("User");
var password = data.Value <string>("Password");
if (!GetUserData(username, out string email, out Tenant tenant, out object error))
{
return(BadRequest(error));
}
try
{
Log.Info(string.Format("Caldav auth user: {0}, tenant: {1}", email, tenant.TenantId));
if (email == "admin@ascsystem" && Core.Configuration.Constants.CoreSystem.ID.ToString() == password)
{
return(Ok(new
{
value = "true"
}));
}
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, email + password + ConfirmType.Auth);
var authData = string.Format("userName={0}&password={1}&key={2}",
HttpUtility.UrlEncode(email),
HttpUtility.UrlEncode(password),
HttpUtility.UrlEncode(validationKey));
SendToApi(Request.Scheme, tenant, "authentication/login", null, WebRequestMethods.Http.Post, authData);
return(Ok(new
{
value = "true"
}));
}
catch (Exception ex)
{
Log.Error("Caldav authenticated", ex);
return(StatusCode(StatusCodes.Status500InternalServerError, new
{
value = "false",
message = ex.Message
}));
}
}
protected void Page_Load(object sender, EventArgs e)
{
Page.ClientScript.RegisterClientScriptBlock(this.GetType(), "invite_link_style", "<link rel=\"stylesheet\" type=\"text/css\" href=\"" + WebSkin.GetUserSkin().GetAbsoluteWebPath("usercontrols/management/InviteLink/css/InviteLink.css") + "\">", false);
var validationKey = EmailValidationKeyProvider.GetEmailKey(
ConfirmType.LinkInvite.ToString().ToLower());
_generatedLink = CommonLinkUtility.GetFullAbsolutePath(String.Format("~/confirm.aspx?type={0}&key={1}&uid={2}", ConfirmType.LinkInvite, validationKey, SecurityContext.CurrentAccount.ID));
}
public static string GenerateLink(EmployeeType employeeType)
{
var type = ConfirmType.LinkInvite.ToString();
var emplType = (int)employeeType;
var validationKey = EmailValidationKeyProvider.GetEmailKey(type + emplType);
return(CommonLinkUtility.GetFullAbsolutePath(String.Format("~/confirm.aspx?type={0}&key={1}&uid={2}&emplType={3}", type, validationKey, SecurityContext.CurrentAccount.ID, emplType)));
}
public IActionResult IsCaldavAuthenticated(UserPassword userPassword)
{
if (userPassword == null || string.IsNullOrEmpty(userPassword.User) || string.IsNullOrEmpty(userPassword.Password))
{
Log.Error("CalDav authenticated data is null");
return(BadRequest(new
{
value = "false",
error = "portalNameEmpty",
message = "Argument is required"
}));
}
if (!GetUserData(userPassword.User, out var email, out var tenant, out var error))
{
return(BadRequest(error));
}
try
{
Log.Info(string.Format("Caldav auth user: {0}, tenant: {1}", email, tenant.TenantId));
if (InstanceCrypto.Encrypt(email) == userPassword.Password)
{
return(Ok(new
{
value = "true"
}));
}
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, email + userPassword.Password + ConfirmType.Auth);
var authData = string.Format("userName={0}&password={1}&key={2}",
HttpUtility.UrlEncode(email),
HttpUtility.UrlEncode(userPassword.Password),
HttpUtility.UrlEncode(validationKey));
SendToApi(Request.Scheme, tenant, "authentication/login", null, WebRequestMethods.Http.Post, authData);
return(Ok(new
{
value = "true"
}));
}
catch (Exception ex)
{
Log.Error("Caldav authenticated", ex);
return(StatusCode(StatusCodes.Status500InternalServerError, new
{
value = "false",
message = ex.Message
}));
}
}
internal static string GenerateConfirmUrl(string email, ConfirmType confirmType)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(
email + confirmType.ToString().ToLower());
var inviteUrl = CommonLinkUtility.GetFullAbsolutePath(String.Format("~/confirm.aspx?type={2}&email={0}&key={1}",
HttpUtility.UrlEncode(email), validationKey,
confirmType.ToString().ToLower()));
return(inviteUrl);
}
private string GenerateActivationConfirmUrl(UserInfo user)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(user.Email + ConfirmType.Activation.ToString());
return(CommonLinkUtility.GetFullAbsolutePath(String.Format("~/confirm.aspx?type={2}&email={0}&firstname={4}&lastname={5}&key={1}&uid={3}",
HttpUtility.UrlEncode(user.Email),
validationKey,
ConfirmType.Activation.ToString(),
SecurityContext.CurrentAccount.ID,
HttpUtility.UrlEncode(user.FirstName),
HttpUtility.UrlEncode(user.LastName))));
}
public bool SendCongratulations(string requestUriScheme, Tenant tenant, bool skipWelcome, out string url)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, tenant.OwnerId.ToString() + ConfirmType.Auth);
url = string.Format("{0}{1}{2}{3}{4}?userid={5}&key={6}",
requestUriScheme,
Uri.SchemeDelimiter,
tenant.GetTenantDomain(CoreSettings),
CommonConstants.WebApiBaseUrl,
"portal/sendcongratulations",
tenant.OwnerId,
validationKey);
if (skipWelcome)
{
Log.DebugFormat("congratulations skiped");
return(false);
}
var webRequest = (HttpWebRequest)WebRequest.Create(url);
webRequest.Method = WebRequestMethods.Http.Post;
webRequest.Accept = "application/x-www-form-urlencoded";
webRequest.ContentLength = 0;
try
{
using var response = webRequest.GetResponse();
using var stream = response.GetResponseStream();
using var reader = new StreamReader(stream, Encoding.UTF8);
var result = reader.ReadToEnd();
Log.DebugFormat("congratulations result = {0}", result);
var resObj = JObject.Parse(result);
if (resObj["errors"] != null && resObj["errors"].HasValues)
{
throw new Exception(result);
}
}
catch (Exception ex)
{
Log.Error("SendCongratulations error", ex);
return(false);
}
url = null;
return(true);
}
public static string GetFileStreamUrl(File file)
{
const int uriLengthLimit = 1024;
string fileUri = null;
if (!DocumentServiceHelper.HaveExternalIP())
{
fileUri = DocumentServiceHelper.GetExternalUri(file);
}
if (!string.IsNullOrEmpty(fileUri))
{
return(fileUri);
}
using (var fileDao = Global.DaoFactory.GetFileDao())
{
if (fileDao.IsSupportedPreSignedUri(file))
{
int validateTimespan;
int.TryParse(WebConfigurationManager.AppSettings["files.stream-url-minute"], out validateTimespan);
if (validateTimespan <= 0)
{
validateTimespan = 10;
}
var uri = fileDao.GetPreSignedUri(file, TimeSpan.FromMinutes(validateTimespan)).ToString();
if (uri.Length < uriLengthLimit)
{
return(uri);
}
Global.Logger.Debug("Very long link: " + uri.Length);
}
}
//NOTE: Always build path to handler!
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(FilesLinkUtility.FileHandlerPath));
if (uriBuilder.Uri.IsLoopback)
{
uriBuilder.Host = Dns.GetHostName();
}
var query = uriBuilder.Query;
query += FilesLinkUtility.Action + "=stream&";
query += FilesLinkUtility.FileId + "=" + HttpUtility.UrlEncode(file.ID.ToString()) + "&";
query += FilesLinkUtility.Version + "=" + file.Version + "&";
query += FilesLinkUtility.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(file.ID + file.Version.ToString(CultureInfo.InvariantCulture));
return(uriBuilder.Uri + "?" + query);
}
protected string GoPremiumUrl()
{
var lang = CoreContext.TenantManager.GetCurrentTenant().Language;
if (lang.Contains("-"))
{
lang = lang.Split('-')[0];
}
var baseUrl = WebConfigurationManager.AppSettings["web.premium-url"].Replace("{lng}", lang);
return(baseUrl + (baseUrl.IndexOf("?") >= 0 ? "&" : "?")
+ "tenant=" + TenantProvider.CurrentTenantID.ToString()
+ "&key=" + EmailValidationKeyProvider.GetEmailKey("tenant" + TenantProvider.CurrentTenantID.ToString()));
}
private static string GetFileUri(File file)
{
//NOTE: Always build path to handler!
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(FileHandler.FileHandlerPath));
if (uriBuilder.Uri.IsLoopback)
{
uriBuilder.Host = Dns.GetHostName();
}
uriBuilder.Query += UrlConstant.Action + "=stream&";
uriBuilder.Query += UrlConstant.FileId + "=" + file.ID + "&";
uriBuilder.Query += UrlConstant.Version + "=" + file.Version + "&";
uriBuilder.Query += UrlConstant.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(file.ID.ToString() + file.Version.ToString()) + "&";
uriBuilder.Query = uriBuilder.Query.Trim('?', '&');
var uri = uriBuilder.Uri;
return(uri.ToString());
}
private static string GenerateDnsChangeConfirmUrl(string email, string dnsName, string tenantAlias, ConfirmType confirmType)
{
var key = string.Join(string.Empty, new[] { email, confirmType.ToString(), dnsName, tenantAlias });
var validationKey = EmailValidationKeyProvider.GetEmailKey(key);
var sb = new StringBuilder();
sb.Append(CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx"));
sb.AppendFormat("?email={0}&key={1}&type={2}", HttpUtility.UrlEncode(email), validationKey, confirmType.ToString());
if (!string.IsNullOrEmpty(dnsName))
{
sb.AppendFormat("&dns={0}", dnsName);
}
if (!string.IsNullOrEmpty(tenantAlias))
{
sb.AppendFormat("&alias={0}", tenantAlias);
}
return(sb.ToString());
}
public void UserPasswordChange(UserInfo userInfo)
{
var email = userInfo.Email;
var validationKey = EmailValidationKeyProvider.GetEmailKey(email + ConfirmType.PasswordChange.ToString());
var inviteUrl = CommonLinkUtility.GetFullAbsolutePath(string.Format("~/confirm.aspx?type={2}&email={0}&key={1}",
HttpUtility.UrlEncode(email),
validationKey,
ConfirmType.PasswordChange.ToString()));
client.SendNoticeToAsync(
Constants.ActionPasswordChange,
null,
RecipientFromEmail(new[] { email }, false),
new[] { EMailSenderName },
null,
new TagValue(Constants.TagUserName, SecurityContext.IsAuthenticated ? DisplayUserSettings.GetFullUserName(SecurityContext.CurrentAccount.ID) : ((HttpContext.Current != null) ? HttpContext.Current.Request.UserHostAddress : null)),
new TagValue(Constants.TagInviteLink, inviteUrl),
new TagValue(Constants.TagBody, string.Empty),
new TagValue("UserDisplayName", userInfo.DisplayUserName()));
}
public string GetFileChangesUrl <T>(File <T> file, string doc = null)
{
if (file == null)
{
throw new ArgumentNullException("file", FilesCommonResource.ErrorMassage_FileNotFound);
}
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(FilesLinkUtility.FileHandlerPath));
var query = uriBuilder.Query;
query += $"{FilesLinkUtility.Action}=diff&";
query += $"{FilesLinkUtility.FileId}={HttpUtility.UrlEncode(file.ID.ToString())}&";
query += $"{FilesLinkUtility.Version}={file.Version}&";
query += $"{FilesLinkUtility.AuthKey}={EmailValidationKeyProvider.GetEmailKey(file.ID + file.Version.ToString(CultureInfo.InvariantCulture))}";
if (!string.IsNullOrEmpty(doc))
{
query += $"&{FilesLinkUtility.DocShareKey}={HttpUtility.UrlEncode(doc)}";
}
return($"{uriBuilder.Uri}?{query}");
}
