public virtual IActionResult UserDistrictsIdDeletePost([FromRoute] int id) { bool exists = _context.HetUserDistrict.Any(a => a.UserDistrictId == id); // not found if (!exists) { return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } // get record HetUserDistrict item = _context.HetUserDistrict .Include(x => x.User) .First(a => a.UserDistrictId == id); int userId = item.User.UserId; // remove record _context.HetUserDistrict.Remove(item); _context.SaveChanges(); // return the updated user district records List <HetUserDistrict> result = _context.HetUserDistrict.AsNoTracking() .Include(x => x.User) .Include(x => x.District) .Where(x => x.User.UserId == userId) .ToList(); return(new ObjectResult(new HetsResponse(result))); }
public virtual IActionResult UsersPost([FromBody] HetUser item) { // not found if (item == null) { return(new ObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } HetUser user = new HetUser { Active = item.Active, Email = item.Email, GivenName = item.GivenName, Surname = item.Surname, SmUserId = item.SmUserId, DistrictId = item.District.DistrictId, AgreementCity = item.AgreementCity }; HetUserDistrict newUserDistrict = new HetUserDistrict { DistrictId = item.District.DistrictId, IsPrimary = true }; user.HetUserDistrict.Add(newUserDistrict); _context.HetUser.Add(user); _context.SaveChanges(); int id = user.UserId; // get updated user record and return to UI return(new ObjectResult(new HetsResponse(UserHelper.GetRecord(id, _context)))); }
public virtual IActionResult UserDistrictsIdSwitchPost([FromRoute] int id) { bool exists = _context.HetUserDistrict.Any(a => a.UserDistrictId == id); // not found if (!exists) { return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } // get record HetUserDistrict userDistrict = _context.HetUserDistrict.First(a => a.UserDistrictId == id); string userId = UserAccountHelper.GetUserId(_httpContext); HetUser user = _context.HetUser.First(a => a.SmUserId == userId); user.DistrictId = userDistrict.DistrictId; _context.SaveChanges(); // create new district switch cookie _httpContext.Response.Cookies.Append( "HETSDistrict", userDistrict.DistrictId.ToString(), new CookieOptions { Path = "/", SameSite = SameSiteMode.None } ); return(new ObjectResult(new HetsResponse(user))); }
public virtual IActionResult UsersCurrentLogoffPost() { // get the current user id string userId = _context.SmUserId; // not found if (userId == null) { return(new ObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } // get user district HetUserDistrict userDistrict = _context.HetUserDistrict.AsNoTracking() .Include(x => x.User) .Include(x => x.District) .FirstOrDefault(x => x.User.SmUserId == userId && x.IsPrimary); // if we don't find a primary - look for the first one in the list if (userDistrict == null) { userDistrict = _context.HetUserDistrict.AsNoTracking() .Include(x => x.User) .Include(x => x.District) .FirstOrDefault(x => x.User.SmUserId == userId); } // update the current district for the user if (userDistrict != null) { HetUser user = _context.HetUser.First(a => a.SmUserId == userId); user.DistrictId = userDistrict.District.DistrictId; _context.SaveChanges(); } // get the correct logoff url and return string logoffUrl = _configuration.GetSection("Constants:LogoffUrl-Development").Value; if (_env.IsProduction()) { logoffUrl = _configuration.GetSection("Constants:LogoffUrl-Production").Value; } else if (_env.IsStaging()) { logoffUrl = _configuration.GetSection("Constants:LogoffUrl-Test").Value; } LogoffModel response = new LogoffModel { LogoffUrl = logoffUrl }; return(new ObjectResult(new HetsResponse(response))); }
public virtual IActionResult UsersPost([FromBody] HetUser item) { // not found if (item == null) { return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } // validate that user id is unique // HETS-1033 - Post Live: Add validation on User ID while adding a new user item.SmUserId = item.SmUserId?.Trim().ToLower(); HetUser existingUser = _context.HetUser.AsNoTracking() .FirstOrDefault(x => x.SmUserId.ToLower() == item.SmUserId); if (existingUser != null) { return(new BadRequestObjectResult(new HetsResponse("HETS-38", ErrorViewModel.GetDescription("HETS-38", _configuration)))); } // add new user HetUser user = new HetUser { Active = item.Active, Email = item.Email?.Trim(), GivenName = item.GivenName?.Trim(), Surname = item.Surname?.Trim(), SmUserId = item.SmUserId, DistrictId = item.District.DistrictId, AgreementCity = item.AgreementCity }; HetUserDistrict newUserDistrict = new HetUserDistrict { DistrictId = item.District.DistrictId, IsPrimary = true }; user.HetUserDistrict.Add(newUserDistrict); _context.HetUser.Add(user); _context.SaveChanges(); int id = user.UserId; // get updated user record and return to UI return(new ObjectResult(new HetsResponse(UserHelper.GetRecord(id, _context)))); }
/// <summary> /// Process Authentication Request /// </summary> /// <returns></returns> protected override Task <AuthenticateResult> HandleAuthenticateAsync() { // get SiteMinder headers _logger.LogDebug("Parsing the HTTP headers for SiteMinder authentication credential"); SiteMinderAuthOptions options = new SiteMinderAuthOptions(); try { HttpContext context = Request.HttpContext; DbAppContext dbAppContext = (DbAppContext)context.RequestServices.GetService(typeof(DbAppContext)); IHostingEnvironment hostingEnv = (IHostingEnvironment)context.RequestServices.GetService(typeof(IHostingEnvironment)); UserSettings userSettings = new UserSettings(); string userId = ""; string siteMinderGuid = ""; string businessGuid = ""; string url = context.Request.GetDisplayUrl().ToLower(); _logger.LogWarning("Timestamp: {0:dd-MM-yyyy HH:mm:ss.FFFF} | Url: {1} | Remote Ip: {0}", DateTime.Now, url, context.Connection.RemoteIpAddress.ToString()); // ******************************************************** // if this is an Error or Authentication API - Ignore // ******************************************************** if (url.Contains("/authentication/dev") || url.Contains("/error") || url.Contains("/hangfire") || url.Contains("/swagger")) { _logger.LogInformation("Bypassing authentication process ({0})", url); return(Task.FromResult(AuthenticateResult.NoResult())); } // ************************************************** // check if we have a Dev Environment Cookie // ************************************************** string tempToken = context.Request.Cookies[options.DevAuthenticationTokenKey]; if (hostingEnv.IsDevelopment() && !string.IsNullOrEmpty(tempToken)) { _logger.LogInformation("Dev Authentication token found ({0})", tempToken); userId = tempToken; } else if ((context.Connection.RemoteIpAddress.ToString().StartsWith("::1") || context.Connection.RemoteIpAddress.ToString().StartsWith("::ffff:127.0.0.1")) && url.StartsWith("http://*****:*****@"LOCK TABLE ""HET_USER"" IN EXCLUSIVE MODE;"); HetUser user = dbAppContext.HetUser.First(x => x.UserId == updUserId); user.DistrictId = districtId; dbAppContext.HetUser.Update(user); // update user record dbAppContext.SaveChanges(); // commit transaction.Commit(); } } } userSettings.SiteMinderGuid = siteMinderGuid; userSettings.UserAuthenticated = true; userSettings.BusinessUser = false; } // ************************************************** // validate / check user permissions // ************************************************** _logger.LogInformation("Validating user permissions"); ClaimsPrincipal userPrincipal; if (userSettings.BusinessUser && userSettings.UserAuthenticated && userSettings.HetsBusinessUser != null) { userPrincipal = userSettings.HetsBusinessUser.ToClaimsPrincipal(options.Scheme); if (!userPrincipal.HasClaim(HetUser.PermissionClaim, HetPermission.BusinessLogin)) { _logger.LogWarning(options.MissingDbUserIdError + " (" + userId + ")"); return(Task.FromResult(AuthenticateResult.Fail(options.InvalidPermissions))); } } else { userPrincipal = userSettings.HetsUser.ToClaimsPrincipal(options.Scheme); if (!userPrincipal.HasClaim(HetUser.PermissionClaim, HetPermission.Login) && !userPrincipal.HasClaim(HetUser.PermissionClaim, HetPermission.BusinessLogin)) { _logger.LogWarning(options.MissingDbUserIdError + " (" + userId + ")"); return(Task.FromResult(AuthenticateResult.Fail(options.InvalidPermissions))); } } // ************************************************** // create authenticated user // ************************************************** _logger.LogInformation("Authentication successful: " + userId); _logger.LogInformation("Setting identity and creating session for: " + userId); // ************************************************** // done! // ************************************************** ClaimsPrincipal principal = userPrincipal; return(Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(principal, null, Options.Scheme)))); } catch (Exception exception) { _logger.LogError(exception.Message); Console.WriteLine(exception); throw; } }
public virtual IActionResult UserDistrictsIdPost([FromRoute] int id, [FromBody] HetUserDistrict item) { // not found if (id != item.UserDistrictId) { return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } // not found if (item.User == null) { return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } int userId = item.User.UserId; // get record List <HetUserDistrict> userDistricts = _context.HetUserDistrict .Include(x => x.User) .Include(x => x.District) .Where(x => x.User.UserId == userId) .ToList(); bool districtExists; bool hasPrimary = false; // add or update user district if (item.UserDistrictId > 0) { int index = userDistricts.FindIndex(a => a.UserDistrictId == item.UserDistrictId); // not found if (index < 0) { return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } // check if this district already exists districtExists = userDistricts.Exists(a => a.District.DistrictId == item.District.DistrictId); // update the record if (!districtExists) { if (item.User != null) { userDistricts.ElementAt(index).UserId = item.User.UserId; } else { // user required return(new BadRequestObjectResult(new HetsResponse("HETS-17", ErrorViewModel.GetDescription("HETS-17", _configuration)))); } if (item.District != null) { userDistricts.ElementAt(index).DistrictId = item.District.DistrictId; } else { // district required return(new BadRequestObjectResult(new HetsResponse("HETS-18", ErrorViewModel.GetDescription("HETS-18", _configuration)))); } } // manage the primary attribute if (item.IsPrimary) { userDistricts.ElementAt(index).IsPrimary = true; foreach (HetUserDistrict existingUserDistrict in userDistricts) { if (existingUserDistrict.IsPrimary && existingUserDistrict.UserDistrictId != item.UserDistrictId) { existingUserDistrict.IsPrimary = false; break; } } } else { userDistricts[index].IsPrimary = false; foreach (HetUserDistrict existingUserDistrict in userDistricts) { if (existingUserDistrict.IsPrimary && existingUserDistrict.UserDistrictId != item.UserDistrictId) { hasPrimary = true; break; } } if (!hasPrimary) { userDistricts[index].IsPrimary = true; } } } else // add user district { // check if this district already exists districtExists = userDistricts.Exists(a => a.District.DistrictId == item.District.DistrictId); // add the record if (!districtExists) { if (item.User != null) { item.User = _context.HetUser.FirstOrDefault(a => a.UserId == item.User.UserId); } else { // user required return(new BadRequestObjectResult(new HetsResponse("HETS-17", ErrorViewModel.GetDescription("HETS-17", _configuration)))); } if (item.District != null) { item.District = _context.HetDistrict.FirstOrDefault(a => a.DistrictId == item.District.DistrictId); } else { // district required return(new BadRequestObjectResult(new HetsResponse("HETS-18", ErrorViewModel.GetDescription("HETS-18", _configuration)))); } if (item.IsPrimary) { item.IsPrimary = true; foreach (HetUserDistrict existingUserDistrict in userDistricts) { if (existingUserDistrict.IsPrimary) { existingUserDistrict.IsPrimary = false; break; } } } else { item.IsPrimary = false; foreach (HetUserDistrict existingUserDistrict in userDistricts) { if (existingUserDistrict.IsPrimary) { hasPrimary = true; break; } } if (!hasPrimary) { item.IsPrimary = true; } } _context.HetUserDistrict.Add(item); } } _context.SaveChanges(); // return the updated user district records List <HetUserDistrict> result = _context.HetUserDistrict.AsNoTracking() .Include(x => x.User) .Include(x => x.District) .Where(x => x.User.UserId == userId) .ToList(); return(new ObjectResult(new HetsResponse(result))); }
public virtual IActionResult UsersIdPut([FromRoute] int id, [FromBody] HetUser item) { if (item == null || id != item.UserId) { // not found return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } bool exists = _context.HetUser.Any(x => x.UserId == id); // not found if (!exists) { return(new NotFoundObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration)))); } // get record HetUser user = _context.HetUser .Include(x => x.District) .Include(x => x.HetUserDistrict) .First(x => x.UserId == id); // validate that user id is unique // HETS-1033 - Post Live: Add validation on User ID while editing a user string smUserId = item.SmUserId?.Trim().ToLower(); HetUser existingUser = _context.HetUser.AsNoTracking() .FirstOrDefault(x => x.SmUserId.ToLower() == smUserId && x.UserId != user.UserId); if (existingUser != null) { return(new BadRequestObjectResult(new HetsResponse("HETS-38", ErrorViewModel.GetDescription("HETS-38", _configuration)))); } user.ConcurrencyControlNumber = item.ConcurrencyControlNumber; user.Active = item.Active; user.Email = item.Email; user.GivenName = item.GivenName; user.Surname = item.Surname; user.SmUserId = item.SmUserId; user.AgreementCity = item.AgreementCity; if (item.District != null) { bool districtExists = _context.HetDistrict.Any(x => x.DistrictId == item.District.DistrictId); if (districtExists) { HetDistrict district = _context.HetDistrict .Include(x => x.Region) .First(x => x.DistrictId == item.District.DistrictId); user.DistrictId = district.DistrictId; // check if we need to add this to the User District List too bool userDistrictExists = false; foreach (HetUserDistrict userDistrict in user.HetUserDistrict) { if (userDistrict.DistrictId == item.District.DistrictId) { userDistrictExists = true; break; } } // if not found - then add it! if (!userDistrictExists) { HetUserDistrict newUserDistrict = new HetUserDistrict { UserId = item.UserId, DistrictId = district.DistrictId }; if (user.HetUserDistrict == null) { user.HetUserDistrict = new List <HetUserDistrict>(); newUserDistrict.IsPrimary = true; } user.HetUserDistrict.Add(newUserDistrict); } } } // save changes _context.SaveChanges(); // get updated user record and return to UI return(new ObjectResult(new HetsResponse(UserHelper.GetRecord(id, _context)))); }
/// <summary> /// Map data /// </summary> /// <param name="dbContext"></param> /// <param name="oldObject"></param> /// <param name="user"></param> /// <param name="systemId"></param> /// <param name="smUserId"></param> /// <param name="firstName"></param> /// <param name="lastName"></param> /// <param name="maxUserIndex"></param> private static void CopyToInstance(DbAppContext dbContext, ImportModels.UserHets oldObject, ref HetUser user, string systemId, string smUserId, string firstName, string lastName, ref int maxUserIndex) { try { // file contains multiple records per user (1 for each district they can access) // we are currently importing 1 only -> where Default_Service_Area = Y if (oldObject.Default_Service_Area != "Y") { return; } // check if this user already exists in the db bool userExists = dbContext.HetUser.Any(x => x.SmUserId == smUserId); if (userExists) { user = dbContext.HetUser.First(x => x.SmUserId == smUserId); // ******************************************************************* // check if this is a different district // ******************************************************************* int serviceAreaId; try { serviceAreaId = int.Parse(oldObject.Service_Area_Id); } catch { // not mapped correctly throw new ArgumentException(string.Format("User Error - Invalid Service Area (userId: {0}", user.SmUserId)); } HetServiceArea serviceArea = dbContext.HetServiceArea.AsNoTracking() .FirstOrDefault(x => x.MinistryServiceAreaId == serviceAreaId); if (serviceArea == null) { // not mapped correctly throw new ArgumentException(string.Format("User Error - Invalid Service Area (userId: {0}", user.SmUserId)); } int tempUserId = user.UserId; int?tempDistrictId = serviceArea.DistrictId; if (tempDistrictId != null) { HetUserDistrict userDistrict = dbContext.HetUserDistrict.AsNoTracking() .FirstOrDefault(x => x.User.UserId == tempUserId && x.District.DistrictId == tempDistrictId); // *********************************************** // create user district record // *********************************************** if (userDistrict == null) { userDistrict = new HetUserDistrict { UserId = tempUserId, DistrictId = tempDistrictId, AppCreateTimestamp = DateTime.UtcNow, AppCreateUserid = systemId, AppLastUpdateUserid = systemId, AppLastUpdateTimestamp = DateTime.UtcNow }; dbContext.HetUserDistrict.Add(userDistrict); dbContext.SaveChangesForImport(); } } } else { user = new HetUser { UserId = ++maxUserIndex, Active = true, SmUserId = smUserId, SmAuthorizationDirectory = "IDIR" }; if (!string.IsNullOrEmpty(firstName)) { user.GivenName = firstName; } if (!string.IsNullOrEmpty(lastName)) { user.Surname = lastName; } // ******************************************************************* // create initials // ******************************************************************* string temp = ""; if (!string.IsNullOrEmpty(lastName) && lastName.Length > 0) { temp = lastName.Substring(0, 1).ToUpper(); } if (!string.IsNullOrEmpty(firstName) && firstName.Length > 0) { temp = temp + firstName.Substring(0, 1).ToUpper(); } if (!string.IsNullOrEmpty(temp)) { user.Initials = temp; } // ******************************************************************* // map user to the correct service area // ******************************************************************* int serviceAreaId; try { serviceAreaId = int.Parse(oldObject.Service_Area_Id); } catch { // not mapped correctly throw new ArgumentException(string.Format("User Error - Invalid Service Area (userId: {0}", user.SmUserId)); } HetServiceArea serviceArea = dbContext.HetServiceArea.AsNoTracking() .FirstOrDefault(x => x.MinistryServiceAreaId == serviceAreaId); if (serviceArea == null) { // not mapped correctly throw new ArgumentException(string.Format("User Error - Invalid Service Area (userId: {0}", user.SmUserId)); } user.DistrictId = serviceArea.DistrictId; // ******************************************************************* // set the user's role // ** all new users will be added with basic access only // ******************************************************************* HetUserRole userRole = new HetUserRole(); HetRole role = dbContext.HetRole.FirstOrDefault(x => x.Name == "HETS District User"); int roleId = -1; if (role != null) { roleId = role.RoleId; } // *********************************************** // create user // *********************************************** user.AppCreateTimestamp = DateTime.UtcNow; user.AppCreateUserid = systemId; user.AppLastUpdateUserid = systemId; user.AppLastUpdateTimestamp = DateTime.UtcNow; userRole.Role = dbContext.HetRole.First(x => x.RoleId == roleId); userRole.EffectiveDate = DateTime.UtcNow.AddDays(-1); userRole.AppCreateTimestamp = DateTime.UtcNow; userRole.AppCreateUserid = systemId; userRole.AppLastUpdateUserid = systemId; userRole.AppLastUpdateTimestamp = DateTime.UtcNow; user.HetUserRole = new List <HetUserRole> { userRole }; dbContext.HetUser.Add(user); dbContext.SaveChangesForImport(); // *********************************************** // create user district record // *********************************************** HetUserDistrict userDistrict = new HetUserDistrict { UserId = user.UserId, DistrictId = user.DistrictId, IsPrimary = true, AppCreateTimestamp = DateTime.UtcNow, AppCreateUserid = systemId, AppLastUpdateUserid = systemId, AppLastUpdateTimestamp = DateTime.UtcNow }; dbContext.HetUserDistrict.Add(userDistrict); dbContext.SaveChangesForImport(); } } catch (Exception ex) { Debug.WriteLine("***Error*** - Employee Id: " + oldObject.Popt_Id); Debug.WriteLine("***Error*** - Master User Index: " + maxUserIndex); Debug.WriteLine(ex.Message); throw; } }