private async Task <Collection> GetCollectionAsync(Guid id, Guid orgId) { if (!ManageAnyCollections(orgId)) { throw new NotFoundException(); } var collection = _currentContext.OrganizationAdmin(orgId) ? await _collectionRepository.GetByIdAsync(id) : await _collectionRepository.GetByIdAsync(id, _currentContext.UserId.Value); if (collection == null || collection.OrganizationId != orgId) { throw new NotFoundException(); } return(collection); }
public async Task <ListResponseModel <TwoFactorProviderResponseModel> > GetOrganization(string id) { var orgIdGuid = new Guid(id); if (!await _currentContext.OrganizationAdmin(orgIdGuid)) { throw new NotFoundException(); } var organization = await _organizationRepository.GetByIdAsync(orgIdGuid); if (organization == null) { throw new NotFoundException(); } var providers = organization.GetTwoFactorProviders()?.Select( p => new TwoFactorProviderResponseModel(p.Key, p.Value)); return(new ListResponseModel <TwoFactorProviderResponseModel>(providers)); }
public async Task <IEnumerable <Collection> > GetOrganizationCollections(Guid organizationId) { if (!await _currentContext.ViewAllCollections(organizationId) && !await _currentContext.ManageUsers(organizationId)) { throw new NotFoundException(); } IEnumerable <Collection> orgCollections; if (await _currentContext.OrganizationAdmin(organizationId) || await _currentContext.ViewAllCollections(organizationId)) { // Admins, Owners, Providers and Custom (with collection management permissions) can access all items even if not assigned to them orgCollections = await _collectionRepository.GetManyByOrganizationIdAsync(organizationId); } else { var collections = await _collectionRepository.GetManyByUserIdAsync(_currentContext.UserId.Value); orgCollections = collections.Where(c => c.OrganizationId == organizationId); } return(orgCollections); }
public async Task Import(string id, [FromBody] ImportOrganizationUsersRequestModel model) { if (!_globalSettings.SelfHosted && !model.LargeImport && (model.Groups.Count() > 2000 || model.Users.Count(u => !u.Deleted) > 2000)) { throw new BadRequestException("You cannot import this much data at once."); } var orgIdGuid = new Guid(id); if (!await _currentContext.OrganizationAdmin(orgIdGuid)) { throw new NotFoundException(); } var userId = _userService.GetProperUserId(User); await _organizationService.ImportAsync( orgIdGuid, userId.Value, model.Groups.Select(g => g.ToImportedGroup(orgIdGuid)), model.Users.Where(u => !u.Deleted).Select(u => u.ToImportedOrganizationUser()), model.Users.Where(u => u.Deleted).Select(u => u.ExternalId), model.OverwriteExisting); }