public async Task <ActionResult <IEnumerable <UserDto> > > AddSmartLockUser(Guid smartLockId,
SmartLockUserCreationDto smartLockUser)
{
var client = await MicrosoftGraphClient.GetGraphServiceClient();
try
{
await _azureAdRepository.GetUser(client, smartLockUser.UserId.ToString());
}
catch (ServiceException e)
{
if (e.StatusCode == HttpStatusCode.NotFound)
{
_logger.LogWarning("User was not found on Azure AD");
ModelState.AddModelError("azureAdUserNotFound",
$"User with id: {smartLockUser.UserId} was not found on Azure AD");
}
}
if (!ModelState.IsValid)
{
return(ValidationProblem(ModelState));
}
var userExists = await _smartLockRepository.SmartLockUserExists(smartLockId, smartLockUser.UserId);
if (userExists)
{
_logger.LogWarning("User already exists for this smart lock");
return(Conflict("User already exists for this smart lock"));
}
_smartLockRepository.AddSmartLockUser(smartLockId, smartLockUser.UserId);
await _smartLockRepository.Save();
return(CreatedAtAction("GetSmartLockUser", new { smartLockId = smartLockId, userId = smartLockUser.UserId },
smartLockUser));
}
public async Task <UserAccessDto> GetUserAccessStatus(SmartLockUserAccessDto smartLockUser)
{
var client = await MicrosoftGraphClient.GetGraphServiceClient();
var smartLockUserExists =
await _smartLockRepository.SmartLockUserExists(smartLockUser.SmartLockId, smartLockUser.UserId);
if (smartLockUserExists)
{
var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId);
if (smartLock.Status != Types.Status.Active)
{
var inactiveLockAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "Lock was in inactive state"
};
_accessRepository.AddAccess(inactiveLockAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}
var user = await _userRepository.GetUser(smartLockUser.UserId);
if (user.Status != Types.Status.Active)
{
var inactiveUserAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "User was in inactive state"
};
_accessRepository.AddAccess(inactiveUserAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}
var validAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = true,
Info = "Access was permitted for user"
};
_accessRepository.AddAccess(validAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = true
});
}
var userGroupsIdsFromAzureAd = await _azureAdRepository
.GetUserGroupsIds(client, smartLockUser.UserId.ToString());
foreach (var groupId in userGroupsIdsFromAzureAd)
{
var smartLockGroupExists =
await _smartLockRepository.SmartLockGroupExists(smartLockUser.SmartLockId, Guid.Parse(groupId));
if (smartLockGroupExists)
{
var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId);
if (smartLock.Status != Types.Status.Active)
{
var inactiveLockAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "Lock was in inactive state"
};
_accessRepository.AddAccess(inactiveLockAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}
var group = await _groupRepository.GetGroup(Guid.Parse(groupId));
if (group.Status != Status.Active)
{
var inactiveGroupAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "User group was in inactive state"
};
_accessRepository.AddAccess(inactiveGroupAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}
var validGroupAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = true,
Info = "Access is permitted for group user"
};
_accessRepository.AddAccess(validGroupAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = true
});
}
}
var notValidAccess = new Access
{
UserId = smartLockUser.UserId,
SmartLockId = smartLockUser.SmartLockId,
IsValid = false,
Info = "Access was denied"
};
_accessRepository.AddAccess(notValidAccess);
await _accessRepository.Save();
return(new UserAccessDto
{
AccessAuthorized = false
});
}