public Account()
{
_db = new SSOContext();
_ctx = WebOperationContext.Current;
_mngr = new AccountServiceImplementation(_db);
_identityMngr = new IdentityServiceImplementation(_db);
}
/// <summary>
/// Method to set Seeds into RolePermissions-Table.
/// </summary>
/// <param name="db"><see cref="DBConfig"/> object.</param>
public static void SetSeeds(SSOContext db)
{
List <RolePermission> seedList = new List <RolePermission>
{
new RolePermission {
RoleId = GetId.RoleID("admin", db), PermissionId = GetId.PermissionID("Root", db)
},
new RolePermission {
RoleId = GetId.RoleID("admin", db), PermissionId = GetId.PermissionID("Edit plan", db)
},
new RolePermission {
RoleId = GetId.RoleID("dispatcher", db), PermissionId = GetId.PermissionID("Edit plan", db)
},
new RolePermission {
RoleId = GetId.RoleID("dispatcher", db), PermissionId = GetId.PermissionID("Edit arrival", db)
},
new RolePermission {
RoleId = GetId.RoleID("dispatcher", db), PermissionId = GetId.PermissionID("Edit departure", db)
}
};
foreach (var item in seedList)
{
db.RolePermissions.Add(item);
}
db.SaveChanges();
}
public async Task <ActionResult <Permission> > UpdatePermission([FromBody] Permission permission,
[FromHeader(Name = "Authorization")] string inputToken,
[FromRoute] int id)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (id == permission.Id)
{
if (permissionCheck.IsAllowed(inputToken, "edit_permissions"))
{
using var db = new SSOContext();
var oldPermission = await db.Permissions.FindAsync(id);
if (oldPermission == null)
{
throw new ArgumentNullException();
}
permission.CreatedAt = oldPermission.CreatedAt;
db.Entry(oldPermission).State = EntityState.Detached;
db.Permissions.Update(permission);
await db.SaveChangesAsync();
db.Entry(permission).State = EntityState.Detached;
return(await db.Permissions.FindAsync(permission.Id));
}
}
}
throw new ArgumentNullException();
}
public async Task <ActionResult <Permission> > DeletePermission(int id, [FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (id != 0)
{
if (permissionCheck.IsAllowed(inputToken, "edit_permissions"))
{
using var db = new SSOContext();
var getPermission = await(from permissions in db.Permissions
where permissions.Id == id
select permissions).FirstAsync();
if (getPermission == null)
{
throw new ArgumentNullException();
}
getPermission.DeletedAt = DateTimeOffset.UtcNow;
db.Permissions.Update(getPermission);
await db.SaveChangesAsync();
db.Entry(getPermission).State = EntityState.Detached;
return(await db.Permissions
.IgnoreQueryFilters()
.Where(x => x.Id == id).FirstAsync());
}
}
}
throw new ArgumentNullException();
}
public async Task <ActionResult <Role> > UpdateRole([FromBody] Role role,
[FromHeader(Name = "Authorization")] string inputToken,
[FromRoute] int id)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (id == role.Id)
{
if (permissionCheck.IsAllowed(inputToken, "edit_roles"))
{
using var db = new SSOContext();
var oldRole = await db.Roles.FindAsync(id);
if (oldRole == null)
{
throw new ArgumentNullException();
}
role.CreatedAt = oldRole.CreatedAt;
db.Entry(oldRole).State = EntityState.Detached;
db.Roles.Update(role);
await db.SaveChangesAsync();
db.Entry(role).State = EntityState.Detached;
return(await(from roles in db.Roles
.Include(z => z.Company)
where roles.Id == id
select roles).FirstAsync());
}
}
}
throw new ArgumentNullException();
}
public async Task <ActionResult <IEnumerable <Permission> > > GetAllPermissions([FromHeader(Name = "Authorization")] string inputToken, string searchValue = "")
{
if (tokenCheck.TokenChecking(inputToken))
{
using var db = new SSOContext();
List <Permission> permissionList;
if (string.IsNullOrWhiteSpace(searchValue))
{
permissionList = await(from permissions in db.Permissions
select permissions).ToListAsync();
}
else
{
permissionList = await db.Permissions
.Where(x => x.Slug.Contains(searchValue) || x.Table.Contains(searchValue))
.ToListAsync();
}
if (permissionList.Any())
{
return(permissionList);
}
}
throw new ArgumentNullException();
}
public AccountManagement()
{
_db = new SSOContext();
_ctx = WebOperationContext.Current;
_mngr = new AccountManagementImpl(_db);
_authProvider = new AuthProvider(_db);
}
public async Task <ActionResult <User> > InsertUser([FromBody] User user, [FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (user != null)
{
if (permissionCheck.IsAllowed(inputToken, "edit_user"))
{
using var db = new SSOContext();
var getUsers = await(from users in db.Users
where users.Email == user.Email
select users).IgnoreQueryFilters().ToListAsync();
if (getUsers.Any())
{
foreach (var item in getUsers)
{
if (item.DeletedAt == null)
{
throw new ArgumentNullException("Existing User.");
}
}
}
user.Password = BCrypt.Net.BCrypt.HashPassword(user.Password, ConfigurationExtensions.GetConfig().Salt.Value);
db.Users.Add(user);
await db.SaveChangesAsync();
db.Entry(user).State = EntityState.Detached;
return(await db.Users.Include(z => z.Company)
.Where(x => x.Id == user.Id).FirstAsync());
}
}
}
throw new ArgumentNullException();
}
public async Task <ActionResult <UserParams> > UpdateUserParams([FromBody] UserParams userParams,
[FromHeader(Name = "Authorization")] string inputToken,
[FromRoute] int id)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (id == userParams.Id)
{
if (permissionCheck.IsAllowed(inputToken, "edit_user_params"))
{
using var db = new SSOContext();
var oldParams = await db.UserParameters.FindAsync(id);
if (oldParams == null)
{
throw new ArgumentNullException();
}
userParams.CreatedAt = oldParams.CreatedAt;
db.Entry(oldParams).State = EntityState.Detached;
db.UserParameters.Update(userParams);
await db.SaveChangesAsync();
db.Entry(userParams).State = EntityState.Detached;
return(await db.UserParameters
.Include(z => z.User)
.ThenInclude(x => x.Company)
.Where(x => x.Id == id)
.FirstAsync());
}
}
}
throw new ArgumentNullException();
}
public InvitesController(SSOContext context, ITokenCheck tokenCheck, IPermissionCheck permissionCheck, IHttpClientFactory httpClientFactory)
{
_context = context;
this.tokenCheck = tokenCheck;
this.permissionCheck = permissionCheck;
this.httpClientFactory = httpClientFactory;
}
public async Task <ActionResult <UserParams> > DeleteUserParams(int id, [FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (id != 0)
{
if (permissionCheck.IsAllowed(inputToken, "edit_user_params"))
{
using var db = new SSOContext();
var getUserParams = await db.UserParameters.FindAsync(id);
if (getUserParams == null)
{
throw new ArgumentNullException();
}
getUserParams.DeletedAt = DateTimeOffset.UtcNow;
db.UserParameters.Update(getUserParams);
await db.SaveChangesAsync();
db.Entry(getUserParams).State = EntityState.Detached;
return(await(from u_params in db.UserParameters
.IgnoreQueryFilters()
.Include(z => z.User)
.ThenInclude(x => x.Company)
where u_params.Id == id
select u_params).FirstAsync());
}
}
}
throw new ArgumentNullException();
}
public async Task <ActionResult <Company> > UpdateCompany([FromBody] Company company,
[FromHeader(Name = "Authorization")] string inputToken,
[FromRoute] int id)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (id == company.Id)
{
if (permissionCheck.IsAllowed(inputToken, "edit_companies"))
{
using var db = new SSOContext();
var oldCompany = await db.Companies.FindAsync(id);
if (oldCompany == null)
{
throw new ArgumentNullException();
}
company.CreatedAt = oldCompany.CreatedAt;
db.Entry(oldCompany).State = EntityState.Detached;
db.Companies.Update(company);
await db.SaveChangesAsync();
db.Entry(company).State = EntityState.Detached;
return(await db.Companies.FindAsync(id));
}
}
}
throw new ArgumentNullException();
}
/// <summary>
/// Method to get user object.
/// </summary>
/// <returns>
/// <see cref="ClaimsIdentity"/>.
/// </returns>
/// <exception cref="ArgumentNullException">Thrown when one parameter is null.</exception>
/// <param name="email">A string.</param>
/// <param name="password">A string.</param>
public static ClaimsIdentity GetUserObject(string email, string password)
{
using var db = new SSOContext();
var getStuff = (from users in db.Users
select users).ToList();
if (getStuff.Any())
{
foreach (var user in getStuff)
{
if (email == user.Email && BCrypt.Net.BCrypt.Verify(password, user.Password))
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.Name, user.Name),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims);
return(claimsIdentity);
}
}
}
throw new ArgumentNullException();
}
/// <summary>
/// Method to set Seeds into CompanyAirportsSet-Table.
/// </summary>
/// <param name="db">DB context.</param>
public static void SetSeeds(SSOContext db)
{
List <CompanyAirports> seedList = new List <CompanyAirports>
{
new CompanyAirports {
CompanyId = GetId.CompanyID("PROFI-IT", db), AirportId = 1
},
new CompanyAirports {
CompanyId = GetId.CompanyID("ODS", db), AirportId = 1
}
};
db.AddRange(seedList);
db.SaveChanges();
}
public async Task <ActionResult <IEnumerable <Company> > > GetAllCompanies([FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
using var db = new SSOContext();
var companyList = await(from companies in db.Companies
select companies).ToListAsync();
if (companyList.Any())
{
return(companyList);
}
}
throw new ArgumentNullException();
}
public async Task <ActionResult <IEnumerable <Role> > > GetAllRoles([FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
using var db = new SSOContext();
var roleList = await(from roles in db.Roles
.Include(z => z.Company)
select roles).ToListAsync();
if (roleList.Any())
{
return(roleList);
}
}
throw new ArgumentNullException();
}
public string UserInfo()
{
try
{
using (var ctx = new SSOContext())
{
var sessionid = Request.Cookies["session"].Values["sid"];
var session = ctx.Sessions.Where(m => m.SessionId == sessionid).FirstOrDefault();
if (session != null)
{
var user = ctx.Users.Where(m => m.UserId == session.UserId).Select(m => new
{
UserId = m.UserId,
LoginName = m.LoginName,
NickName = m.NickName,
Profile = m.Profile,
Gender = m.Gender,
Birthday = m.Birthday,
Location = m.Location,
Phone = m.Phone,
Email = m.Email,
}).FirstOrDefault();
if (user != null)
{
return(JsonConvert.SerializeObject(new
{
res = "OK",
msg = JsonConvert.SerializeObject(user)
}));
}
}
return(JsonConvert.SerializeObject(new
{
res = "ERROR",
msg = "登录信息过期或找不到当前用户"
}));
}
}
catch (Exception e)
{
return(JsonConvert.SerializeObject(new
{
res = "ERROR",
msg = e.Message
}));
}
}
public string Logout()
{
try
{
using (var ctx = new SSOContext())
{
#region 登录过的,删除数据库和客户端cookie。
string sessionid = "";
try
{
sessionid = Request.Cookies["session"].Values["sid"];
}
catch (Exception)
{
}
var session = ctx.Sessions.Where(m => m.SessionId == sessionid).FirstOrDefault();
if (session != null)
{
ctx.Sessions.Remove(session);
ctx.SaveChanges();
}
#region cookie重置
HttpCookie cookie = new HttpCookie("session");
cookie.Expires = DateTime.Now;
cookie.Values.Add("sid", "0");
cookie.Values.Add("uid", "0");
cookie.Values.Add("ctime", DateTime.Now.ToString());
cookie.Values.Add("etime", DateTime.Now.ToString());
Response.SetCookie(cookie);
#endregion
#endregion
return(JsonConvert.SerializeObject(new
{
res = "OK",
msg = "成功退出当前账号"
}));
}
}
catch (Exception e)
{
return(JsonConvert.SerializeObject(new
{
res = "ERROR",
msg = e.Message
}));
}
}
public async Task <ActionResult <IEnumerable <UserParams> > > GetAllUserParams([FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
using var db = new SSOContext();
var usersParamsList = await(from u_params in db.UserParameters
.Include(z => z.User)
.ThenInclude(x => x.Company)
select u_params).ToListAsync();
if (usersParamsList.Any())
{
return(usersParamsList);
}
}
throw new ArgumentNullException();
}
public string UpdateUserInfo()
{
try
{
using (var ctx = new SSOContext())
{
var sessionid = Request.Cookies["session"].Values["sid"];
var session = ctx.Sessions.Where(m => m.SessionId == sessionid).FirstOrDefault();
if (session != null)
{
var user = ctx.Users.Where(m => m.UserId == session.UserId).FirstOrDefault();
if (user != null)
{
//用户id,登录名,密码不在此处修改
user.NickName = Request.Form["NickName"];
user.Profile = Request.Form["Profile"];
user.Gender = Request.Form["Gender"];
user.Birthday = DateTime.Parse(Request.Form["Birthday"]).ToString("yyyy-MM-dd");
user.Location = Request.Form["Location"];
user.Phone = Request.Form["Phone"];
user.Email = Request.Form["Email"];
ctx.SaveChanges();
return(JsonConvert.SerializeObject(new
{
res = "OK",
msg = "用户信息修改成功"
}));
}
}
return(JsonConvert.SerializeObject(new
{
res = "ERROR",
msg = "登录信息过期或找不到当前用户"
}));
}
}
catch (Exception e)
{
return(JsonConvert.SerializeObject(new
{
res = "ERROR",
msg = e.Message
}));
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
try
{
string sessionid = "";
try
{
sessionid = filterContext.HttpContext.Request.Cookies["session"].Values["sid"];
}
catch (Exception)
{
throw new Exception("用户尚未登录");
}
using (var ctx = new SSOContext())
{
var session = ctx.Sessions.Where(m => m.SessionId == sessionid).FirstOrDefault();
if (session == null)
{
throw new Exception("非法参数");
}
if (session != null && session.ExpireTime.CompareTo(DateTime.Now) > 0)
{
session.ExpireTime = DateTime.Now.AddHours(1);
HttpCookie cookie = new HttpCookie("session");
cookie.Expires = session.ExpireTime;
cookie.Values.Add("sid", session.SessionId);
cookie.Values.Add("uid", session.UserId);
cookie.Values.Add("ctime", session.CreateTime.ToString());
cookie.Values.Add("etime", session.ExpireTime.ToString());
filterContext.HttpContext.Response.SetCookie(cookie);
ctx.SaveChanges();
}
if (session != null && session.ExpireTime.CompareTo(DateTime.Now) <= 0)
{
ctx.Sessions.Remove(session);
ctx.SaveChanges();
throw new Exception("会话过期,请重新登录。");
}
}
}
catch (Exception e)
{
filterContext.Result = new RedirectResult("/api/Home/ValidFailed?exception=" + e.Message);
}
}
/// <summary>
/// Method to set Seeds into UserRoles-Table.
/// </summary>
/// <param name="db"><see cref="DBConfig"/> object.</param>
public static void SetSeeds(SSOContext db)
{
List <UserRole> seedList = new List <UserRole>
{
new UserRole {
RoleId = GetId.RoleID("admin", db), UserId = GetId.UserID("greentee5", db)
},
new UserRole {
RoleId = GetId.RoleID("admin", db), UserId = GetId.UserID("sipdrenma", db)
}
};
foreach (var item in seedList)
{
db.UserRoles.Add(item);
}
db.SaveChanges();
}
/// <summary>
/// Method to check if user record exists.
/// </summary>
/// <returns>
/// <see cref="bool"/>.
/// </returns>
/// <exception cref="ArgumentNullException">Thrown when some variable is null.</exception>
/// <param name="token">A <see cref="ClaimsPrincipal"/> object.</param>
public static bool CheckUser(ClaimsPrincipal token)
{
using var db = new SSOContext();
var identity = (ClaimsIdentity)token.Identity;
var claims = identity.Claims.ToList();
var getUsers = db.Users.Select(p => p)
.Where(p => p.Email == claims[0].Value &&
p.Name == claims[1].Value &&
p.Id.ToString() == claims[2].Value)
.IgnoreQueryFilters().First();
if (getUsers == null)
{
throw new ArgumentNullException("user is not exist");
}
return(true);
}
/// <summary>
/// Method to set Seeds into Roles-Table.
/// </summary>
/// <param name="db"><see cref="DBConfig"/> object.</param>
public static void SetSeeds(SSOContext db)
{
List <Role> seedList = new List <Role>
{
new Role {
Slug = "admin", CompanyId = GetId.CompanyID("PROFI-IT", db)
},
new Role {
Slug = "dispatcher", CompanyId = GetId.CompanyID("ODS", db)
}
};
foreach (var item in seedList)
{
item.Slug = item.Slug.Replace(' ', '-').ToLower();
db.Roles.Add(item);
}
db.SaveChanges();
}
/// <summary>
/// Method to set Seeds into Companies-Table.
/// </summary>
/// <param name="db"><see cref="DBConfig"/> object.</param>
public static void SetSeeds(SSOContext db)
{
List <Company> seedList = new List <Company>
{
new Company {
CompanyName = "PROFI-IT", Slug = ""
},
new Company {
CompanyName = "ODS", Slug = ""
}
};
foreach (var item in seedList)
{
item.Slug = item.CompanyName.Replace(' ', '-').ToLower();
db.Companies.Add(item);
}
db.SaveChanges();
}
public async Task <ActionResult <Permission> > GetPermission(int id, [FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (id != 0)
{
using var db = new SSOContext();
var getPermission = await(from permissions in db.Permissions
where permissions.Id == id
select permissions).FirstAsync();
if (getPermission != null)
{
return(getPermission);
}
}
}
throw new ArgumentNullException();
}
public async Task <TIEntity> Update(TIEntity entity)
{
var _entity = await this.SSOContext.Set <TEntity>().FindAsync(entity.Id);
if (_entity == null)
{
throw new System.Exception($"Record not found. {typeof(TEntity).Name}");
}
using (var tx = SSOContext.Database.BeginTransaction())
{
SSOContext.Update(entity);
await SSOContext.SaveChangesAsync();
await tx.CommitAsync();
}
return(entity);
}
public async Task <ActionResult <Permission> > InsertPermission([FromBody] Permission permission, [FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (permission != null)
{
if (permissionCheck.IsAllowed(inputToken, "edit_permissions"))
{
using var db = new SSOContext();
db.Permissions.Add(permission);
await db.SaveChangesAsync();
db.Entry(permission).State = EntityState.Detached;
return(await db.Permissions.FindAsync(permission.Id));
}
}
}
throw new ArgumentNullException();
}
public async Task <ActionResult <Company> > InsertCompany([FromBody] Company company, [FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (company != null)
{
if (permissionCheck.IsAllowed(inputToken, "edit_companies"))
{
using var db = new SSOContext();
db.Companies.Add(company);
await db.SaveChangesAsync();
db.Entry(company).State = EntityState.Detached;
return(await db.Companies.FindAsync(company.Id));
}
}
}
throw new ArgumentNullException();
}
public async Task <ActionResult <Company> > GetCompany(int id, [FromHeader(Name = "Authorization")] string inputToken)
{
if (tokenCheck.TokenChecking(inputToken))
{
if (id != 0)
{
using var db = new SSOContext();
var company = await(from companies in db.Companies
where companies.Id == id
select companies).FirstAsync();
if (company != null)
{
return(company);
}
}
}
throw new ArgumentNullException();
}
