private async Task inviteUser(string email, int projectId, UserProjectRoles role, UserProjectPermissions permissions, HttpStatusCode expectedHttpStatus)
{
// Invite user
//var url = String.Format("/api/UserProjects/{userEmail}/{projectId}/{role}/{permissions}", email, projectId, role, permissions);
//api/UserProjects/Invites/{userEmail}/{projectId}/{role}/{permissions}
var url = "/api/UserProjects/" + email + "/" + projectId + "/" + (int)role + "/" + (int)permissions;
var body = new StringContent("", Encoding.UTF8, MediaTypeNames.Application.Json);
// Call to create new UserProject with status pending
var postResponse = await _httpClient.PostAsync(url, body);
// Did we create invite user?
Assert.AreEqual(expectedHttpStatus, postResponse.StatusCode);
}
private async Task rejectInvite(ApplicationUser user, string authUser, UserProjectRoles role, UserProjectPermissions permissions)
{
// Autherize
_httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(JwtBearerDefaults.AuthenticationScheme, authUser);
// Get user project-invitations
var getUrl = "api/UserProjects/Invites";
// Call to get the invitations (UserProjects with status pending) for the logged in user
var getResponse = await _httpClient.GetAsync(getUrl);
// Did we get the invites?
Assert.AreEqual(HttpStatusCode.OK, getResponse.StatusCode);
var getUserProjectContent = await getResponse.Content.ReadAsStringAsync();
var userProjects = JsonSerializer.Deserialize <List <UserProject> >(getUserProjectContent);
Assert.AreEqual(userProjects.Count, 1);
var userproject = userProjects[0];
Assert.AreEqual(userproject.ProjectId, _newProject.ProjectId);
Assert.AreEqual(userproject.UserId, user.Id);
Assert.AreEqual(userproject.Role, role);
Assert.AreEqual(userproject.Rights, permissions);
Assert.AreEqual(userproject.Status, UserProjectStatus.PENDING);
// Reject invite
var url = "api/UserProjects/Invites/Reject/" + userproject.UserProjectId;
var body = new StringContent("", Encoding.UTF8, MediaTypeNames.Application.Json);
// Call to reject
var postResponse = await _httpClient.PostAsync(url, body);
// Did we reject?
Assert.AreEqual(HttpStatusCode.OK, postResponse.StatusCode);
// Get user invites a second time
var getResponse2 = await _httpClient.GetAsync(getUrl);
// Did we get the invites?
Assert.AreEqual(HttpStatusCode.OK, getResponse.StatusCode);
var getUserProjectContent2 = await getResponse2.Content.ReadAsStringAsync();
var userProjects2 = JsonSerializer.Deserialize <List <UserProject> >(getUserProjectContent2);
// We should have the rejected invite
Assert.AreEqual(userProjects2.Count, 0);
}
public async Task <ActionResult> InviteUserToProject(string userEmail, int projectId, int role, UserProjectPermissions permissions)
{
var user = await _userManager.FindByEmailAsync(userEmail);
if (user == null)
{
var error = new ErrorResult();
error.Message = "User " + userEmail + " not found";
return(NotFound(error));
}
var project = await _context.Projects.FindAsync(projectId);
if (project == null)
{
var error = new ErrorResult();
error.Message = "Project with id: " + projectId + " not found";
return(NotFound(error));
}
// Check if the caller got the RW rights! Otherwise return Unauthorized
string callerEmail = ((ClaimsIdentity)User.Identity).Claims.Where(c => c.Type == ClaimTypes.Email).FirstOrDefault().Value;
var caller = await _userManager.FindByEmailAsync(callerEmail);
var callerUserProject = await _context.UserProjects.FirstOrDefaultAsync <UserProject>(p => p.ProjectId == projectId && p.UserId == caller.Id && (p.Rights == UserProjectPermissions.READWRITE || p.Rights == UserProjectPermissions.WRITE)); // TODO Enum non R-read RW-readwrite
if (callerUserProject == null)
{
// The caller doesnt have WRITE rights to this project
return(Forbid());
}
// fetch all user-projects for project with id projectId (that i NOT rejected)
var userProjects = await _context.UserProjects.Where(p => p.ProjectId == projectId && p.UserId == user.Id && p.Status != UserProjectStatus.REJECTED).ToListAsync <UserProject>();
// check if user is already invited to the project (or is a member)
if (userProjects.Count > 0)
{
var error = new ErrorResult();
var invitationStatus = userProjects.FirstOrDefault <UserProject>().Status;
var statusText = "";
switch (invitationStatus)
{
case UserProjectStatus.PENDING:
statusText = "pending";
break;
case UserProjectStatus.ACCEPTED:
statusText = "accepted";
break;
case UserProjectStatus.REJECTED:
statusText = "rejected";
break;
default:
statusText = "unknown";
break;
}
error.Message = "User " + userEmail + " is already invited and the invitation is " + statusText + ".";
//error.Errors = new List<string>();
return(BadRequest(error));
}
// Create a new UserProject with status Pending and the provided role and rights
var userProject = new UserProject();
userProject.User = user;
userProject.Project = project;
userProject.Role = (UserProjectRoles)role;
userProject.Rights = (UserProjectPermissions)permissions; //rights;
userProject.Status = UserProjectStatus.PENDING;
// Store the user project
_context.UserProjects.Add(userProject);
await _context.SaveChangesAsync();
//return Ok(userProject);
return(CreatedAtAction("InviteUserToProject", new { userEmail, projectId, role, permissions }, userProject));
//return CreatedAtRoute(nameof(GetUserProject), new { id = userProject.UserProjectId }, userProject);
}