public IEnumerable<SummaryData> GetTopItemsByUser(User user, int count)
{
var blobs = this.context.BlobEvents.Where(ev => ev.User.UserId == user.UserId).GroupBy(ev => ev.Blob).Select(r => new SummaryData() { Id = r.Key.BlobId, Name = r.Key.Name, Total = r.Count(), IsBlobSet = false }).OrderByDescending(r => r.Total).Take(count);
var sets = this.context.BlobSetEvents.Where(ev => ev.User.UserId == user.UserId).GroupBy(ev => ev.BlobSet).Select(r => new SummaryData() { Id = r.Key.BlobSetId, Name = r.Key.Name, Total = r.Count(), IsBlobSet = true }).OrderByDescending(r => r.Total).Take(count);
return blobs.Union(sets).OrderByDescending(s => s.Total).Take(count);
}
public Invitation InviteUser(User user, string invitationLink, DateTime expiration, string personalMessage, bool signEmail)
{
var invitation = this.context.Invitations.FirstOrDefault(i => i.User.UserId == user.UserId && i.ActivationDateTime == null);
if (invitation == null)
{
invitation = new Invitation
{
InvitationId = Guid.NewGuid(),
User = user,
Email = user.Email,
ExpirationDateTime = expiration,
CreationDateTime = DateTime.UtcNow,
SentDateTime = DateTime.UtcNow
};
this.context.Invitations.AddObject(invitation);
}
invitation.ExpirationDateTime = expiration;
if (user.Email != invitation.Email)
{
invitation.Email = user.Email;
}
this.context.SaveChanges();
// Send invitation link
invitationLink += "/" + invitation.InvitationId;
this.SendNotification(invitation, invitationLink, personalMessage, signEmail);
return invitation;
}
public void CreateUser()
{
using (TransactionScope ts = new TransactionScope())
{
UserService service = new UserService();
User user = new User() { Name = "Test User", Email = "*****@*****.**" };
service.CreateUser(user);
Assert.AreNotEqual(Guid.Empty, user.UserId);
}
}
private User GetTestUser(BlobShareDataStoreEntities context)
{
UserService userService = new UserService(context);
User user = new User()
{
Name = "Test User",
Email = "*****@*****.**",
IdentityProvider = "identityProvider",
NameIdentifier = "nameIdentifier"
};
userService.CreateUser(user);
return user;
}
public void DeactivateAndActivateUser()
{
using (TransactionScope ts = new TransactionScope())
{
UserService service = new UserService();
User user = new User() { Name = "Test User", Email = "*****@*****.**" };
service.CreateUser(user);
service.DeactivateUser(user);
Assert.IsTrue(user.Inactive);
service.ActivateUser(user);
Assert.IsFalse(user.Inactive);
Assert.IsTrue(user.UserEvents.Count == 3);
}
}
public void CreateAndRetrieveUserById()
{
using (TransactionScope ts = new TransactionScope())
{
UserService service = new UserService();
User user = new User() { Name = "Test User", Email = "*****@*****.**" };
service.CreateUser(user);
User newUser = service.RetrieveUserById(user.UserId);
Assert.IsNotNull(newUser);
Assert.AreEqual(user.UserId, newUser.UserId);
Assert.AreEqual(user.Name, newUser.Name);
Assert.AreEqual(user.Email, newUser.Email);
}
}
public void CreateAndRetrieveUserByNameIdentifierAndIdentityProvider()
{
using (TransactionScope ts = new TransactionScope())
{
UserService service = new UserService();
User user = new User() { NameIdentifier = "nameIdentifier", IdentityProvider = "identityProvider", Name = "Test Name", Email = "*****@*****.**" };
service.CreateUser(user);
User newUser = service.RetrieveUserByNameIdentifier(user.NameIdentifier, user.IdentityProvider);
Assert.IsNotNull(newUser);
Assert.AreEqual(user.UserId, newUser.UserId);
Assert.AreEqual(user.NameIdentifier, newUser.NameIdentifier);
Assert.AreEqual(user.IdentityProvider, newUser.IdentityProvider);
}
}
public void CreateEventUserDownloadBlob(User user, Blob blob, RequestData request)
{
BlobEvent @event = new BlobEvent()
{
BlobEventId = Guid.NewGuid(),
EventDateTime = DateTime.UtcNow,
EventType = (int)EventType.Download,
User = user,
Blob = blob
};
CompleteBlobEvent(@event, request);
this.context.BlobEvents.AddObject(@event);
this.context.SaveChanges();
}
public void CreateUser(User user)
{
if (this.context.Users.SingleOrDefault(u => u.UserId == user.UserId || (u.NameIdentifier == user.NameIdentifier && u.IdentityProvider == user.IdentityProvider) || u.Email.Equals(user.Email, StringComparison.OrdinalIgnoreCase)) != null)
{
throw new InvalidOperationException("User already exists.");
}
if (user.UserId == Guid.Empty)
{
user.UserId = Guid.NewGuid();
}
this.context.Users.AddObject(user);
this.context.SaveChanges();
this.eventService.CreateEventUserCreate(user);
}
public void DeleteUser(User user)
{
if (this.IsMe(user))
{
throw new InvalidOperationException("You cannot delete yourself.");
}
int count = this.context.Users.Count();
if (count == 1)
{
throw new InvalidOperationException("The last user cannot be deleted.");
}
this.context.Users.DeleteObject(user);
this.context.SaveChanges();
}
public ActionResult Edit(Guid id, UserViewModel model)
{
if (!this.ModelState.IsValid)
{
return View(model);
}
User user = new User
{
UserId = id,
Name = model.Name,
Email = model.Email,
Inactive = model.Status == 0 ? false : true
};
try
{
this.userService.UpdateUser(user);
}
catch (Exception ex)
{
this.ModelState.AddModelError("Email", ex.Message);
return View(model);
}
return RedirectToAction("Details", new { id = id });
}
public ActionResult RegisterAdmin(RegisterAdminViewModel model)
{
if (model.BootstrapAdministratorSecret != ConfigReader.GetConfigValue("BootstrapAdministratorSecret"))
{
this.ModelState.AddModelError("BootstrapAdministratorSecret", "The provided Bootstrap Administrator Secret is invalid.");
}
if (!this.ModelState.IsValid)
{
return View(model);
}
if (this.userService.GetUsers().Count() > 0)
{
// If a user exists, then this action should not occur.
return RedirectToAction("Index", "Home");
}
var identity = this.HttpContext.User.Identity as IClaimsIdentity;
var nameIdentifierClaim = identity.Claims.Where(c => c.ClaimType.Equals(ClaimTypes.NameIdentifier, StringComparison.OrdinalIgnoreCase)).SingleOrDefault();
var identityProviderClaim = identity.Claims.Where(c => c.ClaimType.Equals(IdentityProviderClaimType, StringComparison.OrdinalIgnoreCase)).SingleOrDefault();
var user = new User()
{
Name = model.AdministratorEmail,
Email = model.AdministratorEmail,
NameIdentifier = nameIdentifierClaim.Value,
IdentityProvider = identityProviderClaim.Value,
};
this.userService.CreateUser(user);
var role = this.roleService.GetRoleByName("Administrator");
this.roleService.AddUserToRole(role, user);
this.ExecuteLogOff();
return RedirectToAction("RegistrationSuccess");
}
public ActionResult Create(UserViewModel model, FormCollection form)
{
if (!this.ModelState.IsValid)
{
model.RoleNames = this.roleService.GetRoles().OrderBy(r => r.RoleName).Select(r => r.RoleName);
return View(model);
}
var roles = this.roleService.GetRoles().OrderBy(r => r.RoleName).ToList();
User user = new User() { Name = model.Name, Email = model.Email };
try
{
this.userService.CreateUser(user);
}
catch (Exception ex)
{
this.ModelState.AddModelError("CustomErrors", ex.Message);
model.RoleNames = this.roleService.GetRoles().OrderBy(r => r.RoleName).Select(r => r.RoleName);
return View(model);
}
int k = 1;
foreach (var role in roles)
{
if (!string.IsNullOrEmpty(form["Role" + k]) && form["Role" + k].Contains("true"))
{
this.roleService.AddUserToRole(role, user);
}
k++;
}
var invitationLink = this.GetInvitationPage();
var expiration = DateTime.UtcNow.AddDays(30);
this.invitationService.InviteUser(user, invitationLink, expiration, model.PersonalMessage, false);
return RedirectToAction("Details", new { id = user.UserId });
}
public Permission GrantPermissionToUserBlobSet(Privilege privilege, User user, BlobSet set, DateTime expiration)
{
var permission = new Permission()
{
PermissionId = Guid.NewGuid(),
Privilege = (int)privilege,
BlobSet = this.context.BlobSets.Single(rs => rs.BlobSetId == set.BlobSetId),
CreationDateTime = DateTime.UtcNow,
ExpirationDateTime = expiration
};
permission.Users.Add(this.context.Users.Single(u => u.UserId == user.UserId));
this.context.Permissions.AddObject(permission);
this.context.SaveChanges();
return permission;
}
public IEnumerable<Blob> GetBlobsByUser(User user)
{
IEnumerable<Blob> blobs = this.context.Permissions.Where(p => p.Users.Any(u => u.UserId == user.UserId) && p.ExpirationDateTime > DateTime.UtcNow && p.Blob != null).Select(p => p.Blob).Distinct();
var roleblobs = user.Roles.SelectMany(r => r.Permissions).Where(p => p.Blob != null && p.ExpirationDateTime > DateTime.UtcNow).Select(p => p.Blob).Distinct();
return blobs.Union(roleblobs).Distinct().OrderBy(br => br.Name);
}
public void CreateEventUserLogin(User user, RequestData request)
{
this.CreateUserEvent(user, UserEventType.Login, request);
}
public IEnumerable<Permission> GetNewPermissionsByUser(User user, int count)
{
return this.context.Permissions.Where(p => p.ExpirationDateTime > DateTime.UtcNow && (p.Users.Any(u => u.UserId == user.UserId) || p.Roles.Any(r => r.Users.Any(u => u.UserId == user.UserId)))).OrderByDescending(p => p.CreationDateTime).Take(count);
}
public ActionResult BulkCreate(BulkUserViewModel model, FormCollection form)
{
if (!this.ModelState.IsValid)
{
model.RoleNames = this.roleService.GetRoles().OrderBy(r => r.RoleName).Select(r => r.RoleName);
return View(model);
}
var roles = this.roleService.GetRoles().OrderBy(r => r.RoleName).ToList();
var emails = model.Emails.Replace(';', ',').Split(',').Select(e => e.Trim()).Distinct();
foreach (var email in emails)
{
User user = this.userService.RetrieveUserByEMail(email);
if (user == null)
{
user = new User() { Name = this.GetNameFromEmail(email), Email = email };
this.userService.CreateUser(user);
int k = 1;
foreach (var role in roles)
{
if (!string.IsNullOrEmpty(form["Role" + k]) && form["Role" + k].Contains("true"))
{
this.roleService.AddUserToRole(role, user);
}
k++;
}
}
var invitationLink = this.GetInvitationPage();
var expiration = DateTime.UtcNow.AddDays(30);
this.invitationService.InviteUser(user, invitationLink, expiration, model.PersonalMessage, false);
}
return RedirectToAction("Index");
}
public void CreateEventUserViewBlobSet(User user, BlobSet set)
{
this.CreateEventUserViewBlobSet(user, set, this.GetRequestData());
}
public void AddUserToRole(Role role, User user)
{
role.Users.Add(user);
this.context.SaveChanges();
}
private static User EnsureApplicationUser(IClaimsIdentity identity)
{
var invitationService = new InvitationService();
var context = BlobShareDataStoreEntities.CreateInstance();
var userService = new UserService(context);
var invitationId = Guid.Empty;
User user = null;
// Get name identifier and identity provider
var nameIdentifierClaim = identity.Claims.Where(c => c.ClaimType.Equals(ClaimTypes.NameIdentifier, StringComparison.OrdinalIgnoreCase)).SingleOrDefault();
var identityProviderClaim = identity.Claims.Where(c => c.ClaimType.Equals(IdentityProviderClaimType, StringComparison.OrdinalIgnoreCase)).SingleOrDefault();
// Administrator First Login
if (userService.GetUsers().Count() == 0)
{
var emailClaim = identity.Claims.Where(c => c.ClaimType.Equals(ClaimTypes.Email, StringComparison.OrdinalIgnoreCase)).SingleOrDefault();
return new User()
{
NameIdentifier = nameIdentifierClaim.Value,
IdentityProvider = identityProviderClaim.Value,
Email = emailClaim == null ? string.Empty : emailClaim.ToString(),
Name = emailClaim == null ? string.Empty : emailClaim.ToString(),
};
}
if (IsInvitationRequest(out invitationId) && !string.IsNullOrWhiteSpace(nameIdentifierClaim.Value))
{
// TODO: Lock the activation process
var invitation = invitationService.RetrieveInvitation(invitationId);
if (invitation == null)
{
throw new InvalidInvitationException("Invalid Invitation ID", "It seems that the provided invitation ID does not exist. Please contact your administrator.");
}
if (invitation.ActivationDateTime.HasValue)
{
throw new InvalidInvitationException("Invitation Already Activated", "It seems that the invitation was already activated. Please contact your administrator.");
}
if (DateTime.UtcNow.CompareTo(invitation.ExpirationDateTime) > 0)
{
throw new InvalidInvitationException("Invitation Expired", "It seems that the invitation you are trying to activate has already expired. Please contact your administrator.");
}
user = userService.RetrieveUserByNameIdentifier(nameIdentifierClaim.Value, identityProviderClaim.Value);
if (user != null)
{
if (!user.Email.Equals(invitation.Email))
{
throw new InvalidUserException("Account Already Linked", "It seems that you have already linked this account with another user. Please try again with a different one.");
}
}
else
{
user = userService.RetrieveUserById(invitation.User.UserId);
}
if (user == null)
{
user = new User()
{
Name = invitation.Email,
Email = invitation.Email,
NameIdentifier = nameIdentifierClaim.Value,
IdentityProvider = identityProviderClaim.Value
};
userService.CreateUser(user);
}
else
{
if (user.NameIdentifier != nameIdentifierClaim.Value || user.IdentityProvider != identityProviderClaim.Value)
{
user.NameIdentifier = nameIdentifierClaim.Value;
user.IdentityProvider = identityProviderClaim.Value;
userService.UpdateUser(user);
}
}
invitationService.ActivateUserInvitation(invitation, user);
}
else
{
user = userService.RetrieveUserByNameIdentifier(nameIdentifierClaim.Value, identityProviderClaim.Value);
if (user == null)
{
throw new InvalidUserException("Invalid User", "It seems that no user is linked to this account, please try again with another or contact your administrator.");
}
}
if (user.Inactive)
{
throw new InvalidUserException("Inactive User", "It seems that this user was deactivated, Please contact your administrator.");
}
var eventService = new EventService(context);
eventService.CreateEventUserLogin(user);
return user;
}
public void CreateEventUserCreate(User user)
{
this.CreateEventUserCreate(user, this.GetRequestData());
}
private void CreateUserEvent(User user, UserEventType type, RequestData request)
{
UserEvent @event = new UserEvent()
{
UserEventId = Guid.NewGuid(),
User = user,
EventType = (int)type,
EventDateTime = DateTime.UtcNow
};
CompleteUserEvent(@event, request);
this.context.UserEvents.AddObject(@event);
this.context.SaveChanges();
}
public void CreateEventUserViewBlobSet(User user, BlobSet set, RequestData request)
{
BlobSetEvent @event = new BlobSetEvent()
{
BlobSetEventId = Guid.NewGuid(),
EventDateTime = DateTime.UtcNow,
EventType = (int)EventType.View,
User = user,
BlobSet = set
};
CompleteBlobSetEvent(@event, request);
this.context.BlobSetEvents.AddObject(@event);
this.context.SaveChanges();
}
public void CreateEventUserCreate(User user, RequestData request)
{
this.CreateUserEvent(user, UserEventType.Create, request);
}
public void CreateEventUserDownloadBlob(User user, Blob blob)
{
this.CreateEventUserDownloadBlob(user, blob, this.GetRequestData());
}
internal static User CreateUserForTest(string name, BlobShareDataStoreEntities context)
{
User user = new User()
{
UserId = Guid.NewGuid(),
Name = name,
Email = name,
NameIdentifier = name,
IdentityProvider = name,
};
context.Users.AddObject(user);
context.SaveChanges();
return user;
}
public void CreateEventUserDeactivation(User user)
{
this.CreateEventUserDeactivation(user, this.GetRequestData());
}
public void RemoveUserFromRole(Role role, User user)
{
role.Users.Remove(user);
this.context.SaveChanges();
}
public void CreateEventUserDeactivation(User user, RequestData request)
{
this.CreateUserEvent(user, UserEventType.Deactivation, request);
}
