public bool DoesUserHaveAccessToMachine(string machineID, DoXMUser doxmUser)
{
return(DoXMContext.Machines.Any(x =>
x.OrganizationID == doxmUser.OrganizationID &&
(
x.PermissionGroups.Count == 0 ||
x.PermissionGroups.Any(y => doxmUser.PermissionGroups.Any(z => z.ID == y.ID))
) &&
x.ID == machineID));
}
public async Task <IActionResult> SendInvite([FromBody] Invite invite)
{
if (!DataService.GetUserByName(User.Identity.Name).IsAdministrator)
{
return(Unauthorized());
}
if (!ModelState.IsValid)
{
return(BadRequest());
}
var newUserMessage = "";
if (!DataService.DoesUserExist(invite.InvitedUser))
{
var user = new DoXMUser {
UserName = invite.InvitedUser, Email = invite.InvitedUser
};
var result = await UserManager.CreateAsync(user);
if (result.Succeeded)
{
user = await UserManager.FindByEmailAsync(invite.InvitedUser);
await UserManager.ConfirmEmailAsync(user, await UserManager.GenerateEmailConfirmationTokenAsync(user));
var resetCode = UrlEncoder.Default.Encode(await UserManager.GeneratePasswordResetTokenAsync(user));
var resetUrl = $"{Request.Scheme}://{Request.Host}/Identity/Account/ResetPassword?code={resetCode}";
newUserMessage = $@"<br><br>Since you don't have an account yet, one has been created for you.
You will need to set a password first before attempting to join the organization.<br><br>
Set your password by <a href='{resetUrl}'>clicking here</a>. Your username/email
is <strong>${invite.InvitedUser}</strong>.";
}
else
{
return(BadRequest("There was an issue creating the new account."));
}
}
var newInvite = DataService.AddInvite(User.Identity.Name, invite, Request.Scheme + "://" + Request.Host);
var inviteURL = $"{Request.Scheme}://{Request.Host}/Invite?id={newInvite.ID}";
await EmailSender.SendEmailAsync(invite.InvitedUser, "Invitation to Organization in DoXM",
$@"<img src='https://doxm.app/images/DoXM_Logo.png'/>
<br><br>
Hello!
<br><br>
You've been invited by {User.Identity.Name} to join an organization in DoXM.
{newUserMessage}
<br><br>
You can join the organization by <a href='{HtmlEncoder.Default.Encode(inviteURL)}'>clicking here</a>.");
return(Ok(newInvite));
}
public string[] FilterMachineIDsByUserPermission(string[] machineIDs, DoXMUser doxmUser)
{
return(DoXMContext.Machines.Where(x =>
x.OrganizationID == doxmUser.OrganizationID &&
(
x.PermissionGroups.Count == 0 ||
x.PermissionGroups.Any(y => doxmUser.PermissionGroups.Any(z => z.ID == y.ID))
) &&
machineIDs.Contains(x.ID))
.Select(x => x.ID)
.ToArray());
}
private async Task LoadSharedKeyAndQrCodeUriAsync(DoXMUser user)
{
// Load the authenticator key & QR code URI to display on the form
var unformattedKey = await _userManager.GetAuthenticatorKeyAsync(user);
if (string.IsNullOrEmpty(unformattedKey))
{
await _userManager.ResetAuthenticatorKeyAsync(user);
unformattedKey = await _userManager.GetAuthenticatorKeyAsync(user);
}
SharedKey = FormatKey(unformattedKey);
var email = await _userManager.GetEmailAsync(user);
AuthenticatorUri = GenerateQrCodeUri(email, unformattedKey);
}
public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (ModelState.IsValid)
{
var user = new DoXMUser {
UserName = Input.Email, Email = Input.Email
};
var result = await _userManager.CreateAsync(user, Input.Password);
if (result.Succeeded)
{
_logger.LogInformation("User created a new account with password.");
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.Page(
"/Account/ConfirmEmail",
pageHandler: null,
values: new { userId = user.Id, code = code },
protocol: Request.Scheme);
await _emailSender.SendEmailAsync(Input.Email, "Confirm your email",
$"<img src='https://doxm.app/images/DoXM_Logo.png'/><br><br>Please confirm your DoXM account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
// If we got this far, something failed, redisplay form
return(Page());
}
