private IEnumerable <object> OrganizationAndFolderFilter(OrganizationIdentifier organizationIdentifier, FolderIdentifier folderIdentifier)
{
if (organizationIdentifier?.IsValid ?? false)
{
yield return new
{
term = new
{
organizationKey = new
{
value = organizationIdentifier.OrganizationKey
}
}
}
}
;
if (folderIdentifier?.IsValid ?? false)
{
yield return new
{
term = new
{
folderKey = new
{
value = folderIdentifier.FolderKey
}
}
}
}
;
}
public async Task <Organization> GetBy(OrganizationIdentifier organizationIdentifier)
{
var organizationDto =
await _context.Organizations.FirstAsync(x => x.OrganizationId == organizationIdentifier.Id);
return(new Organization(organizationDto.OrganizationId, organizationDto.OrganizationName, organizationDto.IsEnabled));
}
public User(string username, string email, string password, Guid organizationId)
{
Identifier = new UserIdentifier();
Credentials = new Credentials(username, email);
Password = new Password(password);
OrganizationIdentifier = new OrganizationIdentifier(organizationId);
}
private async Task <bool> OrganizationPrivilegeCheck(OrganizationIdentifier identifier, string privilegeName)
{
return((
await GetStore <IOrganizationStore>()
.GetOneAsync(identifier)
)
.PrivilegeCheck(privilegeName, SecurityContext));
}
public void Constructor_sets_new_id()
{
// Arrange / Act
var result = new OrganizationIdentifier();
// Assert
result.Id.ShouldNotBe(Guid.Empty);
}
public async Task <IEnumerable <ManagerFolderModel> > QueryAllAsync(OrganizationIdentifier organizationIdentifier, CancellationToken cancellationToken = default(CancellationToken))
{
// todo: should be push an organization identifier into here to make these canonical?
var organization = await Connection.Organization.GetAsync(organizationIdentifier,
new List <PopulationDirective>
{
{ new PopulationDirective(nameof(OrganizationModel.Folders)) }
},
cancellationToken : cancellationToken);
return(organization.Folders.Rows.Select(ModelConvert).ToList());
}
private async Task <BackendConfiguration> LoadConfigurationAsync(OrganizationIdentifier organizationIdentifier)
{
var privateFolder = await OrganizationPrivateMetadata.PrivateFolderLoadAsync(organizationIdentifier);
var configuration = privateFolder.Read <BackendConfiguration>(MetadataKeyConstants.BACKEND_CONFIGURATION);
if (configuration == null)
{
throw new ConfigurationException($"{organizationIdentifier} does not have backend configuration");
}
return(configuration);
}
public void Constructor_sets_id()
{
// Arrange
var id = Guid.NewGuid();
// Act
var result = new OrganizationIdentifier(id);
// Assert
result.Id.ShouldBe(id);
}
private async Task IndexOrganization(ISearch driver, OrganizationIdentifier organizationIdentifier)
{
var pageIndex = 0;
var done = false;
await driver.DeleteOrganizationAsync(API.UserAccessIdentifiers, organizationIdentifier);
while (!done)
{
var organization = await API.Organization.GetAsync(organizationIdentifier, new List <PopulationDirective>
{
new PopulationDirective
{
Name = nameof(OrganizationModel.Folders),
Paging = new PagingArguments
{
PageSize = QUERY_PAGE_SIZE,
PageIndex = pageIndex
}
}
});
if (organization != null)
{
foreach (var batch in organization.Folders.Rows.Batch(ENQUEUE_BATCH_SIZE))
{
await API.Queue.EnqueueAsync(batch.Select(folder => new QueuePair
{
QueueName = "Index",
Message = JsonConvert.SerializeObject(new IndexMessage
{
Action = IndexMessage.IndexActions.IndexFolder,
// queue expects a null in the FileKey to indicated a FolderIdentifier
// todo: weak typing
Identifier = new FileIdentifier(folder.Identifier, null)
})
}));
}
pageIndex++;
done = organization.Folders.Rows.Count() < QUERY_PAGE_SIZE;
}
else
{
done = true;
}
}
}
// duplicated in User
private async Task <long> OrganizationIDLookup(OrganizationIdentifier identifier)
{
var organizationEntity = await Database.Organization
.Where(o => o.OrganizationKey == identifier.OrganizationKey)
.FirstOrDefaultAsync();
if (organizationEntity == null)
{
throw new StoreException("Organization does not exist");
}
else
{
return(organizationEntity.OrganizationID);
}
}
public void Equals_returns_false_for_different_values()
{
// Arrange
var sut = new OrganizationIdentifier(Guid.NewGuid());
var other = new OrganizationIdentifier(Guid.NewGuid());
// Act
var result = sut.Equals(other);
// Assert
result.ShouldBeFalse();
}
public void Equals_returns_true_for_same_value()
{
// Arrange
var id = Guid.NewGuid();
var sut = new OrganizationIdentifier(id);
var other = new OrganizationIdentifier(id);
// Act
var result = sut.Equals(other);
// Assert
result.ShouldBeTrue();
}
async Task ISearch.DeleteOrganizationAsync(
string[] securityIdentifiers,
OrganizationIdentifier organizationIdentifier
)
{
Logger.LogInformation($"Delete {organizationIdentifier}");
var response = await client.DeleteByQueryAsync <Document>(s => s
.Query(q => q
.Bool(b => b
.Filter(
f => f.Term(d => d.OrganizationKey, organizationIdentifier.OrganizationKey),
f => DoSecurity(f, securityIdentifiers)
)
)
)
);
}
public void Constructor_reconstitutes_Organization()
{
// Arrange
var organizationIdentifier = new OrganizationIdentifier();
var organizationName = new OrganizationName(Guid.NewGuid().ToString());
var isEnabled = false;
// Act
var result = new Organization(organizationIdentifier.Id, organizationName.Name, isEnabled);
// Assert
result.Identifier.ShouldBe(organizationIdentifier);
result.Name.ShouldBe(organizationName);
result.IsEnabled.ShouldBe(isEnabled);
}
public async Task <FolderModel> PrivateFolderLoadAsync(OrganizationIdentifier organizationIdentifier)
{
var folderIdentifier = new FolderIdentifier(organizationIdentifier, PRIVATE_FOLDERKEY);
FolderStore.PrivilegeRead = "gateway";
var folder = await FolderStore.GetOneAsync(folderIdentifier);
if (folder == null)
{
folder = await FolderStore.InsertAsync(new FolderModel
{
Identifier = folderIdentifier
});
}
return(folder);
}
public async Task UpgradeFoldersAsync(OrganizationIdentifier organizationIdentifier)
{
await api.ConcurrencyRetryBlock(async() =>
{
var organization = await api.Organization.GetAsync(organizationIdentifier, new[]
{
new PopulationDirective(nameof(OrganizationModel.Folders))
});
foreach (var folder in organization.Folders.Rows)
{
var dirty = false;
bool isEDiscovery = folder.Read <object>("ediscovery[recipients]") != null ||
folder.Read <object>("ediscovery[packagemap]") != null;
if (isEDiscovery)
{
if (!folder.Privilege("read")?.Any(a => a.OverrideKey == "edisc") ?? false)
{
folder.WriteACLs("read", new[] {
new ACLModel
{
OverrideKey = "edisc",
RequiredIdentifiers = new List <string>
{
"u:system",
"x:eDiscovery",
$"r:eDiscovery{{{folder.Identifier.FolderKey}}}"
}
}
});
dirty = true;
}
}
if (dirty)
{
await api.Folder.PutAsync(folder);
}
}
});
}
public IEnumerable <User> GetBy(OrganizationIdentifier organizationIdentifier)
{
var dtos = _context.Users.Where(x => x.OrganizationId.Equals(organizationIdentifier.Id));
return(dtos.Select(x => new User(x.UserId, x.Username, x.Email, x.HashedPassword, x.OrganizationId)));
}
private async Task DeleteOrganization(ISearch driver, OrganizationIdentifier organizationIdentifier)
{
await driver.DeleteOrganizationAsync(API.UserAccessIdentifiers, organizationIdentifier);
}
public Task <int> GetUploadChunkSizeAsync(OrganizationIdentifier organizationIdentifier, CancellationToken cancellationToken = default(CancellationToken)) => Connection.APICallAsync <int>(HttpMethod.Get, APIEndpoint.FileUploadChunkSize, queryStringContent: organizationIdentifier, cancellationToken: cancellationToken);
public static AuditLogEntryModel ToModel(this AuditLogEntry entity)
{
if (entity != null)
{
var model = new AuditLogEntryModel
{
Identifier = new AuditLogEntryIdentifier
{
OrganizationKey = entity.OrganizationKey,
AuditLogID = entity.AuditLogEntryID
},
ActionType = entity.ActionType,
Generated = entity.Generated,
UserAgent = entity.UserAgent,
InitiatorUserIdentifier = new UserIdentifier
{
OrganizationKey = entity.InitiatorOrganizationKey,
UserKey = entity.InitiatorUserKey
},
Details = entity.Details,
Description = entity.Description,
};
var fileIdentifier = new FileIdentifier
{
OrganizationKey = entity.OrganizationKey,
FolderKey = entity.FolderKey,
FileKey = entity.FileKey
};
model.FileIdentifier = fileIdentifier.IsValid
? fileIdentifier
: null;
var folderIdentifier = new FolderIdentifier
{
OrganizationKey = entity.OrganizationKey,
FolderKey = entity.FolderKey,
};
model.FolderIdentifier = folderIdentifier.IsValid
? folderIdentifier
: null;
var organizationIdentifier = new OrganizationIdentifier
{
OrganizationKey = entity.OrganizationKey,
};
model.OrganizationIdentifier = organizationIdentifier.IsValid
? organizationIdentifier
: null;
var userIdentifier = new UserIdentifier
{
OrganizationKey = entity.OrganizationKey,
UserKey = entity.UserKey,
};
model.UserIdentifier = userIdentifier.IsValid
? userIdentifier
: null;
return(model);
}
else
{
return(null);
}
}
public Task <IEnumerable <ManagerFolderModel> > List(OrganizationIdentifier organizationIdentifier, CancellationToken cancellationToken)
{
return(Service.QueryAllAsync(organizationIdentifier, cancellationToken));
}
public async Task UpgradeUsersAsync(OrganizationIdentifier organizationIdentifier)
{
await api.ConcurrencyRetryBlock(async() =>
{
var organization = await api.Organization.GetAsync(organizationIdentifier, new[]
{
new PopulationDirective(nameof(OrganizationModel.Users))
});
foreach (var user in organization.Users.Rows)
{
var dirty = false;
var identifiers = user.UserAccessIdentifiers.ToList();
if (user.Identifier.UserKey == $"{organizationIdentifier.OrganizationKey}:Bridge")
{
if (!user.UserAccessIdentifiers.Any(i => i == "x:pcms"))
{
identifiers.Add(
"x:pcms"
);
dirty = true;
}
}
bool isEDiscoveryUser = identifiers.Any(u => u == "r:eDiscovery");
// if this is an eDiscovery recipient
if (isEDiscoveryUser)
{
var isFolderSpecific = identifiers.Any(u => u.StartsWith("r:eDiscovery{"));
if (!isFolderSpecific)
{
var matches = Regex.Match(user.Identifier.UserKey, @"^(Defendant:\d*):");
var folderKey = matches.Groups[1].Value;
identifiers.Add(
$"r:eDiscovery{{{folderKey}}}" // yields r:eDiscovery{value}
);
dirty = true;
}
// exempt this ediscovery recipient from pcms rules
if (!user.UserAccessIdentifiers.Any(i => i == "x:pcms"))
{
identifiers.Add(
"x:pcms"
);
dirty = true;
}
}
else
{
// exempt this pcms user from ediscovery rules
if (!user.UserAccessIdentifiers.Any(i => i == "x:eDiscovery"))
{
identifiers.Add(
"x:eDiscovery"
);
dirty = true;
}
}
bool isLEOUser = identifiers.Any(u => u == "r:leoUpload");
if (!isLEOUser)
{
if (!identifiers.Any(u => u == "x:leo"))
{
identifiers.Add(
"x:leo"
);
dirty = true;
}
}
if (dirty)
{
await api.User.PutAsync(user);
var updatedUser = await api.User.AccessIdentifiersPutAsync(user.Identifier, identifiers);
}
}
});
}
public Task <int> GetChunkSize(OrganizationIdentifier identifier, CancellationToken cancellationToken)
{
return(FileContentsService.UploadChunkSizeGetAsync());
}
