Exemplo n.º 1
0
        public HttpResponseMessage PutWhoAmI(int id, Users users)
        {
            int uId = Auth.FB.GetUserId();
            string fbId = Auth.FB.GetFbId();

            Users _users = db.Users.Find(id);
            if (_users == null) return Request.CreateResponse(HttpStatusCode.NotFound);

            // You must be the user
            if (_users.id == uId)
            {

                //update only the defaultOrg field
                _users.defaultOrg = users.defaultOrg;

                db.Entry(_users).State = EntityState.Modified;

                try
                {
                    db.SaveChanges();
                }
                catch (DbUpdateConcurrencyException)
                {
                    return Request.CreateResponse(HttpStatusCode.NotFound);
                }

                return Request.CreateResponse(HttpStatusCode.OK);

            }
            else
            {
                return Request.CreateResponse(HttpStatusCode.Unauthorized);
            }
        }
Exemplo n.º 2
0
        public HttpResponseMessage PostFBUsers(IEnumerable<Users> usr)
        {
            //if (ModelState.IsValid)
                //{
                    // loop users
                    foreach (Users users in usr)
                    {
                        if (Auth.FB.IsOrgAdmin(users.defaultOrg))
                        {

                            //Check to see FB ID already exists
                            Users existingUser = db.Users.FirstOrDefault(u => u.fbUserId == users.fbUserId);
                            if (existingUser == null)
                            {
                                // new user
                                // create account
                                Users newUser = new Users();
                                var now = DateTime.Now.ToString("O");
                                newUser.defaultOrg = 1;
                                newUser.fbUserId = users.fbUserId;
                                newUser.created_at = now;
                                newUser.isSystemAdmin = false;
                                newUser.updated_at = now;
                                newUser.name = users.name;

                                db.Users.Add(newUser);
                                db.SaveChanges();

                                // add the user to an org with there name as the orgName
                                Orgs newOrg = new Orgs();
                                newOrg.created_at = now;
                                newOrg.orgName = users.name;
                                newOrg.updated_at = now;

                                // save new org to the Org DB
                                db.Orgs.Add(newOrg);
                                db.SaveChanges();

                                // Map user to the org that was just created and make him the admin
                                db.OrgUserMappings.Add(new OrgUserMappings { usersId = newUser.id, isOrgAdmin = true, orgsId = newOrg.id });

                                // add an org user mapping
                                db.OrgUserMappings.Add(new OrgUserMappings { usersId = newUser.id, isOrgAdmin = users.isSystemAdmin, orgsId = users.defaultOrg });

                                db.SaveChanges();

                                // set the default org for the user
                                newUser.defaultOrg = newOrg.id;
                                db.Entry(newUser).State = EntityState.Modified;
                                db.SaveChanges();
                            }
                            else
                            {
                                // if usr exists
                                // add an org user mapping, if one does not already exist
                                OrgUserMappings existingMapping = db.OrgUserMappings.FirstOrDefault(ou => ou.orgsId == users.defaultOrg && ou.usersId == existingUser.id);
                                if (existingMapping != null)
                                {
                                    // update mapping
                                    existingMapping.isOrgAdmin = users.isSystemAdmin;
                                    db.Entry(existingMapping).State = EntityState.Modified;
                                }
                                else
                                {
                                    // create mapping
                                    db.OrgUserMappings.Add(new OrgUserMappings { isOrgAdmin = users.isSystemAdmin, orgsId = users.defaultOrg, usersId = existingUser.id });
                                }

                                db.SaveChanges();

                            }
                         }

                    }

                    return Request.CreateResponse(HttpStatusCode.OK);

                //}
                //else
                //{
                //    return Request.CreateResponse(HttpStatusCode.BadRequest);
                //}

            //else
            //{
            //    throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized));
            //}
        }
Exemplo n.º 3
0
        /// POST api/Users
        /// <summary>
        /// CREATE's a new user
        /// </summary>
        public HttpResponseMessage PostUsers(Users users)
        {
            if (Auth.FB.IsOrgAdmin())
            {
                if (ModelState.IsValid)
                {
                    //Check to see FB ID already exists

                    var existingUser = db.Users.Where(u => u.fbUserId == users.fbUserId).Count();
                    if (existingUser == 0)
                    {
                        // make the default org 1 if none is passed in
                        int defaultOrgId = users.defaultOrg;
                        if (defaultOrgId == 0)
                        {
                            users.defaultOrg = 1;
                        }

                        db.Users.Add(users);
                        db.SaveChanges();

                        HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, users);
                        response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = users.id }));
                        return response;
                    }
                    else
                    {
                        throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.BadRequest));
                    }

                }
                else
                {
                    return Request.CreateResponse(HttpStatusCode.BadRequest);
                }
            }
            else
            {
                throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized));
            }
        }
Exemplo n.º 4
0
        /// PUT api/Users/5
        /// <summary>
        /// UPDATE's user information like the users Name, defaultOrg, and isSystemAdmin
        /// You must be a system administrator to use this 
        /// </summary>
        public HttpResponseMessage PutUsers(int id, Users users)
        {
            // You must be a system admin to perform these actions
            if (Auth.FB.IsSystemAdmin())
            {

                if (ModelState.IsValid)
                {

                    db.Entry(users).State = EntityState.Modified;

                    try
                    {
                        db.SaveChanges();
                    }
                    catch (DbUpdateConcurrencyException)
                    {
                        return Request.CreateResponse(HttpStatusCode.NotFound);
                    }

                    return Request.CreateResponse(HttpStatusCode.OK);

                }
                else
                {
                    return Request.CreateResponse(HttpStatusCode.BadRequest);
                }

            }
            else
            {
                return Request.CreateResponse(HttpStatusCode.Unauthorized);
            }
        }
Exemplo n.º 5
0
            public override void OnAuthorization(HttpActionContext actionContext)
            {
                MyDatabase db = new MyDatabase();

                try
                {
                    // get api token from the user header ApiToken
                    IEnumerable<string> token = actionContext.Request.Headers.GetValues("ApiToken");
                    _apiToken = token.First();

                    // get facebook credential based on fb token passed in
                    IEnumerable<string> fbToken = actionContext.Request.Headers.GetValues("FbToken");
                    Debug.Write(fbToken.First());
                    _fbToken = fbToken.First();

                    // Check is user is Legit
                    // authenicated
                    if (_apiToken == _apiTokenSecret)
                    {
                        // the api token is good, is the facebook token valid ? and who are you ?
                        var client = new FacebookClient(_fbToken);
                        dynamic result = client.Get("me", new { fields = "name,id" });
                        // set the users identity
                        _fbUserid = result.id;
                        var _fbName = result.name;

                        if (_fbUserid != "")
                        {

                            // get the userid (internal id ) from the db -  user.Id
                            var user = db.Users.Where(u => u.fbUserId == _fbUserid).FirstOrDefault();

                            // Brand new user to add
                            if (user == null)
                            {
                                //_isAuth = false;
                                // add user to db
                                Users newUser = new Users();
                                var now = DateTime.Now.ToString("O");
                                newUser.defaultOrg = 1;
                                newUser.fbUserId = _fbUserid;
                                newUser.created_at = now;
                                newUser.isSystemAdmin = false;
                                newUser.updated_at = now;
                                newUser.name = _fbName;

                                db.Users.Add(newUser);
                                db.SaveChanges();

                                // add the user to an org with there name as the orgName
                                Orgs newOrg = new Orgs();
                                newOrg.created_at = now;
                                newOrg.orgName = _fbName;
                                newOrg.updated_at = now;

                                // save new org to the Org DB
                                db.Orgs.Add(newOrg);
                                db.SaveChanges();

                                // Map user to the org that was just created and make him the admin
                                db.OrgUserMappings.Add(new OrgUserMappings { usersId = newUser.id, isOrgAdmin = true, orgsId = newOrg.id});
                                db.SaveChanges();

                                // set the default org for the user
                                newUser.defaultOrg = newOrg.id;
                                db.SaveChanges();

                                _userId = newUser.id;

                                // Set up the identity object that our Controllers can use
                                GenericIdentity identity = new GenericIdentity(_fbUserid);
                                System.Threading.Thread.CurrentPrincipal =
                                    new GenericPrincipal(identity, _roles);

                                _isAuth = true;

                            }
                            else
                            {
                                _userId = user.id;

                                // Set up the identity object that our Controllers can use
                                GenericIdentity identity = new GenericIdentity(_fbUserid);
                                System.Threading.Thread.CurrentPrincipal =
                                    new GenericPrincipal(identity, _roles);

                                _isAuth = true;

                            }

                        }
                        else
                        {
                            _isAuth = false;
                        }

                    }
                    // not authenicated
                    else
                    {
                        _isAuth = false;
                    }

                    //authenicated
                    if (_isAuth)
                    {
                        Debug.WriteLine("You're authenicated");

                    }
                    // not authenicated
                    else
                    {
                        // 417 - so we can specify a message
                        actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                        actionContext.Response.ReasonPhrase = "Invalid token";
                        actionContext.Response.Content = new StringContent("Invalid token");

                    }
                }
                catch (FacebookOAuthException e)
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                    actionContext.Response.ReasonPhrase = e.Message;
                    actionContext.Response.Content = new StringContent(e.InnerException.ToString());
                }
                catch (FacebookApiLimitException e)
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                    actionContext.Response.ReasonPhrase = e.Message;
                    actionContext.Response.Content = new StringContent(e.InnerException.ToString());

                }
                catch (FacebookApiException e)
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                    actionContext.Response.ReasonPhrase = e.Message;
                    actionContext.Response.Content = new StringContent(e.InnerException.ToString());
                }
                catch (Exception e)
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.ExpectationFailed);
                    actionContext.Response.ReasonPhrase = e.Message;
                    actionContext.Response.Content = new StringContent(e.InnerException.ToString());
                }
                finally
                {
                    db.Dispose();
                }
            }