public async Task <ActionResult <SmartLockGroupDto> > AddSmartLockGroup(Guid smartLockId, SmartLockGroupCreationDto smartLockGroup) { try { await _azureAdRepository.GetGroup(smartLockGroup.GroupId.ToString()); } catch (ServiceException e) { if (e.StatusCode == HttpStatusCode.NotFound) { _logger.LogWarning("Group was not found on Azure AD"); ModelState.AddModelError("azureAdGroupNotFound", $"Group with id: {smartLockGroup.GroupId} was not found on Azure AD"); } } if (!ModelState.IsValid) { return(ValidationProblem(ModelState)); } if (await _smartLockRepository.SmartLockGroupExists(smartLockId, smartLockGroup.GroupId)) { _logger.LogWarning("Group already exists for this smart lock"); return(Conflict("Group already exists for this smart lock")); } _smartLockRepository.AddSmartLockGroup(smartLockId, smartLockGroup.GroupId); await _smartLockRepository.Save(); return(CreatedAtAction("GetSmartLockGroup", new { smartLockId = smartLockId, groupId = smartLockGroup.GroupId }, smartLockGroup)); }
public async Task <UserAccessDto> GetUserAccessStatus(SmartLockUserAccessDto smartLockUser) { var client = await MicrosoftGraphClient.GetGraphServiceClient(); var smartLockUserExists = await _smartLockRepository.SmartLockUserExists(smartLockUser.SmartLockId, smartLockUser.UserId); if (smartLockUserExists) { var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId); if (smartLock.Status != Types.Status.Active) { var inactiveLockAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "Lock was in inactive state" }; _accessRepository.AddAccess(inactiveLockAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); } var user = await _userRepository.GetUser(smartLockUser.UserId); if (user.Status != Types.Status.Active) { var inactiveUserAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "User was in inactive state" }; _accessRepository.AddAccess(inactiveUserAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); } var validAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = true, Info = "Access was permitted for user" }; _accessRepository.AddAccess(validAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = true }); } var userGroupsIdsFromAzureAd = await _azureAdRepository .GetUserGroupsIds(client, smartLockUser.UserId.ToString()); foreach (var groupId in userGroupsIdsFromAzureAd) { var smartLockGroupExists = await _smartLockRepository.SmartLockGroupExists(smartLockUser.SmartLockId, Guid.Parse(groupId)); if (smartLockGroupExists) { var smartLock = await _smartLockRepository.GetSmartLock(smartLockUser.SmartLockId); if (smartLock.Status != Types.Status.Active) { var inactiveLockAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "Lock was in inactive state" }; _accessRepository.AddAccess(inactiveLockAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); } var group = await _groupRepository.GetGroup(Guid.Parse(groupId)); if (group.Status != Status.Active) { var inactiveGroupAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "User group was in inactive state" }; _accessRepository.AddAccess(inactiveGroupAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); } var validGroupAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = true, Info = "Access is permitted for group user" }; _accessRepository.AddAccess(validGroupAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = true }); } } var notValidAccess = new Access { UserId = smartLockUser.UserId, SmartLockId = smartLockUser.SmartLockId, IsValid = false, Info = "Access was denied" }; _accessRepository.AddAccess(notValidAccess); await _accessRepository.Save(); return(new UserAccessDto { AccessAuthorized = false }); }