public async Task <bool> CreateUser(string userEmail, bool isAdmin, string organizationID)
{
try
{
var user = new RemotelyUser()
{
UserName = userEmail.Trim().ToLower(),
Email = userEmail.Trim().ToLower(),
IsAdministrator = isAdmin,
OrganizationID = organizationID,
UserOptions = new RemotelyUserOptions()
};
var org = RemotelyContext.Organizations
.Include(x => x.RemotelyUsers)
.FirstOrDefault(x => x.ID == organizationID);
org.RemotelyUsers.Add(user);
await RemotelyContext.SaveChangesAsync();
return(true);
}
catch (Exception ex)
{
WriteEvent(ex, organizationID);
return(false);
}
}
public string CreateRemotelyFirstUser(string remotelyUrl, RemotelyUser user)
{
_request.Method = Method.POST;
_request.AddJsonBody(user);
_request.Resource = "api/Theopenem/CreateFirstUser";
return(new ApiRequest(new Uri(remotelyUrl)).ExecuteRemotely(_request, ""));
}
public void OnGet()
{
if (User.Identity.IsAuthenticated)
{
RemotelyUser = _dataService.GetUserByNameWithOrg(base.User.Identity.Name);
}
}
public bool DoesUserHaveAccessToDevice(string deviceID, RemotelyUser remotelyUser)
{
var targetDevice = RemotelyContext.Devices
.FirstOrDefault(x => x.ID == deviceID && x.OrganizationID == remotelyUser.OrganizationID);
return(RemotelyContext.Devices.Any(x => x.ID == deviceID && x.OrganizationID == remotelyUser.OrganizationID));
}
public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
var organizationCount = _dataService.GetOrganizationCount();
if (_appConfig.MaxOrganizationCount > 0 && organizationCount >= _appConfig.MaxOrganizationCount)
{
return(NotFound());
}
returnUrl ??= Url.Content("~/");
ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList();
if (ModelState.IsValid)
{
var user = new RemotelyUser
{
UserName = Input.Email,
Email = Input.Email,
IsServerAdmin = organizationCount == 0,
Organization = new Organization(),
UserOptions = new RemotelyUserOptions(),
IsAdministrator = true
};
var result = await _userManager.CreateAsync(user, Input.Password);
if (result.Succeeded)
{
_logger.LogInformation("User created a new account with password.");
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
var callbackUrl = Url.Page(
"/Account/ConfirmEmail",
pageHandler: null,
values: new { area = "Identity", userId = user.Id, code },
protocol: Request.Scheme);
await _emailSender.SendEmailAsync(Input.Email, "Confirm your email",
$"<img src='{Request.Scheme}://{Request.Host}/images/Fastwire_Logo.png'/><br><br>Please confirm your Fastwire account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
if (_userManager.Options.SignIn.RequireConfirmedAccount)
{
return(RedirectToPage("RegisterConfirmation", new { email = Input.Email }));
}
else
{
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
// If we got this far, something failed, redisplay form
return(Page());
}
public string[] FilterDeviceIDsByUserPermission(string[] deviceIDs, RemotelyUser remotelyUser)
{
return(RemotelyContext.Devices.Where(x =>
deviceIDs.Contains(x.ID) &&
x.OrganizationID == remotelyUser.OrganizationID
)
.Select(x => x.ID)
.ToArray());
}
public bool DoesUserHaveAccessToDevice(string deviceID, RemotelyUser remotelyUser)
{
var targetDevice = RemotelyContext.Devices
.Include(x => x.DevicePermissionLinks)
.FirstOrDefault(x => x.ID == deviceID && x.OrganizationID == remotelyUser.OrganizationID);
return(remotelyUser.IsAdministrator ||
targetDevice.DevicePermissionLinks.Count == 0 ||
targetDevice.DevicePermissionLinks.Any(x => x.PermissionGroup.UserPermissionLinks.Any(y => y.RemotelyUserID == remotelyUser.Id)));
}
public async Task <IActionResult> SendInvite([FromBody] Invite invite)
{
if (!DataService.GetUserByName(User.Identity.Name).IsAdministrator)
{
return(Unauthorized());
}
if (!ModelState.IsValid)
{
return(BadRequest());
}
var newUserMessage = "";
if (!DataService.DoesUserExist(invite.InvitedUser))
{
var user = new RemotelyUser {
UserName = invite.InvitedUser, Email = invite.InvitedUser
};
var result = await UserManager.CreateAsync(user);
if (result.Succeeded)
{
user = await UserManager.FindByEmailAsync(invite.InvitedUser);
await UserManager.ConfirmEmailAsync(user, await UserManager.GenerateEmailConfirmationTokenAsync(user));
var resetCode = UrlEncoder.Default.Encode(await UserManager.GeneratePasswordResetTokenAsync(user));
var resetUrl = $"{Request.Scheme}://{Request.Host}/Identity/Account/ResetPassword?code={resetCode}";
invite.ResetUrl = resetUrl;
newUserMessage = $@"<br><br>Since you don't have an account yet, one has been created for you.
You will need to set a password first before attempting to join the organization.<br><br>
Set your password by <a href='{resetUrl}'>clicking here</a>. Your username/email
is <strong>{invite.InvitedUser}</strong>.";
}
else
{
return(BadRequest("There was an issue creating the new account."));
}
}
var newInvite = DataService.AddInvite(User.Identity.Name, invite, Request.Scheme + "://" + Request.Host);
var inviteURL = $"{Request.Scheme}://{Request.Host}/Invite?id={newInvite.ID}";
await EmailSender.SendEmailAsync(invite.InvitedUser, "Invitation to Organization in Remotely",
$@"<img src='https://remotely.lucency.co/images/Remotely_Logo.png'/>
<br><br>
Hello!
<br><br>
You've been invited by {User.Identity.Name} to join an organization in Remotely.
{newUserMessage}
<br><br>
You can join the organization by <a href='{HtmlEncoder.Default.Encode(inviteURL)}'>clicking here</a>.");
return(Ok(newInvite));
}
public async Task <IActionResult> SendInvite(RemotelyUser currentUser)
{
if (!currentUser.IsAdministrator)
{
return(RedirectToPage("Index"));
}
if (ModelState.IsValid)
{
if (!DataService.DoesUserExist(Input.UserEmail))
{
var result = await DataService.CreateUser(Input.UserEmail, Input.IsAdmin, currentUser.OrganizationID);
if (result)
{
var user = DataService.GetUserByName(Input.UserEmail);
await UserManager.ConfirmEmailAsync(user, await UserManager.GenerateEmailConfirmationTokenAsync(user));
StatusMessage = "User account created.";
return(RedirectToPage());
}
else
{
ModelState.AddModelError("CreateUser", "Failed to create user account.");
return(Page());
}
}
else
{
var invite = new Invite()
{
InvitedUser = Input.UserEmail,
IsAdmin = Input.IsAdmin
};
var newInvite = DataService.AddInvite(currentUser.OrganizationID, invite);
var inviteURL = $"{Request.Scheme}://{Request.Host}/Invite?id={newInvite.ID}";
await EmailSender.SendEmailAsync(invite.InvitedUser, "Invitation to Organization in Remotely",
$@"<img src='https://remotely.one/media/Remotely_Logo.png'/>
<br><br>
Hello!
<br><br>
You've been invited to join an organization in Remotely.
<br><br>
You can join the organization by <a href='{HtmlEncoder.Default.Encode(inviteURL)}'>clicking here</a>.");
StatusMessage = "Invitation sent.";
return(RedirectToPage());
}
}
return(Page());
}
public bool DoesUserHaveAccessToDevice(string deviceID, RemotelyUser remotelyUser)
{
return(RemotelyContext.Devices
.Include(x => x.DeviceGroup)
.ThenInclude(x => x.PermissionLinks)
.Any(x => x.OrganizationID == remotelyUser.OrganizationID &&
x.ID == deviceID &&
(
remotelyUser.IsAdministrator ||
x.DeviceGroup.PermissionLinks.Count == 0 ||
x.DeviceGroup.PermissionLinks.Any(x => x.UserID == remotelyUser.Id
))));
}
public string[] FilterDeviceIDsByUserPermission(string[] deviceIDs, RemotelyUser remotelyUser)
{
return(RemotelyContext.Devices.Where(x =>
deviceIDs.Contains(x.ID) &&
x.OrganizationID == remotelyUser.OrganizationID &&
(
remotelyUser.IsAdministrator ||
x.DevicePermissionLinks.Count == 0 ||
x.DevicePermissionLinks.Any(y => y.PermissionGroup.UserPermissionLinks.Any(z => z.RemotelyUserID == remotelyUser.Id))
))
.Select(x => x.ID)
.ToArray());
}
private async Task LoadAsync(RemotelyUser user)
{
var userName = await _userManager.GetUserNameAsync(user);
var phoneNumber = await _userManager.GetPhoneNumberAsync(user);
Username = userName;
Input = new InputModel
{
PhoneNumber = phoneNumber
};
}
public bool DoesUserHaveAccessToDevice(string deviceID, RemotelyUser remotelyUser)
{
return(RemotelyContext.Devices
.Include(x => x.DeviceGroup)
.ThenInclude(x => x.Users)
.Any(device => device.OrganizationID == remotelyUser.OrganizationID &&
device.ID == deviceID &&
(
remotelyUser.IsAdministrator ||
string.IsNullOrWhiteSpace(device.DeviceGroupID) ||
!device.DeviceGroup.Users.Any() ||
device.DeviceGroup.Users.Any(user => user.Id == remotelyUser.Id
))));
}
public string[] FilterDeviceIDsByUserPermission(string[] deviceIDs, RemotelyUser remotelyUser)
{
return(RemotelyContext.Devices
.Include(x => x.DeviceGroup)
.ThenInclude(x => x.Users)
.Where(device =>
device.OrganizationID == remotelyUser.OrganizationID &&
deviceIDs.Contains(device.ID) &&
(
remotelyUser.IsAdministrator ||
device.DeviceGroup.Users.Count == 0 ||
device.DeviceGroup.Users.Any(user => user.Id == remotelyUser.Id
)))
.Select(x => x.ID)
.ToArray());
}
public async Task <IActionResult> CreateFirstUser([FromBody] RegUser regUser)
{
var organizationCount = DataService.GetOrganizationCount();
if (AppConfig.MaxOrganizationCount > 0 && organizationCount >= AppConfig.MaxOrganizationCount)
{
return(NotFound());
}
var user = new RemotelyUser
{
UserName = $"{regUser.Username}@localhost",
Email = $"{regUser.Username}@localhost",
IsServerAdmin = organizationCount == 0,
Organization = new Organization(),
UserOptions = new RemotelyUserOptions(),
IsAdministrator = true
};
var result = await UserManager.CreateAsync(user, regUser.Password);
if (!result.Succeeded)
{
return(BadRequest(result.Errors));
}
else
{
//confirm email, not really needed
var code = await UserManager.GenerateEmailConfirmationTokenAsync(user);
await UserManager.ConfirmEmailAsync(user, code);
//create api token
var secret = PasswordGenerator.GeneratePassword(24);
var secretHash = new PasswordHasher <RemotelyUser>().HashPassword(null, secret);
var newToken = await DataService.CreateApiToken(user.UserName, "Theopenem", secretHash);
var NewTokenKey = Guid.Parse(newToken.Token);
var NewTokenSecret = secret;
var toemsInfo = new RemotelyInfo();
toemsInfo.AuthHeader = $"{NewTokenKey}:{NewTokenSecret}";
toemsInfo.OrganizationID = user.Organization.ID;
return(Ok(toemsInfo));
}
}
private async Task LoadSharedKeyAndQrCodeUriAsync(RemotelyUser user)
{
// Load the authenticator key & QR code URI to display on the form
var unformattedKey = await _userManager.GetAuthenticatorKeyAsync(user);
if (string.IsNullOrEmpty(unformattedKey))
{
await _userManager.ResetAuthenticatorKeyAsync(user);
unformattedKey = await _userManager.GetAuthenticatorKeyAsync(user);
}
SharedKey = FormatKey(unformattedKey);
var email = await _userManager.GetEmailAsync(user);
AuthenticatorUri = GenerateQrCodeUri(email, unformattedKey);
}
public IActionResult OnGet(int?id)
{
if (User.Identity.IsAuthenticated)
{
CurrentUser = _dataService.GetUserByName(User.Identity.Name);
}
if (id.HasValue)
{
PostDetail = _dataService.GetBlogPost(id.Value);
}
else
{
PostDetail = null;
PostList = _dataService.GetAllBlogPosts().OrderByDescending(b => b.DatePublished);
}
return(Page());
}
public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (ModelState.IsValid)
{
var user = new RemotelyUser {
UserName = Input.Email, Email = Input.Email
};
var result = await _userManager.CreateAsync(user, Input.Password);
if (result.Succeeded)
{
_logger.LogInformation("User created a new account with password.");
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.Page(
"/Account/ConfirmEmail",
pageHandler: null,
values: new { userId = user.Id, code = code },
protocol: Request.Scheme);
await _emailSender.SendEmailAsync(Input.Email, "Confirm your email",
$"<img src='https://remotely.lucency.co/images/Remotely_Logo.png'/><br><br>Please confirm your Remotely account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
// If we got this far, something failed, redisplay form
return(Page());
}
private async Task Init()
{
ClearData();
var dataService = IoCActivator.ServiceProvider.GetRequiredService <IDataService>();
var userManager = IoCActivator.ServiceProvider.GetRequiredService <UserManager <RemotelyUser> >();
var emailSender = IoCActivator.ServiceProvider.GetRequiredService <IEmailSenderEx>();
await userManager.CreateAsync(Admin1);
await dataService.CreateUser("*****@*****.**", true, Admin1.OrganizationID);
Admin2 = dataService.GetUserByNameWithOrg("*****@*****.**");
await dataService.CreateUser("*****@*****.**", false, Admin1.OrganizationID);
User1 = dataService.GetUserByNameWithOrg("*****@*****.**");
await dataService.CreateUser("*****@*****.**", false, Admin1.OrganizationID);
User2 = dataService.GetUserByNameWithOrg("*****@*****.**");
Device1.OrganizationID = Admin1.OrganizationID;
dataService.AddOrUpdateDevice(Device1, out _);
Device2.OrganizationID = Admin1.OrganizationID;
dataService.AddOrUpdateDevice(Device2, out _);
dataService.AddDeviceGroup(Admin1.OrganizationID, Group1, out _, out _);
dataService.AddDeviceGroup(Admin1.OrganizationID, Group2, out _, out _);
var deviceGroups = dataService.GetDeviceGroups(Admin1.UserName);
Group1 = deviceGroups.First(x => x.Name == Group1.Name);
Group2 = deviceGroups.First(x => x.Name == Group2.Name);
OrganizationID = Admin1.OrganizationID;
}
public async Task SetDisplayName(RemotelyUser user, string displayName)
{
RemotelyContext.Attach(user);
user.DisplayName = displayName;
await RemotelyContext.SaveChangesAsync();
}
public bool DoesUserHaveAccessToDevice(string deviceID, RemotelyUser remotelyUser)
{
return(RemotelyContext.Devices.Any(x => x.ID == deviceID && x.OrganizationID == remotelyUser.OrganizationID));
}
public async Task <IActionResult> SendInvite([FromBody] Invite invite)
{
if (User.Identity.IsAuthenticated &&
!DataService.GetUserByName(User.Identity.Name).IsAdministrator)
{
return(Unauthorized());
}
if (!ModelState.IsValid)
{
return(BadRequest());
}
Request.Headers.TryGetValue("OrganizationID", out var orgID);
if (!DataService.DoesUserExist(invite.InvitedUser))
{
var user = new RemotelyUser
{
UserName = invite.InvitedUser,
Email = invite.InvitedUser,
OrganizationID = orgID,
IsAdministrator = invite.IsAdmin
};
var result = await UserManager.CreateAsync(user);
if (result.Succeeded)
{
//if (!DataService.SetNewUserProperties(user.UserName, orgID, invite.IsAdmin))
//{
// return BadRequest();
//}
user = await UserManager.FindByEmailAsync(invite.InvitedUser);
await UserManager.ConfirmEmailAsync(user, await UserManager.GenerateEmailConfirmationTokenAsync(user));
return(Ok());
}
else
{
return(BadRequest("There was an issue creating the new account."));
}
}
else
{
var newInvite = DataService.AddInvite(orgID, invite);
var inviteURL = $"{Request.Scheme}://{Request.Host}/Invite?id={newInvite.ID}";
await EmailSender.SendEmailAsync(invite.InvitedUser, "Invitation to Organization in Remotely",
$@"<img src='https://remotely.one/media/Remotely_Logo.png'/>
<br><br>
Hello!
<br><br>
You've been invited to join an organization in Remotely.
<br><br>
You can join the organization by <a href='{HtmlEncoder.Default.Encode(inviteURL)}'>clicking here</a>.");
return(Ok());
}
}
public DtoActionResult InitializeRemotelyServer(int comServerId)
{
var comServer = _uow.ClientComServerRepository.GetById(comServerId);
if (comServer == null)
{
return(new DtoActionResult()
{
Success = false, ErrorMessage = "Com Server Not Found"
});
}
if (string.IsNullOrEmpty(comServer.RemoteAccessUrl))
{
return(new DtoActionResult {
Success = false, ErrorMessage = "Could Not Initialize Remote Access. The Url Was Empty"
});
}
var servicePassGen = new PasswordGenerator();
var remotelyUser = new RemotelyUser();
remotelyUser.Username = servicePassGen.GeneratePassword(true, true, true, false, 10);
for (int i = 0; i < 1000; i++)
{
remotelyUser.Password = servicePassGen.GeneratePassword(true, true, true, true, 16);
if (servicePassGen.ValidatePassword(remotelyUser.Password, true))
{
break;
}
}
var response = new APICall().RemoteAccessApi.CreateRemotelyFirstUser(comServer.RemoteAccessUrl, remotelyUser);
if (response == null)
{
return(new DtoActionResult {
Success = false, ErrorMessage = "Unknown Error While Initializing The Remote Access Server. Check The Logs."
});
}
var checkError = response;
checkError = checkError.Replace("\"", "");
checkError = checkError.Replace("\\", "");
if (checkError.Equals("The Remote Access Server Has Already Been Initialized"))
{
return new DtoActionResult()
{
Success = false, ErrorMessage = "The Remote Access Server Has Already Been Initialized"
}
}
;
try
{
var remotelyInfo = JsonConvert.DeserializeObject <RemotelyInfo>(response);
comServer.RaUsername = remotelyUser.Username;
comServer.RaPasswordEncrypted = new EncryptionServices().EncryptText(remotelyUser.Password);
comServer.RaAuthHeaderEncrypted = new EncryptionServices().EncryptText(remotelyInfo.AuthHeader);
comServer.RaOrganizationId = remotelyInfo.OrganizationID;
}
catch
{
return(new DtoActionResult {
Success = false, ErrorMessage = "Error: Could Not Deserialize Response."
});
}
var result = new ServiceClientComServer().Update(comServer);
if (result != null)
{
if (result.Success)
{
CopyAgentInstallerToStorage();
return(new DtoActionResult {
Success = true
});
}
else
{
return new DtoActionResult {
Success = false, ErrorMessage = result.ErrorMessage
}
};
}
return(new DtoActionResult {
Success = false, ErrorMessage = "Unknown Error"
});
}
