Пример #1
0
        public async Task <JsonResult> Add([FromBody] WorktaskUpdateModel model)
        {
            var worktask = model.worktask;

            int projectId = worktask.ProjectId;
            int userId    = int.Parse(User.Identity.Name);

            // Проверяем доступ
            var linkedProject = await _context.GetLinkedAcceptedProject(projectId, userId)
                                .ConfigureAwait(false);

            if (linkedProject == null)
            {
                throw new Exception(TextResource.API_NoAccess);
            }

            worktask.CreatedDate = DateTime.UtcNow;

            var addedTask = await _context.AddAsync(worktask)
                            .ConfigureAwait(false);

            await _context.SaveChangesAsync(true)
            .ConfigureAwait(false);

            return(new JsonResult(new WorktaskAddResponse {
                worktask = worktask
            }));
        }
Пример #2
0
        public async Task <JsonResult> Reject([FromQuery] uint?id)
        {
            int projectId = this.ParseValue(id);
            int userId    = int.Parse(User.Identity.Name);

            // Проверяем, что есть доступ
            var linkedProject = _dbContext.GetLinkedProjectForUser(projectId, userId);

            if (linkedProject == null)
            {
                throw new Exception(TextResource.API_YouAreNotInvited);
            }

            if (linkedProject.Accepted)
            {
                throw new Exception(TextResource.API_InviteAccepted);
            }

            _dbContext.Remove(linkedProject);

            await _dbContext.SaveChangesAsync()
            .ConfigureAwait(false);

            return(new JsonResult(new OkResponse
            {
                message = "Вы отказались от приглашения в проект"
            }));
        }
Пример #3
0
        public async Task <JsonResult> UpdateUser(UpdateUserModel model)
        {
            byte roleId    = byte.Parse(model.rightId);
            int  projectId = int.Parse(model.projectId);

            int userId = int.Parse(User.Identity.Name);

            // Проверка доступа
            var linkedProjectRequestUser = await _context.GetLinkedAcceptedProject(projectId, userId)
                                           .ConfigureAwait(false);

            if (linkedProjectRequestUser == null || linkedProjectRequestUser.RoleId == 1)
            {
                throw new Exception(TextResource.API_NoAccess);
            }

            // Проверка существования проекта
            var linkedProject = await _context.LinkedProjects.FirstOrDefaultAsync(x => x.User.Login == model.userLogin && x.ProjectId == projectId)
                                .ConfigureAwait(false);

            if (linkedProject == null)
            {
                throw new Exception(TextResource.API_NotExistLinkedProject);
            }

            linkedProject.RoleId = ( byte )roleId;

            await _context.SaveChangesAsync(true)
            .ConfigureAwait(false);

            // Обновляем значение в кэше
            await _context.GetLinkedAcceptedProject(linkedProject.ProjectId, linkedProject.UserId, true)
            .ConfigureAwait(false);

            return(new JsonResult(new RoleUpdateUserResponse
            {
                project = linkedProject.Project,
                roleId = roleId
            }, _jsonOptions));
        }
Пример #4
0
        public static async Task GenerateToken(string id, Token user, TimetrackerContext context, bool isNew = false)
        {
            var claims = new List <Claim>
            {
                new Claim(ClaimsIdentity.DefaultNameClaimType, id)
            };

            var claimsIdentity = new ClaimsIdentity(claims, "Token",
                                                    ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);

            var now       = DateTime.UtcNow;
            var expiredIn = now.Add(tokenDurability);
            var jwt       = new JwtSecurityToken(
                issuer: TimetrackerAuthorizationOptions.ISSUER,
                audience: TimetrackerAuthorizationOptions.AUDIENCE,
                notBefore: now,
                claims: claimsIdentity.Claims,
                expires: expiredIn,
                signingCredentials: new SigningCredentials(
                    TimetrackerAuthorizationOptions.GetSymmetricSecurityKey(),
                    SecurityAlgorithms.HmacSha256)
                );

            var access_token  = new JwtSecurityTokenHandler().WriteToken(jwt);
            var refresh_token = Guid.NewGuid().ToString().Replace("-", "");

            user.AccessToken      = access_token;
            user.RefreshToken     = refresh_token;
            user.TokenExpiredDate = expiredIn;

            if (isNew)
            {
                await context.AddAsync(user)
                .ConfigureAwait(false);
            }

            await context.SaveChangesAsync(true)
            .ConfigureAwait(false);
        }
Пример #5
0
        public async Task <JsonResult> Update([FromBody] UpdateStateModel model)
        {
            var dbWorkTask = await _context.Worktasks.FirstOrDefaultAsync(x => x.Id == model.TaskId)
                             .ConfigureAwait(false);

            if (dbWorkTask == null)
            {
                throw new Exception(TextResource.API_NotExistWorktaskId);
            }

            var stateExist = await _context.States.AnyAsync(x => x.Id == model.StateId)
                             .ConfigureAwait(false);

            if (!stateExist)
            {
                throw new Exception(TextResource.API_NotExistStateId);
            }

            int projectId = dbWorkTask.ProjectId;
            int userId    = int.Parse(User.Identity.Name);

            var linkedProject = _context.GetLinkedAcceptedProject(projectId, userId);

            if (linkedProject == null)
            {
                throw new Exception(TextResource.API_NoAccess);
            }

            // Если на задачу кто-то тречит - заставить их прекратить
            var runningWorktracks = _context.Worktracks.Where(x => x.WorktaskId == dbWorkTask.Id && x.Running);

            if (model.StateId == 6 && runningWorktracks.Any())
            {
                var tracks = runningWorktracks.ToList();
                var users  = tracks.Select(x => x.UserId);

                foreach (var userName in users)
                {
                    await _hub.Value.Clients.Group(userName.ToString()).SendAsync("getActiveTracking", false, null, false, TextResource.API_TrackingTaskClosed)
                    .ConfigureAwait(false);
                }

                var now = DateTime.UtcNow;
                tracks.ForEach(x =>
                {
                    x.Running     = false;
                    x.StoppedTime = now;
                });

                _context.UpdateRange(tracks);
            }

            dbWorkTask.StateId = ( byte )model.StateId;

            _context.Update(dbWorkTask);

            await _context.SaveChangesAsync(true)
            .ConfigureAwait(false);

            return(new JsonResult(new OkResponse
            {
                message = "Вы успешно изменили состояние задачи"
            }));
        }
Пример #6
0
        public async Task <IActionResult> SignIn([FromBody] SignInModel model)
        {
            // Валидация
            if (string.IsNullOrEmpty(model.login.Trim()) || string.IsNullOrEmpty(model.pass.Trim()))
            {
                throw new Exception(TextResource.Auth_EmptyValues);
            }

            if (model.login.Length < 5 || model.login.Length > 20)
            {
                throw new Exception(TextResource.Auth_LoginWrongLength);
            }

            if (model.pass.Length < 4 || model.pass.Length > 30)
            {
                throw new Exception(TextResource.Auth_PassWrongLength);
            }

            var dbUser = await _dbContext.Users.FirstOrDefaultAsync(x => x.Login == model.login)
                         .ConfigureAwait(false);

            if (dbUser == null)
            {
                throw new Exception("Неправильный логин или пароль");
            }

            var password = PasswordHelpers.EncryptPassword(model.pass, dbUser.Pass.Salt);

            if (!PasswordHelpers.SlowEquals(password, dbUser.Pass.Password))
            {
                throw new Exception("Неправильный логин или пароль");
            }

            var now = DateTime.UtcNow;

            var user = new
            {
                dbUser.Id,
                dbUser.Login,
                dbUser.FirstName,
                dbUser.MiddleName,
                dbUser.Surname,
                dbUser.Email,
                dbUser.BirthDate,
                dbUser.City
            };

            var dbToken = await _dbContext.Tokens.FirstOrDefaultAsync(x => x.Id == dbUser.TokenId)
                          .ConfigureAwait(false);

            if (dbToken != null && dbToken.TokenExpiredDate >= now)
            {
                return(new JsonResult(new SignInResponse
                {
                    access_token = dbToken.AccessToken,
                    refresh_token = dbToken.RefreshToken,
                    expired_in = (dbToken.TokenExpiredDate - now).TotalSeconds,
                    user = user
                }));
            }

            bool isFirst = false;

            // Если пользователь авторизуется впервые
            if (dbToken == null)
            {
                dbToken = new Token();
                isFirst = true;
            }

            await TokenHelpers.GenerateToken(dbUser.Id.ToString(), dbToken, _dbContext, isFirst)
            .ConfigureAwait(false);

            dbUser.TokenId = dbToken.Id;

            await _dbContext.SaveChangesAsync(true)
            .ConfigureAwait(false);

            return(new JsonResult(new SignInResponse
            {
                access_token = dbToken.AccessToken,
                refresh_token = dbToken.RefreshToken,
                expired_in = (dbToken.TokenExpiredDate - now).TotalSeconds,
                user = user
            }));
        }
Пример #7
0
        public async Task <JsonResult> Update(MyPageModel model)
        {
            var dbUser = await _dbContext.GetUserAsync(User.Identity.Name, true)
                         .ConfigureAwait(false);

            var passwordChanged = !string.IsNullOrEmpty(model.Pass);

            if (passwordChanged)
            {
                var password = PasswordHelpers.EncryptPassword(model.CurrentPass, dbUser.Pass.Salt);
                if (!PasswordHelpers.SlowEquals(password, dbUser.Pass.Password))
                {
                    throw new Exception(TextResource.API_NoAccess);
                }

                var salt = PasswordHelpers.GenerateSalt();
                var hash = PasswordHelpers.EncryptPassword(model.Pass, salt);
                dbUser.Pass.Password = hash;
                dbUser.Pass.Salt     = salt;
            }

            var IV         = dbUser.IV;
            var firstName  = PasswordHelpers.EncryptData(model.FirstName, IV);
            var surName    = PasswordHelpers.EncryptData(model.Surname, IV);
            var email      = PasswordHelpers.EncryptData(model.Email, IV);
            var middleName = string.IsNullOrEmpty(model.MiddleName) ? null : PasswordHelpers.EncryptData(model.MiddleName, IV);
            var birthdate  = string.IsNullOrEmpty(model.BirthDate) ? null : PasswordHelpers.EncryptData(model.BirthDate, IV);
            var city       = string.IsNullOrEmpty(model.City) ? null : PasswordHelpers.EncryptData(model.City, IV);

            dbUser.FirstName  = firstName;
            dbUser.Surname    = surName;
            dbUser.MiddleName = middleName;
            dbUser.City       = city;
            dbUser.Email      = email;
            dbUser.BirthDate  = birthdate;

            _dbContext.Update(dbUser);

            await _dbContext.SaveChangesAsync()
            .ConfigureAwait(false);

            var user = new
            {
                dbUser.Login,
                FirstName  = model.FirstName,
                Surname    = model.Surname,
                MiddleName = model.MiddleName,
                City       = model.City,
                Email      = model.Email,
                BirthDate  = model.BirthDate
            };

            await _dbContext.GetUserAsync(User.Identity.Name, true)
            .ConfigureAwait(false);

            return(new JsonResult(new
            {
                status = HttpStatusCode.OK,
                newUser = user,
                passwordChanged = passwordChanged
            }, _jsonOptions));
        }
Пример #8
0
        public async Task StartTracking(int?taskId)
        {
            var worktaskId = taskId.Value;

            var userName = Context.User.Identity.Name;
            int userId   = int.Parse(Context.User.Identity.Name);

            var anyActiveWorktrack = await _dbContext.Worktracks.AsNoTracking()
                                     .AnyAsync(x => x.User.Id == userId && x.Running)
                                     .ConfigureAwait(false);

            if (anyActiveWorktrack)
            {
                await Clients.Caller.SendAsync("getActiveTracking", false, null, false, "У вас уже есть задача, которая отслеживается.")
                .ConfigureAwait(false);

                return;
            }

            var worktaskData = await _dbContext.Worktasks.AsNoTracking()
                               .Where(x => x.Id == worktaskId)
                               .Select(x => new { x.ProjectId, x.State })
                               .FirstOrDefaultAsync()
                               .ConfigureAwait(false);

            if (worktaskData == null)
            {
                await Clients.Caller.SendAsync("getActiveTracking", false, null, false, "Не существует задачи с таким идентификатором")
                .ConfigureAwait(false);

                return;
            }

            var projectId = worktaskData.ProjectId;

            if (_dbContext.GetLinkedAcceptedProject(projectId, userId) == null)
            {
                await Clients.Caller.SendAsync("getActiveTracking", false, null, false, "У вас недостаточно прав, чтобы отслеживать эту задачу.")
                .ConfigureAwait(false);

                return;
            }

            if (worktaskData.State.Id == 6)
            {
                await Clients.Caller.SendAsync("getActiveTracking", false, null, false, "Данная задача уже закрыта")
                .ConfigureAwait(false);

                return;
            }

            var now       = DateTime.UtcNow;
            var worktrack = await _dbContext.AddAsync(new Worktrack
            {
                UserId      = userId,
                StartedTime = now,
                StoppedTime = now,
                WorktaskId  = worktaskId,
                Running     = true
            })
                            .ConfigureAwait(false);

            await _dbContext.SaveChangesAsync()
            .ConfigureAwait(false);

            var group = Clients.Group(userName);

            await group.SendAsync("getActiveTracking", true, worktrack.Entity, true, string.Empty)
            .ConfigureAwait(false);
        }