private MembershipRequest FindMembershipRequestByUsername(Organization organization, string memberName)
{
return(organization.MemberRequests
.Where(m => m.NewMember.Username.Equals(memberName, StringComparison.OrdinalIgnoreCase))
.SingleOrDefault());
}
public async Task <Membership> AddMemberAsync(Organization organization, string memberName, string confirmationToken)
{
organization = organization ?? throw new ArgumentNullException(nameof(organization));
var request = FindMembershipRequestByUsername(organization, memberName);
if (request == null || request.ConfirmationToken != confirmationToken)
{
throw new EntityException(string.Format(CultureInfo.CurrentCulture,
ServicesStrings.AddMember_MissingRequest, memberName));
}
var member = request.NewMember;
organization.MemberRequests.Remove(request);
if (!member.Confirmed)
{
throw new EntityException(string.Format(CultureInfo.CurrentCulture,
ServicesStrings.AddMember_UserNotConfirmed, memberName));
}
if (member is Organization)
{
throw new EntityException(string.Format(CultureInfo.CurrentCulture,
ServicesStrings.AddMember_UserIsOrganization, memberName));
}
var membership = FindMembershipByUsername(organization, memberName);
if (membership == null)
{
// Ensure that the new member meets the AAD tenant policy for this organization.
var policyResult = await SecurityPolicyService.EvaluateOrganizationPoliciesAsync(
SecurityPolicyAction.JoinOrganization, organization, member);
if (policyResult != SecurityPolicyResult.SuccessResult)
{
throw new EntityException(string.Format(CultureInfo.CurrentCulture,
ServicesStrings.AddMember_PolicyFailure, policyResult.ErrorMessage));
}
membership = new Membership()
{
Member = member,
IsAdmin = request.IsAdmin
};
organization.Members.Add(membership);
await Auditing.SaveAuditRecordAsync(new UserAuditRecord(organization, AuditedUserAction.AddOrganizationMember, membership));
}
else
{
// If the user is already a member, update the existing membership.
// If the request grants admin but this member is not an admin, grant admin to the member.
membership.IsAdmin = membership.IsAdmin || request.IsAdmin;
await Auditing.SaveAuditRecordAsync(new UserAuditRecord(organization, AuditedUserAction.UpdateOrganizationMember, membership));
}
await EntitiesContext.SaveChangesAsync();
return(membership);
}
public static Membership GetMembershipOfUser(this Organization organization, User member)
{
return(organization?.Members?.FirstOrDefault(m => m.Member.MatchesUser(member)));
}
public async Task <MembershipRequest> AddMembershipRequestAsync(Organization organization, string memberName, bool isAdmin)
{
organization = organization ?? throw new ArgumentNullException(nameof(organization));
var membership = FindMembershipByUsername(organization, memberName);
if (membership != null)
{
throw new EntityException(string.Format(CultureInfo.CurrentCulture,
ServicesStrings.AddMember_AlreadyAMember, memberName));
}
var request = FindMembershipRequestByUsername(organization, memberName);
if (request != null)
{
// If there is already an existing request, return it.
// If the existing request grants collaborator but we are trying to create a request that grants admin, update the request to grant admin.
request.IsAdmin = isAdmin || request.IsAdmin;
await EntitiesContext.SaveChangesAsync();
return(request);
}
if (Regex.IsMatch(memberName, ServicesConstants.EmailValidationRegex, RegexOptions.None, ServicesConstants.EmailValidationRegexTimeout))
{
throw new EntityException(ServicesStrings.AddMember_NameIsEmail);
}
var member = FindByUsername(memberName);
if (member == null)
{
throw new EntityException(string.Format(CultureInfo.CurrentCulture,
ServicesStrings.AddMember_UserNotFound, memberName));
}
if (!member.Confirmed)
{
throw new EntityException(string.Format(CultureInfo.CurrentCulture,
ServicesStrings.AddMember_UserNotConfirmed, memberName));
}
if (member is Organization)
{
throw new EntityException(string.Format(CultureInfo.CurrentCulture,
ServicesStrings.AddMember_UserIsOrganization, memberName));
}
// Ensure that the new member meets the AAD tenant policy for this organization.
var policyResult = await SecurityPolicyService.EvaluateOrganizationPoliciesAsync(
SecurityPolicyAction.JoinOrganization, organization, member);
if (policyResult != SecurityPolicyResult.SuccessResult)
{
throw new EntityException(policyResult.ErrorMessage);
}
request = new MembershipRequest()
{
Organization = organization,
NewMember = member,
IsAdmin = isAdmin,
ConfirmationToken = Crypto.GenerateToken(),
RequestDate = DateTime.UtcNow,
};
organization.MemberRequests.Add(request);
await EntitiesContext.SaveChangesAsync();
return(request);
}
public void TrackOrganizationAdded(Organization organization)
{
TrackMetricForOrganization(Events.OrganizationAdded, organization);
}