public DocumentForSignatureValidator(
IAlfrescoHttpClient alfrescoHttpClient,
IIdentityUser identityUser,
IAlfrescoConfiguration alfrescoConfiguration,
ISimpleMemoryCache simpleMemoryCache,
ISystemLoginService systemLoginService)
{
var adminHttpClient = new AlfrescoHttpClient(alfrescoConfiguration, new AdminAuthentification(simpleMemoryCache, alfrescoConfiguration, systemLoginService));
RuleFor(o => o)
.Cascade(CascadeMode.StopOnFirstFailure)
.MustAsync(async(context, cancellationToken) =>
{
_nodeEntry = await alfrescoHttpClient.GetNodeInfo(context.NodeId, ImmutableList <Parameter> .Empty
.Add(new Parameter(AlfrescoNames.Headers.Include, $"{AlfrescoNames.Includes.Path}", ParameterType.QueryString)));
_groupPagingCurrentUser = await alfrescoHttpClient.GetPersonGroups(identityUser.Id);
_groupPagingNextOwner = await adminHttpClient.GetPersonGroups(context.Body.User);
return(_nodeEntry?.Entry?.Id != null && _groupPagingCurrentUser != null && _groupPagingNextOwner != null);
})
.WithName(x => nameof(x.NodeId))
.WithMessage("Something went wrong with alfresco server.")
.DependentRules(() =>
{
RuleFor(x => x)
.Must(y => _groupPagingCurrentUser?.List?.Entries?.Any(q => q.Entry.Id == identityUser.RequestGroup) ?? false)
.WithName(x => "Group")
.WithMessage($"User isn't member of group {identityUser.RequestGroup}.");
RuleFor(x => x)
.Must(y => _groupPagingNextOwner?.List?.Entries?.Any(q => q.Entry.Id == $"{y.Body.Group}_Sign") ?? false)
.WithName(x => "Group")
.WithMessage("User for signing isn't member of group with postfix _Sign.");
RuleFor(x => x.NodeId)
.Must(x => _nodeEntry?.Entry?.NodeType == SpisumNames.NodeTypes.Document)
.WithMessage($"NodeId must be type of {SpisumNames.NodeTypes.Document}.");
RuleFor(x => x)
.Must(x => _nodeEntry?.Entry?.Path?.Name?.StartsWith(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.Evidence, StringComparison.OrdinalIgnoreCase) == true)
.OnAnyFailure(x => throw new BadRequestException("Document must be in evidence site."));
RuleFor(x => x.NodeId)
.Must(x => _nodeEntry.Entry.Path.Name.Equals(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.EvidenceDocumentsForProcessing(identityUser.RequestGroup)) ||
_nodeEntry.Entry.Path.Name.Equals(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.EvidenceFilesDocumentsForProcessing(identityUser.RequestGroup)))
.WithMessage($"NodeId must be in path {SpisumNames.Paths.EvidenceDocumentsForProcessing(identityUser.RequestGroup)} or {SpisumNames.Paths.EvidenceFilesDocumentsForProcessing(identityUser.RequestGroup)}.");
});
RuleFor(x => x)
.Must(x => !string.IsNullOrEmpty(x?.Body?.User))
.When(x => x?.Body != null)
.WithName(x => nameof(x.Body.User))
.WithMessage("You have to fill user.");
RuleFor(x => x)
.Must(x => !string.IsNullOrEmpty(x?.Body?.Group))
.When(x => x?.Body != null)
.WithName(x => nameof(x.Body.Group))
.WithMessage("You have to fill group.");
}
public async Task <byte[]> DownloadFile(string token, string componentId)
{
var alfrescoClient = new AlfrescoHttpClient(_alfrescoConfiguration, new SignerAuthentification(_simpleMemoryCache, token));
var fileContent = await alfrescoClient.NodeContent(componentId);
return(fileContent.File);
}
public async Task UploadFile(string token, string documentId, string componentId, byte[] newComponent)
{
var alfrescoClient = new AlfrescoHttpClient(_alfrescoConfiguration, new SignerAuthentification(_simpleMemoryCache, token));
var nodeService = new NodesService(_alfrescoConfiguration, alfrescoClient, _auditLogService, _identityUser, _mapper, _simpleMemoryCache, _transactionHistoryService, _systemLoginService, _repositoryService);
var componentService = new ComponentService(alfrescoClient, nodeService, _personService, _identityUser, _auditLogService);
var nodeEntry = await alfrescoClient.GetNodeInfo(componentId, ImmutableList <Parameter> .Empty
.Add(new Parameter(AlfrescoNames.Headers.Include, $"{AlfrescoNames.Includes.Properties}, {AlfrescoNames.Includes.Path}", ParameterType.QueryString)));
var properties = nodeEntry?.Entry?.Properties?.As <JObject>().ToDictionary();
var pdfValidation = await _signerClient.Validate(newComponent);
var certValidation = await _signerClient.ValidateCertificate(pdfValidation?.Report?.sigInfos[0]?.signCert.Data);
await UnlockNode(alfrescoClient, documentId);
await UnlockNode(alfrescoClient, componentId);
await componentService.UploadNewVersionComponent(documentId, componentId, newComponent,
Path.ChangeExtension(properties.GetNestedValueOrDefault(SpisumNames.Properties.FileName)?.ToString(), ".pdf"), MediaTypeNames.Application.Pdf);
var node = await alfrescoClient.UpdateNode(componentId, GetSignerProperties(pdfValidation, certValidation, true));
await LockNode(alfrescoClient, documentId);
await LockNode(alfrescoClient, componentId);
try
{
var componentPid = nodeEntry?.GetPid();
// Audit log for a document
if (node?.Entry?.NodeType == SpisumNames.NodeTypes.Document)
{
await _auditLogService.Record(documentId, SpisumNames.NodeTypes.Component, componentPid, NodeTypeCodes.Komponenta, EventCodes.PripojeniPodpisu,
TransactinoHistoryMessages.DocumentSignComponent);
}
// Audit log for a file
var documentFileParent = await _alfrescoHttpClient.GetNodeParents(documentId, ImmutableList <Parameter> .Empty
.Add(new Parameter(AlfrescoNames.Headers.Include, AlfrescoNames.Includes.Properties, ParameterType.QueryString))
.Add(new Parameter(AlfrescoNames.Headers.Where, $"(assocType='{SpisumNames.Associations.Documents}')", ParameterType.QueryString))
.Add(new Parameter(AlfrescoNames.Headers.MaxItems, "1", ParameterType.QueryString)));
var fileId = documentFileParent?.List?.Entries?.FirstOrDefault()?.Entry?.Id;
if (fileId != null)
{
await _auditLogService.Record(fileId, SpisumNames.NodeTypes.Component, componentPid, NodeTypeCodes.Komponenta, EventCodes.PripojeniPodpisu,
TransactinoHistoryMessages.DocumentSignComponent);
}
}
catch (Exception ex)
{
Log.Logger?.Error(ex, "Audit log failed");
}
}
public DocumentBorrowValidator(IAlfrescoHttpClient alfrescoHttpClient,
IIdentityUser identityUser,
IAlfrescoConfiguration alfrescoConfiguration,
ISimpleMemoryCache simpleMemoryCache,
ISystemLoginService systemLoginService)
{
var adminHttpClient = new AlfrescoHttpClient(alfrescoConfiguration, new AdminAuthentification(simpleMemoryCache, alfrescoConfiguration, systemLoginService));
_identityUser = identityUser;
RuleFor(o => o)
.Cascade(CascadeMode.StopOnFirstFailure)
.MustAsync(async(context, cancellationToken) =>
{
_nodeEntry = await alfrescoHttpClient.GetNodeInfo(context.NodeId, ImmutableList <Parameter> .Empty
.Add(new Parameter(AlfrescoNames.Headers.Include, AlfrescoNames.Includes.Path, ParameterType.QueryString)));
var documentProperties = _nodeEntry?.Entry?.Properties?.As <JObject>().ToDictionary();
_borrowedUser = documentProperties.GetNestedValueOrDefault(SpisumNames.Properties.Borrower)?.ToString();
_groupPaging = await alfrescoHttpClient.GetPersonGroups(identityUser.Id);
_groupRepository = await alfrescoHttpClient.GetGroupMembers(SpisumNames.Groups.RepositoryGroup,
ImmutableList <Parameter> .Empty.Add(new Parameter(AlfrescoNames.Headers.Where, AlfrescoNames.MemberType.Group, ParameterType.QueryString)));
_groupPagingNextOwner = await adminHttpClient.GetPersonGroups(context.Body.User);
return(_nodeEntry?.Entry?.Id != null && _groupPaging != null && _groupPagingNextOwner != null && _groupRepository != null);
})
.WithName(x => nameof(x.NodeId))
.WithMessage("Something went wrong with alfresco server.")
.DependentRules(() =>
{
RuleFor(x => x)
.Must(y =>
{
return(_groupPagingNextOwner?.List?.Entries?.Any(q => q.Entry.Id == y.Body.Group) ?? false);
})
.WithName(x => "User")
.WithMessage("User isn't member of the Group.");
RuleFor(x => x)
.Must(y =>
{
return(_groupRepository?.List?.Entries?.Any(x => x.Entry.Id == identityUser.RequestGroup) ?? false);
})
.WithName(x => "User")
.WithMessage("User isn't member of repository group");
RuleFor(x => x)
.Must(y => _groupPaging?.List?.Entries?.Any(q => q.Entry.Id == identityUser.RequestGroup) ?? false)
.WithName(x => "Group")
.WithMessage($"User isn't member of group {identityUser.RequestGroup}.");
RuleFor(x => x.NodeId)
.Must(x => _nodeEntry.Entry.NodeType == SpisumNames.NodeTypes.Document)
.WithMessage($"NodeId must be type of {SpisumNames.NodeTypes.Document}.");
RuleFor(x => x)
.Must(x => _nodeEntry?.Entry?.Path?.Name?.StartsWith(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.RepositoryDocuments, StringComparison.OrdinalIgnoreCase) == true)
.OnAnyFailure(x => throw new BadRequestException("Document must be in repository site."));
RuleFor(x => x)
.Must(x => string.IsNullOrWhiteSpace(_borrowedUser))
.WithMessage("Document is already borrowed");
});
}
public DocumentOwnerHandOverValidator(
IAlfrescoHttpClient alfrescoHttpClient,
IIdentityUser identityUser,
IAlfrescoConfiguration alfrescoConfiguration,
ISimpleMemoryCache simpleMemoryCache,
ISystemLoginService systemLoginService)
{
var adminHttpClient = new AlfrescoHttpClient(alfrescoConfiguration, new AdminAuthentification(simpleMemoryCache, alfrescoConfiguration, systemLoginService));
_identityUser = identityUser;
RuleFor(o => o)
.Cascade(CascadeMode.StopOnFirstFailure)
.MustAsync(async(context, cancellationToken) =>
{
_nodeEntry = await alfrescoHttpClient.GetNodeInfo(context.NodeId, ImmutableList <Parameter> .Empty
.Add(new Parameter(AlfrescoNames.Headers.Include, $"{AlfrescoNames.Includes.Properties},{AlfrescoNames.Includes.Permissions},{AlfrescoNames.Includes.Path}", ParameterType.QueryString)));
_groupPagingCurrentUser = await alfrescoHttpClient.GetPersonGroups(identityUser.Id);
if (context?.Body?.NextOwner != null)
{
_groupPagingNextOwner = await adminHttpClient.GetPersonGroups(context.Body.NextOwner);
}
return(_nodeEntry?.Entry?.Id != null && _groupPagingCurrentUser != null);
})
.WithName(x => nameof(x.NodeId))
.WithMessage("Something went wrong with alfresco server.")
.DependentRules(() =>
{
RuleFor(x => x)
.Must(y =>
{
if (y?.Body?.NextOwner == null)
{
return(true);
}
return(_groupPagingNextOwner?.List?.Entries?.Any(q => q.Entry.Id == y.Body.NextGroup) ?? false);
})
.WithName(x => "Group")
.WithMessage("NextOwner isn't member of group NextGroup.");
RuleFor(x => x)
.Must(y => _groupPagingCurrentUser?.List?.Entries?.Any(q => q.Entry.Id == identityUser.RequestGroup) ?? false)
.WithName(x => "Group")
.WithMessage($"User isn't member of group {identityUser.RequestGroup}.");
RuleFor(x => x)
.Must(x => _nodeEntry?.Entry?.Path?.Name?.StartsWith(AlfrescoNames.Prefixes.Path + SpisumNames.Paths.Evidence, StringComparison.OrdinalIgnoreCase) == true)
.OnAnyFailure(x => throw new BadRequestException("Document must be in evidence site."));
RuleFor(x => x.NodeId)
.Must(x => _nodeEntry?.Entry?.NodeType == SpisumNames.NodeTypes.Document || _nodeEntry?.Entry?.NodeType == SpisumNames.NodeTypes.File || _nodeEntry?.Entry?.NodeType == SpisumNames.NodeTypes.Concept)
.WithMessage($"NodeId must be type of {SpisumNames.NodeTypes.Document} or {SpisumNames.NodeTypes.File} or {SpisumNames.NodeTypes.Concept}");
RuleFor(x => x.NodeId)
.Must(HasAction)
.WithName(x => nameof(x.NodeId))
.WithMessage("NodeIs is being handled to different owner. You have cancel it first.");
RuleFor(x => x.NodeId)
.Must(CanUserMakeAction)
.WithMessage("User has no access to this action.");
});
RuleFor(x => x)
.Must(x => !string.IsNullOrEmpty(x?.Body?.NextOwner) || !string.IsNullOrEmpty(x?.Body?.NextGroup))
.WithName(x => nameof(x.Body.NextOwner))
.WithMessage("You have to fill nextGroup or nextOwner.");
RuleFor(x => x)
.Must(x => x?.Body?.NextOwner == null || !string.IsNullOrEmpty(x?.Body?.NextGroup))
.WithName(x => nameof(x.Body.NextGroup))
.WithMessage("You have to fill NextGroup.");
}
