public async Task <IActionResult> Backseat(int fleetId)
{
var fleet = await _Db.Fleets.Where(c => c.Id == fleetId && c.ClosedAt == null).FirstOrDefaultAsync();
if (fleet == null)
{
// Fleet not found
return(NotFound("Fleet not found."));
}
Account account = await _Db.Accounts.FindAsync(User.AccountId());
if (account == null)
{
return(BadRequest("Account not found."));
}
try
{
fleet.BackseatAccount = account;
await _Db.SaveChangesAsync();
return(Ok());
}
catch (Exception ex)
{
_Logger.LogError("Cannot set the fleet backseat (Fleet ID: {0}) {1} {2}", fleet.Id, account.Name, ex.Message);
return(BadRequest("Error setting the backseat."));
}
}
public async Task <IActionResult> Index(IFormCollection request)
{
// Parse inputs as ints
int.TryParse(request._str("account_id"), out int accountId);
int.TryParse(request._str("role_id"), out int roleId);
string accountName = request._str("account_name");
// Validate to ensure the required fields were returned.
if (accountId == 0 && String.IsNullOrEmpty(accountName) || roleId == 0)
{
return(BadRequest("Invalid role or account ID/Name provided"));
}
var account = await _Db.Accounts.Where(a => a.Name == accountName || a.Id == accountId).Include(i => i.AccountRoles).SingleOrDefaultAsync();
var role = await _Db.Roles.FindAsync(roleId);
// User account does not exist
if (account == null)
{
return(NotFound("Account not found."));
}
// Stops a user from changing their own role
if (account.Id == User.AccountId())
{
return(Unauthorized("You are not allowed to add your own groups"));
}
// Stop the target account from being added to the same role twice (Would cause a fatal crash)
if (account.AccountRoles.Where(c => c.Role == role).FirstOrDefault() != null)
{
return(Conflict($"{account.Name} has already been assigned to {role.Name}"));
}
// Role doesn't exist
if (role == null)
{
return(NotFound("Role not found."));
}
try
{
await _Db.AccountRoles.AddAsync(new Models.AccountRole
{
AccountId = account.Id,
RoleId = role.Id,
});
await _Db.SaveChangesAsync();
_Logger.LogInformation("{0} has added the {1} role to {2}", User.AccountName(), role.Name, account.Name);
return(Ok());
}
catch (Exception ex)
{
_Logger.LogWarning("AddRole: Error granting role to {0} : {1}", account.Name, ex.Message);
return(BadRequest(ex.Message));
}
}
public async Task <IActionResult> JabberNotificationSetting(IFormCollection request)
{
Account account = await _Db.Accounts.FindAsync(User.AccountId());
account.JabberNotifications = (request._str("notificationsEnabled").ToLower() == "true")? true : false;
await _Db.SaveChangesAsync();
return(Ok());
}
public async Task <IActionResult> UpdateShip(IFormCollection request)
{
ShipType ship = await _Db.ShipTypes.FindAsync(request._int("ship_id"));
ship.Queue = (Queue)request._int("queue_id");
await _Db.SaveChangesAsync();
return(Ok());
}
public async Task <IActionResult> ShowInfo(IFormCollection request)
{
int target_id = request._int("target_id");
Pilot pilot = await _Db.Pilots.FindAsync(Request.Cookies.PreferredPilotId());
await pilot.UpdateToken();
EsiWrapper.ShowInfo((AuthorizedCharacterData)pilot, target_id);
await _Db.SaveChangesAsync();
return(Ok());
}
public async Task <IActionResult> Index(IFormCollection request)
{
if (request._str("banReason") == "" || request._str("accountName") == "")
{
return(BadRequest());
}
int AdminId = User.AccountId();
var BannedAccount = await _Db.Accounts.FirstOrDefaultAsync(c => c.Name == request._str("accountName"));
if (BannedAccount == null)
{
return(NotFound(string.Format("The account {0} was not found", request._str("accountName"))));
}
if (AdminId == BannedAccount.Id)
{
return(Forbid("You cannot ban yourself"));
}
try
{
Ban ban = new Ban()
{
AdminId = AdminId,
BannedAccountId = BannedAccount.Id,
Reason = request._str("banReason"),
//Expires at is disabled until I can spend enough time to use a proper Jquery date picker
ExpiresAt = null,//Ban.BanExpiryDate(request["expires_at"]),
CreatedAt = DateTime.UtcNow,
UpdatedAt = DateTime.UtcNow
};
_Logger.LogInformation("{0} is issuing a ban against {1}", User.AccountName(), request._str("accountName"));
await _Db.Bans.AddAsync(ban);
await _Db.SaveChangesAsync();
}
catch (Exception ex)
{
_Logger.LogWarning("Error issuing a new ban: {1}", ex.Message);
return(BadRequest("Failed to issue ban."));
}
return(Ok());
}
EnsureInDatabase(int typeId, Data.WaitlistDataContext _Db)
{
ShipType ship = await _Db.ShipTypes.FindAsync(typeId);
if (ship != null)
{
return;
}
var esiResponse = await EsiWrapper.GetShipTypeAsync(typeId);
if (esiResponse.FirstOrDefault() == null)
{
return;
}
ship = new ShipType
{
Id = typeId,
Name = esiResponse[0].Name
};
await _Db.AddAsync(ship);
await _Db.SaveChangesAsync();
return;
}
public async Task <IActionResult> SaveAnnouncment(IFormCollection request)
{
try
{
Announcement announcement = new Announcement
{
CreatorAdminId = User.AccountId(),
Type = request._str("type") != "" ? request._str("type") : "primary",
Message = request._str("message"),
CreatedAt = DateTime.UtcNow
};
await _Db.AddAsync(announcement);
await _Db.SaveChangesAsync();
return(Ok());
}
catch (Exception ex)
{
_Logger.LogError("Error creating an announcment. The admin was {0}: {1}", User.AccountName(), ex.Message);
return(BadRequest(ex.Message));
}
}
public async Task <IActionResult> Callback(string code, string state)
{
// Verify a code and state query parameter was returned.
if (code == null || state == null)
{
_Logger.LogWarning("GICE Callback Error: One or more of the query parameters are missing. State: {0}. Code: {1}", state, code);
return(StatusCode(452));
}
// Verify the state to protect against CSRF attacks.
if (HttpContext.Session.GetString("state") != state)
{
_Logger.LogWarning("GICE Callback Error: Invalid state returned.");
HttpContext.Session.Remove("state");
return(StatusCode(452));
}
// Clear the state session
HttpContext.Session.Remove("state");
// Set the callback URL
_GiceConfig.CallbackUrl = Url.Action("Callback", "Gice", null, "https").ToLower();
GiceClientv2 gice = new GiceClientv2(_GiceConfig);
Dictionary <string, string> ClaimsDict = gice.VerifyCode(code);
if (ClaimsDict.Count == 0)
{
_Logger.LogWarning("GICE Callback Error: The JwtVerify method failed.");
return(StatusCode(452));
}
// Do we have an account for this GSF User?
int gice_id = int.Parse(ClaimsDict["sub"]);
var waitlist_account = await _Db.Accounts.FindAsync(gice_id);
if (waitlist_account != null)
{
// Update and save user account
waitlist_account.Name = ClaimsDict["name"];
waitlist_account.LastLogin = DateTime.UtcNow;
waitlist_account.LastLoginIP = _RequestorIP.MapToIPv4().ToString();
await _Db.SaveChangesAsync();
}
else
{
// User doesn't exist, create a new account
waitlist_account = new Account()
{
Id = gice_id,
Name = ClaimsDict["name"],
RegisteredAt = DateTime.UtcNow,
JabberNotifications = true,
LastLogin = DateTime.UtcNow,
LastLoginIP = _RequestorIP.MapToIPv4().ToString()
};
await _Db.AddAsync(waitlist_account);
await _Db.SaveChangesAsync();
}
// Attempt to log the user in
await LoginUserUsingId(waitlist_account.Id);
_Logger.LogDebug("{0} has logged in.", ClaimsDict["name"]);
return(Redirect("~/pilot-select"));
}
public async Task <IActionResult> Callback(string code, string state)
{
// Verify a code and state query parameter was returned.
if (code == null || state == null)
{
_Logger.LogWarning("Eve Callback Error: One or more of the query parameters are missing. State: {0}. Code: {1}", state, code);
return(StatusCode(452));
}
// Verify the state to protect against CSRF attacks.
if (HttpContext.Session.GetString("state") != state)
{
_Logger.LogWarning("Eve Callback Error: Invalid state returned.");
HttpContext.Session.Remove("state");
return(StatusCode(452));
}
// Clear the state session
HttpContext.Session.Remove("state");
ESI.NET.EsiClient s_client = EsiWrapper.GetEsiClient();
SsoToken token = await s_client.SSO.GetToken(GrantType.AuthorizationCode, code);
AuthorizedCharacterData n_pilot = await s_client.SSO.Verify(token);
long corporation_id = (long)n_pilot.CorporationID;
Corporation.EnsureInDatabase(corporation_id, _Db);
var pilot = await _Db.Pilots.FindAsync(n_pilot.CharacterID);
if (pilot == null)
{
// User doesn't exist, create a new account
pilot = new Pilot()
{
CharacterID = n_pilot.CharacterID,
AccountId = User.AccountId(),
CharacterName = n_pilot.CharacterName,
CorporationID = corporation_id,
RefreshToken = n_pilot.RefreshToken,
Token = n_pilot.Token,
UpdatedAt = DateTime.UtcNow,
RegisteredAt = DateTime.UtcNow,
};
await _Db.AddAsync(pilot);
await _Db.SaveChangesAsync();
_Logger.LogDebug("{0} has linked the pilot {1} to their account.", User.FindFirst("name").Value, pilot.CharacterName);
//TODO: alert user that it worked
return(Redirect("/pilot-select"));
}
else if (!pilot.IsLinked() || pilot.BelongsToAccount(int.Parse(User.FindFirst("id").Value)))
{
// Update the pilot information - This may include a new account if it was unlinked.
pilot.AccountId = User.AccountId();
pilot.CharacterName = n_pilot.CharacterName;
pilot.CorporationID = corporation_id;
pilot.RefreshToken = n_pilot.RefreshToken;
pilot.Token = n_pilot.Token;
pilot.UpdatedAt = DateTime.UtcNow;
await _Db.SaveChangesAsync();
_Logger.LogDebug("{0} has updated the pilot {1} that is linked to their account.", User.FindFirst("name").Value, pilot.CharacterName);
//TODO: alert user that it worked
return(Redirect("/pilot-select"));
}
//TODO: alert user that it failed
_Logger.LogDebug("{0} has tried to link {1} to their account, however it is linked to someone else’s account.", User.AccountName(), pilot.CharacterName);
return(Redirect("/pilot-select"));
}