public static void Execute(int electionId, IJobCancellationToken cancellationToken)
{
using (var db = new VotingDbContext())
{
Election election = db.Elections.Find(electionId);
if (election == null)
{
throw new ArgumentOutOfRangeException(nameof(electionId), "No election with such id");
}
if (election.DisableAutomaticEligibility)
{
// Nothing to do
return;
}
using (var timetable = new TimetableDbContext())
{
IEnumerable <ElectionEligibilityEntry> electionEntries =
EligibilityGenerator.GenerateElectionEntries(election, timetable.Users);
cancellationToken.ThrowIfCancellationRequested();
IEnumerable <PositionEligibilityEntry> positionEntries =
EligibilityGenerator.GeneratePositionEntries(election, timetable.Users, db);
cancellationToken.ThrowIfCancellationRequested();
// Note that we cannot dispose the timetable db context here
// since the queries are only "planned" yet and not actually executed
// Save election entries, only ones that do not exist in database
AddNewEntries(
electionEntries, db.ElectionEligibilityEntries,
(entry, set) => set.Find(entry.Username, entry.Election.Id)
);
cancellationToken.ThrowIfCancellationRequested();
// Save position entries, only ones that do not exist in database
AddNewEntries(
positionEntries, db.PositionEligibilityEntries,
(entry, set) => set.Find(entry.Username, entry.Position.Id)
);
cancellationToken.ThrowIfCancellationRequested();
db.SaveChanges();
}
}
}
public DepartmentsRepository(TimetableDbContext dbContext) : base(dbContext)
{
_dbContext = dbContext;
}
public TermsRepository(TimetableDbContext dbContext) : base(dbContext)
{
_dbContext = dbContext;
}
public ModulesRepository(TimetableDbContext dbContext) : base(dbContext)
{
_dbContext = dbContext;
}
public ClassroomsRepository(TimetableDbContext dbContext) : base(dbContext)
{
_dbContext = dbContext;
}
public SemestersRepository(TimetableDbContext dbContext) : base(dbContext)
{
_dbContext = dbContext;
}
public ActionResult LoginSso(string timetableToken, string returnUrl)
{
if (AuthHelpers.IsAuthenticated(User))
{
return(RedirectAfterLogin(true));
}
if (timetableToken == null)
{
// Store the return URL in session to use it when the user comes back
if (!string.IsNullOrWhiteSpace(returnUrl))
{
Session[ReturnUrlKey] = returnUrl;
}
return(RedirectToSso());
}
if (!Guid.TryParse(timetableToken, out Guid tokenGuid))
{
AuthHelpers.Logger.Information(
"SSO Fail: failed to parse token GUID '{token}' from {UserHostAddress} ",
timetableToken, Request.UserHostAddress
);
return(FailCallback());
}
TimetableDbContext timetableDb = new TimetableDbContext();
AuthToken token = timetableDb.AuthTokens.Find(tokenGuid);
if (token == null || token.UserHostAddress != Request.UserHostAddress)
{
AuthHelpers.Logger.Information(
"SSO Fail: Token {Guid} not found or UserHostAddress ({UserHostAddress}) doesn't match",
tokenGuid, Request.UserHostAddress
);
return(FailCallback());
}
AuthSession session = timetableDb.AuthSessions.Find(token.SessionGuid);
if (session == null || session.ExpiresAt < DateTime.Now)
{
AuthHelpers.Logger.Information(
"SSO Fail: Session for token {Guid} not found or it has expired. UserHostAddress: {UserHostAddress}",
tokenGuid, Request.UserHostAddress
);
return(FailCallback());
}
TimetableUserEntry user = new TimetableUserRepository(timetableDb)
.GetByUsername(session.UserEmail);
if (user == null || user.UserId != TimetableUserEntry.NormalizeUsernameToId(session.UserEmail))
{
AuthHelpers.Logger.Information(
"SSO Fail: Session for token {Guid} failed to match a timetable user. UserHostAddress: {UserHostAddress}",
tokenGuid, Request.UserHostAddress
);
return(FailCallback());
}
// All good, sign in
timetableDb.AuthTokens.Remove(token);
timetableDb.SaveChanges();
ClaimsIdentity identity = new ClaimsIdentity(
new[]
{
// These 2 are required for default antiforgery provider
new Claim(ClaimTypes.NameIdentifier, user.UserId),
new Claim(
"http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider",
"ASP.NET Identity",
"http://www.w3.org/2001/XMLSchema#string"
),
// Additional stuff
new Claim(ClaimTypes.Role, user.IsStudentSupport ? Roles.StudentSupport : Roles.Student),
new Claim(ClaimTypes.Name, user.Fullname),
new Claim(AuthHelpers.TimetableSessionClaim, session.Guid.ToString())
},
DefaultAuthenticationTypes.ApplicationCookie
);
Session[FailedSsoAttemptsKey] = 0;
HttpContext.GetOwinContext().Authentication.SignIn(
new AuthenticationProperties
{
IsPersistent = true // We validate on every request anyway, so prevent needless redirects
},
identity
);
AuthHelpers.Logger.Information(
"SSO Success: token {Guid} was used for successful sign in by {UserId}. UserHostAddress: {UserHostAddress}",
tokenGuid, user.UserId, Request.UserHostAddress
);
return(RedirectAfterLogin());
}
public Repository(TimetableDbContext dbContext)
{
_dbContext = dbContext;
}
public TimetableUserRepository(TimetableDbContext db)
{
this.db = db;
}
public LecturersRepository(TimetableDbContext dbContext) : base(dbContext)
{
_dbContext = dbContext;
}
public UnitOfWork(TimetableDbContext dbContext)
{
_dbContext = dbContext;
}
public WeekdaysRepository(TimetableDbContext dbContext) : base(dbContext)
{
_dbContext = dbContext;
}
public SubjectsRepository(TimetableDbContext dbContext) : base(dbContext)
{
_dbContext = dbContext;
}
/// <summary>
/// Configures the authentication system
/// </summary>
private static void ConfigureAuth(IAppBuilder app)
{
if (AppAuthConfiguration.Get().DebugMode)
{
// Fake login page with username only
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString($"/{AuthHelpers.LoginPath}"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = context =>
{
if (context.Identity.Claims.All(claim => claim.Type != AuthHelpers.DebugModeClaim))
{
context.RejectIdentity();
context.OwinContext.Authentication.SignOut(context.Options.AuthenticationType);
}
return(Task.CompletedTask);
}
}
});
}
else
{
// Real SSO mode
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString($"/{AuthHelpers.LoginPath}"),
ExpireTimeSpan = TimeSpan.FromDays(30),
SlidingExpiration = true,
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = async context =>
{
if (context.Identity.Claims.Any(claim => claim.Type == AuthHelpers.DebugModeClaim))
{
context.RejectIdentity();
context.OwinContext.Authentication.SignOut(context.Options.AuthenticationType);
return;
}
Claim sessionGuidClaim = context.Identity.Claims
.FirstOrDefault(claim => claim.Type == AuthHelpers.TimetableSessionClaim);
if (sessionGuidClaim == null)
{
context.RejectIdentity();
context.OwinContext.Authentication.SignOut(context.Options.AuthenticationType);
return;
}
TimetableDbContext timetableDb = new TimetableDbContext();
AuthSession session =
await timetableDb.AuthSessions.FindAsync(new Guid(sessionGuidClaim.Value));
if (session == null || session.ExpiresAt < DateTime.Now)
{
context.RejectIdentity();
context.OwinContext.Authentication.SignOut(context.Options.AuthenticationType);
return;
}
TimetableUserEntry user = await new TimetableUserRepository(timetableDb)
.GetByUsernameAsync(session.UserEmail);
if (user == null || user.UserId != context.Identity.GetUserId())
{
context.RejectIdentity();
context.OwinContext.Authentication.SignOut(context.Options.AuthenticationType);
}
}
}
});
}
}
public static void Execute(int electionId, IJobCancellationToken cancellationToken)
{
TimetableDbContext timetableDb = new TimetableDbContext();
VotingDbContext db = new VotingDbContext();
Election election = db.Elections.Find(electionId);
if (election == null)
{
throw new ArgumentOutOfRangeException(nameof(electionId), "No election with such id");
}
if (election.Type != ElectionType.CourseRepresentative)
{
throw new Exception("Election must be of type " + ElectionType.CourseRepresentative);
}
if (!election.PositionGenerationInProcess)
{
throw new Exception($"Election {election.Name} is not pending position generation");
}
// Generate the list as it is intended to be now
List <RepresentativePositionData> desiredPositionDatas = timetableDb.Users
.WhereIsStudentActive()
.Select(entry => new { entry.ProgrammeName, entry.ExpectedGraduationYearString })
.Distinct()
.AsEnumerable()
.Select(combination =>
{
var data = new RepresentativePositionData
{
ProgrammeName = combination.ProgrammeName,
ExpectedGraduationYearString = combination.ExpectedGraduationYearString,
PositionCommon = new VotablePosition {
Election = election
}
};
data.SetPositionName();
return(data);
})
.ToList();
// Get the current positions in DB
List <RepresentativePositionData> matchedDesiredDatas = new List <RepresentativePositionData>();
IQueryable <RepresentativePositionData> positionsDataFromDb = db.RepresentativePositionData
.Where(data => data.PositionCommon.ElectionId == electionId);
foreach (RepresentativePositionData existingPositionData in positionsDataFromDb)
{
RepresentativePositionData matchingDesiredData = desiredPositionDatas.FirstOrDefault(desiredData =>
existingPositionData.ProgrammeName == desiredData.ProgrammeName &&
existingPositionData.ExpectedGraduationYearString == desiredData.ExpectedGraduationYearString
);
if (matchingDesiredData != null)
{
// Found matching entry. Apply the position name in case the naming logic changed
existingPositionData.PositionCommon.HumanName = matchingDesiredData.PositionCommon.HumanName;
matchedDesiredDatas.Add(matchingDesiredData);
}
else
{
// Did not match - no longer needed
db.RepresentativePositionData.Remove(existingPositionData);
}
}
// Add the new positions (that didn't match existing) to the db
db.RepresentativePositionData.AddRange(desiredPositionDatas.Except(matchedDesiredDatas));
// Make sure we are allowed to submit our changes
cancellationToken.ThrowIfCancellationRequested();
// We are done
election.PositionGenerationInProcess = false;
db.SaveChanges();
}
