public async Task <IActionResult> GetAllUsersForTrustedService(string token, string objectId)
{
try
{
if (token != Consts.Security.StaticToken)
{
return(new ContentResult {
StatusCode = 403
});
}
var currentUser = new UserIdentityParams
{
Role = Consts.Roles.OperationsAdmin
};
var user = await _userService.GetUserByIdAsync(objectId, currentUser);
return(Ok(user));
}
catch (ArgumentException ex)
{
return(BadRequest(new ValidationProblemDetails(new Dictionary <string, string[]>(new List <KeyValuePair <string, string[]> >
{
new KeyValuePair <string, string[]>(ex.ParamName ?? "Unknown", new string[] { ex.Message })
}))));
}
catch (KeyNotFoundException)
{
return(NotFound("User with current id not found"));
}
}
public async Task <IActionResult> Get([FromQuery] UserFilteringParams filter, [FromQuery] UserSortingParameters sorting)
{
try
{
var currentUser = new UserIdentityParams
{
Id = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.UserIdPropertyName)?.Value,
Role = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.RoleClaimType)?.Value,
CompanyId = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.CompanyIdClaimType)?.Value
};
var users = await _userService.GetAllUsersAsync(currentUser, filter, sorting);
_logger.LogInformation("Get all users requested by user with object id {id}, users: {users}", currentUser.Id, string.Join(",", users.Result.Select(user => $"{user.GivenName ?? ""} {user.Surname ?? ""}")));
return(Ok(users));
}
catch (ArgumentException ex)
{
return(BadRequest(ex.Message));
}
catch (AccessException)
{
return(new ContentResult {
StatusCode = 403
});
}
}
public async Task <IActionResult> Get(string id)
{
try
{
var currentUser = new UserIdentityParams
{
Id = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.UserIdPropertyName)?.Value,
Role = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.RoleClaimType)?.Value,
CompanyId = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.CompanyIdClaimType)?.Value
};
var user = await _userService.GetUserByIdAsync(id, currentUser);
_logger.LogInformation("Get user by id requested by user with object id {id},requested user name: {users}, id: {id}", currentUser.Id, $"{user.GivenName ?? ""} {user.Surname ?? ""}", user.ObjectId);
return(Ok(user));
}
catch (KeyNotFoundException ex)
{
return(NotFound(ex.Message));
}
catch (ArgumentException ex)
{
return(BadRequest(ex.Message));
}
catch (AccessException)
{
return(new ContentResult {
StatusCode = 403
});
}
}
public async Task <IActionResult> GetFilteredUsersForTrustedService(string token, [FromBody] UserFilteringParams filters)
{
try
{
if (token != Consts.Security.StaticToken)
{
return(new ContentResult {
StatusCode = 403
});
}
var currentUser = new UserIdentityParams
{
Role = Consts.Roles.OperationsAdmin
};
var users = await _userService.GetAllUsersAsync(currentUser, filters);
return(Ok(users));
}
catch (ArgumentException ex)
{
return(BadRequest(new ValidationProblemDetails(new Dictionary <string, string[]>(new List <KeyValuePair <string, string[]> >
{
new KeyValuePair <string, string[]>(ex.ParamName ?? "Unknown", new string[] { ex.Message })
}))));
}
catch (AccessException)
{
return(new ContentResult {
StatusCode = 403
});
}
}
/// <inheritdoc />
public async Task <Profile> GetUserByIdAsync(string id, UserIdentityParams user)
{
if (string.IsNullOrEmpty(id))
{
throw new ArgumentNullException(nameof(id));
}
try
{
if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadOnlyRequester }) &&
id != user.Id)
{
throw new AccessException();
}
var usersInCache = _cache.Get <List <AzureUser> >(Consts.Cache.UsersKey);
if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadAll }))
{
var result = usersInCache.FirstOrDefault(x => x.ObjectId == id) ?? throw new KeyNotFoundException("User not found");
return(result?.Adapt <Profile>());
}
if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadInCompany }) ||
_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadOnlyRequester }) &&
!string.IsNullOrEmpty(user.CompanyId))
{
var result = usersInCache.FirstOrDefault(x => x.ObjectId == id) ?? throw new KeyNotFoundException("User not found");
if (result == null && result?.CompanyId != user.CompanyId)
{
throw new AccessException();
}
return(await Task.FromResult(result.Adapt <Profile>()));
}
throw new AccessException();
}
catch (KeyNotFoundException)
{
throw;
}
}
/// <inheritdoc />
public async Task <LazyLoadedResult <Profile> > GetAllUsersAsync(UserIdentityParams user, UserFilteringParams filter = null, UserSortingParameters sorting = null)
{
await _permissionService.CheckPermissionExpiration();
if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadAll }))
{
return(await GetUsers(filter, sorting));
}
if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadInCompany }))
{
filter.CompanyId = new List <string> {
user.CompanyId
};
return(await GetUsers(filter, sorting));
}
if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadOnlyRequester }))
{
var salesRep = await GetUserByIdAsync(user.Id.ToString(), user);
salesRep.AvatarUrl = FormUrlForDownloadUserAvatar(salesRep.ObjectId);
return(new LazyLoadedResult <Profile>()
{
Result = new List <Profile> {
salesRep.Adapt <Profile>()
},
Limit = 1,
Offset = 0,
Total = 1
});
}
throw new ArgumentException("Can not check you permission");
}
