public async Task <IActionResult> GetAllUsersForTrustedService(string token, string objectId) { try { if (token != Consts.Security.StaticToken) { return(new ContentResult { StatusCode = 403 }); } var currentUser = new UserIdentityParams { Role = Consts.Roles.OperationsAdmin }; var user = await _userService.GetUserByIdAsync(objectId, currentUser); return(Ok(user)); } catch (ArgumentException ex) { return(BadRequest(new ValidationProblemDetails(new Dictionary <string, string[]>(new List <KeyValuePair <string, string[]> > { new KeyValuePair <string, string[]>(ex.ParamName ?? "Unknown", new string[] { ex.Message }) })))); } catch (KeyNotFoundException) { return(NotFound("User with current id not found")); } }
public async Task <IActionResult> Get([FromQuery] UserFilteringParams filter, [FromQuery] UserSortingParameters sorting) { try { var currentUser = new UserIdentityParams { Id = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.UserIdPropertyName)?.Value, Role = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.RoleClaimType)?.Value, CompanyId = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.CompanyIdClaimType)?.Value }; var users = await _userService.GetAllUsersAsync(currentUser, filter, sorting); _logger.LogInformation("Get all users requested by user with object id {id}, users: {users}", currentUser.Id, string.Join(",", users.Result.Select(user => $"{user.GivenName ?? ""} {user.Surname ?? ""}"))); return(Ok(users)); } catch (ArgumentException ex) { return(BadRequest(ex.Message)); } catch (AccessException) { return(new ContentResult { StatusCode = 403 }); } }
public async Task <IActionResult> Get(string id) { try { var currentUser = new UserIdentityParams { Id = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.UserIdPropertyName)?.Value, Role = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.RoleClaimType)?.Value, CompanyId = HttpContext.User.Claims.FirstOrDefault(x => x.Type == Consts.CompanyIdClaimType)?.Value }; var user = await _userService.GetUserByIdAsync(id, currentUser); _logger.LogInformation("Get user by id requested by user with object id {id},requested user name: {users}, id: {id}", currentUser.Id, $"{user.GivenName ?? ""} {user.Surname ?? ""}", user.ObjectId); return(Ok(user)); } catch (KeyNotFoundException ex) { return(NotFound(ex.Message)); } catch (ArgumentException ex) { return(BadRequest(ex.Message)); } catch (AccessException) { return(new ContentResult { StatusCode = 403 }); } }
public async Task <IActionResult> GetFilteredUsersForTrustedService(string token, [FromBody] UserFilteringParams filters) { try { if (token != Consts.Security.StaticToken) { return(new ContentResult { StatusCode = 403 }); } var currentUser = new UserIdentityParams { Role = Consts.Roles.OperationsAdmin }; var users = await _userService.GetAllUsersAsync(currentUser, filters); return(Ok(users)); } catch (ArgumentException ex) { return(BadRequest(new ValidationProblemDetails(new Dictionary <string, string[]>(new List <KeyValuePair <string, string[]> > { new KeyValuePair <string, string[]>(ex.ParamName ?? "Unknown", new string[] { ex.Message }) })))); } catch (AccessException) { return(new ContentResult { StatusCode = 403 }); } }
/// <inheritdoc /> public async Task <Profile> GetUserByIdAsync(string id, UserIdentityParams user) { if (string.IsNullOrEmpty(id)) { throw new ArgumentNullException(nameof(id)); } try { if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadOnlyRequester }) && id != user.Id) { throw new AccessException(); } var usersInCache = _cache.Get <List <AzureUser> >(Consts.Cache.UsersKey); if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadAll })) { var result = usersInCache.FirstOrDefault(x => x.ObjectId == id) ?? throw new KeyNotFoundException("User not found"); return(result?.Adapt <Profile>()); } if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadInCompany }) || _permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadOnlyRequester }) && !string.IsNullOrEmpty(user.CompanyId)) { var result = usersInCache.FirstOrDefault(x => x.ObjectId == id) ?? throw new KeyNotFoundException("User not found"); if (result == null && result?.CompanyId != user.CompanyId) { throw new AccessException(); } return(await Task.FromResult(result.Adapt <Profile>())); } throw new AccessException(); } catch (KeyNotFoundException) { throw; } }
/// <inheritdoc /> public async Task <LazyLoadedResult <Profile> > GetAllUsersAsync(UserIdentityParams user, UserFilteringParams filter = null, UserSortingParameters sorting = null) { await _permissionService.CheckPermissionExpiration(); if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadAll })) { return(await GetUsers(filter, sorting)); } if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadInCompany })) { filter.CompanyId = new List <string> { user.CompanyId }; return(await GetUsers(filter, sorting)); } if (_permissionService.CheckPermission(user.Role, new string[] { Consts.UsersReadPermission.ReadOnlyRequester })) { var salesRep = await GetUserByIdAsync(user.Id.ToString(), user); salesRep.AvatarUrl = FormUrlForDownloadUserAvatar(salesRep.ObjectId); return(new LazyLoadedResult <Profile>() { Result = new List <Profile> { salesRep.Adapt <Profile>() }, Limit = 1, Offset = 0, Total = 1 }); } throw new ArgumentException("Can not check you permission"); }