public GXActionDeleteResponse Post(GXActionDeleteRequest request) { IAuthSession s = this.GetSession(false); int id = Convert.ToInt32(s.Id); List <GXEventsItem> events = new List <GXEventsItem>(); lock (Db) { if (id == 0) { throw new ArgumentException("Remove failed. Invalid session ID."); } if (!GuruxAMI.Server.GXBasicAuthProvider.CanUserEdit(s)) { throw new ArgumentException("Remove not allowed."); } List <GXAmiUserActionLog> logs = new List <GXAmiUserActionLog>(); bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s); //Remove user group logs. if (request.UserGroupIDs != null) { foreach (long it in request.UserGroupIDs) { if (it == 0) { throw new ArgumentException("ID is required"); } if (!superAdmin && !GXUserGroupService.CanAccess(Db, id, it)) { throw new ArgumentException("Access denied."); } logs.AddRange(Db.Select <GXAmiUserActionLog>(p => p.UserID == it)); } } //Remove user logs. if (request.UserIDs != null) { foreach (long it in request.UserIDs) { if (it == 0) { throw new ArgumentException("ID is required"); } if (!superAdmin || id != it) { throw new ArgumentException("Access denied."); } logs.AddRange(Db.Select <GXAmiUserActionLog>(p => p.UserID == it)); } } //Remove Device logs. if (request.DeviceIDs != null) { foreach (ulong it in request.DeviceIDs) { if (it == 0) { throw new ArgumentException("ID is required"); } logs.AddRange(Db.Select <GXAmiUserActionLog>(p => p.TargetID == it)); } } //Remove Device group logs. if (request.DeviceGroupIDs != null) { foreach (ulong it in request.DeviceGroupIDs) { if (it == 0) { throw new ArgumentException("ID is required"); } logs.AddRange(Db.Select <GXAmiUserActionLog>(p => p.TargetID == it)); } } if (logs.Count == 0) { //Remove all log items. if (superAdmin) { logs.AddRange(Db.Select <GXAmiUserActionLog>()); } else //Remove all log items made by user. { logs.AddRange(Db.Select <GXAmiUserActionLog>(p => p.UserID == id)); } } foreach (GXAmiUserActionLog it in logs) { events.Add(new GXEventsItem(ActionTargets.DeviceError, Actions.Remove, it)); } Db.DeleteByIds <GXAmiUserActionLog>(logs); } AppHost host = this.ResolveService <AppHost>(); host.SetEvents(Db, this.Request, id, events); return(new GXActionDeleteResponse()); }
/// <summary> /// Get available users. /// </summary> public GXUsersResponse Post(GXUsersRequest request) { lock (Db) { IAuthSession s = this.GetSession(false); List <GXAmiUser> users; //Return info from logged user; if (request.UserID == -1) { int id = Convert.ToInt32(s.Id); if (id == 0) { throw new ArgumentException("Failed to get information from current user. Invalid session ID."); } users = GetUsers(s, Db, id, 0, false, true, null, SearchOperator.None, SearchType.All); } else if (request.UserID != 0) { users = GetUsers(s, Db, request.UserID, 0, request.Removed, true, null, SearchOperator.None, SearchType.All); } //Returns users who can access device. else if (request.DeviceID != 0) { throw new NotImplementedException(); } //Returns users who belong to user group. else if (request.UserGroupID != 0) { bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s); if (!superAdmin && !GXUserGroupService.CanAccess(Db, Convert.ToInt32(s.Id), request.UserGroupID)) { throw new ArgumentException("Access denied."); } users = GetUsers(s, Db, 0, request.UserGroupID, request.Removed, true, null, SearchOperator.None, SearchType.All); } else { //Return users who user can see. users = GetUsers(s, Db, 0, 0, request.Removed, true, null, SearchOperator.None, SearchType.All); } //Remove excluded users. if (request.Excluded != null && request.Excluded.Length != 0) { List <long> ids = new List <long>(request.Excluded); var excludeUsers = from c in users where !ids.Contains(c.Id) select c; users = excludeUsers.ToList(); } //Get users by range. if (request.Index != 0 || request.Count != 0) { if (request.Count == 0 || request.Index + request.Count > users.Count) { request.Count = users.Count - request.Index; } users.RemoveRange(0, request.Index); var limitUsers = users.Take(request.Count); users = limitUsers.ToList(); } //Password is not give to the caller. This is a security reason. foreach (GXAmiUser it in users) { it.Password = null; } return(new GXUsersResponse(users.ToArray())); } }
/// <summary> /// Delete selected user. /// </summary> /// <param name="request"></param> /// <returns></returns> public GXUserDeleteResponse Post(GXUserDeleteRequest request) { IAuthSession s = this.GetSession(false); int id = Convert.ToInt32(s.Id); if (id == 0) { throw new ArgumentException("Remove failed. Invalid session ID."); } if (!GuruxAMI.Server.GXBasicAuthProvider.CanUserEdit(s)) { throw new ArgumentException("Remove not allowed."); } List <GXEventsItem> events = new List <GXEventsItem>(); bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s); lock (Db) { foreach (int it in request.UserIDs) { if (it == 0) { throw new ArgumentException("ID is required"); } if (!superAdmin && !GXUserGroupService.CanAccess(Db, id, it)) { throw new ArgumentException("Access denied."); } #if !SS4 GXAmiUser user = Db.QueryById <GXAmiUser>(it); #else GXAmiUser user = Db.SingleById <GXAmiUser>(it); #endif //Remove user from the user group. if (request.GroupIDs != null && request.GroupIDs.Length != 0) { foreach (long gid in request.GroupIDs) { if (!superAdmin) { List <GXAmiUser> list = GetUsers(s, Db, 0, gid, false, false, null, SearchOperator.None, SearchType.All); if (list.Count == 1) { throw new ArgumentException("Remove not allowed."); } } string query = string.Format("UserGroupID = {0} AND UserID = {1}", gid, it); GXAmiUserGroupUser item = Db.Select <GXAmiUserGroupUser>(query)[0]; Db.Delete <GXAmiUserGroupUser>(item); #if !SS4 GXAmiUserGroup ug = Db.QueryById <GXAmiUserGroup>(gid); #else GXAmiUserGroup ug = Db.SingleById <GXAmiUserGroup>(gid); #endif events.Add(new GXEventsItem(ActionTargets.User, Actions.Edit, user)); events.Add(new GXEventsItem(ActionTargets.User, Actions.Edit, ug)); } } else //Remove user. { // You can not delete yourself. if (it == id) { throw new ArgumentException("Remove not allowed."); } if (request.Permanently) { Db.DeleteById <GXAmiUser>(it); } else { user.Removed = DateTime.Now.ToUniversalTime(); Db.UpdateOnly(user, p => p.Removed, p => p.Id == it); } events.Add(new GXEventsItem(ActionTargets.User, Actions.Remove, user)); //Remove all user groups of the user. long[] list = GXUserGroupService.GetUserGroups(Db, it); //TODO: Remove only if last user. foreach (long gid in list) { #if !SS4 GXAmiUserGroup ug = Db.QueryById <GXAmiUserGroup>(gid); #else GXAmiUserGroup ug = Db.SingleById <GXAmiUserGroup>(gid); #endif if (request.Permanently) { Db.DeleteById <GXAmiUserGroup>(gid); } else { ug.Removed = DateTime.Now.ToUniversalTime(); Db.UpdateOnly(ug, p => p.Removed, p => p.Id == gid); } events.Add(new GXEventsItem(ActionTargets.User, Actions.Edit, user)); events.Add(new GXEventsItem(ActionTargets.User, Actions.Edit, ug)); } } } } AppHost host = this.ResolveService <AppHost>(); host.SetEvents(Db, this.Request, id, events); return(new GXUserDeleteResponse()); }
/// <summary> /// Add new data collector. /// </summary> /// <param name="request"></param> /// <returns></returns> public GXDataCollectorUpdateResponse Put(GXDataCollectorUpdateRequest request) { GXAmiDataCollector[] collectors = request.Collectors; IAuthSession s = this.GetSession(false); long id; List <GXEventsItem> events = new List <GXEventsItem>(); lock (Db) { string lastIP; #if !SS4 lastIP = GuruxAMI.Server.AppHost.GetIPAddress(base.RequestContext); #else lastIP = "";//TODO; #endif using (var trans = Db.OpenTransaction(IsolationLevel.ReadCommitted)) { if (long.TryParse(s.Id, out id)) { //Normal user can't change add new data collectors. if (!GuruxAMI.Server.GXBasicAuthProvider.CanEditDevice(s)) { throw new ArgumentException("Access denied."); } bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s); //If user want's to add new data collectors. if (request.Collectors != null) { foreach (GXAmiDataCollector collector in request.Collectors) { if (collector.Id == 0) { collector.Guid = Guid.NewGuid(); collector.Added = DateTime.Now.ToUniversalTime(); Db.Insert(collector); #if !SS4 collector.Id = (ulong)Db.GetLastInsertId(); #else collector.Id = (ulong)Db.LastInsertId(); #endif events.Add(new GXEventsItem(ActionTargets.DataCollector, Actions.Add, collector)); } else { //If DC is added to user group it's state is no longer unassigned. bool assigned = false; if (collector.UnAssigned && request.UserGroupIDs != null) { events.Add(new GXEventsItem(ActionTargets.DataCollector, Actions.Remove, collector.Clone())); assigned = true; collector.UnAssigned = false; } Db.UpdateOnly(collector, p => p.MAC, p => p.Id == collector.Id); Db.UpdateOnly(collector, p => p.UnAssigned, p => p.Id == collector.Id); Db.UpdateOnly(collector, p => p.Name, p => p.Id == collector.Id); Db.UpdateOnly(collector, p => p.Description, p => p.Id == collector.Id); //If DC is assigned remove it first and then add like assigned. if (assigned) { events.Add(new GXEventsItem(ActionTargets.DataCollector, Actions.Add, collector)); } else { events.Add(new GXEventsItem(ActionTargets.DataCollector, Actions.Edit, collector)); } } //If data collector is added to device group. if (request.UserGroupIDs != null) { foreach (long it in request.UserGroupIDs) { //Can user access user group. if (!superAdmin && !GXUserGroupService.CanAccess(Db, id, it)) { throw new ArgumentException("Access denied."); } //Check that DC is not already added to the user group. List <GXAmiDataCollectorUserGroup> dcu = Db.Select <GXAmiDataCollectorUserGroup>(q => q.DataCollectorID == collector.Id && q.UserGroupID == it); if (dcu.Count == 0) { GXAmiDataCollectorUserGroup u = new GXAmiDataCollectorUserGroup(); u.DataCollectorID = collector.Id; u.UserGroupID = it; Db.Insert(u); #if !SS4 GXAmiUserGroup ug = Db.QueryById <GXAmiUserGroup>(it); #else GXAmiUserGroup ug = Db.SingleById <GXAmiUserGroup>(it); #endif events.Add(new GXEventsItem(ActionTargets.UserGroup, Actions.Edit, ug)); } } } } } //User is adding collector by MAC address. else if (request.MacAddress != null) { GXAmiDataCollector it = new GXAmiDataCollector(); collectors = new GXAmiDataCollector[] { it }; it.Guid = Guid.NewGuid(); s.UserAuthName = it.Guid.ToString(); it.Added = DateTime.Now.ToUniversalTime(); it.IP = lastIP; it.UnAssigned = true; if (request.MacAddress != null) { it.MAC = MacToString(request.MacAddress); } Db.Insert(it); #if !SS4 it.Id = (ulong)Db.GetLastInsertId(); #else it.Id = (ulong)Db.LastInsertId(); #endif events.Add(new GXEventsItem(ActionTargets.DataCollector, Actions.Add, it)); } else { throw new ArgumentNullException("MAC Address."); } } else { //DC is updating itself. if (request.MacAddress == null) { Guid guid; if (!GuruxAMI.Server.GXBasicAuthProvider.IsGuid(s.Id, out guid)) { throw new ArgumentException("Access denied."); } List <GXAmiDataCollector> tmp = Db.Select <GXAmiDataCollector>(q => q.Guid == guid); if (tmp.Count != 1) { throw new ArgumentException("Access denied."); } foreach (GXAmiDataCollector col in request.Collectors) { col.IP = lastIP; Db.Update(col); collectors = request.Collectors; events.Add(new GXEventsItem(ActionTargets.DataCollector, Actions.Edit, col)); } } else { List <GXAmiDataCollector> tmp = Db.Select <GXAmiDataCollector>(q => q.MAC == MacToString(request.MacAddress)); //If data collector is adding itself. //Check if DC is already try to add itself. if (tmp.Count == 0) { GXAmiDataCollector it = new GXAmiDataCollector(); collectors = new GXAmiDataCollector[] { it }; it.Guid = Guid.NewGuid(); s.UserAuthName = it.Guid.ToString(); it.Added = DateTime.Now.ToUniversalTime(); it.IP = lastIP; it.UnAssigned = true; if (request.MacAddress != null) { it.MAC = MacToString(request.MacAddress); } Db.Insert(it); #if !SS4 it.Id = (ulong)Db.GetLastInsertId(); #else it.Id = (ulong)Db.LastInsertId(); #endif events.Add(new GXEventsItem(ActionTargets.DataCollector, Actions.Add, it)); } else { collectors = new GXAmiDataCollector[] { tmp[0] }; } } } //Accept changes. trans.Commit(); } } AppHost host = this.ResolveService <AppHost>(); host.SetEvents(Db, this.Request, id, events); return(new GXDataCollectorUpdateResponse(collectors)); }