CDP-Functions-Migration/CDP-LTS-80/CDPLite.cs

using Microsoft.AspNetCore.Mvc;
using Microsoft.Azure.Cosmos;
using Microsoft.Extensions.Logging;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace CDP
{
    public class CDPLite
    {
        private readonly ILogger<CDPLite> _logger;
        private static string FileAuditContainer = "FileAudits";
        private static string UserAuditContainer = "UserAudits";
        private static string GroupAuditContainer = "GroupAudits";
        private static string TenantAuditContainer = "TenantAudits";

        public CDPLite(ILogger<CDPLite> log)
        {
            _logger = log;
        }

        internal static async Task<IActionResult> AddFileUserInternal(AddFileUserDto dto)
        {
            // check to see if the email has the power to add a user
            string userId = Helpers.HashAndShortenText(dto.Email.ToLower());

            FileRecord fr = await CDPDB.GetFile(dto.AppKey, dto.FileId, userId);
            if (fr == null)
            {
                string message = string.Format($"{dto.Email} attempted to add/change access policy for {dto.EmailToAdd} on {dto.FileName} file having {dto.FileId} id, but didn't have ANY access");
                Console.WriteLine(message);
                string action = "Policy change failed";
                await AddAudits(dto.AppKey, dto.FileId, dto.FileName, userId, "", action, message);

                return new BadRequestObjectResult(new { error = true, message = "File not found for user " + dto.Email });
            }

            if ((!fr.Policy.CheckAccess("Manage")) && (!fr.Policy.CheckAccess("Owner")))
            {
                string message = string.Format($"{dto.Email} attempted to add/change access policy for {dto.EmailToAdd} on {dto.FileName} file having {dto.FileId} id, but didn't have manage access");
                Console.WriteLine(message);
                string action = "Policy change failed";
                await AddAudits(dto.AppKey, dto.FileId, dto.FileName, userId, "", action, message);
                return new BadRequestObjectResult(new { error = true, message = $"{dto.Email} doesn't have the rights to add a user." });
            }

            string fileId = dto.FileId;
            string fileName = dto.FileName;
            string userIdToAdd = "";

            if (dto.EmailToAdd != "")
            {
                userIdToAdd = Helpers.HashAndShortenText(dto.EmailToAdd.ToLower());
            }
            else if (dto.Group != null)
            {
                userIdToAdd = dto.GroupId;
            }
            else if (dto.Group != null)
            {
                userIdToAdd = dto.GroupId;
            }

            AccessPolicy ac = new AccessPolicy()
            {
                Access = dto.Policy,
                Email = dto.EmailToAdd.ToLower(),
                Group = dto.Group,
                GroupId = dto.GroupId,
                Key = ""
            };

            fr = await CDPDB.UpsertFile(dto.AppKey, fileId, fileName, userIdToAdd, "", ac);

            if (dto.EmailToAdd != "")
            {
                string message = string.Format($"{dto.Email} added/changed the access policy for User : {dto.EmailToAdd} to {dto.Policy} on {fileName} file having {fileId} id");
                string action = "Policy change";
                await AddAudits(dto.AppKey, fileId, fileName, userId, "", action, message);
            }

            if (dto.Group != null)
            {
                string message = string.Format($"{dto.Email} added/changed the access policy for Group : {dto.Group} to {dto.Policy} on {fileName} file having {fileId} id");
                string action = "Policy change";
                await AddAudits(dto.AppKey, fileId, fileName, "", dto.Group.id, action, message);
            }
            return new OkObjectResult(fr);
        }

        public static async Task AddAudits(string appKey, string fileId, string fileName, string userId, string groupid, string action, string message)
        {
            if (string.IsNullOrEmpty(appKey) || string.IsNullOrEmpty(fileId) || string.IsNullOrEmpty(action) || string.IsNullOrEmpty(message))
            {
                Console.WriteLine(string.Format("something weird? appKey, fileId, action, message: {0} {1} {2} {3}", appKey, fileId, action, message));
                return;
            }
                

            AuditRecord faRec = new FileAuditRecord()
            {
                AppKey = appKey,
                FileId = fileId,
                FileName = fileName,
                UserId = userId,
                GroupId = groupid,
                Action = action,
                Message = message,
                EventTime = DateTime.UtcNow,
            };
            Console.WriteLine("Adding File Audit Record");
            await AuditDB.AppendRecord(faRec.id, faRec, FileAuditContainer);

            AuditRecord faRecTenant = new TenantAuditRecord()
            {
                AppKey = appKey,
                FileId = fileId,
                FileName = fileName,
                UserId = userId,
                GroupId = groupid,
                Action = action,
                Message = message,
                EventTime = DateTime.UtcNow,
            };

            await AuditDB.AppendRecord(faRecTenant.id, faRecTenant, TenantAuditContainer);

            if (!string.IsNullOrEmpty(groupid))
            {
                AuditRecord faRecGroup = new GroupAuditRecord()
                {
                    AppKey = appKey,
                    FileId = fileId,
                    FileName = fileName,
                    UserId = userId,
                    GroupId = groupid,
                    Action = action,
                    Message = message,
                    EventTime = DateTime.UtcNow,
                };

                await AuditDB.AppendRecord(faRecGroup.id, faRecGroup, GroupAuditContainer);
            }

            AuditRecord faRecUser = new UserAuditRecord()
            {
                AppKey = appKey,
                FileId = fileId,
                FileName = fileName,
                UserId = userId,
                GroupId = groupid,
                Action = action,
                Message = message,
                EventTime = DateTime.UtcNow,
            };

            await AuditDB.AppendRecord(faRecUser.id, faRecUser, UserAuditContainer);

        }
        /// <summary>
        ///  Adds the audit record on a background thread.
        /// </summary>
        private static async Task AddFileAudit(AuditRecord far)
        {
            await AuditDB.AppendRecord(far.id, far, FileAuditContainer);

        }

        private static async Task AddUserAudit(AuditRecord far)
        {
            await AuditDB.AppendRecord(far.id, far, UserAuditContainer);
        }

        private static async Task AddTenantAudit(AuditRecord far)
        {
            await Task.Run(async () =>
            {
                try
                {
                    await AuditDB.AppendRecord(far.id, far, TenantAuditContainer);
                }
                catch (Exception e)
                {
                }
            });

        }

        private static async Task AddGroupAudit(AuditRecord far)
        {
            await Task.Run(async () =>
            {
                try
                {
                    await AuditDB.AppendRecord(far.id, far, GroupAuditContainer);
                }
                catch (Exception e)
                {
                }
            });

        }
    }
}