using Microsoft.AspNetCore.Mvc; using Microsoft.Azure.Cosmos; using Microsoft.Extensions.Logging; using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; namespace CDP { public class CDPLite { private readonly ILogger _logger; private static string FileAuditContainer = "FileAudits"; private static string UserAuditContainer = "UserAudits"; private static string GroupAuditContainer = "GroupAudits"; private static string TenantAuditContainer = "TenantAudits"; public CDPLite(ILogger log) { _logger = log; } internal static async Task AddFileUserInternal(AddFileUserDto dto) { // check to see if the email has the power to add a user string userId = Helpers.HashAndShortenText(dto.Email.ToLower()); FileRecord fr = await CDPDB.GetFile(dto.AppKey, dto.FileId, userId); if (fr == null) { string message = string.Format($"{dto.Email} attempted to add/change access policy for {dto.EmailToAdd} on {dto.FileName} file having {dto.FileId} id, but didn't have ANY access"); Console.WriteLine(message); string action = "Policy change failed"; await AddAudits(dto.AppKey, dto.FileId, dto.FileName, userId, "", action, message); return new BadRequestObjectResult(new { error = true, message = "File not found for user " + dto.Email }); } if ((!fr.Policy.CheckAccess("Manage")) && (!fr.Policy.CheckAccess("Owner"))) { string message = string.Format($"{dto.Email} attempted to add/change access policy for {dto.EmailToAdd} on {dto.FileName} file having {dto.FileId} id, but didn't have manage access"); Console.WriteLine(message); string action = "Policy change failed"; await AddAudits(dto.AppKey, dto.FileId, dto.FileName, userId, "", action, message); return new BadRequestObjectResult(new { error = true, message = $"{dto.Email} doesn't have the rights to add a user." }); } string fileId = dto.FileId; string fileName = dto.FileName; string userIdToAdd = ""; if (dto.EmailToAdd != "") { userIdToAdd = Helpers.HashAndShortenText(dto.EmailToAdd.ToLower()); } else if (dto.Group != null) { userIdToAdd = dto.GroupId; } else if (dto.Group != null) { userIdToAdd = dto.GroupId; } AccessPolicy ac = new AccessPolicy() { Access = dto.Policy, Email = dto.EmailToAdd.ToLower(), Group = dto.Group, GroupId = dto.GroupId, Key = "" }; fr = await CDPDB.UpsertFile(dto.AppKey, fileId, fileName, userIdToAdd, "", ac); if (dto.EmailToAdd != "") { string message = string.Format($"{dto.Email} added/changed the access policy for User : {dto.EmailToAdd} to {dto.Policy} on {fileName} file having {fileId} id"); string action = "Policy change"; await AddAudits(dto.AppKey, fileId, fileName, userId, "", action, message); } if (dto.Group != null) { string message = string.Format($"{dto.Email} added/changed the access policy for Group : {dto.Group} to {dto.Policy} on {fileName} file having {fileId} id"); string action = "Policy change"; await AddAudits(dto.AppKey, fileId, fileName, "", dto.Group.id, action, message); } return new OkObjectResult(fr); } public static async Task AddAudits(string appKey, string fileId, string fileName, string userId, string groupid, string action, string message) { if (string.IsNullOrEmpty(appKey) || string.IsNullOrEmpty(fileId) || string.IsNullOrEmpty(action) || string.IsNullOrEmpty(message)) { Console.WriteLine(string.Format("something weird? appKey, fileId, action, message: {0} {1} {2} {3}", appKey, fileId, action, message)); return; } AuditRecord faRec = new FileAuditRecord() { AppKey = appKey, FileId = fileId, FileName = fileName, UserId = userId, GroupId = groupid, Action = action, Message = message, EventTime = DateTime.UtcNow, }; Console.WriteLine("Adding File Audit Record"); await AuditDB.AppendRecord(faRec.id, faRec, FileAuditContainer); AuditRecord faRecTenant = new TenantAuditRecord() { AppKey = appKey, FileId = fileId, FileName = fileName, UserId = userId, GroupId = groupid, Action = action, Message = message, EventTime = DateTime.UtcNow, }; await AuditDB.AppendRecord(faRecTenant.id, faRecTenant, TenantAuditContainer); if (!string.IsNullOrEmpty(groupid)) { AuditRecord faRecGroup = new GroupAuditRecord() { AppKey = appKey, FileId = fileId, FileName = fileName, UserId = userId, GroupId = groupid, Action = action, Message = message, EventTime = DateTime.UtcNow, }; await AuditDB.AppendRecord(faRecGroup.id, faRecGroup, GroupAuditContainer); } AuditRecord faRecUser = new UserAuditRecord() { AppKey = appKey, FileId = fileId, FileName = fileName, UserId = userId, GroupId = groupid, Action = action, Message = message, EventTime = DateTime.UtcNow, }; await AuditDB.AppendRecord(faRecUser.id, faRecUser, UserAuditContainer); } /// /// Adds the audit record on a background thread. /// private static async Task AddFileAudit(AuditRecord far) { await AuditDB.AppendRecord(far.id, far, FileAuditContainer); } private static async Task AddUserAudit(AuditRecord far) { await AuditDB.AppendRecord(far.id, far, UserAuditContainer); } private static async Task AddTenantAudit(AuditRecord far) { await Task.Run(async () => { try { await AuditDB.AppendRecord(far.id, far, TenantAuditContainer); } catch (Exception e) { } }); } private static async Task AddGroupAudit(AuditRecord far) { await Task.Run(async () => { try { await AuditDB.AppendRecord(far.id, far, GroupAuditContainer); } catch (Exception e) { } }); } } }