You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
207 lines
7.5 KiB
207 lines
7.5 KiB
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.Azure.Cosmos;
|
|
using Microsoft.Extensions.Logging;
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Linq;
|
|
using System.Text;
|
|
using System.Threading.Tasks;
|
|
|
|
namespace CDP
|
|
{
|
|
public class CDPLite
|
|
{
|
|
private readonly ILogger<CDPLite> _logger;
|
|
private static string FileAuditContainer = "FileAudits";
|
|
private static string UserAuditContainer = "UserAudits";
|
|
private static string GroupAuditContainer = "GroupAudits";
|
|
private static string TenantAuditContainer = "TenantAudits";
|
|
|
|
public CDPLite(ILogger<CDPLite> log)
|
|
{
|
|
_logger = log;
|
|
}
|
|
|
|
internal static async Task<IActionResult> AddFileUserInternal(AddFileUserDto dto)
|
|
{
|
|
// check to see if the email has the power to add a user
|
|
string userId = Helpers.HashAndShortenText(dto.Email.ToLower());
|
|
|
|
FileRecord fr = await CDPDB.GetFile(dto.AppKey, dto.FileId, userId);
|
|
if (fr == null)
|
|
{
|
|
string message = string.Format($"{dto.Email} attempted to add/change access policy for {dto.EmailToAdd} on {dto.FileName} file having {dto.FileId} id, but didn't have ANY access");
|
|
Console.WriteLine(message);
|
|
string action = "Policy change failed";
|
|
await AddAudits(dto.AppKey, dto.FileId, dto.FileName, userId, "", action, message);
|
|
|
|
return new BadRequestObjectResult(new { error = true, message = "File not found for user " + dto.Email });
|
|
}
|
|
|
|
if ((!fr.Policy.CheckAccess("Manage")) && (!fr.Policy.CheckAccess("Owner")))
|
|
{
|
|
string message = string.Format($"{dto.Email} attempted to add/change access policy for {dto.EmailToAdd} on {dto.FileName} file having {dto.FileId} id, but didn't have manage access");
|
|
Console.WriteLine(message);
|
|
string action = "Policy change failed";
|
|
await AddAudits(dto.AppKey, dto.FileId, dto.FileName, userId, "", action, message);
|
|
return new BadRequestObjectResult(new { error = true, message = $"{dto.Email} doesn't have the rights to add a user." });
|
|
}
|
|
|
|
string fileId = dto.FileId;
|
|
string fileName = dto.FileName;
|
|
string userIdToAdd = "";
|
|
|
|
if (dto.EmailToAdd != "")
|
|
{
|
|
userIdToAdd = Helpers.HashAndShortenText(dto.EmailToAdd.ToLower());
|
|
}
|
|
else if (dto.Group != null)
|
|
{
|
|
userIdToAdd = dto.GroupId;
|
|
}
|
|
else if (dto.Group != null)
|
|
{
|
|
userIdToAdd = dto.GroupId;
|
|
}
|
|
|
|
AccessPolicy ac = new AccessPolicy()
|
|
{
|
|
Access = dto.Policy,
|
|
Email = dto.EmailToAdd.ToLower(),
|
|
Group = dto.Group,
|
|
GroupId = dto.GroupId,
|
|
Key = ""
|
|
};
|
|
|
|
fr = await CDPDB.UpsertFile(dto.AppKey, fileId, fileName, userIdToAdd, "", ac);
|
|
|
|
if (dto.EmailToAdd != "")
|
|
{
|
|
string message = string.Format($"{dto.Email} added/changed the access policy for User : {dto.EmailToAdd} to {dto.Policy} on {fileName} file having {fileId} id");
|
|
string action = "Policy change";
|
|
await AddAudits(dto.AppKey, fileId, fileName, userId, "", action, message);
|
|
}
|
|
|
|
if (dto.Group != null)
|
|
{
|
|
string message = string.Format($"{dto.Email} added/changed the access policy for Group : {dto.Group} to {dto.Policy} on {fileName} file having {fileId} id");
|
|
string action = "Policy change";
|
|
await AddAudits(dto.AppKey, fileId, fileName, "", dto.Group.id, action, message);
|
|
}
|
|
return new OkObjectResult(fr);
|
|
}
|
|
|
|
public static async Task AddAudits(string appKey, string fileId, string fileName, string userId, string groupid, string action, string message)
|
|
{
|
|
if (string.IsNullOrEmpty(appKey) || string.IsNullOrEmpty(fileId) || string.IsNullOrEmpty(action) || string.IsNullOrEmpty(message))
|
|
{
|
|
Console.WriteLine(string.Format("something weird? appKey, fileId, action, message: {0} {1} {2} {3}", appKey, fileId, action, message));
|
|
return;
|
|
}
|
|
|
|
|
|
AuditRecord faRec = new FileAuditRecord()
|
|
{
|
|
AppKey = appKey,
|
|
FileId = fileId,
|
|
FileName = fileName,
|
|
UserId = userId,
|
|
GroupId = groupid,
|
|
Action = action,
|
|
Message = message,
|
|
EventTime = DateTime.UtcNow,
|
|
};
|
|
Console.WriteLine("Adding File Audit Record");
|
|
await AuditDB.AppendRecord(faRec.id, faRec, FileAuditContainer);
|
|
|
|
AuditRecord faRecTenant = new TenantAuditRecord()
|
|
{
|
|
AppKey = appKey,
|
|
FileId = fileId,
|
|
FileName = fileName,
|
|
UserId = userId,
|
|
GroupId = groupid,
|
|
Action = action,
|
|
Message = message,
|
|
EventTime = DateTime.UtcNow,
|
|
};
|
|
|
|
await AuditDB.AppendRecord(faRecTenant.id, faRecTenant, TenantAuditContainer);
|
|
|
|
if (!string.IsNullOrEmpty(groupid))
|
|
{
|
|
AuditRecord faRecGroup = new GroupAuditRecord()
|
|
{
|
|
AppKey = appKey,
|
|
FileId = fileId,
|
|
FileName = fileName,
|
|
UserId = userId,
|
|
GroupId = groupid,
|
|
Action = action,
|
|
Message = message,
|
|
EventTime = DateTime.UtcNow,
|
|
};
|
|
|
|
await AuditDB.AppendRecord(faRecGroup.id, faRecGroup, GroupAuditContainer);
|
|
}
|
|
|
|
AuditRecord faRecUser = new UserAuditRecord()
|
|
{
|
|
AppKey = appKey,
|
|
FileId = fileId,
|
|
FileName = fileName,
|
|
UserId = userId,
|
|
GroupId = groupid,
|
|
Action = action,
|
|
Message = message,
|
|
EventTime = DateTime.UtcNow,
|
|
};
|
|
|
|
await AuditDB.AppendRecord(faRecUser.id, faRecUser, UserAuditContainer);
|
|
|
|
}
|
|
/// <summary>
|
|
/// Adds the audit record on a background thread.
|
|
/// </summary>
|
|
private static async Task AddFileAudit(AuditRecord far)
|
|
{
|
|
await AuditDB.AppendRecord(far.id, far, FileAuditContainer);
|
|
|
|
}
|
|
|
|
private static async Task AddUserAudit(AuditRecord far)
|
|
{
|
|
await AuditDB.AppendRecord(far.id, far, UserAuditContainer);
|
|
}
|
|
|
|
private static async Task AddTenantAudit(AuditRecord far)
|
|
{
|
|
await Task.Run(async () =>
|
|
{
|
|
try
|
|
{
|
|
await AuditDB.AppendRecord(far.id, far, TenantAuditContainer);
|
|
}
|
|
catch (Exception e)
|
|
{
|
|
}
|
|
});
|
|
|
|
}
|
|
|
|
private static async Task AddGroupAudit(AuditRecord far)
|
|
{
|
|
await Task.Run(async () =>
|
|
{
|
|
try
|
|
{
|
|
await AuditDB.AppendRecord(far.id, far, GroupAuditContainer);
|
|
}
|
|
catch (Exception e)
|
|
{
|
|
}
|
|
});
|
|
|
|
}
|
|
}
|
|
}
|