using Microsoft.AspNet.SignalR; using Step.Controllers.SignalR; using Step.Database.Controllers; using Step.Model.DatabaseModels; using Step.Model.DTOModels; using System; using System.Collections.Generic; using System.Globalization; using System.Linq; using System.Security.Claims; using System.Web.Http; using static Step.Model.Constants; using static Step.Utils.LanguageController; namespace Step.Controllers.WebApi { [RoutePrefix("api/user")] public class UserController : ApiController { [Route("logout"), HttpPost] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.WRITE)] public IHttpActionResult Logout() { var identity = User.Identity as ClaimsIdentity; // Find user id from the bearer token var userId = identity.Claims.Where(c => c.Type == USER_ID_KEY).FirstOrDefault(); if (userId == null) return Unauthorized(); // Find machine id from the bearer token var machineId = identity.Claims.Where(c => c.Type == MACHINE_ID_KEY).FirstOrDefault(); if (machineId == null) return Unauthorized(); using (SessionsController sessionsController = new SessionsController()) { // Delete all the user session on the machine sessionsController.DeleteSessionsByUserAndMachineId(Convert.ToInt32(machineId.Value), Convert.ToInt32(userId.Value)); } // Send to the clients the id of the disconnected user var context = GlobalHost.ConnectionManager.GetHubContext(); context.Clients.All.logout(new { id = userId.Value }); return Ok(); } [Route("info"), HttpGet] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.READ)] public IHttpActionResult UserInfo() { var identity = User.Identity as ClaimsIdentity; // Find user id from the bearer token var userId = identity.Claims.Where(c => c.Type == USER_ID_KEY).FirstOrDefault(); if (userId == null) return Unauthorized(); using (UsersController usersController = new UsersController()) { return Ok(usersController.GetUserInfo(Convert.ToInt32(userId.Value))); } } [Route("language"), HttpPut] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.READ)] public IHttpActionResult PutUserLanguage([FromBody] dynamic user) { // If no body return 400 if (user == null) return BadRequest(); // Validate user id var identity = User.Identity as ClaimsIdentity; var userId = identity.Claims.Where(c => c.Type == USER_ID_KEY).FirstOrDefault(); if (userId == null) return Unauthorized(); // Parse body data and validate language var newLanguage = (string)user.language; if (newLanguage == null || !IsValidLanguage(newLanguage)) return BadRequest(); // Find if language is Available in the server directory if (!LanguageIsAvailable(newLanguage)) return NotFound(); using (UsersController usersController = new UsersController()) { // Update database with new language usersController.ChangeUserLanguage(Convert.ToInt32(userId.Value), CultureInfo.CreateSpecificCulture(newLanguage)); return Ok(); } } [Route("list"), HttpGet] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.READ)] public IHttpActionResult GetMessageUserList() { // Validate user id var identity = User.Identity as ClaimsIdentity; var userId = identity.Claims.Where(c => c.Type == USER_ID_KEY).FirstOrDefault(); if (userId == null) return Unauthorized(); using (UsersController usersController = new UsersController()) { // Update database with new language List users = usersController.GetMessageUserList(); return Ok(users); } } #region User Manager [Route("manager/list"), HttpGet] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.READ)] public IHttpActionResult GetUserList() { using (UsersController usersController = new UsersController()) { // Update database with new language List users = usersController.GetUserList(); return Ok(users); } } [Route("manager/user/{userId:int}"), HttpPut] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.WRITE)] public IHttpActionResult UpdateUserData(int userId, [FromBody] DTONewUserModel userData) { using (UsersController usersController = new UsersController()) { if (usersController.FindByUsername(userData.Username) != null) return BadRequest(); // Update database with new user data var user = usersController.UpdateUserData(userId, userData); return Ok(user); } } [Route("manager/user"), HttpPost] public IHttpActionResult CreateUser(UserModel model) { using (UsersController usersController = new UsersController()) { if (usersController.FindByUsername(model.Username) != null) return BadRequest(); DTOUserModel user = usersController.Create(model.Username, model.Password, model.FirstName, model.LastName, model.Language); return Ok(user); } } [Route("manager/user/{userId:int}"), HttpDelete] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.WRITE)] public IHttpActionResult DeleteUserData(int userId) { return Unauthorized(); } // Role [Route("manager/role/list"), HttpGet] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.READ)] public IHttpActionResult GetRoleList() { using (MachinesUsersController machineController = new MachinesUsersController()) { List roles = machineController.GetRolesList(); return Ok(roles); } } [Route("manager/user/{userId:int}/role/{roleId:int}"), HttpPut] [WebApiAuthorize(FunctionAccess = FUNCTIONALITY_NAMES.USER_FUNCTIONS, Action = ACTIONS.WRITE)] public IHttpActionResult UpdateUserRole(int userId, int roleId) { using (UsersController usersController = new UsersController()) { // Update database with new user's role var user = usersController.UpdateUserRole(userId, roleId); return Ok(user); } } #endregion User Manager } }