2017-03-02 00:15:05 -05:00
|
|
|
|
using System;
|
|
|
|
|
|
using System.Linq;
|
|
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
|
|
using Bit.Core.Repositories;
|
|
|
|
|
|
using Microsoft.AspNetCore.Authorization;
|
2017-03-08 21:55:08 -05:00
|
|
|
|
using Bit.Core.Models.Api;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
using Bit.Core.Exceptions;
|
|
|
|
|
|
using Bit.Core.Services;
|
2017-04-05 16:13:40 -04:00
|
|
|
|
using Bit.Core;
|
2017-08-14 20:57:45 -04:00
|
|
|
|
using Bit.Api.Utilities;
|
|
|
|
|
|
using Bit.Core.Models.Business;
|
2018-03-23 09:44:48 -04:00
|
|
|
|
using Bit.Core.Utilities;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
|
|
|
|
|
|
namespace Bit.Api.Controllers
|
|
|
|
|
|
{
|
|
|
|
|
|
[Route("organizations")]
|
|
|
|
|
|
[Authorize("Application")]
|
|
|
|
|
|
public class OrganizationsController : Controller
|
|
|
|
|
|
{
|
|
|
|
|
|
private readonly IOrganizationRepository _organizationRepository;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
private readonly IOrganizationUserRepository _organizationUserRepository;
|
|
|
|
|
|
private readonly IOrganizationService _organizationService;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
private readonly IUserService _userService;
|
2019-02-08 23:53:09 -05:00
|
|
|
|
private readonly IPaymentService _paymentService;
|
2017-04-05 16:13:40 -04:00
|
|
|
|
private readonly CurrentContext _currentContext;
|
2017-08-14 22:05:37 -04:00
|
|
|
|
private readonly GlobalSettings _globalSettings;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
|
|
|
|
|
|
public OrganizationsController(
|
|
|
|
|
|
IOrganizationRepository organizationRepository,
|
2017-03-03 00:07:11 -05:00
|
|
|
|
IOrganizationUserRepository organizationUserRepository,
|
|
|
|
|
|
IOrganizationService organizationService,
|
2017-04-05 16:13:40 -04:00
|
|
|
|
IUserService userService,
|
2019-02-08 23:53:09 -05:00
|
|
|
|
IPaymentService paymentService,
|
2017-04-11 10:52:28 -04:00
|
|
|
|
CurrentContext currentContext,
|
2018-09-13 16:03:04 -04:00
|
|
|
|
GlobalSettings globalSettings)
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
|
|
|
|
|
_organizationRepository = organizationRepository;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
_organizationUserRepository = organizationUserRepository;
|
|
|
|
|
|
_organizationService = organizationService;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
_userService = userService;
|
2019-02-08 23:53:09 -05:00
|
|
|
|
_paymentService = paymentService;
|
2017-04-05 16:13:40 -04:00
|
|
|
|
_currentContext = currentContext;
|
2017-08-14 22:05:37 -04:00
|
|
|
|
_globalSettings = globalSettings;
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpGet("{id}")]
|
2017-03-03 21:53:27 -05:00
|
|
|
|
public async Task<OrganizationResponseModel> Get(string id)
|
|
|
|
|
|
{
|
2017-04-06 13:21:26 -04:00
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-04-06 13:21:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-03-03 21:53:27 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return new OrganizationResponseModel(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-06 13:21:26 -04:00
|
|
|
|
[HttpGet("{id}/billing")]
|
2019-02-18 15:40:47 -05:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
|
|
|
|
|
public async Task<BillingResponseModel> GetBilling(string id)
|
2017-04-06 13:21:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-04-06 13:21:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-04-06 13:21:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-18 15:40:47 -05:00
|
|
|
|
var billingInfo = await _paymentService.GetBillingAsync(organization);
|
|
|
|
|
|
return new BillingResponseModel(billingInfo);
|
2017-04-06 13:21:26 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-18 15:40:47 -05:00
|
|
|
|
[HttpGet("{id}/subscription")]
|
|
|
|
|
|
public async Task<OrganizationSubscriptionResponseModel> GetSubscription(string id)
|
2017-10-25 00:45:11 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-10-25 00:45:11 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-10-25 00:45:11 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_globalSettings.SelfHosted && organization.Gateway != null)
|
2017-10-25 00:45:11 -04:00
|
|
|
|
{
|
2019-02-18 15:40:47 -05:00
|
|
|
|
var subscriptionInfo = await _paymentService.GetSubscriptionAsync(organization);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (subscriptionInfo == null)
|
2017-10-25 00:45:11 -04:00
|
|
|
|
{
|
2019-02-18 15:40:47 -05:00
|
|
|
|
throw new NotFoundException();
|
2017-10-25 00:45:11 -04:00
|
|
|
|
}
|
2019-02-18 15:40:47 -05:00
|
|
|
|
return new OrganizationSubscriptionResponseModel(organization, subscriptionInfo);
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
return new OrganizationSubscriptionResponseModel(organization);
|
2017-10-25 00:45:11 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-14 22:16:30 -04:00
|
|
|
|
[HttpGet("{id}/license")]
|
2017-08-14 22:17:21 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2017-08-14 22:16:30 -04:00
|
|
|
|
public async Task<OrganizationLicense> GetLicense(string id, [FromQuery]Guid installationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-08-14 22:16:30 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-15 16:11:08 -04:00
|
|
|
|
var license = await _organizationService.GenerateLicenseAsync(orgIdGuid, installationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (license == null)
|
2017-08-14 22:16:30 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-15 16:11:08 -04:00
|
|
|
|
return license;
|
2017-08-14 22:16:30 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-02 00:15:05 -05:00
|
|
|
|
[HttpGet("")]
|
2017-04-05 16:45:21 -04:00
|
|
|
|
public async Task<ListResponseModel<OrganizationResponseModel>> GetUser()
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
|
|
|
|
|
var userId = _userService.GetProperUserId(User).Value;
|
|
|
|
|
|
var organizations = await _organizationRepository.GetManyByUserIdAsync(userId);
|
|
|
|
|
|
var responses = organizations.Select(o => new OrganizationResponseModel(o));
|
|
|
|
|
|
return new ListResponseModel<OrganizationResponseModel>(responses);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpPost("")]
|
2017-08-14 20:57:45 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2017-04-05 16:13:40 -04:00
|
|
|
|
public async Task<OrganizationResponseModel> Post([FromBody]OrganizationCreateRequestModel model)
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
2017-03-03 00:07:11 -05:00
|
|
|
|
var user = await _userService.GetUserByPrincipalAsync(User);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (user == null)
|
2017-06-02 13:17:46 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new UnauthorizedAccessException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-03 00:07:11 -05:00
|
|
|
|
var organizationSignup = model.ToOrganizationSignup(user);
|
|
|
|
|
|
var result = await _organizationService.SignUpAsync(organizationSignup);
|
2017-04-05 16:13:40 -04:00
|
|
|
|
return new OrganizationResponseModel(result.Item1);
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-14 20:57:45 -04:00
|
|
|
|
[HttpPost("license")]
|
|
|
|
|
|
[SelfHosted(SelfHostedOnly = true)]
|
|
|
|
|
|
public async Task<OrganizationResponseModel> PostLicense(OrganizationCreateLicenseRequestModel model)
|
|
|
|
|
|
{
|
|
|
|
|
|
var user = await _userService.GetUserByPrincipalAsync(User);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (user == null)
|
2017-08-14 20:57:45 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new UnauthorizedAccessException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var license = await ApiHelpers.ReadJsonFileFromBody<OrganizationLicense>(HttpContext, model.License);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (license == null)
|
2017-08-14 20:57:45 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invalid license");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-30 21:25:46 -04:00
|
|
|
|
var result = await _organizationService.SignUpAsync(license, user, model.Key, model.CollectionName);
|
2017-08-14 20:57:45 -04:00
|
|
|
|
return new OrganizationResponseModel(result.Item1);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-02 00:15:05 -05:00
|
|
|
|
[HttpPut("{id}")]
|
|
|
|
|
|
[HttpPost("{id}")]
|
2017-08-16 14:06:23 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2017-03-02 00:15:05 -05:00
|
|
|
|
public async Task<OrganizationResponseModel> Put(string id, [FromBody]OrganizationUpdateRequestModel model)
|
|
|
|
|
|
{
|
2017-04-06 13:21:26 -04:00
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-04-06 13:21:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 20:02:26 -04:00
|
|
|
|
var updatebilling = model.BusinessName != organization.BusinessName ||
|
|
|
|
|
|
model.BillingEmail != organization.BillingEmail;
|
|
|
|
|
|
|
|
|
|
|
|
await _organizationService.UpdateAsync(model.ToOrganization(organization), updatebilling);
|
2017-03-02 00:15:05 -05:00
|
|
|
|
return new OrganizationResponseModel(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-08 16:41:40 -04:00
|
|
|
|
[HttpPost("{id}/payment")]
|
2017-08-14 20:57:45 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2018-07-16 17:20:57 -04:00
|
|
|
|
public async Task PostPayment(string id, [FromBody]PaymentRequestModel model)
|
2017-04-08 16:41:40 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-04-08 16:41:40 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-19 17:13:21 -05:00
|
|
|
|
await _organizationService.ReplacePaymentMethodAsync(orgIdGuid, model.PaymentToken,
|
2019-02-26 12:45:34 -05:00
|
|
|
|
model.PaymentMethodType.Value);
|
2017-04-08 16:41:40 -04:00
|
|
|
|
}
|
2018-09-13 16:03:04 -04:00
|
|
|
|
|
2017-04-10 11:49:53 -04:00
|
|
|
|
[HttpPost("{id}/upgrade")]
|
2017-08-14 20:57:45 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2019-08-09 23:56:26 -04:00
|
|
|
|
public async Task<PaymentResponseModel> PostUpgrade(string id, [FromBody]OrganizationUpgradeRequestModel model)
|
2017-04-10 11:49:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-04-10 11:49:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-08-09 23:56:26 -04:00
|
|
|
|
var result = await _organizationService.UpgradePlanAsync(orgIdGuid, model.ToOrganizationUpgrade());
|
|
|
|
|
|
return new PaymentResponseModel
|
|
|
|
|
|
{
|
|
|
|
|
|
Success = result.Item1,
|
|
|
|
|
|
PaymentIntentClientSecret = result.Item2
|
|
|
|
|
|
};
|
2017-04-10 11:49:53 -04:00
|
|
|
|
}
|
2018-09-13 16:03:04 -04:00
|
|
|
|
|
2017-04-10 11:49:53 -04:00
|
|
|
|
[HttpPost("{id}/seat")]
|
2017-08-14 20:57:45 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2019-08-12 10:03:50 -04:00
|
|
|
|
public async Task<PaymentResponseModel> PostSeat(string id, [FromBody]OrganizationSeatRequestModel model)
|
2017-04-10 11:49:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-04-10 11:49:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-08-12 10:03:50 -04:00
|
|
|
|
var result = await _organizationService.AdjustSeatsAsync(orgIdGuid, model.SeatAdjustment.Value);
|
|
|
|
|
|
return new PaymentResponseModel
|
|
|
|
|
|
{
|
|
|
|
|
|
Success = true,
|
|
|
|
|
|
PaymentIntentClientSecret = result
|
|
|
|
|
|
};
|
2017-04-10 11:49:53 -04:00
|
|
|
|
}
|
2018-09-13 16:03:04 -04:00
|
|
|
|
|
2017-07-11 10:59:59 -04:00
|
|
|
|
[HttpPost("{id}/storage")]
|
2017-08-14 20:57:45 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2019-08-10 12:59:32 -04:00
|
|
|
|
public async Task<PaymentResponseModel> PostStorage(string id, [FromBody]StorageRequestModel model)
|
2017-07-11 10:59:59 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-07-11 10:59:59 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-08-10 12:59:32 -04:00
|
|
|
|
var result = await _organizationService.AdjustStorageAsync(orgIdGuid, model.StorageGbAdjustment.Value);
|
|
|
|
|
|
return new PaymentResponseModel
|
|
|
|
|
|
{
|
|
|
|
|
|
Success = true,
|
|
|
|
|
|
PaymentIntentClientSecret = result
|
|
|
|
|
|
};
|
2017-07-11 10:59:59 -04:00
|
|
|
|
}
|
2017-08-14 22:05:37 -04:00
|
|
|
|
|
2017-08-14 09:23:54 -04:00
|
|
|
|
[HttpPost("{id}/verify-bank")]
|
2017-08-14 20:57:45 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2017-08-14 09:23:54 -04:00
|
|
|
|
public async Task PostVerifyBank(string id, [FromBody]OrganizationVerifyBankRequestModel model)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-08-14 09:23:54 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await _organizationService.VerifyBankAsync(orgIdGuid, model.Amount1.Value, model.Amount2.Value);
|
|
|
|
|
|
}
|
2018-09-13 16:03:04 -04:00
|
|
|
|
|
2017-04-10 11:49:53 -04:00
|
|
|
|
[HttpPost("{id}/cancel")]
|
2017-08-14 20:57:45 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2018-07-16 17:20:57 -04:00
|
|
|
|
public async Task PostCancel(string id)
|
2017-04-10 11:49:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-04-10 11:49:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-12-31 13:34:02 -05:00
|
|
|
|
await _organizationService.CancelSubscriptionAsync(orgIdGuid);
|
2017-04-10 11:49:53 -04:00
|
|
|
|
}
|
2018-09-13 16:03:04 -04:00
|
|
|
|
|
2017-04-10 18:20:21 -04:00
|
|
|
|
[HttpPost("{id}/reinstate")]
|
2017-08-14 20:57:45 -04:00
|
|
|
|
[SelfHosted(NotSelfHostedOnly = true)]
|
2018-07-16 17:20:57 -04:00
|
|
|
|
public async Task PostReinstate(string id)
|
2017-04-10 16:42:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-04-10 16:42:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 18:20:21 -04:00
|
|
|
|
await _organizationService.ReinstateSubscriptionAsync(orgIdGuid);
|
2017-04-10 16:42:53 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-12 10:07:27 -04:00
|
|
|
|
[HttpPost("{id}/leave")]
|
|
|
|
|
|
public async Task Leave(string id)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgGuidId = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationUser(orgGuidId))
|
2017-04-12 10:07:27 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var userId = _userService.GetProperUserId(User);
|
|
|
|
|
|
await _organizationService.DeleteUserAsync(orgGuidId, userId.Value);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-02 00:15:05 -05:00
|
|
|
|
[HttpDelete("{id}")]
|
|
|
|
|
|
[HttpPost("{id}/delete")]
|
2017-04-11 10:52:28 -04:00
|
|
|
|
public async Task Delete(string id, [FromBody]OrganizationDeleteRequestModel model)
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
2017-04-06 13:21:26 -04:00
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-04-06 13:21:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-03-02 00:15:05 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-11 10:52:28 -04:00
|
|
|
|
var user = await _userService.GetUserByPrincipalAsync(User);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (user == null)
|
2017-06-02 13:17:46 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new UnauthorizedAccessException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
|
2017-04-11 10:52:28 -04:00
|
|
|
|
{
|
|
|
|
|
|
await Task.Delay(2000);
|
2017-06-08 09:46:00 -04:00
|
|
|
|
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
|
2017-04-11 10:52:28 -04:00
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
await _organizationService.DeleteAsync(organization);
|
|
|
|
|
|
}
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|
2018-09-13 16:03:04 -04:00
|
|
|
|
|
2017-08-14 21:25:06 -04:00
|
|
|
|
[HttpPost("{id}/license")]
|
|
|
|
|
|
[SelfHosted(SelfHostedOnly = true)]
|
2018-07-16 17:20:57 -04:00
|
|
|
|
public async Task PostLicense(string id, LicenseRequestModel model)
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-14 22:05:37 -04:00
|
|
|
|
var license = await ApiHelpers.ReadJsonFileFromBody<OrganizationLicense>(HttpContext, model.License);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (license == null)
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invalid license");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-14 22:05:37 -04:00
|
|
|
|
await _organizationService.UpdateLicenseAsync(new Guid(id), license);
|
2017-08-14 21:25:06 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-13 12:00:40 -04:00
|
|
|
|
[HttpPost("{id}/import")]
|
2017-05-13 17:08:56 -04:00
|
|
|
|
public async Task Import(string id, [FromBody]ImportOrganizationUsersRequestModel model)
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
2020-04-02 20:31:02 -04:00
|
|
|
|
if (!_globalSettings.SelfHosted &&
|
|
|
|
|
|
(model.Groups.Count() > 200 || model.Users.Count(u => !u.Deleted) > 1000))
|
2017-10-09 16:58:37 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You cannot import this much data at once.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-13 12:00:40 -04:00
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationAdmin(orgIdGuid))
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-13 17:08:56 -04:00
|
|
|
|
var userId = _userService.GetProperUserId(User);
|
2017-05-15 16:37:56 -04:00
|
|
|
|
await _organizationService.ImportAsync(
|
2017-07-28 12:09:12 -04:00
|
|
|
|
orgIdGuid,
|
|
|
|
|
|
userId.Value,
|
2017-05-16 00:11:21 -04:00
|
|
|
|
model.Groups.Select(g => g.ToImportedGroup(orgIdGuid)),
|
2017-07-28 12:09:12 -04:00
|
|
|
|
model.Users.Where(u => !u.Deleted).Select(u => u.ToImportedOrganizationUser()),
|
2019-05-06 21:31:20 -04:00
|
|
|
|
model.Users.Where(u => u.Deleted).Select(u => u.ExternalId),
|
|
|
|
|
|
model.OverwriteExisting);
|
2017-05-13 12:00:40 -04:00
|
|
|
|
}
|
2019-03-04 09:52:43 -05:00
|
|
|
|
|
|
|
|
|
|
[HttpPost("{id}/api-key")]
|
|
|
|
|
|
public async Task<ApiKeyResponseModel> ApiKey(string id, [FromBody]ApiKeyRequestModel model)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2019-03-04 09:52:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2019-03-04 09:52:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var user = await _userService.GetUserByPrincipalAsync(User);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (user == null)
|
2019-03-04 09:52:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new UnauthorizedAccessException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
|
2019-03-04 09:52:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
await Task.Delay(2000);
|
|
|
|
|
|
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
var response = new ApiKeyResponseModel(organization);
|
|
|
|
|
|
return response;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[HttpPost("{id}/rotate-api-key")]
|
|
|
|
|
|
public async Task<ApiKeyResponseModel> RotateApiKey(string id, [FromBody]ApiKeyRequestModel model)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgIdGuid = new Guid(id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_currentContext.OrganizationOwner(orgIdGuid))
|
2019-03-04 09:52:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(orgIdGuid);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2019-03-04 09:52:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var user = await _userService.GetUserByPrincipalAsync(User);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (user == null)
|
2019-03-04 09:52:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new UnauthorizedAccessException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!await _userService.CheckPasswordAsync(user, model.MasterPasswordHash))
|
2019-03-04 09:52:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
await Task.Delay(2000);
|
|
|
|
|
|
throw new BadRequestException("MasterPasswordHash", "Invalid password.");
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
await _organizationService.RotateApiKeyAsync(organization);
|
|
|
|
|
|
var response = new ApiKeyResponseModel(organization);
|
|
|
|
|
|
return response;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-03-02 00:15:05 -05:00
|
|
|
|
}
|
|
|
|
|
|
}
|
