2017-03-03 00:07:11 -05:00
|
|
|
|
using System;
|
|
|
|
|
|
using System.Linq;
|
|
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
|
|
using Bit.Core.Repositories;
|
|
|
|
|
|
using Bit.Core.Models.Business;
|
2017-03-08 21:45:08 -05:00
|
|
|
|
using Bit.Core.Models.Table;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
using Bit.Core.Utilities;
|
|
|
|
|
|
using Bit.Core.Exceptions;
|
2017-03-09 23:58:43 -05:00
|
|
|
|
using System.Collections.Generic;
|
2017-03-23 00:17:34 -04:00
|
|
|
|
using Microsoft.AspNetCore.DataProtection;
|
2017-04-04 10:13:16 -04:00
|
|
|
|
using Stripe;
|
2017-04-10 10:44:27 -04:00
|
|
|
|
using Bit.Core.Enums;
|
2017-04-11 10:00:36 -04:00
|
|
|
|
using Bit.Core.Models.StaticStore;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
|
|
|
|
|
|
namespace Bit.Core.Services
|
|
|
|
|
|
{
|
|
|
|
|
|
public class OrganizationService : IOrganizationService
|
|
|
|
|
|
{
|
|
|
|
|
|
private readonly IOrganizationRepository _organizationRepository;
|
|
|
|
|
|
private readonly IOrganizationUserRepository _organizationUserRepository;
|
2017-03-09 23:58:43 -05:00
|
|
|
|
private readonly ISubvaultRepository _subvaultRepository;
|
|
|
|
|
|
private readonly ISubvaultUserRepository _subvaultUserRepository;
|
2017-03-04 21:28:41 -05:00
|
|
|
|
private readonly IUserRepository _userRepository;
|
2017-03-23 00:17:34 -04:00
|
|
|
|
private readonly IDataProtector _dataProtector;
|
|
|
|
|
|
private readonly IMailService _mailService;
|
2017-04-21 14:22:32 -04:00
|
|
|
|
private readonly IPushService _pushService;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
|
|
|
|
|
|
public OrganizationService(
|
|
|
|
|
|
IOrganizationRepository organizationRepository,
|
2017-03-04 21:28:41 -05:00
|
|
|
|
IOrganizationUserRepository organizationUserRepository,
|
2017-03-09 23:58:43 -05:00
|
|
|
|
ISubvaultRepository subvaultRepository,
|
|
|
|
|
|
ISubvaultUserRepository subvaultUserRepository,
|
2017-03-23 00:17:34 -04:00
|
|
|
|
IUserRepository userRepository,
|
|
|
|
|
|
IDataProtectionProvider dataProtectionProvider,
|
2017-04-21 14:22:32 -04:00
|
|
|
|
IMailService mailService,
|
|
|
|
|
|
IPushService pushService)
|
2017-03-03 00:07:11 -05:00
|
|
|
|
{
|
|
|
|
|
|
_organizationRepository = organizationRepository;
|
|
|
|
|
|
_organizationUserRepository = organizationUserRepository;
|
2017-03-09 23:58:43 -05:00
|
|
|
|
_subvaultRepository = subvaultRepository;
|
|
|
|
|
|
_subvaultUserRepository = subvaultUserRepository;
|
2017-03-04 21:28:41 -05:00
|
|
|
|
_userRepository = userRepository;
|
2017-03-23 00:17:34 -04:00
|
|
|
|
_dataProtector = dataProtectionProvider.CreateProtector("OrganizationServiceDataProtector");
|
|
|
|
|
|
_mailService = mailService;
|
2017-04-21 14:22:32 -04:00
|
|
|
|
_pushService = pushService;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
}
|
2017-04-06 16:52:39 -04:00
|
|
|
|
public async Task<OrganizationBilling> GetBillingAsync(Organization organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgBilling = new OrganizationBilling();
|
|
|
|
|
|
var customerService = new StripeCustomerService();
|
|
|
|
|
|
var subscriptionService = new StripeSubscriptionService();
|
|
|
|
|
|
var chargeService = new StripeChargeService();
|
2017-04-10 11:30:36 -04:00
|
|
|
|
var invoiceService = new StripeInvoiceService();
|
2017-04-06 16:52:39 -04:00
|
|
|
|
|
|
|
|
|
|
if(!string.IsNullOrWhiteSpace(organization.StripeCustomerId))
|
|
|
|
|
|
{
|
|
|
|
|
|
var customer = await customerService.GetAsync(organization.StripeCustomerId);
|
|
|
|
|
|
if(customer != null)
|
|
|
|
|
|
{
|
2017-04-08 16:41:40 -04:00
|
|
|
|
if(!string.IsNullOrWhiteSpace(customer.DefaultSourceId) && customer.Sources?.Data != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
if(customer.DefaultSourceId.StartsWith("card_"))
|
|
|
|
|
|
{
|
|
|
|
|
|
orgBilling.PaymentSource =
|
|
|
|
|
|
customer.Sources.Data.FirstOrDefault(s => s.Card?.Id == customer.DefaultSourceId);
|
|
|
|
|
|
}
|
|
|
|
|
|
else if(customer.DefaultSourceId.StartsWith("ba_"))
|
|
|
|
|
|
{
|
|
|
|
|
|
orgBilling.PaymentSource =
|
|
|
|
|
|
customer.Sources.Data.FirstOrDefault(s => s.BankAccount?.Id == customer.DefaultSourceId);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-04-06 16:52:39 -04:00
|
|
|
|
|
|
|
|
|
|
var charges = await chargeService.ListAsync(new StripeChargeListOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
CustomerId = customer.Id,
|
|
|
|
|
|
Limit = 20
|
|
|
|
|
|
});
|
2017-04-10 16:42:53 -04:00
|
|
|
|
orgBilling.Charges = charges?.Data?.OrderByDescending(c => c.Created);
|
2017-04-06 16:52:39 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(!string.IsNullOrWhiteSpace(organization.StripeSubscriptionId))
|
|
|
|
|
|
{
|
|
|
|
|
|
var sub = await subscriptionService.GetAsync(organization.StripeSubscriptionId);
|
|
|
|
|
|
if(sub != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
orgBilling.Subscription = sub;
|
|
|
|
|
|
}
|
2017-04-10 16:42:53 -04:00
|
|
|
|
|
|
|
|
|
|
if(!sub.CanceledAt.HasValue && !string.IsNullOrWhiteSpace(organization.StripeCustomerId))
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
var upcomingInvoice = await invoiceService.UpcomingAsync(organization.StripeCustomerId);
|
|
|
|
|
|
if(upcomingInvoice != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
orgBilling.UpcomingInvoice = upcomingInvoice;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
catch(StripeException) { }
|
|
|
|
|
|
}
|
2017-04-06 16:52:39 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return orgBilling;
|
|
|
|
|
|
}
|
2017-03-03 00:07:11 -05:00
|
|
|
|
|
2017-04-08 16:41:40 -04:00
|
|
|
|
public async Task ReplacePaymentMethodAsync(Guid organizationId, string paymentToken)
|
|
|
|
|
|
{
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
|
|
if(organization == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var cardService = new StripeCardService();
|
|
|
|
|
|
var customerService = new StripeCustomerService();
|
|
|
|
|
|
StripeCustomer customer = null;
|
|
|
|
|
|
|
|
|
|
|
|
if(!string.IsNullOrWhiteSpace(organization.StripeCustomerId))
|
|
|
|
|
|
{
|
|
|
|
|
|
customer = await customerService.GetAsync(organization.StripeCustomerId);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(customer == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
customer = await customerService.CreateAsync(new StripeCustomerCreateOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
Description = organization.BusinessName,
|
|
|
|
|
|
Email = organization.BillingEmail,
|
|
|
|
|
|
SourceToken = paymentToken
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
organization.StripeCustomerId = customer.Id;
|
|
|
|
|
|
await _organizationRepository.ReplaceAsync(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await cardService.CreateAsync(customer.Id, new StripeCardCreateOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
SourceToken = paymentToken
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
if(!string.IsNullOrWhiteSpace(customer.DefaultSourceId))
|
|
|
|
|
|
{
|
|
|
|
|
|
await cardService.DeleteAsync(customer.Id, customer.DefaultSourceId);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-08 18:15:20 -04:00
|
|
|
|
public async Task CancelSubscriptionAsync(Guid organizationId, bool endOfPeriod = false)
|
|
|
|
|
|
{
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
|
|
if(organization == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(string.IsNullOrWhiteSpace(organization.StripeSubscriptionId))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization has no subscription.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var subscriptionService = new StripeSubscriptionService();
|
2017-04-10 16:42:53 -04:00
|
|
|
|
var sub = await subscriptionService.GetAsync(organization.StripeSubscriptionId);
|
2017-04-08 18:15:20 -04:00
|
|
|
|
if(sub == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization subscription was not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 16:42:53 -04:00
|
|
|
|
if(sub.CanceledAt.HasValue)
|
2017-04-08 18:15:20 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization subscription is already canceled.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var canceledSub = await subscriptionService.CancelAsync(sub.Id, endOfPeriod);
|
2017-04-10 16:42:53 -04:00
|
|
|
|
if(!canceledSub.CanceledAt.HasValue)
|
2017-04-08 18:15:20 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Unable to cancel subscription.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 18:20:21 -04:00
|
|
|
|
public async Task ReinstateSubscriptionAsync(Guid organizationId)
|
2017-04-10 16:42:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
|
|
if(organization == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(string.IsNullOrWhiteSpace(organization.StripeSubscriptionId))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization has no subscription.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var subscriptionService = new StripeSubscriptionService();
|
|
|
|
|
|
var sub = await subscriptionService.GetAsync(organization.StripeSubscriptionId);
|
|
|
|
|
|
if(sub == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization subscription was not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(sub.Status != "active" || !sub.CanceledAt.HasValue)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization subscription is not marked for cancellation.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Just touch the subscription.
|
|
|
|
|
|
var updatedSub = await subscriptionService.UpdateAsync(sub.Id, new StripeSubscriptionUpdateOptions { });
|
|
|
|
|
|
if(updatedSub.CanceledAt.HasValue)
|
|
|
|
|
|
{
|
2017-04-10 18:20:21 -04:00
|
|
|
|
throw new BadRequestException("Unable to reinstate subscription.");
|
2017-04-10 16:42:53 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 11:49:53 -04:00
|
|
|
|
public async Task UpgradePlanAsync(Guid organizationId, PlanType plan, int additionalSeats)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(organizationId);
|
2017-04-10 09:36:21 -04:00
|
|
|
|
if(organization == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(string.IsNullOrWhiteSpace(organization.StripeCustomerId))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("No payment method found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var existingPlan = StaticStore.Plans.FirstOrDefault(p => p.Type == organization.PlanType);
|
|
|
|
|
|
if(existingPlan == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Existing plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
var newPlan = StaticStore.Plans.FirstOrDefault(p => p.Type == plan && !p.Disabled);
|
2017-04-10 09:36:21 -04:00
|
|
|
|
if(newPlan == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(existingPlan.Type == newPlan.Type)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization is already on this plan.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(existingPlan.UpgradeSortOrder >= newPlan.UpgradeSortOrder)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You cannot upgrade to this plan.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(!newPlan.CanBuyAdditionalSeats && additionalSeats > 0)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
throw new BadRequestException("Plan does not allow additional seats.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(newPlan.CanBuyAdditionalSeats && newPlan.MaxAdditionalSeats.HasValue &&
|
|
|
|
|
|
additionalSeats > newPlan.MaxAdditionalSeats.Value)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Selected plan allows a maximum of " +
|
2017-04-10 10:44:27 -04:00
|
|
|
|
$"{newPlan.MaxAdditionalSeats.Value} additional seats.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
var newPlanSeats = (short)(newPlan.BaseSeats + (newPlan.CanBuyAdditionalSeats ? additionalSeats : 0));
|
|
|
|
|
|
if(!organization.Seats.HasValue || organization.Seats.Value > newPlanSeats)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
var userCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(organization.Id);
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(userCount >= newPlanSeats)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
throw new BadRequestException($"Your organization currently has {userCount} seats filled. Your new plan " +
|
|
|
|
|
|
$"only has ({newPlanSeats}) seats. Remove some users.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(newPlan.MaxSubvaults.HasValue &&
|
|
|
|
|
|
(!organization.MaxSubvaults.HasValue || organization.MaxSubvaults.Value > newPlan.MaxSubvaults.Value))
|
|
|
|
|
|
{
|
|
|
|
|
|
var subvaultCount = await _subvaultRepository.GetCountByOrganizationIdAsync(organization.Id);
|
|
|
|
|
|
if(subvaultCount > newPlan.MaxSubvaults.Value)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Your organization currently has {subvaultCount} subvaults. " +
|
2017-04-10 10:44:27 -04:00
|
|
|
|
$"Your new plan allows for a maximum of ({newPlan.MaxSubvaults.Value}) subvaults. " +
|
|
|
|
|
|
"Remove some subvaults.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var subscriptionService = new StripeSubscriptionService();
|
|
|
|
|
|
if(string.IsNullOrWhiteSpace(organization.StripeSubscriptionId))
|
|
|
|
|
|
{
|
|
|
|
|
|
// They must have been on a free plan. Create new sub.
|
|
|
|
|
|
var subCreateOptions = new StripeSubscriptionCreateOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
Items = new List<StripeSubscriptionItemOption>
|
|
|
|
|
|
{
|
|
|
|
|
|
new StripeSubscriptionItemOption
|
|
|
|
|
|
{
|
|
|
|
|
|
PlanId = newPlan.StripePlanId,
|
|
|
|
|
|
Quantity = 1
|
|
|
|
|
|
}
|
2017-04-26 16:14:15 -04:00
|
|
|
|
},
|
|
|
|
|
|
Metadata = new Dictionary<string, string> {
|
|
|
|
|
|
{ "organizationId", organization.Id.ToString() }
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(additionalSeats > 0)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
subCreateOptions.Items.Add(new StripeSubscriptionItemOption
|
|
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
PlanId = newPlan.StripeSeatPlanId,
|
|
|
|
|
|
Quantity = additionalSeats
|
2017-04-10 09:36:21 -04:00
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await subscriptionService.CreateAsync(organization.StripeCustomerId, subCreateOptions);
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
// Update existing sub.
|
|
|
|
|
|
var subUpdateOptions = new StripeSubscriptionUpdateOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
Items = new List<StripeSubscriptionItemUpdateOption>
|
|
|
|
|
|
{
|
|
|
|
|
|
new StripeSubscriptionItemUpdateOption
|
|
|
|
|
|
{
|
|
|
|
|
|
PlanId = newPlan.StripePlanId,
|
|
|
|
|
|
Quantity = 1
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(additionalSeats > 0)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
subUpdateOptions.Items.Add(new StripeSubscriptionItemUpdateOption
|
|
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
PlanId = newPlan.StripeSeatPlanId,
|
|
|
|
|
|
Quantity = additionalSeats
|
2017-04-10 09:36:21 -04:00
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await subscriptionService.UpdateAsync(organization.StripeSubscriptionId, subUpdateOptions);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 11:49:53 -04:00
|
|
|
|
public async Task AdjustSeatsAsync(Guid organizationId, int seatAdjustment)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
|
|
if(organization == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(string.IsNullOrWhiteSpace(organization.StripeCustomerId))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("No payment method found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 12:28:41 -04:00
|
|
|
|
if(string.IsNullOrWhiteSpace(organization.StripeSubscriptionId))
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("No subscription found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var plan = StaticStore.Plans.FirstOrDefault(p => p.Type == organization.PlanType);
|
|
|
|
|
|
if(plan == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Existing plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(!plan.CanBuyAdditionalSeats)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
throw new BadRequestException("Plan does not allow additional seats.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 11:49:53 -04:00
|
|
|
|
var newSeatTotal = organization.Seats + seatAdjustment;
|
|
|
|
|
|
if(plan.BaseSeats > newSeatTotal)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Plan has a minimum of {plan.BaseSeats} seats.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var additionalSeats = newSeatTotal - plan.BaseSeats;
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(plan.MaxAdditionalSeats.HasValue && additionalSeats > plan.MaxAdditionalSeats.Value)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Organization plan allows a maximum of " +
|
2017-04-10 10:44:27 -04:00
|
|
|
|
$"{plan.MaxAdditionalSeats.Value} additional seats.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 11:49:53 -04:00
|
|
|
|
if(!organization.Seats.HasValue || organization.Seats.Value > newSeatTotal)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
var userCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(organization.Id);
|
2017-04-10 11:49:53 -04:00
|
|
|
|
if(userCount > newSeatTotal)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
throw new BadRequestException($"Your organization currently has {userCount} seats filled. Your new plan " +
|
2017-04-10 11:49:53 -04:00
|
|
|
|
$"only has ({newSeatTotal}) seats. Remove some users.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 16:42:53 -04:00
|
|
|
|
var invoiceService = new StripeInvoiceService();
|
2017-04-10 12:28:41 -04:00
|
|
|
|
var subscriptionItemService = new StripeSubscriptionItemService();
|
2017-04-11 10:00:36 -04:00
|
|
|
|
var subscriptionService = new StripeSubscriptionService();
|
2017-04-10 12:28:41 -04:00
|
|
|
|
var sub = await subscriptionService.GetAsync(organization.StripeSubscriptionId);
|
|
|
|
|
|
if(sub == null)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-10 12:28:41 -04:00
|
|
|
|
throw new BadRequestException("Subscription not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var seatItem = sub.Items?.Data?.FirstOrDefault(i => i.Plan.Id == plan.StripeSeatPlanId);
|
|
|
|
|
|
if(seatItem == null)
|
|
|
|
|
|
{
|
2017-04-11 10:00:36 -04:00
|
|
|
|
await subscriptionItemService.CreateAsync(new StripeSubscriptionItemCreateOptions
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-10 12:28:41 -04:00
|
|
|
|
PlanId = plan.StripeSeatPlanId,
|
|
|
|
|
|
Quantity = additionalSeats,
|
2017-04-11 10:00:36 -04:00
|
|
|
|
Prorate = true,
|
2017-04-10 12:28:41 -04:00
|
|
|
|
SubscriptionId = sub.Id
|
2017-04-11 10:00:36 -04:00
|
|
|
|
});
|
2017-04-10 09:36:21 -04:00
|
|
|
|
|
2017-04-11 10:00:36 -04:00
|
|
|
|
await PreviewUpcomingAndPayAsync(invoiceService, organization, plan);
|
2017-04-10 12:28:41 -04:00
|
|
|
|
}
|
|
|
|
|
|
else if(additionalSeats > 0)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-11 10:00:36 -04:00
|
|
|
|
await subscriptionItemService.UpdateAsync(seatItem.Id, new StripeSubscriptionItemUpdateOptions
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
PlanId = plan.StripeSeatPlanId,
|
2017-04-10 12:28:41 -04:00
|
|
|
|
Quantity = additionalSeats,
|
2017-04-11 10:00:36 -04:00
|
|
|
|
Prorate = true
|
|
|
|
|
|
});
|
2017-04-10 12:28:41 -04:00
|
|
|
|
|
2017-04-11 10:00:36 -04:00
|
|
|
|
await PreviewUpcomingAndPayAsync(invoiceService, organization, plan);
|
2017-04-10 12:28:41 -04:00
|
|
|
|
}
|
|
|
|
|
|
else if(additionalSeats == 0)
|
|
|
|
|
|
{
|
|
|
|
|
|
await subscriptionItemService.DeleteAsync(seatItem.Id);
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 12:28:41 -04:00
|
|
|
|
organization.Seats = (short?)newSeatTotal;
|
|
|
|
|
|
await _organizationRepository.ReplaceAsync(organization);
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-11 10:00:36 -04:00
|
|
|
|
private async Task PreviewUpcomingAndPayAsync(StripeInvoiceService invoiceService, Organization org, Plan plan)
|
|
|
|
|
|
{
|
|
|
|
|
|
var upcomingPreview = await invoiceService.UpcomingAsync(org.StripeCustomerId,
|
|
|
|
|
|
new StripeUpcomingInvoiceOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
SubscriptionId = org.StripeSubscriptionId
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
var prorationAmount = upcomingPreview.StripeInvoiceLineItems?.Data?
|
|
|
|
|
|
.TakeWhile(i => i.Plan.Id == plan.StripeSeatPlanId).Sum(i => i.Amount);
|
|
|
|
|
|
if(prorationAmount.GetValueOrDefault() >= 500)
|
|
|
|
|
|
{
|
|
|
|
|
|
// Owes more than $5.00 on next invoice. Invoice them and pay now instead of waiting until next month.
|
|
|
|
|
|
var invoice = await invoiceService.CreateAsync(org.StripeCustomerId,
|
|
|
|
|
|
new StripeInvoiceCreateOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
SubscriptionId = org.StripeSubscriptionId
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
await invoiceService.PayAsync(invoice.Id);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-04 21:28:41 -05:00
|
|
|
|
public async Task<Tuple<Organization, OrganizationUser>> SignUpAsync(OrganizationSignup signup)
|
2017-03-03 00:07:11 -05:00
|
|
|
|
{
|
2017-04-07 16:41:04 -04:00
|
|
|
|
var plan = StaticStore.Plans.FirstOrDefault(p => p.Type == signup.Plan && !p.Disabled);
|
2017-03-03 00:07:11 -05:00
|
|
|
|
if(plan == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-04 10:13:16 -04:00
|
|
|
|
var customerService = new StripeCustomerService();
|
2017-04-04 12:57:50 -04:00
|
|
|
|
var subscriptionService = new StripeSubscriptionService();
|
|
|
|
|
|
StripeCustomer customer = null;
|
|
|
|
|
|
StripeSubscription subscription = null;
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(!plan.CanBuyAdditionalSeats && signup.AdditionalSeats > 0)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Plan does not allow additional users.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(plan.CanBuyAdditionalSeats && plan.MaxAdditionalSeats.HasValue &&
|
|
|
|
|
|
signup.AdditionalSeats > plan.MaxAdditionalSeats.Value)
|
2017-04-08 10:52:10 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Selected plan allows a maximum of " +
|
2017-04-10 10:44:27 -04:00
|
|
|
|
$"{plan.MaxAdditionalSeats.GetValueOrDefault(0)} additional users.");
|
2017-04-08 10:52:10 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-26 16:14:15 -04:00
|
|
|
|
// Pre-generate the org id so that we can save it with the Stripe subscription..
|
|
|
|
|
|
Guid newOrgId = CoreHelpers.GenerateComb();
|
|
|
|
|
|
|
2017-04-20 23:50:12 -04:00
|
|
|
|
if(plan.Type == PlanType.Free)
|
2017-04-07 14:03:36 -04:00
|
|
|
|
{
|
2017-04-07 14:52:31 -04:00
|
|
|
|
var ownerExistingOrgCount =
|
|
|
|
|
|
await _organizationUserRepository.GetCountByFreeOrganizationAdminUserAsync(signup.Owner.Id);
|
|
|
|
|
|
if(ownerExistingOrgCount > 0)
|
2017-04-07 14:03:36 -04:00
|
|
|
|
{
|
2017-04-07 14:14:48 -04:00
|
|
|
|
throw new BadRequestException("You can only be an admin of one free organization.");
|
2017-04-07 14:03:36 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
2017-04-04 10:13:16 -04:00
|
|
|
|
{
|
2017-04-04 12:57:50 -04:00
|
|
|
|
customer = await customerService.CreateAsync(new StripeCustomerCreateOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
Description = signup.BusinessName,
|
|
|
|
|
|
Email = signup.BillingEmail,
|
|
|
|
|
|
SourceToken = signup.PaymentToken
|
|
|
|
|
|
});
|
2017-04-04 10:13:16 -04:00
|
|
|
|
|
2017-04-04 12:57:50 -04:00
|
|
|
|
var subCreateOptions = new StripeSubscriptionCreateOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
Items = new List<StripeSubscriptionItemOption>
|
|
|
|
|
|
{
|
|
|
|
|
|
new StripeSubscriptionItemOption
|
|
|
|
|
|
{
|
2017-04-10 09:36:21 -04:00
|
|
|
|
PlanId = plan.StripePlanId,
|
2017-04-04 12:57:50 -04:00
|
|
|
|
Quantity = 1
|
|
|
|
|
|
}
|
2017-04-26 16:14:15 -04:00
|
|
|
|
},
|
|
|
|
|
|
Metadata = new Dictionary<string, string> {
|
|
|
|
|
|
{ "organizationId", newOrgId.ToString() }
|
2017-04-04 12:57:50 -04:00
|
|
|
|
}
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(signup.AdditionalSeats > 0)
|
2017-04-04 12:57:50 -04:00
|
|
|
|
{
|
|
|
|
|
|
subCreateOptions.Items.Add(new StripeSubscriptionItemOption
|
|
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
PlanId = plan.StripeSeatPlanId,
|
|
|
|
|
|
Quantity = signup.AdditionalSeats
|
2017-04-04 12:57:50 -04:00
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-11 13:04:37 -04:00
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
subscription = await subscriptionService.CreateAsync(customer.Id, subCreateOptions);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch(StripeException)
|
|
|
|
|
|
{
|
|
|
|
|
|
if(customer != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
await customerService.DeleteAsync(customer.Id);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
throw;
|
|
|
|
|
|
}
|
2017-04-04 12:57:50 -04:00
|
|
|
|
}
|
2017-04-04 10:13:16 -04:00
|
|
|
|
|
2017-03-03 00:07:11 -05:00
|
|
|
|
var organization = new Organization
|
|
|
|
|
|
{
|
2017-04-26 16:14:15 -04:00
|
|
|
|
Id = newOrgId,
|
2017-03-04 21:28:41 -05:00
|
|
|
|
Name = signup.Name,
|
2017-04-04 12:57:50 -04:00
|
|
|
|
BillingEmail = signup.BillingEmail,
|
|
|
|
|
|
BusinessName = signup.BusinessName,
|
2017-03-03 00:07:11 -05:00
|
|
|
|
PlanType = plan.Type,
|
2017-04-10 10:44:27 -04:00
|
|
|
|
Seats = (short)(plan.BaseSeats + signup.AdditionalSeats),
|
2017-04-07 16:41:04 -04:00
|
|
|
|
MaxSubvaults = plan.MaxSubvaults,
|
2017-04-08 16:41:40 -04:00
|
|
|
|
Plan = plan.Name,
|
2017-04-04 12:57:50 -04:00
|
|
|
|
StripeCustomerId = customer?.Id,
|
|
|
|
|
|
StripeSubscriptionId = subscription?.Id,
|
2017-03-03 00:07:11 -05:00
|
|
|
|
CreationDate = DateTime.UtcNow,
|
|
|
|
|
|
RevisionDate = DateTime.UtcNow
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
2017-04-04 12:57:50 -04:00
|
|
|
|
await _organizationRepository.CreateAsync(organization);
|
|
|
|
|
|
|
2017-03-03 00:07:11 -05:00
|
|
|
|
var orgUser = new OrganizationUser
|
|
|
|
|
|
{
|
|
|
|
|
|
OrganizationId = organization.Id,
|
2017-03-04 21:28:41 -05:00
|
|
|
|
UserId = signup.Owner.Id,
|
|
|
|
|
|
Key = signup.OwnerKey,
|
2017-04-11 13:04:37 -04:00
|
|
|
|
Type = OrganizationUserType.Owner,
|
|
|
|
|
|
Status = OrganizationUserStatusType.Confirmed,
|
2017-04-20 23:50:12 -04:00
|
|
|
|
AccessAllSubvaults = true,
|
2017-03-03 00:07:11 -05:00
|
|
|
|
CreationDate = DateTime.UtcNow,
|
|
|
|
|
|
RevisionDate = DateTime.UtcNow
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
await _organizationUserRepository.CreateAsync(orgUser);
|
|
|
|
|
|
|
2017-04-21 22:39:46 -04:00
|
|
|
|
// push
|
|
|
|
|
|
await _pushService.PushSyncOrgKeysAsync(signup.Owner.Id);
|
|
|
|
|
|
|
2017-03-03 00:07:11 -05:00
|
|
|
|
return new Tuple<Organization, OrganizationUser>(organization, orgUser);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
2017-04-04 12:57:50 -04:00
|
|
|
|
if(subscription != null)
|
|
|
|
|
|
{
|
2017-04-11 13:04:37 -04:00
|
|
|
|
await subscriptionService.CancelAsync(subscription.Id, false);
|
2017-04-04 12:57:50 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-11 13:04:37 -04:00
|
|
|
|
if(customer != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
var chargeService = new StripeChargeService();
|
|
|
|
|
|
var charges = await chargeService.ListAsync(new StripeChargeListOptions { CustomerId = customer.Id });
|
|
|
|
|
|
if(charges?.Data != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
var refundService = new StripeRefundService();
|
|
|
|
|
|
foreach(var charge in charges.Data.Where(c => !c.Refunded))
|
|
|
|
|
|
{
|
|
|
|
|
|
await refundService.CreateAsync(charge.Id);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await customerService.DeleteAsync(customer.Id);
|
|
|
|
|
|
}
|
2017-04-04 12:57:50 -04:00
|
|
|
|
|
|
|
|
|
|
if(organization.Id != default(Guid))
|
|
|
|
|
|
{
|
|
|
|
|
|
await _organizationRepository.DeleteAsync(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-03 00:07:11 -05:00
|
|
|
|
throw;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-03-04 21:28:41 -05:00
|
|
|
|
|
2017-04-11 10:52:28 -04:00
|
|
|
|
public async Task DeleteAsync(Organization organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
if(!string.IsNullOrWhiteSpace(organization.StripeSubscriptionId))
|
|
|
|
|
|
{
|
|
|
|
|
|
var subscriptionService = new StripeSubscriptionService();
|
|
|
|
|
|
var canceledSub = await subscriptionService.CancelAsync(organization.StripeSubscriptionId, false);
|
|
|
|
|
|
if(!canceledSub.CanceledAt.HasValue)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Unable to cancel subscription.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await _organizationRepository.DeleteAsync(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-26 16:14:15 -04:00
|
|
|
|
public async Task DisableAsync(Guid organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var org = await _organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
|
|
if(org != null && org.Enabled)
|
|
|
|
|
|
{
|
|
|
|
|
|
org.Enabled = false;
|
|
|
|
|
|
await _organizationRepository.ReplaceAsync(org);
|
|
|
|
|
|
|
|
|
|
|
|
// TODO: send email to owners?
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public async Task EnableAsync(Guid organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var org = await _organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
|
|
if(org != null && !org.Enabled)
|
|
|
|
|
|
{
|
|
|
|
|
|
org.Enabled = true;
|
|
|
|
|
|
await _organizationRepository.ReplaceAsync(org);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 19:07:38 -04:00
|
|
|
|
public async Task UpdateAsync(Organization organization, bool updateBilling = false)
|
|
|
|
|
|
{
|
|
|
|
|
|
if(organization.Id == default(Guid))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new ApplicationException("Cannot create org this way. Call SignUpAsync.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await _organizationRepository.ReplaceAsync(organization);
|
|
|
|
|
|
|
|
|
|
|
|
if(updateBilling && !string.IsNullOrWhiteSpace(organization.StripeCustomerId))
|
|
|
|
|
|
{
|
|
|
|
|
|
var customerService = new StripeCustomerService();
|
|
|
|
|
|
await customerService.UpdateAsync(organization.StripeCustomerId, new StripeCustomerUpdateOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
Email = organization.BillingEmail,
|
|
|
|
|
|
Description = organization.BusinessName
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-23 00:17:34 -04:00
|
|
|
|
public async Task<OrganizationUser> InviteUserAsync(Guid organizationId, Guid invitingUserId, string email,
|
2017-04-20 23:50:12 -04:00
|
|
|
|
OrganizationUserType type, bool accessAllSubvaults, IEnumerable<SubvaultUser> subvaults)
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
2017-04-07 16:41:04 -04:00
|
|
|
|
var organization = await _organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
|
|
if(organization == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(organization.Seats.HasValue)
|
2017-04-07 16:41:04 -04:00
|
|
|
|
{
|
|
|
|
|
|
var userCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(organizationId);
|
2017-04-10 10:44:27 -04:00
|
|
|
|
if(userCount >= organization.Seats.Value)
|
2017-04-07 16:41:04 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You have reached the maximum number of users " +
|
2017-04-10 10:44:27 -04:00
|
|
|
|
$"({organization.Seats.Value}) for this organization.");
|
2017-04-07 16:41:04 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-28 21:16:19 -04:00
|
|
|
|
// Make sure user is not already invited
|
|
|
|
|
|
var existingOrgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, email);
|
|
|
|
|
|
if(existingOrgUser != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User already invited.");
|
|
|
|
|
|
}
|
2017-03-23 00:17:34 -04:00
|
|
|
|
|
2017-03-04 21:28:41 -05:00
|
|
|
|
var orgUser = new OrganizationUser
|
|
|
|
|
|
{
|
|
|
|
|
|
OrganizationId = organizationId,
|
|
|
|
|
|
UserId = null,
|
|
|
|
|
|
Email = email,
|
|
|
|
|
|
Key = null,
|
2017-03-13 23:31:17 -04:00
|
|
|
|
Type = type,
|
2017-04-12 11:00:40 -04:00
|
|
|
|
Status = OrganizationUserStatusType.Invited,
|
2017-04-20 23:50:12 -04:00
|
|
|
|
AccessAllSubvaults = accessAllSubvaults,
|
2017-03-04 21:28:41 -05:00
|
|
|
|
CreationDate = DateTime.UtcNow,
|
|
|
|
|
|
RevisionDate = DateTime.UtcNow
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
await _organizationUserRepository.CreateAsync(orgUser);
|
2017-04-20 23:50:12 -04:00
|
|
|
|
if(!orgUser.AccessAllSubvaults && subvaults.Any())
|
|
|
|
|
|
{
|
|
|
|
|
|
await SaveUserSubvaultsAsync(orgUser, subvaults, true);
|
|
|
|
|
|
}
|
2017-03-23 11:51:37 -04:00
|
|
|
|
await SendInviteAsync(orgUser);
|
2017-03-04 21:28:41 -05:00
|
|
|
|
|
|
|
|
|
|
return orgUser;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-23 00:17:34 -04:00
|
|
|
|
public async Task ResendInviteAsync(Guid organizationId, Guid invitingUserId, Guid organizationUserId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByIdAsync(organizationUserId);
|
|
|
|
|
|
if(orgUser == null || orgUser.OrganizationId != organizationId ||
|
2017-04-12 11:00:40 -04:00
|
|
|
|
orgUser.Status != OrganizationUserStatusType.Invited)
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User invalid.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-23 11:51:37 -04:00
|
|
|
|
await SendInviteAsync(orgUser);
|
2017-03-23 00:17:34 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-23 11:51:37 -04:00
|
|
|
|
private async Task SendInviteAsync(OrganizationUser orgUser)
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
2017-03-28 21:16:19 -04:00
|
|
|
|
var org = await _organizationRepository.GetByIdAsync(orgUser.OrganizationId);
|
2017-03-23 11:51:37 -04:00
|
|
|
|
var nowMillis = CoreHelpers.ToEpocMilliseconds(DateTime.UtcNow);
|
2017-03-23 00:17:34 -04:00
|
|
|
|
var token = _dataProtector.Protect(
|
2017-03-23 11:51:37 -04:00
|
|
|
|
$"OrganizationUserInvite {orgUser.Id} {orgUser.Email} {nowMillis}");
|
2017-03-28 21:16:19 -04:00
|
|
|
|
await _mailService.SendOrganizationInviteEmailAsync(org.Name, orgUser, token);
|
2017-03-23 00:17:34 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-04 21:28:41 -05:00
|
|
|
|
public async Task<OrganizationUser> AcceptUserAsync(Guid organizationUserId, User user, string token)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByIdAsync(organizationUserId);
|
2017-03-23 00:17:34 -04:00
|
|
|
|
if(orgUser == null || orgUser.Email != user.Email)
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User invalid.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-12 11:00:40 -04:00
|
|
|
|
if(orgUser.Status != OrganizationUserStatusType.Invited)
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Already accepted.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-07 14:52:31 -04:00
|
|
|
|
var ownerExistingOrgCount = await _organizationUserRepository.GetCountByFreeOrganizationAdminUserAsync(user.Id);
|
|
|
|
|
|
if(ownerExistingOrgCount > 0)
|
2017-04-07 14:03:36 -04:00
|
|
|
|
{
|
2017-04-07 14:14:48 -04:00
|
|
|
|
throw new BadRequestException("You can only be an admin of one free organization.");
|
2017-04-07 14:03:36 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-23 00:17:34 -04:00
|
|
|
|
var tokenValidationFailed = true;
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
var unprotectedData = _dataProtector.Unprotect(token);
|
|
|
|
|
|
var dataParts = unprotectedData.Split(' ');
|
2017-03-23 11:51:37 -04:00
|
|
|
|
if(dataParts.Length == 4 && dataParts[0] == "OrganizationUserInvite" &&
|
|
|
|
|
|
new Guid(dataParts[1]) == orgUser.Id && dataParts[2] == user.Email)
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
|
|
|
|
|
var creationTime = CoreHelpers.FromEpocMilliseconds(Convert.ToInt64(dataParts[3]));
|
|
|
|
|
|
tokenValidationFailed = creationTime.AddDays(5) < DateTime.UtcNow;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
tokenValidationFailed = true;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if(tokenValidationFailed)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invalid token.");
|
|
|
|
|
|
}
|
2017-03-04 21:28:41 -05:00
|
|
|
|
|
2017-04-12 11:00:40 -04:00
|
|
|
|
orgUser.Status = OrganizationUserStatusType.Accepted;
|
2017-03-23 16:56:25 -04:00
|
|
|
|
orgUser.UserId = user.Id;
|
2017-03-04 21:28:41 -05:00
|
|
|
|
orgUser.Email = null;
|
|
|
|
|
|
await _organizationUserRepository.ReplaceAsync(orgUser);
|
|
|
|
|
|
|
2017-04-21 14:22:32 -04:00
|
|
|
|
// TODO: send notification emails to org admins and accepting user?
|
2017-03-04 21:28:41 -05:00
|
|
|
|
|
|
|
|
|
|
return orgUser;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-23 00:17:34 -04:00
|
|
|
|
public async Task<OrganizationUser> ConfirmUserAsync(Guid organizationId, Guid organizationUserId, string key,
|
|
|
|
|
|
Guid confirmingUserId)
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByIdAsync(organizationUserId);
|
2017-03-23 00:17:34 -04:00
|
|
|
|
if(orgUser == null || orgUser.Status != Enums.OrganizationUserStatusType.Accepted ||
|
|
|
|
|
|
orgUser.OrganizationId != organizationId)
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
2017-03-23 00:17:34 -04:00
|
|
|
|
throw new BadRequestException("User not valid.");
|
2017-03-04 21:28:41 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-12 11:00:40 -04:00
|
|
|
|
orgUser.Status = OrganizationUserStatusType.Confirmed;
|
2017-03-04 21:28:41 -05:00
|
|
|
|
orgUser.Key = key;
|
|
|
|
|
|
orgUser.Email = null;
|
|
|
|
|
|
await _organizationUserRepository.ReplaceAsync(orgUser);
|
|
|
|
|
|
|
2017-04-12 11:00:40 -04:00
|
|
|
|
var user = await _userRepository.GetByIdAsync(orgUser.UserId.Value);
|
|
|
|
|
|
var org = await _organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
|
|
if(user != null && org != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
await _mailService.SendOrganizationConfirmedEmailAsync(org.Name, user.Email);
|
|
|
|
|
|
}
|
2017-03-04 21:28:41 -05:00
|
|
|
|
|
2017-04-21 14:22:32 -04:00
|
|
|
|
// push
|
|
|
|
|
|
await _pushService.PushSyncOrgKeysAsync(orgUser.UserId.Value);
|
|
|
|
|
|
|
2017-03-04 21:28:41 -05:00
|
|
|
|
return orgUser;
|
|
|
|
|
|
}
|
2017-03-09 23:58:43 -05:00
|
|
|
|
|
2017-03-23 00:17:34 -04:00
|
|
|
|
public async Task SaveUserAsync(OrganizationUser user, Guid savingUserId, IEnumerable<SubvaultUser> subvaults)
|
2017-03-09 23:58:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
if(user.Id.Equals(default(Guid)))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invite the user first.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-29 21:26:19 -04:00
|
|
|
|
var confirmedOwners = (await GetConfirmedOwnersAsync(user.OrganizationId)).ToList();
|
2017-04-12 11:00:40 -04:00
|
|
|
|
if(user.Type != OrganizationUserType.Owner && confirmedOwners.Count == 1 && confirmedOwners[0].Id == user.Id)
|
2017-03-29 21:26:19 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization must have at least one confirmed owner.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-09 23:58:43 -05:00
|
|
|
|
await _organizationUserRepository.ReplaceAsync(user);
|
2017-04-20 23:50:12 -04:00
|
|
|
|
|
|
|
|
|
|
if(user.AccessAllSubvaults)
|
|
|
|
|
|
{
|
|
|
|
|
|
// We don't need any subvaults if we're flagged to have all access.
|
|
|
|
|
|
subvaults = new List<SubvaultUser>();
|
|
|
|
|
|
}
|
2017-04-18 10:21:32 -04:00
|
|
|
|
await SaveUserSubvaultsAsync(user, subvaults, false);
|
2017-03-11 22:42:27 -05:00
|
|
|
|
}
|
2017-03-09 23:58:43 -05:00
|
|
|
|
|
2017-03-23 00:17:34 -04:00
|
|
|
|
public async Task DeleteUserAsync(Guid organizationId, Guid organizationUserId, Guid deletingUserId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByIdAsync(organizationUserId);
|
|
|
|
|
|
if(orgUser == null || orgUser.OrganizationId != organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User not valid.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-18 15:27:54 -04:00
|
|
|
|
if(orgUser.UserId == deletingUserId)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You cannot remove yourself.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-29 21:26:19 -04:00
|
|
|
|
var confirmedOwners = (await GetConfirmedOwnersAsync(organizationId)).ToList();
|
|
|
|
|
|
if(confirmedOwners.Count == 1 && confirmedOwners[0].Id == organizationUserId)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization must have at least one confirmed owner.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-12 10:07:27 -04:00
|
|
|
|
await _organizationUserRepository.DeleteAsync(orgUser);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public async Task DeleteUserAsync(Guid organizationId, Guid userId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, userId);
|
|
|
|
|
|
if(orgUser == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var confirmedOwners = (await GetConfirmedOwnersAsync(organizationId)).ToList();
|
|
|
|
|
|
if(confirmedOwners.Count == 1 && confirmedOwners[0].Id == orgUser.Id)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization must have at least one confirmed owner.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-23 00:17:34 -04:00
|
|
|
|
await _organizationUserRepository.DeleteAsync(orgUser);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-29 21:26:19 -04:00
|
|
|
|
private async Task<IEnumerable<OrganizationUser>> GetConfirmedOwnersAsync(Guid organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var owners = await _organizationUserRepository.GetManyByOrganizationAsync(organizationId,
|
|
|
|
|
|
Enums.OrganizationUserType.Owner);
|
|
|
|
|
|
return owners.Where(o => o.Status == Enums.OrganizationUserStatusType.Confirmed);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-11 22:42:27 -05:00
|
|
|
|
private async Task SaveUserSubvaultsAsync(OrganizationUser user, IEnumerable<SubvaultUser> subvaults, bool newUser)
|
|
|
|
|
|
{
|
2017-03-13 22:54:24 -04:00
|
|
|
|
if(subvaults == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
subvaults = new List<SubvaultUser>();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-09 23:58:43 -05:00
|
|
|
|
var orgSubvaults = await _subvaultRepository.GetManyByOrganizationIdAsync(user.OrganizationId);
|
2017-03-11 22:42:27 -05:00
|
|
|
|
var currentUserSubvaults = newUser ? null : await _subvaultUserRepository.GetManyByOrganizationUserIdAsync(user.Id);
|
2017-03-09 23:58:43 -05:00
|
|
|
|
|
|
|
|
|
|
// Let's make sure all these belong to this user and organization.
|
2017-03-11 22:42:27 -05:00
|
|
|
|
var filteredSubvaults = subvaults.Where(s => orgSubvaults.Any(os => os.Id == s.SubvaultId));
|
2017-03-09 23:58:43 -05:00
|
|
|
|
foreach(var subvault in filteredSubvaults)
|
|
|
|
|
|
{
|
2017-03-13 22:54:24 -04:00
|
|
|
|
var existingSubvaultUser = currentUserSubvaults?.FirstOrDefault(cs => cs.SubvaultId == subvault.SubvaultId);
|
|
|
|
|
|
if(existingSubvaultUser != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
subvault.Id = existingSubvaultUser.Id;
|
|
|
|
|
|
subvault.CreationDate = existingSubvaultUser.CreationDate;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-11 22:42:27 -05:00
|
|
|
|
subvault.OrganizationUserId = user.Id;
|
2017-03-09 23:58:43 -05:00
|
|
|
|
await _subvaultUserRepository.UpsertAsync(subvault);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-11 22:42:27 -05:00
|
|
|
|
if(!newUser)
|
2017-03-09 23:58:43 -05:00
|
|
|
|
{
|
2017-03-13 22:54:24 -04:00
|
|
|
|
var subvaultsToDelete = currentUserSubvaults.Where(cs =>
|
|
|
|
|
|
!filteredSubvaults.Any(s => s.SubvaultId == cs.SubvaultId));
|
2017-03-11 22:42:27 -05:00
|
|
|
|
foreach(var subvault in subvaultsToDelete)
|
|
|
|
|
|
{
|
|
|
|
|
|
await _subvaultUserRepository.DeleteAsync(subvault);
|
|
|
|
|
|
}
|
2017-03-09 23:58:43 -05:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-03-03 00:07:11 -05:00
|
|
|
|
}
|
|
|
|
|
|
}
|
