2017-03-03 00:07:11 -05:00
|
|
|
|
using System;
|
|
|
|
|
|
using System.Linq;
|
|
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
|
|
using Bit.Core.Repositories;
|
|
|
|
|
|
using Bit.Core.Models.Business;
|
2017-03-08 21:45:08 -05:00
|
|
|
|
using Bit.Core.Models.Table;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
using Bit.Core.Utilities;
|
|
|
|
|
|
using Bit.Core.Exceptions;
|
2017-03-09 23:58:43 -05:00
|
|
|
|
using System.Collections.Generic;
|
2017-03-23 00:17:34 -04:00
|
|
|
|
using Microsoft.AspNetCore.DataProtection;
|
2017-04-04 10:13:16 -04:00
|
|
|
|
using Stripe;
|
2017-04-10 10:44:27 -04:00
|
|
|
|
using Bit.Core.Enums;
|
2017-05-11 14:52:35 -04:00
|
|
|
|
using Bit.Core.Models.Data;
|
2021-02-22 15:35:16 -06:00
|
|
|
|
using Bit.Core.Settings;
|
2017-08-14 21:25:06 -04:00
|
|
|
|
using System.IO;
|
|
|
|
|
|
using Newtonsoft.Json;
|
2021-01-12 11:02:39 -05:00
|
|
|
|
using System.Text.Json;
|
2021-07-01 14:31:05 +02:00
|
|
|
|
using Bit.Core.Context;
|
2021-09-23 06:36:08 -04:00
|
|
|
|
using Microsoft.Extensions.Logging;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
|
|
|
|
|
|
namespace Bit.Core.Services
|
|
|
|
|
|
{
|
|
|
|
|
|
public class OrganizationService : IOrganizationService
|
|
|
|
|
|
{
|
|
|
|
|
|
private readonly IOrganizationRepository _organizationRepository;
|
|
|
|
|
|
private readonly IOrganizationUserRepository _organizationUserRepository;
|
2017-04-27 09:19:30 -04:00
|
|
|
|
private readonly ICollectionRepository _collectionRepository;
|
2017-03-04 21:28:41 -05:00
|
|
|
|
private readonly IUserRepository _userRepository;
|
2017-05-13 12:00:40 -04:00
|
|
|
|
private readonly IGroupRepository _groupRepository;
|
2017-03-23 00:17:34 -04:00
|
|
|
|
private readonly IDataProtector _dataProtector;
|
|
|
|
|
|
private readonly IMailService _mailService;
|
2017-05-26 22:52:50 -04:00
|
|
|
|
private readonly IPushNotificationService _pushNotificationService;
|
|
|
|
|
|
private readonly IPushRegistrationService _pushRegistrationService;
|
2017-08-11 08:57:31 -04:00
|
|
|
|
private readonly IDeviceRepository _deviceRepository;
|
2017-08-14 20:57:45 -04:00
|
|
|
|
private readonly ILicensingService _licensingService;
|
2017-12-01 16:00:30 -05:00
|
|
|
|
private readonly IEventService _eventService;
|
2017-08-15 16:11:08 -04:00
|
|
|
|
private readonly IInstallationRepository _installationRepository;
|
2017-12-19 16:02:39 -05:00
|
|
|
|
private readonly IApplicationCacheService _applicationCacheService;
|
2019-02-08 23:53:09 -05:00
|
|
|
|
private readonly IPaymentService _paymentService;
|
2020-01-15 15:00:54 -05:00
|
|
|
|
private readonly IPolicyRepository _policyRepository;
|
2020-07-22 09:38:39 -04:00
|
|
|
|
private readonly ISsoConfigRepository _ssoConfigRepository;
|
2020-08-26 14:12:04 -04:00
|
|
|
|
private readonly ISsoUserRepository _ssoUserRepository;
|
2020-07-07 12:01:34 -04:00
|
|
|
|
private readonly IReferenceEventService _referenceEventService;
|
2021-09-23 06:36:08 -04:00
|
|
|
|
private readonly IGlobalSettings _globalSettings;
|
2020-12-09 14:04:46 -05:00
|
|
|
|
private readonly ITaxRateRepository _taxRateRepository;
|
2021-07-01 14:31:05 +02:00
|
|
|
|
private readonly ICurrentContext _currentContext;
|
2021-09-23 06:36:08 -04:00
|
|
|
|
private readonly ILogger<OrganizationService> _logger;
|
|
|
|
|
|
|
2017-03-03 00:07:11 -05:00
|
|
|
|
|
|
|
|
|
|
public OrganizationService(
|
|
|
|
|
|
IOrganizationRepository organizationRepository,
|
2017-03-04 21:28:41 -05:00
|
|
|
|
IOrganizationUserRepository organizationUserRepository,
|
2017-04-27 09:19:30 -04:00
|
|
|
|
ICollectionRepository collectionRepository,
|
2017-03-23 00:17:34 -04:00
|
|
|
|
IUserRepository userRepository,
|
2017-05-13 12:00:40 -04:00
|
|
|
|
IGroupRepository groupRepository,
|
2017-03-23 00:17:34 -04:00
|
|
|
|
IDataProtectionProvider dataProtectionProvider,
|
2017-04-21 14:22:32 -04:00
|
|
|
|
IMailService mailService,
|
2017-05-26 22:52:50 -04:00
|
|
|
|
IPushNotificationService pushNotificationService,
|
2017-08-11 08:57:31 -04:00
|
|
|
|
IPushRegistrationService pushRegistrationService,
|
2017-08-14 20:57:45 -04:00
|
|
|
|
IDeviceRepository deviceRepository,
|
|
|
|
|
|
ILicensingService licensingService,
|
2017-12-01 16:00:30 -05:00
|
|
|
|
IEventService eventService,
|
2017-08-15 16:11:08 -04:00
|
|
|
|
IInstallationRepository installationRepository,
|
2017-12-19 16:02:39 -05:00
|
|
|
|
IApplicationCacheService applicationCacheService,
|
2019-02-08 23:53:09 -05:00
|
|
|
|
IPaymentService paymentService,
|
2020-01-15 15:00:54 -05:00
|
|
|
|
IPolicyRepository policyRepository,
|
2020-07-22 09:38:39 -04:00
|
|
|
|
ISsoConfigRepository ssoConfigRepository,
|
2020-08-26 14:12:04 -04:00
|
|
|
|
ISsoUserRepository ssoUserRepository,
|
2020-07-07 12:01:34 -04:00
|
|
|
|
IReferenceEventService referenceEventService,
|
2021-09-23 06:36:08 -04:00
|
|
|
|
IGlobalSettings globalSettings,
|
2021-07-01 14:31:05 +02:00
|
|
|
|
ITaxRateRepository taxRateRepository,
|
2021-09-23 06:36:08 -04:00
|
|
|
|
ICurrentContext currentContext,
|
|
|
|
|
|
ILogger<OrganizationService> logger)
|
2017-03-03 00:07:11 -05:00
|
|
|
|
{
|
|
|
|
|
|
_organizationRepository = organizationRepository;
|
|
|
|
|
|
_organizationUserRepository = organizationUserRepository;
|
2017-04-27 09:19:30 -04:00
|
|
|
|
_collectionRepository = collectionRepository;
|
2017-03-04 21:28:41 -05:00
|
|
|
|
_userRepository = userRepository;
|
2017-05-13 12:00:40 -04:00
|
|
|
|
_groupRepository = groupRepository;
|
2017-03-23 00:17:34 -04:00
|
|
|
|
_dataProtector = dataProtectionProvider.CreateProtector("OrganizationServiceDataProtector");
|
|
|
|
|
|
_mailService = mailService;
|
2017-05-26 22:52:50 -04:00
|
|
|
|
_pushNotificationService = pushNotificationService;
|
|
|
|
|
|
_pushRegistrationService = pushRegistrationService;
|
2017-08-11 08:57:31 -04:00
|
|
|
|
_deviceRepository = deviceRepository;
|
2017-08-14 20:57:45 -04:00
|
|
|
|
_licensingService = licensingService;
|
2017-12-01 16:00:30 -05:00
|
|
|
|
_eventService = eventService;
|
2017-08-15 16:11:08 -04:00
|
|
|
|
_installationRepository = installationRepository;
|
2017-12-19 16:02:39 -05:00
|
|
|
|
_applicationCacheService = applicationCacheService;
|
2019-02-08 23:53:09 -05:00
|
|
|
|
_paymentService = paymentService;
|
2020-01-15 15:00:54 -05:00
|
|
|
|
_policyRepository = policyRepository;
|
2020-07-22 09:38:39 -04:00
|
|
|
|
_ssoConfigRepository = ssoConfigRepository;
|
2020-08-26 14:12:04 -04:00
|
|
|
|
_ssoUserRepository = ssoUserRepository;
|
2020-07-07 12:01:34 -04:00
|
|
|
|
_referenceEventService = referenceEventService;
|
2017-08-14 20:57:45 -04:00
|
|
|
|
_globalSettings = globalSettings;
|
2020-12-09 14:04:46 -05:00
|
|
|
|
_taxRateRepository = taxRateRepository;
|
2021-07-01 14:31:05 +02:00
|
|
|
|
_currentContext = currentContext;
|
2021-09-23 06:36:08 -04:00
|
|
|
|
_logger = logger;
|
2017-03-03 00:07:11 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-19 17:13:21 -05:00
|
|
|
|
public async Task ReplacePaymentMethodAsync(Guid organizationId, string paymentToken,
|
2020-06-17 19:49:27 -04:00
|
|
|
|
PaymentMethodType paymentMethodType, TaxInfo taxInfo)
|
2017-04-08 16:41:40 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-04-08 16:41:40 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-06-17 19:49:27 -04:00
|
|
|
|
await _paymentService.SaveTaxInfoAsync(organization, taxInfo);
|
2019-02-08 23:53:09 -05:00
|
|
|
|
var updated = await _paymentService.UpdatePaymentMethodAsync(organization,
|
2019-02-26 12:45:34 -05:00
|
|
|
|
paymentMethodType, paymentToken);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (updated)
|
2017-04-08 16:41:40 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await ReplaceAndUpdateCache(organization);
|
2017-04-08 16:41:40 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-12-31 13:34:02 -05:00
|
|
|
|
public async Task CancelSubscriptionAsync(Guid organizationId, bool? endOfPeriod = null)
|
2017-04-08 18:15:20 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-04-08 18:15:20 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-12-31 13:34:02 -05:00
|
|
|
|
var eop = endOfPeriod.GetValueOrDefault(true);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!endOfPeriod.HasValue && organization.ExpirationDate.HasValue &&
|
2018-12-31 13:34:02 -05:00
|
|
|
|
organization.ExpirationDate.Value < DateTime.UtcNow)
|
|
|
|
|
|
{
|
|
|
|
|
|
eop = false;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-08 23:53:09 -05:00
|
|
|
|
await _paymentService.CancelSubscriptionAsync(organization, eop);
|
2020-07-07 12:01:34 -04:00
|
|
|
|
await _referenceEventService.RaiseEventAsync(
|
|
|
|
|
|
new ReferenceEvent(ReferenceEventType.CancelSubscription, organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
EndOfPeriod = endOfPeriod,
|
|
|
|
|
|
});
|
2017-04-08 18:15:20 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 18:20:21 -04:00
|
|
|
|
public async Task ReinstateSubscriptionAsync(Guid organizationId)
|
2017-04-10 16:42:53 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-04-10 16:42:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-08 23:53:09 -05:00
|
|
|
|
await _paymentService.ReinstateSubscriptionAsync(organization);
|
2020-07-07 12:01:34 -04:00
|
|
|
|
await _referenceEventService.RaiseEventAsync(
|
|
|
|
|
|
new ReferenceEvent(ReferenceEventType.ReinstateSubscription, organization));
|
2017-04-10 16:42:53 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-08-09 23:56:26 -04:00
|
|
|
|
public async Task<Tuple<bool, string>> UpgradePlanAsync(Guid organizationId, OrganizationUpgrade upgrade)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (string.IsNullOrWhiteSpace(organization.GatewayCustomerId))
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2019-03-21 21:36:03 -04:00
|
|
|
|
throw new BadRequestException("Your account has no payment method available.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var existingPlan = StaticStore.Plans.FirstOrDefault(p => p.Type == organization.PlanType);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (existingPlan == null)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Existing plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-03-21 21:36:03 -04:00
|
|
|
|
var newPlan = StaticStore.Plans.FirstOrDefault(p => p.Type == upgrade.Plan && !p.Disabled);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (newPlan == null)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (existingPlan.Type == newPlan.Type)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization is already on this plan.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (existingPlan.UpgradeSortOrder >= newPlan.UpgradeSortOrder)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You cannot upgrade to this plan.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (existingPlan.Type != PlanType.Free)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2019-03-21 21:36:03 -04:00
|
|
|
|
throw new BadRequestException("You can only upgrade from the free plan. Contact support.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-03-21 21:36:03 -04:00
|
|
|
|
ValidateOrganizationUpgradeParameters(newPlan, upgrade);
|
2017-04-10 09:36:21 -04:00
|
|
|
|
|
2019-03-21 21:36:03 -04:00
|
|
|
|
var newPlanSeats = (short)(newPlan.BaseSeats +
|
2020-08-11 14:19:56 -04:00
|
|
|
|
(newPlan.HasAdditionalSeatsOption ? upgrade.AdditionalSeats : 0));
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!organization.Seats.HasValue || organization.Seats.Value > newPlanSeats)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
var userCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(organization.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (userCount > newPlanSeats)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2019-03-21 21:36:03 -04:00
|
|
|
|
throw new BadRequestException($"Your organization currently has {userCount} seats filled. " +
|
|
|
|
|
|
$"Your new plan only has ({newPlanSeats}) seats. Remove some users.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (newPlan.MaxCollections.HasValue && (!organization.MaxCollections.HasValue ||
|
2019-03-21 21:36:03 -04:00
|
|
|
|
organization.MaxCollections.Value > newPlan.MaxCollections.Value))
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-27 09:19:30 -04:00
|
|
|
|
var collectionCount = await _collectionRepository.GetCountByOrganizationIdAsync(organization.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (collectionCount > newPlan.MaxCollections.Value)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-27 09:19:30 -04:00
|
|
|
|
throw new BadRequestException($"Your organization currently has {collectionCount} collections. " +
|
|
|
|
|
|
$"Your new plan allows for a maximum of ({newPlan.MaxCollections.Value}) collections. " +
|
|
|
|
|
|
"Remove some collections.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-11 14:19:56 -04:00
|
|
|
|
if (!newPlan.HasGroups && organization.UseGroups)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2019-03-21 21:36:03 -04:00
|
|
|
|
var groups = await _groupRepository.GetManyByOrganizationIdAsync(organization.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (groups.Any())
|
2017-05-08 14:40:04 -04:00
|
|
|
|
{
|
2019-03-21 21:36:03 -04:00
|
|
|
|
throw new BadRequestException($"Your new plan does not allow the groups feature. " +
|
|
|
|
|
|
$"Remove your groups.");
|
2017-05-08 14:40:04 -04:00
|
|
|
|
}
|
2019-03-21 21:36:03 -04:00
|
|
|
|
}
|
2017-05-08 14:40:04 -04:00
|
|
|
|
|
2020-08-11 14:19:56 -04:00
|
|
|
|
if (!newPlan.HasPolicies && organization.UsePolicies)
|
2020-01-15 15:00:54 -05:00
|
|
|
|
{
|
|
|
|
|
|
var policies = await _policyRepository.GetManyByOrganizationIdAsync(organization.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (policies.Any(p => p.Enabled))
|
2020-01-15 15:00:54 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Your new plan does not allow the policies feature. " +
|
|
|
|
|
|
$"Disable your policies.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2020-08-11 14:19:56 -04:00
|
|
|
|
|
|
|
|
|
|
if (!newPlan.HasSso && organization.UseSso)
|
2020-07-22 09:38:39 -04:00
|
|
|
|
{
|
|
|
|
|
|
var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(organization.Id);
|
|
|
|
|
|
if (ssoConfig != null && ssoConfig.Enabled)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Your new plan does not allow the SSO feature. " +
|
|
|
|
|
|
$"Disable your SSO configuration.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-05-12 14:47:00 -05:00
|
|
|
|
if (!newPlan.HasResetPassword && organization.UseResetPassword)
|
|
|
|
|
|
{
|
|
|
|
|
|
var resetPasswordPolicy =
|
|
|
|
|
|
await _policyRepository.GetByOrganizationIdTypeAsync(organization.Id, PolicyType.ResetPassword);
|
|
|
|
|
|
if (resetPasswordPolicy != null && resetPasswordPolicy.Enabled)
|
|
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
throw new BadRequestException("Your new plan does not allow the Password Reset feature. " +
|
2021-05-12 14:47:00 -05:00
|
|
|
|
"Disable your Password Reset policy.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2020-01-15 15:00:54 -05:00
|
|
|
|
|
2019-03-21 21:36:03 -04:00
|
|
|
|
// TODO: Check storage?
|
2017-04-10 09:36:21 -04:00
|
|
|
|
|
2019-08-09 23:56:26 -04:00
|
|
|
|
string paymentIntentClientSecret = null;
|
|
|
|
|
|
var success = true;
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (string.IsNullOrWhiteSpace(organization.GatewaySubscriptionId))
|
2019-03-21 21:36:03 -04:00
|
|
|
|
{
|
2019-08-09 23:56:26 -04:00
|
|
|
|
paymentIntentClientSecret = await _paymentService.UpgradeFreeOrganizationAsync(organization, newPlan,
|
2020-12-04 12:05:16 -05:00
|
|
|
|
upgrade.AdditionalStorageGb, upgrade.AdditionalSeats, upgrade.PremiumAccessAddon, upgrade.TaxInfo);
|
2019-08-09 23:56:26 -04:00
|
|
|
|
success = string.IsNullOrWhiteSpace(paymentIntentClientSecret);
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
2019-03-21 21:36:03 -04:00
|
|
|
|
// TODO: Update existing sub
|
|
|
|
|
|
throw new BadRequestException("You can only upgrade from the free plan. Contact support.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
organization.BusinessName = upgrade.BusinessName;
|
|
|
|
|
|
organization.PlanType = newPlan.Type;
|
|
|
|
|
|
organization.Seats = (short)(newPlan.BaseSeats + upgrade.AdditionalSeats);
|
|
|
|
|
|
organization.MaxCollections = newPlan.MaxCollections;
|
2020-08-11 14:19:56 -04:00
|
|
|
|
organization.UseGroups = newPlan.HasGroups;
|
|
|
|
|
|
organization.UseDirectory = newPlan.HasDirectory;
|
|
|
|
|
|
organization.UseEvents = newPlan.HasEvents;
|
|
|
|
|
|
organization.UseTotp = newPlan.HasTotp;
|
|
|
|
|
|
organization.Use2fa = newPlan.Has2fa;
|
|
|
|
|
|
organization.UseApi = newPlan.HasApi;
|
|
|
|
|
|
organization.SelfHost = newPlan.HasSelfHost;
|
|
|
|
|
|
organization.UsePolicies = newPlan.HasPolicies;
|
2020-09-18 14:10:30 -04:00
|
|
|
|
organization.MaxStorageGb = !newPlan.BaseStorageGb.HasValue ?
|
|
|
|
|
|
(short?)null : (short)(newPlan.BaseStorageGb.Value + upgrade.AdditionalStorageGb);
|
2020-08-11 14:19:56 -04:00
|
|
|
|
organization.UseGroups = newPlan.HasGroups;
|
|
|
|
|
|
organization.UseDirectory = newPlan.HasDirectory;
|
|
|
|
|
|
organization.UseEvents = newPlan.HasEvents;
|
|
|
|
|
|
organization.UseTotp = newPlan.HasTotp;
|
|
|
|
|
|
organization.Use2fa = newPlan.Has2fa;
|
|
|
|
|
|
organization.UseApi = newPlan.HasApi;
|
2020-10-07 15:03:47 -04:00
|
|
|
|
organization.UseSso = newPlan.HasSso;
|
2021-05-06 14:53:12 -05:00
|
|
|
|
organization.UseResetPassword = newPlan.HasResetPassword;
|
2020-08-11 14:19:56 -04:00
|
|
|
|
organization.SelfHost = newPlan.HasSelfHost;
|
2019-03-21 21:36:03 -04:00
|
|
|
|
organization.UsersGetPremium = newPlan.UsersGetPremium || upgrade.PremiumAccessAddon;
|
|
|
|
|
|
organization.Plan = newPlan.Name;
|
2019-08-09 23:56:26 -04:00
|
|
|
|
organization.Enabled = success;
|
2021-05-06 14:53:12 -05:00
|
|
|
|
organization.PublicKey = upgrade.PublicKey;
|
|
|
|
|
|
organization.PrivateKey = upgrade.PrivateKey;
|
2019-03-21 21:36:03 -04:00
|
|
|
|
await ReplaceAndUpdateCache(organization);
|
2020-07-07 12:01:34 -04:00
|
|
|
|
if (success)
|
|
|
|
|
|
{
|
|
|
|
|
|
await _referenceEventService.RaiseEventAsync(
|
|
|
|
|
|
new ReferenceEvent(ReferenceEventType.UpgradePlan, organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
PlanName = newPlan.Name,
|
|
|
|
|
|
PlanType = newPlan.Type,
|
2021-08-10 14:38:58 -04:00
|
|
|
|
OldPlanName = existingPlan.Name,
|
|
|
|
|
|
OldPlanType = existingPlan.Type,
|
2020-07-07 12:01:34 -04:00
|
|
|
|
Seats = organization.Seats,
|
|
|
|
|
|
Storage = organization.MaxStorageGb,
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
2019-08-09 23:56:26 -04:00
|
|
|
|
|
|
|
|
|
|
return new Tuple<bool, string>(success, paymentIntentClientSecret);
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-08-10 12:59:32 -04:00
|
|
|
|
public async Task<string> AdjustStorageAsync(Guid organizationId, short storageAdjustmentGb)
|
2017-07-11 10:59:59 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-07-11 10:59:59 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var plan = StaticStore.Plans.FirstOrDefault(p => p.Type == organization.PlanType);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (plan == null)
|
2017-07-11 10:59:59 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Existing plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-11 14:19:56 -04:00
|
|
|
|
if (!plan.HasAdditionalStorageOption)
|
2017-07-11 10:59:59 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Plan does not allow additional storage.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-08-10 12:59:32 -04:00
|
|
|
|
var secret = await BillingHelpers.AdjustStorageAsync(_paymentService, organization, storageAdjustmentGb,
|
2018-11-20 22:02:09 -05:00
|
|
|
|
plan.StripeStoragePlanId);
|
2020-07-07 12:01:34 -04:00
|
|
|
|
await _referenceEventService.RaiseEventAsync(
|
|
|
|
|
|
new ReferenceEvent(ReferenceEventType.AdjustStorage, organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
PlanName = plan.Name,
|
|
|
|
|
|
PlanType = plan.Type,
|
|
|
|
|
|
Storage = storageAdjustmentGb,
|
|
|
|
|
|
});
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await ReplaceAndUpdateCache(organization);
|
2019-08-10 12:59:32 -04:00
|
|
|
|
return secret;
|
2017-07-11 10:59:59 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
public async Task UpdateSubscription(Guid organizationId, int seatAdjustment, int? maxAutoscaleSeats)
|
|
|
|
|
|
{
|
|
|
|
|
|
var organization = await GetOrgById(organizationId);
|
|
|
|
|
|
if (organization == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var newSeatCount = organization.Seats + seatAdjustment;
|
|
|
|
|
|
if (maxAutoscaleSeats.HasValue && newSeatCount > maxAutoscaleSeats.Value)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Cannot set max seat autoscaling below seat count.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (seatAdjustment != 0)
|
|
|
|
|
|
{
|
|
|
|
|
|
await AdjustSeatsAsync(organization, seatAdjustment);
|
|
|
|
|
|
}
|
|
|
|
|
|
if (maxAutoscaleSeats != organization.MaxAutoscaleSeats)
|
|
|
|
|
|
{
|
|
|
|
|
|
await UpdateAutoscalingAsync(organization, maxAutoscaleSeats);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private async Task UpdateAutoscalingAsync(Organization organization, int? maxAutoscaleSeats)
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
if (maxAutoscaleSeats.HasValue &&
|
|
|
|
|
|
organization.Seats.HasValue &&
|
|
|
|
|
|
maxAutoscaleSeats.Value < organization.Seats.Value)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Cannot set max seat autoscaling below current seat count.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var plan = StaticStore.Plans.FirstOrDefault(p => p.Type == organization.PlanType);
|
|
|
|
|
|
if (plan == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Existing plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (!plan.AllowSeatAutoscale)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Your plan does not allow seat autoscaling.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (plan.MaxUsers.HasValue && maxAutoscaleSeats.HasValue &&
|
|
|
|
|
|
maxAutoscaleSeats > plan.MaxUsers)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException(string.Concat($"Your plan has a seat limit of {plan.MaxUsers}, ",
|
|
|
|
|
|
$"but you have specified a max autoscale count of {maxAutoscaleSeats}.",
|
|
|
|
|
|
"Reduce your max autoscale seat count."));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
organization.MaxAutoscaleSeats = maxAutoscaleSeats;
|
|
|
|
|
|
|
|
|
|
|
|
await ReplaceAndUpdateCache(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public async Task<string> AdjustSeatsAsync(Guid organizationId, int seatAdjustment, DateTime? prorationDate = null)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
return await AdjustSeatsAsync(organization, seatAdjustment, prorationDate);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private async Task<string> AdjustSeatsAsync(Organization organization, int seatAdjustment, DateTime? prorationDate = null, IEnumerable<string> ownerEmails = null)
|
|
|
|
|
|
{
|
2021-09-14 09:18:06 -04:00
|
|
|
|
if (organization.Seats == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization has no seat limit, no need to adjust seats");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (string.IsNullOrWhiteSpace(organization.GatewayCustomerId))
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("No payment method found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (string.IsNullOrWhiteSpace(organization.GatewaySubscriptionId))
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("No subscription found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var plan = StaticStore.Plans.FirstOrDefault(p => p.Type == organization.PlanType);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (plan == null)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Existing plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-11 14:19:56 -04:00
|
|
|
|
if (!plan.HasAdditionalSeatsOption)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2017-04-10 10:44:27 -04:00
|
|
|
|
throw new BadRequestException("Plan does not allow additional seats.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-14 09:18:06 -04:00
|
|
|
|
var newSeatTotal = organization.Seats.Value + seatAdjustment;
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (plan.BaseSeats > newSeatTotal)
|
2017-04-10 11:49:53 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Plan has a minimum of {plan.BaseSeats} seats.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (newSeatTotal <= 0)
|
2017-05-20 15:33:17 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You must have at least 1 seat.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 11:49:53 -04:00
|
|
|
|
var additionalSeats = newSeatTotal - plan.BaseSeats;
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (plan.MaxAdditionalSeats.HasValue && additionalSeats > plan.MaxAdditionalSeats.Value)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Organization plan allows a maximum of " +
|
2017-04-10 10:44:27 -04:00
|
|
|
|
$"{plan.MaxAdditionalSeats.Value} additional seats.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!organization.Seats.HasValue || organization.Seats.Value > newSeatTotal)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
|
|
|
|
|
var userCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(organization.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (userCount > newSeatTotal)
|
2017-04-10 09:36:21 -04:00
|
|
|
|
{
|
2019-05-14 11:16:30 -04:00
|
|
|
|
throw new BadRequestException($"Your organization currently has {userCount} seats filled. " +
|
|
|
|
|
|
$"Your new plan only has ({newSeatTotal}) seats. Remove some users.");
|
2017-04-10 09:36:21 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-14 09:18:06 -04:00
|
|
|
|
var paymentIntentClientSecret = await _paymentService.AdjustSeatsAsync(organization, plan, additionalSeats);
|
2020-07-07 12:01:34 -04:00
|
|
|
|
await _referenceEventService.RaiseEventAsync(
|
|
|
|
|
|
new ReferenceEvent(ReferenceEventType.AdjustSeats, organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
PlanName = plan.Name,
|
|
|
|
|
|
PlanType = plan.Type,
|
2021-08-10 14:38:58 -04:00
|
|
|
|
Seats = newSeatTotal,
|
|
|
|
|
|
PreviousSeats = organization.Seats
|
2020-07-07 12:01:34 -04:00
|
|
|
|
});
|
2021-08-10 14:38:58 -04:00
|
|
|
|
organization.Seats = (short?)newSeatTotal;
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await ReplaceAndUpdateCache(organization);
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
|
|
|
|
|
if (organization.Seats.HasValue && organization.MaxAutoscaleSeats.HasValue && organization.Seats == organization.MaxAutoscaleSeats)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
if (ownerEmails == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
ownerEmails = (await _organizationUserRepository.GetManyByMinimumRoleAsync(organization.Id,
|
|
|
|
|
|
OrganizationUserType.Owner)).Select(u => u.Email).Distinct();
|
|
|
|
|
|
}
|
|
|
|
|
|
await _mailService.SendOrganizationMaxSeatLimitReachedEmailAsync(organization, organization.MaxAutoscaleSeats.Value, ownerEmails);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception e)
|
|
|
|
|
|
{
|
|
|
|
|
|
_logger.LogError(e, "Error encountered notifying organization owners of seat limit reached.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-08-12 10:03:50 -04:00
|
|
|
|
return paymentIntentClientSecret;
|
2017-04-11 10:00:36 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-14 09:23:54 -04:00
|
|
|
|
public async Task VerifyBankAsync(Guid organizationId, int amount1, int amount2)
|
|
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-08-14 09:23:54 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (string.IsNullOrWhiteSpace(organization.GatewayCustomerId))
|
2017-08-14 09:23:54 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new GatewayException("Not a gateway customer.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var bankService = new BankAccountService();
|
2019-01-29 14:41:37 -05:00
|
|
|
|
var customerService = new CustomerService();
|
2017-08-14 09:23:54 -04:00
|
|
|
|
var customer = await customerService.GetAsync(organization.GatewayCustomerId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (customer == null)
|
2017-08-14 09:23:54 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new GatewayException("Cannot find customer.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var bankAccount = customer.Sources
|
2019-01-29 14:41:37 -05:00
|
|
|
|
.FirstOrDefault(s => s is BankAccount && ((BankAccount)s).Status != "verified") as BankAccount;
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (bankAccount == null)
|
2017-08-14 09:23:54 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new GatewayException("Cannot find an unverified bank account.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
var result = await bankService.VerifyAsync(organization.GatewayCustomerId, bankAccount.Id,
|
2019-01-29 14:41:37 -05:00
|
|
|
|
new BankAccountVerifyOptions { Amounts = new List<long> { amount1, amount2 } });
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (result.Status != "verified")
|
2017-08-14 09:23:54 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new GatewayException("Unable to verify account.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2020-03-27 14:36:37 -04:00
|
|
|
|
catch (StripeException e)
|
2017-08-14 09:23:54 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new GatewayException(e.Message);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-07-08 17:05:32 +02:00
|
|
|
|
public async Task<Tuple<Organization, OrganizationUser>> SignUpAsync(OrganizationSignup signup,
|
|
|
|
|
|
bool provider = false)
|
2017-03-03 00:07:11 -05:00
|
|
|
|
{
|
2021-07-08 17:05:32 +02:00
|
|
|
|
var plan = StaticStore.Plans.FirstOrDefault(p => p.Type == signup.Plan);
|
2021-09-23 06:36:08 -04:00
|
|
|
|
if (!(plan is { LegacyYear: null }))
|
2021-07-08 17:05:32 +02:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invalid plan selected.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (plan.Disabled)
|
2017-03-03 00:07:11 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-07-08 17:05:32 +02:00
|
|
|
|
if (!provider)
|
|
|
|
|
|
{
|
|
|
|
|
|
await ValidateSignUpPoliciesAsync(signup.Owner.Id);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-03-21 21:36:03 -04:00
|
|
|
|
ValidateOrganizationUpgradeParameters(plan, signup);
|
2017-04-08 10:52:10 -04:00
|
|
|
|
|
2017-03-03 00:07:11 -05:00
|
|
|
|
var organization = new Organization
|
|
|
|
|
|
{
|
2019-01-31 14:25:46 -05:00
|
|
|
|
// Pre-generate the org id so that we can save it with the Stripe subscription..
|
|
|
|
|
|
Id = CoreHelpers.GenerateComb(),
|
2017-03-04 21:28:41 -05:00
|
|
|
|
Name = signup.Name,
|
2017-04-04 12:57:50 -04:00
|
|
|
|
BillingEmail = signup.BillingEmail,
|
|
|
|
|
|
BusinessName = signup.BusinessName,
|
2017-03-03 00:07:11 -05:00
|
|
|
|
PlanType = plan.Type,
|
2017-04-10 10:44:27 -04:00
|
|
|
|
Seats = (short)(plan.BaseSeats + signup.AdditionalSeats),
|
2017-04-27 09:19:30 -04:00
|
|
|
|
MaxCollections = plan.MaxCollections,
|
2020-08-11 14:19:56 -04:00
|
|
|
|
MaxStorageGb = !plan.BaseStorageGb.HasValue ?
|
|
|
|
|
|
(short?)null : (short)(plan.BaseStorageGb.Value + signup.AdditionalStorageGb),
|
|
|
|
|
|
UsePolicies = plan.HasPolicies,
|
|
|
|
|
|
UseSso = plan.HasSso,
|
|
|
|
|
|
UseGroups = plan.HasGroups,
|
|
|
|
|
|
UseEvents = plan.HasEvents,
|
|
|
|
|
|
UseDirectory = plan.HasDirectory,
|
|
|
|
|
|
UseTotp = plan.HasTotp,
|
|
|
|
|
|
Use2fa = plan.Has2fa,
|
|
|
|
|
|
UseApi = plan.HasApi,
|
2021-05-06 14:53:12 -05:00
|
|
|
|
UseResetPassword = plan.HasResetPassword,
|
2020-08-11 14:19:56 -04:00
|
|
|
|
SelfHost = plan.HasSelfHost,
|
2018-11-20 22:02:09 -05:00
|
|
|
|
UsersGetPremium = plan.UsersGetPremium || signup.PremiumAccessAddon,
|
2017-04-08 16:41:40 -04:00
|
|
|
|
Plan = plan.Name,
|
2019-01-31 14:25:46 -05:00
|
|
|
|
Gateway = null,
|
2020-07-20 15:19:46 -04:00
|
|
|
|
ReferenceData = signup.Owner.ReferenceData,
|
2017-05-20 15:31:16 -04:00
|
|
|
|
Enabled = true,
|
2017-08-14 10:20:25 -04:00
|
|
|
|
LicenseKey = CoreHelpers.SecureRandomString(20),
|
2019-03-02 15:09:33 -05:00
|
|
|
|
ApiKey = CoreHelpers.SecureRandomString(30),
|
2021-05-06 14:53:12 -05:00
|
|
|
|
PublicKey = signup.PublicKey,
|
|
|
|
|
|
PrivateKey = signup.PrivateKey,
|
2017-03-03 00:07:11 -05:00
|
|
|
|
CreationDate = DateTime.UtcNow,
|
2020-06-25 12:28:22 -04:00
|
|
|
|
RevisionDate = DateTime.UtcNow,
|
2017-03-03 00:07:11 -05:00
|
|
|
|
};
|
|
|
|
|
|
|
2021-07-08 17:05:32 +02:00
|
|
|
|
if (plan.Type == PlanType.Free && !provider)
|
2019-01-31 14:25:46 -05:00
|
|
|
|
{
|
|
|
|
|
|
var adminCount =
|
|
|
|
|
|
await _organizationUserRepository.GetCountByFreeOrganizationAdminUserAsync(signup.Owner.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (adminCount > 0)
|
2019-01-31 14:25:46 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You can only be an admin of one free organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2021-07-08 17:05:32 +02:00
|
|
|
|
else if (plan.Type != PlanType.Free)
|
2019-01-31 14:25:46 -05:00
|
|
|
|
{
|
2019-02-19 17:13:21 -05:00
|
|
|
|
await _paymentService.PurchaseOrganizationAsync(organization, signup.PaymentMethodType.Value,
|
2019-01-31 14:25:46 -05:00
|
|
|
|
signup.PaymentToken, plan, signup.AdditionalStorageGb, signup.AdditionalSeats,
|
2020-06-08 17:40:18 -04:00
|
|
|
|
signup.PremiumAccessAddon, signup.TaxInfo);
|
2019-01-31 14:25:46 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-07-08 17:05:32 +02:00
|
|
|
|
var ownerId = provider ? default : signup.Owner.Id;
|
|
|
|
|
|
var returnValue = await SignUpAsync(organization, ownerId, signup.OwnerKey, signup.CollectionName, true);
|
2020-07-07 12:01:34 -04:00
|
|
|
|
await _referenceEventService.RaiseEventAsync(
|
|
|
|
|
|
new ReferenceEvent(ReferenceEventType.Signup, organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
PlanName = plan.Name,
|
|
|
|
|
|
PlanType = plan.Type,
|
|
|
|
|
|
Seats = returnValue.Item1.Seats,
|
|
|
|
|
|
Storage = returnValue.Item1.MaxStorageGb,
|
|
|
|
|
|
});
|
|
|
|
|
|
return returnValue;
|
2017-08-14 20:57:45 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-06-30 09:21:41 +02:00
|
|
|
|
private async Task ValidateSignUpPoliciesAsync(Guid ownerId)
|
|
|
|
|
|
{
|
2021-09-28 06:54:28 +10:00
|
|
|
|
var singleOrgPolicyCount = await _policyRepository.GetCountByTypeApplicableToUserIdAsync(ownerId, PolicyType.SingleOrg);
|
|
|
|
|
|
if (singleOrgPolicyCount > 0)
|
2021-06-30 09:21:41 +02:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You may not create an organization. You belong to an organization " +
|
|
|
|
|
|
"which has a policy that prohibits you from being a member of any other organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-14 20:57:45 -04:00
|
|
|
|
public async Task<Tuple<Organization, OrganizationUser>> SignUpAsync(
|
2021-05-06 14:53:12 -05:00
|
|
|
|
OrganizationLicense license, User owner, string ownerKey, string collectionName, string publicKey,
|
|
|
|
|
|
string privateKey)
|
2017-08-14 20:57:45 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (license == null || !_licensingService.VerifyLicense(license))
|
2017-08-14 20:57:45 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invalid license.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!license.CanUse(_globalSettings))
|
2017-08-16 15:43:11 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invalid license. Make sure your license allows for on-premise " +
|
2017-08-16 15:45:38 -04:00
|
|
|
|
"hosting of organizations and that the installation id matches your current installation.");
|
2017-08-16 15:43:11 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (license.PlanType != PlanType.Custom &&
|
2017-10-04 16:07:34 -04:00
|
|
|
|
StaticStore.Plans.FirstOrDefault(p => p.Type == license.PlanType && !p.Disabled) == null)
|
2017-08-14 20:57:45 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Plan not found.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-11-06 08:12:36 -05:00
|
|
|
|
var enabledOrgs = await _organizationRepository.GetManyByEnabledAsync();
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (enabledOrgs.Any(o => o.LicenseKey.Equals(license.LicenseKey)))
|
2017-11-06 08:12:36 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("License is already in use by another organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-06-30 09:21:41 +02:00
|
|
|
|
await ValidateSignUpPoliciesAsync(owner.Id);
|
|
|
|
|
|
|
2017-08-14 20:57:45 -04:00
|
|
|
|
var organization = new Organization
|
|
|
|
|
|
{
|
|
|
|
|
|
Name = license.Name,
|
2017-08-16 13:58:52 -04:00
|
|
|
|
BillingEmail = license.BillingEmail,
|
|
|
|
|
|
BusinessName = license.BusinessName,
|
2017-08-14 20:57:45 -04:00
|
|
|
|
PlanType = license.PlanType,
|
|
|
|
|
|
Seats = license.Seats,
|
|
|
|
|
|
MaxCollections = license.MaxCollections,
|
2017-08-16 13:58:52 -04:00
|
|
|
|
MaxStorageGb = _globalSettings.SelfHosted ? 10240 : license.MaxStorageGb, // 10 TB
|
2020-01-15 15:00:54 -05:00
|
|
|
|
UsePolicies = license.UsePolicies,
|
2020-07-22 09:38:39 -04:00
|
|
|
|
UseSso = license.UseSso,
|
2017-08-14 20:57:45 -04:00
|
|
|
|
UseGroups = license.UseGroups,
|
|
|
|
|
|
UseDirectory = license.UseDirectory,
|
2017-12-14 15:48:44 -05:00
|
|
|
|
UseEvents = license.UseEvents,
|
2017-08-14 20:57:45 -04:00
|
|
|
|
UseTotp = license.UseTotp,
|
2018-04-02 14:53:19 -04:00
|
|
|
|
Use2fa = license.Use2fa,
|
2019-03-02 15:09:33 -05:00
|
|
|
|
UseApi = license.UseApi,
|
2021-05-06 14:53:12 -05:00
|
|
|
|
UseResetPassword = license.UseResetPassword,
|
2017-08-14 20:57:45 -04:00
|
|
|
|
Plan = license.Plan,
|
2017-08-15 16:11:08 -04:00
|
|
|
|
SelfHost = license.SelfHost,
|
2017-11-06 16:01:58 -05:00
|
|
|
|
UsersGetPremium = license.UsersGetPremium,
|
2017-08-14 20:57:45 -04:00
|
|
|
|
Gateway = null,
|
|
|
|
|
|
GatewayCustomerId = null,
|
|
|
|
|
|
GatewaySubscriptionId = null,
|
2020-07-20 15:19:46 -04:00
|
|
|
|
ReferenceData = owner.ReferenceData,
|
2017-08-16 13:58:52 -04:00
|
|
|
|
Enabled = license.Enabled,
|
2017-08-14 20:57:45 -04:00
|
|
|
|
ExpirationDate = license.Expires,
|
|
|
|
|
|
LicenseKey = license.LicenseKey,
|
2019-03-02 15:09:33 -05:00
|
|
|
|
ApiKey = CoreHelpers.SecureRandomString(30),
|
2021-05-06 14:53:12 -05:00
|
|
|
|
PublicKey = publicKey,
|
|
|
|
|
|
PrivateKey = privateKey,
|
2017-08-14 20:57:45 -04:00
|
|
|
|
CreationDate = DateTime.UtcNow,
|
|
|
|
|
|
RevisionDate = DateTime.UtcNow
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2017-08-30 21:25:46 -04:00
|
|
|
|
var result = await SignUpAsync(organization, owner.Id, ownerKey, collectionName, false);
|
2017-08-16 15:43:11 -04:00
|
|
|
|
|
|
|
|
|
|
var dir = $"{_globalSettings.LicenseDirectory}/organization";
|
|
|
|
|
|
Directory.CreateDirectory(dir);
|
2019-01-29 14:41:37 -05:00
|
|
|
|
System.IO.File.WriteAllText($"{dir}/{organization.Id}.json",
|
|
|
|
|
|
JsonConvert.SerializeObject(license, Formatting.Indented));
|
2017-08-16 15:43:11 -04:00
|
|
|
|
return result;
|
2017-08-14 20:57:45 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private async Task<Tuple<Organization, OrganizationUser>> SignUpAsync(Organization organization,
|
2017-08-30 21:25:46 -04:00
|
|
|
|
Guid ownerId, string ownerKey, string collectionName, bool withPayment)
|
2017-08-14 20:57:45 -04:00
|
|
|
|
{
|
2017-03-03 00:07:11 -05:00
|
|
|
|
try
|
|
|
|
|
|
{
|
2017-04-04 12:57:50 -04:00
|
|
|
|
await _organizationRepository.CreateAsync(organization);
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await _applicationCacheService.UpsertOrganizationAbilityAsync(organization);
|
2017-04-04 12:57:50 -04:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!string.IsNullOrWhiteSpace(collectionName))
|
2017-08-30 21:08:05 -04:00
|
|
|
|
{
|
2017-08-30 21:25:46 -04:00
|
|
|
|
var defaultCollection = new Collection
|
|
|
|
|
|
{
|
|
|
|
|
|
Name = collectionName,
|
|
|
|
|
|
OrganizationId = organization.Id,
|
|
|
|
|
|
CreationDate = organization.CreationDate,
|
|
|
|
|
|
RevisionDate = organization.CreationDate
|
|
|
|
|
|
};
|
|
|
|
|
|
await _collectionRepository.CreateAsync(defaultCollection);
|
|
|
|
|
|
}
|
2017-08-30 21:08:05 -04:00
|
|
|
|
|
2021-07-08 17:05:32 +02:00
|
|
|
|
OrganizationUser orgUser = null;
|
|
|
|
|
|
if (ownerId != default)
|
|
|
|
|
|
{
|
|
|
|
|
|
orgUser = new OrganizationUser
|
|
|
|
|
|
{
|
|
|
|
|
|
OrganizationId = organization.Id,
|
|
|
|
|
|
UserId = ownerId,
|
|
|
|
|
|
Key = ownerKey,
|
|
|
|
|
|
Type = OrganizationUserType.Owner,
|
|
|
|
|
|
Status = OrganizationUserStatusType.Confirmed,
|
|
|
|
|
|
AccessAll = true,
|
|
|
|
|
|
CreationDate = organization.CreationDate,
|
|
|
|
|
|
RevisionDate = organization.CreationDate
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
await _organizationUserRepository.CreateAsync(orgUser);
|
|
|
|
|
|
|
|
|
|
|
|
var deviceIds = await GetUserDeviceIdsAsync(orgUser.UserId.Value);
|
|
|
|
|
|
await _pushRegistrationService.AddUserRegistrationOrganizationAsync(deviceIds,
|
|
|
|
|
|
organization.Id.ToString());
|
|
|
|
|
|
await _pushNotificationService.PushSyncOrgKeysAsync(ownerId);
|
|
|
|
|
|
}
|
2017-04-21 22:39:46 -04:00
|
|
|
|
|
2017-03-03 00:07:11 -05:00
|
|
|
|
return new Tuple<Organization, OrganizationUser>(organization, orgUser);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (withPayment)
|
2017-08-14 20:57:45 -04:00
|
|
|
|
{
|
2019-02-08 23:53:09 -05:00
|
|
|
|
await _paymentService.CancelAndRecoverChargesAsync(organization);
|
2017-08-14 20:57:45 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization.Id != default(Guid))
|
2017-04-04 12:57:50 -04:00
|
|
|
|
{
|
|
|
|
|
|
await _organizationRepository.DeleteAsync(organization);
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await _applicationCacheService.DeleteOrganizationAbilityAsync(organization.Id);
|
2017-04-04 12:57:50 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-03 00:07:11 -05:00
|
|
|
|
throw;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-03-04 21:28:41 -05:00
|
|
|
|
|
2017-08-14 21:25:06 -04:00
|
|
|
|
public async Task UpdateLicenseAsync(Guid organizationId, OrganizationLicense license)
|
|
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!_globalSettings.SelfHosted)
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new InvalidOperationException("Licenses require self hosting.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (license == null || !_licensingService.VerifyLicense(license))
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invalid license.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!license.CanUse(_globalSettings))
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
2017-08-16 15:43:11 -04:00
|
|
|
|
throw new BadRequestException("Invalid license. Make sure your license allows for on-premise " +
|
2017-08-16 15:45:38 -04:00
|
|
|
|
"hosting of organizations and that the installation id matches your current installation.");
|
2017-08-14 21:25:06 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-11-06 08:12:36 -05:00
|
|
|
|
var enabledOrgs = await _organizationRepository.GetManyByEnabledAsync();
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (enabledOrgs.Any(o => o.LicenseKey.Equals(license.LicenseKey) && o.Id != organizationId))
|
2017-11-06 08:12:36 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("License is already in use by another organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (license.Seats.HasValue &&
|
2019-05-14 11:16:30 -04:00
|
|
|
|
(!organization.Seats.HasValue || organization.Seats.Value > license.Seats.Value))
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
var userCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(organization.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (userCount > license.Seats.Value)
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Your organization currently has {userCount} seats filled. " +
|
|
|
|
|
|
$"Your new license only has ({ license.Seats.Value}) seats. Remove some users.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (license.MaxCollections.HasValue && (!organization.MaxCollections.HasValue ||
|
2019-05-14 11:16:30 -04:00
|
|
|
|
organization.MaxCollections.Value > license.MaxCollections.Value))
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
var collectionCount = await _collectionRepository.GetCountByOrganizationIdAsync(organization.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (collectionCount > license.MaxCollections.Value)
|
2017-08-14 21:25:06 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Your organization currently has {collectionCount} collections. " +
|
|
|
|
|
|
$"Your new license allows for a maximum of ({license.MaxCollections.Value}) collections. " +
|
|
|
|
|
|
"Remove some collections.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!license.UseGroups && organization.UseGroups)
|
2017-08-16 15:43:11 -04:00
|
|
|
|
{
|
|
|
|
|
|
var groups = await _groupRepository.GetManyByOrganizationIdAsync(organization.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (groups.Count > 0)
|
2017-08-16 15:43:11 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Your organization currently has {groups.Count} groups. " +
|
|
|
|
|
|
$"Your new license does not allow for the use of groups. Remove all groups.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-08-14 21:25:06 -04:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!license.UsePolicies && organization.UsePolicies)
|
2020-01-15 15:00:54 -05:00
|
|
|
|
{
|
|
|
|
|
|
var policies = await _policyRepository.GetManyByOrganizationIdAsync(organization.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (policies.Any(p => p.Enabled))
|
2020-01-15 15:00:54 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Your organization currently has {policies.Count} enabled " +
|
|
|
|
|
|
$"policies. Your new license does not allow for the use of policies. Disable all policies.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2020-08-11 14:19:56 -04:00
|
|
|
|
|
2020-07-22 09:38:39 -04:00
|
|
|
|
if (!license.UseSso && organization.UseSso)
|
|
|
|
|
|
{
|
|
|
|
|
|
var ssoConfig = await _ssoConfigRepository.GetByOrganizationIdAsync(organization.Id);
|
|
|
|
|
|
if (ssoConfig != null && ssoConfig.Enabled)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Your organization currently has a SSO configuration. " +
|
|
|
|
|
|
$"Your new license does not allow for the use of SSO. Disable your SSO configuration.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-05-12 14:47:00 -05:00
|
|
|
|
if (!license.UseResetPassword && organization.UseResetPassword)
|
|
|
|
|
|
{
|
|
|
|
|
|
var resetPasswordPolicy =
|
|
|
|
|
|
await _policyRepository.GetByOrganizationIdTypeAsync(organization.Id, PolicyType.ResetPassword);
|
|
|
|
|
|
if (resetPasswordPolicy != null && resetPasswordPolicy.Enabled)
|
|
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
throw new BadRequestException("Your new license does not allow the Password Reset feature. "
|
2021-05-12 14:47:00 -05:00
|
|
|
|
+ "Disable your Password Reset policy.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2020-01-15 15:00:54 -05:00
|
|
|
|
|
2017-08-14 21:25:06 -04:00
|
|
|
|
var dir = $"{_globalSettings.LicenseDirectory}/organization";
|
|
|
|
|
|
Directory.CreateDirectory(dir);
|
2019-01-29 14:41:37 -05:00
|
|
|
|
System.IO.File.WriteAllText($"{dir}/{organization.Id}.json",
|
|
|
|
|
|
JsonConvert.SerializeObject(license, Formatting.Indented));
|
2017-08-14 21:25:06 -04:00
|
|
|
|
|
|
|
|
|
|
organization.Name = license.Name;
|
2017-08-16 13:58:52 -04:00
|
|
|
|
organization.BusinessName = license.BusinessName;
|
|
|
|
|
|
organization.BillingEmail = license.BillingEmail;
|
2017-08-14 21:25:06 -04:00
|
|
|
|
organization.PlanType = license.PlanType;
|
|
|
|
|
|
organization.Seats = license.Seats;
|
|
|
|
|
|
organization.MaxCollections = license.MaxCollections;
|
|
|
|
|
|
organization.UseGroups = license.UseGroups;
|
|
|
|
|
|
organization.UseDirectory = license.UseDirectory;
|
2017-12-14 15:48:44 -05:00
|
|
|
|
organization.UseEvents = license.UseEvents;
|
2017-08-14 21:25:06 -04:00
|
|
|
|
organization.UseTotp = license.UseTotp;
|
2018-04-02 14:53:19 -04:00
|
|
|
|
organization.Use2fa = license.Use2fa;
|
2019-03-02 15:09:33 -05:00
|
|
|
|
organization.UseApi = license.UseApi;
|
2020-03-03 22:32:59 -05:00
|
|
|
|
organization.UsePolicies = license.UsePolicies;
|
2020-07-22 09:38:39 -04:00
|
|
|
|
organization.UseSso = license.UseSso;
|
2021-05-06 14:53:12 -05:00
|
|
|
|
organization.UseResetPassword = license.UseResetPassword;
|
2018-04-02 14:53:19 -04:00
|
|
|
|
organization.SelfHost = license.SelfHost;
|
|
|
|
|
|
organization.UsersGetPremium = license.UsersGetPremium;
|
2017-08-14 21:25:06 -04:00
|
|
|
|
organization.Plan = license.Plan;
|
2017-08-16 13:58:52 -04:00
|
|
|
|
organization.Enabled = license.Enabled;
|
2017-08-14 21:25:06 -04:00
|
|
|
|
organization.ExpirationDate = license.Expires;
|
|
|
|
|
|
organization.LicenseKey = license.LicenseKey;
|
|
|
|
|
|
organization.RevisionDate = DateTime.UtcNow;
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await ReplaceAndUpdateCache(organization);
|
2017-08-14 21:25:06 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-11 10:52:28 -04:00
|
|
|
|
public async Task DeleteAsync(Organization organization)
|
|
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!string.IsNullOrWhiteSpace(organization.GatewaySubscriptionId))
|
2017-04-11 10:52:28 -04:00
|
|
|
|
{
|
2018-09-07 14:00:56 -04:00
|
|
|
|
try
|
|
|
|
|
|
{
|
2018-12-31 14:07:19 -05:00
|
|
|
|
var eop = !organization.ExpirationDate.HasValue ||
|
|
|
|
|
|
organization.ExpirationDate.Value >= DateTime.UtcNow;
|
2019-02-08 23:53:09 -05:00
|
|
|
|
await _paymentService.CancelSubscriptionAsync(organization, eop);
|
2020-07-07 12:01:34 -04:00
|
|
|
|
await _referenceEventService.RaiseEventAsync(
|
|
|
|
|
|
new ReferenceEvent(ReferenceEventType.DeleteAccount, organization));
|
2018-09-07 14:00:56 -04:00
|
|
|
|
}
|
2020-03-27 14:36:37 -04:00
|
|
|
|
catch (GatewayException) { }
|
2017-04-11 10:52:28 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await _organizationRepository.DeleteAsync(organization);
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await _applicationCacheService.DeleteOrganizationAbilityAsync(organization.Id);
|
2017-04-11 10:52:28 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-08-09 23:56:26 -04:00
|
|
|
|
public async Task EnableAsync(Guid organizationId, DateTime? expirationDate)
|
|
|
|
|
|
{
|
|
|
|
|
|
var org = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (org != null && !org.Enabled && org.Gateway.HasValue)
|
2019-08-09 23:56:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
org.Enabled = true;
|
|
|
|
|
|
org.ExpirationDate = expirationDate;
|
|
|
|
|
|
org.RevisionDate = DateTime.UtcNow;
|
|
|
|
|
|
await ReplaceAndUpdateCache(org);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-12 22:16:42 -04:00
|
|
|
|
public async Task DisableAsync(Guid organizationId, DateTime? expirationDate)
|
2017-04-26 16:14:15 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var org = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (org != null && org.Enabled)
|
2017-04-26 16:14:15 -04:00
|
|
|
|
{
|
|
|
|
|
|
org.Enabled = false;
|
2017-08-12 22:16:42 -04:00
|
|
|
|
org.ExpirationDate = expirationDate;
|
|
|
|
|
|
org.RevisionDate = DateTime.UtcNow;
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await ReplaceAndUpdateCache(org);
|
2017-04-26 16:14:15 -04:00
|
|
|
|
|
|
|
|
|
|
// TODO: send email to owners?
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-08-12 22:16:42 -04:00
|
|
|
|
public async Task UpdateExpirationDateAsync(Guid organizationId, DateTime? expirationDate)
|
|
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var org = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (org != null)
|
2017-08-12 22:16:42 -04:00
|
|
|
|
{
|
|
|
|
|
|
org.ExpirationDate = expirationDate;
|
|
|
|
|
|
org.RevisionDate = DateTime.UtcNow;
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await ReplaceAndUpdateCache(org);
|
2017-08-12 22:16:42 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-26 16:14:15 -04:00
|
|
|
|
public async Task EnableAsync(Guid organizationId)
|
|
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var org = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (org != null && !org.Enabled)
|
2017-04-26 16:14:15 -04:00
|
|
|
|
{
|
|
|
|
|
|
org.Enabled = true;
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await ReplaceAndUpdateCache(org);
|
2017-04-26 16:14:15 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-10 19:07:38 -04:00
|
|
|
|
public async Task UpdateAsync(Organization organization, bool updateBilling = false)
|
|
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization.Id == default(Guid))
|
2017-04-10 19:07:38 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new ApplicationException("Cannot create org this way. Call SignUpAsync.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-12 16:38:22 -04:00
|
|
|
|
if (!string.IsNullOrWhiteSpace(organization.Identifier))
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgById = await _organizationRepository.GetByIdentifierAsync(organization.Identifier);
|
|
|
|
|
|
if (orgById != null && orgById.Id != organization.Id)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Identifier already in use by another organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-12-19 16:02:39 -05:00
|
|
|
|
await ReplaceAndUpdateCache(organization, EventType.Organization_Updated);
|
2017-04-10 19:07:38 -04:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (updateBilling && !string.IsNullOrWhiteSpace(organization.GatewayCustomerId))
|
2017-04-10 19:07:38 -04:00
|
|
|
|
{
|
2019-01-29 14:41:37 -05:00
|
|
|
|
var customerService = new CustomerService();
|
|
|
|
|
|
await customerService.UpdateAsync(organization.GatewayCustomerId, new CustomerUpdateOptions
|
2017-04-10 19:07:38 -04:00
|
|
|
|
{
|
|
|
|
|
|
Email = organization.BillingEmail,
|
|
|
|
|
|
Description = organization.BusinessName
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-04-02 23:18:26 -04:00
|
|
|
|
public async Task UpdateTwoFactorProviderAsync(Organization organization, TwoFactorProviderType type)
|
|
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!type.ToString().Contains("Organization"))
|
2018-04-02 23:18:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new ArgumentException("Not an organization provider type.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!organization.Use2fa)
|
2018-04-02 23:18:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization cannot use 2FA.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var providers = organization.GetTwoFactorProviders();
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!providers?.ContainsKey(type) ?? true)
|
2018-04-02 23:18:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
providers[type].Enabled = true;
|
|
|
|
|
|
organization.SetTwoFactorProviders(providers);
|
|
|
|
|
|
await UpdateAsync(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public async Task DisableTwoFactorProviderAsync(Organization organization, TwoFactorProviderType type)
|
|
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!type.ToString().Contains("Organization"))
|
2018-04-02 23:18:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new ArgumentException("Not an organization provider type.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var providers = organization.GetTwoFactorProviders();
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!providers?.ContainsKey(type) ?? true)
|
2018-04-02 23:18:26 -04:00
|
|
|
|
{
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
providers.Remove(type);
|
|
|
|
|
|
organization.SetTwoFactorProviders(providers);
|
|
|
|
|
|
await UpdateAsync(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
public async Task<List<OrganizationUser>> InviteUsersAsync(Guid organizationId, Guid? invitingUserId,
|
2021-05-17 09:43:02 -05:00
|
|
|
|
IEnumerable<(OrganizationUserInvite invite, string externalId)> invites)
|
|
|
|
|
|
{
|
|
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2021-09-23 06:36:08 -04:00
|
|
|
|
var initialSeatCount = organization.Seats;
|
|
|
|
|
|
if (organization == null || invites.Any(i => i.invite.Emails == null))
|
2021-05-17 09:43:02 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var inviteTypes = new HashSet<OrganizationUserType>(invites.Where(i => i.invite.Type.HasValue)
|
|
|
|
|
|
.Select(i => i.invite.Type.Value));
|
|
|
|
|
|
if (invitingUserId.HasValue && inviteTypes.Count > 0)
|
|
|
|
|
|
{
|
|
|
|
|
|
foreach (var type in inviteTypes)
|
|
|
|
|
|
{
|
2021-07-08 17:05:32 +02:00
|
|
|
|
await ValidateOrganizationUserUpdatePermissions(organizationId, type, null);
|
2021-05-17 09:43:02 -05:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
var newSeatsRequired = 0;
|
|
|
|
|
|
var existingEmails = new HashSet<string>(await _organizationUserRepository.SelectKnownEmailsAsync(
|
|
|
|
|
|
organizationId, invites.SelectMany(i => i.invite.Emails), false), StringComparer.InvariantCultureIgnoreCase);
|
2021-05-17 09:43:02 -05:00
|
|
|
|
if (organization.Seats.HasValue)
|
|
|
|
|
|
{
|
|
|
|
|
|
var userCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(organizationId);
|
|
|
|
|
|
var availableSeats = organization.Seats.Value - userCount;
|
2021-09-23 06:36:08 -04:00
|
|
|
|
newSeatsRequired = invites.Sum(i => i.invite.Emails.Count()) - existingEmails.Count() - availableSeats;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-28 16:18:44 -04:00
|
|
|
|
if (newSeatsRequired > 0)
|
2021-09-23 06:36:08 -04:00
|
|
|
|
{
|
2021-09-28 16:18:44 -04:00
|
|
|
|
var (canScale, failureReason) = await CanScaleAsync(organization, newSeatsRequired);
|
|
|
|
|
|
if (!canScale)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException(failureReason);
|
|
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var invitedAreAllOwners = invites.All(i => i.invite.Type == OrganizationUserType.Owner);
|
|
|
|
|
|
if (!invitedAreAllOwners && !await HasConfirmedOwnersExceptAsync(organizationId, new Guid[] { }))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization must have at least one confirmed owner.");
|
2021-05-17 09:43:02 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-05-17 09:43:02 -05:00
|
|
|
|
var orgUsers = new List<OrganizationUser>();
|
2021-09-23 06:36:08 -04:00
|
|
|
|
var limitedCollectionOrgUsers = new List<(OrganizationUser, IEnumerable<SelectionReadOnly>)>();
|
2021-05-17 09:43:02 -05:00
|
|
|
|
var orgUserInvitedCount = 0;
|
|
|
|
|
|
var exceptions = new List<Exception>();
|
|
|
|
|
|
var events = new List<(OrganizationUser, EventType, DateTime?)>();
|
|
|
|
|
|
foreach (var (invite, externalId) in invites)
|
|
|
|
|
|
{
|
|
|
|
|
|
foreach (var email in invite.Emails)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
// Make sure user is not already invited
|
|
|
|
|
|
if (existingEmails.Contains(email))
|
|
|
|
|
|
{
|
|
|
|
|
|
continue;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var orgUser = new OrganizationUser
|
|
|
|
|
|
{
|
|
|
|
|
|
OrganizationId = organizationId,
|
|
|
|
|
|
UserId = null,
|
|
|
|
|
|
Email = email.ToLowerInvariant(),
|
|
|
|
|
|
Key = null,
|
|
|
|
|
|
Type = invite.Type.Value,
|
|
|
|
|
|
Status = OrganizationUserStatusType.Invited,
|
|
|
|
|
|
AccessAll = invite.AccessAll,
|
|
|
|
|
|
ExternalId = externalId,
|
|
|
|
|
|
CreationDate = DateTime.UtcNow,
|
|
|
|
|
|
RevisionDate = DateTime.UtcNow,
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
if (invite.Permissions != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
orgUser.Permissions = System.Text.Json.JsonSerializer.Serialize(invite.Permissions, new JsonSerializerOptions
|
|
|
|
|
|
{
|
|
|
|
|
|
PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (!orgUser.AccessAll && invite.Collections.Any())
|
|
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
limitedCollectionOrgUsers.Add((orgUser, invite.Collections));
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
orgUsers.Add(orgUser);
|
2021-05-17 09:43:02 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
events.Add((orgUser, EventType.OrganizationUser_Invited, DateTime.UtcNow));
|
|
|
|
|
|
orgUserInvitedCount++;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception e)
|
|
|
|
|
|
{
|
|
|
|
|
|
exceptions.Add(e);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
if (exceptions.Any())
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new AggregateException("One or more errors occurred while inviting users.", exceptions);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var prorationDate = DateTime.UtcNow;
|
2021-05-17 09:43:02 -05:00
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
await _organizationUserRepository.CreateManyAsync(orgUsers);
|
2021-09-23 06:36:08 -04:00
|
|
|
|
foreach (var (orgUser, collections) in limitedCollectionOrgUsers)
|
|
|
|
|
|
{
|
|
|
|
|
|
await _organizationUserRepository.CreateAsync(orgUser, collections);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await AutoAddSeatsAsync(organization, newSeatsRequired, prorationDate);
|
2021-05-17 09:43:02 -05:00
|
|
|
|
await SendInvitesAsync(orgUsers, organization);
|
|
|
|
|
|
await _eventService.LogOrganizationUserEventsAsync(events);
|
|
|
|
|
|
|
|
|
|
|
|
await _referenceEventService.RaiseEventAsync(
|
|
|
|
|
|
new ReferenceEvent(ReferenceEventType.InvitedUsers, organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
Users = orgUserInvitedCount
|
|
|
|
|
|
});
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception e)
|
|
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
// Revert any added users.
|
|
|
|
|
|
var invitedOrgUserIds = orgUsers.Select(u => u.Id).Concat(limitedCollectionOrgUsers.Select(u => u.Item1.Id));
|
|
|
|
|
|
await _organizationUserRepository.DeleteManyAsync(invitedOrgUserIds);
|
|
|
|
|
|
var currentSeatCount = (await _organizationRepository.GetByIdAsync(organization.Id)).Seats;
|
2017-04-07 16:41:04 -04:00
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
if (initialSeatCount.HasValue && currentSeatCount.HasValue && currentSeatCount.Value != initialSeatCount.Value)
|
2017-04-07 16:41:04 -04:00
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
await AdjustSeatsAsync(organization, initialSeatCount.Value - currentSeatCount.Value, prorationDate);
|
2017-04-07 16:41:04 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
exceptions.Add(e);
|
2021-07-08 17:05:32 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
if (exceptions.Any())
|
2017-03-28 21:16:19 -04:00
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
throw new AggregateException("One or more errors occurred while inviting users.", exceptions);
|
2017-04-20 23:50:12 -04:00
|
|
|
|
}
|
2017-03-04 21:28:41 -05:00
|
|
|
|
|
2017-05-18 12:04:27 -04:00
|
|
|
|
return orgUsers;
|
2017-03-04 21:28:41 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
public async Task<IEnumerable<Tuple<OrganizationUser, string>>> ResendInvitesAsync(Guid organizationId, Guid? invitingUserId,
|
2021-05-12 11:18:25 +02:00
|
|
|
|
IEnumerable<Guid> organizationUsersId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgUsers = await _organizationUserRepository.GetManyAsync(organizationUsersId);
|
|
|
|
|
|
var org = await GetOrgById(organizationId);
|
2021-05-25 19:23:47 +02:00
|
|
|
|
|
|
|
|
|
|
var result = new List<Tuple<OrganizationUser, string>>();
|
|
|
|
|
|
foreach (var orgUser in orgUsers)
|
2021-05-12 11:18:25 +02:00
|
|
|
|
{
|
2021-05-25 19:23:47 +02:00
|
|
|
|
if (orgUser.Status != OrganizationUserStatusType.Invited || orgUser.OrganizationId != organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
result.Add(Tuple.Create(orgUser, "User invalid."));
|
|
|
|
|
|
continue;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-12 11:18:25 +02:00
|
|
|
|
await SendInviteAsync(orgUser, org);
|
2021-05-25 19:23:47 +02:00
|
|
|
|
result.Add(Tuple.Create(orgUser, ""));
|
2021-05-12 11:18:25 +02:00
|
|
|
|
}
|
2021-05-25 19:23:47 +02:00
|
|
|
|
|
|
|
|
|
|
return result;
|
2021-05-12 11:18:25 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-10-07 16:23:38 -04:00
|
|
|
|
public async Task ResendInviteAsync(Guid organizationId, Guid? invitingUserId, Guid organizationUserId)
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByIdAsync(organizationUserId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (orgUser == null || orgUser.OrganizationId != organizationId ||
|
2017-04-12 11:00:40 -04:00
|
|
|
|
orgUser.Status != OrganizationUserStatusType.Invited)
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User invalid.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-07-15 12:38:45 -04:00
|
|
|
|
var org = await GetOrgById(orgUser.OrganizationId);
|
|
|
|
|
|
await SendInviteAsync(orgUser, org);
|
2017-03-23 00:17:34 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-17 09:43:02 -05:00
|
|
|
|
private async Task SendInvitesAsync(IEnumerable<OrganizationUser> orgUsers, Organization organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
string MakeToken(OrganizationUser orgUser) =>
|
|
|
|
|
|
_dataProtector.Protect($"OrganizationUserInvite {orgUser.Id} {orgUser.Email} {CoreHelpers.ToEpocMilliseconds(DateTime.UtcNow)}");
|
|
|
|
|
|
await _mailService.BulkSendOrganizationInviteEmailAsync(organization.Name,
|
2021-07-16 14:17:24 -04:00
|
|
|
|
orgUsers.Select(o => (o, new ExpiringToken(MakeToken(o), DateTime.UtcNow.AddDays(5)))));
|
2021-05-17 09:43:02 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-07-15 12:38:45 -04:00
|
|
|
|
private async Task SendInviteAsync(OrganizationUser orgUser, Organization organization)
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
2021-07-16 14:17:24 -04:00
|
|
|
|
var now = DateTime.UtcNow;
|
|
|
|
|
|
var nowMillis = CoreHelpers.ToEpocMilliseconds(now);
|
2017-03-23 00:17:34 -04:00
|
|
|
|
var token = _dataProtector.Protect(
|
2017-03-23 11:51:37 -04:00
|
|
|
|
$"OrganizationUserInvite {orgUser.Id} {orgUser.Email} {nowMillis}");
|
2021-07-16 14:17:24 -04:00
|
|
|
|
await _mailService.SendOrganizationInviteEmailAsync(organization.Name, orgUser, new ExpiringToken(token, now.AddDays(5)));
|
2017-03-23 00:17:34 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-02-19 14:56:16 -05:00
|
|
|
|
public async Task<OrganizationUser> AcceptUserAsync(Guid organizationUserId, User user, string token,
|
|
|
|
|
|
IUserService userService)
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByIdAsync(organizationUserId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (orgUser == null)
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User invalid.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-10-13 15:00:33 -05:00
|
|
|
|
if (!CoreHelpers.UserInviteTokenIsValid(_dataProtector, token, user.Email, orgUser.Id, _globalSettings))
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
2020-10-13 15:00:33 -05:00
|
|
|
|
throw new BadRequestException("Invalid token.");
|
2017-03-23 00:17:34 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-10-13 15:00:33 -05:00
|
|
|
|
var existingOrgUserCount = await _organizationUserRepository.GetCountByOrganizationAsync(
|
|
|
|
|
|
orgUser.OrganizationId, user.Email, true);
|
|
|
|
|
|
if (existingOrgUserCount > 0)
|
|
|
|
|
|
{
|
2021-02-17 10:28:49 +11:00
|
|
|
|
if (orgUser.Status == OrganizationUserStatusType.Accepted)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invitation already accepted. You will receive an email when your organization membership is confirmed.");
|
|
|
|
|
|
}
|
2020-10-13 15:00:33 -05:00
|
|
|
|
throw new BadRequestException("You are already part of this organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-02-17 10:28:49 +11:00
|
|
|
|
if (string.IsNullOrWhiteSpace(orgUser.Email) ||
|
|
|
|
|
|
!orgUser.Email.Equals(user.Email, StringComparison.InvariantCultureIgnoreCase))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User email does not match invite.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-10-13 15:00:33 -05:00
|
|
|
|
return await AcceptUserAsync(orgUser, user, userService);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public async Task<OrganizationUser> AcceptUserAsync(string orgIdentifier, User user, IUserService userService)
|
|
|
|
|
|
{
|
|
|
|
|
|
var org = await _organizationRepository.GetByIdentifierAsync(orgIdentifier);
|
|
|
|
|
|
if (org == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization invalid.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var usersOrgs = await _organizationUserRepository.GetManyByUserAsync(user.Id);
|
|
|
|
|
|
var orgUser = usersOrgs.FirstOrDefault(u => u.OrganizationId == org.Id);
|
|
|
|
|
|
if (orgUser == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User not found within organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return await AcceptUserAsync(orgUser, user, userService);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-17 09:43:02 -05:00
|
|
|
|
private async Task<OrganizationUser> AcceptUserAsync(OrganizationUser orgUser, User user,
|
2020-10-13 15:00:33 -05:00
|
|
|
|
IUserService userService)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (orgUser.Status != OrganizationUserStatusType.Invited)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Already accepted.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (orgUser.Type == OrganizationUserType.Owner || orgUser.Type == OrganizationUserType.Admin)
|
2017-04-07 14:03:36 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var org = await GetOrgById(orgUser.OrganizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (org.PlanType == PlanType.Free)
|
2017-09-08 17:14:15 -04:00
|
|
|
|
{
|
2019-05-14 11:16:30 -04:00
|
|
|
|
var adminCount = await _organizationUserRepository.GetCountByFreeOrganizationAdminUserAsync(
|
|
|
|
|
|
user.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (adminCount > 0)
|
2017-09-08 17:14:15 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You can only be an admin of one free organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-04-07 14:03:36 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-28 06:54:28 +10:00
|
|
|
|
// Enforce Single Organization Policy of organization user is trying to join
|
2021-03-03 08:15:42 +10:00
|
|
|
|
var allOrgUsers = await _organizationUserRepository.GetManyByUserAsync(user.Id);
|
2021-09-28 06:54:28 +10:00
|
|
|
|
var hasOtherOrgs = allOrgUsers.Any(ou => ou.OrganizationId != orgUser.OrganizationId);
|
|
|
|
|
|
var invitedSingleOrgPolicies = await _policyRepository.GetManyByTypeApplicableToUserIdAsync(user.Id,
|
|
|
|
|
|
PolicyType.SingleOrg, OrganizationUserStatusType.Invited);
|
2021-03-03 08:15:42 +10:00
|
|
|
|
|
2021-09-28 06:54:28 +10:00
|
|
|
|
if (hasOtherOrgs && invitedSingleOrgPolicies.Any(p => p.OrganizationId == orgUser.OrganizationId))
|
2020-02-19 14:56:16 -05:00
|
|
|
|
{
|
2021-03-03 08:15:42 +10:00
|
|
|
|
throw new BadRequestException("You may not join this organization until you leave or remove " +
|
|
|
|
|
|
"all other organizations.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Enforce Single Organization Policy of other organizations user is a member of
|
2021-09-28 06:54:28 +10:00
|
|
|
|
var singleOrgPolicyCount = await _policyRepository.GetCountByTypeApplicableToUserIdAsync(user.Id,
|
|
|
|
|
|
PolicyType.SingleOrg);
|
|
|
|
|
|
if (singleOrgPolicyCount > 0)
|
2021-03-03 08:15:42 +10:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You cannot join this organization because you are a member of " +
|
2021-09-28 06:54:28 +10:00
|
|
|
|
"another organization which forbids it");
|
2021-03-03 08:15:42 +10:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-28 06:54:28 +10:00
|
|
|
|
// Enforce Two Factor Authentication Policy of organization user is trying to join
|
|
|
|
|
|
if (!await userService.TwoFactorIsEnabledAsync(user))
|
2021-03-03 08:15:42 +10:00
|
|
|
|
{
|
2021-09-28 06:54:28 +10:00
|
|
|
|
var invitedTwoFactorPolicies = await _policyRepository.GetManyByTypeApplicableToUserIdAsync(user.Id,
|
|
|
|
|
|
PolicyType.TwoFactorAuthentication, OrganizationUserStatusType.Invited);
|
|
|
|
|
|
if (invitedTwoFactorPolicies.Any(p => p.OrganizationId == orgUser.OrganizationId))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You cannot join this organization until you enable " +
|
|
|
|
|
|
"two-step login on your user account.");
|
|
|
|
|
|
}
|
2020-02-19 14:56:16 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-12 11:00:40 -04:00
|
|
|
|
orgUser.Status = OrganizationUserStatusType.Accepted;
|
2017-03-23 16:56:25 -04:00
|
|
|
|
orgUser.UserId = user.Id;
|
2017-03-04 21:28:41 -05:00
|
|
|
|
orgUser.Email = null;
|
2020-10-13 15:00:33 -05:00
|
|
|
|
|
2017-03-04 21:28:41 -05:00
|
|
|
|
await _organizationUserRepository.ReplaceAsync(orgUser);
|
|
|
|
|
|
|
2021-07-16 13:49:27 -04:00
|
|
|
|
await _mailService.SendOrganizationAcceptedEmailAsync(
|
|
|
|
|
|
(await _organizationRepository.GetByIdAsync(orgUser.OrganizationId)),
|
|
|
|
|
|
user.Email,
|
|
|
|
|
|
(await _organizationUserRepository.GetManyByMinimumRoleAsync(orgUser.OrganizationId, OrganizationUserType.Admin)).Select(a => a.Email).Distinct());
|
2017-03-04 21:28:41 -05:00
|
|
|
|
return orgUser;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-23 00:17:34 -04:00
|
|
|
|
public async Task<OrganizationUser> ConfirmUserAsync(Guid organizationId, Guid organizationUserId, string key,
|
2020-03-09 15:13:40 -04:00
|
|
|
|
Guid confirmingUserId, IUserService userService)
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
2021-09-23 06:36:08 -04:00
|
|
|
|
var result = await ConfirmUsersAsync(organizationId, new Dictionary<Guid, string>() { { organizationUserId, key } },
|
2021-05-25 19:23:47 +02:00
|
|
|
|
confirmingUserId, userService);
|
|
|
|
|
|
|
|
|
|
|
|
if (!result.Any())
|
2017-03-04 21:28:41 -05:00
|
|
|
|
{
|
2017-03-23 00:17:34 -04:00
|
|
|
|
throw new BadRequestException("User not valid.");
|
2017-03-04 21:28:41 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
var (orgUser, error) = result[0];
|
|
|
|
|
|
if (error != "")
|
2017-09-08 17:14:15 -04:00
|
|
|
|
{
|
2021-05-25 19:23:47 +02:00
|
|
|
|
throw new BadRequestException(error);
|
|
|
|
|
|
}
|
|
|
|
|
|
return orgUser;
|
|
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
public async Task<List<Tuple<OrganizationUser, string>>> ConfirmUsersAsync(Guid organizationId, Dictionary<Guid, string> keys,
|
|
|
|
|
|
Guid confirmingUserId, IUserService userService)
|
|
|
|
|
|
{
|
|
|
|
|
|
var organizationUsers = await _organizationUserRepository.GetManyAsync(keys.Keys);
|
|
|
|
|
|
var validOrganizationUsers = organizationUsers
|
|
|
|
|
|
.Where(u => u.Status == OrganizationUserStatusType.Accepted && u.OrganizationId == organizationId && u.UserId != null)
|
|
|
|
|
|
.ToList();
|
|
|
|
|
|
|
|
|
|
|
|
if (!validOrganizationUsers.Any())
|
|
|
|
|
|
{
|
|
|
|
|
|
return new List<Tuple<OrganizationUser, string>>();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var validOrganizationUserIds = validOrganizationUsers.Select(u => u.UserId.Value).ToList();
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
|
|
|
|
|
var policies = await _policyRepository.GetManyByOrganizationIdAsync(organizationId);
|
|
|
|
|
|
var usersOrgs = await _organizationUserRepository.GetManyByManyUsersAsync(validOrganizationUserIds);
|
|
|
|
|
|
var users = await _userRepository.GetManyAsync(validOrganizationUserIds);
|
|
|
|
|
|
|
|
|
|
|
|
var keyedFilteredUsers = validOrganizationUsers.ToDictionary(u => u.UserId.Value, u => u);
|
|
|
|
|
|
var keyedOrganizationUsers = usersOrgs.GroupBy(u => u.UserId.Value)
|
|
|
|
|
|
.ToDictionary(u => u.Key, u => u.ToList());
|
|
|
|
|
|
|
|
|
|
|
|
var succeededUsers = new List<OrganizationUser>();
|
|
|
|
|
|
var result = new List<Tuple<OrganizationUser, string>>();
|
|
|
|
|
|
|
|
|
|
|
|
foreach (var user in users)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (!keyedFilteredUsers.ContainsKey(user.Id))
|
2017-09-08 17:14:15 -04:00
|
|
|
|
{
|
2021-05-25 19:23:47 +02:00
|
|
|
|
continue;
|
|
|
|
|
|
}
|
|
|
|
|
|
var orgUser = keyedFilteredUsers[user.Id];
|
|
|
|
|
|
var orgUsers = keyedOrganizationUsers.GetValueOrDefault(user.Id, new List<OrganizationUser>());
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
2021-08-10 12:16:10 -04:00
|
|
|
|
if (organization.PlanType == PlanType.Free && (orgUser.Type == OrganizationUserType.Admin
|
|
|
|
|
|
|| orgUser.Type == OrganizationUserType.Owner))
|
2021-05-25 19:23:47 +02:00
|
|
|
|
{
|
|
|
|
|
|
// Since free organizations only supports a few users there is not much point in avoiding N+1 queries for this.
|
|
|
|
|
|
var adminCount = await _organizationUserRepository.GetCountByFreeOrganizationAdminUserAsync(user.Id);
|
|
|
|
|
|
if (adminCount > 0)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User can only be an admin of one free organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await CheckPolicies(policies, organizationId, user, orgUsers, userService);
|
|
|
|
|
|
orgUser.Status = OrganizationUserStatusType.Confirmed;
|
|
|
|
|
|
orgUser.Key = keys[orgUser.Id];
|
|
|
|
|
|
orgUser.Email = null;
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_Confirmed);
|
|
|
|
|
|
await _mailService.SendOrganizationConfirmedEmailAsync(organization.Name, user.Email);
|
|
|
|
|
|
await DeleteAndPushUserRegistrationAsync(organizationId, user.Id);
|
|
|
|
|
|
succeededUsers.Add(orgUser);
|
|
|
|
|
|
result.Add(Tuple.Create(orgUser, ""));
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (BadRequestException e)
|
|
|
|
|
|
{
|
|
|
|
|
|
result.Add(Tuple.Create(orgUser, e.Message));
|
2017-09-08 17:14:15 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
await _organizationUserRepository.ReplaceManyAsync(succeededUsers);
|
|
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
internal async Task<(bool canScale, string failureReason)> CanScaleAsync(Organization organization, int seatsToAdd)
|
|
|
|
|
|
{
|
|
|
|
|
|
var failureReason = "";
|
|
|
|
|
|
if (_globalSettings.SelfHosted)
|
|
|
|
|
|
{
|
|
|
|
|
|
failureReason = "Cannot autoscale on self-hosted instance.";
|
|
|
|
|
|
return (false, failureReason);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (!await _currentContext.ManageUsers(organization.Id))
|
|
|
|
|
|
{
|
|
|
|
|
|
failureReason = "Cannot manage organization users.";
|
|
|
|
|
|
return (false, failureReason);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (seatsToAdd < 1)
|
|
|
|
|
|
{
|
|
|
|
|
|
return (true, failureReason);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (organization.Seats.HasValue &&
|
|
|
|
|
|
organization.MaxAutoscaleSeats.HasValue &&
|
|
|
|
|
|
organization.MaxAutoscaleSeats.Value < organization.Seats.Value + seatsToAdd)
|
|
|
|
|
|
{
|
|
|
|
|
|
return (false, $"Cannot invite new users. Seat limit has been reached.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return (true, failureReason);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private async Task AutoAddSeatsAsync(Organization organization, int seatsToAdd, DateTime? prorationDate = null)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (seatsToAdd < 1 || !organization.Seats.HasValue)
|
|
|
|
|
|
{
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var (canScale, failureMessage) = await CanScaleAsync(organization, seatsToAdd);
|
|
|
|
|
|
if (!canScale)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException(failureMessage);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var ownerEmails = (await _organizationUserRepository.GetManyByMinimumRoleAsync(organization.Id,
|
|
|
|
|
|
OrganizationUserType.Owner)).Select(u => u.Email).Distinct();
|
|
|
|
|
|
|
|
|
|
|
|
await AdjustSeatsAsync(organization, seatsToAdd, prorationDate, ownerEmails);
|
|
|
|
|
|
|
|
|
|
|
|
if (!organization.OwnersNotifiedOfAutoscaling.HasValue)
|
|
|
|
|
|
{
|
|
|
|
|
|
await _mailService.SendOrganizationAutoscaledEmailAsync(organization, organization.Seats.Value + seatsToAdd,
|
|
|
|
|
|
ownerEmails);
|
|
|
|
|
|
organization.OwnersNotifiedOfAutoscaling = DateTime.UtcNow;
|
|
|
|
|
|
await _organizationRepository.UpsertAsync(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
private async Task CheckPolicies(ICollection<Policy> policies, Guid organizationId, User user,
|
|
|
|
|
|
ICollection<OrganizationUser> userOrgs, IUserService userService)
|
|
|
|
|
|
{
|
2020-03-09 15:13:40 -04:00
|
|
|
|
var usingTwoFactorPolicy = policies.Any(p => p.Type == PolicyType.TwoFactorAuthentication && p.Enabled);
|
2021-05-25 19:23:47 +02:00
|
|
|
|
if (usingTwoFactorPolicy && !await userService.TwoFactorIsEnabledAsync(user))
|
2020-03-09 15:13:40 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User does not have two-step login enabled.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-10-27 10:28:41 -04:00
|
|
|
|
var usingSingleOrgPolicy = policies.Any(p => p.Type == PolicyType.SingleOrg && p.Enabled);
|
|
|
|
|
|
if (usingSingleOrgPolicy)
|
2020-10-20 02:48:10 -04:00
|
|
|
|
{
|
|
|
|
|
|
if (userOrgs.Any(ou => ou.OrganizationId != organizationId && ou.Status != OrganizationUserStatusType.Invited))
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User is a member of another organization.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-03-04 21:28:41 -05:00
|
|
|
|
}
|
2017-03-09 23:58:43 -05:00
|
|
|
|
|
2019-03-05 23:24:14 -05:00
|
|
|
|
public async Task SaveUserAsync(OrganizationUser user, Guid? savingUserId,
|
|
|
|
|
|
IEnumerable<SelectionReadOnly> collections)
|
2017-03-09 23:58:43 -05:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (user.Id.Equals(default(Guid)))
|
2017-03-09 23:58:43 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invite the user first.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-01-12 11:02:39 -05:00
|
|
|
|
var originalUser = await _organizationUserRepository.GetByIdAsync(user.Id);
|
2021-05-17 09:43:02 -05:00
|
|
|
|
if (user.Equals(originalUser))
|
|
|
|
|
|
{
|
2021-01-12 11:02:39 -05:00
|
|
|
|
throw new BadRequestException("Please make changes before saving.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (savingUserId.HasValue)
|
2017-09-27 22:37:13 -04:00
|
|
|
|
{
|
2021-07-08 17:05:32 +02:00
|
|
|
|
await ValidateOrganizationUserUpdatePermissions(user.OrganizationId, user.Type, originalUser.Type);
|
2017-09-27 22:37:13 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (user.Type != OrganizationUserType.Owner &&
|
2021-09-23 06:36:08 -04:00
|
|
|
|
!await HasConfirmedOwnersExceptAsync(user.OrganizationId, new[] { user.Id }))
|
2017-03-29 21:26:19 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization must have at least one confirmed owner.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (user.AccessAll)
|
2017-04-20 23:50:12 -04:00
|
|
|
|
{
|
2017-04-27 09:19:30 -04:00
|
|
|
|
// We don't need any collections if we're flagged to have all access.
|
2017-05-11 14:52:35 -04:00
|
|
|
|
collections = new List<SelectionReadOnly>();
|
2017-04-20 23:50:12 -04:00
|
|
|
|
}
|
2017-05-11 14:52:35 -04:00
|
|
|
|
await _organizationUserRepository.ReplaceAsync(user, collections);
|
2017-12-01 16:00:30 -05:00
|
|
|
|
await _eventService.LogOrganizationUserEventAsync(user, EventType.OrganizationUser_Updated);
|
2017-03-11 22:42:27 -05:00
|
|
|
|
}
|
2017-03-09 23:58:43 -05:00
|
|
|
|
|
2017-12-12 13:21:15 -05:00
|
|
|
|
public async Task DeleteUserAsync(Guid organizationId, Guid organizationUserId, Guid? deletingUserId)
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByIdAsync(organizationUserId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (orgUser == null || orgUser.OrganizationId != organizationId)
|
2017-03-23 00:17:34 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User not valid.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (deletingUserId.HasValue && orgUser.UserId == deletingUserId.Value)
|
2017-04-18 15:27:54 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You cannot remove yourself.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-17 10:10:44 +02:00
|
|
|
|
if (orgUser.Type == OrganizationUserType.Owner && deletingUserId.HasValue &&
|
2021-07-08 17:05:32 +02:00
|
|
|
|
!await _currentContext.OrganizationOwner(organizationId))
|
2017-09-27 22:37:13 -04:00
|
|
|
|
{
|
2021-05-17 10:10:44 +02:00
|
|
|
|
throw new BadRequestException("Only owners can delete other owners.");
|
2017-09-27 22:37:13 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
if (!await HasConfirmedOwnersExceptAsync(organizationId, new[] { organizationUserId }))
|
2017-03-29 21:26:19 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization must have at least one confirmed owner.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-04-12 10:07:27 -04:00
|
|
|
|
await _organizationUserRepository.DeleteAsync(orgUser);
|
2017-12-01 16:00:30 -05:00
|
|
|
|
await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_Removed);
|
2017-05-26 22:52:50 -04:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (orgUser.UserId.HasValue)
|
2017-07-10 16:38:18 -04:00
|
|
|
|
{
|
2021-05-17 10:10:44 +02:00
|
|
|
|
await DeleteAndPushUserRegistrationAsync(organizationId, orgUser.UserId.Value);
|
2017-07-10 16:38:18 -04:00
|
|
|
|
}
|
2017-04-12 10:07:27 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public async Task DeleteUserAsync(Guid organizationId, Guid userId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, userId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (orgUser == null)
|
2017-04-12 10:07:27 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-09-23 06:36:08 -04:00
|
|
|
|
if (!await HasConfirmedOwnersExceptAsync(organizationId, new[] { orgUser.Id }))
|
2017-04-12 10:07:27 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization must have at least one confirmed owner.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-23 00:17:34 -04:00
|
|
|
|
await _organizationUserRepository.DeleteAsync(orgUser);
|
2017-12-01 16:00:30 -05:00
|
|
|
|
await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_Removed);
|
2017-05-26 22:52:50 -04:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (orgUser.UserId.HasValue)
|
2017-07-10 16:38:18 -04:00
|
|
|
|
{
|
2021-05-17 10:10:44 +02:00
|
|
|
|
await DeleteAndPushUserRegistrationAsync(organizationId, orgUser.UserId.Value);
|
2017-07-10 16:38:18 -04:00
|
|
|
|
}
|
2017-03-23 00:17:34 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
public async Task<List<Tuple<OrganizationUser, string>>> DeleteUsersAsync(Guid organizationId,
|
|
|
|
|
|
IEnumerable<Guid> organizationUsersId,
|
2021-05-17 10:10:44 +02:00
|
|
|
|
Guid? deletingUserId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var orgUsers = await _organizationUserRepository.GetManyAsync(organizationUsersId);
|
|
|
|
|
|
var filteredUsers = orgUsers.Where(u => u.OrganizationId == organizationId)
|
|
|
|
|
|
.ToList();
|
|
|
|
|
|
|
|
|
|
|
|
if (!filteredUsers.Any())
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Users invalid.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
if (!await HasConfirmedOwnersExceptAsync(organizationId, organizationUsersId))
|
2021-05-17 10:10:44 +02:00
|
|
|
|
{
|
2021-05-25 19:23:47 +02:00
|
|
|
|
throw new BadRequestException("Organization must have at least one confirmed owner.");
|
2021-05-17 10:10:44 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
var deletingUserIsOwner = false;
|
|
|
|
|
|
if (deletingUserId.HasValue)
|
2021-05-17 10:10:44 +02:00
|
|
|
|
{
|
2021-07-08 17:05:32 +02:00
|
|
|
|
deletingUserIsOwner = await _currentContext.OrganizationOwner(organizationId);
|
2021-05-17 10:10:44 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
var result = new List<Tuple<OrganizationUser, string>>();
|
|
|
|
|
|
var deletedUserIds = new List<Guid>();
|
2021-05-17 10:10:44 +02:00
|
|
|
|
foreach (var orgUser in filteredUsers)
|
|
|
|
|
|
{
|
2021-05-25 19:23:47 +02:00
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
if (deletingUserId.HasValue && orgUser.UserId == deletingUserId)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You cannot remove yourself.");
|
|
|
|
|
|
}
|
2021-05-17 10:10:44 +02:00
|
|
|
|
|
2021-05-25 19:23:47 +02:00
|
|
|
|
if (orgUser.Type == OrganizationUserType.Owner && deletingUserId.HasValue && !deletingUserIsOwner)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Only owners can delete other owners.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
await _eventService.LogOrganizationUserEventAsync(orgUser, EventType.OrganizationUser_Removed);
|
|
|
|
|
|
|
|
|
|
|
|
if (orgUser.UserId.HasValue)
|
|
|
|
|
|
{
|
|
|
|
|
|
await DeleteAndPushUserRegistrationAsync(organizationId, orgUser.UserId.Value);
|
|
|
|
|
|
}
|
|
|
|
|
|
result.Add(Tuple.Create(orgUser, ""));
|
|
|
|
|
|
deletedUserIds.Add(orgUser.Id);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (BadRequestException e)
|
2021-05-17 10:10:44 +02:00
|
|
|
|
{
|
2021-05-25 19:23:47 +02:00
|
|
|
|
result.Add(Tuple.Create(orgUser, e.Message));
|
2021-05-17 10:10:44 +02:00
|
|
|
|
}
|
2021-05-25 19:23:47 +02:00
|
|
|
|
|
|
|
|
|
|
await _organizationUserRepository.DeleteManyAsync(deletedUserIds);
|
2021-05-17 10:10:44 +02:00
|
|
|
|
}
|
2021-05-25 19:23:47 +02:00
|
|
|
|
|
|
|
|
|
|
return result;
|
2021-05-17 10:10:44 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-08-05 08:50:41 -04:00
|
|
|
|
public async Task<bool> HasConfirmedOwnersExceptAsync(Guid organizationId, IEnumerable<Guid> organizationUsersId, bool includeProvider = true)
|
2021-05-17 10:10:44 +02:00
|
|
|
|
{
|
|
|
|
|
|
var confirmedOwners = await GetConfirmedOwnersAsync(organizationId);
|
|
|
|
|
|
var confirmedOwnersIds = confirmedOwners.Select(u => u.Id);
|
2021-08-05 08:50:41 -04:00
|
|
|
|
bool hasOtherOwner = confirmedOwnersIds.Except(organizationUsersId).Any();
|
|
|
|
|
|
if (!hasOtherOwner && includeProvider)
|
|
|
|
|
|
{
|
|
|
|
|
|
return (await _currentContext.ProviderIdForOrg(organizationId)).HasValue;
|
|
|
|
|
|
}
|
|
|
|
|
|
return hasOtherOwner;
|
2021-05-17 10:10:44 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-01-12 11:02:39 -05:00
|
|
|
|
public async Task UpdateUserGroupsAsync(OrganizationUser organizationUser, IEnumerable<Guid> groupIds, Guid? loggedInUserId)
|
2017-12-01 16:00:30 -05:00
|
|
|
|
{
|
2021-01-12 11:02:39 -05:00
|
|
|
|
if (loggedInUserId.HasValue)
|
|
|
|
|
|
{
|
2021-07-08 17:05:32 +02:00
|
|
|
|
await ValidateOrganizationUserUpdatePermissions(organizationUser.OrganizationId, organizationUser.Type, null);
|
2021-01-12 11:02:39 -05:00
|
|
|
|
}
|
2017-12-01 16:00:30 -05:00
|
|
|
|
await _organizationUserRepository.UpdateGroupsAsync(organizationUser.Id, groupIds);
|
2019-05-14 11:16:30 -04:00
|
|
|
|
await _eventService.LogOrganizationUserEventAsync(organizationUser,
|
|
|
|
|
|
EventType.OrganizationUser_UpdatedGroups);
|
2017-12-01 16:00:30 -05:00
|
|
|
|
}
|
2021-05-17 09:43:02 -05:00
|
|
|
|
|
2021-03-30 09:48:52 -05:00
|
|
|
|
public async Task UpdateUserResetPasswordEnrollmentAsync(Guid organizationId, Guid organizationUserId, string resetPasswordKey, Guid? callingUserId)
|
|
|
|
|
|
{
|
2021-05-19 09:40:32 -05:00
|
|
|
|
// Org User must be the same as the calling user and the organization ID associated with the user must match passed org ID
|
2021-03-30 09:48:52 -05:00
|
|
|
|
var orgUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId, organizationUserId);
|
2021-09-23 06:36:08 -04:00
|
|
|
|
if (!callingUserId.HasValue || orgUser == null || orgUser.UserId != callingUserId.Value ||
|
2021-03-30 09:48:52 -05:00
|
|
|
|
orgUser.OrganizationId != organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("User not valid.");
|
|
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-05-19 09:40:32 -05:00
|
|
|
|
// Make sure the organization has the ability to use password reset
|
|
|
|
|
|
var org = await _organizationRepository.GetByIdAsync(organizationId);
|
|
|
|
|
|
if (org == null || !org.UseResetPassword)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization does not allow password reset enrollment.");
|
|
|
|
|
|
}
|
2021-03-30 09:48:52 -05:00
|
|
|
|
|
2021-05-19 09:40:32 -05:00
|
|
|
|
// Make sure the organization has the policy enabled
|
|
|
|
|
|
var resetPasswordPolicy =
|
|
|
|
|
|
await _policyRepository.GetByOrganizationIdTypeAsync(organizationId, PolicyType.ResetPassword);
|
|
|
|
|
|
if (resetPasswordPolicy == null || !resetPasswordPolicy.Enabled)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization does not have the password reset policy enabled.");
|
|
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-07-08 10:48:43 -05:00
|
|
|
|
// Block the user from withdrawal if auto enrollment is enabled
|
|
|
|
|
|
if (resetPasswordKey == null && resetPasswordPolicy.Data != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
var data = JsonConvert.DeserializeObject<ResetPasswordDataModel>(resetPasswordPolicy.Data);
|
|
|
|
|
|
|
|
|
|
|
|
if (data?.AutoEnrollEnabled ?? false)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Due to an Enterprise Policy, you are not allowed to withdraw from Password Reset.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-03-30 09:48:52 -05:00
|
|
|
|
orgUser.ResetPasswordKey = resetPasswordKey;
|
|
|
|
|
|
await _organizationUserRepository.ReplaceAsync(orgUser);
|
2021-05-17 09:43:02 -05:00
|
|
|
|
await _eventService.LogOrganizationUserEventAsync(orgUser, resetPasswordKey != null ?
|
2021-03-30 09:48:52 -05:00
|
|
|
|
EventType.OrganizationUser_ResetPassword_Enroll : EventType.OrganizationUser_ResetPassword_Withdraw);
|
|
|
|
|
|
}
|
2017-12-01 16:00:30 -05:00
|
|
|
|
|
2017-08-15 16:11:08 -04:00
|
|
|
|
public async Task<OrganizationLicense> GenerateLicenseAsync(Guid organizationId, Guid installationId)
|
|
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2017-08-30 11:23:55 -04:00
|
|
|
|
return await GenerateLicenseAsync(organization, installationId);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-18 17:00:21 -04:00
|
|
|
|
public async Task<OrganizationLicense> GenerateLicenseAsync(Organization organization, Guid installationId,
|
|
|
|
|
|
int? version = null)
|
2017-08-30 11:23:55 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-08-15 16:11:08 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var installation = await _installationRepository.GetByIdAsync(installationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (installation == null || !installation.Enabled)
|
2017-08-15 16:11:08 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Invalid installation id");
|
|
|
|
|
|
}
|
2019-02-19 17:13:21 -05:00
|
|
|
|
|
2019-02-18 15:40:47 -05:00
|
|
|
|
var subInfo = await _paymentService.GetSubscriptionAsync(organization);
|
2020-08-20 10:12:27 -04:00
|
|
|
|
return new OrganizationLicense(organization, subInfo, installationId, _licensingService, version);
|
2017-08-15 16:11:08 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-01-30 17:56:37 -05:00
|
|
|
|
public async Task<OrganizationUser> InviteUserAsync(Guid organizationId, Guid? invitingUserId, string email,
|
|
|
|
|
|
OrganizationUserType type, bool accessAll, string externalId, IEnumerable<SelectionReadOnly> collections)
|
|
|
|
|
|
{
|
|
|
|
|
|
var invite = new OrganizationUserInvite()
|
|
|
|
|
|
{
|
|
|
|
|
|
Emails = new List<string> { email },
|
|
|
|
|
|
Type = type,
|
|
|
|
|
|
AccessAll = accessAll,
|
|
|
|
|
|
Collections = collections,
|
|
|
|
|
|
};
|
2021-09-23 06:36:08 -04:00
|
|
|
|
var results = await InviteUsersAsync(organizationId, invitingUserId,
|
|
|
|
|
|
new (OrganizationUserInvite, string)[] { (invite, externalId) });
|
2021-01-30 17:56:37 -05:00
|
|
|
|
var result = results.FirstOrDefault();
|
|
|
|
|
|
if (result == null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("This user has already been invited.");
|
|
|
|
|
|
}
|
|
|
|
|
|
return result;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-15 14:41:20 -04:00
|
|
|
|
public async Task ImportAsync(Guid organizationId,
|
2020-04-23 11:29:19 -04:00
|
|
|
|
Guid? importingUserId,
|
2017-05-16 00:11:21 -04:00
|
|
|
|
IEnumerable<ImportedGroup> groups,
|
|
|
|
|
|
IEnumerable<ImportedOrganizationUser> newUsers,
|
2019-05-06 21:31:20 -04:00
|
|
|
|
IEnumerable<string> removeUserExternalIds,
|
|
|
|
|
|
bool overwriteExisting)
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
2017-12-19 16:02:39 -05:00
|
|
|
|
var organization = await GetOrgById(organizationId);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization == null)
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new NotFoundException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!organization.UseDirectory)
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
2017-05-20 15:31:16 -04:00
|
|
|
|
throw new BadRequestException("Organization cannot use directory syncing.");
|
2017-05-13 12:00:40 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-20 15:31:16 -04:00
|
|
|
|
var newUsersSet = new HashSet<string>(newUsers?.Select(u => u.ExternalId) ?? new List<string>());
|
2017-05-18 10:41:47 -04:00
|
|
|
|
var existingUsers = await _organizationUserRepository.GetManyDetailsByOrganizationAsync(organizationId);
|
|
|
|
|
|
var existingExternalUsers = existingUsers.Where(u => !string.IsNullOrWhiteSpace(u.ExternalId)).ToList();
|
|
|
|
|
|
var existingExternalUsersIdDict = existingExternalUsers.ToDictionary(u => u.ExternalId, u => u.Id);
|
2017-05-13 12:00:40 -04:00
|
|
|
|
|
2017-05-15 14:41:20 -04:00
|
|
|
|
// Users
|
2017-11-13 12:09:39 -05:00
|
|
|
|
|
2017-05-15 14:41:20 -04:00
|
|
|
|
// Remove Users
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (removeUserExternalIds?.Any() ?? false)
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
2017-05-16 00:11:21 -04:00
|
|
|
|
var removeUsersSet = new HashSet<string>(removeUserExternalIds);
|
2017-05-18 10:41:47 -04:00
|
|
|
|
var existingUsersDict = existingExternalUsers.ToDictionary(u => u.ExternalId);
|
2017-05-13 14:14:20 -04:00
|
|
|
|
|
2021-05-17 09:43:02 -05:00
|
|
|
|
await _organizationUserRepository.DeleteManyAsync(removeUsersSet
|
2017-05-15 14:41:20 -04:00
|
|
|
|
.Except(newUsersSet)
|
2021-05-17 09:43:02 -05:00
|
|
|
|
.Where(u => existingUsersDict.ContainsKey(u) && existingUsersDict[u].Type != OrganizationUserType.Owner)
|
|
|
|
|
|
.Select(u => existingUsersDict[u].Id));
|
2017-05-13 12:00:40 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (overwriteExisting)
|
2019-05-06 21:31:20 -04:00
|
|
|
|
{
|
|
|
|
|
|
// Remove existing external users that are not in new user set
|
2021-05-17 09:43:02 -05:00
|
|
|
|
var usersToDelete = existingExternalUsers.Where(u =>
|
|
|
|
|
|
u.Type != OrganizationUserType.Owner &&
|
|
|
|
|
|
!newUsersSet.Contains(u.ExternalId) &&
|
|
|
|
|
|
existingExternalUsersIdDict.ContainsKey(u.ExternalId));
|
|
|
|
|
|
await _organizationUserRepository.DeleteManyAsync(usersToDelete.Select(u => u.Id));
|
|
|
|
|
|
foreach (var deletedUser in usersToDelete)
|
2019-05-06 21:31:20 -04:00
|
|
|
|
{
|
2021-05-17 09:43:02 -05:00
|
|
|
|
existingExternalUsersIdDict.Remove(deletedUser.ExternalId);
|
2019-05-06 21:31:20 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (newUsers?.Any() ?? false)
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
2017-11-10 15:22:19 -05:00
|
|
|
|
// Marry existing users
|
|
|
|
|
|
var existingUsersEmailsDict = existingUsers
|
|
|
|
|
|
.Where(u => string.IsNullOrWhiteSpace(u.ExternalId))
|
|
|
|
|
|
.ToDictionary(u => u.Email);
|
|
|
|
|
|
var newUsersEmailsDict = newUsers.ToDictionary(u => u.Email);
|
|
|
|
|
|
var usersToAttach = existingUsersEmailsDict.Keys.Intersect(newUsersEmailsDict.Keys).ToList();
|
2021-05-17 09:43:02 -05:00
|
|
|
|
var usersToUpsert = new List<OrganizationUser>();
|
2020-03-27 14:36:37 -04:00
|
|
|
|
foreach (var user in usersToAttach)
|
2017-11-10 15:22:19 -05:00
|
|
|
|
{
|
|
|
|
|
|
var orgUserDetails = existingUsersEmailsDict[user];
|
|
|
|
|
|
var orgUser = await _organizationUserRepository.GetByIdAsync(orgUserDetails.Id);
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (orgUser != null)
|
2017-11-10 15:22:19 -05:00
|
|
|
|
{
|
|
|
|
|
|
orgUser.ExternalId = newUsersEmailsDict[user].ExternalId;
|
2021-05-17 09:43:02 -05:00
|
|
|
|
usersToUpsert.Add(orgUser);
|
2017-11-10 15:22:19 -05:00
|
|
|
|
existingExternalUsersIdDict.Add(orgUser.ExternalId, orgUser.Id);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2021-05-17 09:43:02 -05:00
|
|
|
|
await _organizationUserRepository.UpsertManyAsync(usersToUpsert);
|
2017-11-10 15:22:19 -05:00
|
|
|
|
|
|
|
|
|
|
// Add new users
|
|
|
|
|
|
var existingUsersSet = new HashSet<string>(existingExternalUsersIdDict.Keys);
|
2017-05-15 14:41:20 -04:00
|
|
|
|
var usersToAdd = newUsersSet.Except(existingUsersSet).ToList();
|
2017-05-13 12:00:40 -04:00
|
|
|
|
|
2017-05-15 14:41:20 -04:00
|
|
|
|
var seatsAvailable = int.MaxValue;
|
2017-05-18 08:58:08 -04:00
|
|
|
|
var enoughSeatsAvailable = true;
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (organization.Seats.HasValue)
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
2017-05-15 14:41:20 -04:00
|
|
|
|
var userCount = await _organizationUserRepository.GetCountByOrganizationIdAsync(organizationId);
|
|
|
|
|
|
seatsAvailable = organization.Seats.Value - userCount;
|
2017-05-18 08:58:08 -04:00
|
|
|
|
enoughSeatsAvailable = seatsAvailable >= usersToAdd.Count;
|
2017-05-13 12:00:40 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-17 09:43:02 -05:00
|
|
|
|
var userInvites = new List<(OrganizationUserInvite, string)>();
|
2021-03-25 08:42:04 -05:00
|
|
|
|
foreach (var user in newUsers)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (!usersToAdd.Contains(user.ExternalId) || string.IsNullOrWhiteSpace(user.Email))
|
2017-05-16 00:11:21 -04:00
|
|
|
|
{
|
2021-03-25 08:42:04 -05:00
|
|
|
|
continue;
|
|
|
|
|
|
}
|
2017-05-16 00:11:21 -04:00
|
|
|
|
|
2021-03-25 08:42:04 -05:00
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
var invite = new OrganizationUserInvite
|
2017-05-18 08:58:08 -04:00
|
|
|
|
{
|
2021-03-25 08:42:04 -05:00
|
|
|
|
Emails = new List<string> { user.Email },
|
|
|
|
|
|
Type = OrganizationUserType.User,
|
|
|
|
|
|
AccessAll = false,
|
|
|
|
|
|
Collections = new List<SelectionReadOnly>(),
|
|
|
|
|
|
};
|
2021-05-17 09:43:02 -05:00
|
|
|
|
userInvites.Add((invite, user.ExternalId));
|
2021-03-25 08:42:04 -05:00
|
|
|
|
}
|
|
|
|
|
|
catch (BadRequestException)
|
|
|
|
|
|
{
|
|
|
|
|
|
// Thrown when the user is already invited to the organization
|
|
|
|
|
|
continue;
|
2017-05-13 12:00:40 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2021-05-17 09:43:02 -05:00
|
|
|
|
|
|
|
|
|
|
var invitedUsers = await InviteUsersAsync(organizationId, importingUserId, userInvites);
|
|
|
|
|
|
foreach (var invitedUser in invitedUsers)
|
|
|
|
|
|
{
|
|
|
|
|
|
existingExternalUsersIdDict.Add(invitedUser.ExternalId, invitedUser.Id);
|
|
|
|
|
|
}
|
2017-05-13 12:00:40 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2017-11-13 12:09:39 -05:00
|
|
|
|
|
2021-05-17 09:43:02 -05:00
|
|
|
|
// Groups
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (groups?.Any() ?? false)
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (!organization.UseGroups)
|
2017-05-20 15:31:16 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization cannot use groups.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-16 00:11:21 -04:00
|
|
|
|
var groupsDict = groups.ToDictionary(g => g.Group.ExternalId);
|
2017-05-18 10:41:47 -04:00
|
|
|
|
var existingGroups = await _groupRepository.GetManyByOrganizationIdAsync(organizationId);
|
2019-05-14 11:16:30 -04:00
|
|
|
|
var existingExternalGroups = existingGroups
|
|
|
|
|
|
.Where(u => !string.IsNullOrWhiteSpace(u.ExternalId)).ToList();
|
2017-05-18 10:41:47 -04:00
|
|
|
|
var existingExternalGroupsDict = existingExternalGroups.ToDictionary(g => g.ExternalId);
|
2017-05-15 14:41:20 -04:00
|
|
|
|
|
|
|
|
|
|
var newGroups = groups
|
2017-05-18 10:41:47 -04:00
|
|
|
|
.Where(g => !existingExternalGroupsDict.ContainsKey(g.Group.ExternalId))
|
2017-05-16 00:11:21 -04:00
|
|
|
|
.Select(g => g.Group);
|
2017-05-15 14:41:20 -04:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
foreach (var group in newGroups)
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
2017-05-15 14:41:20 -04:00
|
|
|
|
group.CreationDate = group.RevisionDate = DateTime.UtcNow;
|
2017-05-13 12:00:40 -04:00
|
|
|
|
|
2017-05-15 14:41:20 -04:00
|
|
|
|
await _groupRepository.CreateAsync(group);
|
2019-05-14 11:16:30 -04:00
|
|
|
|
await UpdateUsersAsync(group, groupsDict[group.ExternalId].ExternalUserIds,
|
|
|
|
|
|
existingExternalUsersIdDict);
|
2017-05-15 14:41:20 -04:00
|
|
|
|
}
|
2017-05-13 14:14:20 -04:00
|
|
|
|
|
2017-05-18 10:41:47 -04:00
|
|
|
|
var updateGroups = existingExternalGroups
|
2017-05-15 16:37:56 -04:00
|
|
|
|
.Where(g => groupsDict.ContainsKey(g.ExternalId))
|
|
|
|
|
|
.ToList();
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (updateGroups.Any())
|
2017-05-13 12:00:40 -04:00
|
|
|
|
{
|
2017-05-15 16:37:56 -04:00
|
|
|
|
var groupUsers = await _groupRepository.GetManyGroupUsersByOrganizationIdAsync(organizationId);
|
|
|
|
|
|
var existingGroupUsers = groupUsers
|
2017-05-15 15:01:16 -04:00
|
|
|
|
.GroupBy(gu => gu.GroupId)
|
2017-05-15 16:37:56 -04:00
|
|
|
|
.ToDictionary(g => g.Key, g => new HashSet<Guid>(g.Select(gr => gr.OrganizationUserId)));
|
2017-05-15 14:41:20 -04:00
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
foreach (var group in updateGroups)
|
2017-05-15 15:01:16 -04:00
|
|
|
|
{
|
2017-05-16 00:11:21 -04:00
|
|
|
|
var updatedGroup = groupsDict[group.ExternalId].Group;
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (group.Name != updatedGroup.Name)
|
2017-05-15 16:37:56 -04:00
|
|
|
|
{
|
|
|
|
|
|
group.RevisionDate = DateTime.UtcNow;
|
|
|
|
|
|
group.Name = updatedGroup.Name;
|
|
|
|
|
|
|
|
|
|
|
|
await _groupRepository.ReplaceAsync(group);
|
|
|
|
|
|
}
|
2017-05-15 15:01:16 -04:00
|
|
|
|
|
2019-05-14 11:16:30 -04:00
|
|
|
|
await UpdateUsersAsync(group, groupsDict[group.ExternalId].ExternalUserIds,
|
|
|
|
|
|
existingExternalUsersIdDict,
|
2017-05-15 16:37:56 -04:00
|
|
|
|
existingGroupUsers.ContainsKey(group.Id) ? existingGroupUsers[group.Id] : null);
|
2017-05-15 15:01:16 -04:00
|
|
|
|
}
|
2017-05-13 12:00:40 -04:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-08-17 13:12:55 -04:00
|
|
|
|
await _referenceEventService.RaiseEventAsync(
|
|
|
|
|
|
new ReferenceEvent(ReferenceEventType.DirectorySynced, organization));
|
2017-05-13 12:00:40 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-03-04 09:52:43 -05:00
|
|
|
|
public async Task RotateApiKeyAsync(Organization organization)
|
|
|
|
|
|
{
|
|
|
|
|
|
organization.ApiKey = CoreHelpers.SecureRandomString(30);
|
|
|
|
|
|
organization.RevisionDate = DateTime.UtcNow;
|
|
|
|
|
|
await ReplaceAndUpdateCache(organization);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-26 14:12:04 -04:00
|
|
|
|
public async Task DeleteSsoUserAsync(Guid userId, Guid? organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
await _ssoUserRepository.DeleteAsync(userId, organizationId);
|
|
|
|
|
|
if (organizationId.HasValue)
|
|
|
|
|
|
{
|
|
|
|
|
|
var organizationUser = await _organizationUserRepository.GetByOrganizationAsync(organizationId.Value, userId);
|
|
|
|
|
|
if (organizationUser != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
await _eventService.LogOrganizationUserEventAsync(organizationUser, EventType.OrganizationUser_UnlinkedSso);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-07-01 14:31:05 +02:00
|
|
|
|
public async Task<Organization> UpdateOrganizationKeysAsync(Guid orgId, string publicKey, string privateKey)
|
2021-05-19 09:40:32 -05:00
|
|
|
|
{
|
2021-07-08 17:05:32 +02:00
|
|
|
|
if (!await _currentContext.ManageResetPassword(orgId))
|
2021-05-19 09:40:32 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new UnauthorizedAccessException();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// If the keys already exist, error out
|
|
|
|
|
|
var org = await _organizationRepository.GetByIdAsync(orgId);
|
|
|
|
|
|
if (org.PublicKey != null && org.PrivateKey != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Organization Keys already exist");
|
|
|
|
|
|
}
|
2021-07-08 17:05:32 +02:00
|
|
|
|
|
2021-05-19 09:40:32 -05:00
|
|
|
|
// Update org with generated public/private key
|
|
|
|
|
|
org.PublicKey = publicKey;
|
|
|
|
|
|
org.PrivateKey = privateKey;
|
|
|
|
|
|
await UpdateAsync(org);
|
2021-09-23 06:36:08 -04:00
|
|
|
|
|
2021-05-19 09:40:32 -05:00
|
|
|
|
return org;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-15 14:41:20 -04:00
|
|
|
|
private async Task UpdateUsersAsync(Group group, HashSet<string> groupUsers,
|
2017-05-15 15:01:16 -04:00
|
|
|
|
Dictionary<string, Guid> existingUsersIdDict, HashSet<Guid> existingUsers = null)
|
2017-05-15 14:41:20 -04:00
|
|
|
|
{
|
2017-05-15 16:37:56 -04:00
|
|
|
|
var availableUsers = groupUsers.Intersect(existingUsersIdDict.Keys);
|
|
|
|
|
|
var users = new HashSet<Guid>(availableUsers.Select(u => existingUsersIdDict[u]));
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (existingUsers != null && existingUsers.Count == users.Count && users.SetEquals(existingUsers))
|
2017-05-15 15:01:16 -04:00
|
|
|
|
{
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-05-15 14:41:20 -04:00
|
|
|
|
await _groupRepository.UpdateUsersAsync(group.Id, users);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-29 21:26:19 -04:00
|
|
|
|
private async Task<IEnumerable<OrganizationUser>> GetConfirmedOwnersAsync(Guid organizationId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var owners = await _organizationUserRepository.GetManyByOrganizationAsync(organizationId,
|
2017-05-13 12:00:40 -04:00
|
|
|
|
OrganizationUserType.Owner);
|
|
|
|
|
|
return owners.Where(o => o.Status == OrganizationUserStatusType.Confirmed);
|
2017-03-29 21:26:19 -04:00
|
|
|
|
}
|
2017-08-11 08:57:31 -04:00
|
|
|
|
|
2021-05-17 10:10:44 +02:00
|
|
|
|
private async Task DeleteAndPushUserRegistrationAsync(Guid organizationId, Guid userId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var deviceIds = await GetUserDeviceIdsAsync(userId);
|
|
|
|
|
|
await _pushRegistrationService.DeleteUserRegistrationOrganizationAsync(deviceIds,
|
|
|
|
|
|
organizationId.ToString());
|
|
|
|
|
|
await _pushNotificationService.PushSyncOrgKeysAsync(userId);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2017-08-11 08:57:31 -04:00
|
|
|
|
private async Task<IEnumerable<string>> GetUserDeviceIdsAsync(Guid userId)
|
|
|
|
|
|
{
|
|
|
|
|
|
var devices = await _deviceRepository.GetManyByUserIdAsync(userId);
|
2017-11-14 08:39:16 -05:00
|
|
|
|
return devices.Where(d => !string.IsNullOrWhiteSpace(d.PushToken)).Select(d => d.Id.ToString());
|
2017-08-11 08:57:31 -04:00
|
|
|
|
}
|
2017-12-19 16:02:39 -05:00
|
|
|
|
|
|
|
|
|
|
private async Task ReplaceAndUpdateCache(Organization org, EventType? orgEvent = null)
|
|
|
|
|
|
{
|
|
|
|
|
|
await _organizationRepository.ReplaceAsync(org);
|
|
|
|
|
|
await _applicationCacheService.UpsertOrganizationAbilityAsync(org);
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (orgEvent.HasValue)
|
2017-12-19 16:02:39 -05:00
|
|
|
|
{
|
|
|
|
|
|
await _eventService.LogOrganizationEventAsync(org, orgEvent.Value);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private async Task<Organization> GetOrgById(Guid id)
|
|
|
|
|
|
{
|
|
|
|
|
|
return await _organizationRepository.GetByIdAsync(id);
|
|
|
|
|
|
}
|
2019-03-21 21:36:03 -04:00
|
|
|
|
|
|
|
|
|
|
private void ValidateOrganizationUpgradeParameters(Models.StaticStore.Plan plan, OrganizationUpgrade upgrade)
|
|
|
|
|
|
{
|
2020-08-11 14:19:56 -04:00
|
|
|
|
if (!plan.HasAdditionalStorageOption && upgrade.AdditionalStorageGb > 0)
|
2019-03-21 21:36:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Plan does not allow additional storage.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (upgrade.AdditionalStorageGb < 0)
|
2019-03-21 21:36:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You can't subtract storage!");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-11 14:19:56 -04:00
|
|
|
|
if (!plan.HasPremiumAccessOption && upgrade.PremiumAccessAddon)
|
2019-03-21 21:36:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("This plan does not allow you to buy the premium access addon.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (plan.BaseSeats + upgrade.AdditionalSeats <= 0)
|
2019-03-21 21:36:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You do not have any seats!");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-03-27 14:36:37 -04:00
|
|
|
|
if (upgrade.AdditionalSeats < 0)
|
2019-03-21 21:36:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("You can't subtract seats!");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-11 14:19:56 -04:00
|
|
|
|
if (!plan.HasAdditionalSeatsOption && upgrade.AdditionalSeats > 0)
|
2019-03-21 21:36:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Plan does not allow additional users.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-11 14:19:56 -04:00
|
|
|
|
if (plan.HasAdditionalSeatsOption && plan.MaxAdditionalSeats.HasValue &&
|
2019-03-21 21:36:03 -04:00
|
|
|
|
upgrade.AdditionalSeats > plan.MaxAdditionalSeats.Value)
|
|
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException($"Selected plan allows a maximum of " +
|
|
|
|
|
|
$"{plan.MaxAdditionalSeats.GetValueOrDefault(0)} additional users.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2021-01-12 11:02:39 -05:00
|
|
|
|
|
2021-07-08 17:05:32 +02:00
|
|
|
|
private async Task ValidateOrganizationUserUpdatePermissions(Guid organizationId, OrganizationUserType newType,
|
2021-07-01 14:31:05 +02:00
|
|
|
|
OrganizationUserType? oldType)
|
2021-01-12 11:02:39 -05:00
|
|
|
|
{
|
2021-07-08 17:05:32 +02:00
|
|
|
|
if (await _currentContext.OrganizationOwner(organizationId))
|
2021-01-12 11:02:39 -05:00
|
|
|
|
{
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-07-01 14:31:05 +02:00
|
|
|
|
if (oldType == OrganizationUserType.Owner || newType == OrganizationUserType.Owner)
|
2021-01-12 11:02:39 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Only an Owner can configure another Owner's account.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-07-08 17:05:32 +02:00
|
|
|
|
if (await _currentContext.OrganizationAdmin(organizationId))
|
2021-01-12 11:02:39 -05:00
|
|
|
|
{
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-07-01 14:31:05 +02:00
|
|
|
|
if (oldType == OrganizationUserType.Custom || newType == OrganizationUserType.Custom)
|
2021-01-12 11:02:39 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Only Owners and Admins can configure Custom accounts.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-07-08 17:05:32 +02:00
|
|
|
|
if (!await _currentContext.ManageUsers(organizationId))
|
2021-01-12 11:02:39 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Your account does not have permission to manage users.");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-07-01 14:31:05 +02:00
|
|
|
|
if (oldType == OrganizationUserType.Admin || newType == OrganizationUserType.Admin)
|
2021-01-12 11:02:39 -05:00
|
|
|
|
{
|
|
|
|
|
|
throw new BadRequestException("Custom users can not manage Admins or Owners.");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2017-03-03 00:07:11 -05:00
|
|
|
|
}
|
|
|
|
|
|
}
|
