using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Identity; using Oqtane.Enums; using Oqtane.Extensions; using Oqtane.Infrastructure; using Oqtane.Models; using Oqtane.Repository; using Oqtane.Security; using Oqtane.Shared; using System; using System.Collections.Generic; using System.Linq; using System.Net; using System.Reflection; using System.Threading.Tasks; using SZUAbsolventenverein.Module.AdminModules.Models; using SZUAbsolventenverein.Module.AdminModules.Repository; namespace SZUAbsolventenverein.Module.AdminModules.Services { public class ServerAdminModulesService : IAdminModulesService { private readonly IAdminModulesRepository _AdminModulesRepository; private readonly UserManager _identityUserManager; private readonly IUserPermissions _userPermissions; private readonly IRoleRepository _roleRepository; private readonly IUserRepository _userRepository; private readonly IUserRoleRepository _userRoleRepository; private readonly INotificationRepository _notifications; private readonly ILogManager _logger; private readonly IHttpContextAccessor _accessor; private readonly Alias _alias; public ServerAdminModulesService(IAdminModulesRepository AdminModulesRepository, UserManager identityUserManager, INotificationRepository notifications, IUserPermissions userPermissions, IRoleRepository roleRepository, IUserRepository userRepository, IUserRoleRepository userRoleRepository, ITenantManager tenantManager, ILogManager logger, IHttpContextAccessor accessor) { _AdminModulesRepository = AdminModulesRepository; _identityUserManager = identityUserManager; _userPermissions = userPermissions; _roleRepository = roleRepository; _userRepository = userRepository; _userRoleRepository = userRoleRepository; _notifications = notifications; _logger = logger; _accessor = accessor; _alias = tenantManager.GetAlias(); } public Task> GetAdminModulessAsync(int ModuleId) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, ModuleId, PermissionNames.View)) { return Task.FromResult(_AdminModulesRepository.GetAdminModuless(ModuleId).ToList()); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Attempt {ModuleId}", ModuleId); return null; } } public Task GetAdminModulesAsync(int AdminModulesId, int ModuleId) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, ModuleId, PermissionNames.View)) { return Task.FromResult(_AdminModulesRepository.GetAdminModules(AdminModulesId)); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Attempt {AdminModulesId} {ModuleId}", AdminModulesId, ModuleId); return null; } } public Task AddAdminModulesAsync(Models.AdminModules AdminModules) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, AdminModules.ModuleId, PermissionNames.Edit)) { AdminModules = _AdminModulesRepository.AddAdminModules(AdminModules); _logger.Log(LogLevel.Information, this, LogFunction.Create, "AdminModules Added {AdminModules}", AdminModules); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Add Attempt {AdminModules}", AdminModules); AdminModules = null; } return Task.FromResult(AdminModules); } public Task UpdateAdminModulesAsync(Models.AdminModules AdminModules) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, AdminModules.ModuleId, PermissionNames.Edit)) { AdminModules = _AdminModulesRepository.UpdateAdminModules(AdminModules); _logger.Log(LogLevel.Information, this, LogFunction.Update, "AdminModules Updated {AdminModules}", AdminModules); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Update Attempt {AdminModules}", AdminModules); AdminModules = null; } return Task.FromResult(AdminModules); } public Task DeleteAdminModulesAsync(int AdminModulesId, int ModuleId) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, ModuleId, PermissionNames.Edit)) { _AdminModulesRepository.DeleteAdminModules(AdminModulesId); _logger.Log(LogLevel.Information, this, LogFunction.Delete, "AdminModules Deleted {AdminModulesId}", AdminModulesId); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Delete Attempt {AdminModulesId} {ModuleId}", AdminModulesId, ModuleId); } return Task.CompletedTask; } public Task> GetRoles(int ModuleId) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, ModuleId, PermissionNames.View)) { List role = new(); role.AddRange(_roleRepository.GetRoles(_alias.SiteId)); return Task.FromResult(role); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Roles Attempt {ModuleId}", ModuleId); return null; } } public Task PostUsercountInRole(EmailFields EmailFields) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, EmailFields.ModuleId, PermissionNames.View)) { EmailFields ef = new EmailFields { UserCount = _userRoleRepository.GetUserRoles(EmailFields.Role.Name, _alias.SiteId).Select(ur => ur.UserId).Distinct().Count() }; return Task.FromResult(ef); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Roles Attempt {AdminModulesId} {ModuleId}", EmailFields.AdminModulesId, EmailFields.ModuleId); return null; } } public async Task SendMassNotification(EmailFields EmailFields) { if (_userPermissions.IsAuthorized(_accessor.HttpContext.User, _alias.SiteId, EntityNames.Module, EmailFields.ModuleId, PermissionNames.View)) { Models.AdminModules template = await GetAdminModulesAsync(EmailFields.AdminModulesId, EmailFields.ModuleId); int emailsSent = 0; IEnumerable userids = _userRoleRepository .GetUserRoles(EmailFields.Role.Name, _alias.SiteId) .Select(ur => ur.UserId) .Distinct() .AsEnumerable(); Console.WriteLine("Should send emails to: " + userids.Count()); foreach (int userid in userids) { Console.WriteLine("Sending email to: " + userid); emailsSent++; User user = _userRepository.GetUser(userid); IdentityUser identityuser = await _identityUserManager.FindByNameAsync(user.Username); string body = template.Content; // Fields befüllen. string token = await _identityUserManager.GeneratePasswordResetTokenAsync(identityuser); string url = _alias.Protocol + _alias.Name + "/reset?name=" + user.Username + "&token=" + WebUtility.UrlEncode(token); body = body.Replace("[UserDisplayName]", user.DisplayName); body = body.Replace("[URL]", url); Notification notification = new Notification(_alias.SiteId, user, template.Name, body, DateTime.UtcNow.AddDays(emailsSent / 100)); _notifications.AddNotification(notification); } return null; } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized AdminModules Get Roles Attempt {AdminModulesId} {ModuleId}", EmailFields.AdminModulesId, EmailFields.ModuleId); return null; } } } }