pavelbannov
320a1f2250
# Conflicts: # common/ASC.Api.Core/Core/BaseStartup.cs # common/ASC.Common/Caching/AscCache.cs # common/ASC.Common/Data/StreamExtension.cs # common/ASC.Common/Utils/RandomString.cs # common/ASC.Core.Common/Billing/CouponManager.cs # common/ASC.Core.Common/Billing/License/LicenseReader.cs # common/ASC.Core.Common/Core/UserGroupRef.cs # common/ASC.Core.Common/Data/DbTenantService.cs # common/ASC.Core.Common/Notify/Jabber/JabberServiceClientWcf.cs # common/ASC.Core.Common/Notify/Telegram/Dao/CachedTelegramDao.cs # common/ASC.Data.Backup.Core/Core/DbHelper.cs # common/ASC.Data.Backup.Core/Storage/BackupRepository.cs # common/ASC.Data.Backup.Core/Tasks/Data/TableInfo.cs # common/ASC.Data.Storage/BaseStorage.cs # common/ASC.Data.Storage/DiscStorage/DiscDataStore.cs # common/ASC.Data.Storage/GoogleCloud/GoogleCloudStorage.cs # common/ASC.Data.Storage/RackspaceCloud/RackspaceCloudStorage.cs # common/ASC.Data.Storage/S3/S3Storage.cs # common/ASC.Notify.Textile/JabberStyler.cs # common/ASC.Textile/Blocks/GlyphBlockModifier.cs # common/ASC.Textile/States/TableRowFormatterState.cs # common/services/ASC.ApiSystem/Classes/CommonMethods.cs # common/services/ASC.ApiSystem/Controllers/PortalController.cs # common/services/ASC.ClearEvents/Program.cs # common/services/ASC.TelegramService/Startup.cs # common/services/ASC.UrlShortener.Svc/Program.cs # products/ASC.Files/Core/Core/Entries/File.cs # products/ASC.Files/Core/Core/Entries/FileEntry.cs # products/ASC.Files/Core/Core/Entries/FileHelper.cs # products/ASC.Files/Core/Core/Entries/Folder.cs # products/ASC.Files/Core/Core/FileStorageService.cs # products/ASC.Files/Core/Core/Thirdparty/ProviderDao/ProviderDaoBase.cs # products/ASC.Files/Core/Helpers/ThirdpartyConfiguration.cs # products/ASC.Files/Core/HttpHandlers/FileHandler.ashx.cs # products/ASC.Files/Core/Services/DocumentService/Configuration.cs # products/ASC.Files/Core/Services/DocumentService/DocumentServiceConnector.cs # products/ASC.Files/Core/Services/DocumentService/DocumentServiceTracker.cs # products/ASC.Files/Core/Services/WCFService/FileOperations/FileDownloadOperation.cs # products/ASC.Files/Core/Services/WCFService/FileOperations/FileMoveCopyOperation.cs # products/ASC.Files/Core/Utils/EntryManager.cs # products/ASC.Files/Server/Helpers/FilesControllerHelper.cs # products/ASC.Files/Server/Startup.cs # products/ASC.Files/Service/Thumbnail/Builder.cs # products/ASC.Files/Service/Thumbnail/FileDataProvider.cs # products/ASC.People/Server/Startup.cs # web/ASC.Web.Core/Files/DocumentService.cs # web/ASC.Web.Core/Files/DocumentServiceLicense.cs # web/ASC.Web.Core/QuotaSync.cs # web/ASC.Web.Core/Sms/SmsKeyStorage.cs # web/ASC.Web.Core/Users/UserManagerWrapper.cs # web/ASC.Web.HealthChecks.UI/Program.cs # web/ASC.Web.Studio/Startup.cs
159 lines
6.8 KiB
C#
159 lines
6.8 KiB
C#
namespace ASC.Web.Api.Controllers
|
|
{
|
|
[Scope]
|
|
[DefaultRoute]
|
|
[ApiController]
|
|
public class SecurityController : ControllerBase
|
|
{
|
|
private PermissionContext PermissionContext { get; }
|
|
private CoreBaseSettings CoreBaseSettings { get; }
|
|
private TenantExtra TenantExtra { get; }
|
|
private TenantManager TenantManager { get; }
|
|
private MessageService MessageService { get; }
|
|
private LoginEventsRepository LoginEventsRepository { get; }
|
|
private AuditEventsRepository AuditEventsRepository { get; }
|
|
private AuditReportCreator AuditReportCreator { get; }
|
|
private SettingsManager SettingsManager { get; }
|
|
|
|
public SecurityController(
|
|
PermissionContext permissionContext,
|
|
CoreBaseSettings coreBaseSettings,
|
|
TenantExtra tenantExtra,
|
|
TenantManager tenantManager,
|
|
MessageService messageService,
|
|
LoginEventsRepository loginEventsRepository,
|
|
AuditEventsRepository auditEventsRepository,
|
|
AuditReportCreator auditReportCreator,
|
|
SettingsManager settingsManager)
|
|
{
|
|
PermissionContext = permissionContext;
|
|
CoreBaseSettings = coreBaseSettings;
|
|
TenantExtra = tenantExtra;
|
|
TenantManager = tenantManager;
|
|
MessageService = messageService;
|
|
LoginEventsRepository = loginEventsRepository;
|
|
AuditEventsRepository = auditEventsRepository;
|
|
AuditReportCreator = auditReportCreator;
|
|
SettingsManager = settingsManager;
|
|
}
|
|
|
|
[Read("audit/login/last")]
|
|
public IEnumerable<EventWrapper> GetLastLoginEvents()
|
|
{
|
|
if (!SetupInfo.IsVisibleSettings(nameof(ManagementType.LoginHistory)))
|
|
{
|
|
throw new BillingException(Resource.ErrorNotAllowedOption, "Audit");
|
|
}
|
|
|
|
PermissionContext.DemandPermissions(SecutiryConstants.EditPortalSettings);
|
|
|
|
return LoginEventsRepository.GetLast(TenantManager.GetCurrentTenant().TenantId, 20).Select(x => new EventWrapper(x));
|
|
}
|
|
|
|
[Read("audit/events/last")]
|
|
public IEnumerable<EventWrapper> GetLastAuditEvents()
|
|
{
|
|
if (!SetupInfo.IsVisibleSettings(nameof(ManagementType.AuditTrail)))
|
|
{
|
|
throw new BillingException(Resource.ErrorNotAllowedOption, "Audit");
|
|
}
|
|
|
|
PermissionContext.DemandPermissions(SecutiryConstants.EditPortalSettings);
|
|
|
|
return AuditEventsRepository.GetLast(TenantManager.GetCurrentTenant().TenantId, 20).Select(x => new EventWrapper(x));
|
|
}
|
|
|
|
[Create("audit/login/report")]
|
|
public object CreateLoginHistoryReport()
|
|
{
|
|
PermissionContext.DemandPermissions(SecutiryConstants.EditPortalSettings);
|
|
|
|
var tenantId = TenantManager.GetCurrentTenant().TenantId;
|
|
|
|
if (!TenantExtra.GetTenantQuota().Audit || !SetupInfo.IsVisibleSettings(nameof(ManagementType.LoginHistory)))
|
|
throw new BillingException(Resource.ErrorNotAllowedOption, "Audit");
|
|
|
|
var settings = SettingsManager.LoadForTenant<TenantAuditSettings>(TenantManager.GetCurrentTenant().TenantId);
|
|
|
|
var to = DateTime.UtcNow;
|
|
var from = to.Subtract(TimeSpan.FromDays(settings.LoginHistoryLifeTime));
|
|
|
|
var reportName = string.Format(AuditReportResource.LoginHistoryReportName + ".csv", from.ToShortDateString(), to.ToShortDateString());
|
|
var events = LoginEventsRepository.Get(tenantId, from, to);
|
|
var result = AuditReportCreator.CreateCsvReport(events, reportName);
|
|
|
|
MessageService.Send(MessageAction.LoginHistoryReportDownloaded);
|
|
return result;
|
|
}
|
|
|
|
[Create("audit/events/report")]
|
|
public object CreateAuditTrailReport()
|
|
{
|
|
PermissionContext.DemandPermissions(SecutiryConstants.EditPortalSettings);
|
|
|
|
var tenantId = TenantManager.GetCurrentTenant().TenantId;
|
|
|
|
if (!TenantExtra.GetTenantQuota().Audit || !SetupInfo.IsVisibleSettings(nameof(ManagementType.AuditTrail)))
|
|
throw new BillingException(Resource.ErrorNotAllowedOption, "Audit");
|
|
|
|
var settings = SettingsManager.LoadForTenant<TenantAuditSettings>(TenantManager.GetCurrentTenant().TenantId);
|
|
|
|
var to = DateTime.UtcNow;
|
|
var from = to.Subtract(TimeSpan.FromDays(settings.AuditTrailLifeTime));
|
|
|
|
var reportName = string.Format(AuditReportResource.AuditTrailReportName + ".csv", from.ToString("MM.dd.yyyy"), to.ToString("MM.dd.yyyy"));
|
|
|
|
var events = AuditEventsRepository.Get(tenantId, from, to);
|
|
var result = AuditReportCreator.CreateCsvReport(events, reportName);
|
|
|
|
MessageService.Send(MessageAction.AuditTrailReportDownloaded);
|
|
return result;
|
|
}
|
|
|
|
[Read("audit/settings/lifetime")]
|
|
public TenantAuditSettings GetAuditSettings()
|
|
{
|
|
if (!SetupInfo.IsVisibleSettings(nameof(ManagementType.LoginHistory)))
|
|
{
|
|
throw new BillingException(Resource.ErrorNotAllowedOption, "Audit");
|
|
}
|
|
|
|
PermissionContext.DemandPermissions(SecutiryConstants.EditPortalSettings);
|
|
|
|
return SettingsManager.LoadForTenant<TenantAuditSettings>(TenantManager.GetCurrentTenant().TenantId);
|
|
}
|
|
|
|
[Create("audit/settings/lifetime")]
|
|
public TenantAuditSettings SetAuditSettingsFromBody([FromBody] TenantAuditSettingsWrapper wrapper)
|
|
{
|
|
return SetAuditSettings(wrapper);
|
|
}
|
|
|
|
[Create("audit/settings/lifetime")]
|
|
[Consumes("application/x-www-form-urlencoded")]
|
|
public TenantAuditSettings SetAuditSettingsFromForm([FromForm] TenantAuditSettingsWrapper wrapper)
|
|
{
|
|
return SetAuditSettings(wrapper);
|
|
}
|
|
|
|
private TenantAuditSettings SetAuditSettings(TenantAuditSettingsWrapper wrapper)
|
|
{
|
|
if (!TenantExtra.GetTenantQuota().Audit || !SetupInfo.IsVisibleSettings(nameof(ManagementType.LoginHistory)))
|
|
throw new BillingException(Resource.ErrorNotAllowedOption, "Audit");
|
|
|
|
PermissionContext.DemandPermissions(SecutiryConstants.EditPortalSettings);
|
|
|
|
if (wrapper.settings.LoginHistoryLifeTime <= 0 || wrapper.settings.LoginHistoryLifeTime > TenantAuditSettings.MaxLifeTime)
|
|
throw new ArgumentException("LoginHistoryLifeTime");
|
|
|
|
if (wrapper.settings.AuditTrailLifeTime <= 0 || wrapper.settings.AuditTrailLifeTime > TenantAuditSettings.MaxLifeTime)
|
|
throw new ArgumentException("AuditTrailLifeTime");
|
|
|
|
SettingsManager.SaveForTenant(wrapper.settings, TenantManager.GetCurrentTenant().TenantId);
|
|
MessageService.Send(MessageAction.AuditSettingsUpdated);
|
|
|
|
return wrapper.settings;
|
|
}
|
|
}
|
|
}
|