erp-platform/api/src/Kurs.Platform.Application/Identity/PlatformIdentityAppService.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Kurs.Platform.Entities;
using Kurs.Platform.Extensions;
using Kurs.Platform.Identity.Dto;
using Microsoft.AspNetCore.Authorization;
using Volo.Abp.Application.Services;
using Volo.Abp.Domain.Repositories;
using Volo.Abp.Guids;
using Volo.Abp.Identity;
using Volo.Abp.PermissionManagement;

namespace Kurs.Platform.Identity;

[Authorize]
public class PlatformIdentityAppService : ApplicationService
{
    public IIdentityUserAppService IdentityUserAppService { get; }
    private readonly IIdentityUserRepository identityUserRepository;
    public IRepository<PermissionDefinitionRecord, Guid> permissionRepository { get; }
    public IRepository<Branch, Guid> branchRepository { get; }
    public IRepository<BranchUsers, Guid> branchUsersRepository { get; }
    public IRepository<IdentityClaimType, Guid> claimTypesRepository { get; }
    public IGuidGenerator guidGenerator { get; }
    public IdentityUserManager UserManager { get; set; }

    public PlatformIdentityAppService(
            IIdentityUserAppService identityUserAppService,
            IIdentityUserRepository identityUserRepository,
            IRepository<PermissionDefinitionRecord, Guid> permissionRepository,
            IRepository<Branch, Guid> branchRepository,
            IRepository<BranchUsers, Guid> branchUsersRepository,
            IRepository<IdentityClaimType, Guid> claimTypesRepository,
            IGuidGenerator guidGenerator
        )
    {
        this.IdentityUserAppService = identityUserAppService;
        this.identityUserRepository = identityUserRepository;
        this.permissionRepository = permissionRepository;
        this.branchRepository = branchRepository;
        this.branchUsersRepository = branchUsersRepository;
        this.claimTypesRepository = claimTypesRepository;
        this.guidGenerator = guidGenerator;
    }

    public async Task<UserInfoViewModel> GetByIdAsync(Guid UserId)
    {
        var user = await identityUserRepository.GetAsync(UserId);

        var userRoleNames = (await IdentityUserAppService.GetRolesAsync(user.Id)).Items.Select(r => r.Name).ToList();
        var roles = ObjectMapper.Map<IReadOnlyList<IdentityRoleDto>, AssignedRoleViewModel[]>((await IdentityUserAppService.GetAssignableRolesAsync()).Items);
        foreach (var role in roles)
        {
            if (userRoleNames.Contains(role.Name))
            {
                role.IsAssigned = true;
            }
        }

        var currentTenantId = CurrentTenant.Id.HasValue ? CurrentTenant.Id : null;

        //Branch
        var queryBranch = await branchUsersRepository.GetQueryableAsync();
        var branchUsers = queryBranch.Where(a => a.UserId == UserId).Select(r => r.BranchId).ToList();
        var branchList = await branchRepository.GetListAsync(a => a.TenantId == currentTenantId);
        var branches = branchList.Select(branch => new AssignedBranchViewModel
        {
            Id = branch.Id,
            Name = branch.Name,
            IsAssigned = branchUsers.Contains(branch.Id)
        })
        .ToArray();

        //Claim
        var claimUsers = user.Claims;
        var claimList = await claimTypesRepository.GetListAsync();
        var claims = claimList.Select(claim =>
        {
            var userClaim = claimUsers.FirstOrDefault(c => c.ClaimType == claim.Name);
            return new AssignedClaimViewModel
            {
                Id = userClaim?.Id ?? Guid.Empty,
                ClaimType = claim.Name,
                ClaimValue = userClaim?.ClaimValue,
                IsAssigned = userClaim != null
            };
        }).ToArray();

        return new UserInfoViewModel()
        {
            Id = user.Id,
            UserName = user.UserName,
            Name = user.Name,
            Surname = user.Surname,
            Roles = roles,
            Branches = branches,
            Claims = claims,
            Email = user.Email,
            PhoneNumber = user.PhoneNumber,
            IsActive = user.IsActive,
            TwoFactorEnabled = user.TwoFactorEnabled,
            IsVerified = (bool)user.ExtraProperties["IsVerified"],
            userRoleNames = userRoleNames,
            LockoutEnabled = user.LockoutEnabled,
            LockoutEnd = user.LockoutEnd,
            LockUser = user.LockoutEnabled && user.LockoutEnd.HasValue && user.LockoutEnd.Value.DateTime > DateTime.UtcNow,
            LoginEndDate = user.GetLoginEndDate(),
            ConcurrencyStamp = user.ConcurrencyStamp,
            LastPasswordChangeTime = user.LastPasswordChangeTime,

            EmailConfirmed = user.EmailConfirmed,
            PhoneNumberConfirmed = user.PhoneNumberConfirmed,
            AccessFailedCount = user.AccessFailedCount,
            ShouldChangePasswordOnNextLogin = user.ShouldChangePasswordOnNextLogin,
            RocketUsername = user.GetRocketUsername(),
            CreationTime = user.CreationTime,
            LastModificationTime = user.LastModificationTime,
        };
    }

    public async Task UpdateLockoutAsync(UserInfoViewModel UserInfo)
    {
        var user = await UserManager.GetByIdAsync(UserInfo.Id);
        if (UserInfo.LockUser)
        {
            await UserManager.SetLockoutEnabledAsync(user, true);
            await UserManager.SetLockoutEndDateAsync(user, DateTime.UtcNow.AddYears(1000));
        }
        else
        {
            await UserManager.SetLockoutEndDateAsync(user, null);
        }

        //Admin Verification
        user.SetIsVerified(UserInfo.IsVerified);

        //Two Factor Enabled
        await UserManager.SetTwoFactorEnabledAsync(user, UserInfo.TwoFactorEnabled);

        //LoginEndDate
        user.SetLoginEndDate(UserInfo.LoginEndDate);

        user.SetIsActive(UserInfo.IsActive);

        user.SetEmailConfirmed(UserInfo.EmailConfirmed);
        user.SetPhoneNumberConfirmed(UserInfo.PhoneNumberConfirmed);
        user.SetShouldChangePasswordOnNextLogin(UserInfo.ShouldChangePasswordOnNextLogin);

        if (UserInfo.AccessFailedCount == 0 && user.AccessFailedCount > 0)
        {
            await UserManager.ResetAccessFailedCountAsync(user);
        }
        await UserManager.SetLockoutEnabledAsync(user, UserInfo.LockoutEnabled);
        await UserManager.UpdateAsync(user);
    }

    public async Task UpdateUserAsync(UserInfoViewModel UserInfo)
    {
        var roles = UserInfo.Roles.Where(r => r.IsAssigned).Select(r => r.Name).ToArray();

        var user = await UserManager.GetByIdAsync(UserInfo.Id);
        await UserManager.SetRolesAsync(user, roles);

        user.Name = UserInfo.Name;
        user.Surname = UserInfo.Surname;
        user.SetPhoneNumber(UserInfo.PhoneNumber, user.PhoneNumberConfirmed);
        user.SetLastPasswordChangeTime(UserInfo.LastPasswordChangeTime);
        user.SetRocketUsername(UserInfo.RocketUsername);

        await UserManager.UpdateAsync(user);

        //Braches bu kısımda güncelleniyor.
        var existingBranches = await branchUsersRepository.GetListAsync(x => x.UserId == user.Id);
        foreach (var item in existingBranches)
        {
            await branchUsersRepository.DeleteAsync(item);
        }

        // 2. Yeni atamaları ekle
        var assignedBranchIds = UserInfo.Branches
            .Where(b => b.IsAssigned)
            .Select(b => b.Id)
            .ToList();

        foreach (var branchId in assignedBranchIds)
        {
            var branchUser = new BranchUsers
            {
                UserId = user.Id,
                BranchId = branchId
            };
            await branchUsersRepository.InsertAsync(branchUser);
        }
    }

    public async Task<List<PermissionDefinitionRecord>> GetPermissionList()
    {
        var list = await permissionRepository.GetListAsync();

        return [.. list.OrderBy(p => p.Name)];
    }

    public async Task CreateClaimUserAsync(UserClaimModel input)
    {
        var user = await identityUserRepository.GetAsync(input.UserId);

        user.AddClaim(guidGenerator, new Claim(input.ClaimType, input.ClaimValue));
    }

    public async Task DeleteClaimUser(Guid id, Guid userId)
    {
        var user = await identityUserRepository.GetAsync(userId);
        var claim = user.Claims.FirstOrDefault(a => a.Id == id);

        user.Claims.Remove(claim);
    }
}