cauca-9-1-1 / cause-security-management Goto Github PK

Il faudrait empêcher de créer 2 utilisateurs ou groupes avec le même nom. Sinon, on aura 2 utilisateurs avec le même nom d'utilisateur, mais des mots de passe différents. Dès que c'est fait, mettre à jour le nuGet dans SURVI-Prevention, Portail client et mass alert.

We need to update to .net core 3

Is your feature request related to a problem? Please describe.
User can't use their own context, they have to use the built in one.

Describe the solution you'd like
Allow user to user their own context if that's what they'd like.

• This could be done using ISecurityContext or the abstract BaseSecurityContext.

Describe the bug
Sur le SaveChanges, j'ai l'erreur database operation expected to affect 1 row(s) but actually affected 0 row(s)

To Reproduce
Steps to reproduce the behavior:

1. Dans le CustomerPortal, dans l'environnement de Test, appeler le OnCallPeriodGeneric avec l'object suivant :
   {
   "id":"b49623e1-1fba-4720-aa2f-9d2ee9d24f63",
   "startsOn":"2019-12-11T12:00:00.000Z",
   "endsOn":"2019-12-11T22:00:00.000Z",
   "teamId":"10-12 A",
   "firemen":[
   {
   "firemanId":"64c95efc-3dfe-4f96-bfc0-243685ed3983",
   "startsOn":"2019-12-11T12:00:00.000Z",
   "endsOn":"2019-12-11T22:00:00.000Z"

    }, {
    	"firemanId":"b7cddd4f-4ad7-40a5-babe-06efea402044"
    	,"startsOn":"2019-12-11T12:00:00.000Z",
    	"endsOn":"2019-12-11T22:00:00.000Z"
    	
    }]
   

}

Expected behavior
Le SaveChanges ne devrait pas générer une erreur

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

Describe the bug
I'm setting my IConfiguration.UseExternalSystemLogin to true and the ApiClient is still sending a body containing a userId and a password, which is incorrect.

Expected behavior
Send the right body when logging in as an external system.

Describe the bug
Information ne s'écrit pas avec un s au pluriel en anglais. Voir les classes LoginInformations et ExternalLoginInformations.

Describe the bug
In group management, when we add a group and remove users from the group, we have an error. After this, we always have a 500 from the server.

To Reproduce
Steps to reproduce the behavior:

1. Go to customer portal/management/groups
2. Click on + to add a group
3. Add a group
4. Edit the group, remove all the members of the group and save
5. Refresh the page (F5) and edit again the group
6. Remove only one member (what should be valid) and save again
7. We got the error

Expected behavior
We should remove members when there is more than one and not have the page crash when returning a 500.

Desktop (please complete the following information):
Seen on customer portal and survi-prevention web applications

Adding permissions management

In updating permissions (Add a new permission, remove, etc.), we need to get the moduleId for the right project. We actually have an hardcoded id, so just need to get the tag of the app and get his moduleId

Describe the bug
When the refresh token become expired, the library is supposed to login again to the external system and get brand new access et refresh tokens. The login is done correctly, but the access token is set to null immediately and an exception is thrown almost immediately.

Expected behavior
The library should correctly login and continue working transparently.

Is your feature request related to a problem? Please describe.
Migration doesn't work with the SecurityContext.

Describe the solution you'd like
Add a SecurityContextFactory so we can use migration.

Add a way for the user to log in using an API key. Everything else would remain the exact same as now with JWT token.

Is your feature request related to a problem? Please describe.
We currently use AuthentifiedController when we want to get the current user from the HttpContext.

Describe the solution you'd like
We should use a mockable service to facilitate unit testing. Something like ICurrentSessionService.

Describe alternatives you've considered
We can currently fake the HttpContext.

What needs to be done.
We need to create a library to make it easy to call a secure API from a c# application.

Additional context
We currently have such a library in SURVI.Prevention.ApiClient. All we need is to extract whatever we need to make it generic.

Set refresh timeout 1 minute and token timeout 2 minutes for developpement testing

Describe the bug
Some of the configuration used by the library is weirdly injected and this needs to be fixed. Let's use Options<T> instead of directly using IConfiguration, which is not a good practice.

This will be a breaking change, but it will make things cleaner.

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

The title says it all.

Is your feature request related to a problem? Please describe.
Option device management on userToken creation.

Describe the bug
UserNameAlreadyUsed from the service should be available from the controller.

Is your feature request related to a problem? Please describe.
We need to start working on the .Net Core 5 version of this library.

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

Describe the bug
The API is missing the AddTokenAuthentification part.

Describe the bug
Cannot update current user because it is already attached to context

To Reproduce
Steps to reproduce the behavior:

1. Modify the currentUser
2. UpdateUser
3. See error

Expected behavior
Save current user must be modify