Feature/user

src/Application/Auth/Commands/ForgotPasswordCommand.cs

@@ -33,7 +33,6 @@ public async Task<bool> Handle(ForgotPasswordCommand request, CancellationToken
                 {
                     x.Id,
                     x.Email,
-                    CompanyName = x.Company.Name,
                     Name = x.Employee != null ? x.Employee.FullName : "there",
                 })
                 .FirstAsync(cancellationToken);
@@ -43,7 +42,6 @@ public async Task<bool> Handle(ForgotPasswordCommand request, CancellationToken
 
             var emailText = await staticContentReader.ReadContentAsync("email-templates/forgot-password.html");
             emailText = emailText.Replace("[User Name]", user.Name);
-            emailText = emailText.Replace("[Company Name]", user.CompanyName);
             emailText = emailText.Replace("[Year]", DateTime.Now.Year.ToString());
             emailText = emailText.Replace("[Reset Password Link]", link);
             emailService.Send(user.Email!.ToValueObject<Email>(), "Reset Your Password", emailText);

src/Application/Common/Abstract/IIdentityService.cs

@@ -35,5 +35,5 @@ public interface IIdentityService
 
     Task<bool> IsEmailConfirmedAsync(int userId);
 
-    Task AddSeedDataAsync(Company company);
+    Task AddSeedDataAsync();
 }

src/Application/Users/Commands/AddUserCommand.cs

@@ -57,7 +57,7 @@ private async Task<int> CreateUserAsync(AddUserCommand request, CancellationToke
         private async Task<User> CreateIdentity(Company company, AddUserCommand request)
         {
             var role = await identityService.GetRoleAsync(request.Role.AsEnum<RoleName>());
-            var user = User.Create(request.Email.ToValueObject<Email>(), request.PhoneNumber.ToValueObject<PhoneNumber>(), company.Id);
+            var user = User.Create(request.Email.ToValueObject<Email>(), request.PhoneNumber.ToValueObject<PhoneNumber>());
 
             var claims = new Dictionary<string, string>
             {
@@ -71,6 +71,7 @@ private async Task<User> CreateIdentity(Company company, AddUserCommand request)
             {
                 UserId = user.Id,
             });
+
             return user;
         }
     }

src/Application/Users/Events/UserCreatedEvent.cs

@@ -24,7 +24,7 @@ public async Task Handle(UserCreatedEvent notification, CancellationToken cancel
                     {
                         x.Id,
                         x.Email,
-                        CompanyName = x.Company.Name,
+                        CompanyName = x.Employee != null ? x.Employee.Company.Name : "",
                         Name = x.Employee != null ? x.Employee.FullName : "there",
                     })
                     .FirstAsync(cancellationToken);

src/Database/Scripts/20240407.sql

@@ -30,7 +30,6 @@ CREATE TABLE domain_events (
 -- users
 CREATE TABLE public.users (
 	id int4 GENERATED BY DEFAULT AS IDENTITY( INCREMENT BY 1 MINVALUE 1 MAXVALUE 2147483647 START 1 CACHE 1 NO CYCLE) NOT NULL,
-	company_id int NOT NULL,
 	user_name text NULL,
 	normalized_user_name text NULL,
 	email text NULL,
@@ -49,8 +48,7 @@ CREATE TABLE public.users (
 	created_on timestamptz NOT NULL,
 	modified_by int NULL,
 	modified_on timestamptz NULL,
-	CONSTRAINT pk_users PRIMARY KEY (id),
-    CONSTRAINT fk_users_company_id FOREIGN KEY (company_id) REFERENCES companies (id) MATCH SIMPLE
+	CONSTRAINT pk_users PRIMARY KEY (id)
 );
 CREATE UNIQUE INDEX uk_users_email ON public.users USING btree (email);
 CREATE UNIQUE INDEX uk_users_phone_number ON public.users USING btree (phone_number);

src/Domain/Identity/User.cs

@@ -1,4 +1,3 @@
-using Domain.Companies;
 using Domain.Employees;
 using Microsoft.AspNetCore.Identity;
 
@@ -11,22 +10,17 @@ private User()
         Claims = [];
     }
 
-    public int CompanyId { get; private set; }
-
-    public Company Company { get; private set; } = null!;
-
     public Employee? Employee { get; private set; } = null!;
 
     public ICollection<IdentityUserClaim<int>> Claims { get; private set; }
 
-    public static User Create(Email email, PhoneNumber phoneNumber, int companyId)
+    public static User Create(Email email, PhoneNumber phoneNumber)
     {
         var user = new User
         {
             UserName = email.Value,
             Email = email.Value,
             PhoneNumber = phoneNumber.Value,
-            CompanyId = companyId
         };
 
         return user;

src/Infrastructure/BackgroundJobs/SeedDataJob.cs

@@ -8,7 +8,7 @@ public async Task Run()
         {
             if (!await dbContext.Companies.AnyAsync())
             {
-                var company = Company.Create("Acme", "admin@example.com".ToValueObject<Email>(), "9876543210".ToValueObject<PhoneNumber>(), "Acme Admin", 3.ToValueObject<FinancialMonth>());
+                var company = Company.Create("Example Company", "admin@example.com".ToValueObject<Email>(), "9876543210".ToValueObject<PhoneNumber>(), "Super Admin", 3.ToValueObject<FinancialMonth>());
                 await dbContext.Companies.AddAsync(company);
                 await dbContext.SaveChangesAsync(default);
             }
@@ -18,8 +18,7 @@ public async Task Run()
                 using var transaction = await dbContext.Database.BeginTransactionAsync();
                 try
                 {
-                    var company = await dbContext.Companies.FirstAsync();
-                    await identityService.AddSeedDataAsync(company);
+                    await identityService.AddSeedDataAsync();
                     await transaction.CommitAsync();
                 }
                 catch (Exception)

src/Infrastructure/EntityFramework/Configuration/IdentityConfig.cs

@@ -70,10 +70,6 @@ public void Configure(EntityTypeBuilder<User> builder)
                      .WithOne()
                      .HasForeignKey(uc => uc.UserId)
                      .IsRequired();
-
-                builder
-                    .Property(x => x.CompanyId)
-                    .HasColumnName("company_id");
             }
         }
 

src/Infrastructure/Services/IdentityService.cs

@@ -109,7 +109,7 @@ public async Task<bool> IsEmailConfirmedAsync(int userId)
         return await userManager.IsEmailConfirmedAsync(user!);
     }
 
-    public async Task AddSeedDataAsync(Company company)
+    public async Task AddSeedDataAsync()
     {
         foreach (var roleName in (RoleName[])Enum.GetValues(typeof(RoleName)))
         {
@@ -118,7 +118,7 @@ public async Task AddSeedDataAsync(Company company)
             VerifyResult(result);
         }
 
-        User user = User.Create("admin@example.com".ToValueObject<Email>(), "9876543210".ToValueObject<PhoneNumber>(), company.Id);
+        User user = User.Create("admin@example.com".ToValueObject<Email>(), "9876543210".ToValueObject<PhoneNumber>());
         var role = await GetRoleAsync(RoleName.SuperAdmin);
         await CreateUserAsync(user, role);
         var token = await GenerateAccountVerificationTokenAsync(user.Id);

src/Infrastructure/Services/JwtService.cs

@@ -3,6 +3,7 @@
 using System.Security.Cryptography;
 using System.Text;
 using Application.Auth.Commands;
+using Domain.Identity;
 using Microsoft.AspNetCore.Http;
 using Microsoft.IdentityModel.Tokens;
 
@@ -123,31 +124,24 @@ private async Task<string> GenerateRefreshTokenAsync(User user, CancellationToke
     private async Task AddCustomClaimsAsync(List<Claim> claims, CancellationToken cancellationToken)
     {
         var userId = int.Parse(claims.Find(x => x.Type == ClaimTypes.NameIdentifier)!.Value);
-        var user = await dbContext
-            .Users
-            .Select(x => new
-            {
-                x.Id,
-                x.CompanyId,
-            })
-            .FirstAsync(x => x.Id == userId);
 
         var employee = await dbContext
             .Employees
             .IgnoreQueryFilters()
-            .Where(x => x.UserId == userId && x.CompanyId == user.CompanyId)
+            .Where(x => x.UserId == userId)
             .Select(x => new
             {
                 x.Id,
-                x.FullName
+                x.FullName,
+                x.CompanyId
             })
             .FirstOrDefaultAsync(cancellationToken);
 
-        claims.Add(new Claim("companyId", user.CompanyId.ToString()));
         if (employee != null)
         {
             claims.Add(new Claim("employeeId", employee.Id.ToString()!));
             claims.Add(new Claim("name", employee.FullName.ToString()!));
+            claims.Add(new Claim("companyId", employee.CompanyId.ToString()));
         }
     }
 }

src/Presentation.Server/DependencyRegistration/AuthPolicy.cs

@@ -1,12 +1,44 @@
+using static Domain.Common.Enums;
+
 namespace Presentation.DependencyRegistration
 {
-    public static class AuthPolicy
+    internal static class AuthPolicy
     {
         public const string AllRoles = "ALL-ROLES-CAN-ACCESS";
         public const string SuperAdmin = "ONLY-SUPER-ADMIN-CAN-ACCESS";
         public const string CompanyAdmin = "ONLY-COMPANY-ADMIN-CAN-ACCESS";
         public const string CompanyAdminOrEmployee = "COMPANY-ADMIN-AND-EMPLOYEE-CAN-ACCESS";
         public const string Employee = "ONLY-EMPLOYEE-CAN-ACCESS";
         public const string AllowAnonymous = "ALLOW-ANONYMOUS";
+
+        internal static IServiceCollection AddAuthPolicy(this IServiceCollection services)
+        {
+            services.AddAuthorizationBuilder()
+                .AddPolicy(AllRoles, policy => policy.RequireAssertion(context =>
+                {
+                    return context.User.IsInRole(RoleName.SuperAdmin.ToString()) ||
+                        context.User.IsInRole(RoleName.CompanyAdmin.ToString()) ||
+                        context.User.IsInRole(RoleName.Employee.ToString());
+                }))
+                .AddPolicy(SuperAdmin, policy => policy.RequireAssertion(context =>
+                {
+                    return context.User.IsInRole(RoleName.SuperAdmin.ToString());
+                }))
+                .AddPolicy(CompanyAdmin, policy => policy.RequireAssertion(context =>
+                {
+                    return context.User.IsInRole(RoleName.CompanyAdmin.ToString());
+                }))
+                .AddPolicy(CompanyAdminOrEmployee, policy => policy.RequireAssertion(context =>
+                {
+                    return context.User.IsInRole(RoleName.CompanyAdmin.ToString()) ||
+                        context.User.IsInRole(RoleName.Employee.ToString());
+                }))
+                .AddPolicy(Employee, policy => policy.RequireAssertion(context =>
+                {
+                    return context.User.IsInRole(RoleName.Employee.ToString());
+                }));
+
+            return services;
+        }
     }
 }

src/Presentation.Server/DependencyRegistration/DependencyRegistration.cs

@@ -1,3 +1,5 @@
+using Microsoft.AspNetCore.Mvc.Authorization;
+
 namespace Presentation.DependencyRegistration
 {
     public static class DependencyRegistration
@@ -9,7 +11,7 @@ public static IServiceCollection AddPresentationServices(this IServiceCollection
             builder.Services.AddSwagger();
             services.AddHttpContextAccessor();
             services.AddSerilogUI(builder.Configuration);
-            services.AddMvcWithAuthPolicy();
+            services.AddAuthPolicy();
             services.AddHealthChecks();
 
             services.AddCors(options => options.AddPolicy("CORS",
@@ -23,6 +25,11 @@ public static IServiceCollection AddPresentationServices(this IServiceCollection
                 }
             }));
 
+            services.AddMvc(options =>
+            {
+                options.Filters.Add(new AuthorizeFilter());
+            });
+
             return services;
         }
     }

src/Presentation.Server/DependencyRegistration/SerilogUI.cs

@@ -1,4 +1,3 @@
-using Serilog;
 using Serilog.Ui.Core.Extensions;
 using Serilog.Ui.PostgreSqlProvider.Extensions;
 using Serilog.Ui.Web.Extensions;
@@ -11,11 +10,16 @@ internal static void AddSerilogUI(this IServiceCollection services, IConfigurati
         {
             services.AddSerilog();
 
-            var logTable = configuration.GetValue<string>("Serilog:WriteTo:0:Args:tableName")!;
-            var connectionString = configuration.GetValue<string>("Serilog:WriteTo:0:Args:connectionString")!;
-
             services.AddSerilogUi(options =>
-                options.UseNpgSql(options => options.WithConnectionString(connectionString).WithTable(logTable)));
+            {
+                var logTable = configuration.GetValue<string>("Serilog:WriteTo:0:Args:tableName")!;
+                var connectionString = configuration.GetValue<string>("Serilog:WriteTo:0:Args:connectionString")!;
+
+                options.UseNpgSql(options => options.WithConnectionString(connectionString)
+                    .WithTable(logTable))
+                    .AddScopedBasicAuthFilter();
+            })
+            .AddControllersWithViews();
         }
     }
 }

src/Presentation.Server/DependencyRegistration/Swagger.cs

@@ -27,12 +27,12 @@ public static void AddSwagger(this IServiceCollection services)
                 options.SwaggerDoc("v1", new OpenApiInfo
                 {
                     Version = "v1",
-                    Title = "Bit Xplorer HR",
-                    Description = "Rest API for accessing CAB Portal data",
+                    Title = "BIT-HRMS",
+                    Description = "Rest API for accessing BIT-HRMS data",
                     TermsOfService = new Uri(EXAMPLE_DOT_COM),
                     Contact = new OpenApiContact
                     {
-                        Name = "Rawae API",
+                        Name = "BIT-HRMS API",
                         Url = new Uri(EXAMPLE_DOT_COM)
                     },
                 });

src/Presentation.Server/Middleware/Middleware.cs

@@ -19,14 +19,15 @@ public static void ConfigureMiddleware(this WebApplication app)
                 app.UseSwaggerUI();
             }
 
-            if (!app.Environment.IsDevelopment())
-            {
-                app.UseHttpsRedirection();
-            }
-
+            app.UseHttpsRedirection();
             app.UseAuthentication();
             app.UseAuthorization();
-            app.UseSerilogUi();
+
+            app.UseSerilogUi(options =>
+            {
+                options.WithAuthenticationType(Serilog.Ui.Web.Models.AuthenticationType.Basic)
+                    .WithExpandedDropdownsByDefault();
+            });
             app.MapControllers();
             app.MapFallbackToFile("/index.html");
             app.UseHealthChecks("/health");