using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Options;
using PowderCoating.Core.Entities;
using PowderCoating.Infrastructure.Data;
using System.Security.Claims;
namespace PowderCoating.Infrastructure.Services;
///
/// Custom claims principal factory that adds company-specific claims to the user's identity
///
public class ApplicationUserClaimsPrincipalFactory : UserClaimsPrincipalFactory
{
private readonly ApplicationDbContext _context;
public ApplicationUserClaimsPrincipalFactory(
UserManager userManager,
RoleManager roleManager,
IOptions options,
ApplicationDbContext context)
: base(userManager, roleManager, options)
{
_context = context;
}
protected override async Task GenerateClaimsAsync(ApplicationUser user)
{
var identity = await base.GenerateClaimsAsync(user);
// Add CompanyId claim if user has a company
if (user.CompanyId > 0)
{
identity.AddClaim(new Claim("CompanyId", user.CompanyId.ToString()));
// Add subscription plan display name from DB (for display in nav)
var company = await _context.Companies.IgnoreQueryFilters()
.Where(c => c.Id == user.CompanyId && !c.IsDeleted)
.Select(c => new { c.SubscriptionPlan })
.FirstOrDefaultAsync();
if (company != null)
{
// Look up the DisplayName from SubscriptionPlanConfig so it reflects DB values
var planConfig = await _context.SubscriptionPlanConfigs.IgnoreQueryFilters()
.Where(p => p.Plan == company.SubscriptionPlan && p.IsActive && !p.IsDeleted)
.Select(p => new { p.DisplayName })
.FirstOrDefaultAsync();
var planName = planConfig?.DisplayName ?? company.SubscriptionPlan.ToString();
identity.AddClaim(new Claim("SubscriptionPlan", planName));
}
}
// Add CompanyRole claim if user has a company role
if (!string.IsNullOrEmpty(user.CompanyRole))
{
identity.AddClaim(new Claim("CompanyRole", user.CompanyRole));
}
// Add user's full name for display purposes
identity.AddClaim(new Claim("FullName", user.FullName));
// Add appearance claims
identity.AddClaim(new Claim("Theme", user.Theme ?? "light"));
identity.AddClaim(new Claim("SidebarColor", user.SidebarColor ?? "ocean"));
identity.AddClaim(new Claim("HasProfilePicture",
(!string.IsNullOrEmpty(user.ProfilePictureFilePath)).ToString().ToLower()));
identity.AddClaim(new Claim("ProfilePictureVersion", (user.UpdatedAt ?? DateTime.UtcNow).Ticks.ToString()));
// Add permission claims for easier authorization
if (user.CanManageJobs)
{
identity.AddClaim(new Claim("Permission", "ManageJobs"));
}
if (user.CanManageInventory)
{
identity.AddClaim(new Claim("Permission", "ManageInventory"));
}
if (user.CanManageCustomers)
{
identity.AddClaim(new Claim("Permission", "ManageCustomers"));
}
if (user.CanCreateQuotes)
{
identity.AddClaim(new Claim("Permission", "CreateQuotes"));
}
if (user.CanApproveQuotes)
{
identity.AddClaim(new Claim("Permission", "ApproveQuotes"));
}
if (user.CanManageCalendar)
{
identity.AddClaim(new Claim("Permission", "ManageCalendar"));
}
if (user.CanViewCalendar)
{
identity.AddClaim(new Claim("Permission", "ViewCalendar"));
}
if (user.CanManageProducts)
{
identity.AddClaim(new Claim("Permission", "ManageProducts"));
}
if (user.CanViewProducts)
{
identity.AddClaim(new Claim("Permission", "ViewProducts"));
}
if (user.CanManageEquipment)
{
identity.AddClaim(new Claim("Permission", "ManageEquipment"));
}
if (user.CanManageVendors)
{
identity.AddClaim(new Claim("Permission", "ManageVendors"));
}
if (user.CanManageMaintenance)
{
identity.AddClaim(new Claim("Permission", "ManageMaintenance"));
}
if (user.CanManageInvoices)
{
identity.AddClaim(new Claim("Permission", "ManageInvoices"));
}
if (user.CanViewReports)
{
identity.AddClaim(new Claim("Permission", "ViewReports"));
}
if (user.CanManageBills)
{
identity.AddClaim(new Claim("Permission", "ManageBills"));
}
if (user.CanManageAccounting)
{
identity.AddClaim(new Claim("Permission", "ManageAccounting"));
}
return identity;
}
}