Merge branch 'main' of https://git.azuze.fr/kawa/SharepointToolbox-Web

Components/Pages/UserAccessAudit.razor

@@ -3,9 +3,11 @@
 @inject IUserSessionService Session
 @inject ISessionManager SessionMgr
 @inject IUserAccessAuditService AuditSvc
+@inject IGraphUserDirectoryService GraphSvc
 @inject UserAccessCsvExportService CsvExport
 @inject UserAccessHtmlExportService HtmlExport
 @inject WebExportService WebExport
+@inject IAuditService Audit
 @rendermode InteractiveServer
 
 <h1 class="page-title">User Access Audit</h1>
@@ -14,16 +16,45 @@
 @if (!Session.HasProfile) { <NoProfilePrompt /> return; }
 
 <div class="card">
-    <div class="form-row">
-        <div class="form-group" style="flex:2">
-            <label class="form-label">Users (emails, one per line)</label>
-            <textarea class="form-textarea" @bind="_users" placeholder="alice@contoso.com&#10;bob@contoso.com" rows="3"></textarea>
-        </div>
-        <div class="form-group" style="flex:2">
-            <label class="form-label">Site URLs (one per line)</label>
-            <textarea class="form-textarea" @bind="_sites" placeholder="@Session.CurrentProfile!.TenantUrl" rows="3"></textarea>
+    <div class="form-group">
+        <div class="flex-row">
+            <label class="form-label" style="margin:0">Users</label>
+            <div class="spacer"></div>
+            <label style="font-weight:normal"><input type="checkbox" @bind="_includeGuests" /> Include guests</label>
+            <button class="btn btn-secondary btn-sm" @onclick="LoadUsers" disabled="@_loadingUsers">
+                @(_loadingUsers ? $"Loading… ({_loadCount})" : "Load Users")
+            </button>
         </div>
+
+        @if (_directoryUsers.Count > 0)
+        {
+            <div class="flex-row mt-8">
+                <input class="form-input" style="width:260px" @bind="_userFilter" @bind:event="oninput" placeholder="Filter by name or email…" />
+                <span class="text-muted">@_selectedEmails.Count selected</span>
+                <div class="spacer"></div>
+                <button class="btn btn-link btn-sm" @onclick="SelectAllFiltered">Select all (@FilteredUsers.Count())</button>
+                <button class="btn btn-link btn-sm" @onclick="ClearSelection">Clear</button>
+            </div>
+            <div class="user-select-list">
+                @foreach (var u in FilteredUsers.Take(500))
+                {
+                    var email = u.Mail ?? u.UserPrincipalName;
+                    <label class="user-select-row">
+                        <input type="checkbox" checked="@_selectedEmails.Contains(email)"
+                               @onchange="e => ToggleUser(email, (bool)e.Value!)" />
+                        <span class="user-select-name">@u.DisplayName</span>
+                        <span class="text-muted">@email</span>
+                        @if (u.UserType == "Guest") { <span class="chip chip-yellow">Guest</span> }
+                    </label>
+                }
+            </div>
+            @if (FilteredUsers.Count() > 500) { <div class="text-muted mt-8">Showing first 500. Refine filter to narrow.</div> }
+        }
+
+        <label class="form-label mt-8">Additional emails (one per line)</label>
+        <textarea class="form-textarea" @bind="_users" placeholder="alice@contoso.com&#10;bob@contoso.com" rows="2"></textarea>
     </div>
+    <SitePicker Profile="Session.CurrentProfile!" @bind-SelectedSites="_sites" />
     <div class="form-row">
         <div class="form-group" style="display:flex;align-items:center;gap:16px;padding-top:20px">
             <label><input type="checkbox" @bind="_includeInherited" /> Include inherited</label>
@@ -74,7 +105,43 @@
 }
 
 @code {
-    private string _users = string.Empty, _sites = string.Empty;
+    private string _users = string.Empty;
+    private bool _includeGuests, _loadingUsers;
+    private int _loadCount;
+    private string _userFilter = string.Empty;
+    private List<GraphDirectoryUser> _directoryUsers = new();
+    private readonly HashSet<string> _selectedEmails = new(StringComparer.OrdinalIgnoreCase);
+    private List<SiteInfo> _sites = new();
+
+    private IEnumerable<GraphDirectoryUser> FilteredUsers => string.IsNullOrWhiteSpace(_userFilter)
+        ? _directoryUsers
+        : _directoryUsers.Where(u => u.DisplayName.Contains(_userFilter, StringComparison.OrdinalIgnoreCase)
+            || u.UserPrincipalName.Contains(_userFilter, StringComparison.OrdinalIgnoreCase)
+            || (u.Mail?.Contains(_userFilter, StringComparison.OrdinalIgnoreCase) ?? false));
+
+    private async Task LoadUsers()
+    {
+        _error = string.Empty; _loadingUsers = true; _loadCount = 0;
+        var progress = new Progress<int>(c => { _loadCount = c; InvokeAsync(StateHasChanged); });
+        try
+        {
+            _directoryUsers = (await GraphSvc.GetUsersAsync(Session.CurrentProfile!, _includeGuests, progress)).ToList();
+        }
+        catch (Exception ex) { _error = ex.Message; }
+        finally { _loadingUsers = false; await InvokeAsync(StateHasChanged); }
+    }
+
+    private void ToggleUser(string email, bool selected)
+    {
+        if (selected) _selectedEmails.Add(email); else _selectedEmails.Remove(email);
+    }
+
+    private void SelectAllFiltered()
+    {
+        foreach (var u in FilteredUsers) _selectedEmails.Add(u.Mail ?? u.UserPrincipalName);
+    }
+
+    private void ClearSelection() => _selectedEmails.Clear();
     private bool _includeInherited, _includeSubsites, _scanFolders = true;
     private bool _running; private string _status = string.Empty, _error = string.Empty;
     private int _current, _total;
@@ -85,9 +152,11 @@
     {
         _error = string.Empty; _results.Clear(); _running = true;
         _cts = new CancellationTokenSource();
-        var userList = _users.Split('\n', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries).ToList();
-        var siteList = _sites.Split('\n', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries)
-            .Select(u => new SiteInfo(u, u.TrimEnd('/').Split('/').Last())).ToList();
+        var userList = _selectedEmails
+            .Concat(_users.Split('\n', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries))
+            .Distinct(StringComparer.OrdinalIgnoreCase).ToList();
+        if (!userList.Any()) { _error = "Select at least one user or enter an email."; _running = false; return; }
+        var siteList = _sites.ToList();
         if (!siteList.Any()) siteList.Add(new SiteInfo(Session.CurrentProfile!.TenantUrl, Session.CurrentProfile.Name));
         var progress = new Progress<OperationProgress>(p => { _status = p.Message; _current = p.Current; _total = p.Total; InvokeAsync(StateHasChanged); });
         try
@@ -95,6 +164,8 @@
             var opts = new ScanOptions(_includeInherited, _scanFolders, 1, _includeSubsites);
             _results = (await AuditSvc.AuditUsersAsync(SessionMgr, Session.CurrentProfile!, userList, siteList, opts, progress, _cts.Token)).ToList();
             _status = $"Found {_results.Count} access entries.";
+            await Audit.LogAsync("UserAccessAudit", Session.CurrentProfile?.Name ?? "", siteList.Select(s => s.Url),
+                $"{_results.Count} entries for {userList.Count} user(s)");
         }
         catch (OperationCanceledException) { _status = "Cancelled."; }
         catch (Exception ex) { _error = ex.Message; }