public ActionResult CustomerRoles(CustomerRoleModel model, string submitButton)
{
//check the other submit buttons and act on them, or continue
switch (submitButton)
{
case "Cancel":
return(RedirectToAction("Index", "Users"));
}
int userID = (new UserFactory()).GetUserId(model.Username);
//remove all caching table data for this user
(new UserCustomerAccessManager()).ClearCustomerAccess(userID);
//first, we HAVE to loop horugh and remove all the groups before we add. This way when adding maintneance groups, the _maint group gtes added correctly.
foreach (var customerRole in model.CustomerRoles)
{
//get a auth manager for this customer
var authMan = new AuthorizationManager(customerRole.CustomerInternalName);
//remove the user from all the groups in this customer
authMan.RemoveMemberGroups(model.Username);
//remove them from maintenance as well. this is the only place we do this since this is the only place they can be added to a maint gorup without being set as a technician.
//IE - only applies to administrative users.
authMan.RemoveMemberFromMaintenanceGroup(model.Username);
//now we have to clear the menu cache
HttpContext.Cache.Remove("__PemsMenu" + customerRole.CustomerInternalName.Trim() + model.Username.Trim());
}
//now add the correct roles
foreach (var customerRole in model.CustomerRoles)
{
// now add them to the specific group for this store they will have access to
//only need to do this when there is a valid group name (not empty)
if (customerRole.CurrentRole != (new ResourceFactory()).GetLocalizedTitle(ResourceTypes.DropDownDefault, "Select One"))
{
var authMan = new AuthorizationManager(customerRole.CustomerInternalName);
authMan.AddGroupMember(customerRole.CurrentRole, model.Username, false);
//also update the caching table - they have access to one role, so they have access to the site.
authMan.AddCustomerAccess(userID);
//we also have to add them to the _maintenance Role if this customer is a maintenance group
//IE - we are giving any duncan admin users (which are the only ones using this page)
//that have any access to this maintenance group a _maintenance role as well, so they can log into the handheld.
//have to setup the city first
customerRole.Customer = new PemsCity(customerRole.CustomerInternalName);
if (customerRole.Customer.CustomerType == CustomerProfileType.MaintenanceGroup)
{
(new TechnicianFactory()).AddAdminTechnicianToMaintenanceGroup(model.Username, customerRole.Customer, userID);
}
}
}
return(RedirectToAction("Index", "Users"));
}
/// <summary>
/// Creates the user in the system and returns the system generated username
/// </summary>
/// <param name="useModelUserName">If true then try to use <see cref="UserModel"/> instance Username if it exists. Otherwise fall back to building a user name. </param>
public string CreateUser(UserModel userModel, string storeName, string password, bool active, bool useModelUserName)
{
var authorizationManager = new AuthorizationManager(storeName);
string username = CreateUniqueUserName(userModel.FirstName, userModel.MiddleInitial, userModel.LastName);
username = (useModelUserName && !string.IsNullOrWhiteSpace(userModel.Username)) ? userModel.Username : username;
//register the user
//try to get the dbuser, and if they arlready exists, just create the account, otherwise create the user and account.
if (!authorizationManager.InAuthorizationSystem(username))
{
WebSecurity.CreateUserAndAccount(username,
password,
new
{
FirstName = userModel.FirstName,
MiddleName = userModel.MiddleInitial,
LastName = userModel.LastName,
Phone = userModel.PhoneNumber,
Email = userModel.EmailAddress,
CreatedDate = DateTime.Now,
RequirePasswordReset = true
});
}
else
{
//only create them if they dont already exist
if (!WebSecurity.UserExists(username))
{
//create them
WebSecurity.CreateAccount(username, password);
}
}
//update their profile
//set the models username now that we have it
userModel.Username = username;
UpdateUserProfile(userModel, active);
//now force them to change their pw on next login
UpdateUserPasswordReset(username, true);
//add the password to the password history so they cant set it back ot the default
var pwMGr = new PasswordManager(username);
pwMGr.AddPasswordToHistory(password);
//now add them to the default group for this store they will have access to
authorizationManager.AddGroupMember(Constants.Security.DefaultStoreGroupName, username);
//update the caching table to include this person
int userID = GetUserId(userModel.Username);
authorizationManager.AddCustomerAccess(userID);
//have to check to see if groupname is null - otherwise we throw an error
if (!string.IsNullOrEmpty(userModel.Role))
{
// now add them to the specific group for this store they will have access to
authorizationManager.AddGroupMember(userModel.Role, username);
}
return(username);
}