public void Authentication_should_success_with_updated_password()
{
var user = new CcmUser
{
UserName = $"User{DateTime.Now:yyyyMMddHHmmss}",
FirstName = "Förnamn",
LastName = "Efternamn",
Password = "******",
Comment = "Testanvändare"
};
var createResult = _sut.Create(user);
Assert.IsTrue(createResult);
Assert.IsTrue(_sut.AuthenticateAsync(user.UserName, "Prinskorv").Result);
user.Password = "******";
var updateResult = _sut.Update(user);
Assert.IsTrue(updateResult);
Assert.IsFalse(_sut.AuthenticateAsync(user.UserName, "Prinskorv").Result);
Assert.IsTrue(_sut.AuthenticateAsync(user.UserName, "Grynkorv").Result);
// Clean up
_sut.Delete(user.Id);
}
public void Delete(CcmUser ccmUser)
{
if (ccmUser == null)
{
throw new ArgumentNullException("ccmUser");
}
using (var db = GetDbContext())
{
UserEntity user = db.Users.SingleOrDefault(u => u.Id == new Guid(ccmUser.Id));
if (user != null)
{
if (user.RegisteredSips != null)
{
user.RegisteredSips.Clear();
}
db.Users.Remove(user);
db.SaveChanges();
}
else
{
log.Info(string.Format("Could not find user {0}", ccmUser.Id));
}
}
}
private async Task <ActionResult> TryLogin(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
try
{
CcmUser user = model.LocalUser
? await _userManager.FindLocalAsync(model.UserName, model.Password)
: await _userManager.FindAsync(model.UserName, model.Password);
if (user != null)
{
await SignInAsync(user, model.RememberMe);
return(RedirectToLocal(returnUrl));
}
ModelState.AddModelError(string.Empty, Resources.Invalid_Username_Password);
}
catch (Exception ex)
{
ModelState.AddModelError(string.Empty, Resources.Invalid_Username_Password);
}
}
return(View(model));
}
public ActionResult Edit(string id)
{
CcmUser user = _userManager.GetUser(id);
if (user == null)
{
return(RedirectToAction("Index"));
}
var model = new UserFormViewModel
{
AccountLocked = user.AccountLocked,
Comment = user.Comment,
DisplayName = user.DisplayName,
FirstName = user.FirstName,
Id = user.Id,
RadiusId = user.RadiusId,
LastName = user.LastName,
UserName = user.UserName,
UserType = user.UserType,
RoleId = user.RoleId,
OwnerId = user.Owner != null ? user.Owner.Id : Guid.Empty,
CodecTypeId = user.CodecType != null ? user.CodecType.Id : Guid.Empty,
};
SetListData(model);
return(View(model));
}
public IHttpActionResult Delete(string userName)
{
if (string.IsNullOrWhiteSpace(userName))
{
return(BadRequest("User name missing"));
}
CcmUser user = _userManager.FindByUserName(userName);
if (user == null)
{
return(NotFound());
}
try
{
if (!_userManager.Delete(user))
{
return(InternalServerError(new ApplicationException("User not deleted")));
}
return(Ok("User deleted"));
}
catch (Exception ex)
{
log.Error("Could not delete user", ex);
return(InternalServerError(new ApplicationException("User could not be deleted. " + ex.Message)));
}
}
public void Create(CcmUser user, string password, bool currentUserIsLocalAdmin = false)
{
if (_radiusUserRepository.UserExists(user.UserName))
{
log.Warn("Can't create user. Username {0} already exists in RADIUS database", user.UserName);
throw new ApplicationException("Användarnamnet finns redan i RADIUS databas.");
}
if (_userRepository.FindByUserName(user.UserName) != null)
{
log.Warn("Can't create user. Username {0} already exists in CCM database", user.UserName);
throw new ApplicationException("Användarnamnet finns redan i CCMs databas.");
}
log.Debug("Creating user in radius.");
user.RadiusId = _radiusUserRepository.CreateUser(user.UserName, password, user.UserType);
if (user.RadiusId <= 0)
{
throw new ApplicationException("Användaren kunde inte skapas i RADIUS.");
}
log.Debug("Creating user in ccm db");
_userRepository.Create(user, currentUserIsLocalAdmin);
}
public ActionResult Edit(Guid id)
{
CcmUser user = _userRepository.GetById(id);
if (user == null)
{
return(RedirectToAction("Index"));
}
var model = new UserFormViewModel
{
Comment = user.Comment,
FirstName = user.FirstName,
Id = user.Id,
LastName = user.LastName,
UserName = user.UserName,
RoleId = user.RoleId,
};
var userIsAdmin = User.IsInRole(Roles.Admin);
model.Roles = GetRoles(userIsAdmin);
ViewBag.Title = Resources.Edit_User;
return(View("CreateEdit", model));
}
private void CcmUserToUser(CcmDbContext cxt, CcmUser ccmUser, UserEntity dbUser, bool currentUserLocalAdmin = false)
{
dbUser.RadiusId = ccmUser.RadiusId;
dbUser.Comment = ccmUser.Comment;
dbUser.DisplayName = ccmUser.DisplayName;
dbUser.FirstName = ccmUser.FirstName;
dbUser.LastName = ccmUser.LastName;
dbUser.Id = new Guid(ccmUser.Id);
dbUser.UserName = ccmUser.UserName;
dbUser.UserType = ccmUser.UserType;
dbUser.Owner = ccmUser.Owner != null?cxt.Owners.SingleOrDefault(o => o.Id == ccmUser.Owner.Id) : null;
dbUser.LocalUser = ccmUser.LocalUser;
dbUser.CodecType = ccmUser.CodecType != null?cxt.CodecTypes.SingleOrDefault(c => c.Id == ccmUser.CodecType.Id) : null;
dbUser.AccountLocked = ccmUser.AccountLocked;
dbUser.UpdatedBy = ccmUser.UpdatedBy;
dbUser.UpdatedOn = DateTime.UtcNow;
ccmUser.UpdatedOn = dbUser.UpdatedOn;
var role = string.IsNullOrWhiteSpace(ccmUser.RoleId) ? null : cxt.Roles.SingleOrDefault(r => r.Id == new Guid(ccmUser.RoleId));
// Only admins allowed to assign admin role to account
if (currentUserLocalAdmin || role == null || role.Name != ApplicationConstants.Admin)
{
dbUser.Role = role;
}
}
private async Task SignInAsync(CcmUser user, bool isPersistent)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity identity = await _userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
AuthenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = isPersistent
}, identity);
}
public bool Delete(CcmUser user)
{
if (_radiusUserRepository.DeleteUser(user.RadiusId))
{
_userRepository.Delete(user);
return(true);
}
return(false);
}
public ActionResult Delete(DeleteUserViewModel model)
{
CcmUser user = _userManager.GetUser(model.Id);
if (user != null)
{
_userManager.Delete(user);
}
return(RedirectToAction("Index"));
}
public CcmRole GetUserRole(CcmUser ccmUser)
{
using (var db = GetDbContext())
{
var user = db.Users.SingleOrDefault(u => u.Id == ccmUser.Id);
return(user?.Role == null ? null : new CcmRole {
Id = user.Role.Id, Name = user.Role.Name
});
}
}
public void Update(CcmUser ccmUser, bool currentUserLocalAdmin = false)
{
using (var db = GetDbContext())
{
UserEntity dbUser = db.Users.SingleOrDefault(u => u.Id == new Guid(ccmUser.Id));
if (dbUser != null)
{
CcmUserToUser(db, ccmUser, dbUser, currentUserLocalAdmin);
db.SaveChanges();
}
}
}
public bool Create(CcmUser ccmUser)
{
using (var db = GetDbContext())
{
var dbUser = new UserEntity();
MapUserEntity(db, ccmUser, dbUser);
db.Users.Add(dbUser);
var result = db.SaveChanges();
ccmUser.Id = dbUser.Id;
return(result >= 1);
}
}
public ActionResult Save(UserFormViewModel model)
{
bool newUser = model.Id == Guid.Empty;
try
{
if (ModelState.IsValid)
{
var user = new CcmUser
{
Id = model.Id,
UserName = model.UserName.Trim(),
FirstName = model.FirstName ?? string.Empty,
LastName = model.LastName ?? string.Empty,
Comment = model.Comment ?? string.Empty,
RoleId = model.RoleId,
Password = model.Password
};
if (newUser)
{
if (_userRepository.GetByUserName(user.UserName) != null)
{
log.Warn("Can't create user. Username {0} already exists in CCM database", user.UserName);
ModelState.AddModelError("SaveUser", Resources.User_Name_Already_Taken);
}
else
{
_userRepository.Create(user);
return(RedirectToAction("Index"));
}
}
else
{
_userRepository.Update(user);
return(RedirectToAction("Index"));
}
}
}
catch (Exception ex)
{
log.Error(ex, "Could not save user");
ModelState.AddModelError("SaveUser", Resources.User_could_not_be_saved);
}
var userIsAdmin = User.IsInRole(Roles.Admin);
model.Roles = GetRoles(userIsAdmin);
ViewBag.Title = newUser ? Resources.New_User : Resources.Edit_User;
return(View("CreateEdit", model));
}
private void SignIn(CcmUser user, bool isPersistent)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity identity = new ClaimsIdentity(DefaultAuthenticationTypes.ApplicationCookie);
identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()));
identity.AddClaim(new Claim("FullName", $"{user.FirstName} {user.LastName}".Trim()));
identity.AddClaim(new Claim(ClaimTypes.Role, user.Role));
AuthenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = isPersistent
}, identity);
}
public IHttpActionResult Get(string username)
{
CcmUser user = _userManager.FindByUserName(username);
if (user == null)
{
return(NotFound());
}
return(Ok(new UserModel()
{
UserName = user.UserName,
DisplayName = user.DisplayName,
Comment = user.Comment
}));
}
public bool Update(CcmUser ccmUser)
{
using (var db = GetDbContext())
{
var dbUser = db.Users.SingleOrDefault(u => u.Id == ccmUser.Id);
if (dbUser == null)
{
return(false);
}
MapUserEntity(db, ccmUser, dbUser);
var result = db.SaveChanges();
return(result == 1);
}
}
public ActionResult Delete(Guid id)
{
CcmUser user = _userRepository.GetById(id);
if (user == null)
{
return(RedirectToAction("Index"));
}
var model = new DeleteUserViewModel
{
Id = user.Id,
UserName = user.UserName
};
return(View(model));
}
public ActionResult Delete(Guid id)
{
CcmUser user = _userManager.GetUser(id.ToString());
if (user == null)
{
return(RedirectToAction("Index"));
}
var model = new DeleteUserViewModel
{
Id = user.Id,
UserName = user.UserName
};
return(View(model));
}
public List <CcmRole> GetUserRoles(CcmUser ccmUser)
{
using (var db = GetDbContext())
{
var user = db.Users.SingleOrDefault(u => u.Id == new Guid(ccmUser.Id));
if (user == null || user.Role == null)
{
return(new List <CcmRole>());
}
var ccmRoles = new List <CcmRole> {
new CcmRole(user.Role.Id.ToString(), user.Role.Name)
};
return(ccmRoles);
}
}
public ActionResult Create(UserFormViewModel model)
{
if (ModelState.IsValid)
{
var user = new CcmUser
{
Comment = model.Comment,
DisplayName = model.DisplayName,
FirstName = model.UserType != UserType.SIP ? model.FirstName : string.Empty,
Id = Guid.NewGuid().ToString(),
LastName = model.UserType != UserType.SIP ? model.LastName : string.Empty,
UserName = model.UserName.Trim(),
UserType = model.UserType,
Owner = model.UserType == UserType.SIP ? _ownersRepository.GetById(model.OwnerId) : null,
CodecType = model.UserType == UserType.SIP ? _codecTypeRepository.GetById(model.CodecTypeId) : null,
CreatedBy = User.Identity.Name,
UpdatedBy = User.Identity.Name,
RoleId = model.RoleId
};
try
{
var userIsLocalAdmin = _userManager.UserIsLocalAdmin(User.Identity.Name);
_userManager.Create(user, model.Password, userIsLocalAdmin);
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
log.Error("Could not create user", ex);
if (ex is ApplicationException)
{
ModelState.AddModelError("CreateUser", ex.Message);
}
else
{
ModelState.AddModelError("CreateUser", "Användaren kunde inte skapas");
}
}
}
SetListData(model);
return(View(model));
}
protected async Task <IPrincipal> AuthenticateAsync(string userName, string password, CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
CcmUser user = null;
#if DEBUG
if (userName == ApplicationSettings.DiscoveryUsername && password == ApplicationSettings.DiscoveryPassword)
{
// Always authenticated
user = new CcmUser(userName);
}
#endif
if (user == null)
{
if (RadiusProvider.Authenticate(userName, password)) // TODO: Anropa asynkront
{
user = GetUser(userName);
}
}
if (user == null)
{
return(null);
}
List <Claim> claims = new List <Claim> {
new Claim(ClaimTypes.Name, userName)
};
var role = GetUserRoles(user);
if (role != null)
{
claims.Add(new Claim(ClaimTypes.Role, role.Name));
}
ClaimsIdentity identity = new ClaimsIdentity(claims, AuthenticationTypes.Basic);
var principal = new ClaimsPrincipal(identity);
return(principal);
}
public void Crud()
{
var user = new CcmUser
{
UserName = $"User{DateTime.Now:yyyyMMddHHmmss}",
FirstName = "Förnamn",
LastName = "Efternamn",
Password = "******",
Comment = "Testanvändare"
};
var createResult = _sut.Create(user);
Assert.IsTrue(createResult);
var user2 = _sut.GetById(user.Id);
Assert.AreEqual("Förnamn", user2.FirstName);
Assert.AreEqual("Efternamn", user2.LastName);
Assert.AreEqual("Testanvändare", user2.Comment);
Assert.AreEqual(user.UserName, user2.UserName);
user2.FirstName = "Alvar";
user2.LastName = "Dysterkvist";
var updateResult = _sut.Update(user2);
Assert.IsTrue(updateResult);
var user3 = _sut.GetById(user2.Id);
Assert.AreEqual("Alvar", user3.FirstName);
Assert.AreEqual("Dysterkvist", user3.LastName);
var deleteResult = _sut.Delete(user3.Id);
Assert.IsTrue(deleteResult);
var user4 = _sut.GetById(user3.Id);
Assert.IsNull(user4);
}
public void Create(CcmUser ccmUser, bool currentUserLocalAdmin = false)
{
if (ccmUser == null)
{
throw new ArgumentNullException("ccmUser");
}
using (var db = GetDbContext())
{
var dbUser = new UserEntity();
CcmUserToUser(db, ccmUser, dbUser, currentUserLocalAdmin);
dbUser.CreatedBy = ccmUser.CreatedBy;
dbUser.CreatedOn = DateTime.UtcNow;
ccmUser.CreatedOn = dbUser.CreatedOn;
db.Users.Add(dbUser);
db.SaveChanges();
}
}
//[RequireHttps]
public ActionResult Edit(UserFormViewModel model)
{
if (ModelState.IsValid)
{
var user = new CcmUser();
user.Comment = model.Comment;
user.DisplayName = model.DisplayName;
user.FirstName = model.UserType != UserType.SIP ? model.FirstName : string.Empty;
user.Id = model.Id;
user.LastName = model.UserType != UserType.SIP ? model.LastName : string.Empty;
user.UserName = model.UserName.Trim();
user.UserType = model.UserType;
user.RadiusId = model.RadiusId;
user.Owner = model.UserType == UserType.SIP ? _ownersRepository.GetById(model.OwnerId) : null;
user.RoleId = model.RoleId;
user.CodecType = model.UserType == UserType.SIP ? _codecTypeRepository.GetById(model.CodecTypeId) : null;
user.UpdatedBy = User.Identity.Name;
try
{
if (!string.IsNullOrWhiteSpace(model.Password) && user.RadiusId > 0)
{
_userManager.UpdatePassword(user.RadiusId, model.Password, user.UserType);
}
var currentUserLocalAdmin = _userManager.UserIsLocalAdmin(User.Identity.Name);
_userManager.Update(user, currentUserLocalAdmin);
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
ModelState.AddModelError("UpdatePassword", ex.Message);
}
}
SetListData(model);
return(View(model));
}
public void Update(CcmUser user, bool currentUserLocalAdmin = false)
{
var existingUser = _userRepository.GetUser(user.Id);
// Endast lokal admin får tilldela admin-rollen
var adminId = _roleRepository.GetRoleIdByName(ApplicationConstants.Admin).ToString();
if (user.RoleId == adminId && existingUser.RoleId != adminId && !currentUserLocalAdmin)
{
throw new Exception("Endast Root-användaren får sätta Admin-rollen.");
}
if (existingUser.UserName != user.UserName)
{
if (!_radiusUserRepository.ChangeUserName(existingUser.RadiusId, user.UserName))
{
throw new Exception("Unable to change username");
}
}
_userRepository.Update(user, currentUserLocalAdmin);
}
public void Authenticate_with_password()
{
var user = new CcmUser
{
UserName = $"User{DateTime.Now:yyyyMMddHHmmss}",
FirstName = "Förnamn",
LastName = "Efternamn",
Password = "******",
Comment = "Testanvändare"
};
var createResult = _sut.Create(user);
Assert.IsTrue(createResult);
Assert.IsFalse(_sut.AuthenticateAsync("", "Pepparkaka").Result);
Assert.IsFalse(_sut.AuthenticateAsync(user.UserName, "Lingonkaka").Result);
Assert.IsTrue(_sut.AuthenticateAsync(user.UserName, "Pepparkaka").Result);
// Clean up
_sut.Delete(user.Id);
}
private void MapUserEntity(CcmDbContext cxt, CcmUser ccmUser, UserEntity dbUser)
{
dbUser.UserName = ccmUser.UserName;
dbUser.FirstName = ccmUser.FirstName;
dbUser.LastName = ccmUser.LastName;
dbUser.Comment = ccmUser.Comment;
var role = string.IsNullOrWhiteSpace(ccmUser.RoleId) ? null : cxt.Roles.SingleOrDefault(r => r.Id == new Guid(ccmUser.RoleId));
// Only admins allowed to assign admin role to account
if (CurrentUserIsAdmin() || role == null || role.Name != Roles.Admin)
{
dbUser.Role = role;
}
if (!string.IsNullOrEmpty(ccmUser.Password))
{
var saltBytes = CryptoHelper.GenerateSaltBytes();
dbUser.PasswordHash = CryptoHelper.Md5HashSaltedPassword(ccmUser.Password, saltBytes);
dbUser.Salt = Convert.ToBase64String(saltBytes);
}
}
public IHttpActionResult Add(AddUserModel model)
{
log.Debug("Call to ExternalAccountController.AddUser");
if (model == null)
{
return(BadRequest("Parameters missing."));
}
var user = new CcmUser
{
Id = Guid.NewGuid().ToString(),
UserName = model.UserName.Trim(),
DisplayName = model.DisplayName,
Comment = model.Comment,
UserType = UserType.SIP,
Owner = _ownersRepository.GetByName(ApplicationConstants.SrOwnerName),
CodecType = _codecTypeRepository.Find(ApplicationConstants.PersonligaCodecTypeName).FirstOrDefault(),
CreatedBy = User.Identity.Name,
UpdatedBy = User.Identity.Name
};
try
{
var existingUser = _userManager.FindByUserName(user.UserName);
if (existingUser != null)
{
return(Conflict());
}
_userManager.Create(user, model.Password);
return(Created(Url.Content("get?username="******"User created"));
}
catch (Exception ex)
{
log.Error("Could not create user", ex);
return(InternalServerError());
}
}
