Beispiel #1
0
        public void Page_Load(object sender, EventArgs e)
        {
            if (IsForbidden)
            {
                return;
            }

            _userName    = Body.GetQueryString("UserName");
            _permissions = PermissionsManager.GetPermissions(Body.AdministratorName);

            if (IsPostBack)
            {
                return;
            }

            var roles = BaiRongDataProvider.RoleDao.GetRolesForUser(_userName);

            if (_permissions.IsConsoleAdministrator)
            {
                DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.ConsoleAdministrator, false));
                DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.SystemAdministrator, false));
            }
            DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.Administrator, false));

            var type = EPredefinedRoleUtils.GetEnumTypeByRoles(roles);

            ControlUtils.SelectListItems(DdlPredefinedRole, EPredefinedRoleUtils.GetValue(type));

            PublishmentSystemManager.AddListItems(CblPublishmentSystemId);
            ControlUtils.SelectListItems(CblPublishmentSystemId, BaiRongDataProvider.AdministratorDao.GetPublishmentSystemIdList(_userName));

            ListBoxDataBind();

            DdlPredefinedRole_SelectedIndexChanged(null, EventArgs.Empty);
        }
Beispiel #2
0
        public void Page_Load(object sender, EventArgs e)
        {
            if (IsForbidden)
            {
                return;
            }

            _userName = AuthRequest.GetQueryString("UserName");

            if (IsPostBack)
            {
                return;
            }

            var roles = DataProvider.AdministratorsInRolesDao.GetRolesForUser(_userName);

            if (AuthRequest.AdminPermissions.IsConsoleAdministrator)
            {
                DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.ConsoleAdministrator, false));
                DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.SystemAdministrator, false));
            }
            DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.Administrator, false));

            var type = EPredefinedRoleUtils.GetEnumTypeByRoles(roles);

            ControlUtils.SelectSingleItem(DdlPredefinedRole, EPredefinedRoleUtils.GetValue(type));

            SiteManager.AddListItems(CblSiteId);
            ControlUtils.SelectMultiItems(CblSiteId, DataProvider.AdministratorDao.GetSiteIdList(_userName));

            ListBoxDataBind();

            DdlPredefinedRole_SelectedIndexChanged(null, EventArgs.Empty);
        }
Beispiel #3
0
        public bool Insert(AdministratorInfo adminInfo, out string errorMessage)
        {
            if (!InsertValidate(adminInfo.UserName, adminInfo.Password, adminInfo.Email, adminInfo.Mobile, out errorMessage))
            {
                return(false);
            }

            try
            {
                adminInfo.LastActivityDate = DateUtils.SqlMinValue;
                adminInfo.CreationDate     = DateTime.Now;
                adminInfo.PasswordFormat   = EPasswordFormatUtils.GetValue(EPasswordFormat.Encrypted);
                adminInfo.Password         = EncodePassword(adminInfo.Password, EPasswordFormatUtils.GetEnumType(adminInfo.PasswordFormat), out var passwordSalt);
                adminInfo.PasswordSalt     = passwordSalt;

                adminInfo.DisplayName = AttackUtils.FilterXss(adminInfo.DisplayName);
                adminInfo.Email       = AttackUtils.FilterXss(adminInfo.Email);
                adminInfo.Mobile      = AttackUtils.FilterXss(adminInfo.Mobile);

                IDataParameter[] parameters =
                {
                    GetParameter(ParmUsername,           DataType.VarChar,                            255, adminInfo.UserName),
                    GetParameter(ParmPassword,           DataType.VarChar,                            255, adminInfo.Password),
                    GetParameter(ParmPasswordFormat,     DataType.VarChar,                             50, adminInfo.PasswordFormat),
                    GetParameter(ParmPasswordSalt,       DataType.VarChar,                            128, adminInfo.PasswordSalt),
                    GetParameter(ParmCreationDate,       DataType.DateTime, adminInfo.CreationDate),
                    GetParameter(ParmLastActivityDate,   DataType.DateTime, adminInfo.LastActivityDate),
                    GetParameter(ParmCountOfLogin,       DataType.Integer,  adminInfo.CountOfLogin),
                    GetParameter(ParmCountOfFailedLogin, DataType.Integer,  adminInfo.CountOfFailedLogin),
                    GetParameter(ParmCreatorUsername,    DataType.VarChar,                            255, adminInfo.CreatorUserName),
                    GetParameter(ParmIsLockedOut,        DataType.VarChar,                             18, adminInfo.IsLockedOut.ToString()),
                    GetParameter(ParmSiteIdCollection,   DataType.VarChar,                             50, adminInfo.SiteIdCollection),
                    GetParameter(ParmSiteId,             DataType.Integer,  adminInfo.SiteId),
                    GetParameter(ParmDepartmentId,       DataType.Integer,  adminInfo.DepartmentId),
                    GetParameter(ParmAreaId,             DataType.Integer,  adminInfo.AreaId),
                    GetParameter(ParmDisplayname,        DataType.VarChar,                            255, adminInfo.DisplayName),
                    GetParameter(ParmMobile,             DataType.VarChar,                             20, adminInfo.Mobile),
                    GetParameter(ParmEmail,              DataType.VarChar,                            255, adminInfo.Email),
                    GetParameter(ParmAvatarUrl,          DataType.VarChar,                            200, adminInfo.AvatarUrl)
                };

                ExecuteNonQuery(SqlInsertUser, parameters);

                DataProvider.DepartmentDao.UpdateCountOfAdmin();
                DataProvider.AreaDao.UpdateCountOfAdmin();

                var roles = new[] { EPredefinedRoleUtils.GetValue(EPredefinedRole.Administrator) };
                DataProvider.AdministratorsInRolesDao.AddUserToRoles(adminInfo.UserName, roles);

                return(true);
            }
            catch (Exception ex)
            {
                errorMessage = ex.Message;
                return(false);
            }
        }
Beispiel #4
0
        public static void CreatePredefinedRoles()
        {
            var allPredefinedRoles = EPredefinedRoleUtils.GetAllPredefinedRole();

            foreach (EPredefinedRole enumRole in allPredefinedRoles)
            {
                BaiRongDataProvider.RoleDao.InsertRole(EPredefinedRoleUtils.GetValue(enumRole), string.Empty, EPredefinedRoleUtils.GetText(enumRole));
            }
        }
Beispiel #5
0
        public static void CreatePredefinedRolesIfNotExists()
        {
            var allPredefinedRoles = EPredefinedRoleUtils.GetAllPredefinedRole();

            foreach (var enumRole in allPredefinedRoles)
            {
                if (!DataProvider.RoleDao.IsRoleExists(EPredefinedRoleUtils.GetValue(enumRole)))
                {
                    DataProvider.RoleDao.InsertRole(EPredefinedRoleUtils.GetValue(enumRole), string.Empty, EPredefinedRoleUtils.GetText(enumRole));
                }
            }
        }
Beispiel #6
0
        public void InitializeUserRole(string userName, string password)
        {
            RoleManager.CreatePredefinedRoles();

            var administratorInfo = new AdministratorInfo
            {
                UserName = userName,
                Password = password
            };

            string errorMessage;

            AdminManager.CreateAdministrator(administratorInfo, out errorMessage);
            BaiRongDataProvider.RoleDao.AddUserToRole(userName, EPredefinedRoleUtils.GetValue(EPredefinedRole.ConsoleAdministrator));
        }
Beispiel #7
0
        public static void InstallDatabase(string adminName, string adminPassword)
        {
            SyncDatabase();

            if (!string.IsNullOrEmpty(adminName) && !string.IsNullOrEmpty(adminPassword))
            {
                var administratorInfo = new AdministratorInfo
                {
                    UserName = adminName,
                    Password = adminPassword
                };

                AdminManager.CreateAdministrator(administratorInfo, out _);
                DataProvider.AdministratorsInRolesDao.AddUserToRole(adminName, EPredefinedRoleUtils.GetValue(EPredefinedRole.ConsoleAdministrator));
            }
        }
Beispiel #8
0
        public static bool CreateAdministrator(AdministratorInfo administratorInfo, out string errorMessage)
        {
            try
            {
                administratorInfo.LastActivityDate = DateUtils.SqlMinValue;
                administratorInfo.CreationDate     = DateTime.Now;
                administratorInfo.PasswordFormat   = EPasswordFormat.Encrypted;
                var isCreated = DataProvider.AdministratorDao.Insert(administratorInfo, out errorMessage);
                if (isCreated == false)
                {
                    return(false);
                }

                var roles = new[] { EPredefinedRoleUtils.GetValue(EPredefinedRole.Administrator) };
                DataProvider.AdministratorsInRolesDao.AddUserToRoles(administratorInfo.UserName, roles);

                return(true);
            }
            catch (Exception ex)
            {
                errorMessage = ex.Message;
                return(false);
            }
        }
Beispiel #9
0
        public IHttpActionResult SavePermissions(int adminId)
        {
            try
            {
                var request = new AuthenticatedRequest();
                if (!request.IsAdminLoggin ||
                    !request.AdminPermissionsImpl.HasSystemPermissions(ConfigManager.SettingsPermissions.Admin))
                {
                    return(Unauthorized());
                }

                if (!request.AdminPermissions.IsSuperAdmin())
                {
                    return(Unauthorized());
                }

                var adminLevel   = request.GetPostString("adminLevel");
                var checkedSites = request.GetPostObject <List <int> >("checkedSites");
                var checkedRoles = request.GetPostObject <List <string> >("checkedRoles");

                var adminInfo = AdminManager.GetAdminInfoByUserId(adminId);

                DataProvider.AdministratorsInRolesDao.RemoveUser(adminInfo.UserName);
                if (adminLevel == "SuperAdmin")
                {
                    DataProvider.AdministratorsInRolesDao.AddUserToRole(adminInfo.UserName, EPredefinedRoleUtils.GetValue(EPredefinedRole.ConsoleAdministrator));
                }
                else if (adminLevel == "SiteAdmin")
                {
                    DataProvider.AdministratorsInRolesDao.AddUserToRole(adminInfo.UserName, EPredefinedRoleUtils.GetValue(EPredefinedRole.SystemAdministrator));
                }
                else
                {
                    DataProvider.AdministratorsInRolesDao.AddUserToRole(adminInfo.UserName, EPredefinedRoleUtils.GetValue(EPredefinedRole.Administrator));
                    DataProvider.AdministratorsInRolesDao.AddUserToRoles(adminInfo.UserName, checkedRoles.ToArray());
                }

                DataProvider.AdministratorDao.UpdateSiteIdCollection(adminInfo,
                                                                     adminLevel == "SiteAdmin"
                        ? TranslateUtils.ObjectCollectionToString(checkedSites)
                        : string.Empty);

                PermissionsImpl.ClearAllCache();

                request.AddAdminLog("设置管理员权限", $"管理员:{adminInfo.UserName}");

                return(Ok(new
                {
                    Value = true,
                    Roles = AdminManager.GetRoles(adminInfo.UserName)
                }));
            }
            catch (Exception ex)
            {
                return(InternalServerError(ex));
            }
        }