public ActionResult UpdateUserRole(int userId, short roleId)
        {
            if (userId == 1)
            {
                throw new UnauthorizedAccessException("Cannot modify the role of the admin user");
            }

            _roleRepository.AddRoleForUser(userId, roleId);
            var userEntity = _userRepository.GetUserObjByUserID(userId);

            userEntity.RoleId = roleId;
            return(PartialView("UserRole", userEntity));
        }
Beispiel #2
0
        public ActionResult Add(NewUserModel newUserModel)
        {
            var urlFormat    = string.Empty;
            var createStatus = true;

            if (ModelState.IsValid)
            {
                var userActivationKey = HashExtensions.GetMD5Hash(string.Format("{0}-{1}-{2}", newUserModel.UserDisplayName, newUserModel.UserEmailAddress, DateTime.Now));
                createStatus = _userRepository.AddUser(newUserModel.UserEmailAddress, newUserModel.UserDisplayName, userActivationKey);

                if (createStatus)
                {
                    var newUser = _userRepository.GetUserNameByEmail(newUserModel.UserEmailAddress);
                    _roleRepository.AddRoleForUser(newUser.UserID, newUserModel.RoleId);

                    urlFormat = string.Format("{0}account/register?newUserTicket={1}", GetRootUrl(), userActivationKey);
                    var status = Emailer.SendMessage(SettingsRepository.BlogAdminEmailAddress, newUserModel.UserEmailAddress,
                                                     string.Format("Join {0}", SettingsRepository.BlogName),
                                                     string.Format(NewUserEmailMeassage, newUserModel.UserDisplayName,
                                                                   SettingsRepository.BlogName, urlFormat,
                                                                   SettingsRepository.BlogName));

                    if (status)
                    {
                        return(RedirectToRoute("AdminUserManagement"));
                    }
                }
            }

            newUserModel.Title = SettingsRepository.BlogName;
            var errorMessage = createStatus
                            ? "Unable to send an email because the emailing service failed. Please send the following url to the user " +
                               urlFormat
                            : "Creation/update of new user failed. Check the email address entered.";

            ModelState.AddModelError("", errorMessage);
            return(View(newUserModel));
        }