Beispiel #1
0
        public async Task <JsonResult> MappableUsers()
        {
            try
            {
                if (Request.IsAuthenticated)
                {
                    // User should belongs to the Role SysAdmin to access MappableUsers
                    if (User.IsInRole(Roles.SysAdmin))
                    {
                        // Returns users with the Role with AppUser
                        // BUG: var list = db.Administrators.Where(new Func<ApplicationUser, bool>(x => { return UserManager.IsInRole(x.Id, Roles.AppUser) })).ToList();
                        // FIX: AppUser should belongs to the Organization of the SysAdmin 31/1/2015
                        var Organization = User.GetOrganization();
                        var List         = await db.Administrators.Include(x => x.User).Include(x => x.Organization).Where(x => x.Organization.Key == Organization && x.Role == Roles.AppUser).ToListAsync();

                        return(await new JsonListViewModel <JApplicationUser>
                        {
                            List = List.Select(x => new JApplicationUser(x.User)).ToList()
                        }.toJson());
                    }
                }
                // If user is not authenticated return UserUnauhorizedError to client.
                return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson());
            }
            catch (Exception ex)
            {
                return(Json(JsonExceptionViewModel.Get(ex), JsonRequestBehavior.AllowGet));
            }
        }
Beispiel #2
0
        public static async Task <JsonResult> Format <T1, T2, T3>(HttpRequestBase Request, HttpResponseBase Response, string Controller, string Role, IPrincipal User, DbSet <T1> value, Expression <Func <T1, bool> > exp, Expression <Func <T1, object> >[] Includes, Func <List <T3>, T2> operation = null)
            where T1 : class
            where T2 : maQx.Models.JsonViewModel
            where T3 : class, IJsonBase <T1, T3>
        {
            Exception Exception = null;

            try
            {
                if (typeof(T1) == typeof(Menus) || User.IsInRole(Role))
                {
                    var format = Activator.CreateInstance <T3>();
                    var data   = await value.IncludeMultiple(Includes).Where(exp).ToListAsync();

                    var d = data.Select(x =>
                    {
                        return(format.To(x));
                    }).ToList();

                    return(await List <T2, T3>(Controller, operation, d));
                }
                else
                {
                    return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson());
                }
            }
            catch (Exception ex)
            {
                Exception = ex;
            }

            return(await JsonExceptionViewModel.Get(Exception).toJson());
        }
Beispiel #3
0
        public async Task <JsonResult> Administrators()
        {
            try
            {
                List <UserViewModel> Users = null;
                var Claim = ((ClaimsIdentity)User.Identity);

                if (User.IsInRole(Roles.Inviter))
                {
                    if (User.IsInRole(Roles.AppAdmin))
                    {
                        Users = await GetAdministrator(db.Administrators.Include("User").Include("Organization"), x => x.Role == Roles.SysAdmin && x.ActiveFlag, null);
                    }
                    else
                    {
                        var Key = Claim.FindFirst("Organization.Key").Value;
                        Users = await GetAdministrator(db.Administrators.Include("User").Include("Organization"), x => x.Role == Roles.AppUser && x.ActiveFlag && x.Organization.Key == Key, Claim.FindFirst("Organization.Name").Value);
                    }
                }

                if (Users == null)
                {
                    return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson());
                }

                return(await new JsonListViewModel <UserViewModel>(Users, TableTools.GetTools(Type.GetType("maQx.Controllers.Administrators"))).toJson());
            }
            catch (Exception ex)
            {
                return(Json(JsonExceptionViewModel.Get(ex), JsonRequestBehavior.AllowGet));
            }
        }
Beispiel #4
0
        public async Task <JsonResult> UserDepartmentMenu(string id)
        {
            if (User.IsInRole(Roles.SysAdmin))
            {
                var DepartmentUser = await db.DepartmentUsers.Include(x => x.Department).Where(x => x.User.Id == id).FirstOrDefaultAsync();

                if (DepartmentUser == null)
                {
                    return(await JsonErrorViewModel.GetResourceNotFoundError(Response).toJson());
                }

                var DepartmentMenu = (await db.DepartmentMenus.Include(x => x.Department.Division.Plant.Organization).Include(x => x.Menu).Where(x => x.Department.Key == DepartmentUser.Department.Key).ToListAsync()).Select(x => new JDepartmentMenu(x)).ToList();

                var DepartmentSelectedMenu = (await db.MenuAccess.Include(x => x.DepartmentMenu.Menu).Where(x => x.User.Id == id).ToListAsync()).Select(x => new JMenuAccess(x)).ToList();

                return(await new JsonViewModel <Tuple <List <JDepartmentMenu>, List <JMenuAccess> > >
                {
                    Value = new Tuple <List <JDepartmentMenu>, List <JMenuAccess> >(DepartmentMenu, DepartmentSelectedMenu)
                }.toJson());
            }
            else
            {
                return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson());
            }
        }
Beispiel #5
0
 public override void OnActionExecuting(ActionExecutingContext filterContext)
 {
     if (!filterContext.HttpContext.Request.IsAuthenticated)
     {
         filterContext.HttpContext.Response.StatusCode = 403;
         filterContext.Result = (JsonErrorViewModel.GetUserUnauhorizedError().toJson()).Result;
     }
     else
     {
         base.OnActionExecuting(filterContext);
     }
 }
Beispiel #6
0
        public async Task <JsonResult> CurrentUser()
        {
            try
            {
                // Send the Current user as a Json object to the client if the user is authenticated
                if (Request.IsAuthenticated)
                {
                    var identity = (ClaimsIdentity)User.Identity;
                    return(Json(new JsonCurrentUserViewModel()
                    {
                        Name = identity.FindFirst("Firstname").Value,
                    }, JsonRequestBehavior.AllowGet));
                }
                else
                {
                    // While sending current to the client user check whether user in user Init Action by checking the session cookie.
                    // For more security check the Auth code against the database to verify the received Auth is valid.
                    string Auth = HttpContext.GetSecuredSessionCookie(_SessionName);

                    // If 'true' return temp user configuration to the client.
                    if (!String.IsNullOrWhiteSpace(Auth))
                    {
                        return(await new JsonCurrentUserViewModel()
                        {
                            Name = "New User",
                            Role = "TempSession",
                        }.toJson());
                    }
                    // Otherwise return UserUnauhorizedError to client.
                    else
                    {
                        return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson());
                    }
                }
            }
            catch (Exception ex)
            {
                return(Json(JsonExceptionViewModel.Get(ex), JsonRequestBehavior.AllowGet));
            }
        }