Beispiel #1
0
        public async Task <IActionResult> AddColumnAsync([FromBody] ColumnAddition column)
        {
            Board board = await _context.Boards.FindAsync(column.BoardID);

            if (board == null)
            {
                return(NotFound(new { Success = false }));
            }

            User user = await _userManager.GetUserAsync(HttpContext.User).ConfigureAwait(false);

            MemberOf memberOf = _context.MemberOf.ToList().Where(m => m.MemberID == user.Id && m.BoardId == board.Id).FirstOrDefault();

            if (memberOf == null && board.Owner != user)
            {
                return(Forbid());
            }

            Column ToAdd = new Column
            {
                Category = column.Category,
                BoardId  = board.Id,
            };

            _context.Columns.Add(ToAdd);
            board.Columns.Append(ToAdd);
            await _context.SaveChangesAsync();

            return(Ok(new { Success = true }));
        }
Beispiel #2
0
        public override string ToString()
        {
            StringBuilder sb = new StringBuilder();

            sb.AppendLine("Identity: " + Identity);
            sb.AppendLine("MemberOf: " + String.Join(", ", MemberOf.ToArray()));
            sb.AppendLine("Members: " + String.Join(", ", Members.ToArray()));
            sb.AppendLine("Users: " + String.Join(", ", Users.ToArray()));
            return(sb.ToString());
        }
Beispiel #3
0
        public JsonResult AddMembersOrgName(UniversityName uniName)
        {
            int count = Lists4CV.MemberOf.Where(x => x.Organisation.ToLower() == uniName.Name.ToLower()).Count();

            if (count == 0)
            {
                MemberOf ebu = AddMembersOrganisation.Add(uniName);
                return(Json(ebu, JsonRequestBehavior.AllowGet));
            }
            else
            {
                return(Json("exists", JsonRequestBehavior.AllowGet));
            }
        }
Beispiel #4
0
        public async Task <IActionResult> AddCardToColumnAsync([FromBody] CardAddition card)
        {
            Column column = await _context.Columns.FindAsync(card.ColumnID);

            Board board = await _context.Boards.FindAsync(card.BoardID);

            if (column == null)
            {
                return(NotFound("No column with that ID exists"));
            }

            if (board == null)
            {
                return(NotFound("No board with that ID exists"));
            }

            User user = await _userManager.GetUserAsync(HttpContext.User).ConfigureAwait(false);

            MemberOf memberOf = _context.MemberOf.ToList().Where(m => m.MemberID == user.Id && m.BoardId == board.Id).FirstOrDefault();

            if (memberOf == null && board.Owner.Id != user.Id)
            {
                return(Forbid());
            }

            User Assignee = await _userManager.FindByEmailAsync(card.AssigneeEmail);

            Card toAdd = new Card()
            {
                Description = card.Description,
                Title       = card.Title,
                Assigned    = Assignee,
                ColumnId    = card.ColumnID,
            };

            _context.Cards.Add(toAdd);
            await _context.SaveChangesAsync();

            column.Cards.Add(toAdd);
            await _context.SaveChangesAsync();

            return(Ok(new { Success = true }));
        }
Beispiel #5
0
        public async Task <IActionResult> AddMember(int id, [FromBody] MemberEmail Email)
        {
            if (Email == null || Email.Email == null)
            {
                return(BadRequest("Email body can not be null"));
            }

            Board board = await _context.Boards.FindAsync(id);

            if (board == null)
            {
                return(NotFound("No board with that ID exists"));
            }

            User ToAdd = await _userManager.FindByEmailAsync(Email.Email);

            if (ToAdd == null)
            {
                return(NotFound("No user with that email exists"));
            }

            User user = await _userManager.GetUserAsync(HttpContext.User).ConfigureAwait(false);

            if (board.Owner.Email != user.Email)
            {
                return(Forbid("Only the owner is permited to make changes"));
            }

            MemberOf MemberOf = new MemberOf
            {
                MemberID = ToAdd.Id,
                Member   = ToAdd,
                BoardId  = board.Id,
                Board    = board
            };

            board.Members.Add(MemberOf);
            await _context.SaveChangesAsync();

            return(Ok(new { Success = true }));
        }
Beispiel #6
0
        /// <summary>
        /// Returns whether this Credential has Privilege among his Roles for
        /// the Feature or whether any of his Memberships has the Privilege.
        /// </summary>
        /// <param name="feature"></param>
        /// <param name="strategy"></param>
        /// <param name="until"></param>
        /// <returns></returns>
        public virtual bool?CanAccess(Feature feature, AccessControlStrategy strategy, DateTime?until = null)
        {
            //TODO: None? NotSet?
            //TODO: yes, this is roughly loosely analog to TFS 2013 security
            //TODO: also borrowing from a couple other role-based models...

            const bool opt = true;  //opt-imistic
            const bool pes = false; //pes-simistic

            //Credentials having access is ruled out here.
            if (!Expiry.HasAccess(until))
            {
                return(null);
            }

            while (feature != null)
            {
                // Focus on just this feature and its branch (later on).
                var featuredRoles = Permissions.Where(r => r.Expiry.HasAccess(until) && r.Feature.Equals(feature)).ToArray();

                // Return the desired response when privilege is met.
                // ReSharper disable once SwitchStatementMissingSomeCases
                switch (strategy)
                {
                case Optimistic:
                    if (featuredRoles.HasPermission(Allow))
                    {
                        return(opt);
                    }
                    break;

                case Pessimistic:
                    if (featuredRoles.HasPermission(Deny))
                    {
                        return(pes);
                    }
                    break;
                }

                // See above re: ruling out Credentials HasAccess concerns.
                // ReSharper disable once SwitchStatementMissingSomeCases
                switch (strategy)
                {
                case Optimistic:
                    if (MemberOf.Any(m => m.Group.CanAccess(feature, strategy, until) == opt))
                    {
                        return(opt);
                    }
                    break;

                case Pessimistic:
                    if (MemberOf.Any(m => m.Group.CanAccess(feature, strategy, until) == pes))
                    {
                        return(pes);
                    }
                    break;
                }

                // Break when we are not talking about an inherited permission.
                if (featuredRoles.DoesNotHavePermission(Inherited))
                {
                    break;
                }

                // Get the next one or Null when there are no parents.
                feature = feature.Branch.Skip(1).FirstOrDefault();
            }

            return(null);
        }
Beispiel #7
0
        public Team GetMainTeam()
        {
            var mainTeam = MemberOf.Where(m => m.Active && m.Main).Select(m => m.Team).SingleOrDefault();

            return(mainTeam == null ? null : mainTeam);
        }