/// ----------------------------------------------------------------------------- /// <summary> /// DeleteButonVisible returns a boolean indicating if the delete button for /// the specified UserID, RoleID pair should be shown /// </summary> /// <remarks> /// </remarks> /// <param name="UserID">The ID of the user to check delete button visibility for</param> /// <param name="RoleID">The ID of the role to check delete button visibility for</param> /// <history> /// [anurse] 01/13/2007 Created /// </history> /// ----------------------------------------------------------------------------- public bool DeleteButtonVisible(int UserID, int RoleID) { //[DNN-4285] Check if the role can be removed (only handles case of Administrator and Administrator Role bool canDelete = RoleController.CanRemoveUserFromRole(PortalSettings, UserID, RoleID); if (RoleID == PortalSettings.AdministratorRoleId && canDelete) { //User can only delete if in Admin role canDelete = PortalSecurity.IsInRole(PortalSettings.AdministratorRoleName); } return(canDelete); }
public UserRoleDto SaveUserRole(int portalId, UserInfo currentUserInfo, UserRoleDto userRoleDto, bool notifyUser, bool isOwner) { PortalSettings portalSettings = this.PortalSettings; if (this.PortalSettings.PortalId != portalId) { portalSettings = this.GetPortalSettings(portalId); } if (!UserRoleDto.AllowExpiredRole(portalSettings, userRoleDto.UserId, userRoleDto.RoleId)) { userRoleDto.StartTime = userRoleDto.ExpiresTime = Null.NullDate; } var user = UserController.Instance.GetUserById(portalId, userRoleDto.UserId); var role = RoleController.Instance.GetRoleById(portalId, userRoleDto.RoleId); if (role == null || role.Status != RoleStatus.Approved) { throw new Exception(Localization.GetString("RoleIsNotApproved", Constants.LocalResourcesFile)); } if (currentUserInfo.IsSuperUser || currentUserInfo.Roles.Contains(portalSettings.AdministratorRoleName) || (!currentUserInfo.IsSuperUser && !currentUserInfo.Roles.Contains(portalSettings.AdministratorRoleName) && role.RoleType != RoleType.Administrator)) { if (role.SecurityMode != SecurityMode.SocialGroup && role.SecurityMode != SecurityMode.Both) { isOwner = false; } RoleController.AddUserRole(user, role, portalSettings, RoleStatus.Approved, userRoleDto.StartTime, userRoleDto.ExpiresTime, notifyUser, isOwner); var addedRole = RoleController.Instance.GetUserRole(portalId, userRoleDto.UserId, userRoleDto.RoleId); return(new UserRoleDto { UserId = addedRole.UserID, RoleId = addedRole.RoleID, DisplayName = addedRole.FullName, RoleName = addedRole.RoleName, StartTime = addedRole.EffectiveDate, ExpiresTime = addedRole.ExpiryDate, AllowExpired = UserRoleDto.AllowExpiredRole(portalSettings, user.UserID, role.RoleID), AllowDelete = RoleController.CanRemoveUserFromRole(portalSettings, user.UserID, role.RoleID) }); } throw new Exception(Localization.GetString("InSufficientPermissions", Constants.LocalResourcesFile)); }
public HttpResponseMessage GetRoleUsers(string keyword, int roleId, int pageIndex, int pageSize) { try { var role = RoleController.Instance.GetRoleById(PortalId, roleId); if (role == null) { return(Request.CreateErrorResponse(HttpStatusCode.NotFound, Localization.GetString("RoleNotFound", Components.Constants.LocalResourcesFile))); } if (role.RoleID == PortalSettings.AdministratorRoleId && !IsAdmin()) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, Localization.GetString("InvalidRequest", Components.Constants.LocalResourcesFile))); } var users = RoleController.Instance.GetUserRoles(PortalId, Null.NullString, role.RoleName); if (!string.IsNullOrEmpty(keyword)) { users = users.Where(u => u.FullName.StartsWith(keyword, StringComparison.OrdinalIgnoreCase)) .ToList(); } var totalRecords = users.Count; var startIndex = pageIndex * pageSize; var portal = PortalController.Instance.GetPortal(PortalId); var pagedData = users.Skip(startIndex).Take(pageSize).Select(u => new UserRoleDto() { UserId = u.UserID, RoleId = u.RoleID, DisplayName = u.FullName, StartTime = u.EffectiveDate, ExpiresTime = u.ExpiryDate, AllowExpired = AllowExpired(u.UserID, u.RoleID), AllowDelete = RoleController.CanRemoveUserFromRole(portal, u.UserID, u.RoleID) }); return(Request.CreateResponse(HttpStatusCode.OK, new { users = pagedData, totalRecords })); } catch (Exception ex) { Logger.Error(ex); return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message)); } }
public static UserRoleDto FromRoleInfo(PortalSettings portalSettings, UserRoleInfo userRole) { if (userRole == null) { return(null); } return(new UserRoleDto() { Id = userRole.UserRoleID, UserId = userRole.UserID, DisplayName = userRole.FullName, RoleId = userRole.RoleID, RoleName = userRole.RoleName, StartTime = userRole.EffectiveDate, ExpiresTime = userRole.ExpiryDate, AllowExpired = AllowExpiredRole(portalSettings, userRole.UserID, userRole.RoleID), AllowDelete = RoleController.CanRemoveUserFromRole(portalSettings, userRole.UserID, userRole.RoleID), AllowOwner = (userRole.SecurityMode == SecurityMode.SocialGroup) || (userRole.SecurityMode == SecurityMode.Both) }); }
public HttpResponseMessage AddUserToRole(UserRoleDto userRoleDto, bool notifyUser, bool isOwner) { try { Validate(userRoleDto); if (!AllowExpired(userRoleDto.UserId, userRoleDto.RoleId)) { userRoleDto.StartTime = userRoleDto.ExpiresTime = Null.NullDate; } HttpResponseMessage response; var user = GetUser(userRoleDto.UserId, out response); if (user == null) { return(response); } var role = RoleController.Instance.GetRoleById(PortalId, userRoleDto.RoleId); if (role.SecurityMode != SecurityMode.SocialGroup && role.SecurityMode != SecurityMode.Both) { isOwner = false; } if (role.Status != RoleStatus.Approved) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, Localization.GetString("CannotAssginUserToUnApprovedRole", Components.Constants.LocalResourcesFile))); } RoleController.AddUserRole(user, role, PortalSettings, RoleStatus.Approved, userRoleDto.StartTime, userRoleDto.ExpiresTime, notifyUser, isOwner); var addedUser = RoleController.Instance.GetUserRole(PortalId, userRoleDto.UserId, userRoleDto.RoleId); var portal = PortalController.Instance.GetPortal(PortalId); return(Request.CreateResponse(HttpStatusCode.OK, new UserRoleDto { UserId = addedUser.UserID, RoleId = addedUser.RoleID, DisplayName = addedUser.FullName, StartTime = addedUser.EffectiveDate, ExpiresTime = addedUser.ExpiryDate, AllowExpired = AllowExpired(addedUser.UserID, addedUser.RoleID), AllowDelete = RoleController.CanRemoveUserFromRole(portal, addedUser.UserID, addedUser.RoleID) })); } catch (ArgumentException ex) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message)); } catch (SecurityException ex) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message)); } catch (Exception ex) { Logger.Error(ex); return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message)); } }