/// -----------------------------------------------------------------------------
/// <summary>
/// DeleteButonVisible returns a boolean indicating if the delete button for
/// the specified UserID, RoleID pair should be shown
/// </summary>
/// <remarks>
/// </remarks>
/// <param name="UserID">The ID of the user to check delete button visibility for</param>
/// <param name="RoleID">The ID of the role to check delete button visibility for</param>
/// <history>
/// [anurse] 01/13/2007 Created
/// </history>
/// -----------------------------------------------------------------------------
public bool DeleteButtonVisible(int UserID, int RoleID)
{
//[DNN-4285] Check if the role can be removed (only handles case of Administrator and Administrator Role
bool canDelete = RoleController.CanRemoveUserFromRole(PortalSettings, UserID, RoleID);
if (RoleID == PortalSettings.AdministratorRoleId && canDelete)
{
//User can only delete if in Admin role
canDelete = PortalSecurity.IsInRole(PortalSettings.AdministratorRoleName);
}
return(canDelete);
}
public UserRoleDto SaveUserRole(int portalId, UserInfo currentUserInfo, UserRoleDto userRoleDto, bool notifyUser,
bool isOwner)
{
PortalSettings portalSettings = this.PortalSettings;
if (this.PortalSettings.PortalId != portalId)
{
portalSettings = this.GetPortalSettings(portalId);
}
if (!UserRoleDto.AllowExpiredRole(portalSettings, userRoleDto.UserId, userRoleDto.RoleId))
{
userRoleDto.StartTime = userRoleDto.ExpiresTime = Null.NullDate;
}
var user = UserController.Instance.GetUserById(portalId, userRoleDto.UserId);
var role = RoleController.Instance.GetRoleById(portalId, userRoleDto.RoleId);
if (role == null || role.Status != RoleStatus.Approved)
{
throw new Exception(Localization.GetString("RoleIsNotApproved", Constants.LocalResourcesFile));
}
if (currentUserInfo.IsSuperUser || currentUserInfo.Roles.Contains(portalSettings.AdministratorRoleName) ||
(!currentUserInfo.IsSuperUser && !currentUserInfo.Roles.Contains(portalSettings.AdministratorRoleName) &&
role.RoleType != RoleType.Administrator))
{
if (role.SecurityMode != SecurityMode.SocialGroup && role.SecurityMode != SecurityMode.Both)
{
isOwner = false;
}
RoleController.AddUserRole(user, role, portalSettings, RoleStatus.Approved, userRoleDto.StartTime,
userRoleDto.ExpiresTime, notifyUser, isOwner);
var addedRole = RoleController.Instance.GetUserRole(portalId, userRoleDto.UserId, userRoleDto.RoleId);
return(new UserRoleDto
{
UserId = addedRole.UserID,
RoleId = addedRole.RoleID,
DisplayName = addedRole.FullName,
RoleName = addedRole.RoleName,
StartTime = addedRole.EffectiveDate,
ExpiresTime = addedRole.ExpiryDate,
AllowExpired = UserRoleDto.AllowExpiredRole(portalSettings, user.UserID, role.RoleID),
AllowDelete = RoleController.CanRemoveUserFromRole(portalSettings, user.UserID, role.RoleID)
});
}
throw new Exception(Localization.GetString("InSufficientPermissions", Constants.LocalResourcesFile));
}
public HttpResponseMessage GetRoleUsers(string keyword, int roleId, int pageIndex, int pageSize)
{
try
{
var role = RoleController.Instance.GetRoleById(PortalId, roleId);
if (role == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.NotFound, Localization.GetString("RoleNotFound", Components.Constants.LocalResourcesFile)));
}
if (role.RoleID == PortalSettings.AdministratorRoleId && !IsAdmin())
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest,
Localization.GetString("InvalidRequest", Components.Constants.LocalResourcesFile)));
}
var users = RoleController.Instance.GetUserRoles(PortalId, Null.NullString, role.RoleName);
if (!string.IsNullOrEmpty(keyword))
{
users =
users.Where(u => u.FullName.StartsWith(keyword, StringComparison.OrdinalIgnoreCase))
.ToList();
}
var totalRecords = users.Count;
var startIndex = pageIndex * pageSize;
var portal = PortalController.Instance.GetPortal(PortalId);
var pagedData = users.Skip(startIndex).Take(pageSize).Select(u => new UserRoleDto()
{
UserId = u.UserID,
RoleId = u.RoleID,
DisplayName = u.FullName,
StartTime = u.EffectiveDate,
ExpiresTime = u.ExpiryDate,
AllowExpired = AllowExpired(u.UserID, u.RoleID),
AllowDelete = RoleController.CanRemoveUserFromRole(portal, u.UserID, u.RoleID)
});
return(Request.CreateResponse(HttpStatusCode.OK, new { users = pagedData, totalRecords }));
}
catch (Exception ex)
{
Logger.Error(ex);
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message));
}
}
public static UserRoleDto FromRoleInfo(PortalSettings portalSettings, UserRoleInfo userRole)
{
if (userRole == null)
{
return(null);
}
return(new UserRoleDto()
{
Id = userRole.UserRoleID,
UserId = userRole.UserID,
DisplayName = userRole.FullName,
RoleId = userRole.RoleID,
RoleName = userRole.RoleName,
StartTime = userRole.EffectiveDate,
ExpiresTime = userRole.ExpiryDate,
AllowExpired = AllowExpiredRole(portalSettings, userRole.UserID, userRole.RoleID),
AllowDelete = RoleController.CanRemoveUserFromRole(portalSettings, userRole.UserID, userRole.RoleID),
AllowOwner = (userRole.SecurityMode == SecurityMode.SocialGroup) || (userRole.SecurityMode == SecurityMode.Both)
});
}
public HttpResponseMessage AddUserToRole(UserRoleDto userRoleDto, bool notifyUser, bool isOwner)
{
try
{
Validate(userRoleDto);
if (!AllowExpired(userRoleDto.UserId, userRoleDto.RoleId))
{
userRoleDto.StartTime = userRoleDto.ExpiresTime = Null.NullDate;
}
HttpResponseMessage response;
var user = GetUser(userRoleDto.UserId, out response);
if (user == null)
{
return(response);
}
var role = RoleController.Instance.GetRoleById(PortalId, userRoleDto.RoleId);
if (role.SecurityMode != SecurityMode.SocialGroup && role.SecurityMode != SecurityMode.Both)
{
isOwner = false;
}
if (role.Status != RoleStatus.Approved)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest,
Localization.GetString("CannotAssginUserToUnApprovedRole",
Components.Constants.LocalResourcesFile)));
}
RoleController.AddUserRole(user, role, PortalSettings, RoleStatus.Approved, userRoleDto.StartTime,
userRoleDto.ExpiresTime, notifyUser, isOwner);
var addedUser = RoleController.Instance.GetUserRole(PortalId, userRoleDto.UserId, userRoleDto.RoleId);
var portal = PortalController.Instance.GetPortal(PortalId);
return(Request.CreateResponse(HttpStatusCode.OK,
new UserRoleDto
{
UserId = addedUser.UserID,
RoleId = addedUser.RoleID,
DisplayName = addedUser.FullName,
StartTime = addedUser.EffectiveDate,
ExpiresTime = addedUser.ExpiryDate,
AllowExpired = AllowExpired(addedUser.UserID, addedUser.RoleID),
AllowDelete = RoleController.CanRemoveUserFromRole(portal, addedUser.UserID, addedUser.RoleID)
}));
}
catch (ArgumentException ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message));
}
catch (SecurityException ex)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex.Message));
}
catch (Exception ex)
{
Logger.Error(ex);
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, ex.Message));
}
}
