// GET: /Projects/UserList/{id} public ActionResult UserList(int? id) { if (id == null) return new HttpStatusCodeResult(HttpStatusCode.BadRequest); Project project = db.Projects .Include(p => p.Authorizations) .First(p => p.Id == id); var currentUserId = User.Identity.GetUserId(); var auths = project.Authorizations .Where(auth => auth.User_ID == currentUserId); if (!auths.Any()) { return new HttpStatusCodeResult(HttpStatusCode.Forbidden, "You do not have sufficient permissions for that resource."); } var model = new ProjectRolesViewModel { Id = project.Id, Name = project.Name }; model.Id = project.Id; model.Name = project.Name; var ownerModel = new UserPermissionsViewModel { isOwner = true, UserId = project.Owner.Id, UserName = project.Owner.UserName }; model.UserRoles.Add(ownerModel); foreach (var roleGroup in project.Authorizations .GroupBy(auth => auth.User_ID)) { var firstRole = roleGroup.FirstOrDefault(); UserPermissionsViewModel roleModel = null; if (firstRole.User_ID == ownerModel.UserId) { roleModel = ownerModel; } else { roleModel = new UserPermissionsViewModel { UserId = firstRole.User_ID, UserName = firstRole.User.UserName }; model.UserRoles.Add(roleModel); } foreach (var role in roleGroup.Select(auth => auth.Permission)) { roleModel.Permissions.Add(new PermissionViewModel { Permission = role, PrevSelected = true, Selected = true }); } } return View(model); }
// GET: /Projects/EditPermissions/{id} public ActionResult EditPermissions(int? id) { if (id == null) return new HttpStatusCodeResult(HttpStatusCode.BadRequest); Project project = db.Projects .Include(p => p.Authorizations) .First(p => p.Id == id); var currentUserId = User.Identity.GetUserId(); var auths = project.Authorizations .Where(auth => auth.User_ID == currentUserId); if (!auths.Any(auth => auth.Permission == Permission.Administrator)) { return new HttpStatusCodeResult(HttpStatusCode.Forbidden, "You do not have sufficient permissions for that resource."); } var model = new ProjectRolesViewModel { Id = project.Id, Name = project.Name }; var ownerModel = new UserPermissionsViewModel { isOwner = true, UserId = project.Owner.Id, UserName = project.Owner.UserName }; model.UserRoles.Add(ownerModel); foreach (var roleGroup in project.Authorizations .GroupBy(auth => auth.User_ID)) { var firstRole = roleGroup.FirstOrDefault(); UserPermissionsViewModel roleModel = null; if (firstRole.User_ID == ownerModel.UserId) { roleModel = ownerModel; } else { roleModel = new UserPermissionsViewModel { UserId = firstRole.User_ID, UserName = firstRole.User.UserName }; model.UserRoles.Add(roleModel); } roleModel.UserId = firstRole.User_ID; roleModel.UserName = firstRole.User.UserName; foreach(var roleObj in System.Enum.GetValues(typeof(Permission))) { bool selected = roleGroup.Any(auth => auth.Permission == (Permission)roleObj); roleModel.Permissions.Add(new PermissionViewModel { Permission = (Permission) roleObj, PrevSelected = selected, Selected = selected }); } } // If the owner has no permissions, we need to manually fill out // an empty permissions list since it wasn't handled above. if(!ownerModel.Permissions.Any()) { foreach (var roleObj in System.Enum.GetValues(typeof(Permission))) { ownerModel.Permissions.Add(new PermissionViewModel { Permission = (Permission) roleObj, PrevSelected = false, Selected = false }); } } return View(model); }