//[ResourceAuthorize(Resources.Actions.Manage, Resources.Users)]
        public ActionResult Edit(string userId, AccessRules[] access)
        {
            var hostName = ApplicationConfiguration.Get("pandora_api_url");
            var url = hostName + "/api/Users/" + userId;

            var restClient = new RestSharp.RestClient(url);

            var request = new RestSharp.RestRequest();
            request.Method = RestSharp.Method.PUT;
            request.RequestFormat = RestSharp.DataFormat.Json;
            request.AddHeader("Content-Type", "application/json;charset=utf-8");
            request.AddHeader("Authorization", "Bearer " + User.IdToken());

            var securityAccess = new SecurityAccess();

            if (access == null)
                access = new AccessRules[] { };

            foreach (var rule in access)
            {
                securityAccess.AddRule(rule);
            }

            var user = GetUser(userId);

            user.Access = securityAccess;

            request.AddBody(user);

            var result = restClient.Execute(request);

            if (result.StatusCode == System.Net.HttpStatusCode.OK)
            {
                var identity = (User.Identity as ClaimsIdentity);
                var role = identity.Claims.SingleOrDefault(x => x.Type == "SecurityAccess");

                if (role != null)
                    identity.RemoveClaim(role);

                identity.AddClaim(new Claim("SecurityAccess", JsonConvert.SerializeObject(securityAccess, Formatting.Indented)));
            }

            return RedirectToAction("Edit");
        }
Beispiel #2
0
        public void AddRule(AccessRules rule)
        {
            var project = this.Projects.SingleOrDefault(x => x.Name == rule.Project);

            if (project == null)
            {
                project = new Project() { Name = rule.Project };

                this.Projects.Add(project);
            }

            var application = project.Applications.SingleOrDefault(x => x.Name == rule.Application);

            if (application == null)
            {
                application = new Application() { Name = rule.Application };

                project.Applications.Add(application);
            }

            if (rule.Cluster == "Defaults")
            {
                if (rule.Access == Access.WriteAccess)
                    application.Access = Access.ReadAcccess | Access.WriteAccess;
                else
                    application.Access = Access.ReadAcccess;
            }
            else
            {
                var cluster = application.Clusters.SingleOrDefault(x => x.Name == rule.Cluster);

                if (cluster == null)
                {
                    cluster = new Cluster() { Name = rule.Cluster };

                    application.Clusters.Add(cluster);
                }

                if (rule.Access == Access.WriteAccess)
                    cluster.Access = Access.ReadAcccess | Access.WriteAccess;
                else
                    cluster.Access = Access.ReadAcccess;
            }
        }