private static void UpdateClaimsPrincipal(ClaimsPrincipal principal, SecurityAccess access)
{
var accessClaim = principal.Claims.SingleOrDefault(x => x.Type == "SecurityAccess");
if (accessClaim != null)
(principal.Identity as ClaimsIdentity).RemoveClaim(accessClaim);
(principal.Identity as ClaimsIdentity).AddClaim(new Claim("SecurityAccess", JsonConvert.SerializeObject(access)));
}
//[ResourceAuthorize(Resources.Actions.Manage, Resources.Users)]
public ActionResult Edit(string userId, AccessRules[] access)
{
var hostName = ApplicationConfiguration.Get("pandora_api_url");
var url = hostName + "/api/Users/" + userId;
var restClient = new RestSharp.RestClient(url);
var request = new RestSharp.RestRequest();
request.Method = RestSharp.Method.PUT;
request.RequestFormat = RestSharp.DataFormat.Json;
request.AddHeader("Content-Type", "application/json;charset=utf-8");
request.AddHeader("Authorization", "Bearer " + User.IdToken());
var securityAccess = new SecurityAccess();
if (access == null)
access = new AccessRules[] { };
foreach (var rule in access)
{
securityAccess.AddRule(rule);
}
var user = GetUser(userId);
user.Access = securityAccess;
request.AddBody(user);
var result = restClient.Execute(request);
if (result.StatusCode == System.Net.HttpStatusCode.OK)
{
var identity = (User.Identity as ClaimsIdentity);
var role = identity.Claims.SingleOrDefault(x => x.Type == "SecurityAccess");
if (role != null)
identity.RemoveClaim(role);
identity.AddClaim(new Claim("SecurityAccess", JsonConvert.SerializeObject(securityAccess, Formatting.Indented)));
}
return RedirectToAction("Edit");
}
