public AccountUserApiModel(WikiDownUser user)
{
this.DisplayName = user.DisplayName;
this.Email = user.Email;
this.UserName = user.UserName;
this.IsRoot = (user.UserName == WikiDownConfig.RootAccountName);
this.AccessLevel = (int)ArticleAccessHelper.GetAccessLevel(user.Roles);
}
private async void SignInAsync(WikiDownUser user, bool isPersistent)
{
this.AuthenticationManager.SignOut();
var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
var authenticationProperties = new AuthenticationProperties { IsPersistent = isPersistent };
this.AuthenticationManager.SignIn(authenticationProperties, identity);
}
public ChildActionsHeaderNavbarUserInfoViewModel(WikiDownUser currentUser)
{
if (currentUser == null)
{
return;
}
this.IsAuthenticated = true;
this.IsInRoleAdmin = currentUser.Roles.Contains(ArticleAccessHelper.Admin);
this.IsInRoleSuperUser = currentUser.Roles.Contains(ArticleAccessHelper.SuperUser);
this.UserShowName = currentUser.ShowName;
}
private IEnumerable<string> GetRoles(IPrincipal principal, WikiDownUser user)
{
var userRoles = ArticleAccessHelper.GetRoles(this.AccessLevel);
if (user != null)
{
var userAccessLevel = ArticleAccessHelper.GetAccessLevel(user.Roles);
var principalAccessLevel = principal.GetAccessLevel();
if (userAccessLevel > principalAccessLevel)
{
throw new HttpResponseException(HttpStatusCode.Forbidden);
}
}
return userRoles;
}
public async Task<WikiDownUser> Save(IPrincipal principal, UserManager<WikiDownUser> userManager)
{
var user = await userManager.FindByNameAsync(this.UserName);
var roles = this.GetRoles(principal, user);
if (user != null)
{
if (user.UserName == principal.Identity.Name)
{
var userAccessLevel = ArticleAccessHelper.GetAccessLevel(user.Roles);
if (userAccessLevel < ArticleAccessLevel.Admin)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
}
user.SetRoles(roles);
user.SetDisplayName(this.DisplayName);
user.SetEmail(this.Email);
if (!string.IsNullOrWhiteSpace(this.Password))
{
await userManager.RemovePasswordAsync(user.Id);
await userManager.AddPasswordAsync(user.Id, this.Password);
}
await userManager.UpdateAsync(user);
WikiDownUserCacheHelper.Clear(user.UserName);
}
else
{
user = new WikiDownUser(this.UserName) { Roles = roles };
user.SetDisplayName(this.DisplayName);
user.SetEmail(this.Email);
await userManager.CreateAsync(user, this.Password);
}
return user;
}
public static async Task EnsureRootAccount(IDocumentStore documentStore, WikiDownWebsiteConfig websiteConfig)
{
var userManager = UserManagerHelper.Get(documentStore);
var rootUser = userManager.FindByName(WikiDownConfig.RootAccountName);
if (rootUser != null)
{
return;
}
if (string.IsNullOrWhiteSpace(websiteConfig.RootPassword))
{
return;
}
var user = new WikiDownUser(UserName, "*****@*****.**")
{
DisplayName = "Root Account",
Roles = ArticleAccessHelper.RootRoles
};
await userManager.CreateAsync(user, websiteConfig.RootPassword);
}