private void AddTechnicianToMaintenanceGroup(UserModel userModel, PemsCity mainGroup, int userId)
{
//make sure the user has access to the maintenance group. Add them as a _maint mmeber and to the caching table
(new UserCustomerAccessManager()).AddCustomerAccess(userId, mainGroup.Id);
var mgAuthMgr = new AuthorizationManager(mainGroup.InternalName);
mgAuthMgr.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName, userModel.Username);
//add them to all discinct pems conn strings
foreach (
var maintCustomer in
mainGroup.MaintenanceCustomers)
{
var maintCustomerPemsConnString = maintCustomer.PemsConnectionStringName;
//create the technician. only do this if they dont exist already, otherwise update
using (var pemsEntities = new PEMEntities(maintCustomerPemsConnString))
{
SetMaintenanceGroupTechnician(userModel, pemsEntities, userId);
//add user to _maintenance group here for the specific customer
var authorizationManager = new AuthorizationManager(maintCustomer.InternalName);
authorizationManager.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName, userModel.Username);
//now add them to caching table for this customer
//not sure if we need this or not
(new UserCustomerAccessManager()).AddCustomerAccess(userId, maintCustomer.Id);
}
}
}
public ActionResult CustomerRoles(CustomerRoleModel model, string submitButton)
{
//check the other submit buttons and act on them, or continue
switch (submitButton)
{
case "Cancel":
return(RedirectToAction("Index", "Users"));
}
int userID = (new UserFactory()).GetUserId(model.Username);
//remove all caching table data for this user
(new UserCustomerAccessManager()).ClearCustomerAccess(userID);
//first, we HAVE to loop horugh and remove all the groups before we add. This way when adding maintneance groups, the _maint group gtes added correctly.
foreach (var customerRole in model.CustomerRoles)
{
//get a auth manager for this customer
var authMan = new AuthorizationManager(customerRole.CustomerInternalName);
//remove the user from all the groups in this customer
authMan.RemoveMemberGroups(model.Username);
//remove them from maintenance as well. this is the only place we do this since this is the only place they can be added to a maint gorup without being set as a technician.
//IE - only applies to administrative users.
authMan.RemoveMemberFromMaintenanceGroup(model.Username);
//now we have to clear the menu cache
HttpContext.Cache.Remove("__PemsMenu" + customerRole.CustomerInternalName.Trim() + model.Username.Trim());
}
//now add the correct roles
foreach (var customerRole in model.CustomerRoles)
{
// now add them to the specific group for this store they will have access to
//only need to do this when there is a valid group name (not empty)
if (customerRole.CurrentRole != (new ResourceFactory()).GetLocalizedTitle(ResourceTypes.DropDownDefault, "Select One"))
{
var authMan = new AuthorizationManager(customerRole.CustomerInternalName);
authMan.AddGroupMember(customerRole.CurrentRole, model.Username, false);
//also update the caching table - they have access to one role, so they have access to the site.
authMan.AddCustomerAccess(userID);
//we also have to add them to the _maintenance Role if this customer is a maintenance group
//IE - we are giving any duncan admin users (which are the only ones using this page)
//that have any access to this maintenance group a _maintenance role as well, so they can log into the handheld.
//have to setup the city first
customerRole.Customer = new PemsCity(customerRole.CustomerInternalName);
if (customerRole.Customer.CustomerType == CustomerProfileType.MaintenanceGroup)
{
(new TechnicianFactory()).AddAdminTechnicianToMaintenanceGroup(model.Username, customerRole.Customer, userID);
}
}
}
return(RedirectToAction("Index", "Users"));
}
/// <summary>
/// Adds an admin to the maintenance group. This DOES NOT create a technician out of the administrator
/// this just gives the admin user access to the MG and its customers.
/// </summary>
/// <param name="username"></param>
/// <param name="mainGroup"></param>
/// <param name="userId"></param>
public void AddAdminTechnicianToMaintenanceGroup(string username, PemsCity mainGroup, int userId)
{
//make sure the user has access to the maintenance group. Add them as a _maint mmeber and to the caching table
(new UserCustomerAccessManager()).AddCustomerAccess(userId, mainGroup.Id);
var mgAuthMgr = new AuthorizationManager(mainGroup.InternalName);
mgAuthMgr.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName, username);
//add them to all discinct pems conn strings
foreach (var maintCustomer in mainGroup.MaintenanceCustomers)
{
//create the technician. only do this if they dont exist already, otherwise update
//add user to _maintenance group here for the specific customer
var authorizationManager = new AuthorizationManager(maintCustomer.InternalName);
authorizationManager.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName, username);
//now add them to caching table for this customer
(new UserCustomerAccessManager()).AddCustomerAccess(userId, maintCustomer.Id);
}
}
public void SetMaintenanceGroupCustomersModel(int maintGroupId, MaintenanceGroupCustomersModel model)
{
// Save any new areas.
if (model.NewCustomers != null)
{
var maintGroup = new PemsCity(maintGroupId.ToString());
foreach (var newCustomerId in model.NewCustomers)
{
//try to parse the id to make sure it came though correctly
int newCustID;
var parsed = int.TryParse(newCustomerId, out newCustID);
if (parsed)
{
//now lets check to see if this customer is in the system
var existingCustomer = RbacEntities.CustomerProfiles.FirstOrDefault(x => x.CustomerId == newCustID);
if (existingCustomer != null)
{
//only do it if it doesnt exist there already
var existing = RbacEntities.MaintenanceGroupCustomers.FirstOrDefault(x => x.MaintenanceGroupId == maintGroupId && x.CustomerId == newCustID);
if (existing != null)
{
continue;
}
RbacEntities.MaintenanceGroupCustomers.Add(new MaintenanceGroupCustomer
{
MaintenanceGroupId = maintGroupId,
CustomerId = newCustID
});
RbacEntities.SaveChanges();
//roll thorugh all the ussers for the maint group and if htey are a technician, add them to the _main group for the customer.
//This way they will not be member, but will be part of a role so they have access log in to the maint for that cuity
//we do not need to roll thorugh the users for the customers, since they are not allowed to assign technicians until they are part of the maintenance group
//this means that the customer will not have any technicians, so we do not need to worry about adding those users as techs for the maint group,
//that will be done when the user is checked as a tech after the customer is assigned to the maint group.
//now add all of the users for this maintenance group that are technicians to the _maintenance role for the customer.
//we are also only doing this for new customers.
//get all the users for the maintenance group
var mainGroupMembersUsernames = (new SecurityManager()).GetUsersForCity(maintGroup.InternalName);
//get the customer and an auth manager for that customer
var customer = new PemsCity(existingCustomer.CustomerId.ToString());
var authorizationManager = new AuthorizationManager(customer);
//check to see if they are a technician
foreach (var mainGroupMembersUsername in mainGroupMembersUsernames)
{
if (TechnicianFactory.IsUserTechnician(mainGroupMembersUsername))
{
//if they are, add them to the _maint role for the customer
authorizationManager.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName,
mainGroupMembersUsername);
//go get the userid from the name
var userId = (new UserFactory()).GetUserId(mainGroupMembersUsername);
//we also need to update the caching table to give the technician access to see the site
(new UserCustomerAccessManager()).AddCustomerAccess(userId, maintGroupId);
}
}
}
}
}
}
}
/// <summary>
/// Creates the user in the system and returns the system generated username
/// </summary>
/// <param name="useModelUserName">If true then try to use <see cref="UserModel"/> instance Username if it exists. Otherwise fall back to building a user name. </param>
public string CreateUser(UserModel userModel, string storeName, string password, bool active, bool useModelUserName)
{
var authorizationManager = new AuthorizationManager(storeName);
string username = CreateUniqueUserName(userModel.FirstName, userModel.MiddleInitial, userModel.LastName);
username = (useModelUserName && !string.IsNullOrWhiteSpace(userModel.Username)) ? userModel.Username : username;
//register the user
//try to get the dbuser, and if they arlready exists, just create the account, otherwise create the user and account.
if (!authorizationManager.InAuthorizationSystem(username))
{
WebSecurity.CreateUserAndAccount(username,
password,
new
{
FirstName = userModel.FirstName,
MiddleName = userModel.MiddleInitial,
LastName = userModel.LastName,
Phone = userModel.PhoneNumber,
Email = userModel.EmailAddress,
CreatedDate = DateTime.Now,
RequirePasswordReset = true
});
}
else
{
//only create them if they dont already exist
if (!WebSecurity.UserExists(username))
{
//create them
WebSecurity.CreateAccount(username, password);
}
}
//update their profile
//set the models username now that we have it
userModel.Username = username;
UpdateUserProfile(userModel, active);
//now force them to change their pw on next login
UpdateUserPasswordReset(username, true);
//add the password to the password history so they cant set it back ot the default
var pwMGr = new PasswordManager(username);
pwMGr.AddPasswordToHistory(password);
//now add them to the default group for this store they will have access to
authorizationManager.AddGroupMember(Constants.Security.DefaultStoreGroupName, username);
//update the caching table to include this person
int userID = GetUserId(userModel.Username);
authorizationManager.AddCustomerAccess(userID);
//have to check to see if groupname is null - otherwise we throw an error
if (!string.IsNullOrEmpty(userModel.Role))
{
// now add them to the specific group for this store they will have access to
authorizationManager.AddGroupMember(userModel.Role, username);
}
return(username);
}
