/// <summary>
/// Remove users from roles
/// </summary>
public void RemoveUsersFromRoles(string[] users, string[] roles, IPrincipal authPrincipal)
{
this.VerifyPrincipal(authPrincipal, PermissionPolicyIdentifiers.AlterRoles);
// Add users to role
using (var dataContext = new Data.ModelDataContext(this.m_configuration.ReadWriteConnectionString))
{
foreach (var un in users)
{
SecurityUser user = dataContext.SecurityUsers.SingleOrDefault(u => u.UserName == un);
if (user == null)
{
throw new KeyNotFoundException(String.Format("Could not locate user {0}", un));
}
foreach (var rol in roles)
{
SecurityRole role = dataContext.SecurityRoles.SingleOrDefault(r => r.Name == rol);
if (role == null)
{
throw new KeyNotFoundException(String.Format("Could not locate role {0}", rol));
}
var securityUserRole = user.SecurityUserRoles.SingleOrDefault(ur => ur.RoleId == role.RoleId && ur.UserId == user.UserId);
if (securityUserRole != null)
{
// Remove
dataContext.SecurityUserRoles.DeleteOnSubmit(securityUserRole);
}
}
}
dataContext.SubmitChanges();
}
}
/// <summary>
/// Adds the specified users to the specified roles
/// </summary>
public void AddUsersToRoles(string[] users, string[] roles, IPrincipal authPrincipal)
{
this.VerifyPrincipal(authPrincipal, PermissionPolicyIdentifiers.AlterRoles);
// Add users to role
using (var dataContext = new Data.ModelDataContext(this.m_configuration.ReadWriteConnectionString))
{
foreach (var un in users)
{
SecurityUser user = dataContext.SecurityUsers.SingleOrDefault(u => u.UserName == un);
if (user == null)
{
throw new KeyNotFoundException(String.Format("Could not locate user {0}", un));
}
foreach (var rol in roles)
{
SecurityRole role = dataContext.SecurityRoles.SingleOrDefault(r => r.Name == rol);
if (role == null)
{
throw new KeyNotFoundException(String.Format("Could not locate role {0}", rol));
}
if (!user.SecurityUserRoles.Any(o => o.RoleId == role.RoleId))
{
user.SecurityUserRoles.Add(new SecurityUserRole()
{
UserId = user.UserId, RoleId = role.RoleId
});
}
}
}
dataContext.SubmitChanges();
}
}
/// <summary>
/// Create a role
/// </summary>
public void CreateRole(string roleName, IPrincipal authPrincipal)
{
this.VerifyPrincipal(authPrincipal, PermissionPolicyIdentifiers.CreateRoles);
// Add users to role
using (var dataContext = new Data.ModelDataContext(this.m_configuration.ReadWriteConnectionString))
{
SecurityUser user = dataContext.SecurityUsers.SingleOrDefault(u => u.UserName == authPrincipal.Identity.Name);
if (user == null)
{
throw new SecurityException(String.Format("Could not verify identity of {0}", authPrincipal.Identity.Name));
}
// Insert
dataContext.SecurityRoles.InsertOnSubmit(new SecurityRole()
{
RoleId = Guid.NewGuid(),
CreatedByEntity = user,
Name = roleName
});
dataContext.SubmitChanges();
}
}
