public override IDictionary <string, ContentModifierForm> BuildModifierForm(ApplicationRole datum,
DatumModifyOperation operation, Type datumType)
{
if (!operation.IsCreateOrUpdateOperation())
{
return(null);
}
var f = new RoleDatumModifierForm {
Id = datum.Id,
Name = datum.Name,
Description = datum.Description
};
var perms = new List <string>();
var permIds = _permMgr.GetRolesPermissions(new[] { datum.Name }).ToArray();
foreach (var perm in _permMgr.AllPermissions)
{
foreach (var permId in permIds)
{
if (perm.Id != permId)
{
continue;
}
perms.Add(perm.Id);
}
}
f.Permissions = perms.ToArray();
return(new Dictionary <string, ContentModifierForm> {
[FORM_KEY] = f
});
}
public override IDictionary <string, VueComponentDefinition[]> ConvertFormToVues(
IDictionary <string, ContentModifierForm> modifierForm, ApplicationRole datum,
DatumModifyOperation operation,
Type datumType)
{
if (operation.IsCreateOrUpdateOperation())
{
return(new Dictionary <string, VueComponentDefinition[]> {
[FORM_KEY] = new[] {
new VueComponentDefinition {
Name = "cms-form-field-hidden",
Props = new {
valuePath = nameof(RoleDatumModifierForm.Id)
}
},
new VueComponentDefinition {
Name = "cms-form-field-text",
Props = new {
label = "Name",
valuePath = nameof(RoleDatumModifierForm.Name)
}
},
new VueComponentDefinition {
Name = "cms-form-field-textarea",
Props = new {
label = "Description",
valuePath = nameof(RoleDatumModifierForm.Description)
}
},
new VueComponentDefinition {
Name = "cms-form-field-select",
Props = new {
label = "Permissions",
valuePath = nameof(RoleDatumModifierForm.Permissions),
isMultiSelect = true,
optionsHandlerId = DatumSelectFieldOptionsHandler.HANDLER_ID,
optionsHandlerParam = Jsonizer.Convert(new DatumSelectFieldOptionsHandlerParam {
DatumTypeId = "permission"
})
}
}
}
});
}
if (operation.IsDeleteOperation())
{
return(new Dictionary <string, VueComponentDefinition[]> {
[FORM_KEY] = new VueComponentDefinition[] {
new VueHtmlWidget("Proceed to delete?")
}
});
}
return(null);
}
public override void PerformModification(IDictionary <string, ContentModifierForm> modifierForm, ApplicationRole datum,
DatumModifyOperation operation,
Type datumType)
{
IdentityResult ir = null;
var hasOp = false;
if (operation.IsCreateOrUpdateOperation())
{
var f = modifierForm[FORM_KEY].DirectCastTo <RoleDatumModifierForm>();
datum.Name = f.Name;
datum.Description = f.Description;
ir = operation.IsCreateOperation() ? _roleMgr.Create(datum) : _roleMgr.Update(datum);
if (ir.Succeeded)
{
foreach (var perm in _permMgr.AllPermissions)
{
var pmap = _dbContext.ProtoPermissionsMaps
.FirstOrDefault(x => x.RoleName == datum.Name && x.PermissionId == perm.Id);
if (pmap == null)
{
pmap = new ProtoPermissionsMap {
RoleName = datum.Name,
PermissionId = perm.Id
};
_dbContext.ProtoPermissionsMaps.Add(pmap);
}
pmap.HasPermission = f.Permissions.Contains(perm.Id);
}
_dbContext.ThisDbContext().SaveChanges();
}
hasOp = true;
}
else if (operation.IsDeleteOperation())
{
ir = _roleMgr.Delete(datum);
if (ir.Succeeded)
{
var pmaps = _dbContext.ProtoPermissionsMaps.Where(x => x.RoleName == datum.Name).ToList();
foreach (var pmap in pmaps)
{
_dbContext.ProtoPermissionsMaps.Remove(pmap);
}
}
hasOp = true;
}
if (hasOp)
{
if (!ir.Succeeded)
{
throw new Exception(string.Join("; ", ir.Errors));
}
}
}
public override FurtherValidationResult ValidateModifierForm(IDictionary <string, ContentModifierForm> modifierForm,
ApplicationRole datum,
DatumModifyOperation operation, Type datumType)
{
var result = new FurtherValidationResult();
if (operation.IsDeleteOperation())
{
if (datum.Name == RequiredRoleInfo.SuperAdmin.Name ||
datum.Name == RequiredRoleInfo.Authenticated.Name ||
datum.Name == RequiredRoleInfo.Guest.Name)
{
result.AddError($"{FORM_KEY}.{nameof(RoleDatumModifierForm.Name)}",
$"{RequiredRoleInfo.SuperAdmin.Name}, {RequiredRoleInfo.Authenticated.Name}, " +
$"and {RequiredRoleInfo.Guest.Name} are reserved by the system and should not " +
$"be deleted.");
}
}
else
{
var fm = modifierForm[FORM_KEY].DirectCastTo <RoleDatumModifierForm>();
if (operation.IsCreatingNewDatum)
{
if (fm.Name == RequiredRoleInfo.SuperAdmin.Name ||
fm.Name == RequiredRoleInfo.Authenticated.Name ||
fm.Name == RequiredRoleInfo.Guest.Name)
{
result.AddError($"{FORM_KEY}.{nameof(RoleDatumModifierForm.Name)}",
$"{RequiredRoleInfo.SuperAdmin.Name}, {RequiredRoleInfo.Authenticated.Name}, " +
$"and {RequiredRoleInfo.Guest.Name} are reserved by the system and no new " +
$"role should use their name.");
}
}
if ((datum.Name == RequiredRoleInfo.SuperAdmin.Name ||
datum.Name == RequiredRoleInfo.Authenticated.Name ||
datum.Name == RequiredRoleInfo.Guest.Name) && fm.Name != datum.Name)
{
result.AddError($"{FORM_KEY}.{nameof(RoleDatumModifierForm.Name)}",
$"{RequiredRoleInfo.SuperAdmin.Name}, {RequiredRoleInfo.Authenticated.Name}, " +
$"and {RequiredRoleInfo.Guest.Name} are reserved by the system and should not " +
$"have their name be modified.");
}
}
return(result);
}
public override DatumPermissionCustomProps ModifyPermissionCustomProps(DatumModifyOperation modifyOperation,
DatumType <ApplicationUser> datumType)
{
if (modifyOperation.IsCreateOperation())
{
return(new DatumPermissionCustomProps(
"Create User", "Allow creating user data.", "Account", "User"));
}
if (modifyOperation.IsUpdateOperation())
{
return(new DatumPermissionCustomProps(
"Update User", "Allow updating user data.", "Account", "User"));
}
if (modifyOperation.IsDeleteOperation())
{
return(new DatumPermissionCustomProps(
"Delete User", "Allow deleting user data.", "Account", "User"));
}
return(null);
}
public override IDictionary <string, ContentModifierForm> BuildModifierForm(ApplicationUser datum,
DatumModifyOperation operation, Type datumType)
{
if (!operation.IsCreateOrUpdateOperation())
{
return(null);
}
var f = new UserDatumModifierForm {
Id = datum.Id,
UserName = datum.UserName,
IsActivated = datum.IsActivated,
DisplayName = datum.DisplayName,
PhotoUrl = !string.IsNullOrWhiteSpace(datum.PhotoUrl) ? new[] { datum.PhotoUrl } : null,
Email = datum.Email,
EmailConfirmed = datum.EmailConfirmed,
PhoneNumber = datum.PhoneNumber,
PhoneNumberConfirmed = datum.PhoneNumberConfirmed
};
if (operation.IsCreateOperation())
{
f.ChangePassword = true;
}
if (operation.IsUpdateOperation())
{
var roleIds = new List <string>();
var roleNames = _userMgr.GetRoles(datum.Id);
foreach (var rn in roleNames)
{
var role = _roleMgr.Roles.FirstOrDefault(x => x.Name == rn);
if (role != null)
{
roleIds.Add(role.Id);
}
}
f.RoleIds = roleIds.ToArray();
}
return(new Dictionary <string, ContentModifierForm> {
[FORM_KEY] = f
});
}
public IDictionary <string, ContentModifierForm> BuildModifierFormBase(object datum,
DatumModifyOperation operation, Type datumType)
{
return(BuildModifierForm(datum.DirectCastTo <TDat>(), operation, datumType));
}
public override FurtherValidationResult ValidateModifierForm(
IDictionary <string, ContentModifierForm> modifierForm,
ApplicationUser datum,
DatumModifyOperation operation, Type datumType)
{
var result = new FurtherValidationResult();
if (operation.IsCreateOrUpdateOperation())
{
var fm = modifierForm[FORM_KEY].DirectCastTo <UserDatumModifierForm>();
if (operation.IsCreateOperation())
{
var existingUser = _userMgr.Users.FirstOrDefault(x => x.UserName == fm.UserName);
if (existingUser != null)
{
result.AddError($"{FORM_KEY}.{nameof(fm.UserName)}",
$"Username '{fm.UserName}' is already taken.");
}
}
var checkPassword = operation.IsCreateOperation() || operation.IsUpdateOperation() && fm.ChangePassword;
if (checkPassword)
{
var validator = _userMgr.PasswordValidator;
if (fm.Password == null)
{
result.AddError($"{FORM_KEY}.{nameof(fm.Password)}", "Password is required.");
}
else
{
var ir = validator.ValidateAsync(fm.Password).Result;
if (!ir.Succeeded)
{
foreach (var err in ir.Errors)
{
result.AddError($"{FORM_KEY}.{nameof(fm.Password)}", err);
}
}
if (fm.Password != fm.PasswordConfirmation)
{
result.AddError($"{FORM_KEY}.{nameof(fm.PasswordConfirmation)}",
"Password and password confirmation must match.");
}
}
}
}
if (operation.IsDeleteOperation())
{
var rctx = ProtoCmsRuntimeContext.Current;
if (rctx.CurrentUser != null && rctx.CurrentUser.Id == datum.Id)
{
result.AddError($"{FORM_KEY}.{nameof(UserDatumModifierForm.UserName)}",
"You may not delete yourself.");
}
var superAdminRoleName = RequiredRoleInfo.SuperAdmin.Name;
var superadmins = (from u in _dbContext.Users
from ur in u.Roles
join r in _dbContext.Roles
on ur.RoleId equals r.Id
where r.Name == superAdminRoleName
select u).ToArray();
if (superadmins.Length == 1 && superadmins.FirstOrDefault(x => x.Id == datum.Id) != null)
{
result.AddError($"{FORM_KEY}.{nameof(UserDatumModifierForm.UserName)}",
"You may not delete the only superadmin left in the system.");
}
}
return(result);
}
public abstract FurtherValidationResult ValidateModifierForm(
IDictionary <string, ContentModifierForm> modifierForm, TDat datum, DatumModifyOperation operation,
Type datumType);
public abstract IDictionary <string, VueComponentDefinition[]> ConvertFormToVues(
IDictionary <string, ContentModifierForm> modifierForm, TDat datum, DatumModifyOperation operation,
Type datumType);
public abstract IDictionary <string, ContentModifierForm> BuildModifierForm(TDat datum,
DatumModifyOperation operation, Type datumType);
public void PerformModificationBase(IDictionary <string, ContentModifierForm> modifierForm, object datum,
DatumModifyOperation operation, Type datumType)
{
PerformModification(modifierForm, datum.DirectCastTo <TDat>(), operation, datumType);
}
public FurtherValidationResult ValidateModifierFormBase(IDictionary <string, ContentModifierForm> modifierForm,
object datum, DatumModifyOperation operation,
Type datumType)
{
return(ValidateModifierForm(modifierForm, datum.DirectCastTo <TDat>(), operation, datumType));
}
public IDictionary <string, VueComponentDefinition[]> ConvertFormToVuesBase(
IDictionary <string, ContentModifierForm> modifierForm, object datum, DatumModifyOperation operation,
Type datumType)
{
return(ConvertFormToVues(modifierForm, datum.DirectCastTo <TDat>(), operation, datumType));
}
public DatumPermissionCustomProps ModifyPermissionCustomPropsBase(DatumModifyOperation modifyOperation,
DatumType datumType)
{
return(ModifyPermissionCustomProps(modifyOperation, datumType.DirectCastTo <DatumType <TDat> >()));
}
public abstract DatumPermissionCustomProps ModifyPermissionCustomProps(DatumModifyOperation modifyOperation,
DatumType <TDat> datumType);
public abstract void PerformModification(IDictionary <string, ContentModifierForm> modifierForm, TDat datum,
DatumModifyOperation operation, Type datumType);
public override void PerformModification(IDictionary <string, ContentModifierForm> modifierForm,
ApplicationUser datum,
DatumModifyOperation operation,
Type datumType)
{
IdentityResult ir = null;
var hasOp = false;
if (operation.IsDeleteOperation())
{
ir = _userMgr.Delete(datum);
hasOp = true;
}
else if (operation.IsCreateOrUpdateOperation())
{
var isCreateOperation = operation.IsCreateOperation();
var isUpdateOperation = operation.IsUpdateOperation();
var fm = modifierForm[FORM_KEY].DirectCastTo <UserDatumModifierForm>();
datum.IsActivated = fm.IsActivated;
datum.UserName = fm.UserName;
datum.DisplayName = fm.DisplayName;
datum.PhotoUrl = fm.PhotoUrl.Length > 0 ? fm.PhotoUrl[0] : null;
datum.Email = fm.Email;
datum.EmailConfirmed = fm.EmailConfirmed;
datum.PhoneNumber = fm.PhoneNumber;
datum.PhoneNumberConfirmed = fm.PhoneNumberConfirmed;
var changePassword = isCreateOperation || isUpdateOperation && fm.ChangePassword;
if (changePassword)
{
var hasher = _userMgr.PasswordHasher;
var pwdHash = hasher.HashPassword(fm.Password);
datum.PasswordHash = pwdHash;
}
ir = isCreateOperation ? _userMgr.Create(datum) : _userMgr.Update(datum);
if (ir.Succeeded)
{
var allRoles = _roleMgr.Roles.ToArray();
var userRoleNames = new List <string>();
foreach (var role in allRoles)
{
var hasRole = role.Name != RequiredRoleInfo.Authenticated.Name &&
role.Name != RequiredRoleInfo.Guest.Name &&
fm.RoleIds.Contains(role.Id);
if (hasRole)
{
userRoleNames.Add(role.Name);
}
}
if (isCreateOperation)
{
ir = _userMgr.AddToRoles(datum.Id, userRoleNames.ToArray());
}
else if (isUpdateOperation)
{
var currentRoles = _userMgr.GetRoles(datum.Id).ToArray();
if (currentRoles.Length > 0)
{
ir = _userMgr.RemoveFromRoles(datum.Id, currentRoles);
}
if (ir.Succeeded)
{
ir = _userMgr.AddToRoles(datum.Id, userRoleNames.ToArray());
}
}
}
}
if (hasOp)
{
if (!ir.Succeeded)
{
throw new Exception(string.Join("; ", ir.Errors));
}
}
}
protected void CheckUserHasPermissionToModifyDatum(ProtoCmsRuntimeContext rctx,
ModifyDatumPermission modPerm, DatumModifyOperation modOp, DatumType ct)
{
if (!rctx.UserHasPermission(modPerm.Id))
{
throw new HttpException(403, $"ProtoCMS: user is forbidden to perform modify operation " +
$"'{modOp.Name}' on datum type '{ct.Id}'.");
}
}
public override IDictionary <string, VueComponentDefinition[]> ConvertFormToVues(
IDictionary <string, ContentModifierForm> modifierForm, ApplicationUser datum,
DatumModifyOperation operation,
Type datumType)
{
if (operation.IsCreateOrUpdateOperation())
{
var vues = new List <VueComponentDefinition>();
vues.AddRange(new[] {
new VueComponentDefinition {
Name = "cms-form-field-hidden",
Props = new {
valuePath = nameof(UserDatumModifierForm.Id)
}
},
new VueComponentDefinition {
Name = "cms-form-field-text",
Props = new {
label = "UserName",
valuePath = nameof(UserDatumModifierForm.UserName)
}
},
new VueComponentDefinition {
Name = "cms-form-field-checkbox",
Props = new {
label = "Activated?",
valuePath = nameof(UserDatumModifierForm.IsActivated),
yesLabel = "Activated",
noLabel = "Deactivated"
}
}
});
if (operation.IsUpdateOperation())
{
vues.Add(new VueComponentDefinition {
Name = "cms-form-field-checkbox",
Props = new {
label = "Change Password?",
valuePath = nameof(UserDatumModifierForm.ChangePassword),
helpText = "Enable this to also change user password when updating data.",
yesLabel = "Change",
noLabel = "Don't Change"
}
});
}
vues.AddRange(new[] {
new VueComponentDefinition {
Name = "cms-form-field-password",
Props = new {
label = "Password",
valuePath = nameof(UserDatumModifierForm.Password)
}
},
new VueComponentDefinition {
Name = "cms-form-field-password",
Props = new {
label = "Password Confirmation",
valuePath = nameof(UserDatumModifierForm.PasswordConfirmation)
}
},
new VueComponentDefinition {
Name = "cms-form-field-text",
Props = new {
label = "Display Name",
valuePath = nameof(UserDatumModifierForm.DisplayName)
}
},
new VueComponentDefinition {
Name = "cms-form-field-file-picker",
Props = new {
label = "Photo",
valuePath = nameof(UserDatumModifierForm.PhotoUrl),
fileExplorerPageUrl = _urlProv.GenerateManageFileExplorerUrl()
}
},
new VueComponentDefinition {
Name = "cms-form-field-text",
Props = new {
label = "Email",
valuePath = nameof(UserDatumModifierForm.Email)
}
},
new VueComponentDefinition {
Name = "cms-form-field-checkbox",
Props = new {
label = "Email Confirmed?",
valuePath = nameof(UserDatumModifierForm.EmailConfirmed),
yesLabel = "Confirmed",
noLabel = "Not Confirmed"
}
},
new VueComponentDefinition {
Name = "cms-form-field-text",
Props = new {
label = "Phone No.",
valuePath = nameof(UserDatumModifierForm.PhoneNumber)
}
},
new VueComponentDefinition {
Name = "cms-form-field-checkbox",
Props = new {
label = "Phone No. Confirmed?",
valuePath = nameof(UserDatumModifierForm.PhoneNumberConfirmed),
yesLabel = "Confirmed",
noLabel = "Not Confirmed"
}
},
new VueComponentDefinition {
Name = "cms-form-field-select",
Props = new {
label = "Roles",
valuePath = nameof(UserDatumModifierForm.RoleIds),
isMultiSelect = true,
optionsHandlerId = DatumSelectFieldOptionsHandler.HANDLER_ID,
optionsHandlerParam = Jsonizer.Convert(new DatumSelectFieldOptionsHandlerParam {
DatumTypeId = "role",
SortInfos = new[] { Tuple.Create("Name", false) }
})
}
}
});
return(new Dictionary <string, VueComponentDefinition[]> {
[FORM_KEY] = vues.ToArray()
});
}
if (operation.IsDeleteOperation())
{
return(new Dictionary <string, VueComponentDefinition[]> {
[FORM_KEY] = new VueComponentDefinition[] {
new VueHtmlWidget("Proceed to delete?")
}
});
}
return(null);
}
public override DatumPermissionCustomProps ModifyPermissionCustomProps(DatumModifyOperation modifyOperation,
DatumType <ProtoPermission> datumType)
{
// not used
return(null);
}
