public async Task <IdentityResult> Register(string user, string password)
{
var targetUser = new User {
UserName = user, Email = user
};
var createdUser = await UserManager.CreateAsync(targetUser, password);
if (createdUser.Succeeded)
{
var code = await UserManager.GenerateEmailConfirmationTokenAsync(targetUser);
_userService.AddUser(new ApplicationUser()
{
UserName = user
});
var newUser = UserManager.FindByNameAsync(user).Result;
var userRoleResult = await UserManager.AddToRoleAsync(newUser, "Administrator");
if (userRoleResult.Succeeded)
{
var resourceTypes = _resourceTypeRepository.GetAll().ToList();
var formResourceTypeId = resourceTypes.Where(x => string.Equals(x.Name, "Form")).SingleOrDefault().Id;
var URLResourceTypeId = resourceTypes.Where(x => string.Equals(x.Name, "URL")).SingleOrDefault().Id;
var APIResourceTypeId = resourceTypes.Where(x => string.Equals(x.Name, "API")).SingleOrDefault().Id;
var resultRole = await RoleManager.FindByNameAsync("Administrator");
// DONT fire this code if you dont want activity based security
var roleRights = _roleRightRepository.GetAll().Where(x => string.Equals(x.RoleId, resultRole.Id)).ToList();
var formElementsClaims = from r in _resourceRepository.GetAll().Where(x => x.ResourceTypeId == formResourceTypeId)
join rr in roleRights on r.Id equals rr.ResourceId
join a in _activityRepository.GetAll().Where(x => x.ResourceTypeId == formResourceTypeId) on rr.ActivityId equals a.Id
select r.Name + "." + a.Value;
//// assign claims (activities) for current role to this user
await UserManager.AddClaimsAsync(newUser, formElementsClaims.Select(x => new System.Security.Claims.Claim(x, "Allowed")));
var URLElementsClaims = from r in _resourceRepository.GetAll().Where(x => x.ResourceTypeId == URLResourceTypeId)
join rr in roleRights on r.Id equals rr.ResourceId
join a in _activityRepository.GetAll().Where(x => x.ResourceTypeId == URLResourceTypeId) on rr.ActivityId equals a.Id
select "/" + a.Value.ToCamelCase() + r.Name;
await UserManager.AddClaimsAsync(newUser, URLElementsClaims.Select(x => new System.Security.Claims.Claim(x, "Allowed")));
var apiClaims = from r in _resourceRepository.GetAll().Where(x => x.ResourceTypeId == APIResourceTypeId)
join rr in roleRights on r.Id equals rr.ResourceId
join a in _activityRepository.GetAll().Where(x => x.ResourceTypeId == APIResourceTypeId) on rr.ActivityId equals a.Id
select r.Name + "/" + a.Value;
await UserManager.AddClaimsAsync(newUser, apiClaims.Select(x => new System.Security.Claims.Claim(x, "Allowed")));
}
}
return(createdUser);
}
public IEnumerable <ResourceType> GetAll()
{
IEnumerable <ResourceType> types = _resourceTypeRepo.GetAll();
if (types == null)
{
throw new ApplicationException("There are no resource types to display");
}
return(types);
}
public void AddTestResourceTypes()
{
if (_resourceTypeRepo.GetAll().Count() > 0)
{
return;
}
ResourceType testType1 = new ResourceType
{
Id = 1,
Name = "Cable"
};
ResourceType testType2 = new ResourceType
{
Id = 2,
Name = "Ports"
};
_resourceTypeRepo.Add(testType1);
_resourceTypeRepo.Add(testType2);
}
public ItemResult GetAllResourceType()
{
return(resourceTypeRepository.GetAll());
}
