/// <summary>
/// Get assigned permissions for a specific page
/// </summary>
/// <param name="url">URL of page to check</param>
/// <returns>List of users with permissions to the supplied page</returns>
public PageUsersModel CheckPagePermissions(string url)
{
try
{
if (string.IsNullOrEmpty(url))
{
return(null);
}
//if (!url.Contains("http")) return null;
//var page = new Uri(url).AbsolutePath;
//var pageName = page.Trim('/');
//if (pageName.IsNullOrWhiteSpace())
//{
// pageName = ConfigurationManager.AppSettings["HomePage"];
//}
//var modelList = _databaseService.CheckPagePermissions(pageName);
//var permissionsModels = modelList as IList<PermissionsModel> ?? modelList.ToList();
PageUsersModel permissionsModels = _umbracoService.CheckPagePermissions(url);
return(permissionsModels);
}
catch (Exception ex)
{
ex.ToExceptionless().Submit();
throw;
}
}
public ActionResult LookupPagePermissions(FindPageModel model)
{
// Check if this is a Url or NodeId request
var url = model.IsUrlRequest ? model.Url : model.NodeId.ToString();
try
{
// Get a list of Web Authors that have permission to manage this page
// Convert to a list so that we can add the other Web Authors
PageUsersModel perms = _permissionsControlService.CheckPagePermissions(url);
if (perms != null)
{
List <UserPermissionModel> authorList = perms.Users.ToList();
// Get a list of all other Web Authors
var excludeUsers = authorList.Select(x => x.UserId).ToArray();
var ex = string.Join(",", excludeUsers);
var otherAuthors = _umbracoService.GetWebAuthors(ex);
// Combine the two lists. These have PermissionId = 0 to indicate they do not have access
foreach (var otherAuthor in otherAuthors)
{
var p = new UserPermissionModel
{
UserId = otherAuthor.UserId,
FullName = otherAuthor.FullName,
EmailAddress = otherAuthor.EmailAddress,
UserLocked = otherAuthor.UserLocked,
UserName = otherAuthor.UserName,
PagePermissions = new string[] { }
};
authorList.Add(p);
}
perms.Users = authorList;
if (!authorList.IsNullOrEmpty())
{
return(PartialView("PagePermissions/LookupPagePermissions", perms));
}
}
TempData["MsgKey"] = "PageNotFound";
return(PartialView("ToolsError"));
}
catch (Exception ex)
{
ex.ToExceptionless().Submit();
TempData["MsgKey"] = string.Format("ErrorOccurred");
return(PartialView("ToolsError"));
}
}
/// <summary>
/// Get assigned permissions for a specific page
/// </summary>
/// <param name="page">page to check</param>
/// <returns>Permissions set</returns>
public PageUsersModel CheckPagePermissions(IContent page)
{
var permList = new PageUsersModel();
var permPage = new PageModel
{
PageId = page.Id,
PageName = page.Name
};
permList.Page = permPage;
var perms = _contentService.GetPermissionsForEntity(page);
IList <UserPermissionModel> userPerms = new List <UserPermissionModel>();
foreach (var perm in perms)
{
// Assume:
// if no permissions at all, then there will be only one element which will contain a "-"
// If only the default permission then there will only be one element which will contain "F" (Browse Node)
if (perm.AssignedPermissions.Count() <= 1 &&
(perm.AssignedPermissions[0] == "-" || perm.AssignedPermissions[0] == "F"))
{
continue;
}
var pUser = _userService.GetUserById(perm.UserId);
// Only interested in Web Authors
if (pUser.UserType.Alias != _webAuthorUserType)
{
continue;
}
// Create a permission object - set PermissionId = 1 to indicate user has permission to edit this page
var userPerm = new UserPermissionModel
{
UserId = perm.UserId,
UserName = pUser.Username,
FullName = pUser.Name,
EmailAddress = pUser.Email,
UserLocked = !pUser.IsApproved,
PagePermissions = perm.AssignedPermissions
};
userPerms.Add(userPerm);
}
permList.Users = userPerms.OrderBy(o => o.FullName).ToList();
return(permList);
}
public AntdUsersModule()
{
Get["/users"] = _ => {
var userConfiguration = new UserConfiguration();
var list = userConfiguration.Get();
var manageMaster = new ManageMaster();
list.Add(new User {
Name = manageMaster.Name,
Password = manageMaster.Password
});
return(JsonConvert.SerializeObject(list));
};
Get["/users/list"] = x => {
var master = new ManageMaster().Name;
var systemUser = new SystemUser();
var users = systemUser.GetAll()
.Select(_ => new User {
Name = _, Password = ""
});
var model = new PageUsersModel {
Master = master,
Users = users
};
return(JsonConvert.SerializeObject(model));
};
Post["/users"] = x => {
string user = Request.Form.User;
string password = Request.Form.Password;
var systemUser = new SystemUser();
var hpwd = systemUser.HashPasswd(password);
var mo = new User {
Name = user,
Password = hpwd
};
var userConfiguration = new UserConfiguration();
userConfiguration.AddUser(mo);
return(HttpStatusCode.OK);
};
Post["/users/master/password"] = x => {
string password = Request.Form.Password;
var masterManager = new ManageMaster();
masterManager.ChangePassword(password);
return(HttpStatusCode.OK);
};
}
public ActionResult CheckPagePermissions(string url)
{
PageUsersModel modelList = _permissionsControlService.CheckPagePermissions(url);
// If nodelList is null then the page does not exist in Umbraco
if (modelList == null)
{
TempData["Message"] = "Sorry, that page does not exist.";
return(PartialView("Error"));
}
// Remove any users who are currently disabled in Umbraco
modelList.Users = modelList.Users.Where(u => u.UserLocked == false).ToList();
// One or more Web Authors have been given permission to edit this page
return(PartialView("CheckPagePermissions", modelList));
}
public async Task <ActionResult <PageUsersModel> > Get(int?offset, int?limit, string sortOrder, string searchString)
{
PageUsersModel pageUsersModel = new PageUsersModel();
pageUsersModel.TotalUsers = await _umService.GetAllUsersCountAsync(searchString);
List <ApplicationUser> users = await _umService.GetUsersAsync(offset ?? 0, limit ?? 10, sortOrder, searchString);
List <UserModel> userModels = new List <UserModel>();
// Refactor to return role as part of the user (using a Dto) and avoid multiple
// round-trips to the database
foreach (ApplicationUser user in users)
{
UserModel userModel = _mapper.Map <UserModel>(user);
string userRole = await _umService.GetUserRoleAsync(user.Id, false);
userModel.Role = userRole;
pageUsersModel.Users.Add(userModel);
}
return(pageUsersModel);
}
