/// <summary>
/// Removes permission from user
/// Checks permission levels
/// Prevents changing own permissions if needed
/// </summary>
/// <param name="CurrentUser">Current user for validation, or null</param>
/// <param name="PermissionId">PermissionId of target permission</param>
/// <param name="UserId">UserId of target user</param>
/// <returns><typeparamref name="UserRoleChangeResults"/></returns>
public static UserPermissionChangeResults RemovePermissionFromUser(User CurrentUser, Int32 PermissionId, Int64 UserId)
{
User User = User.FetchByID(UserId);
if (User == null)
{
return(UserPermissionChangeResults.UserDoesNotExist);
}
if (CurrentUser != null)
{
if (CurrentUser.UserId == UserId)
{
// Self user
return(UserPermissionChangeResults.Success); // Do not actually remove permissions... Let them keep it!
}
string[] permissions = Permissions.PermissionsForUser(CurrentUser.UserId);
if (!permissions.Contains(Permissions.PermissionKeys.sys_perm))
{
return(UserPermissionChangeResults.NoPermission);
}
}
UserPermissionMap.Delete(UserId, PermissionId);
return(UserPermissionChangeResults.Success);
}
/// <summary>
/// Adds permission to user
/// Checks permission levels
/// </summary>
/// <param name="CurrentUser">Current user for validation, or null</param>
/// <param name="PermissionId">PermissionId of target permission</param>
/// <param name="UserId">UserId of target user</param>
/// <returns><typeparamref name="UserRoleChangeResults"/></returns>
public static UserPermissionChangeResults AddPermissionToUser(User CurrentUser, Int32 PermissionId, Int64 UserId)
{
User User = User.FetchByID(UserId);
if (User == null)
{
return(UserPermissionChangeResults.UserDoesNotExist);
}
if (CurrentUser != null)
{
bool skip = false;
if (CurrentUser.UserId == UserId)
{
// Self user
skip = true;
}
if (skip)
{
string[] permissions = Permissions.PermissionsForUser(CurrentUser.UserId);
if (!permissions.Contains(Permissions.PermissionKeys.sys_perm))
{
return(UserPermissionChangeResults.NoPermission);
}
}
}
Query qry = new Query(UserPermissionMap.TableSchema)
.Where(UserPermissionMap.Columns.PermissionId, PermissionId)
.AND(UserPermissionMap.Columns.UserId, UserId);
if (qry.GetCount(UserPermissionMap.Columns.PermissionId) == 0)
{
try
{
UserPermissionMap map = new UserPermissionMap();
map.PermissionId = PermissionId;
map.UserId = UserId;
map.Save();
}
catch (DbException)
{
// Ignore this. Must have been that the record exists already, because of simultaneous action.
}
}
return(UserPermissionChangeResults.Success);
}
public static UserCreateResults CreateUser(string email, string password, out User user)
{
user = null;
if (!email.IsValidEmail())
{
return(UserCreateResults.InvalidEmailAddress);
}
user = User.FetchByEmail(email);
if (user != null)
{
return(UserCreateResults.AlreadyExists);
}
user = new User();
user.Email = email;
user.UniqueEmail = email.NormalizeEmail();
string pwd, salt;
EncodePassword(password, out pwd, out salt);
user.Password = pwd;
user.PasswordSalt = salt;
try
{
user.Save();
UserProfile userProfile = new UserProfile();
userProfile.UserId = user.UserId;
userProfile.DefaultLangCode = "he-IL";
userProfile.Save();
UserPermissionMap upm = new UserPermissionMap();
upm.UserId = user.UserId;
upm.PermissionId = 10;
upm.Save();
return(UserCreateResults.Success);
}
catch
{
user = null;
return(UserCreateResults.UnknownError);
}
}
