//
// GET+POST: /User/Login
public ActionResult Login()
{
CMS_Login login = new CMS_Login();
if (login.hasIdentity())
{
_messages.addMessage("You are already logged in.");
return RedirectToAction("Index", "Home");
}
Form_LoginForm form = new Form_LoginForm();
if (Request.HttpMethod.ToLower() == form.getMethod().ToString())
{
if (form.isValid(Request.Form))
{
user user;
if (login.checkCredentials(form["username"].getValue(), form["password"].getValue(), out user))
{
login.SignIn(user);
return RedirectToAction("Index", "Home");
}
_messages.addError("Bad login or password");
}
}
string html = form.render();
ViewData["form"] = html;
return View();
}
//
// GET+POST: /User/Login
public ActionResult Login()
{
CMS_Login login = new CMS_Login();
if (login.hasIdentity())
{
_messages.addMessage("Ji� jste p�ihl�en(a).");
return RedirectToAction("Index", "Backend");
}
Form_LoginForm form = new Form_LoginForm((Request.Params.AllKeys.Contains("backUrl") ? Request.Params["backUrl"] : ""));
if (Request.HttpMethod.ToLower() == form.getMethod().ToString())
{
if (form.isValid(Request.Form))
{
user user;
if (login.checkCredentials(form["username"].getValue(), form["password"].getValue(), out user))
{
login.SignIn(user);
if (Request.Params.AllKeys.Contains("backUrl") && !String.IsNullOrEmpty(Request.Params["backUrl"]))
{
return Redirect(Request.Params["backUrl"]);
}
return RedirectToAction("Index", "Backend");
}
_messages.addError("�patn� u�ivatelsk� jm�no nebo heslo.");
}
}
string html = form.render();
ViewData["form"] = html;
return View();
}
//
// GET: /User/Logout
public ActionResult Logout()
{
CMS_Login l = new CMS_Login();
l.SignOut();
return RedirectToAction("Login");
}
/// <summary>
/// Checks if current user has privilegies to access the given resource
/// </summary>
/// <param name="resource">Resource name</param>
/// <param name="acl">ACL</param>
/// <param name="assign">Assig roles and resources to ACL</param>
public void checkACL(string resource, CMS_Acl acl, bool assign)
{
CMS_Login login = new CMS_Login();
if (assign)
{
using (ACLDataContext DataContext = new ACLDataContext())
{
var roles = DataContext.roles
.OrderBy(x=>x.parentid)
.Select(x=>new{RoleName = x.name, RoleID = x.id,RoleParentId = x.parentid, RoleParentName = x.role1.name}).ToList();
////var roles = from r in DataContext.roles
//// join r2 in DataContext.roles on r.parentid equals r2.id into joined
//// from a in joined.DefaultIfEmpty()
//// orderby r.parentid
//// select new { RoleName = r.name, RoleID = r.id, RoleParentId = r.parentid, RoleParentName = a.role1.name };
Dictionary<long?, CMS_Role> parentals = new Dictionary<long?, CMS_Role>();
foreach (var a in roles)
{
if (a.RoleParentId != null && parentals.ContainsKey(a.RoleParentId))
{
CMS_Role r = new CMS_Role(a.RoleName, parentals[a.RoleParentId]);
acl.addRole(r);
parentals.Add(a.RoleID, r);
}
else
{
CMS_Role r = new CMS_Role(a.RoleName);
acl.addRole(r);
parentals.Add(a.RoleID, r);
}
}
var resources = from res in DataContext.resources
select new { ResourceName = res.name, Action = res.action, Controller = res.controller };
foreach (var a in resources)
{
acl.addResource(new CMS_Resource(a.Controller + ":" + a.Action));
}
var rules = from r in DataContext.roles
join cr in DataContext.role_resources on r.id equals cr.rolesid
join res in DataContext.resources on cr.resourcesid equals res.id
orderby r.id
select new { Role = r.name, Controller = res.controller, Action = res.action };
if (rules.Count() > 0)
{
foreach (var a in rules)
{
acl.allow(a.Role, a.Controller + ":" + a.Action);
}
}
}
}
user user;
string role;
if (login.hasIdentity())
{
user = login.getIdentity();
role = this.roles().getById(user.rolesid).name;
}
else
{
user = null;
role = "guest";
}
if (!acl.isAllowed(role, resource))
{
if (!login.hasIdentity())
{
throw new Exception("You are not logged in! Log in and try again.");
}
else
{
//trigger error
throw new Exception("You are not allowed to view this datasource!"); //TODO
}
}
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="app">Application</param>
public CMS_App_Users(CMS_App app)
{
_app = app;
_login = new CMS_Login();
}
