public IActionResult Authenticate(string userName)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState.Values.SelectMany(e => e.Errors)));
}
var user = _adUser.GetUser(userName);
if (user.Username == null)
{
return(NotFound());
}
var token = _adUser.GenerateToken(user);
if (token == null)
{
return(BadRequest());
}
var loggedUser = new LoggedUserViewModel {
UserName = user.Username,
Email = user.Email,
Token = token
};
return(Ok(loggedUser));
}
public ActionResult Edit(MessageViewModel item)
{
LoggedUserViewModel l = (LoggedUserViewModel)Session["login"];
if (!MessageService.CheckMessagePermission(l.UserID, item.MessageID))
{
return(ErrorRedirect(Error.InsufficientOperationPermission));
}
else
{
if (ModelState.IsValid)
{
MessageService.UpdateMessage(item);
return(RedirectToAction("List"));
}
else
{
if (item.MessageText == null)
{
item = MessageService.GetMessage(item.MessageID);
}
}
}
return(View(item));
}
public ActionResult ManageMessagePermissions()
{
LoggedUserViewModel l = (LoggedUserViewModel)Session["login"];
List <MessageViewModel> messages = MessageService.GetUserMessages(l.UserID);
return(View(messages));
}
public static LoggedUserViewModel Login(UserLoginViewModel model)
{
using (DataContext db = new DataContext())
{
LoggedUserViewModel loggedUserViewModel = db.Users
.Where(x => x.UserLogin == model.Login && x.PasswordHash == model.Password)
.Select(x => new LoggedUserViewModel()
{
UserID = x.UserID,
Login = x.UserLogin,
Messages = db.AllowedMessages
.Where(y => y.UserID == x.UserID && y.PermissionLevel != (int)Permission.Unavailable)
.Select(y => y.Message).Select(y => new MessageViewModel()
{
MessageID = y.MessageID,
MessageText = y.Text
}).ToList(),
}).FirstOrDefault();
if (loggedUserViewModel == null)
{
SettingsService.HandleFailedLogin(model, db);
}
else
{
SettingsService.HandleSuccessLogin(db, model.Login);
}
return(loggedUserViewModel);
}
}
public IActionResult Authenticate([FromBody] LoginUserViewModel loginUser)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState.Values.SelectMany(e => e.Errors)));
}
var user = _user.Authenticate(loginUser.UserName, loginUser.Password);
if (user == null)
{
return(NotFound());
}
var token = _user.GenerateToken(user);
if (token == null)
{
return(BadRequest());
}
var loggedUser = new LoggedUserViewModel {
UserName = user.Username,
Email = user.Email,
Token = token
};
return(Ok(loggedUser));
}
public ActionResult Login(LoginViewModel model)
{
if (!ModelState.IsValid)
{
ModelState.AddModelError("", "Неправильный логин или пароль");
return(View());
}
var result = _authorizationService.Login(model.Email, model.Password, "Admin");
if (!result.Succeeded)
{
ModelState.AddModelError("", string.Join("\n", result.Errors));
return(View());
}
var user = result.Data;
var resultModel = new LoggedUserViewModel
{
Id = user.Id,
FirstName = user.FirstName,
LastName = user.LastName,
MiddleName = user.MiddleName,
UserName = user.UserName,
Role = "Admin"
};
return(RedirectToAction("Index", "Admin", resultModel));
}
public ActionResult UserMessagePermission(MessagePermissionViewModel model)
{
LoggedUserViewModel l = (LoggedUserViewModel)Session["login"];
if (l != null)
{
MessagePermissionViewModel model2 = null;
if (MessageService.CheckMessagePermission(l.UserID, model.MessageID, Permission.Owner))
{
if (!ModelState.IsValid)
{
model2 = MessageService.GetUserPermission(model.UserID, model.MessageID);
}
else
{
model2 = model;
MessageService.SetPermissionForUser(model.UserID, model.MessageID, (Permission)model.PermissionLevel);
MessageViewModel message = MessageService.GetMessage(model.MessageID);
return(RedirectToAction("ManageUserPermissions", "Message", message));
}
}
return(View(model2));
}
else
{
return(ErrorRedirect(Error.InsufficientResourcePermission));
}
}
public void SetLoggedUser(LoggedUserViewModel loggedUser)
{
_ = loggedUser ?? throw new ArgumentNullException(nameof(loggedUser));
_localContext.LoggedUser = loggedUser;
PersistState();
}
public static LoggedUserViewModel CurrentUser(this HtmlHelper helper)
{
LoggedUserViewModel loggedUser = new LoggedUserViewModel()
{
Username = HttpContext.Current.Session["user"].ToString()
};
return(loggedUser);
}
public LoggedUserViewModel Login(string email, string pass)
{
LoggedUserViewModel luvm = new LoggedUserViewModel();
using (_dbContext = new AxaTestEntities())
{
var user = (from us in _dbContext.Users
where us.Email.Equals(email) && us.Password.Equals(pass)
select us).FirstOrDefault();
luvm = _mapper.Map <User, LoggedUserViewModel>(user);
}
return(luvm);
}
public ActionResult List()
{
LoggedUserViewModel l = (LoggedUserViewModel)Session["login"];
if (l != null)
{
List <MessageViewModel> messages = MessageService.GetUserVisibleMessages(l.UserID);
return(View(messages));
}
else
{
return(RedirectToAction("Error", "Shared"));
}
}
public IActionResult GetUserByEmailAndPassword([FromBody] LoginViewModel loginUser)
{
var logInResult = _mimiloUserRepository.LogInUserByEmailAndPassword(loginUser);
if (logInResult.Result.IsLockedOut)
{
return(new BadRequestObjectResult(new CustomError("Usuario bloqueado", "GetUserByEmailAndPassword")));
}
if (logInResult.Result.Succeeded)
{
var user = _mimiloUserRepository.GetUserByEmailAndPassword(loginUser);
var lineItems = new List <LineItem>();
foreach (LineItem li in user.ShoppingCart.LineItems)
{
lineItems.Add(new LineItem
{
LineItemId = li.LineItemId,
Quantity = li.Quantity,
Product = new Product()
{
ProductId = li.Product.ProductId,
ProductName = li.Product.ProductName,
ReleaseDate = li.Product.ReleaseDate,
Price = li.Product.Price,
TitleDescription = li.Product.TitleDescription,
ShortDescription = li.Product.ShortDescription,
LongDescription = li.Product.LongDescription,
CoverImageUrl = li.Product.CoverImageUrl
}
});
}
LoggedUserViewModel loggedUser = new LoggedUserViewModel();
loggedUser.Name = user.Name;
loggedUser.LastName = user.LastName;
loggedUser.Email = user.Email;
loggedUser.shoppingCart = new ShoppingCart()
{
ShoppingCartId = user.ShoppingCart.ShoppingCartId,
LineItems = lineItems
};
return(new OkObjectResult(loggedUser));
}
return(new BadRequestObjectResult(new CustomError("Email/Contraseña Invalidos", "GetUserByEmailAndPassword")));
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PolicyRequirement requirement)
{
if (context.User != null && _state.LoggedUser == null)
{
var my = await _esquioHttpClient.GetMy();
if (my != null && !String.IsNullOrEmpty(my.ActAs))
{
var loggedUser = new LoggedUserViewModel()
{
UserName = context.User.Identity.Name,
SubjectId = context.User.FindFirst("sub").Value,
ActAs = my.ActAs
};
var policy = _policyBuilder.Build(my);
_state.ClearState();
_state.SetLoggedUser(loggedUser);
_state.SetPolicy(policy);
}
else
{
context.Fail();
return;
}
}
var actAs = ActAs.From(_state.LoggedUser.ActAs);
bool allowed = requirement.Permission switch
{
Policies.Reader => actAs == ActAs.Reader || actAs == ActAs.Contributor || actAs == ActAs.Management,
Policies.Contributor => actAs == ActAs.Contributor || actAs == ActAs.Management,
Policies.Management => actAs == ActAs.Management,
_ => throw new ArgumentNullException("The configured authorization policy is not supported.")
};
if (!allowed)
{
LogAuthorizationFailed(_state.LoggedUser.SubjectId, requirement.Permission);
context.Fail();
}
context.Succeed(requirement);
}
public ActionResult Create(MessageViewModel message)
{
if (Session["login"] != null)
{
if (ModelState.IsValid)
{
LoggedUserViewModel l = (LoggedUserViewModel)Session["login"];
MessageService.InsertMessage(l.UserID, message.MessageText);
l.Messages.Add(message);
return(RedirectToAction("List", "Message"));
}
return(View(message));
}
else
{
return(ErrorRedirect("Nie masz uprawnień do tworzenia wpisów do bazy danych"));
}
}
public ActionResult Login(UserLoginViewModel model)
{
if (!string.IsNullOrEmpty(model.Login) && !string.IsNullOrEmpty(model.Password))
{
if (ModelState.IsValid)
{
LoggedUserViewModel login = UserService.Login(model);
if (login != null && SettingsService.IsAccountLocked(model.Login))
{
return(ErrorRedirect("Konto zostało czasowo zablokowane! Spróbuj ponownie za kilka minut!"));
}
else
{
Session["login"] = login;
return(RedirectToAction("Index"));
}
}
}
return(View());
}
public ActionResult ManageUserPermissions(MessageViewModel model)
{
LoggedUserViewModel l = (LoggedUserViewModel)Session["login"];
if (MessageService.CheckMessageExists(model))
{
if (MessageService.CheckMessagePermission(l.UserID, model.MessageID, Permission.Owner))
{
MessageService.FillPermissions(model.MessageID);
List <MessagePermissionViewModel> permissionModel = MessageService.GetMessagePermissions(model.MessageID).Where(x => x.UserID != l.UserID).ToList();
return(View(permissionModel));
}
else
{
return(ErrorRedirect(Error.InsufficientOperationPermission));
}
}
else
{
return(ErrorRedirect(Error.InvalidMessage));
}
}
public LoggedUserViewModel Register(RegisterViewModel rvm)
{
LoggedUserViewModel luvm = new LoggedUserViewModel();
var user = _mapper.Map <RegisterViewModel, User>(rvm);
user.CreationDate = DateTime.Now;
user.State = true;
using (_dbContext = new AxaTestEntities())
{
_dbContext.Users.Add(user);
_dbContext.SaveChanges();
if (user.IdUser != 0)
{
var u = _dbContext.Users.Where(x => x.IdUser == user.IdUser).FirstOrDefault();
luvm = _mapper.Map <User, LoggedUserViewModel>(u);
}
else
{
luvm = null;
}
}
return(luvm);
}
public bool LoginDesktopWinAppNow(object user = null)
{
//check user sent
if (isDebugMode)
{
if ((loggedUser.UserName).ToUpper() == "admin".ToUpper())
{
//Loading user properties
loggedUser.UserName = "******";
loggedUser.UserProfile = UserProfiles.UserProfileTypes.sysAdmim;
}
else
{
loggedUser.UserName = "******";
loggedUser.UserProfile = UserProfiles.UserProfileTypes.ordinaryUser;
}
//User permissions
loggedUserPermissions = new ObservableCollection <ViewModelPermissions>();
var tempUserPermissions = AllPersmissionsList.Where(x =>
x.userProfileType.Equals(loggedUser.UserProfile));
{
foreach (var item in tempUserPermissions)
{
loggedUserPermissions.Add(item);
}
}
}
var loggedUserViewModel = new LoggedUserViewModel(VerifyPermission(MenuN1Item.MenuN1ItemParameters.LoggedUserViewModel), visibility: true);
ViewsToShow.Add(loggedUserViewModel);
SelectedViewToShowTabIndex = 0;
return(true);
}
public ActionResult Delete(MessageViewModel model)
{
LoggedUserViewModel l = (LoggedUserViewModel)Session["login"];
if (MessageService.CheckMessagePermission(l.UserID, model.MessageID, Permission.Owner))
{
if (ModelState.IsValid && MessageService.CheckMessageExists(model))
{
ViewBag.Message = $"wpis {model.MessageID} został usunięty";
l.Messages.RemoveAll(x => x.MessageID == model.MessageID);
MessageService.DeleteMessage(model.MessageID);
return(RedirectToAction("List", "Message"));
}
else
{
return(ErrorRedirect(Error.InvalidMessage));
}
}
else
{
return(ErrorRedirect(Error.InsufficientResourcePermission));
}
}
public async Task ThenIShouldGetLockedIn()
{
_response.EnsureSuccessStatusCode();
_loggedUserVm = await Utilities.GetResponseContent <LoggedUserViewModel>(_response);
}
public ActionResult Index(LoggedUserViewModel vm)
{
return(RedirectToAction("Index", "Category"));
}
