public ActionResult PermissionRoles(string returnUrl)
{
PermissionRolesViewModel model = new PermissionRolesViewModel
{
Roles = this.GetRoles(),
UserContexts = GetUserContexts()
};
model.PermissionsInRole = this.GetPermissionsInRole(model.DropDownSelectedRoleId ?? string.Empty);
model.PermissionsNotInRole = this.GetPermissionsNotInRole(model.SelectedRoleId ?? string.Empty);
ViewBag.ReturnUrl = returnUrl;
return(this.View(model));
}
public ActionResult PermissionRoles(
[Bind(Exclude = "PermissionsNotInRole,PermissionsInRole")] PermissionRolesViewModel model)
{
if (model.IsSave)
{
Int32 roleUserContextId = 0;
if (String.IsNullOrEmpty(model.RoleUserContextId))
{
ModelState.AddModelError("RoleUserContextId", AppGlobal.Language.GetText(this, "RoleUserContextMandatory", "Role user context is mandatory"));
}
else if (!Int32.TryParse(model.RoleUserContextId, out roleUserContextId))
{
ModelState.AddModelError("RoleUserContextId", AppGlobal.Language.GetText(this, "RoleUserContextMandatory", "Role user context is mandatory"));
}
else if (roleUserContextId != 1 && roleUserContextId != 2 && roleUserContextId != 4)
{
ModelState.AddModelError("RoleUserContextId", AppGlobal.Language.GetText(this, "RoleUserContextInvalid", "Role user context is invalid"));
}
// If true have changes to save, if false post back is simply to select another role
if (ModelState.IsValid)
{
string newRoleId = Guid.NewGuid().ToString("D").ToUpper();
string languageFieldName = string.Concat("Account_RoleDescription_",
model.RoleName.Replace(" ", string.Empty));
// Is this a new role, if yes create a new role entry
if (model.DropDownSelectedRoleId.Equals("-1"))
{
db.AspNetRoles.Add(new AspNetRole
{
Id = newRoleId,
Name = model.RoleName,
Description = model.RoleDescription,
LanguageFieldName = languageFieldName,
// ReSharper disable once PossibleInvalidOperationException
UserContextId = roleUserContextId
});
db.SaveChanges();
ModelState.Remove("DropDownSelectedRoleId");
ModelState.Remove("SelectedRoleId");
model.DropDownSelectedRoleId = newRoleId;
model.SelectedRoleId = newRoleId;
// Audit change
AppGlobal.WriteAudit(
string.Format("User (id, name) '{0},{1}' added a new role called '{2}'", User.Identity.Name,
Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(), model.RoleName),
true);
}
// Save the changes
var role = db.AspNetRoles.FirstOrDefault(r => r.Id == model.DropDownSelectedRoleId);
var permissionList = role.Permissions.ToList();
// Has the role name been changed
if (!role.Name.Equals(model.RoleName, System.StringComparison.CurrentCulture))
{
// Role name has changed, save the new name
string currentRoleName = role.Name;
role.Name = model.RoleName;
// Update configuration settings to reflect the new name
Constants.ConfigSettings.RenameConfiguredRoles(currentRoleName, model.RoleName);
// Audit change
AppGlobal.WriteAudit(
string.Format("User (id, name) '{0},{1}' changed the role name from '{2}' to '{3}'",
User.Identity.Name,
Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(), currentRoleName,
role.Name), true);
}
// Has the role description name been changed
if (!role.Description.Equals(model.RoleDescription, System.StringComparison.CurrentCulture))
{
// Role description has changed, save the new name
string currentRoleDescription = role.Description;
role.Description = model.RoleDescription;
// Audit change
AppGlobal.WriteAudit(
string.Format("User (id, name) '{0},{1}' changed the role description from '{2}' to '{3}'",
User.Identity.Name,
Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(),
currentRoleDescription, role.Description), true);
}
// Has the role user context been changed?
if (role.UserContextId != roleUserContextId)
{
// Audit change
AppGlobal.WriteAudit(
string.Format("User (id, name) '{0},{1}' changed the role user context from '{2}' to '{3}'",
User.Identity.Name,
Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(),
role.UserContextId, model.RoleUserContextId), true);
role.UserContextId = roleUserContextId;
}
// Drop all permissions in the role and just add back the ones passed back on the form
foreach (Tribal.SkillsFundingAgency.ProviderPortal.Entities.Permission permission in permissionList)
{
role.Permissions.Remove(permission);
}
// Now add back only the selected permissions
if (!string.IsNullOrWhiteSpace(model.DelimitedListPermissionsInRole))
{
string[] selectedPermissions = model.DelimitedListPermissionsInRole.Split('|');
foreach (string selectedPermission in selectedPermissions)
{
int permissionId;
if (int.TryParse(selectedPermission, out permissionId))
{
var permission = db.Permissions.FirstOrDefault(p => p.PermissionId == permissionId);
role.Permissions.Add(permission);
}
}
}
db.SaveChanges();
ShowGenericSavedMessage();
// Audit changes
AppGlobal.WriteAudit(
string.Format(
"User (id, name) '{0},{1}' saved the following permissions (id, name) '{2}' to role '{3}'",
Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(), User.Identity.Name,
model.DelimitedListPermissionsInRole, role.Name), true);
}
}
if (!model.IsSave || ModelState.IsValid)
{
// Select the new role and display the permissions
var selectedRole = db.AspNetRoles.FirstOrDefault(r => r.Id == model.SelectedRoleId);
ModelState.Remove("DropDownSelectedRoleId");
ModelState.Remove("RoleName");
ModelState.Remove("RoleDescription");
ModelState.Remove("RoleUserContextId");
model.RoleName = selectedRole == null ? string.Empty : selectedRole.Name;
model.RoleDescription = selectedRole == null ? string.Empty : selectedRole.Description;
model.PermissionsInRole = this.GetPermissionsInRole(model.SelectedRoleId);
model.PermissionsNotInRole = this.GetPermissionsNotInRole(model.SelectedRoleId);
model.DropDownSelectedRoleId = model.SelectedRoleId;
model.RoleUserContextId = selectedRole == null ? String.Empty : selectedRole.UserContextId.ToString();
}
else
{
// Persist the view as returning to page the same as received as validation errors
model.PermissionsInRole = this.GetPermissionListFromViewState(model.DelimitedListPermissionsInRole);
model.PermissionsNotInRole = this.GetPermissionListFromViewState(model.DelimitedListPermissionsNotInRole);
}
model.PermissionsInRole = model.PermissionsInRole.OrderBy(x => x.Text);
model.PermissionsNotInRole = model.PermissionsNotInRole.OrderBy(x => x.Text);
model.Roles = this.GetRoles();
model.UserContexts = GetUserContexts();
// Back to the page with the results saved
return(this.View(model));
}
