static public bool DEBUG_bypassAuth = false; //Bypass all permission checking if true
protected int permission(Controller c)
{
var authed = c.Request.IsAuthenticated; //this completely breaks when used in test controller. the controller being called doesn't have a Request instance.
if (authed == true)
{
var username = c.User.Identity.Name; //Grab username from the cookie.
using (var context = TARSUserDB)
{
var userInDB = context.TARSUserList
.Where(u => u.userName == username)
.FirstOrDefault();
if (userInDB == null)
{
TARSUser newuser = new TARSUser();
newuser.userName = username;
newuser.permission = 1;
TARSUserDB.TARSUserList.Add(newuser);
TARSUserDB.SaveChanges();
return(1);
}
else
{
return(userInDB.permission);
}
}
}
return(0);
}
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
// Attempt to register the user
MembershipCreateStatus createStatus;
Membership.CreateUser(model.UserName, model.Password, model.Email, null, null, true, null, out createStatus);
if (createStatus == MembershipCreateStatus.Success)
{
TARSUser newuser = new TARSUser();
newuser.userName = model.UserName;
newuser.permission = 1;
TARSUserDBContext user = new TARSUserDBContext();
user.TARSUserList.Add(newuser);
user.SaveChanges();
FormsAuthentication.SetAuthCookie(model.UserName, false /* createPersistentCookie */);
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("", ErrorCodeToString(createStatus));
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public virtual ActionResult approveTimesheet(int userKeyID, DateTime tsDate)
{
Authentication auth = new Authentication();
if (auth.isManager(this) || Authentication.DEBUG_bypassAuth)
{
TARSUser employee = TARSUserDB.TARSUserList.Find(userKeyID);
Timesheet timesheet = getTimesheet(employee.userName, tsDate);
if (timesheet == null)
{
createTimesheet(employee.userName, DateTime.Now);
ViewBag.timesheet = getTimesheet(employee.userName, DateTime.Now);
}
else
{
ViewBag.timesheet = timesheet;
}
var hoursList = from m in HoursDB.HoursList
where (m.creator.CompareTo(employee.userName) == 0)
where m.timestamp >= timesheet.periodStart
where m.timestamp <= timesheet.periodEnd
select m;
TempData["hoursList"] = hoursList;
//convert hoursList into a format that the view can use
List <TimesheetRow> tsRows = convertHoursForTimesheetView();
ViewBag.workEffortList = getVisibleWorkEffortSelectList(getUserDivision());
ViewBag.refDate = tsDate;
ViewBag.userKeyID = userKeyID;
return(View(tsRows));
}
else
{
return(View("error"));
}
}
