static public bool DEBUG_bypassAuth = false; //Bypass all permission checking if true protected int permission(Controller c) { var authed = c.Request.IsAuthenticated; //this completely breaks when used in test controller. the controller being called doesn't have a Request instance. if (authed == true) { var username = c.User.Identity.Name; //Grab username from the cookie. using (var context = TARSUserDB) { var userInDB = context.TARSUserList .Where(u => u.userName == username) .FirstOrDefault(); if (userInDB == null) { TARSUser newuser = new TARSUser(); newuser.userName = username; newuser.permission = 1; TARSUserDB.TARSUserList.Add(newuser); TARSUserDB.SaveChanges(); return(1); } else { return(userInDB.permission); } } } return(0); }
public ActionResult Register(RegisterModel model) { if (ModelState.IsValid) { // Attempt to register the user MembershipCreateStatus createStatus; Membership.CreateUser(model.UserName, model.Password, model.Email, null, null, true, null, out createStatus); if (createStatus == MembershipCreateStatus.Success) { TARSUser newuser = new TARSUser(); newuser.userName = model.UserName; newuser.permission = 1; TARSUserDBContext user = new TARSUserDBContext(); user.TARSUserList.Add(newuser); user.SaveChanges(); FormsAuthentication.SetAuthCookie(model.UserName, false /* createPersistentCookie */); return(RedirectToAction("Index", "Home")); } else { ModelState.AddModelError("", ErrorCodeToString(createStatus)); } } // If we got this far, something failed, redisplay form return(View(model)); }
public virtual ActionResult approveTimesheet(int userKeyID, DateTime tsDate) { Authentication auth = new Authentication(); if (auth.isManager(this) || Authentication.DEBUG_bypassAuth) { TARSUser employee = TARSUserDB.TARSUserList.Find(userKeyID); Timesheet timesheet = getTimesheet(employee.userName, tsDate); if (timesheet == null) { createTimesheet(employee.userName, DateTime.Now); ViewBag.timesheet = getTimesheet(employee.userName, DateTime.Now); } else { ViewBag.timesheet = timesheet; } var hoursList = from m in HoursDB.HoursList where (m.creator.CompareTo(employee.userName) == 0) where m.timestamp >= timesheet.periodStart where m.timestamp <= timesheet.periodEnd select m; TempData["hoursList"] = hoursList; //convert hoursList into a format that the view can use List <TimesheetRow> tsRows = convertHoursForTimesheetView(); ViewBag.workEffortList = getVisibleWorkEffortSelectList(getUserDivision()); ViewBag.refDate = tsDate; ViewBag.userKeyID = userKeyID; return(View(tsRows)); } else { return(View("error")); } }