public ActionResult TeacherRemove(User input)
 {
     UserManager manager = new UserManager();
     User user = manager.findById(input.Id);
     if (ModelState.IsValid) {
         manager.RemoveClaim(input.Id, new Claim(ClaimTypes.Role, "teacher"));
         return RedirectToAction("Index");
     }
     return View(user);
 }
Example #2
0
        public void RemoveUserClaimSyncTest()
        {
            var db = UnitTestHelper.CreateDefaultDb();
            var manager = new UserManager<IdentityUser>(new UserStore<IdentityUser>(db));
            var user = new IdentityUser("u1");
            var result = manager.Create(user);
            Assert.NotNull(user);
            var claims = new[]
            {
                new Claim("c1", "v1"),
                new Claim("c2", "v2"),
                new Claim("c3", "v3")
            };
            foreach (Claim c in claims)
            {
                UnitTestHelper.IsSuccess(manager.AddClaim(user.Id, c));
            }

            var userClaims = new List<Claim>(manager.GetClaims(user.Id));
            Assert.Equal(3, userClaims.Count);
            foreach (Claim c in claims)
            {
                Assert.True(userClaims.Exists(u => u.Type == c.Type && u.Value == c.Value));
                UnitTestHelper.IsSuccess(manager.RemoveClaim(user.Id, c));
            }
            var cs = manager.GetClaims(user.Id);
            Assert.Equal(0, cs.Count());
            Assert.Equal(0, db.Set<IdentityUserClaim>().Count());
        }
Example #3
0
		public static async Task UpdateModeratedSubreddits( Models.ApplicationUser ident, UserManager<Models.ApplicationUser> manager ) {
            string cabalSubName = System.Configuration.ConfigurationManager.AppSettings["CabalSubreddit"].ToLower();
			if ( ident.TokenExpires < DateTime.UtcNow ) {
				GetNewToken( ident );
			}
			Utilities.SNWebAgent agent = new SNWebAgent( ident.AccessToken );
			RedditSharp.Reddit rd = new RedditSharp.Reddit( agent, true );
			var subs = rd.User.ModeratorSubreddits.ToList<RedditSharp.Things.Subreddit>();

			List<string> currentRoles = ident.Claims.Where( x => x.ClaimType == roleType ).Select( r => r.ClaimValue ).ToList<string>();

			List<Models.Subreddit> activeSubs = await new BLL.SubredditBLL().GetActiveSubs();
			List<string> activeSubNames = activeSubs.Select( s => s.SubName.ToLower() ).ToList();

			List<IdentityUserClaim> currentAdminRoles = ident.Claims.Where( c => c.ClaimType.StartsWith( "urn:snoonotes:subreddits:" ) ).ToList();
			List<Claim> rolesToAdd = new List<Claim>();
			List<Claim> rolesToRemove = new List<Claim>();
			foreach ( string role in currentRoles ) {
				var sub = subs.Find( s => s.Name.ToLower() == role );
				if ( activeSubNames.Contains( role ) ) {

					if ( sub != null ) {
						//if they already have the role and they still have the correct access
						if ( sub.ModPermissions.HasFlag( RedditSharp.ModeratorPermission.All ) || ( (int) sub.ModPermissions & activeSubs.Where( s => s.SubName.ToLower() == role ).Select( s => s.Settings.AccessMask ).First() ) > 0 ) {
							//Check if "full" permissions
							if ( sub.ModPermissions.HasFlag( RedditSharp.ModeratorPermission.All ) && !ClaimsPrincipal.Current.HasClaim( "urn:snoonotes:subreddits:" + role + ":admin", "true" ) ) {
								//has admin permissions but doesn't have role, so add it
								rolesToAdd.Add( new Claim( "urn:snoonotes:subreddits:" + role + ":admin", "true" ) );
							}
							else if ( !sub.ModPermissions.HasFlag( RedditSharp.ModeratorPermission.All ) && ClaimsPrincipal.Current.HasClaim( "urn:snoonotes:subreddits:" + role + ":admin", "true" ) ) {
								//doesn't have admin permission, but does have role, so remove it
								rolesToRemove.Add( new Claim( "urn:snoonotes:subreddits:" + role + ":admin", "true" ) );
							}
						}
						else {
							//lost da permissions
							rolesToRemove.Add( new Claim( roleType, role ) );
							if ( !sub.ModPermissions.HasFlag( RedditSharp.ModeratorPermission.All ) && ClaimsPrincipal.Current.HasClaim( "urn:snoonotes:subreddits:" + role + ":admin", "true" ) ) rolesToRemove.Add( new Claim( "urn:snoonotes:subreddits:" + role + ":admin", "true" ) );
						}

						//User already has sub as a role and is still a mod
						subs.Remove( sub );
					}
					else {
						rolesToRemove.Add( new Claim( roleType, role ) );
					}
				}
				else {
					//sub was deactivated, add it to remove.
					rolesToRemove.Add( new Claim( roleType, role ) );
					if ( ClaimsPrincipal.Current.HasClaim( "urn:snoonotes:subreddits:" + role + ":admin", "true" ) ) rolesToRemove.Add( new Claim( "urn:snoonotes:subreddits:" + role + ":admin", "true" ) );
				}

			}
			//subs now only contains subs that don't exist as roles
			foreach ( RedditSharp.Things.Subreddit sub in subs ) {
				string subname = sub.Name.ToLower();

				if ( activeSubNames.Contains( subname ) ) {
					if ( sub.ModPermissions.HasFlag( RedditSharp.ModeratorPermission.All ) ) {
						rolesToAdd.Add( new Claim( roleType, subname ) );
						rolesToAdd.Add( new Claim( "urn:snoonotes:subreddits:" + subname + ":admin", "true" ) );
					}
					else if ( ( (int) sub.ModPermissions & activeSubs.Where( s => s.SubName.ToLower() == subname ).Select( s => s.Settings.AccessMask ).First() ) > 0 ) {
						rolesToAdd.Add( new Claim( roleType, subname ) );
					}
				}
			}

			foreach ( var adminRole in currentAdminRoles ) {
				string subName = adminRole.ClaimType.Replace( "urn:snoonotes:subreddits:", "" ).Replace( ":admin", "" ).ToLower();
				if ( subs.Exists( s => s.Name.ToLower() == subName && !s.ModPermissions.HasFlag( RedditSharp.ModeratorPermission.All ) ) ) {
					ident.Claims.Remove( adminRole );
				}
			}
            string cabalUserName = System.Configuration.ConfigurationManager.AppSettings["CabalUsername"];
            var cabalUser = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>().FindByName( cabalUserName );
            if(cabalUser.TokenExpires < DateTime.UtcNow ) {
                GetNewToken( cabalUser );
            }
            agent = new SNWebAgent( cabalUser.AccessToken );

            RedditSharp.Reddit reddit = new RedditSharp.Reddit( agent, false );

            var redditSub = reddit.GetSubreddit( cabalSubName );
            var contribs = redditSub.Contributors;

            if(contribs.Any(c=>c.Name.ToLower() == ident.UserName.ToLower() ) ) {
                var cabalClaim = new Claim( roleType, cabalSubName );
                rolesToRemove.RemoveAll( r => r.Type == cabalClaim.Type && r.Value == cabalClaim.Value );
                if ( !currentRoles.Contains( cabalSubName ) && !rolesToAdd.Any(ar => ar.Value == cabalClaim.Value && ar.Type == cabalClaim.Type)) {
                    rolesToAdd.Add( cabalClaim );
                }
            }

            foreach ( Claim c in rolesToRemove ) {
                manager.RemoveClaim( ident.Id, c );
				//ident.Claims.Remove( ident.Claims.First( uc => uc.UserId == ident.Id && uc.ClaimType == c.Type && uc.ClaimValue == c.Value ) );
			}
			foreach ( Claim c in rolesToAdd ) {
                //manager.AddClaim( ident.Id, c );
				ident.Claims.Add( new IdentityUserClaim() { ClaimType = c.Type, ClaimValue = c.Value, UserId = ident.Id } );
			}

		}