Example #1
0
        /// <summary>
        /// Adds permission to user
        /// Checks permission levels
        /// </summary>
        /// <param name="CurrentUser">Current user for validation, or null</param>
        /// <param name="PermissionId">PermissionId of target permission</param>
        /// <param name="UserId">UserId of target user</param>
        /// <returns><typeparamref name="UserRoleChangeResults"/></returns>
        public static UserPermissionChangeResults AddPermissionToUser(User CurrentUser, Int32 PermissionId, Int64 UserId)
        {
            User User = User.FetchByID(UserId);

            if (User == null)
            {
                return(UserPermissionChangeResults.UserDoesNotExist);
            }
            if (CurrentUser != null)
            {
                bool skip = false;
                if (CurrentUser.UserId == UserId)
                {
                    // Self user
                    skip = true;
                }
                if (skip)
                {
                    string[] permissions = Permissions.PermissionsForUser(CurrentUser.UserId);
                    if (!permissions.Contains(Permissions.PermissionKeys.sys_perm))
                    {
                        return(UserPermissionChangeResults.NoPermission);
                    }
                }
            }
            Query qry = new Query(UserPermissionMap.TableSchema)
                        .Where(UserPermissionMap.Columns.PermissionId, PermissionId)
                        .AND(UserPermissionMap.Columns.UserId, UserId);

            if (qry.GetCount(UserPermissionMap.Columns.PermissionId) == 0)
            {
                try
                {
                    UserPermissionMap map = new UserPermissionMap();
                    map.PermissionId = PermissionId;
                    map.UserId       = UserId;
                    map.Save();
                }
                catch (DbException)
                {
                    // Ignore this. Must have been that the record exists already, because of simultaneous action.
                }
            }
            return(UserPermissionChangeResults.Success);
        }
Example #2
0
        public static UserCreateResults CreateUser(string email, string password, out User user)
        {
            user = null;
            if (!email.IsValidEmail())
            {
                return(UserCreateResults.InvalidEmailAddress);
            }
            user = User.FetchByEmail(email);
            if (user != null)
            {
                return(UserCreateResults.AlreadyExists);
            }
            user             = new User();
            user.Email       = email;
            user.UniqueEmail = email.NormalizeEmail();

            string pwd, salt;

            EncodePassword(password, out pwd, out salt);
            user.Password     = pwd;
            user.PasswordSalt = salt;

            try
            {
                user.Save();
                UserProfile userProfile = new UserProfile();
                userProfile.UserId          = user.UserId;
                userProfile.DefaultLangCode = "he-IL";
                userProfile.Save();
                UserPermissionMap upm = new UserPermissionMap();
                upm.UserId       = user.UserId;
                upm.PermissionId = 10;
                upm.Save();
                return(UserCreateResults.Success);
            }
            catch
            {
                user = null;
                return(UserCreateResults.UnknownError);
            }
        }