/// <summary>
/// Sets whether the user is authorized to access the resource.
/// </summary>
/// <param name="httpContext"> The http context. </param>
/// <returns> The <see cref="bool"/>. </returns>
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
// Not logged in? Send to error page
var authorized = base.AuthorizeCore(httpContext);
if (!authorized)
{
return(false);
}
// Admins can do anything.
if (httpContext.User.IsInRole("1"))
{
return(true);
}
// Otherwise we are looking a provider.
// Get the ID of the resource requested.
var routeData = httpContext.Request.RequestContext.RouteData;
var id = int.Parse(routeData.Values["id"].ToString());
// Get the user's id and look them up
var userId = httpContext.User.Identity.Name;
var logics = new AccountLogics();
var userInfo = logics.GetUser(int.Parse(userId));
// Verify the user is tied to the same provider Id as the resource requested.
return(id == userInfo.ProviderId);
}
/// <summary>
/// Initialize for all controllers that need access to the user id.
/// </summary>
/// <param name="requestContext">
/// The request context.
/// </param>
protected override void Initialize(RequestContext requestContext)
{
base.Initialize(requestContext);
if (requestContext.HttpContext.User.Identity.IsAuthenticated)
{
this.UserId = int.Parse(requestContext.HttpContext.User.Identity.Name);
ViewBag.UserId = this.UserId;
var logics = new AccountLogics();
var userInfo = logics.GetUser(this.UserId);
if (userInfo != null)
{
// Verify the user is tied to the same provider Id as the resource requested.
ViewBag.ServiceProviderId = userInfo.ProviderId;
}
}
}
public ActionResult Create(InviteViewModel invite)
{
try
{
if (!ModelState.IsValid)
{
var modelName = invite.UserRoleType == UserRoleType.Admin ? "CreateAdmin" : "CreateProviderAdmin";
return(this.View(modelName, invite));
}
// Check if the user already has an account.
AccountLogics accountInfo = new AccountLogics();
if (accountInfo.DoesUserExist(invite.InviteeEmailAddress))
{
this.TempData["Error"] = "This user already has an account with the site.";
return(this.View(invite));
}
this.SetRegisterLink();
// Create the invite
var createdInvite = this.inviteLogics.CreateInvite(invite, this.UserId, this.registerLink);
if (createdInvite == null)
{
// Show an error if invite did not get created.
this.TempData["Error"] = "There was an issue creating the invite, please try again.";
return(this.View(invite));
}
return(this.RedirectToAction("Index"));
}
catch (Exception ex)
{
this.TempData["Error"] = "There was an issue creating the invite, please try again.";
return(this.View());
}
}
public void TestInitialize()
{
this.logics = new AccountLogics();
this.guid = Guid.NewGuid().ToString();
this.sampleDatabaseUser = new User
{
ID = 123,
Contact = new Contact {
Phone = "555-555-5555"
},
UserCredential = new UserCredential {
ID = 4, PasswordHash = "asdfasdf asfasf", UserName = "******"
},
FirstName = "First",
LastName = "Last",
UserRoles = new List <UserRole> {
new UserRole {
RoleTypeID = 1, UserID = 123
}
},
ServiceProviderID = 2
};
this.loginViewModel = new LoginViewModel
{
UserId = 123,
Email = "*****@*****.**",
Password = "******"
};
this.createAccountViewModel = new CreateAccountViewModel
{
Id = 0,
Password = "******",
ConfirmPassword = "******",
FirstName = "First",
LastName = "Last",
UserName = "******",
UserType = UserRoleType.Admin
};
this.accountAdminViewModel = new AccountAdminViewModel
{
Email = "*****@*****.**",
FirstName = "First",
LastName = "Last",
ProviderId = 2,
ProviderName = "Test Provider",
Role = UserRoleType.Provider,
UserId = 123
};
this.sampleResetPasswordModel = new ResetPasswordViewModel
{
UserId = this.sampleDatabaseUser.ID,
Password = "******",
Email = this.sampleDatabaseUser.UserCredential.UserName,
Token = this.guid
};
}
/// <summary>
/// Initializes a new instance of the <see cref="AccountController"/> class. Used for unit testing.
/// </summary>
/// <param name="testHomeLink">
/// The test home link.
/// </param>
public AccountController(Uri testHomeLink)
{
this.accountLogics = new AccountLogics();
this.homeLink = testHomeLink;
}
/// <summary>
/// Initializes a new instance of the <see cref="AccountController"/> class.
/// </summary>
public AccountController()
{
this.accountLogics = new AccountLogics();
this.homeLink = null;
}
