/// <summary> /// Sets whether the user is authorized to access the resource. /// </summary> /// <param name="httpContext"> The http context. </param> /// <returns> The <see cref="bool"/>. </returns> protected override bool AuthorizeCore(HttpContextBase httpContext) { // Not logged in? Send to error page var authorized = base.AuthorizeCore(httpContext); if (!authorized) { return(false); } // Admins can do anything. if (httpContext.User.IsInRole("1")) { return(true); } // Otherwise we are looking a provider. // Get the ID of the resource requested. var routeData = httpContext.Request.RequestContext.RouteData; var id = int.Parse(routeData.Values["id"].ToString()); // Get the user's id and look them up var userId = httpContext.User.Identity.Name; var logics = new AccountLogics(); var userInfo = logics.GetUser(int.Parse(userId)); // Verify the user is tied to the same provider Id as the resource requested. return(id == userInfo.ProviderId); }
/// <summary> /// Initialize for all controllers that need access to the user id. /// </summary> /// <param name="requestContext"> /// The request context. /// </param> protected override void Initialize(RequestContext requestContext) { base.Initialize(requestContext); if (requestContext.HttpContext.User.Identity.IsAuthenticated) { this.UserId = int.Parse(requestContext.HttpContext.User.Identity.Name); ViewBag.UserId = this.UserId; var logics = new AccountLogics(); var userInfo = logics.GetUser(this.UserId); if (userInfo != null) { // Verify the user is tied to the same provider Id as the resource requested. ViewBag.ServiceProviderId = userInfo.ProviderId; } } }
public ActionResult Create(InviteViewModel invite) { try { if (!ModelState.IsValid) { var modelName = invite.UserRoleType == UserRoleType.Admin ? "CreateAdmin" : "CreateProviderAdmin"; return(this.View(modelName, invite)); } // Check if the user already has an account. AccountLogics accountInfo = new AccountLogics(); if (accountInfo.DoesUserExist(invite.InviteeEmailAddress)) { this.TempData["Error"] = "This user already has an account with the site."; return(this.View(invite)); } this.SetRegisterLink(); // Create the invite var createdInvite = this.inviteLogics.CreateInvite(invite, this.UserId, this.registerLink); if (createdInvite == null) { // Show an error if invite did not get created. this.TempData["Error"] = "There was an issue creating the invite, please try again."; return(this.View(invite)); } return(this.RedirectToAction("Index")); } catch (Exception ex) { this.TempData["Error"] = "There was an issue creating the invite, please try again."; return(this.View()); } }
public void TestInitialize() { this.logics = new AccountLogics(); this.guid = Guid.NewGuid().ToString(); this.sampleDatabaseUser = new User { ID = 123, Contact = new Contact { Phone = "555-555-5555" }, UserCredential = new UserCredential { ID = 4, PasswordHash = "asdfasdf asfasf", UserName = "******" }, FirstName = "First", LastName = "Last", UserRoles = new List <UserRole> { new UserRole { RoleTypeID = 1, UserID = 123 } }, ServiceProviderID = 2 }; this.loginViewModel = new LoginViewModel { UserId = 123, Email = "*****@*****.**", Password = "******" }; this.createAccountViewModel = new CreateAccountViewModel { Id = 0, Password = "******", ConfirmPassword = "******", FirstName = "First", LastName = "Last", UserName = "******", UserType = UserRoleType.Admin }; this.accountAdminViewModel = new AccountAdminViewModel { Email = "*****@*****.**", FirstName = "First", LastName = "Last", ProviderId = 2, ProviderName = "Test Provider", Role = UserRoleType.Provider, UserId = 123 }; this.sampleResetPasswordModel = new ResetPasswordViewModel { UserId = this.sampleDatabaseUser.ID, Password = "******", Email = this.sampleDatabaseUser.UserCredential.UserName, Token = this.guid }; }
/// <summary> /// Initializes a new instance of the <see cref="AccountController"/> class. Used for unit testing. /// </summary> /// <param name="testHomeLink"> /// The test home link. /// </param> public AccountController(Uri testHomeLink) { this.accountLogics = new AccountLogics(); this.homeLink = testHomeLink; }
/// <summary> /// Initializes a new instance of the <see cref="AccountController"/> class. /// </summary> public AccountController() { this.accountLogics = new AccountLogics(); this.homeLink = null; }