public IActionResult EditUser(int id)
{
ApplicationUserRepository userRepo;
ApplicationRoleRepository roleRepo;
ApplicationUserViewModel view = new ApplicationUserViewModel()
{
User = null, Roles = null
};
try
{
userRepo = new ApplicationUserRepository(settings, logger, dbc);
roleRepo = new ApplicationRoleRepository(settings, logger, dbc);
view.User = userRepo.FindByPKView(new PrimaryKey()
{
Key = id, IsIdentity = true
});
view.Roles = roleRepo.FindAll();
// Update the RoleBadges
foreach (ApplicationUserClaim uc in view.User.Claims.Where(uc => uc.UserId == view.User.Id && uc.ClaimType == ClaimTypes.Role))
{
view.User.RoleBadges += String.Format("{0}-{1}|", uc.Id, uc.ClaimValue);
}
}
catch (Exception ex)
{
throw (Exception)Activator.CreateInstance(ex.GetType(), ex.Message + ex.StackTrace);
}
return(View("EditUser", view));
}
public IActionResult Roles()
{
ApplicationRoleRepository roleRepo;
ICollection <ApplicationRole> roles;
try
{
roleRepo = new ApplicationRoleRepository(settings, logger, dbc);
roles = roleRepo.FindAll();
}
catch (Exception ex)
{
throw (Exception)Activator.CreateInstance(ex.GetType(), ex.Message + ex.StackTrace);
}
return(View("Roles", roles));
}
public async Task <ActionResult> EditUser(ApplicationUserViewModel view)
{
ApplicationUserRepository userRepo;
ApplicationRoleRepository roleRepo;
ApplicationUserClaimRepository userClaimRepo;
ApplicationAuditLogRepository logRepo;
ApplicationUserClaim userClaim = null;
IList <string> currentRoles = null;
string role = String.Empty;
int claimId = 0;
int rows = 0;
const string issuer = "Local Authority";
const string claimTypesDepartment = "Department";
bool isCurrentUser = view.User.UserName.ToUpper() == HttpContext.User.Identity.Name.ToUpper() ? true : false;
try
{
userRepo = new ApplicationUserRepository(settings, logger, dbc);
userClaimRepo = new ApplicationUserClaimRepository(settings, logger, dbc);
roleRepo = new ApplicationRoleRepository(settings, logger, dbc);
logRepo = new ApplicationAuditLogRepository(settings, logger, dbc);
if (ModelState.IsValid)
{
// Update the user in the database
userRepo.Update(view.User);
//Add DOB claim to database and to claims list of the current user, if applicable
userClaim = (userClaimRepo.FindAll()).FirstOrDefault(uc => uc.UserId == view.User.Id && uc.ClaimType == ClaimTypes.DateOfBirth);
if (userClaim != null)
{
if (userClaim.ClaimValue != view.User.DOB.ToString("yyyy-MM-dd hh:mm:ss"))
{
userClaim.ModifiedDt = DateTime.Now;
userClaim.ClaimValue = view.User.DOB.ToString("yyyy-MM-dd hh:mm:ss");
// Update the database
userClaimRepo.Update(userClaim);
logger.LogInformation($"Updated claim({ClaimTypes.DateOfBirth}) for user account: {view.User.UserName}");
}
else
{
// Nothing changed, so no need to update the database
}
}
else
{
// Add DOB claim to the database
userClaim = new ApplicationUserClaim()
{
UserId = view.User.Id,
ClaimType = ClaimTypes.DateOfBirth, ClaimValue = view.User.DOB.ToString("yyyy-MM-dd hh:mm:ss"), ClaimIssuer = issuer,
Active = true, ModifiedDt = DateTime.Now, CreateDt = DateTime.Now
};
userClaimRepo.Add(userClaim);
logger.LogInformation($"Added new claim({ClaimTypes.DateOfBirth}) to user account: {view.User.UserName}");
}
//TODO: Department still has issues when transitioning from null to not null
//Add Department claim to database and to claims list of the user
userClaim = (userClaimRepo.FindAll()).FirstOrDefault(uc => uc.UserId == view.User.Id && uc.ClaimType == claimTypesDepartment);
if (userClaim != null)
{
if (view.User.Department != null && userClaim.ClaimValue != view.User.Department)
{
userClaim.ModifiedDt = DateTime.Now;
userClaim.ClaimValue = view.User.Department;
userClaimRepo.Update(userClaim);
logger.LogInformation($"Updated claim({claimTypesDepartment}) for user account: {view.User.UserName}");
}
else
{
// Nothing changed, so no need to update the database
}
}
else
{
if (view.User.Department != null)
{
userClaim = new ApplicationUserClaim()
{
UserId = view.User.Id,
ClaimType = claimTypesDepartment, ClaimValue = view.User.Department, ClaimIssuer = issuer,
Active = true, ModifiedDt = DateTime.Now, CreateDt = DateTime.Now
};
userClaimRepo.Add(userClaim);
logger.LogInformation($"Assigned new claim({claimTypesDepartment}) to user account: {view.User.UserName}");
}
}
//Add Role claim to database and to claims list of the user
// Process the roles and update the role store
currentRoles = (userClaimRepo.FindAll()).Where(uc => uc.UserId == view.User.Id && uc.ClaimType == ClaimTypes.Role).Select(r => r.ClaimValue).ToList();;
if (view.User.RoleBadges != null)
{
foreach (string r in view.User.RoleBadges.Split("|"))
{
if (r != String.Empty)
{
role = r.Substring(r.IndexOf('-') + 1, r.Length - r.IndexOf('-') - 1);
// Add, if it's a new role
if (!currentRoles.Contains(role))
{
claimId = (int)userClaimRepo.Add(new ApplicationUserClaim()
{
UserId = view.User.Id,
ClaimType = ClaimTypes.Role, ClaimValue = role, ClaimIssuer = issuer,
Active = true, ModifiedDt = DateTime.Now, CreateDt = DateTime.Now
});
if (claimId > 0)
{
logger.LogInformation($"Assigned role({role}) to user account: {view.User.UserName}");
}
else
{
logger.LogError($"Error assigning role({role}) to user account: {view.User.UserName}");
}
}
}
}
}
// Remove any roles of which the user is no longer a member
foreach (string r in currentRoles)
{
if (!view.User.RoleBadges.Contains(r))
{
claimId = (userClaimRepo.FindAll()).FirstOrDefault(c => c.ClaimType == ClaimTypes.Role && c.UserId == view.User.Id).Id;
rows = userClaimRepo.Delete(new PrimaryKey()
{
Key = (int)claimId, IsIdentity = true
});
if (rows > 0)
{
logger.LogInformation($"Removed role({r}) from user account: {view.User.UserName}");
}
else
{
logger.LogError($"Error removing role({r}) from account: {view.User.UserName}");
}
}
}
// If we've updated the claims for the currently signed-in user,
// then refresh Cookie by recreating the User Security Principal from the database
if (isCurrentUser)
{
await identityManager.RefreshClaimsAsync(view.User, userClaimRepo.FindAll().Where(uc => uc.UserId == view.User.Id).ToList());
logRepo.Add(new ApplicationAuditLog()
{
CategoryId = 1, Description = $"User ({view.User.UserName}) logged into application with refreshed claims."
});
logger.LogInformation($"Refreshed cookie for user: {view.User.UserName}");
}
return(RedirectToAction("Index", "Account"));
}
else
{
userClaimRepo = new ApplicationUserClaimRepository(settings, logger, dbc);
userRepo = new ApplicationUserRepository(settings, logger, dbc);
view.User = userRepo.FindByPKView(new PrimaryKey()
{
Key = view.User.Id, IsIdentity = true
});
view.Roles = roleRepo.FindAll();
// Update the RoleBadges
foreach (ApplicationUserClaim uc in view.User.Claims.Where(uc => uc.UserId == view.User.Id))
{
view.User.RoleBadges += String.Format("{0}-{1}|", uc.Id, uc.ClaimType);
}
return(View("EditUser", view));
}
}
catch (Exception ex)
{
throw (Exception)Activator.CreateInstance(ex.GetType(), ex.Message + ex.StackTrace);
}
}