public ActionResult Index() { AuthorisationServiceClient sc = new AuthorisationServiceClient(); try { Mapper.CreateMap <StaffAccessDC, StaffAccessModel>(); Mapper.CreateMap <StaffAccessModel, StaffAccessDC>(); string[] adGroups = Roles.GetRolesForUser(); #if DEBUG //####################################################TEMPORALY HARD CODED FOR DEVELOPMENT################################################# //# ADCSEC GROUPS CANNOT BE ALTERED # adGroups = adGroups.Concat(new List <string>() { "DWP-FW-ADMIN", "DWP-FW-APPLICATION", "DWP-UCB-APPLICATION" }).ToArray(); //# //# # //######################################################################################################################################### #endif List <StaffAccessModel> Destinations = new List <StaffAccessModel>(); // If this is an authorised user then find out what Applications they have access to Guid outGuid; if (Guid.TryParse(CurrentUser, out outGuid)) { List <StaffAccessDC> staffAccessList = sc.GetUserApplicationInfo(CurrentUser, CurrentUser, appID, "", CurrentUser, adGroups).ToList(); Destinations = Mapper.Map <List <StaffAccessModel> >(staffAccessList); // Save staff access list SessionManager.StaffAccessList = Destinations; } return(View(Destinations)); } catch (Exception e) { // Handle exception ExceptionManager.HandleException(e, sc); return(null); } }
/// <summary> /// Gets authorisation information relating to the current user /// </summary> /// <remarks> /// Retrieves application roles based on a users group membership /// </remarks> /// <param name="context">HttpContext</param> /// <param name="appID">Application ID</param> public static void GetUserAuthorisationInfo(HttpContextBase context, string appID) { string[] roles = null; if (context.User.Identity.IsAuthenticated && context.Request.LogonUserIdentity != null && context.Request.LogonUserIdentity.IsAuthenticated) { //Get roles from session if available if (null != SessionManager.UserRoles) { roles = SessionManager.UserRoles; } else // If roles not in session then retrieve from authorisation service { AuthorisationDC authorisationResult = null; //Create instance of Authorisation service AuthorisationServiceClient sc = new AuthorisationServiceClient(); //Get user name for current user string userName = context.User.Identity.Name; try { #if DEBUG authorisationResult = new AuthorisationDC(); authorisationResult.Roles = new string[] { "FW-ADMIN", "FW-APPLICATION", "UCB-APPLICATION", "AM-APPLICATION" }; authorisationResult.UserID = "F308F543-75A8-4218-A644-F27765CE51AB"; authorisationResult.UserName = "******"; #else string[] adGroups = Roles.GetRolesForUser(); //Authorise user and retrieve user roles authorisationResult = sc.GetUserAuthorisationInfo(userName, appID, adGroups); //Close service communication ((ICommunicationObject)sc).Close(); #endif //Store roles in session so we don't have to call service each time SessionManager.UserRoles = roles = authorisationResult.Roles; //Store user's ID in session SessionManager.UserID = authorisationResult.UserID; //Store user's Name in session SessionManager.UserName = authorisationResult.UserName; } catch (FaultException <AuthorisationFailureFault> ) { ((ICommunicationObject)sc).Close(); //Store user's ID in session SessionManager.UserID = userName; //Store roles as empty array SessionManager.UserRoles = new string[] { }; } catch (Exception e) { ExceptionManager.HandleException(e, (ICommunicationObject)sc); } } } //Create new principal object and attach roles GenericPrincipal principal = new GenericPrincipal(context.User.Identity, roles); //Attach new principal to current thread Thread.CurrentPrincipal = context.User = principal; }
public ActionResult UpdateApplication(Guid?staffCode, FormCollection form) { // Get the updated model var model = GetUpdatedModel(); //Set flags false SetFlagsFalse(model); // Create instance of Authorisation service var authSc = new AuthorisationServiceClient(); try { List <string> roleList = authSc.GetUserRoles(CurrentUser, CurrentUser, appID, "", model.StaffItem.Code.ToString(), model.SelectedApplicationCode).ToList(); model.RoleList = roleList; } catch (Exception e) { // Handle exception if (e.Message == "Failed to find User ID in Active Directory") { model.Message = e.Message; // ModelState.AddModelError("SelectedApplicationCode", string.Format("Failed to find User ID in Active Directory")); } ExceptionManager.HandleException(e, authSc); //return null; } if (model.SelectedApplicationCode.HasValue) { // Create instance of Admin service AdminServiceClient sc = new AdminServiceClient(); try { StaffApplicationAdminVMDC returnedObject = sc.GetStaffApplicationAdministrationByStaffCodeAndApplicationCode(User.Identity.Name, User.Identity.Name, "Framework", "", model.SelectedApplicationCode.Value, model.StaffItem.Code); //Merge the returned DC to the model MergeReturnedObjectToModel(model, returnedObject); } catch (Exception e) { // Handle exception ExceptionManager.HandleException(e, sc); return(null); } } else { //remove the current values from session SessionManager.OrganisationByTypeList = null; SessionManager.StaffApplicationAttributeList = null; SessionManager.StaffOrganisationList = null; //remove the current values from session model.OrganisationsByTypesList = null; model.StaffApplicationAttributeList = null; model.StaffOrganisationList = null; return(RedirectToAction("ApplicationStaffAdmin", "Admin")); // /Admin/ApplicationStaffAdmin } DetermineIsDirty(model); ModelState.Clear(); return(View(model)); }