public void Page_Load(object sender, EventArgs e)
{
if (IsForbidden)
{
return;
}
_userName = Body.GetQueryString("UserName");
_permissions = PermissionsManager.GetPermissions(Body.AdministratorName);
if (IsPostBack)
{
return;
}
var roles = BaiRongDataProvider.RoleDao.GetRolesForUser(_userName);
if (_permissions.IsConsoleAdministrator)
{
DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.ConsoleAdministrator, false));
DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.SystemAdministrator, false));
}
DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.Administrator, false));
var type = EPredefinedRoleUtils.GetEnumTypeByRoles(roles);
ControlUtils.SelectListItems(DdlPredefinedRole, EPredefinedRoleUtils.GetValue(type));
PublishmentSystemManager.AddListItems(CblPublishmentSystemId);
ControlUtils.SelectListItems(CblPublishmentSystemId, BaiRongDataProvider.AdministratorDao.GetPublishmentSystemIdList(_userName));
ListBoxDataBind();
DdlPredefinedRole_SelectedIndexChanged(null, EventArgs.Empty);
}
public void Page_Load(object sender, EventArgs e)
{
if (IsForbidden)
{
return;
}
_userName = AuthRequest.GetQueryString("UserName");
if (IsPostBack)
{
return;
}
var roles = DataProvider.AdministratorsInRolesDao.GetRolesForUser(_userName);
if (AuthRequest.AdminPermissions.IsConsoleAdministrator)
{
DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.ConsoleAdministrator, false));
DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.SystemAdministrator, false));
}
DdlPredefinedRole.Items.Add(EPredefinedRoleUtils.GetListItem(EPredefinedRole.Administrator, false));
var type = EPredefinedRoleUtils.GetEnumTypeByRoles(roles);
ControlUtils.SelectSingleItem(DdlPredefinedRole, EPredefinedRoleUtils.GetValue(type));
SiteManager.AddListItems(CblSiteId);
ControlUtils.SelectMultiItems(CblSiteId, DataProvider.AdministratorDao.GetSiteIdList(_userName));
ListBoxDataBind();
DdlPredefinedRole_SelectedIndexChanged(null, EventArgs.Empty);
}
public bool Insert(AdministratorInfo adminInfo, out string errorMessage)
{
if (!InsertValidate(adminInfo.UserName, adminInfo.Password, adminInfo.Email, adminInfo.Mobile, out errorMessage))
{
return(false);
}
try
{
adminInfo.LastActivityDate = DateUtils.SqlMinValue;
adminInfo.CreationDate = DateTime.Now;
adminInfo.PasswordFormat = EPasswordFormatUtils.GetValue(EPasswordFormat.Encrypted);
adminInfo.Password = EncodePassword(adminInfo.Password, EPasswordFormatUtils.GetEnumType(adminInfo.PasswordFormat), out var passwordSalt);
adminInfo.PasswordSalt = passwordSalt;
adminInfo.DisplayName = AttackUtils.FilterXss(adminInfo.DisplayName);
adminInfo.Email = AttackUtils.FilterXss(adminInfo.Email);
adminInfo.Mobile = AttackUtils.FilterXss(adminInfo.Mobile);
IDataParameter[] parameters =
{
GetParameter(ParmUsername, DataType.VarChar, 255, adminInfo.UserName),
GetParameter(ParmPassword, DataType.VarChar, 255, adminInfo.Password),
GetParameter(ParmPasswordFormat, DataType.VarChar, 50, adminInfo.PasswordFormat),
GetParameter(ParmPasswordSalt, DataType.VarChar, 128, adminInfo.PasswordSalt),
GetParameter(ParmCreationDate, DataType.DateTime, adminInfo.CreationDate),
GetParameter(ParmLastActivityDate, DataType.DateTime, adminInfo.LastActivityDate),
GetParameter(ParmCountOfLogin, DataType.Integer, adminInfo.CountOfLogin),
GetParameter(ParmCountOfFailedLogin, DataType.Integer, adminInfo.CountOfFailedLogin),
GetParameter(ParmCreatorUsername, DataType.VarChar, 255, adminInfo.CreatorUserName),
GetParameter(ParmIsLockedOut, DataType.VarChar, 18, adminInfo.IsLockedOut.ToString()),
GetParameter(ParmSiteIdCollection, DataType.VarChar, 50, adminInfo.SiteIdCollection),
GetParameter(ParmSiteId, DataType.Integer, adminInfo.SiteId),
GetParameter(ParmDepartmentId, DataType.Integer, adminInfo.DepartmentId),
GetParameter(ParmAreaId, DataType.Integer, adminInfo.AreaId),
GetParameter(ParmDisplayname, DataType.VarChar, 255, adminInfo.DisplayName),
GetParameter(ParmMobile, DataType.VarChar, 20, adminInfo.Mobile),
GetParameter(ParmEmail, DataType.VarChar, 255, adminInfo.Email),
GetParameter(ParmAvatarUrl, DataType.VarChar, 200, adminInfo.AvatarUrl)
};
ExecuteNonQuery(SqlInsertUser, parameters);
DataProvider.DepartmentDao.UpdateCountOfAdmin();
DataProvider.AreaDao.UpdateCountOfAdmin();
var roles = new[] { EPredefinedRoleUtils.GetValue(EPredefinedRole.Administrator) };
DataProvider.AdministratorsInRolesDao.AddUserToRoles(adminInfo.UserName, roles);
return(true);
}
catch (Exception ex)
{
errorMessage = ex.Message;
return(false);
}
}
public static void CreatePredefinedRoles()
{
var allPredefinedRoles = EPredefinedRoleUtils.GetAllPredefinedRole();
foreach (EPredefinedRole enumRole in allPredefinedRoles)
{
BaiRongDataProvider.RoleDao.InsertRole(EPredefinedRoleUtils.GetValue(enumRole), string.Empty, EPredefinedRoleUtils.GetText(enumRole));
}
}
public static void CreatePredefinedRolesIfNotExists()
{
var allPredefinedRoles = EPredefinedRoleUtils.GetAllPredefinedRole();
foreach (var enumRole in allPredefinedRoles)
{
if (!DataProvider.RoleDao.IsRoleExists(EPredefinedRoleUtils.GetValue(enumRole)))
{
DataProvider.RoleDao.InsertRole(EPredefinedRoleUtils.GetValue(enumRole), string.Empty, EPredefinedRoleUtils.GetText(enumRole));
}
}
}
public void InitializeUserRole(string userName, string password)
{
RoleManager.CreatePredefinedRoles();
var administratorInfo = new AdministratorInfo
{
UserName = userName,
Password = password
};
string errorMessage;
AdminManager.CreateAdministrator(administratorInfo, out errorMessage);
BaiRongDataProvider.RoleDao.AddUserToRole(userName, EPredefinedRoleUtils.GetValue(EPredefinedRole.ConsoleAdministrator));
}
public static void InstallDatabase(string adminName, string adminPassword)
{
SyncDatabase();
if (!string.IsNullOrEmpty(adminName) && !string.IsNullOrEmpty(adminPassword))
{
var administratorInfo = new AdministratorInfo
{
UserName = adminName,
Password = adminPassword
};
AdminManager.CreateAdministrator(administratorInfo, out _);
DataProvider.AdministratorsInRolesDao.AddUserToRole(adminName, EPredefinedRoleUtils.GetValue(EPredefinedRole.ConsoleAdministrator));
}
}
public static bool CreateAdministrator(AdministratorInfo administratorInfo, out string errorMessage)
{
try
{
administratorInfo.LastActivityDate = DateUtils.SqlMinValue;
administratorInfo.CreationDate = DateTime.Now;
administratorInfo.PasswordFormat = EPasswordFormat.Encrypted;
var isCreated = DataProvider.AdministratorDao.Insert(administratorInfo, out errorMessage);
if (isCreated == false)
{
return(false);
}
var roles = new[] { EPredefinedRoleUtils.GetValue(EPredefinedRole.Administrator) };
DataProvider.AdministratorsInRolesDao.AddUserToRoles(administratorInfo.UserName, roles);
return(true);
}
catch (Exception ex)
{
errorMessage = ex.Message;
return(false);
}
}
public IHttpActionResult SavePermissions(int adminId)
{
try
{
var request = new AuthenticatedRequest();
if (!request.IsAdminLoggin ||
!request.AdminPermissionsImpl.HasSystemPermissions(ConfigManager.SettingsPermissions.Admin))
{
return(Unauthorized());
}
if (!request.AdminPermissions.IsSuperAdmin())
{
return(Unauthorized());
}
var adminLevel = request.GetPostString("adminLevel");
var checkedSites = request.GetPostObject <List <int> >("checkedSites");
var checkedRoles = request.GetPostObject <List <string> >("checkedRoles");
var adminInfo = AdminManager.GetAdminInfoByUserId(adminId);
DataProvider.AdministratorsInRolesDao.RemoveUser(adminInfo.UserName);
if (adminLevel == "SuperAdmin")
{
DataProvider.AdministratorsInRolesDao.AddUserToRole(adminInfo.UserName, EPredefinedRoleUtils.GetValue(EPredefinedRole.ConsoleAdministrator));
}
else if (adminLevel == "SiteAdmin")
{
DataProvider.AdministratorsInRolesDao.AddUserToRole(adminInfo.UserName, EPredefinedRoleUtils.GetValue(EPredefinedRole.SystemAdministrator));
}
else
{
DataProvider.AdministratorsInRolesDao.AddUserToRole(adminInfo.UserName, EPredefinedRoleUtils.GetValue(EPredefinedRole.Administrator));
DataProvider.AdministratorsInRolesDao.AddUserToRoles(adminInfo.UserName, checkedRoles.ToArray());
}
DataProvider.AdministratorDao.UpdateSiteIdCollection(adminInfo,
adminLevel == "SiteAdmin"
? TranslateUtils.ObjectCollectionToString(checkedSites)
: string.Empty);
PermissionsImpl.ClearAllCache();
request.AddAdminLog("设置管理员权限", $"管理员:{adminInfo.UserName}");
return(Ok(new
{
Value = true,
Roles = AdminManager.GetRoles(adminInfo.UserName)
}));
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
