public ActionResult GetHeaderNavigation() { // TODO: It is a temporary solution for custom header in manager's pages // Correct it when there is more than one custom header in views string requestedController = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString(); if (string.Compare(requestedController, "Manager") == 0) { return(PartialView("Manager/_CustomManagerNavigation")); } var multiplePartialViewResult = new MultiplePartialViewResult(); var roleComparer = new RoleComparer(new Dictionary <RoleType, int> { { RoleType.ScrumMaster, 1 }, { RoleType.Mentor, 2 } }); var userRoles = CurrentUser.GetUserRoles().OrderBy(r => r, roleComparer); foreach (var role in userRoles) { multiplePartialViewResult.PartialViews.Add(PartialView($"{role}/_HeaderNavigation")); } return(multiplePartialViewResult); }
public void RoleComparer_ComparedCorrectly() { var exceptedResult = new List <RoleType> { RoleType.HR, RoleType.Manager, RoleType.ScrumMaster, RoleType.Mentor }; var testData = new List <RoleType> { RoleType.ScrumMaster, RoleType.Mentor, RoleType.Manager, RoleType.HR }; var roleComparer = new RoleComparer(new Dictionary <RoleType, int> { { RoleType.ScrumMaster, 3 }, { RoleType.Mentor, 4 }, { RoleType.Manager, 2 }, { RoleType.HR, 1 } }); var actualResult = testData.OrderBy(r => r, roleComparer).ToList(); for (int i = 0; i < exceptedResult.Count; i++) { Assert.AreEqual(exceptedResult[i], actualResult[i], "Sequence is not sorted"); } }
private async Task <IList <RoleType> > GetSortedUserRoles(int userId) { var userRoles = await GetUserRoles(userId); var roleComparer = new RoleComparer(new Dictionary <RoleType, int> { { RoleType.Mentor, 1 }, { RoleType.ScrumMaster, 2 } }); return(userRoles.OrderBy(r => r, roleComparer).ToList()); }
public RolesControllerFixture() { _sutBuilder = new RolesControllerBuilder(); _resourceStore = new ResourceStoreBuilder() .WithDefaultResources() .Build(); _roleStore = new RoleStoreBuilder(_resourceStore) .WithDefaultRoles() .Build(); _sut = new RolesController(_roleStore, _resourceStore); _permissionComparer = new PermissionComparer(); _roleComparer = new RoleComparer(_permissionComparer); }
public async Task <bool> IsResourceAuthorizedAsync(string resourceName) { // we need to check if this resource is protected if (string.IsNullOrEmpty(resourceName)) { throw new InternalError("Missing resource name"); } if (IsBackDoorWideOpen()) { return(true); } if (YetaWFManager.IsDemo || Manager.IsDemoUser) { return(true); } // check if this is the superuser if (Manager.HasSuperUserRole) { return(true); } using (AuthorizationDataProvider authDP = new AuthorizationDataProvider()) { Authorization auth = await authDP.GetItemAsync(resourceName); if (auth == null) { Logging.AddLog("Resource {0} doesn't exist", resourceName); #if DEBUG throw new InternalError("Resource {0} doesn't exist", resourceName); #else return(false);// not authorized, there is no such resource #endif } RoleComparer roleComp = new RoleComparer(); using (RoleDefinitionDataProvider roleDP = new RoleDefinitionDataProvider()) { if (!Manager.HaveUser) { // check if anonymous user allowed if (auth.AllowedRoles.Contains(new Role { RoleId = roleDP.GetAnonymousRoleId() }, roleComp)) { return(true); } return(false); } // authenticated user // check if any authenticated user allowed if (auth.AllowedRoles.Contains(new Role { RoleId = roleDP.GetUserRoleId() }, roleComp)) { return(true); } } string userName = Manager.UserName; UserDefinition user = (UserDefinition)Manager.UserObject;// get the saved user if (user == null) { throw new InternalError("UserObject missing for authenticated user"); } // check if this user is allowed if (auth.AllowedUsers.Contains(new User { UserId = user.UserId }, new UserComparer())) { return(true); } // check if this user is in a permitted role foreach (Role loginRole in user.RolesList) { if (auth.AllowedRoles.Contains(new Role { RoleId = loginRole.RoleId }, roleComp)) { return(true); } } } // simply not authorized return(false); }