/// <summary> /// Method that checks if the user is authenticated and authorized to execute the method based on the authorization token. /// If authorization is optional and the user is not yet authenticated, a new account is created for the user. /// </summary> /// <param name="allowedUserTypes">Array of authorized UserTypes.</param> public void Authorize(UserType[] allowedUserTypes) { // Get user info using the AuthorizationToken HTTP header OpenIDUserInfo userInfo = this.userManager.GetOpenIDUserInfo(); // Only continue if user info was successfully retrieved from the Access token issuer if (userInfo != null) { // Try to match a user using the user info retrieved from the Access Token issuer User matchedUser = this.userManager.MatchUser(userInfo); // Set the property that indicates if the user is authenticated this.IsAuthenticated = (matchedUser != null); // Check if the user is authenticated if (this.IsAuthenticated) { // The user is authenticated, set the property that indicates if the user is authorized to execute the method this.IsAuthorized = (allowedUserTypes.Count() == 0 || allowedUserTypes.Contains(matchedUser.Type)); } else { // The user is not authenticated - check if authorization is optional or if a customer is authorized to execute the method if (allowedUserTypes.Count() == 0 || allowedUserTypes.Contains(UserType.Customer)) { // Authorization is optional or a customer is authorized to execute the method, create a new user using the user info retrieved from the Access Token issuer this.userManager.CreateUser(userInfo); // Set the properties that indicate that the user is authenticated and authorized to execute the method this.IsAuthenticated = true; this.IsAuthorized = true; } } } }
public virtual IPagedList<Customer> GetAllCustomers(DateTime? createdFromUtc = null, DateTime? createdToUtc = null, UserType[] userTypes = null, string email = null, string username = null, bool loadOnlyWithShoppingCart = false, ShoppingCartType? sct = null, int pageIndex = 0, int pageSize = int.MaxValue) { var query = _customerRepository.Table; if (createdFromUtc.HasValue) query = query.Where(c => createdFromUtc.Value <= c.CreatedOnUtc); if (createdToUtc.HasValue) query = query.Where(c => createdToUtc.Value >= c.CreatedOnUtc); query = query.Where(c => !c.Deleted); if (userTypes != null && userTypes.Length > 0) query = query.Where(c => userTypes.Contains(c.UserType)); if (!String.IsNullOrWhiteSpace(email)) query = query.Where(c => c.Email.Contains(email)); if (!String.IsNullOrWhiteSpace(username)) query = query.Where(c => c.Username.Contains(username)); if (loadOnlyWithShoppingCart) { query = sct.HasValue ? query.Where(c => c.ShoppingCartItems.Any(x => x.ShoppingCartType == sct)) : query.Where(c => c.ShoppingCartItems.Any()); } query = query.OrderByDescending(c => c.CreatedOnUtc); return new PagedList<Customer>(query, pageIndex, pageSize); }
public void TestLinqArrayContains() { Startup.BooksApp.LogTestStart(); var app = Startup.BooksApp; var session = app.OpenSession(); var bookOrders = session.EntitySet <IBookOrder>(); //Note: for debugging use table that is not fully cached, so we use IBookOrder entity // Test retrieving orders by Id-in-list var someOrders = bookOrders.Take(2).ToList(); var someOrderIds = someOrders.Select(o => o.Id).ToArray(); var qSomeOrders = from bo in bookOrders where someOrderIds.Contains(bo.Id) select bo; var someOrders2 = qSomeOrders.ToList(); var cmd = session.GetLastCommand(); //just for debugging Assert.AreEqual(someOrderIds.Length, someOrders2.Count, "Test Array.Contains failed: order counts do not match."); // Try again with a single Id var arrOneId = new Guid[] { someOrderIds[0] }; var qOrders = from bo in bookOrders where arrOneId.Contains(bo.Id) select bo; var orders = qOrders.ToList(); Assert.AreEqual(1, orders.Count, "Test Array.Contains with one Id failed: order counts do not match."); // Again with empty list var arrEmpty = new Guid[] { }; var qNoBooks = from b in session.EntitySet <IBook>() where arrEmpty.Contains(b.Id) select b; var noBooks = qNoBooks.ToList(); cmd = session.GetLastCommand(); Assert.AreEqual(0, noBooks.Count, "Test Array.Contains with empty array failed, expected 0 entities"); // Empty list, no parameters option - should be 'literal empty list' there, depends on server type qNoBooks = from b in session.EntitySet <IBook>().WithOptions(QueryOptions.NoParameters) where arrEmpty.Contains(b.Id) select b; noBooks = qNoBooks.ToList(); cmd = session.GetLastCommand(); Assert.AreEqual(0, noBooks.Count, "Expected 0 entities, empty-list-contains with literal empty list"); Assert.AreEqual(0, cmd.Parameters.Count, "Expected 0 db params with NoParameters option"); // Again with list, not array var orderIdsList = someOrderIds.ToList(); qOrders = from bo in bookOrders where orderIdsList.Contains(bo.Id) select bo; orders = qOrders.ToList(); Assert.AreEqual(orderIdsList.Count, orders.Count, "Test constList.Contains, repeated query failed: order counts do not match."); // Again with NoParameters options - force using literals qOrders = from bo in bookOrders.WithOptions(QueryOptions.NoParameters) where orderIdsList.Contains(bo.Id) select bo; orders = qOrders.ToList(); Assert.AreEqual(orderIdsList.Count, orders.Count, "Test constList.Contains, no-parameters linq query failed: order counts do not match."); cmd = session.GetLastCommand(); Assert.AreEqual(0, cmd.Parameters.Count, "NoParameters option - expected no db parameters"); // Test intList.Contains() var userTypes = new UserType[] { UserType.Customer, UserType.Author }; var qOrders2 = from bo in bookOrders where userTypes.Contains(bo.User.Type) select bo; var orders2 = qOrders2.ToList(); Assert.IsTrue(orders2.Count > 0, "No orders by type found."); }
public void TestLinqArrayContains() { var app = SetupHelper.BooksApp; var session = app.OpenSession(); var bookOrders = session.EntitySet<IBookOrder>(); //Note: for debugging use table that is not fully cached, so we use IBookOrder entity // Test retrieving orders by Id-in-list var someOrders = bookOrders.Take(2).ToList(); var someOrderIds = someOrders.Select(o => o.Id).ToArray(); var qSomeOrders = from bo in bookOrders where someOrderIds.Contains(bo.Id) select bo; var someOrders2 = qSomeOrders.ToList(); var cmd = session.GetLastCommand(); //just for debugging Assert.AreEqual(someOrderIds.Length, someOrders2.Count, "Test Array.Contains failed: order counts do not match."); // Try again with a single Id var arrOneId = new Guid[] { someOrderIds[0] }; var qOrders = from bo in bookOrders where arrOneId.Contains(bo.Id) select bo; var orders = qOrders.ToList(); Assert.AreEqual(1, orders.Count, "Test Array.Contains with one Id failed: order counts do not match."); // Again with empty list var arrEmpty = new Guid[] {}; var qNoBooks = from b in session.EntitySet<IBook>() where arrEmpty.Contains(b.Id) select b; var noBooks = qNoBooks.ToList(); cmd = session.GetLastCommand(); Assert.AreEqual(0, noBooks.Count, "Test Array.Contains with empty array failed, expected 0 entities"); // Again with list, not array var orderIdsList = someOrderIds.ToList(); qOrders = from bo in bookOrders where orderIdsList.Contains(bo.Id) select bo; orders = qOrders.ToList(); Assert.AreEqual(orderIdsList.Count, orders.Count, "Test constList.Contains, repeated query failed: order counts do not match."); // Test intList.Contains() var userTypes = new UserType[] { UserType.Customer, UserType.Author }; var qOrders2 = from bo in bookOrders where userTypes.Contains(bo.User.Type) select bo; var orders2 = qOrders2.ToList(); Assert.IsTrue(orders2.Count > 0, "No orders by type found."); }