public string TfaAppNewApp(TfaModel model) { var isMe = model.Id.Equals(Guid.Empty); var user = CoreContext.UserManager.GetUsers(isMe ? SecurityContext.CurrentAccount.ID : model.Id); if (!isMe && !SecurityContext.CheckPermissions(Tenant, new UserSecurityProvider(user.ID), Constants.Action_EditUser)) { throw new SecurityAccessDeniedException(Resource.ErrorAccessDenied); } if (!TfaAppAuthSettings.IsVisibleSettings || !TfaAppUserSettings.EnableForUser(user.ID)) { throw new Exception(Resource.TfaAppNotAvailable); } if (user.IsVisitor(Tenant) || user.IsOutsider(Tenant)) { throw new NotSupportedException("Not available."); } TfaAppUserSettings.DisableForUser(user.ID); MessageService.Send(MessageAction.UserDisconnectedTfaApp, MessageTarget.Create(user.ID), user.DisplayUserName(false)); if (isMe) { return(CommonLinkUtility.GetConfirmationUrl(Tenant.TenantId, user.Email, ConfirmType.TfaActivation)); } StudioNotifyService.SendMsgTfaReset(Tenant.TenantId, user); return(string.Empty); }
public static bool CheckPermissions(ISecurityObjectId objectId, ISecurityObjectProvider securityObjProvider, params IAction[] actions) { if (IsAdministrator()) { return(true); } if (IsOutsider()) { var actionArray = actions ?? new IAction[0]; var containsReadAction = false; foreach (var action in actionArray) { containsReadAction = action.ID.Equals(new Guid("{E0759A42-47F0-4763-A26A-D5AA665BEC35}"));//"Read forum post action" } if (!containsReadAction) { return(false); } } return(SecurityContext.CheckPermissions(objectId, securityObjProvider, actions)); }
private static void UpdateDepartments(IEnumerable <Guid> department, UserInfo user) { if (!SecurityContext.CheckPermissions(Core.Users.Constants.Action_EditGroups)) { return; } if (department == null) { return; } var groups = CoreContext.UserManager.GetUserGroups(user.ID); var managerGroups = new List <Guid>(); foreach (var groupInfo in groups) { CoreContext.UserManager.RemoveUserFromGroup(user.ID, groupInfo.ID); var managerId = CoreContext.UserManager.GetDepartmentManager(groupInfo.ID); if (managerId == user.ID) { managerGroups.Add(groupInfo.ID); CoreContext.UserManager.SetDepartmentManager(groupInfo.ID, Guid.Empty); } } foreach (var guid in department) { var userDepartment = CoreContext.UserManager.GetGroupInfo(guid); if (userDepartment != Core.Users.Constants.LostGroupInfo) { CoreContext.UserManager.AddUserIntoGroup(user.ID, guid); if (managerGroups.Contains(guid)) { CoreContext.UserManager.SetDepartmentManager(guid, user.ID); } } } }
private static bool CanAccessTo(ISecurityObjectId entity) { return(IsAdmin || SecurityContext.CheckPermissions(entity, GetCRMSecurityProvider(), _actionRead)); }
public static bool CanAccessTo(ISecurityObjectId entity, Guid userId) { return(IsAdministrator(userId) || SecurityContext.CheckPermissions(entity, GetCRMSecurityProvider(), _actionRead)); }