public RaterModel Rate(Id entryId, float rating, User user, string ip) { LogService.Info("Rater.Rate entryId={0} rating={1} ip={2}", entryId, rating, ip); if (!AuthorizeService.IsAuthorized(user, entryId.ToScope(), AuthAction.RateEntryOrMedia)) throw new UserNotAuthorizedException(user.Name, AuthAction.RateEntryOrMedia.ToString()); if (rating < 1 || rating > 5) throw new ArgumentOutOfRangeException("Rating value must be 1 thru 5."); AtomEntry entry = AtomEntryRepository.GetEntry(entryId); if (entry.Raters.Contains(ip)) throw new UserAlreadyRatedEntryException(ip, entry.Id.ToString()); entry.RatingCount++; entry.RatingSum += (int)Math.Round(rating); entry.Edited = DateTimeOffset.UtcNow; List<string> raters = entry.Raters.ToList(); raters.Add(ip); entry.Raters = raters; entry = AtomEntryRepository.UpdateEntry(entry); return new RaterModel() { PostHref = RouteService.RouteUrl("RaterRateEntry", entryId), Rating = entry.Rating, CanRate = false, RatingCount = entry.RatingCount }; }
/// <summary> /// Get the scopes which the user is allowed to work with /// based on their authorization. /// </summary> /// <param name="user"></param> /// <returns></returns> public IEnumerable<Scope> GetScopes(User user) { IList<Scope> scopes = new List<Scope>(); if (user == null) return scopes; bool admin = false; if (IsInRole(user, Scope.EntireSite, AuthRoles.Administrator)) { scopes.Add(Scope.EntireSite); admin = true; } foreach (AppWorkspace w in AppServiceRepository.GetService().Workspaces) { bool owner = false; if (w.People.Intersect(user.Ids).Count() > 0 || admin) { scopes.Add(new Scope() { Workspace = w.Name ?? Atom.DefaultWorkspaceName }); owner = true; } foreach (AppCollection c in w.Collections) { if (c.People.Intersect(user.Ids).Count() > 0 || owner) { scopes.Add(new Scope() { Workspace = c.Id.Workspace, Collection = c.Id.Collection }); } } } return scopes; }
public User UpdateUser(User user) { User existingUser = GetUser(user.Ids.First()); if (existingUser != null) { users.Remove(existingUser); } users.Add(user); return user; }
public RaterModel GetRaterModel(Id entryId, User user, string ip) { bool auth = AuthorizeService.IsAuthorized(user, entryId.ToScope(), AuthAction.RateEntryOrMedia); AtomEntry entry = AtomEntryRepository.GetEntry(entryId); return new RaterModel() { PostHref = RouteService.RouteUrl("RaterRateEntry", entryId), Rating = entry.Rating, CanRate = auth && !entry.Raters.Contains(ip), RatingCount = entry.RatingCount }; }
public void CreateUser(User user) { User existingUser = GetUserOrNull(user.Ids.First()); if (existingUser == null) { users.Add(user); } else { throw new Exception("User already exists with name" + user.Name); } }
public void CreateWithIdTest() { User user = new User(); Assert.IsNotNull(user); string idUri = "http://www.test.com"; user.Ids = new List<string> {idUri}; Assert.AreEqual(1, user.Ids.Count()); Assert.AreEqual(idUri, user.Ids.First()); }
/// <summary> /// Gets all the roles for a user for the given scope. The roles for the user are collected /// recursively by looking at the service, workspace, and collection levels. /// </summary> /// <param name="user"></param> /// <param name="id"></param> /// <returns></returns> public AuthRoles GetRoles(User user, Scope scope) { AppService appService = AppServiceRepository.GetService(); AuthRoles roles = AuthRoles.None; if (user != null && user.IsAuthenticated) { roles |= AuthRoles.User; //all authenticated are users //if (scope.IsEntireSite) //{ if (appService.Admins.Where(a => user.Ids.Select(i => i.ToUpperInvariant()) .Contains(a.ToUpperInvariant())).SingleOrDefault() != null) roles |= AuthRoles.Administrator; //} //else if (!scope.IsEntireSite) { //get roles at workspace level AppWorkspace ws = appService.GetWorkspace(scope.Workspace); if (ws.Authors.Where(a => user.Ids.Select(i => i.ToUpperInvariant()) .Contains(a.ToUpperInvariant())).SingleOrDefault() != null) roles |= AuthRoles.Author; if (ws.Contributors.Where(a => user.Ids.Select(i => i.ToUpperInvariant()) .Contains(a.ToUpperInvariant())).SingleOrDefault() != null) roles |= AuthRoles.Contributor; if (scope.IsCollection) //continue at collection level getting scopes { AppCollection c = ws.GetCollection(scope.Collection); if (c.Authors.Where(a => user.Ids.Select(i => i.ToUpperInvariant()) .Contains(a.ToUpperInvariant())).SingleOrDefault() != null) roles |= AuthRoles.Author; if (c.Contributors.Where(a => user.Ids.Select(i => i.ToUpperInvariant()) .Contains(a.ToUpperInvariant())).SingleOrDefault() != null) roles |= AuthRoles.Contributor; } } } else { //all non-authenticated are anonymous roles |= AuthRoles.Anonymous; } return roles; }
//public int UsersCount { get; set; } public string GetRoles(User u) { var roles = new List<string>(); var scopes = AuthorizeService.GetScopes(u); foreach (Scope scope in scopes) { if (AuthorizeService.IsInRole(u, scope, AuthRoles.Administrator)) { if (!roles.Contains("Admin")) roles.Add("Admin"); } if (AuthorizeService.IsInRole(u, scope, AuthRoles.Author)) { if (!roles.Contains("Author")) roles.Add("Author"); } if (AuthorizeService.IsInRole(u, scope, AuthRoles.Contributor)) { if (!roles.Contains("Contributor")) roles.Add("Contributor"); } } if (roles.Count == 0) roles.Add("User"); return string.Join(", ", roles.OrderBy(s => s).ToArray()); }
public void CreateWithDataTest() { User user = new User() { Base = new Uri("http://www.base.com"), Email = "*****@*****.**", Name = "fred", FullName = "Fred Q Bloggs", Lang = "EN", Password = "******", PasswordFormat = "plaintext" }; Assert.IsNotNull(user); Assert.AreEqual(new Uri("http://www.base.com"), user.Base); Assert.AreEqual("*****@*****.**", user.Email); Assert.AreEqual("fred", user.Name); Assert.AreEqual("Fred Q Bloggs", user.FullName); Assert.AreEqual("EN", user.Lang); Assert.AreEqual("Secret", user.Password); Assert.AreEqual("plaintext", user.PasswordFormat); }
IList<User> ImportUsers(BlogMLBlog blog, AppService appSvc) { var users = new List<User>(); foreach (BlogMLAuthor author in blog.Authors) { LogProgress("Processing blog author with ID={0}", author.ID); var user = UserRepository.GetUsersByEmail(author.Email).FirstOrDefault(); if (user == null) user = UserRepository.GetUser(author.ID); if (user == null) user = UserRepository.GetUsersByName(author.Title).FirstOrDefault(); if (user != null) { LogProgress("User '{0}' already exists in system", author.Title); var ids = user.Ids.ToList(); if (!ids.Contains(author.ID)) ids.Add(author.ID); user.Ids = ids; UserRepository.UpdateUser(user); } else { LogProgress("Existing user not found, creating new user '{0}'", author.Title); user = new User(); user.Name = author.Title; user.Email = author.Email; user.Ids = new[] { author.ID }; UserRepository.CreateUser(user); LogProgress("Making new user '{0}' an administrator", author.Title); appSvc.AddAdmin(user.Ids.First()); } users.Add(user); } return users; }
public ActionResult EditUser(AdminUserModel m) { if (string.IsNullOrEmpty(m.Name) || m.Name.Trim().Length == 0) { this.ModelState.AddModelError("name", "The username is required."); } if (string.IsNullOrEmpty(m.Email) || m.Email.Trim().Length == 0) { this.ModelState.AddModelError("email", "The email is required."); } //TODO: check valid email format if (string.IsNullOrEmpty(m.Ids) || m.Ids.Trim().Length == 0) { this.ModelState.AddModelError("ids", "You must supply at least one Id."); } if (!string.IsNullOrEmpty(m.Password) && m.Password != m.ConfirmPassword) { this.ModelState.AddModelError("confirmPassword", "The passwords don't match. Please reconfirm."); } if (!string.IsNullOrEmpty(m.Uri) && !Uri.IsWellFormedUriString(m.Uri, UriKind.Absolute)) { this.ModelState.AddModelError("uri", "The website address you've entered is not correct."); } if (this.ModelState.IsValid) { //TODO: support both ajax and full page try { bool isNew = true; User u = new User(); if (!string.IsNullOrEmpty(m.UserId)) { u = UserRepository.GetUser(m.UserId); if (u == null) throw new Exception("Can't find user to modify."); else isNew = false; } u.Ids = m.Ids.Split(new string[] { Environment.NewLine }, StringSplitOptions.RemoveEmptyEntries).Select(id => id.Trim()); u.Name = m.Name; u.FullName = m.FullName; u.Email = m.Email; if (!string.IsNullOrEmpty(m.Uri)) u.Uri = new Uri(m.Uri); if (!string.IsNullOrEmpty(m.Password)) u.Password = m.Password; m.UserId = u.Ids.First(); if (isNew) UserRepository.CreateUser(u); else UserRepository.UpdateUser(u); TempData["success"] = true; return RedirectToAction("EditUser", new { userId = m.UserId }); } catch (Exception ex) { m.Errors.Add(ex.Message); } } else { m.Errors.Add(""); } return View("AdminUser", "Admin", m); }
public User UpdateUser(User user) { throw new NotImplementedException(); }
/// <summary> /// Gets whether the user is authorized to perform the action within /// the given context based on the role matrix. The role matrix /// is first checked at the collection level and then it bubbles up /// to the workspace level and onto the service level and then /// finally the default built-in role matrix. /// </summary> /// <param name="user">The user.</param> /// <param name="id">The entry Id or the collection Id.</param> /// <param name="action">The action.</param> /// <returns></returns> public bool IsAuthorized(User user, Scope scope, AuthAction action) { return IsAuthorized(GetRoles(user, scope), scope, action); }
public bool IsInRole(User user, Scope scope, AuthRoles role) { return (GetRoles(user, scope) & role) == role; }
public void CreateUser(User user) { throw new NotImplementedException(); }
public static void AssertUsersEqual(User user, User testUser) { Assert.AreEqual(user.Name, testUser.Name); Assert.AreEqual(user.FullName, testUser.FullName); Assert.AreEqual(user.Email, testUser.Email); Assert.AreEqual(user.Password, testUser.Password); Assert.AreEqual(user.PasswordFormat, testUser.PasswordFormat); }
private void UpdateBasicSettingsAndAllExistingData(WizardBasicSettingsModel m) { AppService appSvc = this.AppService; //update service config, user config, and pages appSvc.Base = new Uri(Request.Url.GetLeftPart(UriPartial.Authority) + Request.ApplicationPath); if (!appSvc.Base.ToString().EndsWith("/")) appSvc.Base = new Uri(appSvc.Base.ToString() + "/"); appSvc.Admins = new[] { m.Name }; appSvc.Workspaces.First().Title = new AtomText() { Text = m.Owner }; appSvc.Workspaces.First().Subtitle = new AtomText() { Text = m.WorkspaceSubtitle }; LogService.Info("Removing old user 'Admin'"); UserRepository.DeleteUser("Admin"); LogService.Info("Removing old user '{0}'", m.Name); UserRepository.DeleteUser(m.Name); User user = new User() { Name = m.Name, Email = m.Email, Ids = new[] { m.Name }, Uri = appSvc.Base, Password = m.Password, PasswordFormat = "clear" }; LogService.Info("Creating new user '{0}'", m.Name); UserRepository.CreateUser(user); foreach (string c in new[] { "blog", "pages", "media" }) { LogService.Info("Updating collection '{0}' with new id and author information.", c); AppCollection coll = appSvc.GetWorkspace().GetCollection(c); //update blog title if (c == "blog") coll.Title = new AtomText() { Text = m.BlogTitle }; //update include ids foreach (XElement xid in appSvc.Xml.Descendants(Atom.SvcNs + "id")) { Id id = new Uri(((string)xid)); Id newId = new Id(m.Owner, m.Year.ToString(), c, id.EntryPath); if (id.Collection == c) xid.SetValue(newId); LogService.Info("Updating include id from {0} to {1}", id, newId); } //get entries to update later int total; IList<AtomEntry> entries = AtomEntryRepository.GetEntries(new EntryCriteria() { WorkspaceName = coll.Id.Workspace, CollectionName = coll.Id.Collection, Authorized = true }, 0, int.MaxValue, out total).ToList(); //get annotations to update later IList<AtomEntry> annotations = AtomEntryRepository.GetEntries(new EntryCriteria() { WorkspaceName = coll.Id.Workspace, CollectionName = coll.Id.Collection, Annotations = true, Deep = false, Authorized = true }, 0, int.MaxValue, out total).ToList(); //must process annotations before entries entries = annotations.Concat(entries).ToList(); //update collection id Id newCollId = new Id(m.Owner, m.Year.ToString(), c); LogService.Info("Updating collection id from {0} to {1}", coll.Id, newCollId); coll.Id = newCollId; bool newWorkspace = coll.Id.Workspace != Atom.DefaultWorkspaceName; //save all with new id foreach (AtomEntry entry in entries) { try { //update author based on email if (entry.Authors.First().Email != null && (entry.Authors.First().Email.ToLower() == user.Email.ToLower() || entry.Authors.First().Email == "*****@*****.**")) { entry.Authors = new[] { user.ToAtomAuthor() }; } //entry.Published = DateTimeOffset.Now; //entry.Updated = DateTimeOffset.Now; entry.Edited = DateTimeOffset.Now; if (entry.Id.EntryPath == "About") { LogService.Info("Updating name on About page from Admin to {0}", m.Name); entry.Content.Text = entry.Content.Text.Replace(" Admin ", string.Format(" {0} ", m.Name)); } if (entry.Id.EntryPath == "Contact") { LogService.Info("Updating email on Contact page from [email protected] to {0}", m.Name); entry.Content.Text = entry.Content.Text.Replace("*****@*****.**", m.Name); } //fix links http://localhost:1333 to new address string xmlstr = entry.Xml.ToString(); xmlstr = xmlstr.Replace("http://localhost:1333/", appSvc.Base.ToString()); entry.Xml = XElement.Parse(xmlstr); //entry.Content.Xml.DescendantNodesAndSelf().Where(n => n.NodeType == System.Xml.XmlNodeType.Attribute) // .Cast<XAttribute>() // .Where(a => a.Value.Contains("http://localhost:1333/")).ToList() // .ForEach(a => a.Value = a.Value.Replace("http://localhost:1333/", appSvc.Base.ToString())); Id oldId = entry.Id; if (newWorkspace) { LogService.Info("Workspace name is changed to {0}", appSvc.Workspaces.First().Name); appSvc.Workspaces.First().Name = coll.Id.Workspace; if (!entry.Media) { if (coll.Dated) entry.Id = new Id(m.Owner, entry.Id.Date, c, entry.Id.EntryPath); else entry.Id = new Id(m.Owner, m.Year.ToString(), c, entry.Id.EntryPath); LogService.Info("Creating entry with id from {0} to {1}", oldId, entry.Id); AtomEntryRepository.CreateEntry(entry); //delte old entry AtomEntryRepository.DeleteEntry(oldId); } else { using (Stream s = MediaRepository.GetMedia(entry)) { if (coll.Dated) entry.Id = new Id(m.Owner, entry.Id.Date, c, entry.Id.EntryPath); else entry.Id = new Id(m.Owner, m.Year.ToString(), c, entry.Id.EntryPath); LogService.Info("Creating media with id from {0} to {1}", oldId, entry.Id); MediaRepository.CreateMedia(entry, s); } //delete old media entry.Id = oldId; MediaRepository.DeleteMedia(entry); } } else { //just update if (coll.Dated) entry.Id = new Id(m.Owner, entry.Id.Date, c, entry.Id.EntryPath); else entry.Id = new Id(m.Owner, m.Year.ToString(), c, entry.Id.EntryPath); LogService.Info("Updating entry id from {0} to {1}", oldId, entry.Id); AtomEntryRepository.UpdateEntry(entry); } } catch (Exception ex) { LogService.Error(ex); } } } appSvc = AppServiceRepository.UpdateService(appSvc); }
public static User MakeTestUser() { string userGuid = Guid.NewGuid().ToString(); User newUser = new User { Email = userGuid + "@test.com", Name = userGuid, FullName = "Mr " + userGuid + " Bloggs", Lang = "EN", Password = "******", PasswordFormat = "plaintext", }; return newUser; }
public virtual void Authenticate(ServerApp app) { HttpContext ctx = app.Context; //only authenticate when not already authenticated since this works side by side with forms auth if (ctx.User == null || ctx.User.Identity == null || !ctx.User.Identity.IsAuthenticated) { //detect authenticated response for open id var openid = new OpenIdRelyingParty(); var response = openid.GetResponse(); if (response != null && response.Status == AuthenticationStatus.Authenticated) { User user = UserRepository.GetUser(response.ClaimedIdentifier); bool newUser = (user == null); if (newUser) user = new User() { Ids = new string[] { response.ClaimedIdentifier }, Name = response.FriendlyIdentifierForDisplay }; //Update user information ClaimsResponse fetch = response.GetExtension<ClaimsResponse>(); if (fetch != null) { if (!string.IsNullOrEmpty(fetch.Nickname)) user.Name = fetch.Nickname; if (!string.IsNullOrEmpty(fetch.Email)) user.Email = fetch.Email; } if (newUser) UserRepository.CreateUser(user); else UserRepository.UpdateUser(user); FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false); //FormsAuthentication.RedirectFromLoginPage(openid.Response.ClaimedIdentifier, false); //send back to the right page string returnUrl = ctx.Request.QueryString["ReturnUrl"]; if (!string.IsNullOrEmpty(returnUrl)) { returnUrl = HttpUtility.UrlDecode(returnUrl); ctx.Response.Redirect(returnUrl); } } else if (response != null && response.Status != AuthenticationStatus.Authenticated) { LogService.Error("Open ID authentication for {0} was unsuccessful with status of {1}.", response.FriendlyIdentifierForDisplay, response.Status.ToString()); //FormsAuthentication.RedirectToLoginPage("error=" + HttpUtility.UrlEncode("Open ID authentication was unsuccessful.")); string returnUrl = ctx.Request.QueryString["ReturnUrl"]; ctx.Response.Redirect(FormsAuthentication.LoginUrl + "?ReturnUrl=" + HttpUtility.UrlEncode(returnUrl) + "&error=" + HttpUtility.UrlEncode("Open ID authentication was unsuccessful.")); } else if (ctx.User == null || ctx.User.Identity == null) { //set to anon ctx.User = new GenericPrincipal( new User() { Name = string.Empty }, new string[0]); } //detect login request for open id string identifier = ctx.Request.Form["openid_identifier"]; if (!string.IsNullOrEmpty(identifier)) { try { var req = openid.CreateRequest(Identifier.Parse(identifier)); var fields = new ClaimsRequest(); fields.Email = DemandLevel.Require; fields.Nickname = DemandLevel.Require; req.AddExtension(fields); req.RedirectToProvider(); } catch (ProtocolException pe) { LogService.Error(pe); //FormsAuthentication.RedirectToLoginPage("error=" + HttpUtility.UrlEncode(oie.Message)); string returnUrl = ctx.Request.QueryString["ReturnUrl"]; ctx.Response.Redirect(FormsAuthentication.LoginUrl + "?ReturnUrl=" + HttpUtility.UrlEncode(returnUrl) + "&error=" + HttpUtility.UrlEncode(pe.Message)); } } } }
public void CreateTest() { User user = new User(); Assert.IsNotNull(user); }