public ActionResult PermissionRoles( [Bind(Exclude = "PermissionsNotInRole,PermissionsInRole")] PermissionRolesViewModel model) { if (model.IsSave) { Int32 roleUserContextId = 0; if (String.IsNullOrEmpty(model.RoleUserContextId)) { ModelState.AddModelError("RoleUserContextId", AppGlobal.Language.GetText(this, "RoleUserContextMandatory", "Role user context is mandatory")); } else if (!Int32.TryParse(model.RoleUserContextId, out roleUserContextId)) { ModelState.AddModelError("RoleUserContextId", AppGlobal.Language.GetText(this, "RoleUserContextMandatory", "Role user context is mandatory")); } else if (roleUserContextId != 1 && roleUserContextId != 2 && roleUserContextId != 4) { ModelState.AddModelError("RoleUserContextId", AppGlobal.Language.GetText(this, "RoleUserContextInvalid", "Role user context is invalid")); } // If true have changes to save, if false post back is simply to select another role if (ModelState.IsValid) { string newRoleId = Guid.NewGuid().ToString("D").ToUpper(); string languageFieldName = string.Concat("Account_RoleDescription_", model.RoleName.Replace(" ", string.Empty)); // Is this a new role, if yes create a new role entry if (model.DropDownSelectedRoleId.Equals("-1")) { db.AspNetRoles.Add(new AspNetRole { Id = newRoleId, Name = model.RoleName, Description = model.RoleDescription, LanguageFieldName = languageFieldName, // ReSharper disable once PossibleInvalidOperationException UserContextId = roleUserContextId }); db.SaveChanges(); ModelState.Remove("DropDownSelectedRoleId"); ModelState.Remove("SelectedRoleId"); model.DropDownSelectedRoleId = newRoleId; model.SelectedRoleId = newRoleId; // Audit change AppGlobal.WriteAudit( string.Format("User (id, name) '{0},{1}' added a new role called '{2}'", User.Identity.Name, Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(), model.RoleName), true); } // Save the changes var role = db.AspNetRoles.FirstOrDefault(r => r.Id == model.DropDownSelectedRoleId); var permissionList = role.Permissions.ToList(); // Has the role name been changed if (!role.Name.Equals(model.RoleName, System.StringComparison.CurrentCulture)) { // Role name has changed, save the new name string currentRoleName = role.Name; role.Name = model.RoleName; // Update configuration settings to reflect the new name Constants.ConfigSettings.RenameConfiguredRoles(currentRoleName, model.RoleName); // Audit change AppGlobal.WriteAudit( string.Format("User (id, name) '{0},{1}' changed the role name from '{2}' to '{3}'", User.Identity.Name, Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(), currentRoleName, role.Name), true); } // Has the role description name been changed if (!role.Description.Equals(model.RoleDescription, System.StringComparison.CurrentCulture)) { // Role description has changed, save the new name string currentRoleDescription = role.Description; role.Description = model.RoleDescription; // Audit change AppGlobal.WriteAudit( string.Format("User (id, name) '{0},{1}' changed the role description from '{2}' to '{3}'", User.Identity.Name, Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(), currentRoleDescription, role.Description), true); } // Has the role user context been changed? if (role.UserContextId != roleUserContextId) { // Audit change AppGlobal.WriteAudit( string.Format("User (id, name) '{0},{1}' changed the role user context from '{2}' to '{3}'", User.Identity.Name, Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(), role.UserContextId, model.RoleUserContextId), true); role.UserContextId = roleUserContextId; } // Drop all permissions in the role and just add back the ones passed back on the form foreach (Tribal.SkillsFundingAgency.ProviderPortal.Entities.Permission permission in permissionList) { role.Permissions.Remove(permission); } // Now add back only the selected permissions if (!string.IsNullOrWhiteSpace(model.DelimitedListPermissionsInRole)) { string[] selectedPermissions = model.DelimitedListPermissionsInRole.Split('|'); foreach (string selectedPermission in selectedPermissions) { int permissionId; if (int.TryParse(selectedPermission, out permissionId)) { var permission = db.Permissions.FirstOrDefault(p => p.PermissionId == permissionId); role.Permissions.Add(permission); } } } db.SaveChanges(); ShowGenericSavedMessage(); // Audit changes AppGlobal.WriteAudit( string.Format( "User (id, name) '{0},{1}' saved the following permissions (id, name) '{2}' to role '{3}'", Tribal.SkillsFundingAgency.ProviderPortal.Permission.GetCurrentUserId(), User.Identity.Name, model.DelimitedListPermissionsInRole, role.Name), true); } } if (!model.IsSave || ModelState.IsValid) { // Select the new role and display the permissions var selectedRole = db.AspNetRoles.FirstOrDefault(r => r.Id == model.SelectedRoleId); ModelState.Remove("DropDownSelectedRoleId"); ModelState.Remove("RoleName"); ModelState.Remove("RoleDescription"); ModelState.Remove("RoleUserContextId"); model.RoleName = selectedRole == null ? string.Empty : selectedRole.Name; model.RoleDescription = selectedRole == null ? string.Empty : selectedRole.Description; model.PermissionsInRole = this.GetPermissionsInRole(model.SelectedRoleId); model.PermissionsNotInRole = this.GetPermissionsNotInRole(model.SelectedRoleId); model.DropDownSelectedRoleId = model.SelectedRoleId; model.RoleUserContextId = selectedRole == null ? String.Empty : selectedRole.UserContextId.ToString(); } else { // Persist the view as returning to page the same as received as validation errors model.PermissionsInRole = this.GetPermissionListFromViewState(model.DelimitedListPermissionsInRole); model.PermissionsNotInRole = this.GetPermissionListFromViewState(model.DelimitedListPermissionsNotInRole); } model.PermissionsInRole = model.PermissionsInRole.OrderBy(x => x.Text); model.PermissionsNotInRole = model.PermissionsNotInRole.OrderBy(x => x.Text); model.Roles = this.GetRoles(); model.UserContexts = GetUserContexts(); // Back to the page with the results saved return(this.View(model)); }