//Create [email protected] with password=Admin@123456 in the Admin role public static void InitializeIdentityForEF(ApplicationDbContext db) { var userManager = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>(); var roleManager = HttpContext.Current.GetOwinContext().Get <ApplicationRoleManager>(); const string name = "*****@*****.**"; const string password = "******"; const string roleName = "Admin"; //Create Role Admin if it does not exist var role = roleManager.FindByName(roleName); if (role == null) { role = new ApplicationRole(roleName); var roleresult = roleManager.Create(role); } var user = userManager.FindByName(name); if (user == null) { user = new ApplicationUser { UserName = name, Email = name, EmailConfirmed = true }; var result = userManager.Create(user, password); result = userManager.SetLockoutEnabled(user.Id, false); } var groupManager = new ApplicationGroupManager(); var newGroup = new ApplicationGroup("SuperAdmins", "Full Access to All"); groupManager.CreateGroup(newGroup); groupManager.SetUserGroups(user.Id, new string[] { newGroup.Id }); groupManager.SetGroupRoles(newGroup.Id, new string[] { role.Name }); }
private void SetGroups() { var roleStore = new RoleStore <Role, int, UserRole>(_context); var roleManager = new ApplicationRoleManager(roleStore); var userStore = new UserStore <User, Role, int, UserLogin, UserRole, UserClaim>(_context); var userManager = new ApplicationUserManager(userStore); var groupManagerStore = new ApplicationGroupStore(_context); var groupManager = new ApplicationGroupManager(groupManagerStore, roleManager, userManager); foreach (var group in GroupsToAdd) { var result = groupManager.CreateGroup(group); if (!result.Succeeded) { throw new Exception(string.Join(",", result.Errors.ToArray())); } var roles = RolesToAdd.Select(x => x.Id).ToArray(); var resultSetGroupRoles = groupManager.SetGroupRoles(group.Id, roles); if (!resultSetGroupRoles.Succeeded) { throw new Exception(string.Join(",", resultSetGroupRoles.Errors.ToArray())); } } }
public SetupController(ApplicationUserManager userManager, ApplicationRoleManager roleManager, ApplicationGroupManager groupManager, ApplicationPageManager pageManager) { UserManager = userManager; RoleManager = roleManager; GroupManager = groupManager; PageManager = pageManager; }
private void AddUserAuthentication(CRMEntities context) { var userManager = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>(); var roleManager = HttpContext.Current.GetOwinContext().Get <ApplicationRoleManager>(); const string name = "*****@*****.**"; const string FirstName = "admin"; const string LastName = "System"; const int UserStatusID = 1; const string password = "******"; const string roleName = "Admin"; var aRole = new ApplicationRole(roleName); context.Roles.Add(aRole); context.SaveChanges(); var user = new ApplicationUser { UserName = name, Email = name, EmailConfirmed = true, FirstName = FirstName, LastName = LastName, UserStatusID = UserStatusID }; var result = userManager.Create(user, password); result = userManager.SetLockoutEnabled(user.Id, false); var groupManager = new ApplicationGroupManager(); var newGroup = new ApplicationGroup("SuperAdmins", "Full Access to All"); groupManager.CreateGroup(newGroup); groupManager.SetUserGroups(user.Id, new string[] { newGroup.Id }); groupManager.SetGroupRoles(newGroup.Id, new string[] { aRole.Name }); }
private void InitializeIdentityForEf(ApplicationDbContext db) { const string name = "*****@*****.**"; const string password = "******"; PasswordHasher hasher = new PasswordHasher(); ApplicationUser adminUser = new ApplicationUser { UserName = name, Email = name, PasswordHash = hasher.HashPassword(password), LockoutEnabled = false, EmailConfirmed = true, IsActiveDirectoryUser = true }; var adminUserResult = db.Users.FirstOrDefault <ApplicationUser>(x => x.UserName == adminUser.UserName); if (adminUserResult == null) { adminUserResult = db.Users.Add(adminUser); db.SaveChanges(); } //Because of lazy loading of OwinContext, the method(FindByName) hange in diversity conditions then it's commented by me //db.Configuration.LazyLoadingEnabled = true; //var userManager = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>(); //var user = userManager.FindByName(name); //if (user == null) //{ // user = new ApplicationUser // { // UserName = name, // PasswordHash = hasher.HashPassword(password), // Email = name, // EmailConfirmed = true, // IsActiveDirectoryUser = true // }; // var result = userManager.Create(user, password); // result = userManager.SetLockoutEnabled(user.Id, false); //} var groupManager = new ApplicationGroupManager(); var newGroup = new ApplicationGroup("SuperAdmin", "Full Access to All"); if (!groupManager.Groups.Any(x => x.Name == newGroup.Name)) { groupManager.CreateGroup(newGroup); groupManager.SetUserGroups(adminUserResult.Id, new int[] { newGroup.Id }); } else { var group = groupManager.Groups.FirstOrDefault(x => x.Name == newGroup.Name); if (!group.ApplicationUsers.Any(x => x.ApplicationUserId == adminUserResult.Id)) { groupManager.SetUserGroups(adminUserResult.Id, new int[] { group.Id }); } } }
public UsersAdminController(ApplicationUserManager userManager, ApplicationRoleManager roleManager, ApplicationGroupManager groupManager) { UserManager = userManager; RoleManager = roleManager; GroupManager = groupManager; }
private void CreateTestUser(int quantity) { // data test var UsersTestToAdd = new List <User>(); for (var i = 1; i <= quantity; i++) { var user = new User { Name = $"User {i}", UserName = $"user{i}", Email = $"user{i}@itlab.com.br", Active = (i % 8 != 0), CreationUser = _context.GetCurrentUser(), AuthenticationType = (i % 5 == 0) ? AuthenticationType.ActiveDirectory : AuthenticationType.DataBase }; UsersTestToAdd.Add(user); } // var userStore = new UserStore <User, Role, int, UserLogin, UserRole, UserClaim>(_context); var userManager = new ApplicationUserManager(userStore) { UserLockoutEnabledByDefault = true }; var roleStore = new RoleStore <Role, int, UserRole>(_context); var roleManager = new ApplicationRoleManager(roleStore); var groupManagerStore = new ApplicationGroupStore(_context); var groupManager = new ApplicationGroupManager(groupManagerStore, roleManager, userManager); foreach (var user in UsersTestToAdd) { //if (userManager.FindByEmail(user.Email) != null) continue; //TODO: Devemos usar o CreateAsync, porém, não conseguimos utilizar dentro do foreach, depois precisa verificar o porque. var result = userManager.Create(user, "123456"); if (!result.Succeeded) { throw new Exception(string.Join(",", result.Errors.ToArray())); } groupManager.SetUserGroups(user.Id, GroupsToAdd.Select(x => x.Id).ToArray()); foreach (var country in CountryAdd) { if (user.Countries.All(d => d.Id != country.Id)) { user.Countries.Add(country); } } } }
public static void InitializeIdentityForEF(ApplicationDbContext db) { //var userManager = HttpContext.Current // .GetOwinContext().GetUserManager<ApplicationUserManager>(); //var roleManager = HttpContext.Current // .GetOwinContext().Get<ApplicationRoleManager>(); var roleStore = new RoleStore <ApplicationRole, string, ApplicationUserRole>(db); var roleManager = new RoleManager <ApplicationRole, string>(roleStore); var userStore = new UserStore <ApplicationUser, ApplicationRole, string, ApplicationUserLogin, ApplicationUserRole, ApplicationUserClaim>(db); var userManager = new UserManager <ApplicationUser, string>(userStore); const string name = "*****@*****.**"; const string email = "*****@*****.**"; const string password = "******"; const string roleName = "Admin"; //Create Role Admin if it does not exist var role = roleManager.FindByName(roleName); if (role == null) { role = new ApplicationRole(roleName); var roleresult = roleManager.Create(role); } var user = userManager.FindByName(name); if (user == null) { user = new ApplicationUser { UserName = name, FirstName = "Admin", LastName = "WorkCard.vn", Email = email, EmailConfirmed = true }; var result = userManager.Create(user, password); result = userManager.SetLockoutEnabled(user.Id, false); userManager.AddToRole(user.Id, roleName); } var groupManager = new ApplicationGroupManager(); var newGroup = new ApplicationGroup("SuperAdmins", "Full Access to All"); groupManager.CreateGroup(newGroup); groupManager.SetUserGroups(user.Id, new string[] { newGroup.Id }); groupManager.SetGroupRoles(newGroup.Id, new string[] { role.Name }); }
protected override void Seed(ApplicationDbContext context) { context.ApplicationActionPermissions.AddOrUpdate(new ApplicationActionPermission { ActionName = "Create", ControllerName = "ActionPermissionController", Id = 1 }); var roleManager = new ApplicationRoleManager(new ApplicationRoleStore(context)); var userManager = new ApplicationUserManager(new ApplicationUserStore(context)); const string name = "*****@*****.**"; const string password = "******"; const string roleName = "Admin"; //Create Role Admin if it does not exist var role = roleManager.FindByName(roleName); if (role == null) { role = new ApplicationRole(roleName); var roleresult = roleManager.Create(role); } var user = userManager.FindByName(name); if (user == null) { user = new ApplicationUser { UserName = name, Email = name, EmailConfirmed = true }; var result = userManager.Create(user, password); result = userManager.SetLockoutEnabled(user.Id, false); } var groupManager = new ApplicationGroupManager(context, userManager, roleManager); var newGroup = new ApplicationGroup("SuperAdmins", "Full Access to All") { IsAdmin = true }; groupManager.CreateGroup(newGroup); groupManager.SetUserGroups(user.Id, new string[] { newGroup.Id }); groupManager.SetGroupRoles(newGroup.Id, new string[] { role.Name }); }
private void SetUser() { var userStore = new UserStore <User, Role, int, UserLogin, UserRole, UserClaim>(_context); var userManager = new ApplicationUserManager(userStore) { UserLockoutEnabledByDefault = true }; var roleStore = new RoleStore <Role, int, UserRole>(_context); var roleManager = new ApplicationRoleManager(roleStore); var groupManagerStore = new ApplicationGroupStore(_context); var groupManager = new ApplicationGroupManager(groupManagerStore, roleManager, userManager); foreach (var user in UsersToAdd) { if (userManager.FindByEmail(user.Email) != null) { continue; } var result = userManager.Create(user, "123456"); if (!result.Succeeded) { throw new Exception(string.Join(",", result.Errors.ToArray())); } groupManager.SetUserGroups(user.Id, GroupsToAdd.Select(x => x.Id).ToArray()); foreach (var country in CountryAdd) { if (user.Countries.All(d => d.Id != country.Id)) { user.Countries.Add(country); } } } }
public static void InitializeIdentityForEF(ApplicationDbContext db) { var userManager = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>(); var roleManager = HttpContext.Current.GetOwinContext().Get <ApplicationRoleManager>(); //Create Role Admin if it does not exist var role = roleManager.FindByName(roleName); if (role == null) { role = new ApplicationRole(roleName, roleDesc); var roleresult = roleManager.Create(role); if (!roleresult.Succeeded) { throw new Exception(roleresult.Errors.ElementAt(0)); } var groupManager = new ApplicationGroupManager(); string groupName = "SuperAdmin"; string groupDesc = "Super Admin Full Access to All"; var group = groupManager.FindByName(groupName); if (group == null) { var newGroup = new ApplicationGroup(groupName, groupDesc); var groupresult = groupManager.CreateGroup(newGroup); if (!groupresult.Succeeded) { roleresult = roleManager.Delete(role); if (!roleresult.Succeeded) { throw new Exception(roleresult.Errors.ElementAt(0)); } } var user = userManager.FindByName(userName); var emailUser = userManager.FindByEmail(emailName); if (user == null && emailUser == null) { user = new ApplicationUser { UserName = userName, Email = emailName, CreatedTime = DateTime.Now, CreatedBy = GlobalEnum.SystemName.System, RowStatus = GlobalEnum.RowStatus.Active }; var userresult = userManager.Create(user, password); userresult = userManager.SetLockoutEnabled(user.Id, false); if (!userresult.Succeeded) { roleresult = roleManager.Delete(role); if (!roleresult.Succeeded) { throw new Exception(roleresult.Errors.ElementAt(0)); } groupresult = groupManager.DeleteGroup(group.Id); if (!groupresult.Succeeded) { throw new Exception(groupresult.Errors.ElementAt(0)); } } groupManager.SetUserGroups(user.Id, new string[] { newGroup.Id }); groupManager.SetGroupRoles(newGroup.Id, new string[] { role.Name }); } } } }
//add application specific Claims to user's identity private static ClaimsPrincipal AddCustomClaimsToPrincipal(String userName) { PrincipalContext princiContxt = null; UserPrincipal thePrincipal = null; //get the Domain context for the Directory Services princiContxt = new PrincipalContext(ContextType.Domain); //get the user-principal object from the Domain context using the specified username thePrincipal = UserPrincipal.FindByIdentity(princiContxt, userName); var customClaims = new List <System.Security.Claims.Claim> { new System.Security.Claims.Claim(ClaimTypes.Email, userName), new System.Security.Claims.Claim(ClaimTypes.Name, userName) }; if (userName == "*****@*****.**") { var findItem = customClaims.Find(c => c.Value == "SuperAdmin"); if (findItem == null) { customClaims.Add(new System.Security.Claims.Claim("Group", "SuperAdmin")); } } if (thePrincipal != null) { if (thePrincipal.Surname != null) { customClaims.Add(new System.Security.Claims.Claim(ClaimTypes.WindowsAccountName, thePrincipal.SamAccountName)); customClaims.Add(new System.Security.Claims.Claim(ClaimTypes.Surname, thePrincipal.Surname)); } // get all groups the user is a member of //// //// Todo for a weird error on crm dev server. uncomment the below line if you can solve it! //// //customClaims.AddRange(thePrincipal.GetAuthorizationGroups().Select(group => // new System.Security.Claims.Claim("AD_Group", group.Name))); PrincipalSearchResult <Principal> adGroup = thePrincipal.GetAuthorizationGroups(); var iterGroup = adGroup.GetEnumerator(); using (iterGroup) { while (iterGroup.MoveNext()) { try { var p = iterGroup.Current; if (string.IsNullOrEmpty(p.Name)) { continue; } customClaims.Add(new System.Security.Claims.Claim("AD_Group", p.Name)); } catch { continue; } } } //here you can add any claim type-value pairs, maybe some user settings read from DB. var db = new ApplicationDbContext(); var userManager = new ApplicationUserStore(db); var user = userManager.Users.FirstOrDefault(u => u.Email == thePrincipal.UserPrincipalName); if (user != null) { customClaims.Add(new System.Security.Claims.Claim("UserId", user.Id.ToString())); var claims = user.ApplicationClaims; var groups = user.ApplicationGroups; var rowFilters = user.ApplicationPrincipalRowFilters.Where(x => x.PrincipalType == "U"); var groupManager = new ApplicationGroupStore(db); var claimManager = new ApplicationClaimStore(db); var rowFilterManager = new RowFilterStore(db); customClaims.AddRange(groups.Select(group => groupManager.FindById(group.ApplicationGroupId)).Select(g => new System.Security.Claims.Claim("Group", g.Name))); customClaims.AddRange(claims.Select(claim => claimManager.FindById(claim.ApplicationClaimId)).Select(c => new System.Security.Claims.Claim(c.Key, c.Value))); customClaims.AddRange(rowFilters.Select(r => rowFilterManager.FindById(r.Id)).Select(c => new System.Security.Claims.Claim(c.ApplicationRowFilterType.Name, c.RowFilterValue.ToString()))); var appgroupManager = new ApplicationGroupManager(); var groupList = groups.Select(group => groupManager.FindById(group.ApplicationGroupId)); foreach (var item in groupList) { var groupRowFilters = item.ApplicationPrincipalRowFilters.Where(x => x.PrincipalType == "G"); customClaims.AddRange(groupRowFilters.Select(r => rowFilterManager.FindById(r.Id)).Select(c => new System.Security.Claims.Claim(c.ApplicationRowFilterType.Name, c.RowFilterValue.ToString()))); foreach (var appclaim in appgroupManager.GetGroupClaims(item.Id)) { var claim = new System.Security.Claims.Claim(appclaim.Key, appclaim.Value); var findItem = customClaims.Find(c => c.Value == claim.Value && c.Type == claim.Type); if (findItem == null) { customClaims.Add(claim); } } } } } //https://msdn.microsoft.com/en-us/library/system.security.claims.authenticationtypes(v=vs.110).aspx var theCustomClaimsIdentity = new ClaimsIdentity(customClaims, authenticationType: "Negotiate");//Negotiate | Signing | Sealing return(new ClaimsPrincipal(theCustomClaimsIdentity)); }
public AccountController(ApplicationUserManager userManager, ApplicationSignInManager signInManager, ApplicationGroupManager groupManager, ApplicationRoleManager roleManager) { UserManager = userManager; SignInManager = signInManager; GroupManager = groupManager; RoleManager = roleManager; }
//Create [email protected] with password=Admin@123456 in the Admin role public static void InitializeIdentityForEF(ApplicationDbContext db) { var userManager = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>(); var roleManager = HttpContext.Current.GetOwinContext().Get <ApplicationRoleManager>(); const string name = "*****@*****.**"; const string password = "******"; const string roleName = "Admin"; //Create Role Admin if it does not exist var role = roleManager.FindByName(roleName); if (role == null) { role = new ApplicationRole(roleName); var roleresult = roleManager.Create(role); } var user = userManager.FindByName(name); var user3 = userManager.FindByName(name); if (user == null) { user = new ApplicationUser { UserName = name, Email = name, EmailConfirmed = true }; user.FirstName = "FAdmin"; user.LastName = "LAdmin"; user.Department = "Information Technology"; var result = userManager.Create(user, password); result = userManager.SetLockoutEnabled(user.Id, false); //Create other users string name2 = "*****@*****.**"; string password2 = "Test!23"; var user2 = new ApplicationUser { UserName = name2, Email = name2, EmailConfirmed = true }; user2.FirstName = "Robert"; user2.LastName = "Swift"; user2.Department = "Information Technology"; result = userManager.Create(user2, password2); result = userManager.SetLockoutEnabled(user2.Id, false); string name3 = "*****@*****.**"; string password3 = "Test!23"; user3 = new ApplicationUser { UserName = name3, Email = name3, EmailConfirmed = true }; user3.FirstName = "Abhi"; user3.LastName = "Khaitan"; user3.Department = "Information Technology"; result = userManager.Create(user3, password3); result = userManager.SetLockoutEnabled(user3.Id, false); } var groupManager = new ApplicationGroupManager(); var newGroup = new ApplicationGroup("SuperAdmins", "Full Access to All"); groupManager.CreateGroup(newGroup); groupManager.SetUserGroups(user.Id, new string[] { newGroup.Id }); groupManager.SetGroupRoles(newGroup.Id, new string[] { role.Name }); groupManager.SetUserGroups(user3.Id, new string[] { newGroup.Id }); groupManager.SetGroupRoles(newGroup.Id, new string[] { role.Name }); foreach (var u in db.Users) { HseqUser hseqUser = new HseqUser(); hseqUser.UserID = u.Id; hseqUser.Coordinator = true; hseqUser.Approver = true; hseqUser.Assignee = true; hseqUser.Owner = true; db.HseqUsers.Add(hseqUser); } db.SaveChanges(); }
public static void InitializeIdentityForEF(ApplicationDbContext db) { var userManager = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>(); var roleManager = HttpContext.Current.GetOwinContext().Get <ApplicationRoleManager>(); const string name = "*****@*****.**"; const string password = "******"; //Create Role Admin if it does not exist string[] roles = { "Admin", "Manager", "Leader", "IsDelete", "Approved", "GA", "ManageDepartmentShift" }; foreach (string roleName in roles) { var role = roleManager.FindByName(roleName); if (role == null) { role = new ApplicationRole(roleName, "Only " + roleName); roleManager.Create(role); } if (roleName == "Admin") { var newUser = new ApplicationUser() { UserName = name, Email = name, EmailConfirmed = true }; var user = userManager.FindByName(name); if (user == null) { userManager.Create(newUser, password); userManager.SetLockoutEnabled(newUser.Id, false); userManager.AddToRole(newUser.Id, roleName); } else { userManager.AddToRole(user.Id, roleName); } // Group Role const string groupName = "Super Admins"; var groupManager = new ApplicationGroupManager(); var newGroup = new ApplicationGroup(groupName, "Full Access to All"); groupManager.CreateGroup(newGroup); groupManager.SetUserGroups(newUser.Id, new string[] { newGroup.Id }); groupManager.SetGroupRoles(newGroup.Id, new string[] { role.Name }); } } db.Departments.AddOrUpdate( d => d.DepartmentID, new Department() { DepartmentID = "IT", Name = "PD-IT", ParentID = "Root", Sort = 1, Description = "Dept PD-IT" }, new Department() { DepartmentID = "EQ", Name = "EQ", ParentID = "Root", Sort = 2, Description = "Dept EQ" }, new Department() { DepartmentID = "PL", Name = "PL", ParentID = "Root", Sort = 3, Description = "Dept PL" }, new Department() { DepartmentID = "GA", Name = "GA", ParentID = "Root", Sort = 4, Description = "Dept GA" }, new Department() { DepartmentID = "EDU", Name = "Edu", ParentID = "Root", Sort = 5, Description = "Dept Edu" }, new Department() { DepartmentID = "ACC", Name = "ACC", ParentID = "Root", Sort = 6, Description = "Dept ACC" } ); }