/// <summary> /// Returns a paged users collection /// </summary> /// <param name="pageNumber"></param> /// <param name="pageSize"></param> /// <param name="orderBy"></param> /// <param name="orderDirection"></param> /// <param name="userGroups"></param> /// <param name="userStates"></param> /// <param name="filter"></param> /// <returns></returns> public PagedUserResult GetPagedUsers( int pageNumber = 1, int pageSize = 10, string orderBy = "username", Direction orderDirection = Direction.Ascending, [FromUri] string[] userGroups = null, [FromUri] UserState[] userStates = null, string filter = "") { //following the same principle we had in previous versions, we would only show admins to admins, see // https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/umbraco.presentation/umbraco/Trees/loadUsers.cs#L91 // so to do that here, we'll need to check if this current user is an admin and if not we should exclude all user who are // also admins var hideDisabledUsers = UmbracoConfig.For.UmbracoSettings().Security.HideDisabledUsersInBackoffice; var excludeUserGroups = new string[0]; var isAdmin = Security.CurrentUser.IsAdmin(); if (isAdmin == false) { //this user is not an admin so in that case we need to exlude all admin users excludeUserGroups = new[] { Constants.Security.AdminGroupAlias }; } var filterQuery = Query <IUser> .Builder; //if the current user is not the administrator, then don't include this in the results. var isAdminUser = Security.CurrentUser.Id == 0; if (isAdminUser == false) { filterQuery.Where(x => x.Id != 0); } if (filter.IsNullOrWhiteSpace() == false) { filterQuery.Where(x => x.Name.Contains(filter) || x.Username.Contains(filter)); } if (hideDisabledUsers) { if (userStates == null || userStates.Any() == false) { userStates = new[] { UserState.Active, UserState.Invited, UserState.LockedOut, UserState.Inactive }; } } long pageIndex = pageNumber - 1; long total; var result = Services.UserService.GetAll(pageIndex, pageSize, out total, orderBy, orderDirection, userStates, userGroups, excludeUserGroups, filterQuery); var paged = new PagedUserResult(total, pageNumber, pageSize) { Items = Mapper.Map <IEnumerable <UserBasic> >(result), UserStates = Services.UserService.GetUserStates() }; return(paged); }
/// <summary> /// Returns a paged users collection /// </summary> /// <param name="pageNumber"></param> /// <param name="pageSize"></param> /// <param name="orderBy"></param> /// <param name="orderDirection"></param> /// <param name="userGroups"></param> /// <param name="userStates"></param> /// <param name="filter"></param> /// <returns></returns> public PagedUserResult GetPagedUsers( int pageNumber = 1, int pageSize = 10, string orderBy = "username", Direction orderDirection = Direction.Ascending, [FromQuery] string[]?userGroups = null, [FromQuery] UserState[]?userStates = null, string filter = "") { //following the same principle we had in previous versions, we would only show admins to admins, see // https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/umbraco.presentation/umbraco/Trees/loadUsers.cs#L91 // so to do that here, we'll need to check if this current user is an admin and if not we should exclude all user who are // also admins var hideDisabledUsers = _securitySettings.HideDisabledUsersInBackOffice; var excludeUserGroups = new string[0]; var isAdmin = _backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser?.IsAdmin(); if (isAdmin == false) { //this user is not an admin so in that case we need to exclude all admin users excludeUserGroups = new[] { Constants.Security.AdminGroupAlias }; } var filterQuery = _sqlContext.Query <IUser>(); if (!_backofficeSecurityAccessor.BackOfficeSecurity?.CurrentUser?.IsSuper() ?? false) { // only super can see super - but don't use IsSuper, cannot be mapped to SQL //filterQuery.Where(x => !x.IsSuper()); filterQuery.Where(x => x.Id != Constants.Security.SuperUserId); } if (filter.IsNullOrWhiteSpace() == false) { filterQuery.Where(x => x.Name !.Contains(filter) || x.Username.Contains(filter)); } if (hideDisabledUsers) { if (userStates == null || userStates.Any() == false) { userStates = new[] { UserState.Active, UserState.Invited, UserState.LockedOut, UserState.Inactive }; } } long pageIndex = pageNumber - 1; long total; var result = _userService.GetAll(pageIndex, pageSize, out total, orderBy, orderDirection, userStates, userGroups, excludeUserGroups, filterQuery); var paged = new PagedUserResult(total, pageNumber, pageSize) { Items = _umbracoMapper.MapEnumerable <IUser, UserBasic>(result).WhereNotNull(), UserStates = _userService.GetUserStates() }; return(paged); }