Esempio n. 1
0
        public async Task <ProjectSecurityResult> ValidatePermissions(
            string projectId,
            string userName,
            string providedPassword,
            CancellationToken cancellationToken)
        {
            var displayName     = string.Empty;
            var isAuthenticated = false;
            var canEditPosts    = false;
            var canEditPages    = false;
            var timeZoneId      = userManager.Site.TimeZoneId;

            var authUser = await userManager.FindByNameAsync(userName);

            if (authUser != null)
            {
                isAuthenticated = await userManager.CheckPasswordAsync(authUser, providedPassword);
            }

            if (isAuthenticated)
            {
                var claimsPrincipal = await signInManager.CreateUserPrincipalAsync(authUser);

                if (string.IsNullOrEmpty(projectId))
                {
                    projectId = claimsPrincipal.GetProjectId();
                }

                if (string.IsNullOrEmpty(projectId))
                {
                    var project = await projectResolver.GetCurrentProjectSettings(cancellationToken);

                    if (project != null)
                    {
                        projectId = project.Id;
                    }
                }
                if (!string.IsNullOrEmpty(projectId))
                {
                    canEditPosts = await claimsPrincipal.CanEditBlog(projectId, authorizationService);

                    canEditPages = await claimsPrincipal.CanEditPages(projectId, authorizationService);
                }

                //displayName = claimsPrincipal.GetDisplayName();
                displayName = claimsPrincipal.Identity.Name;
                if (!string.IsNullOrWhiteSpace(authUser.TimeZoneId))
                {
                    timeZoneId = authUser.TimeZoneId;
                }
            }

            var blogSecurity = new ProjectSecurityResult(displayName, projectId, isAuthenticated, canEditPosts, canEditPages, timeZoneId);

            return(blogSecurity);
        }
        public async Task <ProjectSecurityResult> ValidatePermissions(
            string projectId,
            string userName,
            string providedPassword,
            CancellationToken cancellationToken)
        {
            var displayName     = string.Empty;
            var isAuthenticated = false;
            var canEditPosts    = false;
            var canEditPages    = false;

            var authUser = signInManager.GetUser(userName);

            if (authUser != null)
            {
                isAuthenticated = signInManager.ValidatePassword(authUser, providedPassword);
            }

            if (isAuthenticated)
            {
                var claimsPrincipal = signInManager.GetClaimsPrincipal(authUser);
                if (string.IsNullOrEmpty(projectId))
                {
                    projectId = claimsPrincipal.GetProjectId();
                }
                if (!string.IsNullOrEmpty(projectId))
                {
                    canEditPosts = await claimsPrincipal.CanEditBlog(projectId, authorizationService);

                    canEditPages = await claimsPrincipal.CanEditPages(projectId, authorizationService);
                }

                displayName = claimsPrincipal.GetUserDisplayName();
            }

            var blogSecurity = new ProjectSecurityResult(displayName, projectId, isAuthenticated, canEditPosts, canEditPages);

            return(blogSecurity);
        }