public ActionResult Delete(int?id, string Tab, bool returnToFrontEnd = false) { if (!id.HasValue) { return(HttpBadRequest("ProductId = null")); } StoreFront storeFront = CurrentStoreFrontOrThrow; Product product = storeFront.Products.Where(p => p.ProductId == id.Value).SingleOrDefault(); if (product == null) { AddUserMessage("Product not found", "Sorry, the Product you are trying to Delete cannot be found. Product id: [" + id.Value + "] for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "]", UserMessageType.Danger); if (returnToFrontEnd) { return(RedirectToAction("Index", "Catalog", new { area = "" })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Products_Manager)) { return(RedirectToAction("Manager")); } return(RedirectToAction("Index", "CatalogAdmin")); } ProductEditAdminViewModel viewModel = new ProductEditAdminViewModel(product, CurrentUserProfileOrThrow, isDeletePage: true, activeTab: Tab); viewModel.ReturnToFrontEnd = returnToFrontEnd; ViewData.Add("ReturnToFrontEnd", returnToFrontEnd); return(View("Delete", viewModel)); }
protected override sealed void HandleUnknownAction(string actionName) { if (!User.IsRegistered()) { this.ExecuteBounceToLoginNoAccess("You must log in to view this page", this.TempData); return; } //perform redirect if not authorized for this area UserProfile profile = CurrentUserProfileOrNull; if (profile == null) { this.ExecuteBounceToLoginNoAccess("You must log in with an active account to view this page", this.TempData); return; } StoreFront storeFront = CurrentStoreFrontOrNull; if (storeFront == null) { this.ExecuteBounceToLoginNoAccess("You must log in with an account on an active store front to view this page", this.TempData); return; } //check area permission if (!storeFront.Authorization_IsAuthorized(profile, GStoreAction.Admin_CatalogAdminArea)) { this.ExecuteBounceToLoginNoAccess("You must log in with an account that has permission to view this page", this.TempData); return; } base.HandleUnknownAction(actionName); }
public ActionResult Create(ProductBundleEditAdminViewModel viewModel, string createAndView) { StoreFront storeFront = CurrentStoreFrontOrThrow; bool urlIsValid = GStoreDb.ValidateProductBundleUrlName(this, viewModel.UrlName, storeFront.StoreFrontId, storeFront.ClientId, null); if (urlIsValid && ModelState.IsValid) { try { ProcessFileUploads(viewModel, storeFront); ProductBundle productBundle = GStoreDb.CreateProductBundle(viewModel, storeFront, CurrentUserProfileOrThrow); AddUserMessage("Product Bundle Created!", "Product Bundle '" + productBundle.Name.ToHtml() + "' [" + productBundle.ProductBundleId + "] was created successfully for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "]", UserMessageType.Success); if (!string.IsNullOrWhiteSpace(createAndView)) { return(RedirectToAction("Details", new { id = productBundle.ProductBundleId, returnToFrontEnd = viewModel.ReturnToFrontEnd, tab = viewModel.ActiveTab })); } if (viewModel.ReturnToFrontEnd) { return(RedirectToAction("ViewBundleByName", "Catalog", new { area = "", urlName = viewModel.UrlName })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Bundles_Manager)) { return(RedirectToAction("Manager", new { ProductCategoryId = productBundle.ProductCategoryId })); } return(RedirectToAction("Index", "CatalogAdmin")); } catch (Exception ex) { string errorMessage = "An error occurred while Creating Product Bundle '" + viewModel.Name + "' for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "] \nError: " + ex.GetType().FullName; if (CurrentUserProfileOrThrow.AspNetIdentityUserIsInRoleSystemAdmin()) { errorMessage += " \nException.ToString(): " + ex.ToString(); } AddUserMessage("Error Creating Product Bundle!", errorMessage.ToHtmlLines(), UserMessageType.Danger); ModelState.AddModelError("Ajax", errorMessage); } } else { AddUserMessage("Create Product Bundle Error", "There was an error with your entry for new Product Bundle '" + viewModel.Name.ToHtml() + "' for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "]. Please correct it below and save.", UserMessageType.Danger); } if (Request.HasFiles()) { AddUserMessage("Files not uploaded", "You must correct the form values below and re-upload your files", UserMessageType.Danger); } viewModel.FillListsIfEmpty(storeFront.Client, storeFront); viewModel.IsCreatePage = true; ViewData.Add("ReturnToFrontEnd", viewModel.ReturnToFrontEnd); return(View("CreateOrEdit", viewModel)); }
public ActionResult PreviewDigitalDownload(int?id) { if (!id.HasValue) { return(HttpBadRequest("ProductId = null")); } StoreFront storeFront = CurrentStoreFrontOrThrow; Product product = storeFront.Products.Where(p => p.ProductId == id.Value).SingleOrDefault(); if (product == null) { AddUserMessage("Product not found", "Sorry, the Product you are trying to view cannot be found. Product Id: [" + id.Value + "] for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "]", UserMessageType.Danger); if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Products_Manager)) { return(RedirectToAction("Manager")); } return(RedirectToAction("Index", "CatalogAdmin")); } if (string.IsNullOrEmpty(product.DigitalDownloadFileName)) { string errorMessage = "There is no Digital Download File linked to this product"; return(View("DigitalDownload_Error", new DigitalDownloadFileError(product, errorMessage))); } string filePath = product.DigitalDownloadFilePath(Request.ApplicationPath, RouteData, Server); if (string.IsNullOrEmpty(filePath)) { string errorMessage = "Digital Download File '" + product.DigitalDownloadFileName + "' could not be found in store front, client, or server digital download files.\n" + "Be sure file exists, and it is located in the file system 'DigitalDownload/Products/[file name]"; return(View("DigitalDownload_Error", new DigitalDownloadFileError(product, errorMessage))); } string mimeType = MimeMapping.GetMimeMapping(filePath); return(new FilePathResult(filePath, mimeType) { FileDownloadName = product.DigitalDownloadFileName }); }
protected StoreFrontConfiguration GetConfigAndAccessCheck(int?id) { if (!id.HasValue) { return(CurrentStoreFrontConfigOrAny); } else { StoreFront currentStoreFront = CurrentStoreFrontOrThrow; StoreFront configStoreFront = currentStoreFront.Client.StoreFronts.Where(sf => sf.StoreFrontConfigurations.Any(sfc => sfc.StoreFrontConfigurationId == id.Value)).FirstOrDefault(); if (configStoreFront == null) { AddUserMessage("Configuration not found.", "Store Front Configuration id [" + id.Value + "] was not found for any store fronts for this client. Here is the default configuration for the current store front.", UserMessageType.Info); return(currentStoreFront.CurrentConfigOrAny()); } else { if (configStoreFront.StoreFrontId == currentStoreFront.StoreFrontId) { //current store front, user is authorized return(configStoreFront.StoreFrontConfigurations.Single(sfc => sfc.StoreFrontConfigurationId == id.Value)); } else { if (configStoreFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, true, GStoreAction.ClientConfig_StoreFrontConfig_Cart_View, GStoreAction.ClientConfig_StoreFrontConfig_Cart_Edit)) { //authorized return(configStoreFront.StoreFrontConfigurations.Single(sfc => sfc.StoreFrontConfigurationId == id.Value)); } else { //access denied AddUserMessage("Access Denied.", "You do not have permission to view the cart for configuration '" + configStoreFront + "' [" + id.Value + "]. Here is the default configuration for the current store front.", UserMessageType.Info); return(currentStoreFront.CurrentConfigOrAny()); } } } } }
public ActionResult DeleteConfirmed(int?id, bool returnToFrontEnd = false) { if (!id.HasValue) { return(HttpBadRequest("ProductId = null")); } StoreFront storeFront = CurrentStoreFrontOrThrow; Product product = storeFront.Products.Where(p => p.ProductId == id.Value).SingleOrDefault(); if (product == null) { AddUserMessage("Product not found", "Sorry, the Product you are trying to Delete cannot be found. It may have been deleted already. Product Id: [" + id.Value + "] for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "]", UserMessageType.Danger); if (returnToFrontEnd) { return(RedirectToAction("Index", "Catalog", new { area = "" })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Products_Manager)) { return(RedirectToAction("Manager")); } return(RedirectToAction("Index", "CatalogAdmin")); } string productName = product.Name; string categoryUrlName = product.Category.UrlName; try { bool deleted = GStoreDb.Products.DeleteById(id.Value); GStoreDb.SaveChanges(); if (deleted) { AddUserMessage("Product Deleted", "Product '" + productName.ToHtml() + "' [" + id + "] was deleted successfully.", UserMessageType.Success); if (returnToFrontEnd) { return(RedirectToAction("ViewCategoryByName", "Catalog", new { area = "", urlName = categoryUrlName })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Products_Manager)) { return(RedirectToAction("Manager")); } return(RedirectToAction("Index", "CatalogAdmin")); } AddUserMessage("Product Delete Error", "There was an error deleting Product '" + productName.ToHtml() + "' [" + id + "]. It may have already been deleted.", UserMessageType.Warning); if (returnToFrontEnd) { return(RedirectToAction("ViewCategoryByName", "Catalog", new { area = "", urlName = categoryUrlName })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Products_Manager)) { return(RedirectToAction("Manager")); } return(RedirectToAction("Index", "CatalogAdmin")); } catch (Exception ex) { string errorMessage = "There was an error deleting Product '" + productName + "' [" + id + "]. <br/>Error: '" + ex.GetType().FullName + "'"; if (CurrentUserProfileOrThrow.AspNetIdentityUserIsInRoleSystemAdmin()) { errorMessage += " \nException.ToString(): " + ex.ToString(); } AddUserMessage("Product Delete Error", errorMessage.ToHtml(), UserMessageType.Danger); if (returnToFrontEnd) { return(RedirectToAction("ViewCategoryByName", "Catalog", new { area = "", urlName = categoryUrlName })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Products_Manager)) { return(RedirectToAction("Manager")); } return(RedirectToAction("Index", "CatalogAdmin")); } }
public ActionResult Edit(ProductEditAdminViewModel viewModel, string saveAndView, int?addToBundleId, string addTobundle, int?addToBundleQty, int?removeAltCategoryId) { StoreFront storeFront = CurrentStoreFrontOrThrow; bool nameIsValid = GStoreDb.ValidateProductUrlName(this, viewModel.UrlName, storeFront.StoreFrontId, storeFront.ClientId, viewModel.ProductId); Product product = storeFront.Products.SingleOrDefault(p => p.ProductId == viewModel.ProductId); if (product == null) { AddUserMessage("Product not found", "Sorry, the Product you are trying to edit cannot be found. Product Id: [" + viewModel.ProductId + "] for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "]", UserMessageType.Danger); if (viewModel.ReturnToFrontEnd) { return(RedirectToAction("ViewProductByName", "Catalog", new { area = "", urlName = viewModel.UrlName })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Products_Manager)) { return(RedirectToAction("Manager")); } return(RedirectToAction("Index", "CatalogAdmin")); } if (ModelState.IsValid && nameIsValid) { ProcessFileUploads(viewModel, storeFront); bool addedToBundle = false; if (!string.IsNullOrEmpty(addTobundle) && addToBundleId.HasValue && addToBundleId.Value != 0) { ProductBundleItem newItem = GStoreDb.CreateProductBundleItemFastAdd(addToBundleId.Value, product, storeFront, CurrentUserProfileOrThrow, addToBundleQty ?? 1); addedToBundle = true; } product = GStoreDb.UpdateProduct(viewModel, storeFront, CurrentUserProfileOrThrow); AddUserMessage("Product updated successfully!", "Product updated successfully. Product '" + product.Name.ToHtml() + "' [" + product.ProductId + "] for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "]", UserMessageType.Success); if (removeAltCategoryId.HasValue && removeAltCategoryId.Value != 0) { ProductCategoryAltProduct removeAltProduct = product.CategoryAltProducts.SingleOrDefault(p => p.ProductCategoryId == removeAltCategoryId.Value); if (removeAltProduct == null) { AddUserMessage("Error removing cross-sell Category", "Category Id [" + removeAltCategoryId.Value + "] could not be found in product alt categories.", UserMessageType.Danger); } else { string oldName = removeAltProduct.Category.Name; GStoreDb.ProductCategoryAltProducts.Delete(removeAltProduct); GStoreDb.SaveChanges(); AddUserMessage("Removed cross-sell Catergory", oldName.ToHtml() + " was removed.", UserMessageType.Info); } } if (removeAltCategoryId.HasValue) { return(RedirectToAction("Edit", new { id = product.ProductId, returnToFrontEnd = viewModel.ReturnToFrontEnd, Tab = viewModel.ActiveTab })); } if (!string.IsNullOrWhiteSpace(saveAndView) || addedToBundle) { return(RedirectToAction("Details", new { id = product.ProductId, returnToFrontEnd = viewModel.ReturnToFrontEnd, Tab = viewModel.ActiveTab })); } if (viewModel.ReturnToFrontEnd) { return(RedirectToAction("ViewProductByName", "Catalog", new { area = "", urlName = viewModel.UrlName })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Products_Manager)) { return(RedirectToAction("Manager", new { productCategoryId = viewModel.ProductCategoryId })); } return(RedirectToAction("Index", "CatalogAdmin")); } if (Request.HasFiles()) { AddUserMessage("Files not uploaded", "You must correct the form values below and re-upload your files", UserMessageType.Danger); } viewModel.UpdateProduct(product); ViewData.Add("ReturnToFrontEnd", viewModel.ReturnToFrontEnd); return(View("CreateOrEdit", viewModel)); }
/// <summary> /// Checks Multiple StoreFront permissions for the specified user. /// If allowAnyMatch is true, this is an OR test for each option. If allowAnyMatch = false, this is an AND test for all options /// </summary> /// <param name="userProfile"></param> /// <param name="storeFront"></param> /// <param name="allowAnyMatch">If allowAnyMatch is true, this is an OR test for each option. If allowAnyMatch = false, this is an AND test for all options</param> /// <param name="actions"></param> /// <returns></returns> public static bool Authorization_IsAuthorized(this UserProfile userProfile, StoreFront storeFront, bool allowAnyMatch, params Identity.GStoreAction[] actions) { return storeFront.Authorization_IsAuthorized(userProfile, allowAnyMatch, actions); }
/// <summary> /// Checks a single StoreFront permission for the specified user. /// </summary> /// <param name="userProfile"></param> /// <param name="storeFront"></param> /// <param name="action"></param> /// <returns></returns> public static bool Authorization_IsAuthorized(this UserProfile userProfile, StoreFront storeFront, Identity.GStoreAction action) { return storeFront.Authorization_IsAuthorized(userProfile, action); }
public ActionResult Edit(int?id, ProductBundleEditAdminViewModel viewModel, List <ProductBundleItemEditAdminViewModel> bundleItems, string saveAndView, string addProductId, int?removeItemId, int?removeAltCategoryId) { if (viewModel == null || viewModel.ProductBundleId == 0) { return(HttpBadRequest("Product Bundle Id = 0")); } if (viewModel.ProductBundleId != (id ?? 0)) { return(HttpBadRequest("Product Bundle Id mismatch Request id: " + (id.HasValue ? id.Value.ToString() : "(null)") + " viewModel.ProductBundleId: " + viewModel.ProductBundleId)); } StoreFrontConfiguration config = CurrentStoreFrontConfigOrThrow; StoreFront storeFront = config.StoreFront; bool nameIsValid = GStoreDb.ValidateProductBundleUrlName(this, viewModel.UrlName, storeFront.StoreFrontId, storeFront.ClientId, viewModel.ProductBundleId); ProductBundle productBundle = storeFront.ProductBundles.SingleOrDefault(p => p.ProductBundleId == viewModel.ProductBundleId); if (productBundle == null) { AddUserMessage("Product Bundle not found", "Sorry, the Product Bundle you are trying to edit cannot be found. Product Bundle Id: [" + viewModel.ProductBundleId + "] for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "]", UserMessageType.Danger); if (viewModel.ReturnToFrontEnd) { return(RedirectToAction("ViewBundleByName", "Catalog", new { area = "", urlName = viewModel.UrlName })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Bundles_Manager)) { return(RedirectToAction("Manager")); } return(RedirectToAction("Index", "CatalogAdmin")); } if (bundleItems != null && bundleItems.Count != 0) { if (!bundleItems.All(bi => productBundle.ProductBundleItems.Any(pb => pb.ProductBundleItemId == bi.ProductBundleItemId))) { return(HttpBadRequest("bundle items do not all have the same ProductBundleId")); } } if (!string.IsNullOrEmpty(addProductId)) { int productIdToAdd = 0; if (!int.TryParse(addProductId, out productIdToAdd)) { return(HttpBadRequest("product id invalid")); } if (productBundle.ProductBundleItems.Any(pbi => pbi.ProductId == productIdToAdd)) { AddUserMessage("Product already exists in bundle", "Product id " + productIdToAdd + " already exists in this bundle.", UserMessageType.Info); } else { ProductBundleItem newItem = GStoreDb.CreateProductBundleItemFastAdd(productBundle, productIdToAdd, storeFront, CurrentUserProfileOrThrow, 1); AddUserMessage("Added Item!", "Product '" + newItem.Product.Name.ToHtml() + "' [" + newItem.ProductId + "] was added to the bundle '" + productBundle.Name.ToHtml() + "' [" + productBundle.ProductBundleId + "]", UserMessageType.Info); } } if (ModelState.IsValid && nameIsValid) { bool removedItem = false; ProcessFileUploads(viewModel, storeFront); productBundle = GStoreDb.UpdateProductBundle(viewModel, storeFront, CurrentUserProfileOrThrow); AddUserMessage("Product Bundle updated successfully!", "Product Bundle updated successfully. Product Bundle '" + productBundle.Name.ToHtml() + "' [" + productBundle.ProductBundleId + "] for Store Front '" + storeFront.CurrentConfig().Name.ToHtml() + "' [" + storeFront.StoreFrontId + "]", UserMessageType.Success); if (bundleItems != null && bundleItems.Count != 0) { GStoreDb.UpdateProductBundleItems(productBundle, bundleItems, storeFront, CurrentUserProfileOrThrow); } if (removeItemId.HasValue && removeItemId.Value != 0) { removedItem = true; RemoveItem(productBundle, removeItemId.Value); } if (removeAltCategoryId.HasValue && removeAltCategoryId.Value != 0) { ProductCategoryAltProductBundle removeAltProductBundle = productBundle.CategoryAltBundles.SingleOrDefault(p => p.ProductCategoryId == removeAltCategoryId.Value); if (removeAltProductBundle == null) { AddUserMessage("Error removing cross-sell Category", "Category Id [" + removeAltCategoryId.Value + "] could not be found in bundle alt categories.", UserMessageType.Danger); } else { string oldName = removeAltProductBundle.Category.Name; GStoreDb.ProductCategoryAltProductBundles.Delete(removeAltProductBundle); GStoreDb.SaveChanges(); AddUserMessage("Removed cross-sell Catergory", oldName.ToHtml() + " was removed.", UserMessageType.Info); } } if (removeAltCategoryId.HasValue) { return(RedirectToAction("Edit", new { id = productBundle.ProductBundleId, returnToFrontEnd = viewModel.ReturnToFrontEnd, Tab = viewModel.ActiveTab })); } if (!string.IsNullOrEmpty(addProductId) || removedItem) { return(RedirectToAction("Edit", new { id = productBundle.ProductBundleId, returnToFrontEnd = viewModel.ReturnToFrontEnd, Tab = viewModel.ActiveTab })); } if (!string.IsNullOrWhiteSpace(saveAndView)) { return(RedirectToAction("Details", new { id = productBundle.ProductBundleId, returnToFrontEnd = viewModel.ReturnToFrontEnd, Tab = viewModel.ActiveTab })); } if (viewModel.ReturnToFrontEnd) { return(RedirectToAction("ViewBundleByName", "Catalog", new { area = "", urlName = viewModel.UrlName })); } if (storeFront.Authorization_IsAuthorized(CurrentUserProfileOrThrow, GStoreAction.Bundles_Manager)) { return(RedirectToAction("Manager", new { ProductCategoryId = productBundle.ProductCategoryId })); } return(RedirectToAction("Index", "CatalogAdmin")); } if (Request.HasFiles()) { AddUserMessage("Files not uploaded", "You must correct the form values below and re-upload your files", UserMessageType.Danger); } viewModel.UpdateProductBundle(productBundle); ViewData.Add("ReturnToFrontEnd", viewModel.ReturnToFrontEnd); return(View("CreateOrEdit", viewModel)); }
/// <summary> /// Checks Multiple StoreFront permissions for the specified user. /// If allowAnyMatch is true, this is an OR test for each option. If allowAnyMatch = false, this is an AND test for all options /// </summary> /// <param name="userProfile"></param> /// <param name="storeFront"></param> /// <param name="allowAnyMatch">If allowAnyMatch is true, this is an OR test for each option. If allowAnyMatch = false, this is an AND test for all options</param> /// <param name="actions"></param> /// <returns></returns> public static bool Authorization_IsAuthorized(this UserProfile userProfile, StoreFront storeFront, bool allowAnyMatch, params Identity.GStoreAction[] actions) { return(storeFront.Authorization_IsAuthorized(userProfile, allowAnyMatch, actions)); }
/// <summary> /// Checks a single StoreFront permission for the specified user. /// </summary> /// <param name="userProfile"></param> /// <param name="storeFront"></param> /// <param name="action"></param> /// <returns></returns> public static bool Authorization_IsAuthorized(this UserProfile userProfile, StoreFront storeFront, Identity.GStoreAction action) { return(storeFront.Authorization_IsAuthorized(userProfile, action)); }