private static async Task FillUserDataForStateAsync(FindUserData data, AdminFindUserState stateToFillDataFor, string actionButtonText, string actionToPostTo,
int roleIDWhichUsersToExclude = 0)
{
data.Roles = await SecurityGuiHelper.GetAllRolesAsync();
switch (stateToFillDataFor)
{
case AdminFindUserState.Start:
// no-op
break;
case AdminFindUserState.UsersFound:
data.FoundUsers = await UserGuiHelper.FindUsers(data.FilterOnRole, data.SelectedRoleID, data.FilterOnNickName, data.SpecifiedNickName,
data.FilterOnEmailAddress, data.SpecifiedEmailAddress, roleIDWhichUsersToExclude);
break;
case AdminFindUserState.FinalAction:
case AdminFindUserState.PostAction:
data.SelectedUsers = await UserGuiHelper.GetAllUsersInRangeAsync(data.SelectedUserIDs);
break;
default:
throw new ArgumentOutOfRangeException(nameof(stateToFillDataFor), stateToFillDataFor, null);
}
data.FindUserState = stateToFillDataFor;
data.ActionButtonText = actionButtonText;
data.ActionToPostTo = actionToPostTo;
}
/// <summary>
/// Meant to be run at startup
/// </summary>
/// <param name="webRootPath"></param>
/// <param name="contentRootPath"></param>
public void LoadStaticData(string webRootPath, string contentRootPath)
{
this.FullDataFilesPath = Path.Combine(contentRootPath, this.DataFilesPath);
this.NoiseWords = GuiHelper.LoadNoiseWordsIntoHashSet(this.FullDataFilesPath);
this.RegistrationReplyMailTemplate = File.ReadAllText(Path.Combine(this.DataFilesPath, "RegistrationReplyMail.template"));
this.ThreadUpdatedNotificationTemplate = File.ReadAllText(Path.Combine(this.DataFilesPath, "ThreadUpdatedNotification.template"));
this.ResetPasswordLinkTemplate = File.ReadAllText(Path.Combine(this.DataFilesPath, "ResetPasswordLink.template"));
// Don't prefix the urlpath with the virtual root yet, as we use the path also for folder names below
var emojiUrlPath = this.EmojiFilesPath ?? string.Empty;
// replace / with \ if we're on windows and / with \ if we're on linux
var emojiUrlPathForFilename = emojiUrlPath.TrimStart('\\', '/').Replace(Path.AltDirectorySeparatorChar, Path.DirectorySeparatorChar);
var emojiFilesPath = Path.Combine(webRootPath ?? string.Empty, emojiUrlPathForFilename);
// We have to prefix the emojiUrlPath with the virtual root now.
emojiUrlPath = (this.VirtualRoot + emojiUrlPath).Replace("//", "/");
this.EmojiFilenamesPerName = LoadEmojiFilenames(emojiFilesPath, emojiUrlPath);
// load nicks of banned users
var bannedNicknames = UserGuiHelper.GetAllBannedUserNicknames();
_volatileDataLock.EnterWriteLock();
try
{
_usersToLogoutByForce.AddRange(bannedNicknames);
}
finally
{
_volatileDataLock.ExitWriteLock();
}
}
private async Task <(bool proceedWithInit, bool incorrectlyConfigured)> ShouldPerformInitAsync()
{
bool proceedWithInit = false;
bool incorrectlyConfigured = false;
// check if there's an anonymous user in the database
var anonymous = await UserGuiHelper.GetUserAsync(0); // use hardcoded 0 id.
if (anonymous == null)
{
proceedWithInit = true;
}
else
{
if (anonymous.NickName != "Anonymous")
{
incorrectlyConfigured = true;
}
}
if (proceedWithInit)
{
var admin = await UserGuiHelper.GetUserAsync(1); // use hardcoded 1 id.
if (admin != null)
{
proceedWithInit = false;
incorrectlyConfigured = true; // anonymous wasn't there, but admin was...
}
}
return(proceedWithInit, incorrectlyConfigured);
}
public async Task <ActionResult> EditUserInfo_FinalAction(EditUserInfoData data)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement))
{
return(RedirectToAction("Index", "Home"));
}
data.UserTitles = await UserGuiHelper.GetAllUserTitlesAsync();
data.Roles = await SecurityGuiHelper.GetAllRolesAsync();
if (!ModelState.IsValid)
{
return(View("~/Views/Admin/EditUserInfo.cshtml", data));
}
data.Sanitize();
data.StripProtocolsFromUrls();
bool result = false;
var user = await UserGuiHelper.GetUserAsync(data.UserId);
if (user != null)
{
result = await UserManager.UpdateUserProfileAsync(data.UserId, data.DateOfBirth, data.EmailAddress, user.EmailAddressIsPublic ?? false, data.IconURL,
data.Location, data.Occupation, data.NewPassword, data.Signature, data.Website, data.UserTitleId,
user.AutoSubscribeToThread, user.DefaultNumberOfMessagesPerPage, data.IsBanned, data.RoleIDs);
}
data.InfoEdited = result;
return(View("~/Views/Admin/EditUserInfo.cshtml", data));
}
public async Task <ActionResult> DeleteUser_Perform(ActionWithUserSearchData data, string submitAction)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement))
{
return(RedirectToAction("Index", "Home"));
}
if (submitAction != "Delete")
{
return(RedirectToAction("Index", "Home"));
}
if (data.FindUserData.SelectedUserIDs == null || data.FindUserData.SelectedUserIDs.Count <= 0)
{
return(await DeleteUser_Find(data));
}
int userIdToDelete = data.FindUserData.SelectedUserIDs.FirstOrDefault();
var user = await UserGuiHelper.GetUserAsync(userIdToDelete);
bool result = await UserManager.DeleteUserAsync(userIdToDelete);
if (result)
{
ApplicationAdapter.AddUserToListToBeLoggedOutByForce(user.NickName);
}
await FillUserDataForStateAsync(data.FindUserData, AdminFindUserState.PostAction, string.Empty, string.Empty);
var viewData = new ActionWithUserSearchData(data.FindUserData);
viewData.FinalActionResult = result ? "The user has been deleted" : "Deleting the user failed, perhaps you selected a user that couldn't be deleted?";
return(View("~/Views/Admin/DeleteUser.cshtml", viewData));
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.UserManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
if (!Page.IsPostBack)
{
cmbUserTitle.DataSource = UserGuiHelper.GetAllUserTitles();
cmbUserTitle.DataTextField = "UserTitleDescription";
cmbUserTitle.DataValueField = "UserTitleID";
cmbUserTitle.DataBind();
}
}
public async Task <ActionResult> ViewProfile(int userId = 0)
{
var userID = this.HttpContext.Session.GetUserID();
if (userID <= 0 || userId == 0)
{
// not useful
return(RedirectToAction("Index", "Home"));
}
var userProfileData = await UserGuiHelper.GetUserProfileInfoAsync(userId);
if (userProfileData == null)
{
// not found
return(RedirectToAction("Index", "Home"));
}
var viewData = new UserProfileData()
{
ProfileDataFromDatabase = userProfileData
};
viewData.AdminSectionIsVisible = this.HttpContext.Session.HasSystemActionRight(ActionRights.SystemManagement) ||
this.HttpContext.Session.HasSystemActionRight(ActionRights.SecurityManagement) ||
this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement);
viewData.UserHasSystemManagementRight = this.HttpContext.Session.HasSystemActionRight(ActionRights.SystemManagement);
viewData.LastThreads = await UserGuiHelper.GetLastThreadsForUserAggregatedDataAsync(this.HttpContext.Session.GetForumsWithActionRight(ActionRights.AccessForum), userId,
this.HttpContext.Session.GetForumsWithActionRight(ActionRights.ViewNormalThreadsStartedByOthers),
this.HttpContext.Session.GetUserID(), 25);
viewData.CurrentlyLoggedInUserID = this.HttpContext.Session.GetUserID();
return(View(viewData));
}
/// <summary>
/// Handler for the selectclicked event of the finduser control.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void SelectClickedHandler(object sender, System.EventArgs e)
{
phDeleteResult.Visible = false;
List <int> selectedUserIDs = userFinder.SelectedUserIDs;
if (selectedUserIDs.Count < 0)
{
// nothing selected, return
return;
}
// just use the first selected user
int selectedUserID = selectedUserIDs[0];
if ((selectedUserID == 0) || (selectedUserID == SessionAdapter.GetUserID()))
{
// can't delete anonymous coward or him/herself
return;
}
UserEntity user = UserGuiHelper.GetUser(selectedUserID);
lblNickname.Text = user.NickName;
lblUserID.Text = user.UserID.ToString();
phUserInfo.Visible = true;
}
public async Task <ActionResult> SpecifyNewPassword(NewPasswordData data, string tokenId)
{
// the token might be invalid or non existent.
var passwordResetToken = await UserGuiHelper.GetPasswordResetTokenAsync(tokenId);
if (passwordResetToken == null)
{
return(RedirectToAction("Index", "Home"));
}
if (!ModelState.IsValid)
{
return(View(data));
}
if (string.IsNullOrWhiteSpace(data.NewPassword))
{
data.NewPassword = string.Empty;
data.ConfirmNewPassword = string.Empty;
return(View(data));
}
var result = await UserManager.ResetPasswordAsync(data.NewPassword, passwordResetToken);
if (!result)
{
return(View(data));
}
// all done, user can now login.
return(RedirectToAction("Login", "Account"));
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
_roleID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["RoleID"]);
if (!Page.IsPostBack)
{
// Get Role
RoleEntity role = SecurityGuiHelper.GetRole(_roleID);
_roleDescription = role.RoleDescription;
// bind the users listbox to an entitycollection with all users.
UserCollection users = UserGuiHelper.GetAllUsersNotInRole(_roleID);
lbxUsers.DataSource = users;
lbxUsers.DataTextField = "NickName";
lbxUsers.DataValueField = "UserID";
lbxUsers.DataBind();
}
}
public async Task <ActionResult> Register(NewProfileData data)
{
if (!ModelState.IsValid)
{
return(View(data));
}
data.Sanitize();
data.StripProtocolsFromUrls();
var nickNameExists = await UserGuiHelper.CheckIfNickNameExistAsync(data.NickName);
if (nickNameExists)
{
ModelState.AddModelError("NickName", "NickName already exists");
return(View(data));
}
var result = await UserManager.RegisterNewUserAsync(data.NickName, data.DateOfBirth, data.EmailAddress, data.EmailAddressIsPublic, data.IconURL,
HnDGeneralUtils.GetRemoteIPAddressAsIP4String(this.HttpContext.Connection.RemoteIpAddress), data.Location,
data.Occupation, data.Signature, data.Website,
ApplicationAdapter.GetEmailData(this.Request.Host.Host, EmailTemplate.RegistrationReply),
data.AutoSubscribeToThread, data.DefaultNumberOfMessagesPerPage);
if (result > 0)
{
this.HttpContext.Session.UpdateUserSettings(data);
return(RedirectToAction("Login", "Account"));
}
return(View(data));
}
public async Task <ActionResult> EditProfile()
{
var user = await UserGuiHelper.GetUserAsync(this.HttpContext.Session.GetUserID());
if (user == null)
{
// not found
return(RedirectToAction("Index", "Home"));
}
var data = new EditProfileData()
{
AutoSubscribeToThread = user.AutoSubscribeToThread,
EmailAddress = user.EmailAddress,
EmailAddressIsPublic = user.EmailAddressIsPublic ?? false,
NickName = user.NickName,
DateOfBirth = user.DateOfBirth,
Occupation = user.Occupation ?? string.Empty,
Location = user.Location ?? string.Empty,
Signature = user.Signature ?? string.Empty,
Website = user.Website ?? string.Empty,
IconURL = user.IconURL ?? string.Empty,
DefaultNumberOfMessagesPerPage = user.DefaultNumberOfMessagesPerPage
};
data.Sanitize();
return(View(data));
}
public async Task <ActionResult> Threads(int pageNo = 1)
{
var userID = this.HttpContext.Session.GetUserID();
if (userID <= 0)
{
// not found
return(RedirectToAction("Index", "Home"));
}
int rowCount = this.HttpContext.Session.GetInt32(SessionKeys.MyThreadsRowCount) ?? 0;
if (rowCount <= 0)
{
rowCount = await UserGuiHelper.GetRowCountLastThreadsForUserAsync(this.HttpContext.Session.GetForumsWithActionRight(ActionRights.AccessForum), userID,
this.HttpContext.Session.GetForumsWithActionRight(ActionRights.ViewNormalThreadsStartedByOthers),
userID);
this.HttpContext.Session.SetInt32(SessionKeys.MyThreadsRowCount, rowCount);
}
var systemSettings = await _cache.GetSystemDataAsync();
int pageSize = systemSettings.PageSizeSearchResults;
if (pageSize <= 0)
{
pageSize = 50;
}
int rowCountCapped = rowCount;
if (rowCount > 500)
{
// maximum is 500
rowCountCapped = 500;
}
int numberOfPages = (rowCountCapped / pageSize);
if ((numberOfPages * pageSize) < rowCountCapped)
{
numberOfPages++;
}
var data = new MyThreadsData()
{
RowCount = rowCount, NumberOfPages = numberOfPages, PageNo = pageNo
};
data.ThreadRows = await UserGuiHelper.GetLastThreadsForUserAggregatedDataAsync(this.HttpContext.Session.GetForumsWithActionRight(ActionRights.AccessForum), userID,
this.HttpContext.Session.GetForumsWithActionRight(ActionRights.ViewNormalThreadsStartedByOthers),
userID, pageSize, pageNo);
return(View(data));
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.SystemManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
if (!Page.IsPostBack)
{
// load the data into the dropdown boxes.
RoleCollection allRoles = SecurityGuiHelper.GetAllRoles();
cbxDefaultRoleNewUsers.DataSource = allRoles;
cbxDefaultRoleNewUsers.DataTextField = "RoleDescription";
cbxDefaultRoleNewUsers.DataValueField = "RoleID";
cbxDefaultRoleNewUsers.DataBind();
cbxAnonymousUserRole.DataSource = allRoles;
cbxAnonymousUserRole.DataTextField = "RoleDescription";
cbxAnonymousUserRole.DataValueField = "RoleID";
cbxAnonymousUserRole.DataBind();
UserTitleCollection userTitles = UserGuiHelper.GetAllUserTitles();
cbxDefaultUserTitleNewUsers.DataSource = userTitles;
cbxDefaultUserTitleNewUsers.DataTextField = "UserTitleDescription";
cbxDefaultUserTitleNewUsers.DataValueField = "UserTitleID";
cbxDefaultUserTitleNewUsers.DataBind();
// preselect the current values of the system parameters.
SystemDataEntity systemData = CacheManager.GetSystemData();
cbxDefaultRoleNewUsers.SelectedValue = systemData.DefaultRoleNewUser.ToString();
cbxAnonymousUserRole.SelectedValue = systemData.AnonymousRole.ToString();
cbxDefaultUserTitleNewUsers.SelectedValue = systemData.DefaultUserTitleNewUser.ToString();
tbxActiveThreadsThreshold.Text = systemData.HoursThresholdForActiveThreads.ToString();
tbxMinNumberOfNonStickyVisibleThreads.Text = systemData.MinNumberOfNonStickyVisibleThreads.ToString();
tbxMinNumberOfThreadsToFetch.Text = systemData.MinNumberOfThreadsToFetch.ToString();
tbxPageSizeInSearchResults.Text = systemData.PageSizeSearchResults.ToString();
chkSendReplyNotifications.Checked = systemData.SendReplyNotifications;
ViewState.Add("ID", systemData.ID);
}
}
private void Page_Load(object sender, System.EventArgs e)
{
// fill the page's content
DataView bookmarks = UserGuiHelper.GetBookmarksAsDataView(SessionAdapter.GetUserID());
rpThreads.DataSource = bookmarks;
rpThreads.DataBind();
btnRemoveChecked.Visible = (bookmarks.Count > 0);
}
public async Task <ActionResult <IEnumerable <SectionDto> > > GetUsersInRole(int roleId)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.SecurityManagement))
{
return(RedirectToAction("Index", "Home"));
}
var roleDtos = await UserGuiHelper.GetAllUserInRoleDtosForRoleAsync(roleId);
return(Ok(roleDtos));
}
public async Task <ActionResult> Bookmarks()
{
var bookmarkData = await UserGuiHelper.GetBookmarksAggregatedDataAsync(this.HttpContext.Session.GetUserID());
var viewData = new ThreadsData()
{
ThreadRows = bookmarkData
};
return(View(viewData));
}
public async Task <ActionResult> SpecifyNewPassword(string tokenId)
{
// the token might be invalid or non existent.
var resetToken = await UserGuiHelper.GetPasswordResetTokenAsync(tokenId);
if (resetToken == null)
{
return(RedirectToAction("Index", "Home"));
}
return(View());
}
public async Task <ActionResult> EditUserInfo_UserSelected(ActionWithUserSearchData data, string submitAction)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement))
{
return(RedirectToAction("Index", "Home"));
}
if (submitAction == "SearchAgain")
{
return(await EditUserInfo());
}
if (submitAction != "PerformAction")
{
return(RedirectToAction("Index", "Home"));
}
if (data.FindUserData.SelectedUserIDs == null || data.FindUserData.SelectedUserIDs.Count <= 0)
{
return(await EditUserInfo_Find(data));
}
var user = await UserGuiHelper.GetUserAsync(data.FindUserData.SelectedUserIDs.FirstOrDefault());
if (user == null)
{
// not found
return(RedirectToAction("Index", "Home"));
}
var newData = new EditUserInfoData()
{
UserId = user.UserID,
EmailAddress = user.EmailAddress,
NickName = user.NickName,
DateOfBirth = user.DateOfBirth,
Occupation = user.Occupation ?? string.Empty,
Location = user.Location ?? string.Empty,
Signature = user.Signature ?? string.Empty,
Website = user.Website ?? string.Empty,
IconURL = user.IconURL ?? string.Empty,
UserTitleId = user.UserTitleID,
IPAddress = user.IPNumber,
LastVisitDate = user.LastVisitedDate.HasValue ? user.LastVisitedDate.Value.ToString("f") : "Never",
IsBanned = user.IsBanned,
RoleIDs = await SecurityGuiHelper.GetAllRoleIDsForUserAsync(user.UserID),
Roles = await SecurityGuiHelper.GetAllRolesAsync(),
UserTitles = await UserGuiHelper.GetAllUserTitlesAsync(),
};
newData.Sanitize();
return(View("~/Views/Admin/EditUserInfo.cshtml", newData));
}
protected void btnSubmit_OnClick(object sender, EventArgs e)
{
string username = tbxUsername.Text;
string password = tbxPassword.Text;
DateTime lastLoginDate = DateTime.Now;
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(tbxPassword.Text))
{
vs1.HeaderText = "Please enter username and password";
return;
}
//users are faculty
var users = UserGuiHelper.GetUserUsingUserNamePasswordAsDataTable(username, password);
if (users.Rows.Count > 0)
{
var user = users.Rows[0];
bool isAdmin = (bool)user["IsAdmin"];
bool isInstructor = (bool)user["IsInstructor"];
int userId = int.Parse(users.Rows[0]["Id"].ToString());
string userName = users.Rows[0]["FullName"].ToString();
if (isAdmin && isInstructor)
{
SessionAdapter.SetAdminId(userId);
SessionAdapter.SetInstructorId(userId);
SessionAdapter.SetUserName(userName);
Response.Redirect("Student.aspx");
}
else if (isAdmin)
{
SessionAdapter.SetAdminId(userId);
SessionAdapter.SetUserName(userName);
Response.Redirect("Student.aspx");
}
else if (isInstructor)
{
SessionAdapter.SetInstructorId(userId);
SessionAdapter.SetUserName(userName);
Response.Redirect("Attendance.aspx");
}
else
{
}
}
else
{
ErrorMessage.Visible = true;
FailureText.Text = "Username or password is incorrect! Please try again!";
}
}
/// <summary>
/// Handler for the selectclicked event of the finduser control.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void SelectClickedHandler(object sender, System.EventArgs e)
{
phModifyResult.Visible = false;
List <int> selectedUserIDs = userFinder.SelectedUserIDs;
if (selectedUserIDs.Count < 0)
{
// nothing selected, return
return;
}
// just use the first selected user
_selectedUserID = selectedUserIDs[0];
UserEntity user = UserGuiHelper.GetUser(_selectedUserID);
if (user == null)
{
// not found
return;
}
phFindUserArea.Visible = false;
phProfileEditArea.Visible = true;
// fill in the form with data
lblNickname.Text = string.Format("{0} (UserId: {1})", user.NickName, user.UserID);
tbxEmailAddress.Value = user.EmailAddress;
tbxIconURL.Value = user.IconURL;
if (user.DateOfBirth.HasValue)
{
DateTime dateOfBirth = user.DateOfBirth.Value;
tbxDateOfBirth.Value = dateOfBirth.Month.ToString("0#") + "/" + dateOfBirth.Day.ToString("0#") + "/" + dateOfBirth.Year.ToString("####");
}
tbxOccupation.Value = user.Occupation;
tbxLocation.Value = user.Location;
tbxWebsite.Value = user.Website;
tbxSignature.Value = user.Signature;
if (user.EmailAddressIsPublic.HasValue)
{
_emailAddressIsVisible.Value = user.EmailAddressIsPublic.Value.ToString().ToLowerInvariant();
}
else
{
_emailAddressIsVisible.Value = "true";
}
_defaultNumberOfMessagesPerPage.Value = user.DefaultNumberOfMessagesPerPage.ToString();
_autoSubscribeToThread.Value = user.AutoSubscribeToThread.ToString().ToLowerInvariant();
cmbUserTitle.SelectedValue = user.UserTitleID.ToString();
SetViewstate();
}
/// <summary>
/// Handler for the selectclicked event of the finduser control.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void SelectClickedHandler(object sender, System.EventArgs e)
{
List <int> selectedUserIDs = userFinder.SelectedUserIDs;
phEmailConstruction.Visible = (selectedUserIDs.Count > 0);
if (selectedUserIDs.Count <= 0)
{
// nothing selected, return
return;
}
_selectedUsers = UserGuiHelper.GetAllUsersInRange(selectedUserIDs);
SetViewState();
SetToNames();
userFinder.Visible = false;
}
public async Task <ActionResult> SystemParameters()
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.SystemManagement))
{
return(RedirectToAction("Index", "Home"));
}
var data = new SystemParametersData()
{
AllRoles = await SecurityGuiHelper.GetAllRolesAsync(),
AllUserTitles = await UserGuiHelper.GetAllUserTitlesAsync(),
SystemData = await _cache.GetSystemDataAsync()
};
return(View("~/Views/Admin/SystemParameters.cshtml", data));
}
private static async Task RedirectToInitIfRequired(HttpContext context)
{
// check if there's an anonymous user in the database
var anonymous = await UserGuiHelper.GetUserAsync(0); // use hardcoded 0 id. This also makes sure a misconfigured db isn't used further.
if (anonymous == null)
{
// database is empty
context.Request.Path = ApplicationAdapter.GetVirtualRoot() + "Admin/Init";
}
else
{
if (anonymous.NickName != "Anonymous")
{
// Misconfigured.
context.Request.Path = ApplicationAdapter.GetVirtualRoot() + "Error/1337";
}
}
}
/// <summary>
/// Finds the user specified in the filter.
/// </summary>
/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
protected virtual void OnFind(EventArgs e)
{
if (!(chkFilterOnRole.Checked || chkFilterOnNickName.Checked || chkFilterOnEmailAddress.Checked))
{
// nothing selected
return;
}
UserCollection matchingUsers = UserGuiHelper.FindUsers(chkFilterOnRole.Checked, Convert.ToInt32(cbxRoles.SelectedValue),
chkFilterOnNickName.Checked, tbxNickName.Text.Trim(),
chkFilterOnEmailAddress.Checked, tbxEmailAddress.Text.Trim());
lbxMatchingUsers.DataSource = matchingUsers;
lbxMatchingUsers.DataTextField = "NickName";
lbxMatchingUsers.DataValueField = "UserID";
lbxMatchingUsers.DataBind();
phSearchResults.Visible = true;
btnSelect.Enabled = (matchingUsers.Count > 0);
}
public async Task <ActionResult> BanUnbanUser_Perform(ActionWithUserSearchData data, string submitAction)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement))
{
return(RedirectToAction("Index", "Home"));
}
if (submitAction != "ToggleBanFlag")
{
return(RedirectToAction("Index", "Home"));
}
if (data.FindUserData.SelectedUserIDs == null || data.FindUserData.SelectedUserIDs.Count <= 0)
{
return(await BanUnbanUser_Find(data));
}
int userIdToToggleBanFlagOf = data.FindUserData.SelectedUserIDs.FirstOrDefault();
var(toggleResult, newBanFlagValue) = await UserManager.ToggleBanFlagValueAsync(userIdToToggleBanFlagOf);
if (newBanFlagValue)
{
var user = await UserGuiHelper.GetUserAsync(userIdToToggleBanFlagOf);
ApplicationAdapter.AddUserToListToBeLoggedOutByForce(user.NickName);
}
await FillUserDataForStateAsync(data.FindUserData, AdminFindUserState.PostAction, string.Empty, string.Empty);
var viewData = new ActionWithUserSearchData(data.FindUserData);
if (toggleResult)
{
viewData.FinalActionResult = newBanFlagValue ? "The user is now banned" : "The user has been unbanned";
}
else
{
viewData.FinalActionResult = "Toggling the ban flag failed.";
}
return(View("~/Views/Admin/BanUnbanUser.cshtml", viewData));
}
public async Task <ActionResult> ShowAuditInfoUser_UserSelected(ActionWithUserSearchData data, string submitAction, string filterAsString, string foundUserIds)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement))
{
return(RedirectToAction("Index", "Home"));
}
if (submitAction == "SearchAgain")
{
return(await ShowAuditInfoUser());
}
if (submitAction != "PerformAction")
{
return(RedirectToAction("Index", "Home"));
}
if (data.FindUserData.SelectedUserIDs == null || data.FindUserData.SelectedUserIDs.Count <= 0 || string.IsNullOrWhiteSpace(foundUserIds))
{
return(await ShowAuditInfoUser_Find(data));
}
int selectedUserId = data.FindUserData.SelectedUserIDs.FirstOrDefault();
var auditDataForView = new ShowAuditInfoUserData(data.FindUserData)
{
AuditData = await SecurityGuiHelper.GetAllAuditsForUserAsync(selectedUserId),
AuditedUser = await UserGuiHelper.GetUserAsync(selectedUserId)
};
data.FindUserData.OverrideFilterAsString(filterAsString);
// we'll keep the search form open so we can quickly view data of multiple users without searching again. This means we'll keep the finduserdata state
// as it is, as this is the end state of this action anyway.
data.FindUserData.ActionButtonText = "View audit info";
data.FindUserData.FindUserState = AdminFindUserState.UsersFound;
var userIDsFoundAsString = foundUserIds.Split(',');
var userIDsOfUsersToLoad = userIDsFoundAsString.Select(us => Convert.ToInt32(us)).ToList();
data.FindUserData.FoundUsers = await UserGuiHelper.GetUsersAsync(userIDsOfUsersToLoad);
return(View("~/Views/Admin/ShowAuditInfoUser.cshtml", auditDataForView));
}
public async Task <IActionResult> ResetPassword(ResetPasswordData data)
{
if (!ModelState.IsValid)
{
return(View(data));
}
// check if the email address specified is the one registered with the user. If not, redirect to home
var user = await UserGuiHelper.GetUserAsync(data.NickName);
if (string.Compare(user.EmailAddress, data.EmailAddress, StringComparison.OrdinalIgnoreCase) != 0)
{
// not the same, ignore request
return(RedirectToAction("Index", "Home"));
}
await PerformResetPasswordAsync(data);
return(View(data));
}
private void Page_Load(object sender, System.EventArgs e)
{
// use the UserID from the session, so it's impossible to edit another user.
_userID = SessionAdapter.GetUserID();
if (_userID <= 0)
{
// anonymous
Response.Redirect("default.aspx");
}
if (!Page.IsPostBack)
{
// load the user entity from the db.
UserEntity user = UserGuiHelper.GetUser(_userID);
// fill in the form with data
lblNickname.Text = user.NickName;
tbxEmailAddress.Value = user.EmailAddress;
tbxIconURL.Value = user.IconURL;
if (user.DateOfBirth.HasValue)
{
DateTime dateOfBirth = user.DateOfBirth.Value;
tbxDateOfBirth.Value = dateOfBirth.Month.ToString("0#") + "/" + dateOfBirth.Day.ToString("0#") + "/" + dateOfBirth.Year.ToString("####");
}
tbxOccupation.Value = user.Occupation;
tbxLocation.Value = user.Location;
tbxWebsite.Value = user.Website;
tbxSignature.Value = user.Signature;
if (user.EmailAddressIsPublic.HasValue)
{
chkEmailAddressIsHidden.Checked = !user.EmailAddressIsPublic.Value;
}
else
{
chkEmailAddressIsHidden.Checked = false;
}
chkAutoSubscribeToThread.Checked = user.AutoSubscribeToThread;
tbxDefaultNumberOfMessagesPerPage.Value = user.DefaultNumberOfMessagesPerPage.ToString();
}
}
/// <summary>
/// Handler for the selectclicked event of the finduser control.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void SelectClickedHandler(object sender, System.EventArgs e)
{
List <int> selectedUserIDs = userFinder.SelectedUserIDs;
if (selectedUserIDs.Count < 0)
{
// nothing selected, return
return;
}
// just use the first selected user
int selectedUserID = selectedUserIDs[0];
UserEntity user = UserGuiHelper.GetUser(selectedUserID);
lblUserName.Text = user.NickName;
AuditDataCoreCollection audits = SecurityGuiHelper.GetAllAuditsForUser(selectedUserID);
phAuditInfo.Visible = true;
rptAudits.DataSource = audits;
rptAudits.DataBind();
}
