Esempio n. 1
0
        public ActionResult UserGroup(int id, int page, string UsersAddButton, string UsersRemoveButton, string NewGroup, string UpdateGroup, string DeleteGroup)
        {
            var model = new AdminUserGroupModel(){page = page};
            model.AddNavigation("Admin Panel", "Overview", "Admin", null);
            model.AddNavigation("Edit User Groups");
            using (ForumRespository db = new ForumRespository())
            {
                Forum_User CurrentUser = GetCurrentUser(db);

                if (!UserIdentity.IsAdmin)
                    return AuthenticationHelper.AccessDeniedView(model); // Administrating the forum requires the user to be an Admin.

                HandlePermissionsLinkUpdates();

                Forum_Role CurrentRole;

                if (id != 0)
                    CurrentRole = db.GetRole(id);
                else
                    CurrentRole = db.GetAllRoles().First();

                if (CurrentRole == null)
                    return NotFoundView("User Group");

                model.id = CurrentRole.RoleID;
                model.CanBeDeleted = CurrentRole.CanBeDeleted;
                model.HasMembers = CurrentRole.RoleID != (int)BuildInRole.Everyone &&
                                   CurrentRole.RoleID != (int)BuildInRole.RegisteredUser;
                model.HasPermissions = CurrentRole.RoleID != (int)BuildInRole.Administrator;

                if (IsHttpPost && AntiForgeryTokenValid)
                {
                    if (!String.IsNullOrEmpty(UsersAddButton) && model.HasMembers)
                    {
                        int nID;
                        Forum_User ToAdd;
                        foreach (var ID in Request.Form.GetValues("Users"))
                        {
                            try
                            {
                                nID = Convert.ToInt32(ID);
                            }
                            catch
                            {
                                continue;
                            }
                            if (nID == (int)BuildInUser.Guest) continue;
                            ToAdd = db.GetUserByID(nID);
                            if (ToAdd == null) continue;
                            if (db.UserInRole(ToAdd, CurrentRole)) continue;
                            db.AddUserRoleLink(CurrentRole, ToAdd);
                        }
                        db.Save();
                    }
                    else if (!String.IsNullOrEmpty(UsersRemoveButton))
                    {
                        int nID;
                        var RemovedUsers = Request.Form.GetValues("Users");
                        if (RemovedUsers != null)
                        {
                            foreach (var ID in RemovedUsers)
                            {
                                try
                                {
                                    nID = Convert.ToInt32(ID);
                                }
                                catch
                                {
                                    continue;
                                }
                                if (CurrentRole.RoleID == (int)BuildInRole.Administrator && nID == CurrentUser.UserID) continue;
                                db.RemoveUserFromRole(db.GetUserByID(nID), CurrentRole);
                            }
                            db.Save();
                        }
                    }
                    else if (!String.IsNullOrEmpty(UpdateGroup) && model.HasPermissions)
                    {
                        if (model.CanBeDeleted)
                            CurrentRole.Name = Request.Form["Name"];
                        CurrentRole.AllowSearch = Request.Form["IsAllowedSearch"] != "false";
                        db.Save();
                    }
                    else if (!String.IsNullOrEmpty(NewGroup))
                    {
                        var NewRole = new Forum_Role();
                        NewRole.Name = "Unnamed";
                        NewRole.CanBeDeleted = true;
                        db.AddRole(NewRole);
                        db.Save();
                        return RedirectToAction("UserGroup", new { id = NewRole.RoleID });
                    }
                    else if (!String.IsNullOrEmpty(DeleteGroup) && model.CanBeDeleted && CurrentRole.Forum_UserRoleLinks.Count == 0)
                    {
                        db.DeleteRole(CurrentRole);
                        db.Save();
                        return RedirectToAction("UserGroup", new { id = 0 });
                    }
                }

                if (model.HasMembers)
                {
                    model.CurrentGroupUsers = db.GetUsersInRole(CurrentRole).ToClassList(U => new AdminNamedID(){ID = U.UserID, Name = U.Username});
                }

                model.UserGroups = db.GetAllRoles().ToClassList(R => new AdminNamedID() { ID = R.RoleID, Name = R.Name });
                model.Categories = db.GetAllCategories().ToClassList(C => new AdminNamedID() { ID = C.CategoryID, Name = C.Name });
                model.PermissionSets = db.GetAllPermissionSets().ToClassList(P => new AdminNamedID() { ID = P.PermissionID, Name = P.Name });
                model.Fixed = AdminPermissionLinkEditors.FixedSet.UserGroups;

                var Users = db.GetAllUsers().OrderBy(U => U.Username);
                model.LastPage = (Users.Count() - 1) / UsersPerPage + 1;

                model.AllUsers = Users.Skip((page - 1) * UsersPerPage).Take(UsersPerPage).ToClassList(U => new AdminNamedID() { ID = U.UserID, Name = U.Username });

                if (model.HasPermissions)
                {
                    model.FixedNamedID = new AdminNamedID() { ID = CurrentRole.RoleID, Name = CurrentRole.Name};
                    model.PermissionLinkList = db.GetPermissionLinks().Where(L => L.RoleID == id).OrderBy(L => L.CategoryID).ToClassList(L => new AdminPermissionLink()
                    {
                        Category = new AdminNamedID() { ID = L.CategoryID, Name = db.GetCategoryByID(L.CategoryID).Name },
                        PermissionSet = new AdminNamedID() { ID = L.PermissionID, Name = db.GetPermissionSetByID(L.PermissionID).Name },
                        UserGroup = model.FixedNamedID
                    });
                }

                model.Name = CurrentRole.Name;

                model.IsAllowedSearch = CurrentRole.AllowSearch;

                return View(model);
            }
        }