public void InitMainGroup() { if (_mainGroup == null) { _mainGroup = this._dataSource.Query <Group>("Roles.Role").Where(g => g.Name.ToLower() == Resources.DefaultValues.MainGroupName).FirstOrDefault(); if (_mainGroup == null) { var mainGroup = new Group(Guid.NewGuid(), Resources.DefaultValues.MainGroupName); this._dataSource.Save(mainGroup); var adminRole = new Role(Guid.NewGuid(), mainGroup.Id, PlatformConstants.ADMINROLE); this._dataSource.Save(adminRole); var groupRole = new GroupInRole(mainGroup.Id, adminRole.Id, DateTime.Now, null); groupRole.CurrentNumberOfUsers = 1; this._adminRole = groupRole; mainGroup.Roles = new List <GroupInRole>() { groupRole }; _mainGroup = mainGroup; this._dataSource.SaveChanges(); } else { this._adminRole = _mainGroup.Roles.First(r => r.Role.Name.ToLower() == PlatformConstants.ADMINROLE.ToLower()); } } }
private void UpdatePermissionSet(GroupViewModel model) { var permissionAssignment = this._roleManager.GetPermissionSetForGroup(model.Id); var permissionIds = model.Permissions.Select(p => p.Id).ToArray(); var permissions = this._roleManager.PermissionQuery().Where(p => permissionIds.Contains(p.Id)).ToList(); if (permissionAssignment == null) { var permissionSet = this._roleManager.Create(Resources.DefaultValues.PermissionSetName, null, permissions); permissionAssignment = new GroupInRole(model.Id, permissionSet.Id); permissionAssignment.Role = permissionSet; permissionSet.Groups = new List <GroupInRole>(); permissionSet.Groups.Add(permissionAssignment); } else { permissionAssignment.Role.Permissions.Clear(); } permissionAssignment.Role.Permissions = permissions; permissionAssignment.StartDate = model.PermissionSetStartDate.HasValue && model.PermissionSetStartDate.Value != new DateTime() ? model.PermissionSetStartDate.Value : DateTime.Now; permissionAssignment.EndDate = model.PermissionSetEndDate; permissionAssignment.MaxNumberOfUsers = model.PermissionSetMaxNumberOfUsers; // Update all custom role dates with permission set date foreach (var role in this._roleManager.Query().Where(r => r.GroupId == model.Id && r.Name.ToLower() != Resources.DefaultValues.PermissionSetName.ToLower())) { this._roleManager.AddGroupToRole(model.Id, role.Name, permissionAssignment.StartDate, permissionAssignment.EndDate); } }
public void AddUserToRole(Guid groupId, Guid userId, string roleName, DateTime?startDate = null, DateTime?endDate = null) { if (groupId == Guid.Empty || userId == Guid.Empty || string.IsNullOrWhiteSpace(roleName)) { throw new ArgumentException("Please specify a group id, user id and/or a role name."); } var roleId = this.GetRoleId(roleName, "user", "add"); var userEntry = this._dataSource.Find <UserInRole>(new object[] { groupId, roleId, userId }); var groupEntry = this._dataSource.Find <GroupInRole>(new object[] { groupId, roleId }); if (groupEntry == null) { if (!StrixPlatform.User.IsInMainGroup) { var message = string.Format("Trying to add user {0} to role {1} to which his company has no access.", userId, roleName); Logger.LogToAudit(AuditLogType.IllegalOperation.ToString(), message); throw new StrixMembershipException(message); } else { groupEntry = new GroupInRole(StrixPlatform.ApplicationId, roleId); this._dataSource.Save(groupEntry); } } startDate = startDate.HasValue && startDate != new DateTime() ? startDate.Value : DateTime.Now; startDate = startDate < groupEntry.StartDate ? groupEntry.StartDate : startDate; endDate = endDate == new DateTime() ? null : endDate; endDate = endDate.HasValue && groupEntry.EndDate.HasValue && endDate.Value > groupEntry.EndDate ? groupEntry.EndDate : endDate; endDate = endDate == null && groupEntry.EndDate.HasValue ? groupEntry.EndDate : endDate; if (userEntry == null) { if (groupEntry.MaxNumberOfUsers.HasValue && groupEntry.CurrentNumberOfUsers >= groupEntry.MaxNumberOfUsers.Value) { throw new StrixMembershipException(string.Format("No licenses left for role {0}", roleName)); } userEntry = new UserInRole(groupEntry, userId, startDate.Value, endDate); groupEntry.CurrentNumberOfUsers++; } else { userEntry.StartDate = startDate.Value; userEntry.EndDate = endDate; } this._dataSource.Save(userEntry); _userRoles.Clear(); }
/// <summary> /// Initializes a new instance of the <see cref="UserInRole"/> class. /// </summary> /// <param name="groupRole">The group role that this user role is based on</param> /// <param name="userId">The id of the role</param> /// <param name="startDate">The start date</param> /// <param name="endDate">The end date</param> public UserInRole(GroupInRole groupRole, Guid userId, DateTime startDate, DateTime? endDate) { if (groupRole == null) { throw new ArgumentNullException("groupRole"); } this.GroupRole = groupRole; this.GroupRoleGroupId = groupRole.GroupId; this.GroupRoleRoleId = groupRole.RoleId; this.UserId = userId; this.StartDate = startDate; this.EndDate = endDate; }
public void AddGroupToRole(Guid groupId, string roleName, DateTime?startDate = null, DateTime?endDate = null, int?maxNumberOfUsers = null) { if (groupId == Guid.Empty || string.IsNullOrWhiteSpace(roleName)) { throw new ArgumentException("Please specify a group id and/or a role name."); } if (!StrixPlatform.User.IsInMainGroup && roleName.ToLower() == PlatformConstants.ADMINROLE.ToLower()) { var message = string.Format("Trying to add group {0} to role {1}, which is a reserved role.", groupId, roleName); Logger.LogToAudit(AuditLogType.IllegalOperation.ToString(), message); throw new StrixMembershipException(message); } var roleId = this.GetRoleId(roleName, "group", "add"); var entry = this._dataSource.Find <GroupInRole>(new object[] { groupId, roleId }); var correctedDate = startDate.HasValue && startDate != new DateTime() ? startDate.Value : DateTime.Now; endDate = endDate == null || endDate == new DateTime() ? null : endDate; if (entry == null) { entry = new GroupInRole(groupId, roleId); entry.StartDate = correctedDate; entry.EndDate = endDate; } else { var newStartDate = startDate.HasValue ? correctedDate : entry.StartDate; var userAssignments = this._dataSource.Query <User>().Where(u => u.Roles.Any(r => r.GroupRoleRoleId == roleId && r.GroupRoleGroupId == groupId)).SelectMany(u => u.Roles.Where(r => r.GroupRoleRoleId == roleId)).ToList(); // Update user role dates based on the new group dates. If the range is more // limited, limit the user range as well. If it is broader, broaden the range for // users that have the same start and/or end date as the previous range. foreach (var assignment in userAssignments) { assignment.StartDate = assignment.StartDate <= newStartDate ? newStartDate : assignment.StartDate == entry.StartDate ? newStartDate : assignment.StartDate; assignment.EndDate = !assignment.EndDate.HasValue || assignment.EndDate.Value >= endDate ? endDate : assignment.EndDate.HasValue && assignment.EndDate.Value == entry.EndDate ? endDate : assignment.EndDate; } entry.StartDate = newStartDate; entry.EndDate = endDate; } entry.MaxNumberOfUsers = maxNumberOfUsers.HasValue ? maxNumberOfUsers.Value : entry.MaxNumberOfUsers; this._dataSource.Save(entry); }
/// <summary> /// Initializes a new instance of the <see cref="UserInRole"/> class. /// </summary> /// <param name="groupRole">The group role that this user role is based on</param> /// <param name="userId">The id of the role</param> /// <param name="startDate">The start date</param> /// <param name="endDate">The end date</param> public UserInRole(GroupInRole groupRole, Guid userId, DateTime startDate, DateTime?endDate) { if (groupRole == null) { throw new ArgumentNullException("groupRole"); } this.GroupRole = groupRole; this.GroupRoleGroupId = groupRole.GroupId; this.GroupRoleRoleId = groupRole.RoleId; this.UserId = userId; this.StartDate = startDate; this.EndDate = endDate; }
private void CreateAndUpdateRoles(IList <IModuleConfiguration> moduleConfigurations) { var saveChanges = false; var existingPermissions = this._dataSource.Query <Permission>().Where(p => p.ApplicationId == _appId).ToList(); var existingRoles = this._dataSource.Query <Role>("Permissions").Where(r => r.Permissions.Count == 0 || r.Permissions.Any(p => p.ApplicationId == _appId)).ToList(); var allRoles = moduleConfigurations.SelectMany(c => c.ModulePermissions.Keys).Distinct().ToArray(); // Add all the permissions to all the roles when not assigned yet, creating the roles // when they don't exist. foreach (var roleName in allRoles) { var role = existingRoles.FirstOrDefault(r => r.Name.ToLower() == roleName.ToLower()); if (role == null) { role = new Role(Guid.NewGuid(), _mainGroup.Id, roleName); role.Permissions = new List <Permission>(); role.Groups = new List <GroupInRole>(); var mainGroupInRole = new GroupInRole(_mainGroup.Id, role.Id); role.Groups.Add(mainGroupInRole); this._dataSource.Save(role); saveChanges = true; } var permissionsToReview = existingPermissions.Where(p => moduleConfigurations.Where(c => c.ModulePermissions.ContainsKey(roleName)).SelectMany(c => c.ModulePermissions[roleName]).Distinct().ToLower().Contains(p.Name.ToLower())).ToList(); var permissionsToAdd = permissionsToReview.Where(p => !role.Permissions.Any(rp => rp.Name.ToLower() == p.Name.ToLower())).ToList(); var permissionsToRemove = role.Permissions.Where(p => !permissionsToReview.Select(pr => pr.Name.ToLower()).Contains(p.Name.ToLower())).ToList(); foreach (var permission in permissionsToRemove) { var thePermission = role.Permissions.First(p => p.Id == permission.Id); role.Permissions.Remove(thePermission); saveChanges = true; } foreach (var permission in permissionsToAdd) { role.Permissions.Add(permission); saveChanges = true; } } if (saveChanges) { this._dataSource.SaveChanges(); } }
private Role CreateAdminPermissionSet() { var adminPermissionSet = this._dataSource.Query <Role>("Permissions").FirstOrDefault(r => r.Permissions.Any(p => p.ApplicationId == _appId) && r.Name.ToLower() == Resources.DefaultValues.PermissionSetName.ToLower()); if (adminPermissionSet == null) { adminPermissionSet = new Role(Guid.NewGuid(), _mainGroup.Id, Resources.DefaultValues.PermissionSetName); adminPermissionSet.Permissions = new List <Permission>(); var adminGroupPermissionSet = new GroupInRole(_mainGroup.Id, adminPermissionSet.Id); adminGroupPermissionSet.StartDate = DateTime.Now; this._dataSource.Save(adminPermissionSet); this._dataSource.Save(adminGroupPermissionSet); adminPermissionSet.Groups = new List <GroupInRole> { adminGroupPermissionSet }; this._dataSource.SaveChanges(); } return(adminPermissionSet); }
/// <summary> /// Initializes a new instance of the <see cref="UserInRole"/> class. /// </summary> /// <param name="groupRole">The group role that this user role is based on</param> /// <param name="userId">The id of the user</param> public UserInRole(GroupInRole groupRole, Guid userId) : this(groupRole, userId, DateTime.Now, null) { }
private void CreateAndUpdateRoles(IList<IModuleConfiguration> moduleConfigurations) { var saveChanges = false; var existingPermissions = this._dataSource.Query<Permission>().Where(p => p.ApplicationId == _appId).ToList(); var existingRoles = this._dataSource.Query<Role>("Permissions").Where(r => r.Permissions.Count == 0 || r.Permissions.Any(p => p.ApplicationId == _appId)).ToList(); var allRoles = moduleConfigurations.SelectMany(c => c.ModulePermissions.Keys).Distinct().ToArray(); // Add all the permissions to all the roles when not assigned yet, creating the roles // when they don't exist. foreach (var roleName in allRoles) { var role = existingRoles.FirstOrDefault(r => r.Name.ToLower() == roleName.ToLower()); if (role == null) { role = new Role(Guid.NewGuid(), _mainGroup.Id, roleName); role.Permissions = new List<Permission>(); role.Groups = new List<GroupInRole>(); var mainGroupInRole = new GroupInRole(_mainGroup.Id, role.Id); role.Groups.Add(mainGroupInRole); this._dataSource.Save(role); saveChanges = true; } var permissionsToReview = existingPermissions.Where(p => moduleConfigurations.Where(c => c.ModulePermissions.ContainsKey(roleName)).SelectMany(c => c.ModulePermissions[roleName]).Distinct().ToLower().Contains(p.Name.ToLower())).ToList(); var permissionsToAdd = permissionsToReview.Where(p => !role.Permissions.Any(rp => rp.Name.ToLower() == p.Name.ToLower())).ToList(); var permissionsToRemove = role.Permissions.Where(p => !permissionsToReview.Select(pr => pr.Name.ToLower()).Contains(p.Name.ToLower())).ToList(); foreach (var permission in permissionsToRemove) { var thePermission = role.Permissions.First(p => p.Id == permission.Id); role.Permissions.Remove(thePermission); saveChanges = true; } foreach (var permission in permissionsToAdd) { role.Permissions.Add(permission); saveChanges = true; } } if (saveChanges) { this._dataSource.SaveChanges(); } }
private Role CreateAdminPermissionSet() { var adminPermissionSet = this._dataSource.Query<Role>("Permissions").FirstOrDefault(r => r.Permissions.Any(p => p.ApplicationId == _appId) && r.Name.ToLower() == Resources.DefaultValues.PermissionSetName.ToLower()); if (adminPermissionSet == null) { adminPermissionSet = new Role(Guid.NewGuid(), _mainGroup.Id, Resources.DefaultValues.PermissionSetName); adminPermissionSet.Permissions = new List<Permission>(); var adminGroupPermissionSet = new GroupInRole(_mainGroup.Id, adminPermissionSet.Id); adminGroupPermissionSet.StartDate = DateTime.Now; this._dataSource.Save(adminPermissionSet); this._dataSource.Save(adminGroupPermissionSet); adminPermissionSet.Groups = new List<GroupInRole> { adminGroupPermissionSet }; this._dataSource.SaveChanges(); } return adminPermissionSet; }
public void AddUserToRole(Guid groupId, Guid userId, string roleName, DateTime? startDate = null, DateTime? endDate = null) { if (groupId == Guid.Empty || userId == Guid.Empty || string.IsNullOrWhiteSpace(roleName)) { throw new ArgumentException("Please specify a group id, user id and/or a role name."); } var roleId = this.GetRoleId(roleName, "user", "add"); var userEntry = this._dataSource.Find<UserInRole>(new object[] { groupId, roleId, userId }); var groupEntry = this._dataSource.Find<GroupInRole>(new object[] { groupId, roleId }); if (groupEntry == null) { if (!StrixPlatform.User.IsInMainGroup) { var message = string.Format("Trying to add user {0} to role {1} to which his company has no access.", userId, roleName); Logger.LogToAudit(AuditLogType.IllegalOperation.ToString(), message); throw new StrixMembershipException(message); } else { groupEntry = new GroupInRole(StrixPlatform.ApplicationId, roleId); this._dataSource.Save(groupEntry); } } startDate = startDate.HasValue && startDate != new DateTime() ? startDate.Value : DateTime.Now; startDate = startDate < groupEntry.StartDate ? groupEntry.StartDate : startDate; endDate = endDate == new DateTime() ? null : endDate; endDate = endDate.HasValue && groupEntry.EndDate.HasValue && endDate.Value > groupEntry.EndDate ? groupEntry.EndDate : endDate; endDate = endDate == null && groupEntry.EndDate.HasValue ? groupEntry.EndDate : endDate; if (userEntry == null) { if (groupEntry.MaxNumberOfUsers.HasValue && groupEntry.CurrentNumberOfUsers >= groupEntry.MaxNumberOfUsers.Value) { throw new StrixMembershipException(string.Format("No licenses left for role {0}", roleName)); } userEntry = new UserInRole(groupEntry, userId, startDate.Value, endDate); groupEntry.CurrentNumberOfUsers++; } else { userEntry.StartDate = startDate.Value; userEntry.EndDate = endDate; } this._dataSource.Save(userEntry); _userRoles.Clear(); }
private void UpdatePermissionSet(GroupViewModel model) { var permissionAssignment = this._roleManager.GetPermissionSetForGroup(model.Id); var permissionIds = model.Permissions.Select(p => p.Id).ToArray(); var permissions = this._roleManager.PermissionQuery().Where(p => permissionIds.Contains(p.Id)).ToList(); if (permissionAssignment == null) { var permissionSet = this._roleManager.Create(Resources.DefaultValues.PermissionSetName, null, permissions); permissionAssignment = new GroupInRole(model.Id, permissionSet.Id); permissionAssignment.Role = permissionSet; permissionSet.Groups = new List<GroupInRole>(); permissionSet.Groups.Add(permissionAssignment); } else { permissionAssignment.Role.Permissions.Clear(); } permissionAssignment.Role.Permissions = permissions; permissionAssignment.StartDate = model.PermissionSetStartDate.HasValue && model.PermissionSetStartDate.Value != new DateTime() ? model.PermissionSetStartDate.Value : DateTime.Now; permissionAssignment.EndDate = model.PermissionSetEndDate; permissionAssignment.MaxNumberOfUsers = model.PermissionSetMaxNumberOfUsers; // Update all custom role dates with permission set date foreach (var role in this._roleManager.Query().Where(r => r.GroupId == model.Id && r.Name.ToLower() != Resources.DefaultValues.PermissionSetName.ToLower())) { this._roleManager.AddGroupToRole(model.Id, role.Name, permissionAssignment.StartDate, permissionAssignment.EndDate); } }
/// <summary> /// Initializes a new instance of the <see cref="UserInRole"/> class. /// </summary> /// <param name="groupRole">The group role that this user role is based on</param> /// <param name="userId">The id of the user</param> public UserInRole(GroupInRole groupRole, Guid userId) : this(groupRole, userId, DateTime.Now, null) { }
public void InitMainGroup() { if (_mainGroup == null) { _mainGroup = this._dataSource.Query<Group>("Roles.Role").Where(g => g.Name.ToLower() == Resources.DefaultValues.MainGroupName).FirstOrDefault(); if (_mainGroup == null) { var mainGroup = new Group(Guid.NewGuid(), Resources.DefaultValues.MainGroupName); this._dataSource.Save(mainGroup); var adminRole = new Role(Guid.NewGuid(), mainGroup.Id, PlatformConstants.ADMINROLE); this._dataSource.Save(adminRole); var groupRole = new GroupInRole(mainGroup.Id, adminRole.Id, DateTime.Now, null); groupRole.CurrentNumberOfUsers = 1; this._adminRole = groupRole; mainGroup.Roles = new List<GroupInRole>() { groupRole }; _mainGroup = mainGroup; this._dataSource.SaveChanges(); } else { this._adminRole = _mainGroup.Roles.First(r => r.Role.Name.ToLower() == PlatformConstants.ADMINROLE.ToLower()); } } }
public SaveResult <UserViewModel> Save(UserViewModel model, bool saveChanges) { if (model == null) { throw new ArgumentNullException("model"); } User user; string oldEmail = null; var result = new SaveResult <UserViewModel>(); // Save or update the user first, and send the proper mail. if (model.Id == Guid.Empty) { // Check if there are licences remaining before saving the user. var groupId = StrixPlatform.User.GroupId; GroupInRole permissionSet = null; if (this._roleManager.GroupUsesPermissions(groupId)) { permissionSet = this._roleManager.GetPermissionSetForGroup(groupId); if (permissionSet.MaxNumberOfUsers.HasValue && permissionSet.MaxNumberOfUsers.Value <= permissionSet.CurrentNumberOfUsers) { return(result); } } var password = this._securityManager.GeneratePassword(); user = this._userManager.Create(model.Name, model.Email, model.PreferredCulture, password, true, false, null); if (user == null) { return(result); } if (permissionSet != null) { permissionSet.CurrentNumberOfUsers++; } result.Success = true; } else { oldEmail = this._userManager.GetEmail(model.Id); user = this._userManager.Update(model.Id, model.Name, model.Email, model.PreferredCulture); if (user == null) { return(result); } if (model.Approved) { this._securityManager.ApproveUser(model.Id); } if (!model.LockedOut) { this._securityManager.UnlockUser(model.Id); } var roleNames = this._roleManager.QueryForUser(user.Id).Select(r => r.Name).ToArray(); if (!roleNames.IsEmpty()) { this._roleManager.RemoveUsersFromRoles(new Guid[] { user.Id }, roleNames); } } // Now, assign the user to all selected roles after adjusting the start and end date to // those of his group, when needed. if (!model.Roles.IsEmpty()) { foreach (var role in model.Roles.Where(r => r.Selected)) { this._roleManager.AddUserToRole(StrixPlatform.User.GroupId, user.Id, role.Name, role.StartDate, role.EndDate); } } if (model.Id == Guid.Empty) { if (!this._mailer.SendAccountInformationMail(user.PreferredCulture, user.Name, user.Email, user.Id)) { result.Message = Resources.Interface.ErrorSendingVerificationMail; Logger.Log(string.Format("An error occurred while sending the account information mail to user {0}", user.Name), LogLevel.Error); } } else { result.Success = true; if (user.Email.ToLower() != oldEmail.ToLower()) { if (!this._mailer.SendEmailChangedMail(user.PreferredCulture, user.Name, user.Email, oldEmail)) { result.Message = Resources.Interface.ErrorSendingPasswordChangedMail; Logger.Log(string.Format("An error occurred while sending the email changed mail to user {0}", user.Name), LogLevel.Error); } } } if (saveChanges) { this._dataSource.SaveChanges(); } result.Entity = user; return(result); }
public void AddGroupToRole(Guid groupId, string roleName, DateTime? startDate = null, DateTime? endDate = null, int? maxNumberOfUsers = null) { if (groupId == Guid.Empty || string.IsNullOrWhiteSpace(roleName)) { throw new ArgumentException("Please specify a group id and/or a role name."); } if (!StrixPlatform.User.IsInMainGroup && roleName.ToLower() == PlatformConstants.ADMINROLE.ToLower()) { var message = string.Format("Trying to add group {0} to role {1}, which is a reserved role.", groupId, roleName); Logger.LogToAudit(AuditLogType.IllegalOperation.ToString(), message); throw new StrixMembershipException(message); } var roleId = this.GetRoleId(roleName, "group", "add"); var entry = this._dataSource.Find<GroupInRole>(new object[] { groupId, roleId }); var correctedDate = startDate.HasValue && startDate != new DateTime() ? startDate.Value : DateTime.Now; endDate = endDate == null || endDate == new DateTime() ? null : endDate; if (entry == null) { entry = new GroupInRole(groupId, roleId); entry.StartDate = correctedDate; entry.EndDate = endDate; } else { var newStartDate = startDate.HasValue ? correctedDate : entry.StartDate; var userAssignments = this._dataSource.Query<User>().Where(u => u.Roles.Any(r => r.GroupRoleRoleId == roleId && r.GroupRoleGroupId == groupId)).SelectMany(u => u.Roles.Where(r => r.GroupRoleRoleId == roleId)).ToList(); // Update user role dates based on the new group dates. If the range is more // limited, limit the user range as well. If it is broader, broaden the range for // users that have the same start and/or end date as the previous range. foreach (var assignment in userAssignments) { assignment.StartDate = assignment.StartDate <= newStartDate ? newStartDate : assignment.StartDate == entry.StartDate ? newStartDate : assignment.StartDate; assignment.EndDate = !assignment.EndDate.HasValue || assignment.EndDate.Value >= endDate ? endDate : assignment.EndDate.HasValue && assignment.EndDate.Value == entry.EndDate ? endDate : assignment.EndDate; } entry.StartDate = newStartDate; entry.EndDate = endDate; } entry.MaxNumberOfUsers = maxNumberOfUsers.HasValue ? maxNumberOfUsers.Value : entry.MaxNumberOfUsers; this._dataSource.Save(entry); }