public ActionResult ChangePassword(ChangePassword model) { if (!ModelState.IsValid) { return(View(model)); } var admin = AdminHelper.GetAdmin(User.Identity.Name); if (admin == null) { return(RedirectToAction("Logoff")); } string passportSalted = Security.SHA512(model.LastPassword, admin.Salt); if (admin.Password != passportSalted) { ModelState.AddModelError("", "The old password is incorrect!"); return(View(model)); } AdminHelper.SetPassword(admin, model.Password); AdminHelper.UpdateAdmin(admin); return(RedirectToAction("Index", "Admin")); }
public ActionResult DeleteAdminSured(int id) { var admin = AdminHelper.GetAdmin(id); if (admin.Login == User.Identity.Name) { return(RedirectToAction("AdminsList")); } AdminHelper.DeleteAdmin(id); return(RedirectToAction("AdminsList")); }
public ActionResult Login(LoginModel model) { if (ModelState.IsValid) { var admin = AdminHelper.GetAdmin(model.Login); if (admin != null) { var password = Security.SHA512(model.Password, admin.Salt); var result = SignInManager.PasswordSignIn(model.Login, password, true, false); if (result == SignInStatus.Success) { return(RedirectToAction("Index", "Admin")); } } ModelState.AddModelError("", "Invalid login and/or password!"); } return(View(model)); }
public ActionResult CreateNews(NewsPostCreateModel model) { if (ModelState.IsValid) { if (model.Description == "<br>") { ModelState.AddModelError("Description", "No description!"); return(View(model)); } if (model.uploadFiles[0] == null) { ModelState.AddModelError("", "No file!"); return(View(model)); } model.ImageId = FileModelActions.SaveFile(model.uploadFiles[0], Server); model.AuthorId = AdminHelper.GetAdmin(User.Identity.Name).Id; var newsPost = model.PassToNewsPost(); NewsPostHelper.CreateNewsPost(newsPost); return(RedirectToAction("Index")); } return(View(model)); }
public override void OnAuthorization(AuthorizationContext filterContext) { var request = filterContext.HttpContext.Request; var url = new UrlHelper(filterContext.RequestContext); var accessDeniedUrl = url.Action("Error404", "Home"); var user = filterContext.HttpContext.User; if (user != null) { var adminUser = AdminHelper.GetAdmin(user.Identity.Name); if (adminUser == null) { var logoff = url.Action("Logoff", "Account"); if (request.IsAjaxRequest()) { filterContext.Result = new JsonResult { Data = new { error = true, signinerror = true, message = "Access denied", url = logoff }, JsonRequestBehavior = JsonRequestBehavior.AllowGet } } ; else { filterContext.Result = new RedirectResult(logoff); } return; } if (!string.IsNullOrEmpty(base.Roles)) { var isRoleError = true; var rolesAllowed = base.Roles.Split(','); if (rolesAllowed.Any()) { foreach (var role in rolesAllowed) { if (user.IsInRole(role)) { isRoleError = false; } } } if (!isRoleError) { return; } } else { return; } } if (request.IsAjaxRequest()) { filterContext.Result = new JsonResult { Data = new { error = true, signinerror = true, message = "Access denied", url = accessDeniedUrl }, JsonRequestBehavior = JsonRequestBehavior.AllowGet } } ; else { filterContext.Result = new RedirectResult(accessDeniedUrl); } }
public ActionResult EditAdmin(int id) { var admin = AdminHelper.GetAdmin(id); return(View(new AdminEditModel(admin))); }
public ActionResult DeleteAdmin(int id) { var admin = AdminHelper.GetAdmin(id); return(View(new AdminViewModel(admin))); }