public async Task <IActionResult> CreatePermission() { var team = await _context.Teams.SingleOrDefaultAsync(m => m.Slug == TeamSlug && m.IsActive); if (team == null) { return(NotFound()); } var roles = await _context.TeamRoles.ToListAsync(); var model = new CreateTeamPermissionViewModel { TeamName = team.Name, Roles = roles .Select(r => new SelectListItem(r.Name.Humanize(LetterCasing.Title), r.Id.ToString())) .ToList() }; return(View(model)); }
public async Task <IActionResult> CreatePermission(CreateTeamPermissionViewModel model) { var team = await _context.Teams.SingleOrDefaultAsync(m => m.Slug == TeamSlug && m.IsActive); if (team == null) { return(NotFound()); } // find possible user from db var foundUser = await _context.Users.SingleOrDefaultAsync(a => a.CampusKerberos == model.UserLookup.ToLower() || a.NormalizedEmail == model.UserLookup.SafeToUpper()); // otherwise, create the user if (foundUser == null) { // find user Person user = null; if (model.UserLookup.Contains("@")) { user = await _directorySearchService.GetByEmail(model.UserLookup.ToLower()); } else { var directoryUser = await _directorySearchService.GetByKerberos(model.UserLookup.ToLower()); if (directoryUser != null && !directoryUser.IsInvalid) { user = directoryUser.Person; } } // create user if (user != null) { var userToCreate = new User { Email = user.Mail, UserName = user.Mail, CampusKerberos = user.Kerberos, Name = user.FullName }; var userPrincipal = new ClaimsPrincipal(); userPrincipal.AddIdentity(new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, userToCreate.CampusKerberos), new Claim(ClaimTypes.Name, userToCreate.Name) })); var loginInfo = new ExternalLoginInfo(userPrincipal, "UCDavis", userToCreate.CampusKerberos, null); var createResult = await _userManager.CreateAsync(userToCreate); if (createResult.Succeeded) { await _userManager.AddLoginAsync(userToCreate, loginInfo); foundUser = userToCreate; } } } ModelState.Clear(); TryValidateModel(model); // find or create failed if (foundUser == null) { ModelState.AddModelError("UserLookup", "User Not Found"); return(View(model)); } // look for existing permissions if (await _context.TeamPermissions.AnyAsync(a => a.TeamId == team.Id && a.UserId == foundUser.Id && a.RoleId == model.SelectedRole)) { ModelState.AddModelError("UserLookup", "User with selected role already exists."); return(View(model)); } // check model if (!ModelState.IsValid) { return(View(model)); } // create permission and save it var role = await _context.TeamRoles.SingleAsync(a => a.Id == model.SelectedRole); var teamPermission = new TeamPermission { TeamId = team.Id, Role = role, UserId = foundUser.Id }; _context.TeamPermissions.Add(teamPermission); await _context.SaveChangesAsync(); // send user notification try { await _emailService.SendNewTeamMemberNotice(team, foundUser, role); } catch (Exception ex) { Log.Error(ex, "New Member Notice email failed."); } return(RedirectToAction(nameof(Roles), new { team = team.Slug })); }