public async Task Post(NoteAccess item)
{
IdentityUser me = await _userManager.FindByNameAsync(User.Identity.Name);
NoteAccess myAccess = await AccessManager.GetAccess(_db, me.Id, item.NoteFileId, item.ArchiveId);
if (!myAccess.EditAccess)
{
return;
}
NoteAccess work = await _db.NoteAccess.Where(p => p.NoteFileId == item.NoteFileId &&
p.ArchiveId == item.ArchiveId && p.UserID == item.UserID)
.FirstOrDefaultAsync();
if (work != null)
{
return; // already exists
}
if (item.UserID == Globals.AccessOtherId())
{
return; // can not create "Other"
}
NoteFile nf = _db.NoteFile.Where(p => p.Id == item.NoteFileId).FirstOrDefault();
if (item.ArchiveId < 0 || item.ArchiveId > nf.NumberArchives)
{
return;
}
_db.NoteAccess.Add(item);
await _db.SaveChangesAsync();
}
public async Task CreateAnnounce()
{
await CreateNoteFile("announce", "Notes 2021 Announcements");
NoteFile nf4 = await NoteDataManager.GetFileByName(_db, "announce");
int padid = nf4.Id;
NoteAccess access = await AccessManager.GetOneAccess(_db, Globals.AccessOtherId(), padid, 0);
access.ReadAccess = true;
_db.Entry(access).State = EntityState.Modified;
await _db.SaveChangesAsync();
}
/// <summary>
/// Create standard starting entires for a access controls for a new file.
/// "Other" -- no access
/// creating user (Admin) -- Full Access
/// [email protected] if it exists -- no access
/// </summary>
/// <param name="db"></param>
/// <param name="userManager"></param>
/// <param name="userId"></param>
/// <param name="fileId"></param>
/// <returns></returns>
public static async Task <bool> CreateBaseEntries(ApplicationDbContext db, UserManager <IdentityUser> userManager, string userId, int fileId)
{
if (true)
{
bool flag1 = await Create(db, Globals.AccessOtherId(), fileId, false, false, false, false, false, false, false);
if (!flag1)
{
return(false);
}
}
if (true)
{
bool flag1 = await Create(db, userId, fileId, true, true, true, true, true, true, true);
if (!flag1)
{
return(false);
}
}
try
{
var user = await userManager.FindByNameAsync("*****@*****.**");
if (user == null)
{
return(true);
}
string readonlyId = user.Id;
{
bool flag1 = await Create(db, readonlyId, fileId, false, false, false, false, false, false, false);
if (!flag1)
{
return(false);
}
}
}
catch
{
// ignored
}
return(true);
}
public async Task CreatePad()
{
await CreateNoteFile("pad", "Traditional Pad");
NoteFile nf4 = await NoteDataManager.GetFileByName(_db, "pad");
int padid = nf4.Id;
NoteAccess access = await AccessManager.GetOneAccess(_db, Globals.AccessOtherId(), padid, 0);
access.ReadAccess = true;
access.Respond = true;
access.Write = true;
_db.Entry(access).State = EntityState.Modified;
await _db.SaveChangesAsync();
}
/// <summary>
/// Get the user name given the userid
/// </summary>
/// <param name="id">userid</param>
/// <returns>username</returns>
public string GetUserNameFromID(string id)
{
if (Globals.AccessOtherId() == id)
{
return(Globals.AccessOther());
}
string myname = _db.UserData
.FirstOrDefault(p => p.UserId == id)
?.DisplayName;
if (string.IsNullOrEmpty(myname))
{
return("??");
}
return(myname);
}
public async Task <IActionResult> CreateNoteshelp()
{
await CreateNoteFile("noteshelp", "Help with Notes 2021");
NoteFile nf4 = await NoteDataManager.GetFileByName(_db, "noteshelp");
int padid = nf4.Id;
NoteAccess access = await AccessManager.GetOneAccess(_db, Globals.AccessOtherId(), padid, 0);
access.ReadAccess = true;
access.Respond = true;
access.Write = true;
_db.Entry(access).State = EntityState.Modified;
await _db.SaveChangesAsync();
return(RedirectToAction("Index"));
}
public async Task Delete(string fileId)
{
string[] parts = fileId.Split(".");
if (parts.Length != 3)
{
return;
}
string uid = parts[2];
int fid = int.Parse(parts[0]);
int aid = int.Parse(parts[1]);
if (uid == Globals.AccessOtherId())
{
return; // can not delete "Other"
}
// also can not delete self
string userName = this.HttpContext.User.FindFirst(ClaimTypes.Name).Value;
IdentityUser user = await _userManager.FindByNameAsync(userName);
NoteAccess myAccess = await AccessManager.GetAccess(_db, user.Id, fid, aid);
if (!myAccess.EditAccess)
{
return;
}
if (uid == user.Id)
{
return; // can not delete self"
}
NoteAccess work = await _db.NoteAccess.Where(p => p.NoteFileId == fid &&
p.ArchiveId == aid && p.UserID == uid)
.FirstOrDefaultAsync();
if (work == null)
{
return;
}
_db.NoteAccess.Remove(work);
await _db.SaveChangesAsync();
}
/// <summary>
/// All access checks call this
/// </summary>
/// <param name="db">ApplicationDBContext</param>
/// <param name="userId">ID of logged in user</param>
/// <param name="fileId">NoteFileID</param>
/// <returns>NoteAcess Object</returns>
public static async Task <NoteAccess> GetAccess(ApplicationDbContext db, string userId, int fileId, int arcId)
{
// First we check for file owner
//NoteFile nf = await db.NoteFile.Where(p => p.OwnerId == userId && p.Id == fileId).SingleOrDefaultAsync();
//if (nf != null)
//{
// NoteAccess ownerAccess = new NoteAccess
// {
// UserID = userId,
// NoteFileId = fileId,
// ReadAccess = true,
// Write = true,
// Respond = true,
// SetTag = true,
// DeleteEdit = true,
// ViewAccess = true,
// EditAccess = true
// };
// return ownerAccess;
//}
// Next we check for this user specifically
NoteAccess na = await db.NoteAccess
.Where(p => p.UserID == userId && p.NoteFileId == fileId && p.ArchiveId == arcId).FirstOrDefaultAsync();
if (na != null)
{
return(na);
}
// If specific user not in list use "Other"
return(await db.NoteAccess
.Where(p => p.UserID == Globals.AccessOtherId() && p.NoteFileId == fileId && p.ArchiveId == arcId).FirstOrDefaultAsync());
}
// GET: NoteAccesses
/// <summary>
/// Index of Access Controls for a NoteFile
/// </summary>
/// <param name="id">NoteFileID</param>
/// <returns></returns>
public async Task <IActionResult> Index(int id)
{
int arcId = (int)HttpContext.Session.GetInt32("ArchiveID");
//Check if user has right to Edit or View the List
NoteAccess myaccess = await GetMyAccess(id, arcId);
if (!myaccess.EditAccess && !myaccess.ViewAccess)
{
return(RedirectToAction("Index", "Home"));
}
// Get the Object for the NoteFile
ViewBag.NoteFileID = id;
NoteFile nf = await NoteDataManager.GetFileById(_db, id);
ViewBag.NoteFileName = nf.NoteFileName;
// Get the list of entries
List <NoteAccess> thelist = await AccessManager.GetAccessListForFile(_db, nf.Id, arcId);
List <string> names = new List <string>();
List <string> ds = new List <string>();
foreach (NoteAccess item in thelist)
{
names.Add(GetUserNameFromID(item.UserID));
}
ds.Add(_userManager.GetUserId(User));
ds.Add(Globals.AccessOtherId());
ViewBag.names = names;
ViewBag.IDs = ds;
return(View(thelist));
}
public async Task <NoteAccess> Get(string fileId)
{
int Id = int.Parse(fileId);
IdentityUser me = await _userManager.FindByNameAsync(User.Identity.Name);
NoteAccess mine = await _db.NoteAccess.Where(p => p.NoteFileId == Id && p.UserID == me.Id && p.ArchiveId == 0).OrderBy(p => p.ArchiveId).FirstOrDefaultAsync();
if (mine == null)
{
mine = await _db.NoteAccess.Where(p => p.NoteFileId == Id && p.UserID == Globals.AccessOtherId() && p.ArchiveId == 0).OrderBy(p => p.ArchiveId).FirstOrDefaultAsync();
}
return(mine);
}