public async Task ExecuteAsync(Controller controller, PageActionRoutingState state)
{
// The ambient auth scheme might not be the cofoundry admin scheme
// So we will attempt to find the cofoundry user to execute the contoller with
// falling back to the user authenticated with the ambient scheme
state.AmbientUserContext = await _userContextService.GetCurrentContextAsync();
IUserContext cofoundryUserContext = null;
if (state.AmbientUserContext.IsCofoundryUser())
{
cofoundryUserContext = state.AmbientUserContext;
}
else
{
cofoundryUserContext = await _userContextService.GetCurrentContextByUserAreaAsync(CofoundryAdminUserArea.Code);
}
if (cofoundryUserContext.IsCofoundryUser())
{
state.IsCofoundryAdminUser = true;
state.CofoundryAdminUserContext = cofoundryUserContext;
state.CofoundryAdminExecutionContext = _executionContextFactory.Create(state.CofoundryAdminUserContext);
}
}
private async Task InitializeAsync()
{
var details = new CurrentUserDetails();
var userContext = await UserContextServiceService.GetCurrentContextAsync();
details.Role = await QueryExecutor.ExecuteAsync(new GetRoleDetailsByIdQuery(userContext.RoleId));
if (userContext.UserId.HasValue)
{
var query = new GetUserMicroSummaryByIdQuery(userContext.UserId.Value);
details.User = await QueryExecutor.ExecuteAsync(query);
details.IsLoggedIn = true;
}
else
{
details.User = new UserMicroSummary
{
Username = "******",
FirstName = "Anonym",
LastName = "",
Email = null,
UserArea = null,
UserId = 0
};
}
UserDetails = details;
}
public async Task <IActionResult> Patch([FromBody] IDelta <UpdateCurrentUserAccountCommand> delta)
{
var userContext = await _userContextService.GetCurrentContextAsync();
var userId = userContext.UserId.Value;
return(await _apiResponseHelper.RunCommandAsync(this, userId, delta));
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, UserAreaAuthorizationRequirement requirement)
{
var user = await _userContextService.GetCurrentContextAsync();
if (user.IsSignedIn() && user.UserArea.UserAreaCode == requirement.UserAreaCode)
{
context.Succeed(requirement);
}
}
public async Task <IUserContext> ExecuteAsync(GetCurrentUserContextQuery query, IExecutionContext executionContext)
{
if (string.IsNullOrEmpty(query.UserAreaCode))
{
return(await _userContextService.GetCurrentContextAsync());
}
var user = await _userContextService.GetCurrentContextByUserAreaAsync(query.UserAreaCode);
return(user);
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, RoleAuthorizationRequirement requirement)
{
var user = await _userContextService.GetCurrentContextAsync();
if (user.IsSignedIn() &&
user.UserArea.UserAreaCode == requirement.UserAreaCode &&
EnumerableHelper.Enumerate(requirement.RoleCodes).Contains(user.RoleCode))
{
context.Succeed(requirement);
}
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionAuthorizationRequirement requirement)
{
var user = await _userContextService.GetCurrentContextAsync();
var role = await _internalRoleRepository.GetByIdAsync(user.RoleId);
if (role != null && requirement.Permission != null && role.HasPermission(requirement.Permission))
{
context.Succeed(requirement);
}
}
/// <summary>
/// Returns information about the currently logged in user. If your
/// project has multiple user areas then this method will run on the
/// user area marked as the default auth schema. Once the user data is
/// loaded it is cached so you don't have to worry about calling this
/// multiple times.
/// </summary>
public async Task <ICurrentUserViewHelperContext> GetAsync()
{
// since this only runs in views it shouldn't need to be threadsafe
if (_helperContext == null)
{
var userContext = await _userContextService.GetCurrentContextAsync();
_helperContext = await GetHelperContextAsync(userContext);
}
return(_helperContext);
}
public async Task <JsonResult> GetLikedCats()
{
// Here we get the userId of the currently logged in member. We could have
// done this in the query handler, but instead we've chosen to keep the query
// flexible so it can be re-used in a more generic fashion
var userContext = await _userContextService.GetCurrentContextAsync();
var query = new GetCatSummariesByMemberLikedQuery(userContext.UserId.Value);
var results = await _domainRepository.ExecuteQueryAsync(query);
return(_apiResponseHelper.SimpleQueryResponse(results));
}
public async Task <ActionResult> Index()
{
var currentUser = await _userContextService.GetCurrentContextAsync();
var token = _antiforgery.GetAndStoreTokens(HttpContext);
var vm = new HomeViewModel();
vm.IsLoggedIn = currentUser.UserId.HasValue;
vm.XSRFToken = token.RequestToken;
return(View(vm));
}
public async Task ExecuteAsync(Controller controller, PageActionRoutingState state)
{
// The ambient auth schema might not be the cofoundry admin scheme
// So we will attempt to find the cofoundry user to execute the contoller with
// falling back to the user authenticated with the ambient scheme
state.AmbientUserContext = await _userContextService.GetCurrentContextAsync();
IUserContext cofoundryUserContext = null;
if (state.AmbientUserContext.IsCofoundryUser())
{
cofoundryUserContext = state.AmbientUserContext;
}
else
{
cofoundryUserContext = await _userContextService.GetCurrentContextByUserAreaAsync(CofoundryAdminUserArea.AreaCode);
}
if (cofoundryUserContext.IsCofoundryUser())
{
state.IsCofoundryAdminUser = true;
state.CofoundryAdminUserContext = cofoundryUserContext;
state.CofoundryAdminExecutionContext = _executionContextFactory.Create(state.CofoundryAdminUserContext);
}
// Work out whether to view the page in live/draft/edit mode.
// We use live by default (for logged out users) or for authenticated
// users we can show draft too.
var visualEditorMode = VisualEditorMode.Live;
if (state.IsCofoundryAdminUser)
{
if (state.InputParameters.VersionId.HasValue)
{
visualEditorMode = VisualEditorMode.SpecificVersion;
}
else if (!Enum.TryParse(state.InputParameters.VisualEditorMode, true, out visualEditorMode))
{
visualEditorMode = VisualEditorMode.Any;
}
}
else if (_contentSettings.AlwaysShowUnpublishedData)
{
// We can optionally set the visual editor mode to any - ie show draft and published pages
// This is used in scenarios where devs are making modifications against a live db using a
// local debug version of the site but aren't ready to publish the pages yet.
visualEditorMode = VisualEditorMode.Any;
}
state.VisualEditorMode = visualEditorMode;
}
private async Task InitializeContextAsync()
{
var context = new CurrentUserViewHelperContext();
var userContext = await _userContextServiceService.GetCurrentContextAsync();
context.Role = await _queryExecutor.ExecuteAsync(new GetRoleDetailsByIdQuery(userContext.RoleId));
if (userContext.UserId.HasValue)
{
var query = new GetUserMicroSummaryByIdQuery(userContext.UserId.Value);
context.User = await _queryExecutor.ExecuteAsync(query);
context.IsLoggedIn = true;
}
_context = context;
}
protected override async Task HandleRequirementAsync(
AuthorizationHandlerContext context,
UserAreaAuthorizationRequirement requirement
)
{
if (context.User?.Identity?.IsAuthenticated ?? false)
{
return;
}
var userContext = await _userContextService.GetCurrentContextAsync();
if (userContext.UserId.HasValue && userContext.UserArea?.UserAreaCode == requirement.UserAreaCode)
{
context.Succeed(requirement);
}
}
public async Task <IEnumerable <ISiteMapResource> > GetResourcesAsync()
{
var userContext = await _userContextService.GetCurrentContextAsync();
var resources = new List <SiteMapResource>();
if (!_permissionValidationService.HasPermission <PageReadPermission>(userContext))
{
return(resources);
}
var pageRoutes = await _queryExecutor.ExecuteAsync(new GetAllPageRoutesQuery());
var allRules = await _queryExecutor.ExecuteAsync(new GetAllCustomEntityRoutingRulesQuery());
foreach (var pageRoute in pageRoutes.Where(p => p.IsPublished() && p.ShowInSiteMap))
{
if (pageRoute.PageType == PageType.CustomEntityDetails)
{
if (_permissionValidationService.HasCustomEntityPermission <CustomEntityReadPermission>(pageRoute.CustomEntityDefinitionCode, userContext))
{
var routesQuery = new GetCustomEntityRoutesByDefinitionCodeQuery(pageRoute.CustomEntityDefinitionCode);
var allCustomEntityRoutes = await _queryExecutor.ExecuteAsync(routesQuery);
var pageLocaleId = pageRoute.Locale != null ? pageRoute.Locale.LocaleId : (int?)null;
foreach (var customEntityRoute in allCustomEntityRoutes
.Where(r => r.Locale == null ? !pageLocaleId.HasValue : r.Locale.LocaleId == pageLocaleId))
{
var resource = MapCustomEntityResource(pageRoute, customEntityRoute, allRules);
if (resource != null)
{
resources.Add(resource);
}
}
}
}
else
{
resources.Add(MapPageResource(pageRoute));
}
}
return(resources);
}
public async Task <ActionResult> Login()
{
var user = await _userContextService.GetCurrentContextAsync();
if (user.IsCofoundryUser())
{
return(await GetLoggedInDefaultRedirectActionAsync());
}
var viewPath = ViewPathFormatter.View(CONTROLLER_NAME, nameof(Login));
var vm = new LoginViewModel();
return(View(viewPath, vm));
}
/// <summary>
/// Creates an instance of IExecutionContext from the currently
/// logged in user.
/// </summary>
public async Task <IExecutionContext> CreateAsync()
{
var userContext = await _userContextService.GetCurrentContextAsync();
return(Create(userContext));
}
public async Task InitViewModelAsync(IChangePasswordViewModel vm)
{
var cx = await _userContextService.GetCurrentContextAsync();
vm.IsPasswordChangeRequired = cx.IsPasswordChangeRequired;
}
/// <summary>
/// Checks to see if the currently logged in user is in the super administrator role,
/// if not, throws an exception.
/// </summary>
public virtual async Task EnforceIsSuperAdminRoleAsync()
{
var userContext = await _userContextService.GetCurrentContextAsync();
EnforceIsSuperAdminRole(userContext);
}
