public ActionResult EditPermissions(ProjectRolesViewModel model)
{
if (!ModelState.IsValid)
return View(model);
Project project = db.Projects
.Include(p => p.Authorizations)
.First(p => p.Id == model.Id);
var currentUserId = User.Identity.GetUserId();
var auths = project.Authorizations
.Where(auth => auth.User_ID == currentUserId);
if (!auths.Any(auth => auth.Permission == Permission.Administrator))
{
return new HttpStatusCodeResult(HttpStatusCode.Forbidden,
"You do not have sufficient permissions for that resource.");
}
foreach(var userRoleModel in model.UserRoles)
{
foreach(var permModel in userRoleModel.Permissions)
{
var projAuth = new ProjectAuthorization()
{
User_ID = userRoleModel.UserId,
Permission = permModel.Permission,
Project_ID = model.Id.Value
};
if (permModel.Removed)
{
projAuth = project.Authorizations.FirstOrDefault(
existingAuth =>
existingAuth.User_ID == projAuth.User_ID
&& existingAuth.Permission == projAuth.Permission);
project.Authorizations.Remove(projAuth);
}
else if (permModel.Added)
{
project.Authorizations.Add(projAuth);
}
}
}
db.SaveChanges();
// Before redirecting to project, make sure the user didn't
// remove all permissions from himself.
if (model.UserRoles.Any(userRole =>
userRole.UserId == currentUserId
&& userRole.Permissions.Any(perm => perm.Selected)))
{
return RedirectToAction("Details", new { id = model.Id });
}
else
{
return RedirectToAction("Index", "Home");
}
}
// GET: /Projects/UserList/{id}
public ActionResult UserList(int? id)
{
if (id == null)
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
Project project = db.Projects
.Include(p => p.Authorizations)
.First(p => p.Id == id);
var currentUserId = User.Identity.GetUserId();
var auths = project.Authorizations
.Where(auth => auth.User_ID == currentUserId);
if (!auths.Any())
{
return new HttpStatusCodeResult(HttpStatusCode.Forbidden,
"You do not have sufficient permissions for that resource.");
}
var model = new ProjectRolesViewModel
{
Id = project.Id,
Name = project.Name
};
model.Id = project.Id;
model.Name = project.Name;
var ownerModel = new UserPermissionsViewModel
{
isOwner = true,
UserId = project.Owner.Id,
UserName = project.Owner.UserName
};
model.UserRoles.Add(ownerModel);
foreach (var roleGroup in project.Authorizations
.GroupBy(auth => auth.User_ID))
{
var firstRole = roleGroup.FirstOrDefault();
UserPermissionsViewModel roleModel = null;
if (firstRole.User_ID == ownerModel.UserId)
{
roleModel = ownerModel;
}
else
{
roleModel = new UserPermissionsViewModel
{
UserId = firstRole.User_ID,
UserName = firstRole.User.UserName
};
model.UserRoles.Add(roleModel);
}
foreach (var role in roleGroup.Select(auth => auth.Permission))
{
roleModel.Permissions.Add(new PermissionViewModel
{
Permission = role,
PrevSelected = true, Selected = true
});
}
}
return View(model);
}
// GET: /Projects/EditPermissions/{id}
public ActionResult EditPermissions(int? id)
{
if (id == null)
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
Project project = db.Projects
.Include(p => p.Authorizations)
.First(p => p.Id == id);
var currentUserId = User.Identity.GetUserId();
var auths = project.Authorizations
.Where(auth => auth.User_ID == currentUserId);
if (!auths.Any(auth => auth.Permission == Permission.Administrator))
{
return new HttpStatusCodeResult(HttpStatusCode.Forbidden,
"You do not have sufficient permissions for that resource.");
}
var model = new ProjectRolesViewModel
{ Id = project.Id, Name = project.Name };
var ownerModel = new UserPermissionsViewModel
{
isOwner = true,
UserId = project.Owner.Id,
UserName = project.Owner.UserName
};
model.UserRoles.Add(ownerModel);
foreach (var roleGroup in project.Authorizations
.GroupBy(auth => auth.User_ID))
{
var firstRole = roleGroup.FirstOrDefault();
UserPermissionsViewModel roleModel = null;
if (firstRole.User_ID == ownerModel.UserId)
{
roleModel = ownerModel;
}
else
{
roleModel = new UserPermissionsViewModel
{
UserId = firstRole.User_ID,
UserName = firstRole.User.UserName
};
model.UserRoles.Add(roleModel);
}
roleModel.UserId = firstRole.User_ID;
roleModel.UserName = firstRole.User.UserName;
foreach(var roleObj in System.Enum.GetValues(typeof(Permission)))
{
bool selected = roleGroup.Any(auth =>
auth.Permission == (Permission)roleObj);
roleModel.Permissions.Add(new PermissionViewModel
{
Permission = (Permission) roleObj,
PrevSelected = selected, Selected = selected
});
}
}
// If the owner has no permissions, we need to manually fill out
// an empty permissions list since it wasn't handled above.
if(!ownerModel.Permissions.Any())
{
foreach (var roleObj in System.Enum.GetValues(typeof(Permission)))
{
ownerModel.Permissions.Add(new PermissionViewModel
{
Permission = (Permission) roleObj,
PrevSelected = false, Selected = false
});
}
}
return View(model);
}