public static string CreateUrl(User user, UrlHelper urlHelper, HttpRequestBase request)
{
if (!user.IsPublicViewer)
return urlHelper.Action(MVC.Account.Register(user.InvitationCode), request.Url.Scheme);
else
return urlHelper.Action(MVC.Account.PublicViewerLogOn(user.InvitationCode), request.Url.Scheme);
}
public UserEditViewModel(User user)
{
Name = user.Name;
Bio = user.Bio;
ProfilePicture = user.ProfilePicture;
if (user.HasRealEmail)
Email = user.Email;
}
public MembershipCreateStatus Register(KidStepsContext context, User user, string password)
{
user.RoleFlags |= Role.Registered;
user.HasRealEmail = true;
context.SaveChanges();
// Attempt to register the user
MembershipCreateStatus createStatus;
Membership.CreateUser(user.Id.ToString(), password, user.Email, null, null, true, null, out createStatus);
return createStatus;
}
public Family Create(
KidStepsContext context,
User admin)
{
Family family = new Family();
context.Families.Add(family);
family.Name = admin.Name.Last;
family.Admin = admin;
admin.Family = family;
// add public viewer
UserRepository userRepos = new UserRepository();
User publicViewer = userRepos.CreatePublicViewer(context);
publicViewer.Family = family;
context.SaveChanges();
return family;
}
public static bool IsAllowedTo(this User user, Permission permission, User target)
{
bool isTargetUser = user.Id == target.Id;
bool isInSameFamilyAsTargetUser =
user.Family != null &&
target.Family != null &&
user.Family.Id == target.Family.Id;
bool isFamilyAdmin =
target.Family != null &&
target.Family.Admin.Id == user.Id;
bool isFamilyAdminAndTargetIsUnregistered =
isFamilyAdmin &&
target.IsUnregisteredFamilyMember;
bool isFamilyMember =
isInSameFamilyAsTargetUser &&
!user.IsPublicViewer;
// superuser is always authorized
if (user.IsSuperUser)
return true;
switch (permission)
{
// anyone in the family can read
case Permission.ReadUser:
return (isTargetUser || isInSameFamilyAsTargetUser);
// only target user can read personal data and upload images
case Permission.ReadUserPersonalData:
return isTargetUser;
case Permission.UploadImage:
return isTargetUser;
// only target user can update
case Permission.UpdateUser:
return isTargetUser || isFamilyAdminAndTargetIsUnregistered;
case Permission.EditFamily:
return isFamilyAdmin;
case Permission.TextPost:
return isInSameFamilyAsTargetUser && !user.IsPublicViewer;
default:
throw new NotImplementedException();
}
}
public static ActionResult WithId(this ActionResult result, User user)
{
return result.AddRouteValue("id", user.Id);
}
private User Create(KidStepsContext context, PersonName name, Role role, string email)
{
User user = new User();
context.Users.Add(user);
user.Name = name;
string emailToSave = email;
if (string.IsNullOrWhiteSpace(emailToSave))
emailToSave = Guid.NewGuid().ToString() + "@fake.com";
else
user.HasRealEmail = true;
user.Email = emailToSave;
string invitationCode = Guid.NewGuid().ToString();
user.InvitationCode = invitationCode;
user.RoleFlags = role;
context.SaveChanges();
return user;
}
