private void AddTechnicianToMaintenanceGroup(UserModel userModel, PemsCity mainGroup, int userId) { //make sure the user has access to the maintenance group. Add them as a _maint mmeber and to the caching table (new UserCustomerAccessManager()).AddCustomerAccess(userId, mainGroup.Id); var mgAuthMgr = new AuthorizationManager(mainGroup.InternalName); mgAuthMgr.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName, userModel.Username); //add them to all discinct pems conn strings foreach ( var maintCustomer in mainGroup.MaintenanceCustomers) { var maintCustomerPemsConnString = maintCustomer.PemsConnectionStringName; //create the technician. only do this if they dont exist already, otherwise update using (var pemsEntities = new PEMEntities(maintCustomerPemsConnString)) { SetMaintenanceGroupTechnician(userModel, pemsEntities, userId); //add user to _maintenance group here for the specific customer var authorizationManager = new AuthorizationManager(maintCustomer.InternalName); authorizationManager.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName, userModel.Username); //now add them to caching table for this customer //not sure if we need this or not (new UserCustomerAccessManager()).AddCustomerAccess(userId, maintCustomer.Id); } } }
public ActionResult CustomerRoles(CustomerRoleModel model, string submitButton) { //check the other submit buttons and act on them, or continue switch (submitButton) { case "Cancel": return(RedirectToAction("Index", "Users")); } int userID = (new UserFactory()).GetUserId(model.Username); //remove all caching table data for this user (new UserCustomerAccessManager()).ClearCustomerAccess(userID); //first, we HAVE to loop horugh and remove all the groups before we add. This way when adding maintneance groups, the _maint group gtes added correctly. foreach (var customerRole in model.CustomerRoles) { //get a auth manager for this customer var authMan = new AuthorizationManager(customerRole.CustomerInternalName); //remove the user from all the groups in this customer authMan.RemoveMemberGroups(model.Username); //remove them from maintenance as well. this is the only place we do this since this is the only place they can be added to a maint gorup without being set as a technician. //IE - only applies to administrative users. authMan.RemoveMemberFromMaintenanceGroup(model.Username); //now we have to clear the menu cache HttpContext.Cache.Remove("__PemsMenu" + customerRole.CustomerInternalName.Trim() + model.Username.Trim()); } //now add the correct roles foreach (var customerRole in model.CustomerRoles) { // now add them to the specific group for this store they will have access to //only need to do this when there is a valid group name (not empty) if (customerRole.CurrentRole != (new ResourceFactory()).GetLocalizedTitle(ResourceTypes.DropDownDefault, "Select One")) { var authMan = new AuthorizationManager(customerRole.CustomerInternalName); authMan.AddGroupMember(customerRole.CurrentRole, model.Username, false); //also update the caching table - they have access to one role, so they have access to the site. authMan.AddCustomerAccess(userID); //we also have to add them to the _maintenance Role if this customer is a maintenance group //IE - we are giving any duncan admin users (which are the only ones using this page) //that have any access to this maintenance group a _maintenance role as well, so they can log into the handheld. //have to setup the city first customerRole.Customer = new PemsCity(customerRole.CustomerInternalName); if (customerRole.Customer.CustomerType == CustomerProfileType.MaintenanceGroup) { (new TechnicianFactory()).AddAdminTechnicianToMaintenanceGroup(model.Username, customerRole.Customer, userID); } } } return(RedirectToAction("Index", "Users")); }
/// <summary> /// Adds an admin to the maintenance group. This DOES NOT create a technician out of the administrator /// this just gives the admin user access to the MG and its customers. /// </summary> /// <param name="username"></param> /// <param name="mainGroup"></param> /// <param name="userId"></param> public void AddAdminTechnicianToMaintenanceGroup(string username, PemsCity mainGroup, int userId) { //make sure the user has access to the maintenance group. Add them as a _maint mmeber and to the caching table (new UserCustomerAccessManager()).AddCustomerAccess(userId, mainGroup.Id); var mgAuthMgr = new AuthorizationManager(mainGroup.InternalName); mgAuthMgr.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName, username); //add them to all discinct pems conn strings foreach (var maintCustomer in mainGroup.MaintenanceCustomers) { //create the technician. only do this if they dont exist already, otherwise update //add user to _maintenance group here for the specific customer var authorizationManager = new AuthorizationManager(maintCustomer.InternalName); authorizationManager.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName, username); //now add them to caching table for this customer (new UserCustomerAccessManager()).AddCustomerAccess(userId, maintCustomer.Id); } }
public void SetMaintenanceGroupCustomersModel(int maintGroupId, MaintenanceGroupCustomersModel model) { // Save any new areas. if (model.NewCustomers != null) { var maintGroup = new PemsCity(maintGroupId.ToString()); foreach (var newCustomerId in model.NewCustomers) { //try to parse the id to make sure it came though correctly int newCustID; var parsed = int.TryParse(newCustomerId, out newCustID); if (parsed) { //now lets check to see if this customer is in the system var existingCustomer = RbacEntities.CustomerProfiles.FirstOrDefault(x => x.CustomerId == newCustID); if (existingCustomer != null) { //only do it if it doesnt exist there already var existing = RbacEntities.MaintenanceGroupCustomers.FirstOrDefault(x => x.MaintenanceGroupId == maintGroupId && x.CustomerId == newCustID); if (existing != null) { continue; } RbacEntities.MaintenanceGroupCustomers.Add(new MaintenanceGroupCustomer { MaintenanceGroupId = maintGroupId, CustomerId = newCustID }); RbacEntities.SaveChanges(); //roll thorugh all the ussers for the maint group and if htey are a technician, add them to the _main group for the customer. //This way they will not be member, but will be part of a role so they have access log in to the maint for that cuity //we do not need to roll thorugh the users for the customers, since they are not allowed to assign technicians until they are part of the maintenance group //this means that the customer will not have any technicians, so we do not need to worry about adding those users as techs for the maint group, //that will be done when the user is checked as a tech after the customer is assigned to the maint group. //now add all of the users for this maintenance group that are technicians to the _maintenance role for the customer. //we are also only doing this for new customers. //get all the users for the maintenance group var mainGroupMembersUsernames = (new SecurityManager()).GetUsersForCity(maintGroup.InternalName); //get the customer and an auth manager for that customer var customer = new PemsCity(existingCustomer.CustomerId.ToString()); var authorizationManager = new AuthorizationManager(customer); //check to see if they are a technician foreach (var mainGroupMembersUsername in mainGroupMembersUsernames) { if (TechnicianFactory.IsUserTechnician(mainGroupMembersUsername)) { //if they are, add them to the _maint role for the customer authorizationManager.AddGroupMember(Constants.Security.DefaultMaintenanceGroupName, mainGroupMembersUsername); //go get the userid from the name var userId = (new UserFactory()).GetUserId(mainGroupMembersUsername); //we also need to update the caching table to give the technician access to see the site (new UserCustomerAccessManager()).AddCustomerAccess(userId, maintGroupId); } } } } } } }
/// <summary> /// Creates the user in the system and returns the system generated username /// </summary> /// <param name="useModelUserName">If true then try to use <see cref="UserModel"/> instance Username if it exists. Otherwise fall back to building a user name. </param> public string CreateUser(UserModel userModel, string storeName, string password, bool active, bool useModelUserName) { var authorizationManager = new AuthorizationManager(storeName); string username = CreateUniqueUserName(userModel.FirstName, userModel.MiddleInitial, userModel.LastName); username = (useModelUserName && !string.IsNullOrWhiteSpace(userModel.Username)) ? userModel.Username : username; //register the user //try to get the dbuser, and if they arlready exists, just create the account, otherwise create the user and account. if (!authorizationManager.InAuthorizationSystem(username)) { WebSecurity.CreateUserAndAccount(username, password, new { FirstName = userModel.FirstName, MiddleName = userModel.MiddleInitial, LastName = userModel.LastName, Phone = userModel.PhoneNumber, Email = userModel.EmailAddress, CreatedDate = DateTime.Now, RequirePasswordReset = true }); } else { //only create them if they dont already exist if (!WebSecurity.UserExists(username)) { //create them WebSecurity.CreateAccount(username, password); } } //update their profile //set the models username now that we have it userModel.Username = username; UpdateUserProfile(userModel, active); //now force them to change their pw on next login UpdateUserPasswordReset(username, true); //add the password to the password history so they cant set it back ot the default var pwMGr = new PasswordManager(username); pwMGr.AddPasswordToHistory(password); //now add them to the default group for this store they will have access to authorizationManager.AddGroupMember(Constants.Security.DefaultStoreGroupName, username); //update the caching table to include this person int userID = GetUserId(userModel.Username); authorizationManager.AddCustomerAccess(userID); //have to check to see if groupname is null - otherwise we throw an error if (!string.IsNullOrEmpty(userModel.Role)) { // now add them to the specific group for this store they will have access to authorizationManager.AddGroupMember(userModel.Role, username); } return(username); }