예제 #1
0
        public async Task <IActionResult> ManageUserClaims(ClaimsViewModel model)
        {
            var uId         = userManager.GetUserId(User);
            var currentUser = await userManager.FindByIdAsync(uId);

            var uClaims = await userManager.GetClaimsAsync(currentUser);

            Global.globalCurrentUserClaims = uClaims.ToList();

            var user = await userManager.FindByIdAsync(model.UserId);

            var project = _projectRepository.GetProject(model.ProjectId);

            if (user == null)
            {
                ViewBag.ErrorMessage = $"User with id {model.UserId} doesn't exist";
                return(View("NotFound"));
            }

            if (model.UserId == userManager.GetUserId(User) || model.UserId == project.OwnerId)
            {
                return(RedirectToAction("AccessDenied", "Account"));
            }

            var existingUserClaims = await userManager.GetClaimsAsync(user);

            var currentClaims = existingUserClaims.ToList();
            var result        = await userManager.RemoveClaimsAsync(user, existingUserClaims);

            if (result.Succeeded == false)
            {
                ModelState.AddModelError("", "Cannot remove user existing claims");
                return(View(model));
            }

            var claimsList = new List <Claim>();

            for (var i = 0; i < model.Claims.Count; i++)
            {
                var projectList       = new List <string>();
                var projectListString = "";

                if (currentClaims.Count == 4)
                {
                    projectList = currentClaims[i].Value.Split(" ").ToList();
                    var currentClaimContainsId = ClaimsHelper.ContainsId(model.ProjectId.ToString(), projectList);
                    if (currentClaimContainsId && model.Claims[i].IsSelected)
                    {
                        projectListString = String.Join(" ", projectList.ToArray());
                    }
                    else if (!currentClaimContainsId && model.Claims[i].IsSelected)
                    {
                        projectList.Add(model.ProjectId.ToString());
                        projectListString = String.Join(" ", projectList.ToArray());
                    }
                    else if (currentClaimContainsId && model.Claims[i].IsSelected == false)
                    {
                        var newListWithRemovedId = ClaimsHelper.RemoveProjectId(model.ProjectId.ToString(), projectList);
                        projectListString = String.Join(" ", newListWithRemovedId.ToArray());
                    }
                    else if (!currentClaimContainsId && model.Claims[i].IsSelected == false)
                    {
                        projectListString = String.Join(" ", projectList.ToArray());
                    }
                }

                claimsList.Add(new Claim(model.Claims[i].ClaimType, projectListString));
            }

            result = await userManager.AddClaimsAsync(user, claimsList);

            if (result.Succeeded == false)
            {
                ModelState.AddModelError("", "Cannot add selected claims to user");
                return(View(model));
            }

            return(RedirectToAction("EditUser", new { userId = model.UserId, projectId = model.ProjectId }));
        }