public async Task <JsonResult> MappableUsers() { try { if (Request.IsAuthenticated) { // User should belongs to the Role SysAdmin to access MappableUsers if (User.IsInRole(Roles.SysAdmin)) { // Returns users with the Role with AppUser // BUG: var list = db.Administrators.Where(new Func<ApplicationUser, bool>(x => { return UserManager.IsInRole(x.Id, Roles.AppUser) })).ToList(); // FIX: AppUser should belongs to the Organization of the SysAdmin 31/1/2015 var Organization = User.GetOrganization(); var List = await db.Administrators.Include(x => x.User).Include(x => x.Organization).Where(x => x.Organization.Key == Organization && x.Role == Roles.AppUser).ToListAsync(); return(await new JsonListViewModel <JApplicationUser> { List = List.Select(x => new JApplicationUser(x.User)).ToList() }.toJson()); } } // If user is not authenticated return UserUnauhorizedError to client. return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson()); } catch (Exception ex) { return(Json(JsonExceptionViewModel.Get(ex), JsonRequestBehavior.AllowGet)); } }
public static async Task <JsonResult> Format <T1, T2, T3>(HttpRequestBase Request, HttpResponseBase Response, string Controller, string Role, IPrincipal User, DbSet <T1> value, Expression <Func <T1, bool> > exp, Expression <Func <T1, object> >[] Includes, Func <List <T3>, T2> operation = null) where T1 : class where T2 : maQx.Models.JsonViewModel where T3 : class, IJsonBase <T1, T3> { Exception Exception = null; try { if (typeof(T1) == typeof(Menus) || User.IsInRole(Role)) { var format = Activator.CreateInstance <T3>(); var data = await value.IncludeMultiple(Includes).Where(exp).ToListAsync(); var d = data.Select(x => { return(format.To(x)); }).ToList(); return(await List <T2, T3>(Controller, operation, d)); } else { return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson()); } } catch (Exception ex) { Exception = ex; } return(await JsonExceptionViewModel.Get(Exception).toJson()); }
public async Task <JsonResult> Administrators() { try { List <UserViewModel> Users = null; var Claim = ((ClaimsIdentity)User.Identity); if (User.IsInRole(Roles.Inviter)) { if (User.IsInRole(Roles.AppAdmin)) { Users = await GetAdministrator(db.Administrators.Include("User").Include("Organization"), x => x.Role == Roles.SysAdmin && x.ActiveFlag, null); } else { var Key = Claim.FindFirst("Organization.Key").Value; Users = await GetAdministrator(db.Administrators.Include("User").Include("Organization"), x => x.Role == Roles.AppUser && x.ActiveFlag && x.Organization.Key == Key, Claim.FindFirst("Organization.Name").Value); } } if (Users == null) { return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson()); } return(await new JsonListViewModel <UserViewModel>(Users, TableTools.GetTools(Type.GetType("maQx.Controllers.Administrators"))).toJson()); } catch (Exception ex) { return(Json(JsonExceptionViewModel.Get(ex), JsonRequestBehavior.AllowGet)); } }
public async Task <JsonResult> UserDepartmentMenu(string id) { if (User.IsInRole(Roles.SysAdmin)) { var DepartmentUser = await db.DepartmentUsers.Include(x => x.Department).Where(x => x.User.Id == id).FirstOrDefaultAsync(); if (DepartmentUser == null) { return(await JsonErrorViewModel.GetResourceNotFoundError(Response).toJson()); } var DepartmentMenu = (await db.DepartmentMenus.Include(x => x.Department.Division.Plant.Organization).Include(x => x.Menu).Where(x => x.Department.Key == DepartmentUser.Department.Key).ToListAsync()).Select(x => new JDepartmentMenu(x)).ToList(); var DepartmentSelectedMenu = (await db.MenuAccess.Include(x => x.DepartmentMenu.Menu).Where(x => x.User.Id == id).ToListAsync()).Select(x => new JMenuAccess(x)).ToList(); return(await new JsonViewModel <Tuple <List <JDepartmentMenu>, List <JMenuAccess> > > { Value = new Tuple <List <JDepartmentMenu>, List <JMenuAccess> >(DepartmentMenu, DepartmentSelectedMenu) }.toJson()); } else { return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson()); } }
public override void OnActionExecuting(ActionExecutingContext filterContext) { if (!filterContext.HttpContext.Request.IsAuthenticated) { filterContext.HttpContext.Response.StatusCode = 403; filterContext.Result = (JsonErrorViewModel.GetUserUnauhorizedError().toJson()).Result; } else { base.OnActionExecuting(filterContext); } }
public async Task <JsonResult> CurrentUser() { try { // Send the Current user as a Json object to the client if the user is authenticated if (Request.IsAuthenticated) { var identity = (ClaimsIdentity)User.Identity; return(Json(new JsonCurrentUserViewModel() { Name = identity.FindFirst("Firstname").Value, }, JsonRequestBehavior.AllowGet)); } else { // While sending current to the client user check whether user in user Init Action by checking the session cookie. // For more security check the Auth code against the database to verify the received Auth is valid. string Auth = HttpContext.GetSecuredSessionCookie(_SessionName); // If 'true' return temp user configuration to the client. if (!String.IsNullOrWhiteSpace(Auth)) { return(await new JsonCurrentUserViewModel() { Name = "New User", Role = "TempSession", }.toJson()); } // Otherwise return UserUnauhorizedError to client. else { return(await JsonErrorViewModel.GetUserUnauhorizedError().toJson()); } } } catch (Exception ex) { return(Json(JsonExceptionViewModel.Get(ex), JsonRequestBehavior.AllowGet)); } }