protected override bool OnValidate() { _sessionUser = SessionVariables.User; var valid = true; _role = Role.Query.SingleOrDefault(r => r.Id == RoleId); if (_role == null) { AddMessage(nameof(RoleId), new Message("Role does not exist", MessageTypes.Error)); return(false); } if (Admin.Query.Any(a => a.Email == Email)) { AddMessage(nameof(Email), new Message("Email is already in use", MessageTypes.Warning)); valid = false; } if (!string.IsNullOrEmpty(Password) && !Password.Equals(VerifyPassword)) { AddMessage(nameof(Password), new Message("Passwords do not match", MessageTypes.Warning)); valid = false; } return(valid); }
public static bool IsInRoles(this NTGPrincipal principal, string[] roles) { var user = SessionVariables.User; if (user == null) { return(false); } return(user.Roles.Any(r => roles.Contains(r))); }
public static void LogSiteAction(HttpRequestBase request, NTGPrincipal user, string action, int?pageId, string pageName, int?moduleId, string moduleType, NTGDBTransactional transaction = null) { try { var log = new SiteLog { AdminId = user.Id, Date = DateTime.UtcNow, Action = action, IPAddress = HttpContext.Current.Request.UserHostAddress, Page = pageId != null ? ((!string.IsNullOrEmpty(pageName) ? "Page: " + pageName + ", " : string.Empty) + "Id:" + pageId) : string.Empty, Module = moduleId != null ? ((!string.IsNullOrEmpty(moduleType) ? "Module: " + moduleType + ", " : string.Empty) + "Id:" + moduleId) : string.Empty, }; log.Save(transaction); } catch (Exception ex) { LogError(request, ex); } }
public static void LogSecurityAction(HttpRequest request, NTGPrincipal user, string action, NTGDBTransactional transaction = null) { try { var log = new SecurityLog { Browser = request.UserAgent, Date = DateTime.UtcNow, IPAddress = request.UserHostAddress, Action = action, UserId = user.Id, UserEmail = user.Email, UserType = string.Join(",", user.Roles) }; log.Save(transaction); } catch (Exception ex) { LogError(request, ex); } }
protected override bool OnValidate() { _sessionUser = SessionVariables.User; var valid = true; _admin = Admin.Query.Include(nameof(Admin.Role)).SingleOrDefault(a => a.Email == User); if (_admin == null) { AddMessage(Message.GLOBAL, new Message("User " + User + " does not exist", MessageTypes.Error)); NTGLogger.LogSecurityAction(HttpContext.Current.Request, _sessionUser, "Attempted to edit non-existing admin '" + User + "'"); return(false); } if (_sessionUser.IsInRole("Admin")) { if (!_admin.Email.Equals(_sessionUser.Email) && _admin.Role.Name.Equals("Admin")) { AddMessage(Message.GLOBAL, new Message("You are not permitted to modify other users with the Admin role", MessageTypes.Error)); NTGLogger.LogSecurityAction(HttpContext.Current.Request, _sessionUser, "Attempted to edit admin " + _admin.Id + " '" + _admin.Email + "'"); return(false); } if (RoleId.HasValue && _admin.RoleId != RoleId) { _role = Role.Query.SingleOrDefault(r => r.Id == RoleId.Value); if (_role == null) { AddMessage(nameof(RoleId), new Message("Attempted to assign non-existing role", MessageTypes.Error)); NTGLogger.LogSecurityAction(HttpContext.Current.Request, _sessionUser, "Attempted to assign non-existing role to admin " + _admin.Id + " '" + _admin.Email + "'"); return(false); } } } else { if (!_admin.Active) { AddMessage(Message.GLOBAL, new Message("Unable to save changes: user is no longer active", MessageTypes.Error)); NTGLogger.LogSecurityAction(HttpContext.Current.Request, _sessionUser, "Attempted to save changes to inactive admin " + _admin.Id + " '" + _admin.Email + "'"); return(false); } if (!_admin.Email.Equals(_sessionUser.Email)) { AddMessage(Message.GLOBAL, new Message("You are not permitted to modify other users", MessageTypes.Error)); NTGLogger.LogSecurityAction(HttpContext.Current.Request, _sessionUser, "Attempted to modify admin " + _admin.Id + " '" + _admin.Email + "'"); return(false); } if (Active.HasValue) { AddMessage(Message.GLOBAL, new Message("You are not permitted to change activation of users", MessageTypes.Error)); NTGLogger.LogSecurityAction(HttpContext.Current.Request, _sessionUser, "Attempted to reactivate/deactivate admin " + _admin.Id + " '" + _admin.Email + "'"); return(false); } if (RoleId.HasValue) { AddMessage(Message.GLOBAL, new Message("You are not permitted to change the role of users", MessageTypes.Error)); NTGLogger.LogSecurityAction(HttpContext.Current.Request, _sessionUser, "Attempted to change role of admin " + _admin.Id + " '" + _admin.Email + "'"); return(false); } } if (Admin.Query.Any(a => a.Email == Email && a.Id != _admin.Id)) { AddMessage(nameof(Email), new Message("Email is already in use", MessageTypes.Warning)); valid = false; } if (!string.IsNullOrEmpty(Password) && !Password.Equals(VerifyPassword)) { AddMessage(nameof(Password), new Message("Passwords do not match", MessageTypes.Warning)); valid = false; } return(valid); }