public ActionResult Create()
        {
            Tipstaff.CPrincipal thisUser = (User as Tipstaff.CPrincipal);
            UserAdminVM         model    = new UserAdminVM();

            model.Roles = new SelectList(db.GetAllRoles(), "strength", "Detail");
            return(View(model));
        }
        public ActionResult Edit(int id)
        {
            UserAdminVM model = new UserAdminVM();

            Tipstaff.CPrincipal thisUser = (User as Tipstaff.CPrincipal);
            model.User  = db.GetUserByID(id);
            model.Roles = new SelectList(db.GetAllRoles(), "strength", "Detail", model.User.RoleStrength);
            return(View(model));
        }
예제 #3
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            _isAuthorized   = false;
            UserAccessLevel = AccessLevel.Denied;
            //check groups (strart with them for a bigger group target!)
            using (TipstaffDB db = new TipstaffDB())
            {
                UserAccessLevel = (AccessLevel)db.UserAccessLevel(httpContext.User);
            }
            _isAuthorized = (UserAccessLevel > AccessLevel.Denied && UserAccessLevel >= MinimumRequiredAccessLevel);


            IIdentity  user       = httpContext.User.Identity;
            CPrincipal cPrincipal = new CPrincipal(user);

            httpContext.User = cPrincipal;
            return(_isAuthorized);
        }
        //
        // GET: /Admin/Users/

        public ActionResult Index()
        {
            Tipstaff.CPrincipal thisUser = (User as Tipstaff.CPrincipal);
            IEnumerable <User>  allUsers = db.GetAllUsers();

            if (thisUser.AccessLevel == AccessLevel.SystemAdmin)
            {
                return(View(allUsers));
            }
            else
            {
                List <User> model = new List <User>();
                foreach (User u in allUsers)
                {
                    if (u.RoleStrength <= (int)thisUser.AccessLevel)
                    {
                        model.Add(u);
                    }
                }
                return(View(model));
            }
        }