public IHandlerBuilder Index(int page, bool inactive, IRequest request)
{
if (page < 1)
{
page = 1;
}
using var context = Database.Create();
IQueryable <Account> query = context.Accounts;
if (!inactive)
{
query = query.Where(u => u.Active);
}
var total = query.Count();
var records = query.Skip((page - 1) * PAGE_SIZE)
.Take(PAGE_SIZE)
.OrderBy(u => u.DisplayName)
.ToList();
var pages = (total + PAGE_SIZE - 1) / PAGE_SIZE;
var paged = new PagedList <Account>(records, page, pages, total);
var user = AccessControl.GetAccount(request);
var list = new AccountList(user, paged);
return(ModRazor.Page(Resource.FromAssembly("Account.List.cshtml"), (r, h) => new ViewModel <AccountList>(r, h, list))
.Title("Mitarbeiter"));
}
public IHandlerBuilder?Activate([FromPath] int id, IRequest request)
{
var user = AccessControl.GetAccount(request);
if (!user.Admin)
{
throw new ProviderException(ResponseStatus.Forbidden, "Your are not allowed to activate this user.");
}
using var context = Database.Create();
var account = context.Accounts
.Where(c => c.ID == id)
.FirstOrDefault();
if (account == null)
{
return(null);
}
account.Active = true;
context.SaveChanges();
return(Redirect.To($"{{controller}}/details/{id}/", true));
}
public IHandlerBuilder?Edit([FromPath] int id, IRequest request)
{
var user = AccessControl.GetAccount(request);
if (!user.Admin && !(user.ID == id))
{
throw new ProviderException(ResponseStatus.Forbidden, "Your are not allowed to edit this user.");
}
using var context = Database.Create();
var account = context.Accounts
.Where(c => c.ID == id)
.FirstOrDefault();
if (account == null)
{
return(null);
}
var viewModel = new AccountDetails(user, account);
return(ModRazor.Page(Resource.FromAssembly("Account.Editor.cshtml"), (r, h) => new ViewModel <AccountDetails>(r, h, viewModel))
.Title($"{account.DisplayName}"));
}
public IHandlerBuilder?Details([FromPath] int id, IRequest request)
{
var user = AccessControl.GetAccount(request);
using var context = Database.Create();
var account = context.Accounts
.Where(c => c.ID == id)
.FirstOrDefault();
if (account == null)
{
return(null);
}
var viewModel = new AccountDetails(user, account);
return(ModRazor.Page(Resource.FromAssembly("Account.Details.cshtml"), (r, h) => new ViewModel <AccountDetails>(r, h, viewModel))
.Title($"{account.DisplayName}"));
}
public IHandlerBuilder?Edit([FromPath] int id, Account account, IRequest request)
{
var user = AccessControl.GetAccount(request);
if (!user.Admin && !(user.ID == id))
{
throw new ProviderException(ResponseStatus.Forbidden, "Your are not allowed to edit this user.");
}
using var context = Database.Create();
var existing = context.Accounts
.Where(c => c.ID == id)
.FirstOrDefault();
if (existing == null)
{
return(null);
}
existing.Name = account.Name.Trim();
existing.DisplayName = account.DisplayName.Trim();
if (user.Admin)
{
existing.Admin = account.Admin;
}
if (!string.IsNullOrEmpty(account.Password))
{
existing.Password = AccessControl.Hash(account.Password);
}
existing.Modified = DateTime.UtcNow;
context.SaveChanges();
return(Redirect.To($"{{controller}}/details/{id}/", true));
}
