public JsonResult UpdateAccessDetails(string userId, string[] roles)
        {
            UserPrincipal userPrincipal = (UserPrincipal)User;
            object        lockObject    = new object();
            List <string> userRoles     = new List <string>();

            Parallel.ForEach(
                roles,
                role =>
            {
                Hashtable accessLevels = JsonHelper.DeserializeObject <Hashtable>(role);
                AuthorityAccess access = new AuthorityAccess();
                access.PartitionKey    = userId;
                access.RowKey          = accessLevels["regulatory"].ToString();
                access.AccessLevel     = Convert.ToInt16(accessLevels["role"]);

                lock (lockObject)
                {
                    userRoles.Add(accessLevels["role"].ToString());
                }

                userPrincipal.UserManager.SaveUserAccessLevel(access);
            });

            UserProfile userProfile = userPrincipal.UserManager.GetUserProfileFromUserId(userId);

            if (userProfile.IsSuperAdmin)
            {
                // down grade portal admin privilages
                if (!userRoles.Contains(((int)AccessLevels.SuperAdmin).ToString()))
                {
                    userProfile.IsSuperAdmin = false;
                    userPrincipal.UserManager.SaveUserProfile(userProfile);

                    this.UserManagementLogger.Log(TraceEventType.Information, LoggingMessageId.PortalUserAccessLevelUpgraded, userPrincipal.UserName + " upgraded access level of " + userProfile.UserName + " to Portal Admin");
                }
            }
            else
            {
                // Upgrade to portal Admin
                if (userRoles.Contains(((int)AccessLevels.SuperAdmin).ToString()))
                {
                    userProfile.IsSuperAdmin = true;
                    userPrincipal.UserManager.SaveUserProfile(userProfile);

                    this.UserManagementLogger.Log(TraceEventType.Information, LoggingMessageId.PortalUserAccessLevelDowngraded, userPrincipal.UserName + " downgraded access level of " + userProfile.UserName + " from Portal Admin");
                }
            }

            this.UserManagementAuditor.UserId        = userId;
            this.UserManagementAuditor.TransactionId = this.UserManagementLogger.TransactionId;
            this.UserManagementAuditor.Audit(AuditId.UpdateAccessLevel, AuditStatus.Success, default(int), "Access level of " + userProfile.UserName + " is changed by " + userPrincipal.UserName);
            this.UserManagementLogger.Log(TraceEventType.Information, LoggingMessageId.PoratlUserAccessLevelChange, "Access level of " + userProfile.UserName + " is changed by " + userPrincipal.UserName);

            var rolesInfo = userPrincipal.UserManager.GetUserAccessDetails(userId);

            return(this.Json(rolesInfo, JsonRequestBehavior.AllowGet));
        }
Exemplo n.º 2
0
        public void GetAccessLevelForAuthority_ForValidUser_ReturnsAccessLevel()
        {
            AuthorityAccess expectedAuthorityAccessData = CommonData.GetAuthorityAccessData().ElementAt(0);

            this.azureTableOperation.FetchEntityOf1StringStringString <AuthorityAccess>((partitionKey, rowKey, tableName) => expectedAuthorityAccessData);

            AuthorityAccess actualAuthorityAccessData = this.userManager.GetAccessLevelForAuthority(expectedAuthorityAccessData.PartitionKey, expectedAuthorityAccessData.RowKey);

            Assert.AreEqual(expectedAuthorityAccessData.AccessLevel, actualAuthorityAccessData.AccessLevel);
        }
        public bool SaveAccessElevationRequest(AccessRequest accessRequest)
        {
            IEnumerable <AccessElevationRequest> userRequests = this.azureTableOperations.GetEntityByPartitionKey <AccessElevationRequest>(accessRequest.UserId).Where(x => Convert.ToInt32(x.RequestStatus) == (int)RequestStatus.Pending);
            var currentRequest = userRequests.Where(x => x.Regulatory == accessRequest.Regulatory).FirstOrDefault();

            if (currentRequest != null)
            {
                if (accessRequest.RequestStatus == (int)RequestStatus.Approved)
                {
                    currentRequest.CurrentAccessLevel   = currentRequest.RequestedAccessLevel;
                    currentRequest.RequestedAccessLevel = 0;
                }

                // update Request
                currentRequest.RequestStatus = accessRequest.RequestStatus;
                currentRequest.Remarks       = accessRequest.Remarks;
                currentRequest.ApprovedUser  = accessRequest.ApprovedUser;
                this.azureTableOperations.InsertEntity(currentRequest);

                // update user profile, if requested for
                if (currentRequest.CurrentAccessLevel == (int)AccessLevels.SuperAdmin)
                {
                    var userProfile = this.azureTableOperations.FetchEntity <UserProfile>("1", currentRequest.PartitionKey);
                    userProfile.IsSuperAdmin = true;
                    this.azureTableOperations.InsertEntity(userProfile);
                }

                // update authority access table
                int             authority           = (int)((Authorities)System.Enum.Parse(typeof(Authorities), accessRequest.Regulatory));
                AuthorityAccess currentaccessLevels = this.azureTableOperations.FetchEntity <AuthorityAccess>(accessRequest.UserId, authority.ToString());
                currentaccessLevels.AccessLevel = currentRequest.CurrentAccessLevel;
                this.azureTableOperations.InsertEntity(currentaccessLevels);

                return(true);
            }

            return(false);
        }
Exemplo n.º 4
0
 public void SaveUserAccessLevel(AuthorityAccess access)
 {
     this.azureTableOperations.InsertEntity(access);
 }
Exemplo n.º 5
0
        public void GetAccessLevelForAuthority_ForValidUser_ReturnsAccessLevel()
        {
            AuthorityAccess actualAuthorityAccessData = UserManager.GetAccessLevelForAuthority(authorityAccessEntities.ElementAt(0).PartitionKey, authorityAccessEntities.ElementAt(0).RowKey);

            Assert.AreEqual(authorityAccessEntities.ElementAt(0).AccessLevel, actualAuthorityAccessData.AccessLevel);
        }