Exemplo n.º 1
0
        public async Task <IActionResult> OnGetApprovalsAsync()
        {
            if (!(await _authorizationService.AuthorizeAsync(User, "RequireAuthorityRole")).Succeeded)
            {
                return(Forbid());
            }

            var userId         = _userManager.GetUserId(User);
            var authorityRoles = _authorityProvider.GetAuthorityRoles(userId).ToList();

            var approvalsQueryResult = await _proposalDbContext.Approvals.AsQueryable()
                                       .Where(a => authorityRoles.Contains(a.AuthorityRole) || a.AuthorityRole == ApprovalAuthorityRole.Supervisor && a.Proposal.SupervisorId == userId)
                                       .Where(a => a.Status == ApprovalStatus.ApprovalPending || a.Status == ApprovalStatus.Rejected || a.Status == ApprovalStatus.Approved)
                                       .OrderByDescending(a => a.Proposal.LastEditedOn)
                                       .Select(a => new
            {
                a.ProposalId,
                ProposalOwnerId = a.Proposal.OwnerId,
                ProposalTitle   = a.Proposal.Title,
                a.AuthorityRole,
                a.Status
            })
                                       .ToListAsync();

            var ownerNames = await _userManager.GetUserNamesForIdsAsync(approvalsQueryResult.Select(p => p.ProposalOwnerId));

            var approvals = approvalsQueryResult
                            .Select(a => new ApprovalModel
            {
                ProposalId        = a.ProposalId,
                SectionId         = _sectionHandlers.First(s => s.HasApprovalAuthorityRole(a.AuthorityRole)).Id,
                ProposalOwnerName = ownerNames[a.ProposalOwnerId],
                ProposalTitle     = a.ProposalTitle,
                Role     = (ApprovalAuthorityRoleModel)a.AuthorityRole,
                RoleType = _authorityProvider.IsPrimaryAuthorityForRole(userId, a.AuthorityRole) ? ApprovalRoleTypeModel.Primary : ApprovalRoleTypeModel.Secondary,
                Status   = (ApprovalStatusModel)a.Status
            })
                            .ToList();

            return(new JsonResult(approvals));
        }
        public async Task <SignInStatus> EndSignInAsync(HttpContext httpContext, bool isPersistent)
        {
            var result = await _authenticationService.AuthenticateAsync(httpContext, Constants.AuthenticationSchemes.External);

            if (!result.Succeeded)
            {
                return(SignInStatus.NoExternalCookie);
            }

            await _authenticationService.SignOutAsync(httpContext, Constants.AuthenticationSchemes.External, null);

            var userId = result.Principal.FindFirstValue(ClaimTypes.UserId);

            if (userId == null)
            {
                _logger.LogInformation("DCCN user ID is missing.");
                return(SignInStatus.InvalidUser);
            }

            var user = await UserManager.GetUserByIdAsync(userId, true);

            if (user == null)
            {
                _logger.LogInformation("User '{UserId}' does not exist.", userId);
                return(SignInStatus.InvalidUser);
            }

            if (user.Status == CheckinStatus.Tentative)
            {
                _logger.LogInformation("User '{UserId} has tentative status.", userId);
                return(SignInStatus.InvalidStatus);
            }

            var identity = new ClaimsIdentity(Constants.AuthenticationSchemes.Default, ClaimTypes.UserName, ClaimTypes.Role);

            identity.AddClaim(new Claim(ClaimTypes.UserId, user.Id));
            identity.AddClaim(new Claim(ClaimTypes.UserName, user.DisplayName));
            identity.AddClaim(new Claim(ClaimTypes.EmailAddress, user.Email));
            identity.AddClaim(new Claim(ClaimTypes.Group, user.GroupId));

            var authorityRoles = _authorityProvider.GetAuthorityRoles(user.Id).ToList();

            if (authorityRoles.Any() || user.IsHead)
            {
                identity.AddClaim(new Claim(ClaimTypes.Role, Role.Authority.GetName()));
                identity.AddClaims(authorityRoles.Select(role => new Claim(ClaimTypes.ApprovalRole, role.GetName())));
            }

            if (user.IsHead)
            {
                identity.AddClaim(new Claim(ClaimTypes.Role, Role.Supervisor.GetName()));
            }

            if (_formOptions.Administration.Contains(user.Id))
            {
                identity.AddClaim(new Claim(ClaimTypes.Role, Role.Administration.GetName()));
            }

            var authProperties = new AuthenticationProperties
            {
                IsPersistent = isPersistent
            };

            await _authenticationService.SignInAsync(httpContext, Constants.AuthenticationSchemes.Default, new ClaimsPrincipal(identity), authProperties);

            return(SignInStatus.Success);
        }