public void RemoveUserClaimSyncTest()
{
var db = UnitTestHelper.CreateDefaultDb();
var manager = new UserManager <IdentityUser>(new UserStore <IdentityUser>(db));
var user = new IdentityUser("u1");
var result = manager.Create(user);
Assert.NotNull(user);
var claims = new[]
{
new Claim("c1", "v1"),
new Claim("c2", "v2"),
new Claim("c3", "v3")
};
foreach (Claim c in claims)
{
UnitTestHelper.IsSuccess(manager.AddClaim(user.Id, c));
}
var userClaims = new List <Claim>(manager.GetClaims(user.Id));
Assert.Equal(3, userClaims.Count);
foreach (Claim c in claims)
{
Assert.True(userClaims.Exists(u => u.Type == c.Type && u.Value == c.Value));
UnitTestHelper.IsSuccess(manager.RemoveClaim(user.Id, c));
}
var cs = manager.GetClaims(user.Id);
Assert.Equal(0, cs.Count());
Assert.Equal(0, db.Set <IdentityUserClaim>().Count());
}
public async Task <IdentityResult> UpdateClaimAsync(string userId, Claim claim)
{
var cls = _userManager.GetClaims(userId).Where(x => x.Type == claim.Type);
foreach (var c in cls)
{
_userManager.RemoveClaim(userId, c);
}
var result = await _userManager.AddClaimAsync(userId, claim);
return(result);
}
public void GetUserClaimsShouldReturnCorrectClaimsForUser()
{
var user = new IdentityUser(GetNewRandomName());
_userManager.Create(user);
_userManager.AddClaim(user.Id, new Claim("Scope", "Read"));
_userManager.AddClaim(user.Id, new Claim("Scope", "Write"));
var userClaims = _userManager.GetClaims(user.Id);
Assert.AreEqual(2, userClaims.Count);
Assert.AreEqual("Read", userClaims.ElementAt(0).Value);
Assert.AreEqual("Write", userClaims.ElementAt(1).Value);
}
public void SavePermission(IEnumerable <string> selected)
{
var userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>());
var principal = HttpContext.User.Identity as ClaimsIdentity;
var userid = principal.GetUserId();
using (var context = new ApplicationDbContext())
{
var allroles = context.Roles.ToList();
var userClaims = userManager.GetClaims(userid).ToList();
//remove all existing user claims
foreach (var claim in userClaims)
{
userManager.RemoveClaim(userid, claim);
}
//add new selected claims
foreach (var roleid in selected)
{
var role = allroles.Single(r => r.Id == roleid);
userManager.AddClaim(userid, new Claim(ClaimTypes.Role, role.Name));
}
}
}
public ActionResult DeleteUserConfirmed(string id = null)
{
try
{
IdentityContext IdentityContext1 = new IdentityContext();
ApplicationUser IdentityUser1 = IdentityContext1.Users.First(x => x.Id == id);
UserManager <ApplicationUser> UserManager1 = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(new IdentityContext()));
foreach (string UserRole1 in UserManager1.GetRoles(id))
{
UserManager1.RemoveFromRole(id, UserRole1);
}
foreach (System.Security.Claims.Claim UserClaim1 in UserManager1.GetClaims(id))
{
UserManager1.RemoveClaim(id, UserClaim1);
}
foreach (UserLoginInfo UserLoginInfo1 in UserManager1.GetLogins(id))
{
UserManager1.RemoveLogin(id, UserLoginInfo1);
}
IdentityContext1.Users.Remove(IdentityUser1);
IdentityContext1.SaveChanges();
//return RedirectToAction("AllUsers");
return(Json(new { success = true }));
}
catch (Exception ex)
{
return(Content(ex.Message));
}
}
public async Task <ActionResult> EnableGoogleAuthenticator(GoogleAuthenticatorViewModel model)
{
if (ModelState.IsValid)
{
byte[] secretKey = Base32Encoder.Decode(model.SecretKey);
long timeStepMatched = 0;
var otp = new Totp(secretKey);
if (otp.VerifyTotp(model.Code, out timeStepMatched, new VerificationWindow(2, 2)))
{
var uid = User.Identity.GetUserId();
var user = await UserManager.FindByIdAsync(uid);
var googleAuthClaim = UserManager.GetClaims(uid).FirstOrDefault(x => x.Type == Claims.GoogleAuthSecret);
if (googleAuthClaim != null)
{
await UserManager.RemoveClaimAsync(uid, new Claim(Claims.GoogleAuthSecret, model.SecretKey));
}
await UserManager.AddClaimAsync(uid, new Claim(Claims.GoogleAuthSecret, model.SecretKey));
return(RedirectToAction("Index", "Manage"));
}
else
{
ModelState.AddModelError("Code", "The Code is not valid");
}
}
return(View(model));
}
public static bool DeleteUserClaims(string userName)
{
var isRemove = true;
var userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(userContext));
var userASP = userManager.FindByEmail(userName);
if (userASP == null)
{
return(false);
}
var claims = userManager.GetClaims(userASP.Id);
foreach (var claim in claims)
{
var response = userManager.RemoveClaim(userASP.Id, claim);
if (!response.Succeeded)
{
isRemove = false;
}
}
return(isRemove);
}
public JsonResult Get(string id)
{
UserCreateDTO result = null;
try
{
var user = UserManager.FindById(id);
if (user != null)
{
result = new UserCreateDTO();
result.Id = user.Id;
result.Email = user.Email;
result.Roles = UserManager.GetRoles(user.Id);
result.Claims = UserManager.GetClaims(user.Id)
.Select(t => new UserClaimDTO()
{
Key = t.Type, Value = t.Value
})
.ToList();
}
}
catch (Exception ex)
{
_logger.Error(ex);
}
return(Json(result, JsonRequestBehavior.AllowGet));
}
public JsonResult UserProfile()
{
UserProfileDTO dto = null;
if (User.Identity.IsAuthenticated)
{
dto = new UserProfileDTO();
var userId = User.Identity.GetUserId();
var user = UserManager.FindById(userId);
dto.Username = user.UserName;
dto.Roles = UserManager.GetRoles(userId);
var claims = UserManager.GetClaims(userId);
if (claims != null)
{
dto.Claims = claims
.Select(t => new UserClaimDTO()
{
Key = t.Type, Value = t.Value
})
.ToList();
}
dto.CanAwardQuote = Extensions.AuthHelper
.IsAllowed(dto.Roles, "QuoteMaster", "CreateNewAwardFromId", "POST");
dto.CanCreateComponent = Extensions.AuthHelper
.IsAllowed(dto.Roles, "ComponentList", "Create", "POST");
dto.CanUpdateComponent = Extensions.AuthHelper
.IsAllowed(dto.Roles, "ComponentList", "Update", "PUT");
}
return(Json(dto, JsonRequestBehavior.AllowGet));
}
public async Task <IHttpActionResult> AddClaimToUser(UserClaimBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var userId = model.UserId;
var claimType = model.Type;
var claimValue = model.Value;
ApplicationUser user = UserManager.FindById(userId);
if (user == null)
{
return(BadRequest("The user id does not exist: \"" + userId + "\""));
}
foreach (var claim in UserManager.GetClaims(user.Id).Where(c => c.Type == claimType))
{
UserManager.RemoveClaim(user.Id, claim);
}
var result = await UserManager.AddClaimAsync(user.Id, new Claim(claimType, claimValue));
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
return(Ok());
}
public ActionResult Getallclaimns()
{
//var x = User.Identity.GetUserId();
var a = UserManager.FindByName(User.Identity.Name);
ViewBag.Message = UserManager.GetClaims(a.Id);
return(View());
//return View(UserManager.GetClaims(User.Identity.GetUserId()));
}
public void CanGetClaims()
{
var user = CreateBasicUser();
UserManager.AddClaim(user.Id, _basicClaim);
var claims = UserManager.GetClaims(user.Id);
claims.Count.ShouldBe(1);
claims[0].Type.ShouldBe("test");
claims[0].Value.ShouldBe("testing");
}
public void AddClaim()
{
var userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(this._session));
var user = new ApplicationUser()
{
UserName = "******", Email = "*****@*****.**", EmailConfirmed = true
};
userManager.Create(user, "Welcome");
userManager.AddClaim(user.Id, new Claim(ClaimTypes.Role, "Admin"));
Assert.AreEqual(1, userManager.GetClaims(user.Id).Count());
}
public async Task <ActionResult> DisableGoogleAuthenticator()
{
var uid = User.Identity.GetUserId();
var user = await UserManager.FindByIdAsync(uid);
var googleAuthClaim = UserManager.GetClaims(uid).FirstOrDefault(x => x.Type == Claims.GoogleAuthSecret);
if (user != null && googleAuthClaim != null)
{
await UserManager.RemoveClaimAsync(uid, googleAuthClaim);
await SignInAsync(user, isPersistent : false);
}
return(RedirectToAction("Index", "Manage"));
}
public ActionResult PlaneViewers()
{
var dictionary = new Dictionary <string, List <string> >();
List <ApplicationUser> users = UserManager.Users.ToList();
foreach (ApplicationUser applicationUser in users)
{
List <string> planeAccesses = UserManager.GetClaims(applicationUser.Id).Select(c => c.Value).ToList();
dictionary.Add(applicationUser.Email, planeAccesses);
}
return(View(dictionary));
}
public void CanDeleteClaim()
{
var user = CreateBasicUser();
UserManager.AddClaim(user.Id, _basicClaim);
var claims = UserManager.GetClaims(user.Id);
claims.Count.ShouldBe(1);
UserManager.RemoveClaim(user.Id, _basicClaim);
UserManager.GetClaims(user.Id).Count.ShouldBe(0);
}
public void DeleteUserClaim(int userId, List <ApplicationUserClaim> claims)
{
var claimsAll = _userManager.GetClaims(userId);
var claimFilter = claims?
.Select(c => claimsAll.FirstOrDefault(d => d.Type == c.ClaimType && d.Value == c.ClaimValue))
.ToList();
foreach (var item in claimFilter)
{
if (item != null)
{
_userManager.RemoveClaim(userId, item);
}
}
}
public JsonResult chuyentheme(string theme)
{
var user = kiemtra.getUser(User.Identity.Name);
var userstore = new UserStore <ApplicationUser>(db);
var userManager = new UserManager <ApplicationUser>(userstore);
var userid = db.TaiKhoans.FirstOrDefault(x => x.UserName.Equals(user.UserName)).Id;
var claim = userManager.GetClaims(userid).FirstOrDefault(x => x.Type.Equals("MyApp:ThemeUrl"));
if (claim != null)
{
userManager.RemoveClaim(userid, claim);
}
userManager.AddClaim(userid, new Claim("MyApp:ThemeUrl", theme));
return(Json(new object { }));
}
private Dictionary <string, string> GeneratePayload(int userid)
{
Dictionary <string, string> payload = new Dictionary <string, string>();
Account user = _userManager.FindUserById(userid);
if (user == null)
{
throw new ArgumentException(
"There is no user with the given userid."
);
}
payload["userid"] = user.Id.ToString();
payload["username"] = user.UserName;
List <string> claims = _userManager.GetClaims(user.UserName);
string claimsJson = JsonConvert.SerializeObject(claims);
payload["claims"] = claimsJson;
return(payload);
}
private void populateUserVendors(UserViewModel model)
{
// get the assigned vendors for the user via claims
var userClaims = UserManager.GetClaims(model.Id);
var allVendors = _vendorService.GetAllVendors();
var vendorList = new List <ItemViewModel>();
foreach (var vendor in allVendors)
{
vendorList.Add(new ItemViewModel
{
Id = vendor.Id,
Name = vendor.Name,
IsSelected = userClaims.Any(x => x.Type == ClaimType.VENDOR &&
x.Value == vendor.Id.ToString())
});
}
model.VendorList = vendorList;
}
protected void UpdateRoles_Click(object sender, EventArgs e)
{
Button btn = sender as Button;
var userStore = new UserStore <IdentityUser>();
var manager = new UserManager <IdentityUser>(userStore);
var updateUser = manager.FindById(btn.CommandArgument);
//Remove the user from the currently selected role
var roles = manager.GetRoles(updateUser.Id);
if (roles.Count > 0)
{
foreach (var role in roles)
{
manager.RemoveFromRole(updateUser.Id, role);
}
var claims = manager.GetClaims(updateUser.Id);
foreach (var claim in claims)
{
manager.RemoveClaim(updateUser.Id, claim);
}
}
var selectedRoles = Roles_List.Items
.Cast <ListItem>()
.Where(n => n.Selected)
.ToList();
if (selectedRoles.Count > 0)
{
foreach (var selectedRole in selectedRoles)
{
manager.AddToRole(updateUser.Id, selectedRole.Text.Trim());
}
}
ScriptManager.RegisterStartupScript(Page, Page.GetType(), "updateRolesModal", "$('#updateRolesModal').modal('hide');", true);
}
public IHttpActionResult Delete(Account account)
{
//if (!ModelState.IsValid)
//{
// return BadRequest(ModelState);
//}
if (GetLoggedInEmail() != account.Email)
{
return(BadRequest("Deleting user other than self"));
}
//if (!role.Equals("student") && !role.Equals("teacher")/* && !role.Equals("employee")*/)
//{
// return BadRequest(role);
//}
// actually register
var userStore = new UserStore <IdentityUser>(new IdentityContext());
var userManager = new UserManager <IdentityUser>(userStore);
var user = userManager.Users.FirstOrDefault(u => u.UserName == account.Email);
if (user == null)
{
return(BadRequest());
}
userManager.RemoveClaim(user.Id, userManager.GetClaims(user.Id).FirstOrDefault());
userManager.Delete(user);
//login
//var authManager = Request.GetOwinContext().Authentication;
//var claimsIdentity = userManager.CreateIdentity(user, WebApiConfig.AuthenticationType);
//authManager.SignIn(new AuthenticationProperties { IsPersistent = true }, claimsIdentity);
Request.GetOwinContext().Authentication.SignOut(WebApiConfig.AuthenticationType);
return(Ok());
}
public ActionResult Permission()
{
var userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>());
var principal = HttpContext.User.Identity as ClaimsIdentity;
var userid = principal.GetUserId();
var vm = new List <ApplicationRoleViewModel>();
using (var context = new ApplicationDbContext())
{
var allroles = context.Roles.ToList();
var userClaims = userManager.GetClaims(userid).Select(c => new ApplicationRole
{
Name = c.Value
});
foreach (var role in allroles)
{
var appRole = role as ApplicationRole;
var temp = new ApplicationRoleViewModel
{
Id = appRole.Id,
Description = appRole.Description,
Name = appRole.Name,
RoleGroup = appRole.RoleGroup
};
temp.IsChecked = userClaims.Any(a => a.Name == appRole.Name) ? true : false;
vm.Add(temp);
}
var groupedvm = vm.GroupBy(k => k.RoleGroup).ToList();
return(View(groupedvm));
}
}
public HttpResponseMessage UpdateUserInfo(UpdateUserBindingModel model)
{
if (!ModelState.IsValid)
{
return(Request.CreateResponse(System.Net.HttpStatusCode.BadRequest, ModelState));
}
var user = UserManager.FindById(model.Id);
user.Email = model.Email;
var personNameClaim = user.Claims.FirstOrDefault(n => n.ClaimType == "personNameId");
if (personNameClaim != null)
{
int personNameId = Convert.ToInt32(personNameClaim.ClaimValue);
new PersonNameRepo().Update(new PersonName(personNameId, model.FirstName, model.LastName));
}
else
{
var newPersonName = new PersonName(model.FirstName, model.LastName);
new PersonNameRepo().Add(newPersonName);
foreach (var claim in UserManager.GetClaims(user.Id).Where(c => c.Type == "personNameId"))
{
UserManager.RemoveClaim(user.Id, claim);
}
UserManager.AddClaim(user.Id, new Claim("personNameId", newPersonName.Id.ToString()));
}
foreach (var claim in UserManager.GetClaims(user.Id).Where(c => c.Type == "organizationId"))
{
UserManager.RemoveClaim(user.Id, claim);
}
UserManager.AddClaim(user.Id, new Claim("organizationId", model.OrganizationId.ToString()));
return(Request.CreateResponse(System.Net.HttpStatusCode.OK, GetUser(user)));
}
public ActionResult UserEdit(string id, string returnUrl)
{
if (id == null)
{
return(RedirectToAction("NotFound", "Error"));
}
AdminUserEditViewResult result = new AdminUserEditViewResult();
var claims = UserManager.GetClaims(id);
var banned = claims.FirstOrDefault(m => m.Type == "Banned");
result.Roles = RoleManager.Roles.ToList();
result.User = UserManager.FindById(id);
result.returnUrl = returnUrl;
result.Banned = Convert.ToBoolean(result.User.Banned);
if (result.User != null)
{
return(View(result));
}
else
{
return(RedirectToAction("NotFound", "Error"));
}
}
public IHttpActionResult DeleteUserClaim(DeleteUserClaimBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var userId = model.UserId;
var claimType = model.Type;
ApplicationUser user = UserManager.FindById(userId);
if (user == null)
{
return(BadRequest("The user id does not exist: \"" + userId + "\""));
}
foreach (var claim in UserManager.GetClaims(user.Id).Where(c => c.Type == claimType))
{
UserManager.RemoveClaim(user.Id, claim);
}
return(Ok());
}
public static bool UpdateUserClaims(UserRequest user)
{
var isRemove = true;
var userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(userContext));
var userASP = userManager.FindByEmail(user.EMail);
if (userASP == null)
{
return(false);
}
var claims = userManager.GetClaims(userASP.Id);
if (!string.IsNullOrEmpty(user.FirstName))
{
var nameClaim = GetClaimByType(claims, ClaimTypes.GivenName);
if (nameClaim != null)
{
userManager.RemoveClaim(userASP.Id, (System.Security.Claims.Claim)nameClaim);
}
userManager.AddClaim(userASP.Id, new System.Security.Claims.Claim(ClaimTypes.GivenName, user.FirstName));
}
if (!string.IsNullOrEmpty(user.LastName))
{
var lastnameClaim = GetClaimByType(claims, ClaimTypes.Name);
if (lastnameClaim != null)
{
userManager.RemoveClaim(userASP.Id, (System.Security.Claims.Claim)lastnameClaim);
}
userManager.AddClaim(userASP.Id, new System.Security.Claims.Claim(ClaimTypes.Name, user.LastName));
}
if (user.ImageArray != null && user.ImageArray.Length > 0)
{
var imageClaim = GetClaimByType(claims, ClaimTypes.Uri);
if (imageClaim != null)
{
userManager.RemoveClaim(userASP.Id, (System.Security.Claims.Claim)imageClaim);
}
var stream = new MemoryStream(user.ImageArray);
var guid = Guid.NewGuid().ToString();
var file = $"{guid}.jpg";
var folder = "~/Content/Users";
var fullPath = $"{folder}/{file}";
var response = FilesHelper.UploadPhoto(stream, folder, file);
if (response)
{
user.ImagePath = fullPath;
}
userManager.AddClaim(userASP.Id, new System.Security.Claims.Claim(ClaimTypes.Uri, user.ImagePath));
}
userASP.EmailConfirmed = true;
return(isRemove);
}
public void AddClaim()
{
var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this._session));
var user = new ApplicationUser() { UserName = "******", Email = "*****@*****.**", EmailConfirmed = true };
userManager.Create(user, "Welcome");
userManager.AddClaim(user.Id, new Claim(ClaimTypes.Role, "Admin"));
Assert.AreEqual(1, userManager.GetClaims(user.Id).Count());
}
public string WhatIsMyWordpressToken()
{
//this shouldnt really exist, but this is a way to view the actual users wordpress token claim
return(UserManager.GetClaims(this.User.Identity.GetUserId()).Where(a => a.Type.Contains("wordpress:access_token")).Select(a => a.Value).FirstOrDefault() ?? string.Empty);
}
public void GetUserClaimSyncTest()
{
var db = UnitTestHelper.CreateDefaultDb();
var manager = new UserManager<IdentityUser>(new UserStore<IdentityUser>(db));
var user = new IdentityUser("u1");
var result = manager.Create(user);
UnitTestHelper.IsSuccess(result);
Assert.NotNull(user);
var claims = new[]
{
new Claim("c1", "v1"),
new Claim("c2", "v2"),
new Claim("c3", "v3")
};
foreach (Claim c in claims)
{
UnitTestHelper.IsSuccess(manager.AddClaim(user.Id, c));
}
var userClaims = new List<Claim>(manager.GetClaims(user.Id));
Assert.Equal(3, userClaims.Count);
foreach (Claim c in claims)
{
Assert.True(userClaims.Exists(u => u.Type == c.Type && u.Value == c.Value));
}
}
public static void InitializeMySqlDatabase()
{
// Ajout du compte superviseur et creation de la base si pas exister
using (var context = new ApplicationDbContext())
{
var userStore = new UserStore <ApplicationUser>(context);
var userManager = new UserManager <ApplicationUser>(userStore);
var userToInsert = new ApplicationUser {
UserName = "******", Email = "*****@*****.**", PhoneNumber = "0797697898"
};
var exist = userManager.FindByEmail("*****@*****.**");
if (exist == null)
{
userManager.Create(userToInsert, "pti.preu");
// ADD ROLE SUPERVISOR TO USER
var RoleManager = new RoleManager <IdentityRole>(new RoleStore <IdentityRole>(context));
if (!RoleManager.RoleExists("Supervisor"))
{
IdentityRole newRole = new IdentityRole("Supervisor");
IdentityResult result = RoleManager.CreateAsync(newRole).Result;
}
userManager.AddToRoleAsync(userToInsert.Id, "Supervisor");
}
}
// passage du fichier de migration
Space spaceSupervision = new Space();
using (var db = new MySqlIdentityDbContext())
{
string filPath = AppDomain.CurrentDomain.BaseDirectory + "/Migration/initializeQuery.sql";
string creationQuery = File.ReadAllText(filPath);
db.Database.ExecuteSqlCommand(creationQuery);
// Create Supervision space
if (db.Spaces.Where(a => a.Name == "Root").FirstOrDefault() == null)
{
spaceSupervision.Name = "Root";
db.Spaces.Add(spaceSupervision);
db.SaveChanges();
}
}
// Ajout de l'espace au compte superviseur
using (var context2 = new ApplicationDbContext())
{
var userStore = new UserStore <ApplicationUser>(context2);
var userManager = new UserManager <ApplicationUser>(userStore);
var exist = userManager.FindByEmail("*****@*****.**");
if (exist != null)
{
var claims = userManager.GetClaims(exist.Id);
var claim = claims.Where(a => a.Type == "SpaceId").FirstOrDefault();
if (claim == null)
{
userManager.AddClaim(exist.Id, new Claim("SpaceId", spaceSupervision.Id));
}
}
}
}
public IList <Claim> GetUserClaims(string userId)
{
return(_userManager.GetClaims(userId));
}
