public ActionResult Create()
{
var user = this.UserService.Create();
var privilege = new UserPrivilege();
return privilege.CanCreate(user) ? View(Views.Create, new UserAdminCreate()) : NotAuthorized();
}
private void btnAdd_Click(object sender, EventArgs e)
{
AddAccountPanel addPanel = new AddAccountPanel(privilegeManager);
addPanel.Dock = System.Windows.Forms.DockStyle.Fill;
TemplateForm addForm = new TemplateForm(@"添加账户", addPanel.Size);
addForm.AddContent(addPanel);
addForm.MaximizeBox = false;
addForm.MinimizeBox = false;
addForm.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
DialogResult result = addForm.ShowDialog();
if (result == DialogResult.OK)
{
UserPrivilege privilege = new UserPrivilege();
privilege.UserName = addPanel.UserName;
privilege.UserPwd = UserPrivilege.CreateMD5Hash(addPanel.UserPwd);
privilege.Privileges = Privilege.ALL;
if (privilegeManager.AddUser(privilege))
{
ListViewItem item = listBoxUsers.Items.Add(privilege.UserName);
item.Tag = privilege;
}
}
}
public async Task <IActionResult> PutUserPrivilege(int id, UserPrivilege userPrivilege)
{
if (id != userPrivilege.ID)
{
return(BadRequest());
}
_context.Entry(userPrivilege).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!UserPrivilegeExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(NoContent());
}
/*----------------------------------------------------------------------------------------------------------------------------------
* UserPrivileges
*---------------------------------------------------------------------------------------------------------------------------------*/
private questStatus create(FMSEntities dbContext, UserPrivilege userPrivilege, out UserPrivilegeId userPrivilegeId)
{
// Initialize
userPrivilegeId = null;
// Perform create
try
{
Quest.Services.Dbio.FMS.UserPrivileges _userPrivileges = new Quest.Services.Dbio.FMS.UserPrivileges();
_userPrivileges.PrivilegeId = userPrivilege.Privilege.Id;
_userPrivileges.UserId = userPrivilege.User.Id;
_userPrivileges.Created = DateTime.Now;
dbContext.UserPrivileges.Add(_userPrivileges);
dbContext.SaveChanges();
if (_userPrivileges.Id == 0)
{
return(new questStatus(Severity.Error, "UserPrivilege not created"));
}
userPrivilegeId = new UserPrivilegeId(_userPrivileges.Id);
}
catch (System.Exception ex)
{
return(new questStatus(Severity.Fatal, String.Format("EXCEPTION: {0}.{1}: {2}",
this.GetType().Name, MethodBase.GetCurrentMethod().Name,
ex.InnerException != null ? ex.InnerException.Message : ex.Message)));
}
return(new questStatus(Severity.Success));
}
protected override bool CanCreateRevoke(UserPrivilege privilege, IComparerContext context)
{
ITypeObjectNameKey primitiveType;
if (privilege.ObjectType.IsRelation || privilege.ObjectType.IsView)
{
primitiveType = privilege.Relation;
}
else if (privilege.ObjectType.IsProcedure)
{
primitiveType = privilege.Procedure;
}
else if (privilege.ObjectType.IsPackage)
{
primitiveType = privilege.Package;
}
else if (privilege.ObjectType.IsUDF)
{
primitiveType = privilege.Function;
}
else if (privilege.ObjectType.IsException)
{
primitiveType = privilege.DbException;
}
else if (privilege.ObjectType.IsGenerator)
{
primitiveType = privilege.Generator;
}
else
{
return(true);
}
return(!context.DroppedObjects.Contains(primitiveType.TypeObjectNameKey));
}
protected override void AddDefault(UserPrivilege privilege, Command command)
{
if (privilege.FieldName == "D")
{
command.Append(" DEFAULT");
}
}
private UserPrivilege CreateObject(IDataReader oReader, bool IsDefault)
{
UserPrivilege objUserPrivilege = new UserPrivilege();
NullManager reader = new NullManager(oReader);
try
{
objUserPrivilege.UserID = reader.GetInt32("UserID");
objUserPrivilege.FriendlyName = reader.GetString("FriendlyName");
objUserPrivilege.CompanyID = reader.GetInt32("CompanyID");
if (!IsDefault)
{
objUserPrivilege.CanEdit = (int)reader.GetByte("CanEdit");
objUserPrivilege.CanDelete = (int)reader.GetByte("CanDelete");
objUserPrivilege.CanAdd = (int)reader.GetByte("CanAdd");
objUserPrivilege.CanView = (int)reader.GetByte("CanView");
}
}
catch (Exception Ex)
{
throw new Exception("Error while creating object" + Ex.Message);
}
return(objUserPrivilege);
}
private void btnLogin_Click(object sender, EventArgs e)
{
string userName = textBoxUserName.Text.Trim();
string userPwd = textBoxPassword.Text;
bool valid = false;
if (userName == "admin" && userPwd == "qaz123")
{
IsAdmin = true;
Privileges = Privilege.ALL;
valid = true;
}
else
{
// 需要数据库验证
IsAdmin = false;
UserPrivilege privilege = privilegeManager.GetUser(userName, UserPrivilege.CreateMD5Hash(userPwd));
if (privilege != null)
{
valid = true;
Privileges = privilege.Privileges;
}
}
if (valid)
{
privilegeManager.LoggedUser = userName;
this.ParentForm.DialogResult = DialogResult.OK;
}
else
{
MessageBox.Show(@"账号密码错误,请重新输入");
}
}
private void Write(UserPrivilege privilege, string overrideType = null)
{
var typeText = overrideType ?? privilege.FormatPrivilege();
var relationName = privilege.FormatRelationName();
_writer.WriteLine($"GRANT {typeText} ON {relationName} TO {privilege.FormatUserObject()}");
}
public static string GetUserPrivilege(UserPrivilege privilege)
{
string userRole = string.Empty;
switch (privilege)
{
case UserPrivilege.ROLE_GENERAL_USER:
userRole = "General user";
break;
case UserPrivilege.ROLE_SUPER_USER:
userRole = "Super user";
break;
case UserPrivilege.ROLE_ENROLL_USER:
userRole = "Enroll user";
break;
case UserPrivilege.ROLE_VIEW_USER:
userRole = "View user";
break;
case UserPrivilege.ROLE_CUSTOMER:
userRole = "Customer";
break;
}
return(userRole);
}
public Identity GetIdentity(ICommunicationMessage e)
{
UserPrivilege up = null;
List <Character> Characters = new List <Character>();
using (var context = new StorageContext())
{
up = new UserPrivilege(context, e.User.License);
try
{
context.UserPrivileges.Add(up);
context.SaveChanges();
}
catch (Exception ex)
{
this.Logger.Debug($"MySql Error 1: {ex.Message}"); // Likely thrown by a dupiclate value... logging just in case
}
try
{
Characters = context.Characters.Where(a => a.UserId == up.UserId).ToList();
}
catch (Exception ex)
{
this.Logger.Debug($"MySql Error 2: {ex.Message}");
}
}
List <Shared.CharacterData> CharactersData = MapTo.CharacterData(Characters);
Identity id = MapTo.Identity(up, CharactersData);
return(id);
}
private questStatus update(FMSEntities dbContext, UserPrivilege userPrivilege)
{
// Initialize
questStatus status = null;
try
{
// Read the record.
UserPrivilegeId userPrivilegeId = new UserPrivilegeId(userPrivilege.Id);
Quest.Services.Dbio.FMS.UserPrivileges _userPrivileges = null;
status = read(dbContext, userPrivilegeId, out _userPrivileges);
if (!questStatusDef.IsSuccess(status))
{
return(status);
}
// Update the record.
BufferMgr.TransferBuffer(userPrivilege, _userPrivileges);
dbContext.SaveChanges();
}
catch (System.Exception ex)
{
return(new questStatus(Severity.Fatal, String.Format("EXCEPTION: {0}.{1}: {2}",
this.GetType().Name, MethodBase.GetCurrentMethod().Name,
ex.InnerException != null ? ex.InnerException.Message : ex.Message)));
}
return(new questStatus(Severity.Success));
}
public override void Initialize()
{
m_UserPrivileges =
Execute(CommandText)
.Select(o => UserPrivilege.CreateFrom(SqlHelper, o))
.ToList();
}
public User(Guid i, string n, string p, string av, UserPrivilege up)
{
id = i;
name = n;
passwordHash = p;
avatarGridName = av;
userPrivilege = up;
}
protected virtual void AddGrantedBy(UserPrivilege privilege, Command command)
{
if (command != null && !command.IsEmpty)
{
command.AppendLine();
command.Append($" GRANTED BY {privilege.Grantor.AsSqlIndentifier()}");
}
}
public async Task <ActionResult <UserPrivilege> > PostUserPrivilege(UserPrivilege userPrivilege)
{
Console.WriteLine("PrivilegeID : " + userPrivilege.PrivilegeID);
_context.UserPrivileges.Add(userPrivilege);
await _context.SaveChangesAsync();
return(CreatedAtAction("GetUserPrivilege", new { id = userPrivilege.ID }, userPrivilege));
}
protected override Command CreateRevoke(UserPrivilege privilege, IComparerContext context)
{
Command command;
switch (privilege.Privilege)
{
case Privilege.USAGE:
{
// Syntax:
// REVOKE USAGE ON < object type > < name > FROM < grantee list > [< granted by clause >]
// <object type> ::= {DOMAIN | EXCEPTION | GENERATOR | SEQUENCE | CHARACTER SET | COLLATION}
if (!privilege.IsSystemGeneratedObject)
{
command = new Command();
command.Append($"REVOKE USAGE ON {privilege.ObjectType.ToDescription()} {privilege.ObjectName.AsSqlIndentifier()} FROM {privilege.User.AsSqlIndentifier()}");
// see \src\dsql\parse.y line 840 (release 3.0.2)
// only EXECEPTION, GENERATOR is parsed for the moment, but not clearly in the documentation
// reported
if (privilege.ObjectType != ObjectType.EXCEPTION && privilege.ObjectType != ObjectType.GENERATOR)
{
command = null;
}
}
else
{
command = null;
}
break;
}
case Privilege.CREATE:
case Privilege.ALTER:
case Privilege.DROP:
{
// Syntax:
// REVOKE[GRANT OPTION FOR] CREATE < object - type >
// FROM[USER | ROLE] < user - name > | < role - name >;
// REVOKE[GRANT OPTION FOR] ALTER ANY<object-type >
// FROM[USER | ROLE] < user - name > | < role - name >;
// REVOKE[GRANT OPTION FOR] DROP ANY<object-type >
// FROM[USER | ROLE] < user - name > | < role - name >;
command = new Command();
command.Append(
privilege.Privilege == Privilege.CREATE
? $"REVOKE {privilege.Privilege.ToDescription()} {privilege.ObjectType.ToDescription()} FROM {privilege.UserType.ToDescription()} {privilege.User}"
: $"REVOKE {privilege.Privilege.ToDescription()} ANY {privilege.ObjectType.ToDescription()} FROM {privilege.UserType.ToDescription()} {privilege.User}");
break;
}
default:
command = base.CreateRevoke(privilege, context);
break;
}
return(command);
}
/// <summary>
/// The filtering.
/// </summary>
/// <param name="query">
/// The query.
/// </param>
/// <param name="filter">
/// The filter.
/// </param>
/// <returns>
/// The <see cref="IQueryOver"/>.
/// </returns>
public override IQueryOver <Acatalog, Acatalog> Filtering(IQueryOver <Acatalog, Acatalog> query, AcatalogFilter filter)
{
if (!string.IsNullOrEmpty(filter.Name))
{
query.WhereRestrictionOn(x => x.Name).IsLike(filter.Name);
}
if (filter.SectionOfSystem != null && !string.IsNullOrWhiteSpace(filter.SectionOfSystem.UnitCode))
{
query.JoinQueryOver(x => x.SectionOfSystem, JoinType.LeftOuterJoin)
.Where(x => x.Rn == filter.SectionOfSystem.UnitCode);
}
if (filter.UserPrivilege != null)
{
UserPrivilege userPrivilegeALias = null;
query.JoinAlias(x => x.UserPrivileges, () => userPrivilegeALias);
query.JoinQueryOver(() => userPrivilegeALias.Role, JoinType.InnerJoin);
if (filter.UserPrivilege.Role != null)
{
if (filter.UserPrivilege.Role.Rn != 0)
{
query.Where(() => userPrivilegeALias.Role.Rn == filter.UserPrivilege.Role.Rn);
}
if (filter.UserPrivilege.Role.UserRoles != null)
{
UserRole userRoleAlias = null;
query.JoinAlias(() => userPrivilegeALias.Role.UserRoles, () => userRoleAlias)
.EqualsUser(x => userRoleAlias.UserList.AUTHID);
// var fil = Restrictions.EqProperty(
// Projections.SqlFunction("User", NHibernateUtil.String),
// Projections.Property<UserRole>(x => userRoleAlias.UserList.AUTHID));
// query.Where(fil);
}
}
if (filter.UserPrivilege.UnitFunction != null)
{
UnitFunction unitfuncAlias = null;
query.JoinAlias(() => userPrivilegeALias.UnitFunctions, () => unitfuncAlias);
query.Where(x => unitfuncAlias.Standard == filter.UserPrivilege.UnitFunction.Standard);
if (filter.UserPrivilege.UnitFunction.SectionOfSystemUnitcode != null)
{
query.JoinQueryOver(() => unitfuncAlias.SectionOfSystemUnitcode, JoinType.InnerJoin);
if (!string.IsNullOrWhiteSpace(filter.UserPrivilege.UnitFunction.SectionOfSystemUnitcode.UnitCode))
{
query.Where(x => unitfuncAlias.SectionOfSystemUnitcode.Rn == filter.UserPrivilege.UnitFunction.SectionOfSystemUnitcode.UnitCode);
}
}
}
}
return(query);
}
protected virtual Command CreateRevoke(UserPrivilege privilege, IComparerContext context)
{
var command = new Command();
command.Append(
privilege.Privilege == Privilege.Member
? $"REVOKE {privilege.ObjectName.AsSqlIndentifier()} FROM {privilege.User.AsSqlIndentifier()}"
: $"REVOKE {CreatePrivilegeName(privilege)} ON {privilege.ObjectType.ToSqlObject()} {privilege.ObjectName.AsSqlIndentifier()} FROM {CreateToObjectName(privilege)}");
return(command);
}
public void RemovePrivilegeFromUser(string userId, string privilege)
{
UserPrivilege userPrivilege = this.GetUserPrivilege(userId, privilege);
if (userPrivilege != null)
{
DeleteObject(userPrivilege);
SaveChanges();
}
}
protected virtual void AddWithOption(UserPrivilege privilege, Command command)
{
if (command != null && !command.IsEmpty && privilege.GrantOption)
{
command.AppendLine();
command.Append(
privilege.Privilege == Privilege.Member
? " WITH ADMIN OPTION"
: " WITH GRANT OPTION");
}
}
protected virtual string CreatePrivilegeName(UserPrivilege userPrivilege)
{
var builder = new StringBuilder();
builder.Append(userPrivilege.Privilege.ToDescription());
if (userPrivilege.FieldName != null)
{
builder.Append($"({userPrivilege.FieldName.AsSqlIndentifier()})");
}
return(builder.ToString());
}
protected override string CreateUserName(UserPrivilege userPrivilege)
{
if (userPrivilege.UserType.IsSystemPrivilege)
{
return(SqlHelper.SystemPrivilegeString(int.Parse(userPrivilege.User.ToString())));
}
else
{
return(userPrivilege.User.AsSqlIndentifier());
}
}
protected virtual string CreateToObjectName(UserPrivilege userPrivilege)
{
var builder = new StringBuilder();
if (!(userPrivilege.UserType.IsUser || userPrivilege.UserType.IsRole))
{
builder.Append(userPrivilege.UserType.ToSqlObject());
builder.Append(" ");
}
builder.Append(CreateUserName(userPrivilege));
return(builder.ToString());
}
protected virtual string CreateToObjectName(UserPrivilege userPrivilege)
{
var builder = new StringBuilder();
if (!(userPrivilege.UserType == ObjectType.USER || userPrivilege.UserType == ObjectType.ROLE))
{
builder.Append(userPrivilege.UserType.ToDescription());
builder.Append(" ");
}
builder.Append(userPrivilege.User.AsSqlIndentifier());
return(builder.ToString());
}
protected virtual Command CreateGrant(UserPrivilege privilege, IComparerContext context)
{
var command = new Command();
command.Append(
privilege.Privilege == Privilege.MEMBER
? $"GRANT {privilege.ObjectName.AsSqlIndentifier()} TO {privilege.User.AsSqlIndentifier()}"
: $"GRANT {CreatePrivilegeName(privilege)} ON {privilege.ObjectType.ToDescription()} {privilege.ObjectName.AsSqlIndentifier()} TO {CreateToObjectName(privilege)}");
AddWithOption(privilege, command);
AddGrantedBy(privilege, command);
return(command);
}
/// <summary>
/// Creates a/an UserPrivilege.
/// </summary>
/// <param name="entity"></param>
/// <returns>Returns the UserPrivilege that was created in the database.</returns>
public UserPrivilege CreateUserPrivilege(UserPrivilege entity)
{
try
{
return(repo.Create <UserPrivilege>(entity));
}
catch (Exception ex)
{
repo.LogError(ex);
throw ex;
}
}
private bool Isadmin()
{
string GetUserName = LoginCredentials.LoggedEmailId.Substring(0, LoginCredentials.LoggedEmailId.LastIndexOf('@'));
if (UserPrivilege.Isadmin(GetUserName))
{
return(true);
}
else
{
return(false);
}
}
public static Identity Identity(UserPrivilege up, List <CharacterData> cd)
{
Identity id = new Identity();
id.UserId = up.UserId;
id.AuthorityLevel = up.AuthorityLevel;
id.PoliceRank = up.PoliceRank;
id.EMSRank = up.EMSRank;
id.AccessLevel = up.AccessLevel;
id.Characters = cd;
return(id);
}
private void Login()
{
//if (txtPassword.Text != "")
//{
// if (maskedPassword!="")
// {
// maskedPassword = txtPassword.Text.ToLower();
// }
// txtPassword.Text = "*****";
//}
if (txtUSerEmail.Text != "" && txtPassword.Text != "")
{
if (maskedPassword == null)
{
MessageBox.Show("Password readed as empty");
return;
}
if (UserPrivilege.IsValidUser(txtUSerEmail.Text.ToLower().Trim(), maskedPassword.Trim()))
{
LoginCredentials.LoggedEmailId = txtUSerEmail.Text.ToLower();
List <Form> forms = new List <Form>();
// All opened myForm instances
foreach (Form f in Application.OpenForms)
{
forms.Add(f);
}
// Now let's close opened myForm instances
foreach (Form f in forms)
{
f.Hide();
}
RememberMe();
Mailbox _mailbox = new Mailbox();
_mailbox.Show();
}
else
{
MessageBox.Show("Invalid credentials or invalid user ", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
else
{
MessageBox.Show("Mandatory fields cannot be empty ", "Warning", MessageBoxButtons.OK, MessageBoxIcon.Warning);
}
}
public async Task <IActionResult> Register([FromBody] UserForRegisterDto userForRegisterDto)
{
// Validating request
userForRegisterDto.Email = userForRegisterDto.Email.ToLower();
if (await _repo.UserExists(userForRegisterDto.Email))
{
return(BadRequest("Email already exists"));
}
if (userForRegisterDto.CIN != null)
{
if (await _repo.CinExists(userForRegisterDto.CIN))
{
return(BadRequest("CIN already exists"));
}
}
if (userForRegisterDto.CNE != null)
{
if (await _repo.UserExists(userForRegisterDto.CNE))
{
return(BadRequest("CNE already exists"));
}
}
var userToCreate = new User {
Email = userForRegisterDto.Email,
CIN = userForRegisterDto.CIN,
CNE = userForRegisterDto.CNE,
FirstName = userForRegisterDto.FirstName,
LastName = userForRegisterDto.LastName,
CodeAppoge = userForRegisterDto.CodeAppoge,
date_birth = userForRegisterDto.date_birth
};
var createdUser = await _repo.Register(userToCreate, userForRegisterDto.Password);
var userPrivilege = new UserPrivilege {
UserID = createdUser.ID,
PrivilegeID = 4
};
var createdUserPrivilege = await this._context.UserPrivileges.AddAsync(userPrivilege);
await _context.SaveChangesAsync();
return(StatusCode(201));
}
private static void CreateUserPrivilegeTable(CloudTableClient cloudTableClient)
{
cloudTableClient.CreateTableIfNotExist(PrivilegesTableServiceContext.UserPrivilegeTableName);
// Execute conditionally for development storage only.
if (cloudTableClient.BaseUri.IsLoopback)
{
TableServiceContext context = cloudTableClient.GetDataServiceContext();
var entity = new UserPrivilege { UserId = "UserId", Privilege = "Privilege" };
context.AddObject(PrivilegesTableServiceContext.UserPrivilegeTableName, entity);
context.SaveChangesWithRetries();
context.DeleteObject(entity);
context.SaveChangesWithRetries();
}
}
public ActionResult Update()
{
var user = this.UserService.GetById(Identity.Id);
if (user == null)
{
return base.HttpNotFound();
}
var privilege = new UserPrivilege();
if (!privilege.CanUpdate(user))
{
return NotAuthorized();
}
var value = new UserPreferenceUpdate(user.Preference);
value.Initialize();
return base.View(Views.Update, value);
}
public ActionResult Reset(UserAuthenticationReset value)
{
if (value == null)
{
throw new ArgumentNullException("value");
}
var user = this.UserService.GetById(value.Id);
if (user == null)
{
return HttpNotFound();
}
var privilege = new UserPrivilege();
if (!privilege.CanUpdateAny(user))
{
return NotAuthorized();
}
value.Validate();
if (value.IsValid)
{
this.AuthenticationService.Reset(user);
var model = new UserAdminUpdate(user);
model.SuccessMessage(Messages.UserPasswordReset.FormatInvariant(user.Name));
return base.View(Views.Update, model);
}
value.CopyToModel(ModelState);
value.Initialize(user);
return base.View(Views.Reset, value);
}
public ActionResult Reset(int id)
{
var user = this.UserService.GetById(id);
if (user == null)
{
return HttpNotFound();
}
var privilege = new UserPrivilege();
if (!privilege.CanUpdateAny(user))
{
return NotAuthorized();
}
var value = new UserAuthenticationReset();
value.Initialize(user);
return View(Views.Reset, value);
}
public ActionResult Index(string status, SortUser sort, SortOrder order, int? page)
{
var query = new HomeQuery(status, sort, order, page);
var users = UserService.GetPaged(query.Specification);
var user = users.FirstOrDefault();
var privilege = new UserPrivilege();
return privilege.CanViewAny(user) ? View(Views.Index, users) : NotAuthorized();
}
public User(string username, string name, UserPrivilege privilege) : this(username, name)
{
Privilege = privilege;
}
public ActionResult Update(UserPreferenceUpdate value)
{
if (value == null)
{
throw new ArgumentNullException("value");
}
var user = this.UserService.GetById(Identity.Id);
if (user == null)
{
return base.HttpNotFound();
}
var privilege = new UserPrivilege();
if (!privilege.CanUpdate(user))
{
return NotAuthorized();
}
value.Initialize();
value.Validate();
if (value.IsValid)
{
value.ValueToModel(user.Preference);
this.UserService.UpdatePreference(user.Preference);
value.SuccessMessage(Messages.UserAccountPreferenceUpdated);
}
else
{
value.CopyToModel(ModelState);
}
return base.View(Views.Update, value);
}
public ActionResult Privilege(UserRolePrivilegeUpdate value)
{
var user = this.UserService.GetById(value.UserId);
if (user == null)
{
return base.HttpNotFound();
}
var privilege = new UserPrivilege();
if (!privilege.CanUpdateAny(user))
{
return NotAuthorized();
}
this.UserRoleService.UpdatePrivileges(user, value.Values);
value.SuccessMessage(Messages.UserPrivilegeUpdated.FormatInvariant(user.Name));
var roles = this.UserRoleService.GetAll();
var privileges = this.UserRoleService.GetPrivileges(new UserRoleRelationUserSpecification(user.Id));
value.Initialize(user, roles, privileges);
value.SuccessMessage(Messages.UserPrivilegeUpdated.FormatInvariant(user.Name));
return base.View(Views.Privilege, value);
}
public ActionResult Privilege(int id)
{
var user = this.UserService.GetById(id);
if (user == null)
{
return base.HttpNotFound();
}
var privilege = new UserPrivilege();
if (!privilege.CanUpdateAny(user))
{
return NotAuthorized();
}
var roles = this.UserRoleService.GetAll();
var privileges = this.UserRoleService.GetPrivileges(new UserRoleRelationUserSpecification(user.Id));
var value = new UserRolePrivilegeUpdate();
value.Initialize(user, roles, privileges);
return base.View(Views.Privilege, value);
}
public ActionResult Update(int id)
{
var user = this.UserService.GetById(id);
if (user == null)
{
return HttpNotFound();
}
var privilege = new UserPrivilege();
return privilege.CanUpdateAny(user) ? View(Views.Update, new UserAdminUpdate(user)) : NotAuthorized();
}
public ActionResult Update(UserAdminUpdate value)
{
if (value == null)
{
throw new ArgumentNullException("value");
}
var user = this.UserService.GetById(value.Id);
if (user == null)
{
return HttpNotFound();
}
var privilege = new UserPrivilege();
if (!privilege.CanUpdateAny(user))
{
return NotAuthorized();
}
value.Validate();
if (value.IsValid)
{
// value to user
value.ValueToModel(user);
// update user
this.UserService.Update(user);
// update password if needed
if (!string.IsNullOrEmpty(value.Password))
{
this.AuthenticationService.Update(user, value.Password);
}
// preference
var preference = user.Preference;
// value to preference
value.ValueToPreference(preference);
// update user preference
this.UserService.UpdatePreference(preference);
value.SuccessMessage(Messages.UserUpdated.FormatInvariant(user.Name));
}
else
{
value.CopyToModel(ModelState);
}
return base.View(Views.Update, value);
}
private void ResetPrivilege()
{
string checkList = Request.Params["CheckInputValue"];
string userId = Request.Params["Id"];
string userType = Request.Params["UserType"];
if (!string.IsNullOrEmpty(userId) && Public.IsNumber(userId))
{
if (!string.IsNullOrEmpty(checkList))
{
checkList = "," + checkList + ",";
}
Hashtable hs = new Hashtable();
hs.Add("UserID", userId);
hs.Add("UserType", userType);
UserPrivilege userPrivilege = new UserPrivilege();
if (userPrivilege.IsExist(hs))
{
userPrivilege.Update(
"UserPrivilegeList='" + checkList + "'",
" and UserID='" + userId + "' and UserType='" + userType + "'");
Response.Write("\"returnval\":\"1\",\"returnstr\":\"权限更新成功!\"");
Response.End();
}
else
{
userPrivilege.UserID = Convert.ToInt32(userId);
userPrivilege.UserType = userType;
userPrivilege.UserPrivilegeList = checkList;
userPrivilege.Insert();
Response.Write("\"returnval\":\"1\",\"returnstr\":\"权限设置成功!\"");
Response.End();
}
}
else
{
Response.Write("\"returnval\":\"0\"");
Response.End();
}
}
public ActionResult Create(UserAdminCreate value)
{
if (value == null)
{
throw new ArgumentNullException("value");
}
var user = this.UserService.Create();
var privilege = new UserPrivilege();
if (!privilege.CanCreate(user))
{
return NotAuthorized();
}
value.Validate();
if (value.IsValid)
{
value.ValueToModel(user);
this.UserService.Insert(user, value.Preference);
var model = new UserAdminUpdate(user);
model.SuccessMessage(Messages.UserCreated.FormatInvariant(user.Name));
return base.View(Views.Update, model);
}
value.CopyToModel(ModelState);
return base.View(Views.Create, value);
}
public User(string username, string name)
{
Username = username;
Name = name;
Privilege = UserPrivilege.REGULAR;
}
