Пример #1
0
        public PagedResponse <AppUserRole> GetAllUserRolesSearch(int pageIndex, int pageSize, string q)
        {
            PagedResponse <AppUserRole> pagedResponse = new PagedResponse <AppUserRole>();
            int totalRows = 0;
            List <AppUserRole> UserList = new List <AppUserRole>();

            dataProvider.ExecuteCmd(
                "AppUser_Selected_Roles_Search",
                (parameters) =>
            {
                parameters.AddWithValue("@pageIndex", pageIndex);
                parameters.AddWithValue("@pageSize", pageSize);
                parameters.AddWithValue("@Search", q);
            },
                (reader, resultSetIndex) =>
            {
                AppUserRole appUser   = new AppUserRole();
                appUser.Id            = (int)reader["Id"];
                appUser.FirstName     = (string)reader["FirstName"];
                appUser.LastName      = (string)reader["LastName"];
                appUser.Email         = (string)reader["Email"];
                appUser.Admin         = (bool)reader["Admin"];
                appUser.AgencyRep     = (bool)reader["AgencyRep"];
                appUser.BusinessOwner = (bool)reader["BusinessOwner"];

                UserList.Add(appUser);
                totalRows = (int)reader["TotalRows"];
            });
            pagedResponse.TotalCount = totalRows;
            pagedResponse.PagedItems = UserList;
            return(pagedResponse);
        }
Пример #2
0
 public static void ConfigureAppModel(this ModelBuilder builder)
 {
     AppUserProfile.ConfigureFluent(builder);
     AppUserBank.ConfigureFluent(builder);
     AppUserRole.ConfigureFluent(builder);
     AppUserFile.ConfigureFluent(builder);
     Bank.ConfigureFluent(builder);
     Country.ConfigureFluent(builder);
     State.ConfigureFluent(builder);
     LGA.ConfigureFluent(builder);
     Staff.ConfigureFluent(builder);
     Supplier.ConfigureFluent(builder);
     BillPayable.ConfigureFluent(builder);
     BillReceivable.ConfigureFluent(builder);
     Journal.ConfigureFluent(builder);
     JournalLineItem.ConfigureFluent(builder);
     Payment.ConfigureFluent(builder);
     Receipt.ConfigureFluent(builder);
     PayableWorkFlow.ConfigureFluent(builder);
     ReceivableWorkFlow.ConfigureFluent(builder);
     AccountGroup.ConfigureFluent(builder);
     AccountSubType.ConfigureFluent(builder);
     LineItem.ConfigureFluent(builder);
     BankAccount.ConfigureFluent(builder);
     AppData.ConfigureFluent(builder);
 }
Пример #3
0
        /// <summary>
        ///  Get project Id from controller, get project from repository and if project exist - delete id.
        ///  Only Owner can delete.
        /// </summary>
        /// <param name="projectId">Project id</param>
        /// <param name="userId">User id</param>
        /// <returns>Project response with message</returns>
        /// <exception cref="ForbiddenResponseException"> IF user don't have access to delete project</exception>
        public async Task <ProjectResponse> DeleteAsync(int projectId, string userId)
        {
            AppUserRole role = await _projectUserRepository.GetRoleOfMember(userId, projectId);

            if (!this.CanChangeProject(role))
            {
                throw new ForbiddenResponseException("Only owner can delete a project");
            }

            Project existingProject = await _projectRepository.GetByIdAsync(projectId);

            if (existingProject == null)
            {
                return(new ProjectResponse("Project not found"));
            }
            try
            {
                await _projectRepository.DeleteAsync(projectId);

                ProjectDto projectDto = _mapper.Map <Project, ProjectDto>(existingProject);
                return(new ProjectResponse(projectDto));
            }
            catch (Exception)
            {
                return(new ProjectResponse($"An error occurred when deleting the project"));
            }
        }
Пример #4
0
        /// <summary>
        /// Get projectDto from controller, map it , get role of user, and get existing project from repository. After that check access to make an update.
        /// Only owner of project can update.
        /// </summary>
        /// <param name="projectDto">Project to update</param>
        /// <param name="userId">User id</param>
        /// <returns>Project response with message</returns>
        /// <exception cref="ForbiddenResponseException">IF user don't have access to do this update</exception>
        public async Task <ProjectResponse> UpdateAsync(ProjectDto projectDto, string userId)
        {
            AppUserRole role = await _projectUserRepository.GetRoleOfMember(userId, projectDto.Id);

            if (!this.CanChangeProject(role))
            {
                throw new ForbiddenResponseException("Only owner can update a project");
            }


            Project existingProject = await _projectRepository.GetByIdAsync(projectDto.Id);

            if (existingProject == null)
            {
                return(new ProjectResponse("Project not found"));
            }

            existingProject.Name        = projectDto.Name;
            existingProject.Description = projectDto.Description;

            await _projectRepository.UpdateAsync(existingProject);

            var existingProjectDto = _mapper.Map <Project, ProjectDto>(existingProject);

            return(new ProjectResponse(existingProjectDto));
        }
Пример #5
0
        public async Task <IActionResult> Edit(string id, [Bind("UserId,RoleId")] AppUserRole appUserRole)
        {
            if (id != appUserRole.UserId)
            {
                return(NotFound());
            }

            if (ModelState.IsValid)
            {
                try
                {
                    _context.Update(appUserRole);
                    await _context.SaveChangesAsync();
                }
                catch (DbUpdateConcurrencyException)
                {
                    if (!AppUserRoleExists(appUserRole.UserId))
                    {
                        return(NotFound());
                    }
                    else
                    {
                        throw;
                    }
                }
                return(RedirectToAction(nameof(Index)));
            }
            ViewData["RoleId"] = new SelectList(_context.Roles.OrderBy(a => a.Name), "Id", "Name", appUserRole.RoleId);
            ViewData["UserId"] = new SelectList(_context.Users.OrderBy(a => a.Nome), "Id", "Nome", appUserRole.UserId);
            return(View(appUserRole));
        }
Пример #6
0
        /// <summary>
        ///  Determines if user is in a role.
        /// </summary>
        /// <param name="email"></param>
        /// <param name="role"></param>
        /// <returns></returns>
        public bool IsInRole(string email, AppUserRole role)
        {
            using (var userStore = new UserStore <CCGAppUser>(context))
                using (var userManager = new ApplicationUserManager(userStore))
                {
                    var user = userManager.Users.SingleOrDefault(u => u.Email.Equals(email));
                    if (user == null)
                    {
                        return(false);
                    }

                    switch (role)
                    {
                    case AppUserRole.Admin:
                        return(userManager.IsInRole(user.Id, AuthHelper.Admin));

                    case AppUserRole.DeaconLeadership:
                        return(userManager.IsInRole(user.Id, AuthHelper.DeaconLeadership));

                    case AppUserRole.Deacon:
                        return(userManager.IsInRole(user.Id, AuthHelper.Deacon));

                    case AppUserRole.Pastor:
                        return(userManager.IsInRole(user.Id, AuthHelper.Pastor));

                    case AppUserRole.None:
                    default:
                        return(false);
                    }
                }
        }
Пример #7
0
        public bool SaveRole(RoleUserModel model)
        {
            try
            {
                AppUserRole tbl = new AppUserRole();

                if (model.Id > 0)
                {
                    tbl        = db.AppUserRoles.Find(model.Id);
                    tbl.RoleId = model.RoleId;
                    tbl.UserId = model.UserId;
                    db.SaveChanges();
                }
                else
                {
                    tbl.RoleId = model.RoleId;
                    tbl.UserId = model.UserId;
                    db.AppUserRoles.Add(tbl);
                    db.SaveChanges();
                }
                return(true);
            }
            catch {
                return(false);
            }
        }
Пример #8
0
        private void AddAppUsers(MainDatabaseContext context)
        {
            SystemUser sysAdmin = context.SystemUsers.Where(x => x.Name == SystemUsers.SystemUserName).FirstOrDefault();

            if (!context.AppUsers.Any())
            {
                Language polish       = context.Languages.FirstOrDefault(x => x.LanguageDictionary == LanguageDictionary.Polish);
                AppRole  adminRole    = context.AppRoles.FirstOrDefault(x => x.AppRoleType == AppRoleType.Administrator);
                string   currentlogin = $"{Environment.MachineName}\\{Environment.UserName}";

                var admin = new AppUser()
                {
                    CreatedById = sysAdmin.Id,
                    CreatedDate = DateTime.Now,
                    Email       = "*****@*****.**",
                    IsActive    = true,
                    LastName    = "Administrator",
                    FirstName   = "",
                    LanguageId  = polish.Id,
                    Login       = currentlogin
                };
                context.AppUsers.Add(admin);

                var adminAdmin = new AppUserRole()
                {
                    CreatedById = sysAdmin.Id,
                    CreatedDate = DateTime.Now,
                    AppRole     = adminRole,
                    AppUser     = admin
                };
                context.AppUserRoles.Add(adminAdmin);

                context.SaveChanges();
            }
        }
Пример #9
0
        public static bool CanChangeRoleOfMember(this AppUserRole caller, AppUserRole oldRole, AppUserRole newRole)
        {
            if (caller.IsNone() || oldRole.IsNone() || newRole.IsNone())
            {
                return(false);
            }
            if (!HasPermissionsToChangeRoleOfMember(caller))
            {
                return(false);
            }
            if (oldRole == newRole)
            {
                return(false);
            }
            if (oldRole.IsOwner() || newRole.IsOwner())
            {
                return(false);
            }
            if ((oldRole.IsScrumMaster() || newRole.IsScrumMaster()) && !caller.IsOwner())
            {
                return(false);
            }

            return(true);
        }
Пример #10
0
 public static bool IsInRole(string email, AppUserRole role)
 {
     using (var unitOfWork = new UnitOfWork())
     {
         return(unitOfWork.AppUserRepository.IsInRole(email, role));
     }
 }
Пример #11
0
        public ActionResult AddUser(AdminUserEditModel model, string[] selectRoles)
        {
            var user = new AppUser {
                UserName    = model.UserName,
                Email       = model.Email,
                PhoneNumber = model.PhoneNumber
            };

            foreach (string roleName in selectRoles)
            {
                var         Role     = roleManager.FindByName(roleName);
                AppUserRole userRole = new AppUserRole {
                    RoleId = Role.Id,
                    UserId = user.Id
                };
                user.Roles.Add(userRole);
            }
            IdentityResult result = userManager.Create(user, model.Password);

            if (result.Succeeded)
            {
                TempData["message"] = "관리자 계정이 생성되었습니다.";
                return(RedirectToAction("Index"));
            }
            else
            {
                AddErrorsFromResult(result);
            }
            return(View("Index"));
        }
Пример #12
0
        public async Task <IActionResult> DeleteRole(string id)
        {
            if (!await _accountManager.TestCanDeleteRoleAsync(id))
            {
                return(BadRequest("Role cannot be deleted. Remove all users from this role and try again"));
            }


            RoleViewModel roleVM  = null;
            AppUserRole   appRole = await this._accountManager.GetRoleByIdAsync(id);

            if (appRole != null)
            {
                roleVM = await GetRoleViewModelHelper(appRole.Name);
            }


            if (roleVM == null)
            {
                return(NotFound(id));
            }

            var result = await this._accountManager.DeleteRoleAsync(appRole);

            if (!result.Item1)
            {
                throw new Exception("The following errors occurred whilst deleting role: " + string.Join(", ", result.Item2));
            }


            return(Ok(roleVM));
        }
Пример #13
0
        public ActionResult Edit(AdminUserEditModel model, string[] selectRoles)
        {
            if (ModelState.IsValid)
            {
                var user = userManager.FindByIdAsync(model.AdminId).Result;
                if (model.WillChangePassword)
                {
                    user.PasswordHash = userManager.PasswordHasher.HashPassword(model.Password);
                }
                user.Roles.Clear();
                foreach (string roleName in selectRoles)
                {
                    var         Role     = roleManager.FindByNameAsync(roleName).Result;
                    AppUserRole userRole = new AppUserRole {
                        RoleId = Role.Id,
                        UserId = user.Id
                    };
                    user.Roles.Add(userRole);
                }

                var updateResult = userManager.UpdateAsync(user).Result;
                if (updateResult.Succeeded)
                {
                    TempData["message"] = "정보 수정이 완료되었습니다.";
                    return(RedirectToAction("Index"));
                }
                else
                {
                    AddErrorsFromResult(updateResult);
                }
            }
            return(View(model));
        }
Пример #14
0
        /// <summary>
        /// Gets all unarchived items of sprint from sprint repository and groups them by parent item.
        /// </summary>
        /// <param name="id">Id of sprint.</param>
        /// <param name="userId">Id of user.</param>
        /// <returns>Collection of ItemList DTO's.</returns>
        public async Task <IEnumerable <ItemListDto> > GetAllSprintItemsAsync(int id, string userId)
        {
            // Searchs sprint by id and extracts project id from result
            Sprint sprint = await _sprintRepository.GetByIdAsync(id);

            int projectId = sprint.ProjectId;

            // Gets role of user in current project and checks his rights to view sprint items
            AppUserRole role = await _projectUserRepository.GetRoleOfMember(userId, projectId);

            if (!this.CanAccessSprint(role))
            {
                throw new ForbiddenResponseException("You do not have access");
            }

            // Gets all non archived items without parents
            var unparantedItems = (await _itemRepository.GetUnparentedAsync(id)).Where(item => item.IsArchived == false);
            var userStories     = (await _itemRepository.GetUserStoriesAsync(id)).Where(item => item.IsArchived == false);
            var topLevelItems   = (userStories ?? Enumerable.Empty <Item>()).Concat(unparantedItems ?? Enumerable.Empty <Item>());
            IEnumerable <ItemListDto> itemList = _mapper.Map <IEnumerable <Item>, IEnumerable <ItemListDto> >(topLevelItems);

            // Gets all non archived children for each item without parent
            foreach (var parentItem in itemList)
            {
                var childItems = (await _itemRepository.GetAllChildAsync(parentItem.Id)).Where(item => item.IsArchived == false);
                IEnumerable <ItemDto> childItemsDto = _mapper.Map <IEnumerable <Item>, IEnumerable <ItemDto> >(childItems);
                parentItem.Items.AddRange(childItemsDto);
            }
            return(itemList);
        }
Пример #15
0
        public async Task <IActionResult> AddRole([FromBody] AppUserRole model)
        {
            if (ModelState.IsValid)
            {
                try
                {
                    logger.LogInformation("Adding Role in Repository");

                    var addedRole = await roleRepo.AddUserRole(model);

                    if (addedRole != null)
                    {
                        return(Ok(addedRole));
                    }
                    else
                    {
                        return(NotFound());
                    }
                }
                catch (Exception excp)
                {
                    logger.LogError("Error Adding Role in Repository " + excp.Message);

                    return(BadRequest(excp));
                }
            }

            return(BadRequest());
        }
Пример #16
0
        private void SetRoles()
        {
            _presenter.RemoveUserRoles();

            foreach (RepeaterItem ri in rptRoles.Items)
            {
                CheckBox chkRole = (CheckBox)ri.FindControl("chkRole");
                if (chkRole.Checked)
                {
                    int roleId = (int)this.ViewState[ri.UniqueID];

                    Role        role  = _presenter.GetRoleById(roleId);
                    AppUserRole urole = new AppUserRole()
                    {
                        AppUser = _presenter.CurrentUser,
                        Role    = role
                    };

                    _presenter.CurrentUser.AppUserRoles.Add(urole);
                }
            }

            string adminRole = UserSettings.GetAdministratorRole;

            if (_presenter.CurrentUser.UserName == UserSettings.GetSuperUser &&
                !_presenter.CurrentUser.IsInRole(adminRole))
            {
                throw new Exception(String.Format("The user '{0}' has to have the '{1}' role."
                                                  , _presenter.CurrentUser.UserName, adminRole));
            }
        }
Пример #17
0
        public async Task RemoveMemberAsync(string senderUserId, int projectId, string userId)
        {
            AppUserRole senderRole = await GetRoleIfMember(senderUserId, projectId);

            if (senderUserId == userId)
            {
                if (!senderRole.CanRemoveItself())
                {
                    throw new ForbiddenResponseException("You cannot leave project.");
                }
            }
            else
            {
                if (!senderRole.CanRemoveOtherMember())
                {
                    throw new ForbiddenResponseException("You cannot remove other members.");
                }
            }

            if (!await _puRepo.DoesExistMemberOfProject(userId, projectId))
            {
                throw new NotFoundResponseException("No member with this id in project");
            }

            await _puRepo.DeleteRecordAsync(userId, projectId);
        }
Пример #18
0
        public async Task ChangeUserRoleAsync(string senderUserId, int projectId, string userId, AppUserRoleDto newRoleDto)
        {
            AppUserRole senderRole = await GetRoleIfMember(senderUserId, projectId);

            if (!senderRole.HasPermissionsToChangeRoleOfMember())
            {
                throw new ForbiddenResponseException("You haven't permissions to change roles of members in this project");
            }

            AppUserRole currRole = await _puRepo.GetRoleOfMember(userId, projectId);

            AppUserRole newRole = _mapper.Map <AppUserRoleDto, AppUserRole>(newRoleDto);

            if (!senderRole.CanChangeRoleOfMember(currRole, newRole))
            {
                throw new ForbiddenResponseException($"You cannot change role from {currRole.Name} to {newRole.Name}.");
            }

            if (newRole.IsScrumMaster() && await _puRepo.DoesExistScrumMasterInProjectAsync(projectId))
            {
                throw new ForbiddenResponseException("Only one Scrum Master can be on project");
            }

            ProjectUser pu = new ProjectUser()
            {
                ProjectId  = projectId,
                UserId     = userId,
                UserRoleId = newRole.Id
            };
            await _puRepo.UpdateRecordAsync(pu);
        }
Пример #19
0
        public async Task <IdentityResult> CreateAsync(User user, string password, AppUserRole role = AppUserRole.User)
        {
            var foundUser = await _userManager.FindByNameAsync(user.UserName);

            if (foundUser != null)
            {
                throw new NotFoundException("User already registered");
            }

            user.Id = Guid.NewGuid().ToString();
            var result = await _userManager.CreateAsync(user, password);

            if (result.Succeeded)
            {
                try
                {
                    return(await _userManager.AddToRoleAsync(user, Enum.GetName(typeof(AppUserRole), role)));
                }
                catch (Exception e)
                {
                    var res = await _userManager.DeleteAsync(user);
                }
            }
            else
            {
                throw new AppException($"Something went wrong: {result.Errors.First().Description}");
            }
            throw new NotFoundException("User already registered");
        }
Пример #20
0
        public List <ContactRecord> PrayerRequests(int?memberId, int?ccgId,
                                                   DateRangeFilter dateRange, ContactsSort contactsSort,
                                                   bool getAll = false, string query = null, CCGAppUser appuser = null)
        {
            // Get principal user obj
            var user = unitOfWork.AppUserRepository.FindUserByEmail(appuser.UserName);

            DateTime dateTimeOffset;

            GetOffsetDate(dateRange, out dateTimeOffset);

            List <ContactRecord> prayerRequests;

            // determine if user is leadership, pastor or admin
            AppUserRole[] roles = new AppUserRole[] { AppUserRole.Admin,
                                                      AppUserRole.DeaconLeadership,
                                                      AppUserRole.Pastor };
            // get all if user is admin, leadership, or pastor
            getAll = AuthHelper.IsInRole(appuser.UserName, roles);

            // not leadership so only get prayer requests within ccg
            if (!getAll && ccgId == null)
            {
                ccgId = user.CcgId;
            }

            prayerRequests = GetPrayerRequests(memberId,
                                               dateTimeOffset, ccgId, getAll, user, query).ToList();

            // Sort prayer requests
            return(SortContactRecords(contactsSort, prayerRequests).ToList());
        }
Пример #21
0
        public async Task <IActionResult> CreateRole([FromBody] RoleViewModel role)
        {
            if (ModelState.IsValid)
            {
                if (role == null)
                {
                    return(BadRequest($"{nameof(role)} cannot be null"));
                }

                AppUserRole appRole = Mapper.Map <AppUserRole>(role);

                var result = await _accountManager.CreateRoleAsync(appRole, role.Permissions?.Select(p => p.Value).ToArray());

                if (result.Item1)
                {
                    RoleViewModel roleVM = await GetRoleViewModelHelper(appRole.Name);

                    return(CreatedAtAction(GetRoleByIdActionName, new { id = roleVM.Id }, roleVM));
                }

                AddErrors(result.Item2);
            }

            return(BadRequest(ModelState));
        }
Пример #22
0
        public static async Task SeedDatabase(
            UserManager <AppUser> userManager,
            RoleManager <AppUserRole> roleManager)
        {
            var user1 = new AppUser
            {
                Id = Guid.NewGuid().ToString(),
                AccessFailedCount    = 0,
                Email                = "*****@*****.**",
                EmailConfirmed       = true,
                Fullname             = "Mazdak Shojaie",
                LockoutEnabled       = true,
                PhoneNumber          = "09173148953",
                PhoneNumberConfirmed = true,
                UserName             = "******"
            };
            var user2 = new AppUser
            {
                Id = Guid.NewGuid().ToString(),
                AccessFailedCount    = 0,
                Email                = "*****@*****.**",
                EmailConfirmed       = true,
                Fullname             = "Maryam Shojaie",
                LockoutEnabled       = true,
                PhoneNumber          = "09173154753",
                PhoneNumberConfirmed = true,
                UserName             = "******"
            };

            if (userManager.Users.Any())
            {
                return;
            }
            if (roleManager.Roles.Any())
            {
                return;
            }

            await userManager.CreateAsync(user1, "Pa$$word@1");

            await userManager.CreateAsync(user2, "Pa$$word@2");

            var role1 = new AppUserRole
            {
                Name = "Admin"
            };
            var role2 = new AppUserRole
            {
                Name = "Teacher"
            };

            await roleManager.CreateAsync(role1);

            await roleManager.CreateAsync(role2);

            await userManager.AddToRoleAsync(user1, "Admin");

            await userManager.AddToRoleAsync(user2, "Teacher");
        }
Пример #23
0
        public ActionResult AddAppUserRole(AppUserRole role)
        {
            string result = appUserRoleService.Add(role);

            TempData["Result"] = result;

            return(RedirectToAction("Index"));
        }
Пример #24
0
 public static void CanDoSomething(this AppUserRole role, Item item, string userId)
 {
     // User must be owner or master or to be assigned to this task to update it.
     if (!(role.IsScrumMasterOrOwner() || item.AssignedUserId == userId || item.AssignedUserId == null))
     {
         throw new ForbiddenResponseException("Sorry, you can edit only items which are asssigned by you!");
     }
 }
Пример #25
0
        private ProjectMemberDto MakeProjectMemberDto(User u, AppUserRole role)
        {
            ProjectMemberDto dto = _mapper.Map <User, ProjectMemberDto>(u);

            dto.Role = _mapper.Map <AppUserRole, AppUserRoleDto>(role);

            return(dto);
        }
Пример #26
0
        public void SubmitForm(AppUser userEntity, string roleIds)
        {
            if (userEntity.Id == 0)
            {
                userEntity.Create();
                string userPassword = "******";//默认密码
                userEntity.UserSecretkey = Md5Helper.Md5(Utils.CreateNo(), 16).ToLower();
                userEntity.LoginPassword = Md5Helper.Md5(DesEncrypt.Encrypt(Md5Helper.Md5(userPassword, 32).ToLower(), userEntity.UserSecretkey).ToLower(), 32).ToLower();
                userEntity.LoginCount    = 0;

                //新增时配置角色
                if (roleIds.IsNotNullOrEmpty())
                {
                    foreach (string id in roleIds.Split(','))
                    {
                        int.TryParse(id, out int result);
                        if (result == 0)
                        {
                            continue;
                        }
                        AppUserRole userRoleEntity = new AppUserRole {
                            RoleId = result
                        };
                        userEntity.UserRoles.Add(userRoleEntity);
                    }
                }

                this.Insert(userEntity);
            }
            else
            {
                using (var db = new RepositoryBase().BeginTrans())
                {
                    userEntity.Modify(userEntity.Id);
                    string[] modifystrs = { "LoginName", "StatusCode", "Email", "NickName", "LastModifyUserId", "LastModifyTime" };
                    this.Update(userEntity, modifystrs);

                    db.Delete <AppUserRole>(u => u.UserId == userEntity.Id);

                    if (roleIds.IsNotNullOrEmpty())
                    {
                        foreach (string id in roleIds.Split(','))
                        {
                            int.TryParse(id, out int result);
                            if (result == 0)
                            {
                                continue;
                            }
                            AppUserRole userRoleEntity = new AppUserRole {
                                RoleId = result, UserId = (int)userEntity.Id
                            };
                            db.Insert(userRoleEntity);
                        }
                    }
                    db.Commit();
                }
            }
        }
Пример #27
0
        /// <summary>
        /// 将 user 添加进 role
        /// </summary>
        /// <param name="user"></param>
        /// <param name="roleName"></param>
        /// <returns></returns>
        public void AddToRoleAsync(ApplicationUser user, string roleName)
        {
            AppUserRole ur = new AppUserRole {
                UserId = user.Id,
                RoleId = mRole.FindIdByRoleName(roleName)
            };

            Insert(ur);
        }
Пример #28
0
        /// <summary>
        /// This method update role
        /// </summary>
        /// <param name="role">Role</param>
        /// <param name="claims">Permissions</param>
        /// <returns>Return bool that represents if role was updated and array of strings that represents all errors</returns>
        public async Task <Tuple <bool, string[]> > UpdateRoleAsync(AppUserRole role, IEnumerable <string> claims)
        {
            if (claims != null)
            {
                string[] invalidClaims = claims.Where(c => ApplicationPermissions.GetPermissionByValue(c) == null).ToArray();
                if (invalidClaims.Any())
                {
                    return(Tuple.Create(false, new[] { "The following claim types are invalid: " + string.Join(", ", invalidClaims) }));
                }
            }


            var result = await _roleManager.UpdateAsync(role);

            if (!result.Succeeded)
            {
                return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray()));
            }


            if (claims != null)
            {
                var roleClaims      = (await _roleManager.GetClaimsAsync(role)).Where(c => c.Type == CustomClaimTypes.Permission);
                var roleClaimValues = roleClaims.Select(c => c.Value).ToArray();

                var claimsToRemove = roleClaimValues.Except(claims).ToArray();
                var claimsToAdd    = claims.Except(roleClaimValues).Distinct().ToArray();

                if (claimsToRemove.Any())
                {
                    foreach (string claim in claimsToRemove)
                    {
                        result = await _roleManager.RemoveClaimAsync(role, roleClaims.Where(c => c.Value == claim).FirstOrDefault());

                        if (!result.Succeeded)
                        {
                            return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray()));
                        }
                    }
                }

                if (claimsToAdd.Any())
                {
                    foreach (string claim in claimsToAdd)
                    {
                        result = await _roleManager.AddClaimAsync(role, new Claim(CustomClaimTypes.Permission, ApplicationPermissions.GetPermissionByValue(claim)));

                        if (!result.Succeeded)
                        {
                            return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray()));
                        }
                    }
                }
            }

            return(Tuple.Create(true, new string[] { }));
        }
Пример #29
0
 private static bool DevAssignOperations(this AppUserRole role, Item existingItem, Item newItem, string userId)
 {
     // User only can assign task which was 'New' and unassigned.
     if ((existingItem.StatusId == (int)ItemStatuses.New && existingItem.AssignedUserId == null) && (newItem.AssignedUserId == userId))
     {
         return(true);
     }
     throw new ForbiddenResponseException("You only can assign NEW item to yourself!");
 }
Пример #30
0
        protected virtual void CreateRoleAndPermissions(AppUserRole roleType)
        {
            var roleFromDatabase = _context.Roles
                                   .IgnoreQueryFilters()
                                   .FirstOrDefault(r => r.TenantId == null &&
                                                   r.Name == roleType.GetDescriptionFromValue());

            if (roleFromDatabase == null)
            {
                roleFromDatabase = new Role(null,
                                            roleType.GetDescriptionFromValue(),
                                            roleType.GetDescriptionFromValue())
                {
                    IsStatic  = true,
                    IsDefault = false
                };
                _context.Roles.Add(roleFromDatabase);
                _context.SaveChanges();
            }

            var activeRolePermissions = _context.RolePermissions
                                        .Where(p => p.RoleId == roleFromDatabase.Id && p.IsGranted).ToList();

            // Grant all permissions
            var permissionNames = StaticRolePermissions.RolePermissions.ContainsKey(roleType) ?
                                  StaticRolePermissions.RolePermissions[roleType] :
                                  new List <string>();

            foreach (var permission in permissionNames)
            {
                if (activeRolePermissions.Any(p => p.Name == permission))
                {
                    continue;
                }

                _context.Permissions.Add(
                    new RolePermissionSetting
                {
                    TenantId  = null,
                    Name      = permission,
                    IsGranted = true,
                    RoleId    = roleFromDatabase.Id
                });
            }

            // remove not applyable permissions

            foreach (var activePermission in activeRolePermissions)
            {
                if (!permissionNames.Contains(activePermission.Name))
                {
                    activePermission.IsGranted = false;
                }
            }

            _context.SaveChanges();
        }