public ActionResult Edit(FormCollection formCollection, string filesToUpload, string PIN, string P) { NullChecker.NullCheck(new object[] { PIN, P }); var pin = EncryptionHelper.Unprotect(PIN); var p = EncryptionHelper.Unprotect(P); Post postEntryToEdit = unitOfWOrk.PostRepository.GetByID(pin); if (AuthorizationHelper.isRelevant((int)postEntryToEdit.posterUserID) && pin == p) { if (TryUpdateModel(postEntryToEdit, "", new string[] { "post" })) { if (!String.IsNullOrWhiteSpace(postEntryToEdit.post)) { unitOfWOrk.PostRepository.Update(postEntryToEdit); } if (!String.IsNullOrWhiteSpace(filesToUpload)) { var fileUploadResult = UploadHelper.UpdateUploadedFiles(filesToUpload, postEntryToEdit.image + postEntryToEdit.document, "Post"); postEntryToEdit.image = fileUploadResult.ImagesToUpload; postEntryToEdit.document = fileUploadResult.DocsToUpload; } unitOfWOrk.PostRepository.Update(postEntryToEdit); unitOfWOrk.Save(); UnitOfWork editContext = new UnitOfWork(); var post = editContext.PostRepository.GetByID(postEntryToEdit.postID); return(Json(new { Success = true, Result = RenderPartialViewHelper.RenderPartialView(this, "PostPartial", post), Message = Resource.Resource.editedSuccessfully })); } throw new ModelStateException(this.ModelState); } throw new JsonCustomException(ControllerError.ajaxErrorPostEdit); }
public async Task GenerateExternalUserName(Guid userProfileId, Guid gameId) { var user = await this.context.UserProfiles.Include(up => up.ExternalUserNames).FirstOrDefaultAsync(up => up.Id == userProfileId); if (user.HasExternalUserName(gameId)) { return; } var game = await this.context.Games.Include(g => g.GameExternalUserNameGenerator).ThenInclude(geung => geung.ExternalUserNameGenerator).FirstOrDefaultAsync(g => g.Id == gameId); var generator = game.GameExternalUserNameGenerator?.ExternalUserNameGenerator; if (generator == null) { return; } try { var userNameGenerator = Activator.CreateInstance(Type.GetType(generator.Type), this.context) as IExternalUserNameGenerator; var userName = await userNameGenerator.Create(userProfileId); if (userName == null) { return; } var externalUserName = new EF.Models.ExternalUserName(userName.UserName, userName.LogoURL, userName.ServiceName, gameId); await this.authorizationService.AddPermission(userProfileId, AuthorizationHelper.GenerateARN(typeof(ExternalUserName), externalUserName.Id.ToString(), Shared.Permissions.ExternalUserName.All)); user.ExternalUserNames.Add(externalUserName); this.context.UserProfiles.Update(user); } catch (Exception ex) { Sentry.SentrySdk.CaptureException(ex); } }
public void TestMissingPolicy() { Mock <IAuthorizationPolicyProvider> authorizationPolicyMock = new Mock <IAuthorizationPolicyProvider>(); authorizationPolicyMock.Setup(x => x.GetPolicyAsync(It.IsAny <string>())) .Returns(() => { return(Task.FromResult <AuthorizationPolicy>(null)); }); Mock <IAuthorizationHandlerProvider> authorizationHandlerMock = new Mock <IAuthorizationHandlerProvider>(); Mock <HttpContext> httpContextMock = new Mock <HttpContext>(); ServiceCollection services = new ServiceCollection(); services.AddSingleton(authorizationPolicyMock.Object); services.AddSingleton(authorizationHandlerMock.Object); Assert.ThrowsAsync <InvalidOperationException>( async() => await AuthorizationHelper.CheckAuthorization(services.BuildServiceProvider(), "test", httpContextMock.Object), "No security policy found named 'test'." ); }
public ActionResult Create([Bind(Include = "sessionSubject,sessionDesc,endDate")] GroupSession groupSessionToCreate, string GId, string filesToUpload) { NullChecker.NullCheck(new object[] { GId }); if (ModelState.IsValid) { var gid = EncryptionHelper.Unprotect(GId); var group = unitOfWork.GroupRepository.GetByID(gid); if (group.Admins.Any(a => AuthorizationHelper.isRelevant(a.UserId))) { var fileUploadResult = UploadHelper.UpdateUploadedFiles(filesToUpload, null, "GSession"); groupSessionToCreate.image = fileUploadResult.ImagesToUpload; groupSessionToCreate.document = fileUploadResult.DocsToUpload; groupSessionToCreate.groupId = (int)gid; groupSessionToCreate.startDate = DateTime.UtcNow; unitOfWork.GroupSessionRepository.Insert(groupSessionToCreate); unitOfWork.Save(); return(Json(new { Success = true, Url = Url.Action("Detail", new { SsId = groupSessionToCreate.sessionId, GSName = StringHelper.URLName(groupSessionToCreate.sessionSubject) }) })); } throw new JsonCustomException(ControllerError.ajaxError); } throw new ModelStateException(this.ModelState); }
public ActionResult Edit(string StId) { NullChecker.NullCheck(new object[] { StId }); var StToEdit = unitOfWork.StoreNotExpiredRepository .GetByID((int)EncryptionHelper.Unprotect(StId)); if (!StToEdit.Admins.Any(c => AuthorizationHelper.isRelevant(c.UserId))) { return(new RedirectToNotFound()); } CountriesViewModel countries = new CountriesViewModel(); ViewBag.CountryDropDown = countries.counts(StToEdit.State); ViewBag.StateDropDown = countries.states(StToEdit.State); var catss = StToEdit.Categories.Select(u => u.catID); ViewData["Cats"] = String.Join(",", catss); ViewData["store"] = StId; return(View(StToEdit)); }
public ActionResult Create([Bind(Include = "groupName,groupDesc,isPublic")] Group group, string Cats, string professionTags, string UserTags) { if (ModelState.IsValid) { if (AuthorizationHelper.isAdmin()) { UpSertGroupCats(Cats, group); UpSertGroupProffs(professionTags, group); UpSertGroupAdmins(UserTags, group); UpSertGroupMembers(UserTags, group); group.registerDate = DateTime.UtcNow; unitOfWork.GroupRepository.Insert(group); unitOfWork.Save(); return(Json(new { Success = true, Url = Url.Action("GroupPage", new { GId = group.groupId, GName = StringHelper.URLName(group.groupName) }) })); } throw new JsonCustomException(ControllerError.ajaxError); } throw new ModelStateException(this.ModelState); }
public ActionResult ProfilePic(string UId, int x, int y, int w, int h, string picToUpload) { NullChecker.NullCheck(new object[] { UId }); var uid = EncryptionHelper.Unprotect(UId); if (!AuthorizationHelper.isRelevant((int)uid)) { throw new JsonCustomException(ControllerError.ajaxError); } UploadHelper.CropImage(x, y, w, h, picToUpload); UploadHelper.moveFile(picToUpload, "Profile"); var user = unitOfWork.ActiveUserRepository.GetByID(uid); if (user.image != null) { UploadHelper.deleteFile(user.image, "Profile"); } user.image = picToUpload; unitOfWork.ActiveUserRepository.Update(user); unitOfWork.Save(); return(Json(new { Success = true })); }
public StrokeDto AddStroke(Guid noteId, [FromBody] NewStrokeInput strokeInput) { var user = AuthorizationHelper.GetAuthorizedUser(); var note = user.Notes.FirstOrDefault(n => n.Id == noteId); if (strokeInput.Path == null) { throw new HttpResponseException(HttpStatusCode.BadRequest); } var stroke = note.AddStroke( new BrushColor(strokeInput.R, strokeInput.B, strokeInput.G, strokeInput.A) { }, new BrushSize(strokeInput.Radius) { }, strokeInput.Path); var strokeDto = new StrokeDto(stroke.ToData()); return(strokeDto); }
public void CreateXacmlJsonMultipleRequest_TC01() { // Arrange List <string> actionTypes = new List <string> { "read", "write" }; List <Instance> instances = CreateInstances(); // Act XacmlJsonRequestRoot requestRoot = AuthorizationHelper.CreateMultiDecisionRequest(CreateUserClaims(1), instances, actionTypes); // Assert // Checks it has the right number of attributes in each category Assert.Single(requestRoot.Request.AccessSubject); Assert.Equal(2, requestRoot.Request.Action.Count()); Assert.Equal(3, requestRoot.Request.Resource.Count()); Assert.Equal(4, requestRoot.Request.Resource.First().Attribute.Count()); Assert.Equal(6, requestRoot.Request.MultiRequests.RequestReference.Count()); foreach (var refrenceId in requestRoot.Request.MultiRequests.RequestReference) { Assert.Equal(3, refrenceId.ReferenceId.Count()); } }
public void SetImage() { //Pega o nome do usuário para exibir na barra de navegação SistemaApi username = new SistemaApi(); try { username = AuthorizationHelper.GetSystem(); ViewBag.User = username.Usuario.ChaveAmericas; if (username != null) { var imgUser = AuthorizationHelper.GetUserImage(username.Usuario.ChaveAmericas); ViewBag.UserPhoto = imgUser; } } catch { var imgUser = AuthorizationHelper.GetUserImage(""); ViewBag.User = ""; ViewBag.UserPhoto = imgUser; } }
public ActionResult LogoPic(int x, int y, int w, int h, string picToUpload, string company) { NullChecker.NullCheck(new object[] { company }); var currentUser = WebSecurity.CurrentUserId; var companyToEdit = unitOfWork.NotExpiredCompanyRepository .GetByID(EncryptionHelper.Unprotect(company)); if (companyToEdit.Admins.Any(a => AuthorizationHelper.isRelevant(a.UserId))) { UploadHelper.CropImage(x, y, w, h, picToUpload); UploadHelper.moveFile(picToUpload, "Company"); if (companyToEdit.logo != null) { UploadHelper.deleteFile(companyToEdit.logo, "Company"); } companyToEdit.logo = picToUpload; unitOfWork.CompanyRepository.Update(companyToEdit); unitOfWork.Save(); return(Json(new { Success = true })); } throw new JsonCustomException(ControllerError.ajaxError); }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { log.Debug("OnActionExecuting called"); var resultadoAutorizacao = CheckUserAuthorization(); log.Debug("resultadoAutorizacao: " + resultadoAutorizacao); switch (resultadoAutorizacao) { case TipoResultadoAutorizacao.AUTORIZADO: break; case TipoResultadoAutorizacao.NAO_AUTENTICADO: string url = $"{FormsAuthentication.LoginUrl}?returnUrl=/{filterContext.RouteData.Values["controller"]}/{filterContext.RouteData.Values["action"]}"; filterContext.Result = new RedirectResult(url); break; case TipoResultadoAutorizacao.USUARIO_INATIVO: TempData["_AuthenticationError"] = "Usuário Inativo"; filterContext.Result = new RedirectResult("/Login/UnauthorizedAccess"); AuthorizationHelper.LimparRegistroAutenticacao(); break; case TipoResultadoAutorizacao.USUARIO_NAO_CADASTRADO: TempData["_AuthenticationError"] = "Usuário não cadastrado"; filterContext.Result = new RedirectResult("/Login/UnauthorizedAccess"); AuthorizationHelper.LimparRegistroAutenticacao(); break; default: break; } base.OnActionExecuting(filterContext); }
public async Task <string> SendMessageAsync() { var requestData = new RequestData(); requestData.PhoneNumber = new List <string>() { Config._testMobile }; requestData.ExtendCode = Config._testExtend; requestData.MessageBody = new MessageBody(); requestData.MessageBody.TemplateName = Config._testTemplateName; requestData.MessageBody.TemplateParam = new Dictionary <string, string>(); var token = AuthorizationHelper.CreateSASToken(Config._keyValue, Config._keyName, TimeSpan.FromSeconds(30)); string jsonPayload = JsonConvert.SerializeObject(requestData); var request = new HttpRequestMessage(HttpMethod.Post, $"{Config._endpoint}") { Headers = { { HttpRequestHeader.Accept.ToString(), "application/json" }, { "MS-RequestId", Guid.NewGuid().ToString() }, { "Account", Config._testCcsAccount }, { "Authorization", token } }, Content = new StringContent(jsonPayload, Encoding.UTF8) }; var response = await _client.SendAsync(request); var json = await response.Content.ReadAsStringAsync(); return(json); }
public ActionResult Create(tblPerfis trainingProfile) { var username = ""; try { username = AuthorizationHelper.GetSystem().Usuario.ChaveAmericas; } catch { username = ""; } var exits = _trainingProfile.checkIfTrainingProfileAlreadyExits(trainingProfile); trainingProfile.UsuarioCriacao = username; trainingProfile.DataCriacao = DateTime.Now; trainingProfile.Tipo = "T"; if (ModelState.IsValid) { if (!exits) { _trainingProfile.CreateTrainingProfile(trainingProfile); return(RedirectToAction("Index")); } } if (exits) { ModelState.AddModelError("Nome", "Perfil de Treinamento já existe"); } return(View("Create")); }
public ActionResult <Order> Responce(Order order) { if (order == null) { return(new NoContentResult()); } bool hasAutorId = AuthorizationHelper.TryGetCurrentUserId(HttpContext?.User, out int authorId); if (!hasAutorId) { return(new StatusCodeResult(StatusCodes.Status401Unauthorized)); } var originalOrder = _orderDirectory.GetOrder(order.Id); bool isOrderChanged = !order.IsEquals(originalOrder); bool isNotValidStatus = !string.Equals(originalOrder?.Status, OrderStatus.ACTIVE, System.StringComparison.OrdinalIgnoreCase); if (isOrderChanged || isNotValidStatus) { return(new StatusCodeResult(StatusCodes.Status403Forbidden)); } order.ClientId = authorId; order.Status = OrderStatus.RESPONSED; bool succeed = _orderDirectory.TryPutOrder(order); if (succeed) { return(new ActionResult <Order>(order)); } else { return(new BadRequestResult()); } }
private async Task <TeamMembership> DangerouslyCreateTeamMembership(Team team, Guid userId, Guid roleId, string notes) { var role = await context.TeamRoles.FirstOrDefaultAsync(tr => tr.Id == roleId); if (role == null) { throw new NoNullAllowedException("Role cannot be null"); } var membership = team.AddMember(userId, roleId, notes); if (membership != null) { var permissions = role.Permissions.Select(p => AuthorizationHelper.GenerateARN(typeof(Team), team.Id.ToString(), p)).ToList(); var membershipPermission = AuthorizationHelper.GenerateARN(typeof(TeamMembership), membership.Id.ToString(), Shared.Permissions.TeamMembership.All); await this.authorizationService.AddPermission(userId, membershipPermission); await this.authorizationService.AddPermission(userId, permissions); await this.backgroundWorker.SendMessage(this.queues.Contact, new DTO.Marketing.ContactSync(userId), 5); } var gameId = team.Competition?.GameId; if (!gameId.HasValue) { gameId = (await context.Competitions.Include(c => c.Game).FirstOrDefaultAsync(c => c.Id.Equals(team.CompetitionId)))?.GameId; } if (gameId.HasValue) { await this.userUtils.GenerateExternalUserName(userId, gameId.Value); } return(membership); }
public ActionResult <Order> Post(Order order) { if (order == null) { return(new NoContentResult()); } bool succeed = false; if (AuthorizationHelper.TryGetCurrentUserId(HttpContext?.User, out int id)) { order.AuthorId = id; succeed = _orderDirectory.TryAddOrder(order); } if (succeed) { return(new ActionResult <Order>(order)); } else { return(new BadRequestResult()); } }
private async Task <JWTAuthorizationResponse> GetAuthorizationResponse(string username, string password) { var identity = await GetIdentity(username, password); if (identity == null) { return(null); } var jwt = new JwtSecurityToken( issuer: AuthorizationHelper.JWT_ISSUER, audience: AuthorizationHelper.JWT_AUDIENCE, notBefore: DateTime.UtcNow, claims: identity.Claims, expires: DateTime.UtcNow.Add(AuthorizationHelper.JWT_LIFETIME), signingCredentials: new SigningCredentials(AuthorizationHelper.GetSymmetricJWTSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(new JWTAuthorizationResponse { Access_Token = encodedJwt, UserName = identity.Name, Roles = identity.Claims.Where(s => s.Type == ClaimsIdentity.DefaultRoleClaimType).Select(s => s.Value).ToList() }); }
protected void Page_Init(object sender, EventArgs e) { if (UIContext.EditedObject != null) { accountInfo = (AccountInfo)UIContext.EditedObject; // Initialize account selector accountSelector.UniSelector.Enabled = AuthorizationHelper.AuthorizedModifyContact(false); accountSelector.UniSelector.OnItemsSelected += UniSelector_OnItemsSelected; accountSelector.UniSelector.SelectionMode = SelectionModeEnum.MultipleButton; accountSelector.UniSelector.DialogButton.ResourceString = "om.account.addaccount"; // Setup UniGrid gridElem.OnExternalDataBound += gridElem_OnExternalDataBound; gridElem.OnAction += gridElem_OnAction; gridElem.ZeroRowsText = GetString("om.account.noaccountsfound"); // Initialize dropdown lists if (!RequestHelper.IsPostBack()) { drpAction.Items.Add(new ListItem(GetString("general." + Action.SelectAction), Convert.ToInt32(Action.SelectAction).ToString())); drpAction.Items.Add(new ListItem(GetString("general.remove"), Convert.ToInt32(Action.Remove).ToString())); drpWhat.Items.Add(new ListItem(GetString("om.account." + What.Selected), Convert.ToInt32(What.Selected).ToString())); drpWhat.Items.Add(new ListItem(GetString("om.account." + What.All), Convert.ToInt32(What.All).ToString())); } // Isn't child of someone else accountSelector.WhereCondition = "AccountSubsidiaryOfID IS NULL"; // And isn't recursive parent of edited account accountSelector.WhereCondition = SqlHelper.AddWhereCondition(accountSelector.WhereCondition, "AccountID NOT IN (SELECT * FROM Func_OM_Account_GetSubsidiaryOf(" + accountInfo.AccountID + ", 1))"); } else { StopProcessing = true; } }
public async Task <string> SendMessageAsync(string json) { var token = AuthorizationHelper.CreateSASToken(Config._keyValue, Config._keyName, TimeSpan.FromSeconds(30)); var request = new HttpRequestMessage(HttpMethod.Post, $"{Config._endpoint}") { Headers = { { HttpRequestHeader.Accept.ToString(), "application/json" }, { "MS-RequestId", Guid.NewGuid().ToString() }, { "Account", Config._testCcsAccount }, { "Authorization", token } }, Content = new StringContent(json, Encoding.UTF8) }; var response = await _client.SendAsync(request); var ret = await response.Content.ReadAsStringAsync(); return(ret); }
public ActionResult Edit(string SsId, string filesToUpload) { NullChecker.NullCheck(new object[] { SsId }); var session = unitOfWork.GroupSessionRepository.GetByID(EncryptionHelper.Unprotect(SsId)); if (TryUpdateModel(session, "", new string[] { "sessionSubject", "sessionDesc", "endDate" })) { if (session.Group.Admins.Any(a => AuthorizationHelper.isRelevant(a.UserId))) { if (ITTConfig.CurrentCultureIsNotEN) { var fileUploadResult = UploadHelper.UpdateUploadedFiles(filesToUpload, session.image + session.document, "GSession"); session.image = fileUploadResult.ImagesToUpload; session.document = fileUploadResult.DocsToUpload; } unitOfWork.GroupSessionRepository.Update(session); unitOfWork.Save(); return(Json(new { Success = true, Url = Url.Action("Detail", new { SsId = session.sessionId, GSName = StringHelper.URLName(session.sessionSubject) }) })); } throw new JsonCustomException(ControllerError.ajaxError); } throw new ModelStateException(this.ModelState); }
private void OnLogin(object sender, RoutedEventArgs e) { var userName = UserNameTxt.Text.Trim(); userName = StringUtil.CheckPhoneNum(userName) ? "+86" + userName : userName; var password = PasswordTxt.Password.Trim(); var captcha = CaptchaTxt.Text.Trim(); LoadingIcon.Display(); AuthorizationHelper.Login(LoginType.ZhiHu, new ZhiHuLoginInfo() { Captcha = NeedCaptcha ? captcha : null, UserName = userName, Password = password }, loginSuccess => { if (loginSuccess) { PopupMessage.DisplayMessageInRes("LoginSuccess"); var info = StorageInfo.Instance.ZhiHuAuthoInfo; if (info == null) { return; } LLQNotifier.Default.Notify(new LoginEvent() { IsLogin = true, UserPhotoUrl = info.avatar }); Hide(); } else { GetCaptchaImage(); } LoadingIcon.Hide(); }); }
public async Task <bool> CanReport(Guid matchSeriesId, Guid userProfileId) { var matchSeries = await this.alexandriaContext.MatchSeries .Include(ms => ms.MatchParticipants) .ThenInclude(mp => mp.Team) .ThenInclude(t => t.TeamMemberships) .ThenInclude(tm => tm.TeamRole) .FirstOrDefaultAsync(ms => ms.Id == matchSeriesId); if (matchSeries == null) { return(false); } var teamMemberships = matchSeries.MatchParticipants.Select(mp => mp.Team).SelectMany(t => t.TeamMemberships); var teamMembership = teamMemberships.FirstOrDefault(tm => tm.UserProfileId == userProfileId); if (teamMembership == null) { return(false); } return(await this.authorizationService.Can(userProfileId, AuthorizationHelper.GenerateARN(typeof(Team), teamMembership.TeamId.ToString(), Shared.Permissions.Team.ReportMatchResult))); }
private static AuthorizationHelper GetAuthorizationHelper( bool featureCheckerValue, bool isGranted) { var featureChecker = Substitute.For <IFeatureChecker>(); featureChecker.GetValueAsync(Arg.Any <string>()).Returns(featureCheckerValue.ToString().ToLower()); featureChecker.IsEnabledAsync(Arg.Any <string>()).Returns(featureCheckerValue); var permissionChecker = Substitute.For <IPermissionChecker>(); permissionChecker.IsGrantedAsync(Arg.Any <string>()).Returns(isGranted); var configuration = Substitute.For <IAuthorizationConfiguration>(); configuration.IsEnabled.Returns(true); var authorizeHelper = new AuthorizationHelper(featureChecker, configuration) { PermissionChecker = permissionChecker }; return(authorizeHelper); }
public ActionResult Delete(string SsId, string S) { NullChecker.NullCheck(new object[] { SsId, S }); var ssid = EncryptionHelper.Unprotect(SsId); var s = EncryptionHelper.Unprotect(S); var sessionToDel = unitOfWork.GroupSessionRepository.GetByID(ssid); if (sessionToDel.Group.Admins.Any(a => AuthorizationHelper.isRelevant(a.UserId)) && ssid == s) { var urlparm = sessionToDel.Group.groupName; //sessionToDel.Offers.SelectMany(o => o.Likes.Select(l=>l.likeID as object)).ToList().ForEach(unitOfWork.LikeRepository.Delete); //sessionToDel.Offers.SelectMany(c => c.Comments.SelectMany(l => l.Likes.Select(f => f.likeID as object))).ToList().ForEach(unitOfWork.LikeRepository.Delete); //sessionToDel.Offers.SelectMany(c => c.Comments.Select(f => f.commentID as object)).ToList().ForEach(unitOfWork.CommentRepository.Delete); sessionToDel.Offers.Select(o => o.offerId as object).ToList().ForEach(unitOfWork.GroupSessionOfferRepository.Delete); var fileUploadResult = UploadHelper.UpdateUploadedFiles(String.Empty, sessionToDel.image + sessionToDel.document, "GSession"); if (String.IsNullOrEmpty(fileUploadResult.ImagesToUpload) && String.IsNullOrEmpty(fileUploadResult.DocsToUpload)) { unitOfWork.GroupSessionRepository.Delete(sessionToDel); unitOfWork.Save(); } return(Json(new { Success = true, Url = Url.Action("GroupPage", "Group", new { GId = sessionToDel.groupId, GName = StringHelper.URLName(urlparm) }) })); } throw new JsonCustomException(ControllerError.ajaxError); }
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext authContext, PlayerCanSeePuzzleRequirement requirement) { PuzzleUser puzzleUser = await PuzzleUser.GetPuzzleUserForCurrentUser(dbContext, authContext.User, userManager); Puzzle puzzle = await AuthorizationHelper.GetPuzzleFromContext(authContext); Event thisEvent = await AuthorizationHelper.GetEventFromContext(authContext); if (thisEvent != null && puzzle != null) { Team team = await UserEventHelper.GetTeamForPlayer(dbContext, thisEvent, puzzleUser); if (team != null) { IQueryable <PuzzleStatePerTeam> statesQ = PuzzleStateHelper.GetFullReadOnlyQuery(dbContext, thisEvent, puzzle, team); if (statesQ.FirstOrDefault().UnlockedTime != null || thisEvent.AreAnswersAvailableNow) { authContext.Succeed(requirement); } } } }
public static async Task <object> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = null)] HttpRequestMessage req, ILogger log) { log.LogInformation("C# HTTP trigger function processed a request."); string token = req.Headers.Authorization.ToString(); if (!AuthorizationHelper.Authorized(token, new string[] { Role.Manager })) { return(req.CreateResponse(HttpStatusCode.BadRequest, "Unauthorized!")); } //We retrieve the userName field, which comes as a parameter to the function, by deserializing req.Content. string jsonContent = await req.Content.ReadAsStringAsync(); dynamic data = JsonConvert.DeserializeObject(jsonContent); string branchID = data.branchID; //If there is no username, we return the error message. try { User[] allUsers = null; //We get the Connection String in the Function App Settings section we defined. var str = Environment.GetEnvironmentVariable("sqldb_connection"); using (SqlConnection connection = new SqlConnection(str)) { string text = @"SELECT UserID, email, Firstname, Lastname, Position FROM Users " + "WHERE branchID = @branchID AND Role NOT IN ('Owner', 'Manager')"; SqlCommand command = new SqlCommand(text, connection); command.Parameters.AddWithValue("@branchID", branchID); connection.Open(); using (SqlDataReader oReader = command.ExecuteReader()) { log.LogInformation("C# HTTP trigger function processed a request. 6"); var list = new List <User>(); while (oReader.Read()) { list.Add(new User { UserID = oReader["UserID"].ToString(), email = oReader["email"].ToString(), Firstname = oReader["Firstname"].ToString(), Lastname = oReader["Lastname"].ToString(), Position = oReader["Position"].ToString() }); allUsers = list.ToArray(); } connection.Close(); } } return(req.CreateResponse(HttpStatusCode.OK, allUsers)); } catch { return(req.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong!")); } }
public IsEventAdminOrPlayerOnTeamHandler_Play(AuthorizationHelper authHelper) { this.authHelper = authHelper; }
public PublisherServiceTests() { AuthorizationHelper.SetupGoogleAuthCredentials(); }
public IActionResult Put([FromBody] RightsModel fromBodyRightsModel) { // List of messages to return to the client var messages = new List <Message>(); // Authentication var controllerHelper = new ControllerHelper(context); var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity); if (authUserModel == null) { return(Unauthorized()); } // Authorization if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CRU)) { return(Forbid()); } #region VALIDATIONS // Received rights ApplicationId must be the same as of authorized user var sharedValidationHelper = new SharedValidationHelper(); messages = sharedValidationHelper.ValidateApplicationId(fromBodyRightsModel.ApplicationId, authUserModel.ApplicationId); if (messages.Count != 0) { return(BadRequest(messages)); } fromBodyRightsModel.Application = authUserModel.Application; // Rights must already exist in the database var rightsRepository = new RightsRepository(context); var rightsModel = rightsRepository.GetById(authUserModel.ApplicationId, fromBodyRightsModel.Id); if (rightsModel == null) { messages.Add(new Message(MessageTypeEnum.Error, 4003, new List <string>() { fromBodyRightsModel.Application.LoginApplicationName, fromBodyRightsModel.Id.ToString() })); Logger.LogMessagesToConsole(messages); return(BadRequest(messages)); } // If the rights name was changed, the new one must be unique if (rightsModel.Name != fromBodyRightsModel.Name) { var sameNameRights = rightsRepository.GetByApplicationIdAndName(authUserModel.ApplicationId, fromBodyRightsModel.Name); if (sameNameRights.Count() > 0) { messages.Add(new Message(MessageTypeEnum.Error, 4001, new List <string>() { fromBodyRightsModel.Name })); return(BadRequest(messages)); } } // Rights data validity and logic validity messages = sharedValidationHelper.ValidateRights(authUserModel.Application.ApplicationDescriptor, fromBodyRightsModel.DataDictionary); if (messages.Count != 0) { return(BadRequest(messages)); } #endregion rightsRepository.SetNameAndData(rightsModel, fromBodyRightsModel.Name, fromBodyRightsModel.DataDictionary); messages.Add(new Message(MessageTypeEnum.Info, 4007, new List <string>() { fromBodyRightsModel.Name })); return(Ok(messages)); }