private static bool ValidateManagerData(Employee employee, EmployeeCreationVM employeeVM, bool allow) { var valid = allow || employee.ManagerId == employeeVM.ManagerId; valid &= allow || (employee.EmploymentDate.Date.Equals(employeeVM.EmploymentDate)); return(valid); }
private static bool ValidateContactData(Employee employee, EmployeeCreationVM employeeVM, bool allow) { bool valid = true; valid &= allow || employee.PhoneNumber.Equals(employeeVM.PhoneNumber); valid &= allow || employee.ContactMail.Equals(employeeVM.ContactMail); valid &= employee.Email.Equals(employeeVM.Email); return(valid); }
private static bool ValidateProfileEdition(Employee consernedEmployee, EmployeeCreationVM employeeVM, bool allow) { bool valid = true; valid &= allow || (consernedEmployee.Title?.Equals(employeeVM.Title) ?? false); valid &= allow || (consernedEmployee.FirstName?.Equals(employeeVM.FirstName) ?? false); valid &= allow || (consernedEmployee.LastName?.Equals(employeeVM.LastName) ?? false); valid &= allow || (consernedEmployee.TaxRate?.Equals(employeeVM.TaxRate) ?? false); valid &= allow || (consernedEmployee.DateOfBirth.Date.Equals(employeeVM.DateOfBirth)); return(valid); }
private async Task <bool> ValidateInput(Employee consernedEmployee, EmployeeCreationVM employeeVM, EditionPermissions permission) { if (consernedEmployee == null || !permission.AllowEdition) { return(false); } bool inputValid = permission.AllowEdition; bool rolesListValid = await ValidateRoles(consernedEmployee, employeeVM, permission.AllowEditAccess); if (!rolesListValid) { ModelState.AddModelError("", _DataLocalizer["You not autorized to change the roles"]); } inputValid &= rolesListValid; bool profileValid = ValidateProfileEdition(consernedEmployee, employeeVM, permission.AllowEditProfile); if (!profileValid) { ModelState.AddModelError("", _DataLocalizer["You not autorized to edit profile data"]); } inputValid &= profileValid; bool contactsValid = ValidateContactData(consernedEmployee, employeeVM, permission.AllowEditContacts); if (!contactsValid) { ModelState.AddModelError("", _DataLocalizer["You not autorized to edit contacts data"]); } inputValid &= contactsValid; bool managerValid = ValidateManagerData(consernedEmployee, employeeVM, permission.AllowChangeManager); if (!managerValid) { ModelState.AddModelError("", _DataLocalizer["You not autorized to change your manager"]); } inputValid &= managerValid; bool companyValid = await ValidateCompanyData(consernedEmployee, employeeVM, permission.AllowChangeCompany); if (!companyValid) { ModelState.AddModelError("", _DataLocalizer["You not autorized to change your manager"]); } inputValid &= companyValid; return(inputValid); }
private async Task <bool> ValidateRoles(Employee employee, EmployeeCreationVM employeeVM, bool allow) { bool validRoles; UserRoles employeeRoles = await _UserManager.GetUserRolesAsync(employee); if (employeeVM.Roles == null || !employeeVM.RolesListEnabled) { return(true); } UserRoles employeeVmRoles = UserManagerExtensions.ToUserRoles(employeeVM.Roles); validRoles = allow || (employeeRoles == employeeVmRoles); if (validRoles) { validRoles |= allow && ((await ValidateAssignedRoles(employeeVmRoles, employee)) == employeeVmRoles); } return(validRoles); }
public async Task <IActionResult> CreateEmployee() { ReturnUrl = HttpContext.Request.Headers["Referer"]; var currentCredentials = await GetCurrentUserData(); var editionPermissions = await GetEditionPermission(null); if (!editionPermissions.AllowEdition) { ModelState.AddModelError("", _DataLocalizer["Action permitted only to administrators"]); return(Forbid()); } EmployeeCreationVM employeeCreationVM = new EmployeeCreationVM() { EmploymentDate = DateTime.Now, AcceptContract = false, ReturnUrl = Request.Headers["Referer"].ToString(), RolesList = await GetListAllowedRoles(), Roles = new List <string>() }; // if (currentCredentials.Item2?.CompanyId != null) { employeeCreationVM.CompanyId = currentCredentials.Item2.CompanyId; if (currentCredentials.Item2?.Company != null) { employeeCreationVM.Company = currentCredentials.Item2.Company; } else { employeeCreationVM.Company = await _UnitOfWork.Companies.FindAsync(x => x.Id == (int)employeeCreationVM.CompanyId); } } //Case when new employee created inside the company employeeCreationVM = await SetEmployeeCompanyAndManagerState(employeeCreationVM, editionPermissions); employeeCreationVM.RolesListEnabled = editionPermissions.AllowEditAccess; employeeCreationVM.RolesList = await GetListAllowedRoles(currentCredentials.Item3, self : editionPermissions.IsSelfEdition); ViewBag.Action = nameof(CreateEmployee); return(View(RegisterEmployeeView, employeeCreationVM)); }
public async Task <ActionResult> Details(string userId) { string returnUrl = HttpContext.Request.Headers["Referer"]; var currentUserData = await GetCurrentUserData(); if (currentUserData?.Item1 == null) { return(NotFound()); } if (String.IsNullOrWhiteSpace(userId)) { userId = currentUserData.Item1.Id; } if (currentUserData.Item1.Id.Equals(userId) || await _UserManager.IsCompanyPrivelegedUser(currentUserData.Item3) || ((currentUserData.Item3 & UserRoles.AppAdministrator) == UserRoles.AppAdministrator)) { Employee consernedEmployee; if (currentUserData.Item1.Id.Equals(userId)) { consernedEmployee = currentUserData.Item2 ?? null; } else { consernedEmployee = await _UnitOfWork.Employees.FindAsync(predicate : x => x.Id.Equals(userId) && x.CompanyId == currentUserData.Item2.CompanyId, includes : new System.Linq.Expressions.Expression <Func <Employee, object> >[] { x => x.Company, x => x.Manager }); } if (consernedEmployee == null) { return(NotFound(_DataLocalizer["Employee with id {0} was not found in your area of visibility", userId])); } ViewData["ReturnUrl"] = returnUrl; EmployeeCreationVM employeeCreationVM = _Mapper.Map <EmployeeCreationVM>(consernedEmployee); return(View(employeeCreationVM)); } else { return(Forbid(_DataLocalizer["You're not authorized to ask the details about id {0}", userId])); } }
private async Task <EmployeeCreationVM> PrepareEmployeeEditionViewModel(EmployeeCreationVM employeeCreationVM, Employee concernedEmployee, UserRoles concernedEmployeesRoles, EditionPermissions editionPermissions) { var currentUserData = await GetCurrentUserData(); if (editionPermissions == null) { editionPermissions = await GetEditionPermission(concernedEmployee); } employeeCreationVM = await SetEmployeeCompanyAndManagerState(employeeCreationVM, editionPermissions); employeeCreationVM.ProfileDataEnabled = editionPermissions.AllowEditProfile; employeeCreationVM.ContactDataEnabled = editionPermissions.AllowEditContacts; employeeCreationVM.RolesListEnabled = editionPermissions.AllowEditAccess; //!concernedEmployee.Id.Equals(currentUserData.Item1.Id); employeeCreationVM.RolesList = await GetListAllowedRoles(currentUserData.Item3); employeeCreationVM.Roles = UserManagerExtensions.FromUserRoles(concernedEmployeesRoles).ToList(); employeeCreationVM.ManagerEnabled = editionPermissions.AllowChangeManager; employeeCreationVM.CompanyEnabled = editionPermissions.AllowChangeCompany; return(employeeCreationVM); }
private async Task <bool> ValidateCompanyData(Employee consernedEmployee, EmployeeCreationVM employeeVM, bool allow) { bool result = allow || consernedEmployee.CompanyId == employeeVM.CompanyId; UserRoles consernedEmployeeRoles; if (employeeVM.Roles == null) { consernedEmployeeRoles = await _UserManager.GetUserRolesAsync(consernedEmployee); } else { consernedEmployeeRoles = UserManagerExtensions.ToUserRoles(employeeVM.Roles); } bool isAppAdministrator = (consernedEmployeeRoles & UserRoles.AppAdministrator) == UserRoles.AppAdministrator; if (!isAppAdministrator && employeeVM.CompanyId == default) { ModelState.AddModelError("", _DataLocalizer["Company is required for all employees who is not app administrator"]); return(false); } return(result || isAppAdministrator); }
public static string FormatEmployeeSNT(this EmployeeCreationVM employee) { return($"{employee.LastName.ToUpper()} {employee.FirstName}, {employee.Title}"); }
public async Task <IActionResult> UpdateEmployee(EmployeeCreationVM employeeCreationVM) { var consernedEmployee = await _UnitOfWork.Employees.FindAsync(x => x.Id.Equals(employeeCreationVM.Id), includes : new System.Linq.Expressions.Expression <Func <Employee, object> >[] { x => x.Company, x => x.Manager } ); if (consernedEmployee == null) { return(NotFound()); } employeeCreationVM.UserName = consernedEmployee.UserName; employeeCreationVM.Email = consernedEmployee.Email; var currentUserData = await GetCurrentUserData(); bool reviewUserRoles = currentUserData.Item3 > UserRoles.Employee; bool canEditUser = reviewUserRoles || employeeCreationVM.Id.Equals(currentUserData.Item1.Id); if (!canEditUser) { ModelState.AddModelError("", _DataLocalizer["You not autorized to edit this profile"]); } var permissions = await GetEditionPermission(consernedEmployee); bool validation = await ValidateInput(consernedEmployee, employeeCreationVM, permissions); if (ModelState.ErrorCount == 0 && validation) { //Reappliying company which was not changed if (!permissions.AllowChangeCompany) { employeeCreationVM.CompanyId = consernedEmployee.CompanyId; employeeCreationVM.Company = consernedEmployee.Company; } if (!permissions.AllowChangeManager) { employeeCreationVM.ManagerId = consernedEmployee.ManagerId; employeeCreationVM.Manager = _Mapper.Map <EmployeeCreationVM>(await _UnitOfWork.Employees.FindAsync(predicate: x => x.Id.Equals(employeeCreationVM.ManagerId))); } consernedEmployee = _Mapper.Map(employeeCreationVM, consernedEmployee); bool result = await _UnitOfWork.Employees.UpdateAsync(consernedEmployee); result &= await _UnitOfWork.Save(); if (!result) { ModelState.AddModelError("", _DataLocalizer["Unable to save user to repository"]); } else { result &= await UpdateUserRoles(consernedEmployee, employeeCreationVM.Roles); } if (currentUserData.Item3 <= UserRoles.Employee) { return(RedirectToAction("Index", "Home")); } else { return(RedirectToAction("Index")); } } else { @ViewBag.Action = nameof(UpdateEmployee); employeeCreationVM = await PrepareEmployeeEditionViewModel(employeeCreationVM : employeeCreationVM, concernedEmployee : consernedEmployee, concernedEmployeesRoles : await _UserManager.GetUserRolesAsync(consernedEmployee), editionPermissions : permissions); return(View(EditEmployeeView, employeeCreationVM)); } }
/// <summary> /// /// </summary> /// <param name="employeeCreationVM"></param> /// <param name="currentUserRoles"></param> /// <remarks> /// - Validate company - company must be enabled /// V - Validate compare with original employee if exists - in this case operation will fail /// V - Validate if editor who is not admin was unabled change the company, if company is not null /// - Validate manager from same company /// </remarks> /// <returns></returns> private async Task <bool> ValidateEmployeeCreationVMState(EmployeeCreationVM employeeCreationVM) { if (ModelState.ErrorCount > 0) { return(false); } var currentUserData = await GetCurrentUserData(); bool isCurrentUserIsAppAdmin = (currentUserData.Item3 & UserRoles.AppAdministrator) == UserRoles.AppAdministrator; bool isCurrentUserIsCompanyAdmin = (currentUserData.Item3 & (UserRoles.CompanyAdministrator | UserRoles.HRManager)) > 0; Employee potentialConsernedEmployee; if (!String.IsNullOrWhiteSpace(employeeCreationVM?.Id)) { potentialConsernedEmployee = await _UnitOfWork.Employees.FindAsync(x => x.Id.Equals(employeeCreationVM.Id)); } else { potentialConsernedEmployee = null; } int?companyId = (employeeCreationVM.CompanyId != null && employeeCreationVM.CompanyId > 0) ? employeeCreationVM.CompanyId : null; if (companyId != null) { if (!isCurrentUserIsAppAdmin && !(currentUserData.Item2?.CompanyId?.Equals(companyId) ?? false)) { ModelState.AddModelError("", _DataLocalizer["Only app admin can assign employee not from his company"]); } var company = await _UnitOfWork.Companies.FindAsync(x => x.Id == (int)companyId); if (!(company?.Active ?? false)) { ModelState.AddModelError("", _DataLocalizer["Company inactive or not found"]); } } if (!(isCurrentUserIsCompanyAdmin || isCurrentUserIsAppAdmin)) { ModelState.AddModelError("", _DataLocalizer["Action forbidden to not priveleged Employee"]); } if (companyId != null) { if (!string.IsNullOrWhiteSpace(employeeCreationVM.ManagerId)) { string managerId = employeeCreationVM.ManagerId; Employee manager = await _UnitOfWork.Employees.FindAsync(x => x.Id.Equals(managerId)); if (!(isCurrentUserIsCompanyAdmin || isCurrentUserIsAppAdmin)) { ModelState.AddModelError("", _DataLocalizer["You not allowed to assign manager"]); } if (manager == null) { ModelState.AddModelError("", _DataLocalizer["Manager not found"]); } else if (!manager.Id.Equals(managerId)) { ModelState.AddModelError("", _DataLocalizer["Manager nust be from same company as employee"]); } } } return(ModelState.ErrorCount == 0); }
//Todo: Review this section private async Task <EmployeeCreationVM> SetEmployeeCompanyAndManagerState(EmployeeCreationVM employeeCreationVM, EditionPermissions editionPermissions) { //Case when employee created by app admin var currentLoginData = await GetCurrentUserData(); var currentUserRoles = currentLoginData.Item3; var currentEmployee = currentLoginData.Item2; bool currentUserIsAppAdmin = (currentUserRoles & UserRoles.AppAdministrator) == UserRoles.AppAdministrator; bool currentUserIsCompanyPriveleged = (currentUserRoles & (UserRoles.CompanyAdministrator | UserRoles.HRManager)) > 0; employeeCreationVM.CompanyEnabled = editionPermissions.AllowChangeCompany; if (editionPermissions.AllowChangeCompany) { var companiesList = (await _UnitOfWork.Companies.WhereAsync(x => x.Active)) .Select(x => new SelectListItem(x.CompanyName, x.Id.ToString(), x.Id.Equals(employeeCreationVM?.CompanyId))).ToList(); companiesList.Insert(0, new SelectListItem(_DataLocalizer["Please select the company"], "0", true, true)); companiesList.Insert(1, new SelectListItem(_DataLocalizer["None"], String.Empty, true, !currentUserIsAppAdmin)); employeeCreationVM.Companies = companiesList; } else { if (currentEmployee?.CompanyId != null) { if (employeeCreationVM.CompanyId == null) { employeeCreationVM.CompanyId = currentEmployee.CompanyId; } if (employeeCreationVM.CompanyId != null) { if (currentEmployee?.Company != null) { employeeCreationVM.Company = currentEmployee.Company; } else { employeeCreationVM.Company = await _UnitOfWork.Companies.FindAsync(x => x.Id == (int)employeeCreationVM.CompanyId); } employeeCreationVM.Companies = new SelectListItem[] { new SelectListItem(employeeCreationVM.Company.CompanyName, employeeCreationVM.Company.Id.ToString(), true, true) }; } } } employeeCreationVM.ManagerEnabled = editionPermissions.AllowChangeManager; if (editionPermissions.AllowChangeManager) { var managers = await GetEmployeesByCompany(employeeCreationVM.CompanyId, employeeCreationVM.ManagerId); managers.Insert(0, new SelectListItem(_DataLocalizer["None"], null)); employeeCreationVM.Managers = managers; } else { if (employeeCreationVM?.Manager != null) { employeeCreationVM.Managers = new SelectListItem[] { new SelectListItem(employeeCreationVM.Manager.FormatEmployeeSNT(), employeeCreationVM.ManagerId, true, true) } } ; } return(employeeCreationVM); }
public async Task <IActionResult> CreateEmployee(EmployeeCreationVM employeeCreationVM) { string referer = employeeCreationVM.ReturnUrl; var currentPermissions = await GetEditionPermission(null); var currentUserData = await GetCurrentUserData(); //Validating access if (!ValidateCreationAccess(currentUserData.Item3)) { return(Forbid()); } //Validating duplicates await ValidateDuplicateMail(employeeCreationVM.Email); await ValidateDuplicateUserName(employeeCreationVM.UserName); //Validating contract ValidateContractAcceptence(employeeCreationVM.AcceptContract); //Validating is company and manager correctly assigned await ValidateEmployeeCreationVMState(employeeCreationVM); UserRoles employeeRoles = await ValidateAssignedRoles(UserManagerExtensions.ToUserRoles(employeeCreationVM.Roles), null); if (ModelState.ErrorCount > 0) { employeeCreationVM.RolesList = await GetListAllowedRoles(employeeRoles); } if (ModelState.ErrorCount == 0) { Employee employee = new Employee(); employeeCreationVM.Id = employee.Id; employee = (Employee)_Mapper.Map(employeeCreationVM, typeof(EmployeeCreationVM), typeof(Employee)); string password = _PasswordGenerator.GeneratePassword(); employee.LockoutEnabled = false; employee.EmailConfirmed = true; bool result = await _UnitOfWork.Employees.RegisterEmployeeAsync(_UserManager, employee, password); if (!result) { ModelState.AddModelError("", _DataLocalizer["Unabled to save employee into repository"]); } else { await SendMailWithCredentials(employee, password); } } //Validating user roles if (ModelState.ErrorCount == 0) { var employeeIdentityUser = await _UserManager.FindByEmailAsync(employeeCreationVM.Email); var newRoles = UserManagerExtensions.FromUserRoles(employeeRoles).ToList(); foreach (var role in newRoles) { var identityResult = await _UserManager.AddToRoleAsync(employeeIdentityUser, role); if (!identityResult.Succeeded) { ModelState.AddModelError("", _DataLocalizer["Unable to add this user to role {0}", role]); } } ; } if (ModelState.ErrorCount > 0) { employeeCreationVM = await SetEmployeeCompanyAndManagerState(employeeCreationVM, currentPermissions); employeeCreationVM.RolesListEnabled = currentPermissions.AllowEditAccess; employeeCreationVM.RolesList = await GetListAllowedRoles(currentUserData.Item3, self : currentPermissions.IsSelfEdition); ViewData["Referer"] = referer; ViewBag.Action = nameof(CreateEmployee); return(View(RegisterEmployeeView, employeeCreationVM)); } else { if (!String.IsNullOrEmpty(referer)) { return(Redirect(referer)); } else { return(RedirectToAction("Index", "Home")); } } }