public void GetAllDepartments()
{
var departments = new DepartmentCollection {
new Department {
Title = "Title", DisplayOrder = 2, Type = DepartmentType.Public
}
};
_kayakoApiRequest.Setup(x => x.ExecuteGet <DepartmentCollection>(ApiBaseMethods.Departments)).Returns(departments);
var departmentsResult = _departmentController.GetDepartments();
_kayakoApiRequest.Verify(x => x.ExecuteGet <DepartmentCollection>(ApiBaseMethods.Departments));
Assert.That(departmentsResult, Is.EqualTo(departments));
}
/// <summary>
/// Attempts authentication through AD and then adds the user to the DB if they do not already exist with the
/// "Authorized User" role added as a default.
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns></returns>
public IUserDto Login(string username, string password)
{
AdUser adUser = new AdUser();
if (adUser.AuthenticateUser(username, password))
{
using (var context = new PrometheusContext())
{
//See if the user exists already
IUserDto user = null;
try
{
user = GetUser(adUser.UserGuid);
}
catch (Exception) { /* user does not exist */ }
if (user != null)
{
//If they existed retrun them
user.Name = GetDisplayName(user.AdGuid);
return(user);
}
else
{
//Otherwise add them with the authenticated role
var newUser = new UserDto {
AdGuid = adUser.UserGuid
};
//Get the role that is to be added to the user
var authenticatedRole = context.Roles.FirstOrDefault(x => x.Name == AuthorizedUserRoleName);
//get the user's department
var id = int.Parse(ConfigurationManager.AppSettings["GetDepartmentScriptId"]);
var scriptGuid = _departmentController.GetDepartmentScriptFromId(id);
string departmentName = _scriptExecutor.GetUserDepartment(newUser.AdGuid, scriptGuid);
if (string.IsNullOrEmpty(departmentName))
{
throw new Exception("Login failure: no department available for this account");
}
try
{
newUser.DepartmentId = (from d in _departmentController.GetDepartments(newUser.Id)
where d.Name == departmentName
select d.Id).FirstOrDefault();
if (newUser.DepartmentId < 1) //somewhere invalid departments are not getting thrown...
{
throw new Exception("Login failure: no department configured for this account");
}
}
catch (Exception)
{
throw new Exception("Login failure: no department configured for this account");
}
//Add them and their role to the database
var savedUser = context.Users.Add(ManualMapper.MapDtoToUser(newUser));
savedUser.Roles = new List <Role> {
authenticatedRole
};
context.SaveChanges();
newUser = (UserDto)ManualMapper.MapUserToDto(savedUser);
newUser.Department = new DepartmentDto {
Name = departmentName, Id = newUser.DepartmentId
}; //attach the department
newUser.Name = GetDisplayName(newUser.AdGuid); //Name resolution
return(newUser);
}
}
}
//failed login if there is no AD Authentication
return(new UserDto {
Name = "failed"
});
}
public ActionResult SaveUsers(ICollection <int> roleIds, ICollection <Guid> users, string submitButton)
{
if (submitButton == "Remove")
{
if (users != null)
{
List <UserDetailsModel> model = new List <UserDetailsModel>();
IAdSearch searcher = new AdSearch();
foreach (var user in users)
{
string displayName;
try
{
displayName = searcher.GetUserDisplayName(user);
}
catch (Exception)
{
displayName = "Name not found";
}
model.Add(new UserDetailsModel
{
UserDto = new UserDto {
AdGuid = user
},
DisplayName = displayName
});
}
return(View("ConfirmDeleteUsers", model));
}
}
if (users != null && roleIds != null && users.Any() && roleIds.Any())
{
foreach (var user in users)
{
IUserDto userDto = null; //the dto, user is just the guid
try
{
userDto = _userManager.GetUser(user);
}
catch (Exception)
{
/* user does not exist */
}
if (userDto == null) /* first add anyone new if not found above*/
{
UserDto newUser = new UserDto {
AdGuid = user
};
ScriptExecutor scriptExecutor = new ScriptExecutor();
ScriptFileController scriptController = new ScriptFileController();
try
{
var scriptGuid = scriptController.GetScript(UserId, ConfigHelper.GetDepartmentScriptId()).ScriptFile;
newUser.DepartmentId = (from d in _departmentController.GetDepartments(UserId)
where d.Name == scriptExecutor.GetUserDepartment(user, scriptGuid)
select d.Id).FirstOrDefault();
userDto = _userManager.ModifyUser(UserId, newUser, EntityModification.Create);
}
catch (Exception exception)
{
TempData["MessageType"] = WebMessageType.Failure;
TempData["Message"] = $"Failed to save adding a user, error: {exception.Message}";
return(RedirectToAction("ManageUsers"));
}
}
//Remove roles from the user where all the roleIds do not match the ID
foreach (var role in userDto.Roles.Where(x => roleIds.All(y => y != x.Id)))
{
try
{
/* useless is a lazy loading work around */
var useless = _userManager.RemoveRoleFromUsers(UserId, role, new List <IUserDto> {
userDto
});
foreach (var unused in useless)
{
/* do nothing */
}
}
catch (Exception)
{
/* ignore if user did not have role somehow */
}
}
//add roles
foreach (var roleId in roleIds)
{
try
{
var useless = _userManager.AddRolesToUser(UserId, userDto.Id, new List <IRoleDto> {
new RoleDto {
Id = roleId
}
});
foreach (var unused in useless)
{
/*do nothing */
} //lazy loading work around
}
catch (Exception exception)
{
TempData["MessageType"] = WebMessageType.Failure;
TempData["Message"] = $"Failed to save user changes, error: {exception.Message}";
return(RedirectToAction("ManageUsers"));
}
}
}
TempData["MessageType"] = WebMessageType.Success; //successful assumed now
TempData["Message"] = "Successfully saved users";
}
else
{
TempData["MessageType"] = WebMessageType.Info;
TempData["Message"] = "No changes made";
}
return(RedirectToAction("ManageUsers"));
}
