public override async Task <ClaimsPrincipal> CreateAsync(TUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
var userId = await UserManager.GetUserIdAsync(user);
var userName = await UserManager.GetUserNameAsync(user);
var profile = await _userProfileService.GetProfileByUserIdAsync(userId);
var id = new ClaimsIdentity(
CookieAuthenticationDefaults.AuthenticationScheme,
Options.ClaimsIdentity.UserNameClaimType,
Options.ClaimsIdentity.RoleClaimType
);
id.AddClaim(new Claim(Options.ClaimsIdentity.UserIdClaimType, userId));
id.AddClaim(new Claim(Options.ClaimsIdentity.UserNameClaimType, userName));
if (UserManager.SupportsUserSecurityStamp)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType,
await UserManager.GetSecurityStampAsync(user)));
}
if (UserManager.SupportsUserRole)
{
var roles = await _claimsRepository.GetRolesAsync(user);
foreach (var roleName in roles)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.RoleClaimType, roleName));
}
}
ClaimsPrincipal principal = new ClaimsPrincipal(id);
if (principal.Identity is ClaimsIdentity)
{
ClaimsIdentity identity = (ClaimsIdentity)principal.Identity;
if (profile != null)
{
Claim displayNameClaim = new Claim("DisplayName", profile.FullName.AsFirstNameLastName);
if (!identity.HasClaim(displayNameClaim.Type, displayNameClaim.Value))
{
identity.AddClaim(displayNameClaim);
}
}
Claim emailClaim = new Claim(ClaimTypes.Email, user.Email);
if (!identity.HasClaim(emailClaim.Type, emailClaim.Value))
{
identity.AddClaim(emailClaim);
}
if (_usersService.IsUserInRole(user.Id, _usersService.AdminRoleId))
{
ClaimsLogic.AddSystemAdminClaims(id, userName, user.Id, "System Admin");
}
else if (_usersService.IsUserInRole(user.Id, _usersService.AffiliateRoleId))
{
ClaimsLogic.AddAffiliteClaims(id, userName,
user.Id, profile.FullName.AsFirstNameLastName);
}
else
{
var department = await _departmentsService.GetDepartmentForUserAsync(userName);
if (department == null)
{
return(null);
}
var group = await _departmentGroupsService.GetGroupForUserAsync(user.Id, department.DepartmentId);
var departmentAdmin = department.IsUserAnAdmin(user.Id);
var permissions = await _permissionsService.GetAllPermissionsForDepartmentAsync(department.DepartmentId);
var roles = await _personnelRolesService.GetRolesForUserAsync(user.Id, department.DepartmentId);
ClaimsLogic.AddDepartmentClaim(id, department.DepartmentId,
departmentAdmin);
//ClaimsLogic.DepartmentName = department.Name;
DateTime signupDate;
if (department.CreatedOn.HasValue)
{
signupDate = department.CreatedOn.Value;
}
else
{
signupDate = DateTime.UtcNow;
}
//ClaimsLogic.DepartmentId = department.DepartmentId;
var name = user.UserName;
if (profile != null && !String.IsNullOrWhiteSpace(profile.LastName))
{
name = profile.FullName.AsFirstNameLastName;
}
ClaimsLogic.AddGeneralClaims(id, userName,
user.Id, name, department.DepartmentId, department.Name, user.Email,
signupDate);
bool isGroupAdmin = false;
if (group != null)
{
isGroupAdmin = group.IsUserGroupAdmin(user.Id);
}
if (departmentAdmin)
{
var groups = await _departmentGroupsService.GetAllGroupsForDepartmentAsync(department.DepartmentId);
if (groups != null)
{
foreach (var departmentGroup in groups)
{
ClaimsLogic.AddGroupClaim(id, departmentGroup.DepartmentGroupId, true);
}
}
}
else
{
if (group != null)
{
ClaimsLogic.AddGroupClaim(id, group.DepartmentGroupId, isGroupAdmin);
}
}
ClaimsLogic.AddCallClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddActionClaims(id);
ClaimsLogic.AddLogClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddStaffingClaims(id);
ClaimsLogic.AddPersonnelClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddUnitClaims(id, departmentAdmin);
ClaimsLogic.AddUnitLogClaims(id);
ClaimsLogic.AddMessageClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddRoleClaims(id, departmentAdmin);
ClaimsLogic.AddProfileClaims(id);
ClaimsLogic.AddReportsClaims(id);
ClaimsLogic.AddGenericGroupClaims(id, departmentAdmin);
ClaimsLogic.AddDocumentsClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddNotesClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddScheduleClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddShiftClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddTrainingClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddPIIClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddInventoryClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddConnectClaims(id, departmentAdmin);
ClaimsLogic.AddCommandClaims(id, departmentAdmin);
ClaimsLogic.AddProtocolClaims(id, departmentAdmin);
}
}
return(principal);
}
public async Task <IActionResult> Index()
{
if (!ClaimsAuthorizationHelper.IsUserDepartmentAdmin())
{
Unauthorized();
}
var model = new PermissionsView();
var permissions = await _permissionsService.GetAllPermissionsForDepartmentAsync(DepartmentId);
int val = (int)PermissionTypes.AddPersonnel;
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.AddPersonnel))
{
model.AddUsers = permissions.First(x => x.PermissionType == (int)PermissionTypes.AddPersonnel).Action;
}
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.RemovePersonnel))
{
model.RemoveUsers = permissions.First(x => x.PermissionType == (int)PermissionTypes.RemovePersonnel).Action;
}
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CreateCall))
{
model.CreateCall = permissions.First(x => x.PermissionType == (int)PermissionTypes.CreateCall).Action;
}
else
{
model.CreateCall = 3;
}
var userAddPermissions = new List <dynamic>();
userAddPermissions.Add(new { Id = 0, Name = "Department Admins" });
userAddPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
model.AddUserPermissions = new SelectList(userAddPermissions, "Id", "Name");
var userDeletePermissions = new List <dynamic>();
userDeletePermissions.Add(new { Id = 0, Name = "Department Admins" });
userDeletePermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
model.RemoveUserPermissions = new SelectList(userDeletePermissions, "Id", "Name");
var createCallPermissions = new List <dynamic>();
createCallPermissions.Add(new { Id = 3, Name = "Everyone" });
createCallPermissions.Add(new { Id = 0, Name = "Department Admins" });
createCallPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
createCallPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.CreateCallPermissions = new SelectList(createCallPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CreateTraining))
{
model.CreateTraining = permissions.First(x => x.PermissionType == (int)PermissionTypes.CreateTraining).Action;
}
var createTrainingPermissions = new List <dynamic>();
createTrainingPermissions.Add(new { Id = 0, Name = "Department Admins" });
createTrainingPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
createTrainingPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.CreateTrainingPermissions = new SelectList(createTrainingPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CreateDocument))
{
model.CreateDocument = permissions.First(x => x.PermissionType == (int)PermissionTypes.CreateDocument).Action;
}
else
{
model.CreateDocument = 3;
}
var createDocumentPermissions = new List <dynamic>();
createDocumentPermissions.Add(new { Id = 3, Name = "Everyone" });
createDocumentPermissions.Add(new { Id = 0, Name = "Department Admins" });
createDocumentPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
createDocumentPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.CreateDocumentPermissions = new SelectList(createDocumentPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CreateCalendarEntry))
{
model.CreateCalendarEntry = permissions.First(x => x.PermissionType == (int)PermissionTypes.CreateCalendarEntry).Action;
}
else
{
model.CreateCalendarEntry = 3;
}
var createCalendarEntryPermissions = new List <dynamic>();
createCalendarEntryPermissions.Add(new { Id = 3, Name = "Everyone" });
createCalendarEntryPermissions.Add(new { Id = 0, Name = "Department Admins" });
createCalendarEntryPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
createCalendarEntryPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.CreateCalendarEntryPermissions = new SelectList(createCalendarEntryPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CreateNote))
{
model.CreateNote = permissions.First(x => x.PermissionType == (int)PermissionTypes.CreateNote).Action;
}
else
{
model.CreateNote = 3;
}
var createNotePermissions = new List <dynamic>();
createNotePermissions.Add(new { Id = 3, Name = "Everyone" });
createNotePermissions.Add(new { Id = 0, Name = "Department Admins" });
createNotePermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
createNotePermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.CreateNotePermissions = new SelectList(createNotePermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CreateLog))
{
model.CreateLog = permissions.First(x => x.PermissionType == (int)PermissionTypes.CreateLog).Action;
}
else
{
model.CreateLog = 3;
}
var createLogPermissions = new List <dynamic>();
createLogPermissions.Add(new { Id = 3, Name = "Everyone" });
createLogPermissions.Add(new { Id = 0, Name = "Department Admins" });
createLogPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
createLogPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.CreateLogPermissions = new SelectList(createLogPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CreateShift))
{
model.CreateShift = permissions.First(x => x.PermissionType == (int)PermissionTypes.CreateShift).Action;
}
var createShiftPermissions = new List <dynamic>();
createShiftPermissions.Add(new { Id = 0, Name = "Department Admins" });
createShiftPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
createShiftPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.CreateShiftPermissions = new SelectList(createShiftPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.ViewPersonalInfo))
{
model.ViewPersonalInfo = permissions.First(x => x.PermissionType == (int)PermissionTypes.ViewPersonalInfo).Action;
}
else
{
model.ViewPersonalInfo = 3;
}
var viewPersonalInfoPermissions = new List <dynamic>();
viewPersonalInfoPermissions.Add(new { Id = 3, Name = "Everyone" });
viewPersonalInfoPermissions.Add(new { Id = 0, Name = "Department Admins" });
viewPersonalInfoPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
viewPersonalInfoPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.ViewPersonalInfoPermissions = new SelectList(viewPersonalInfoPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.AdjustInventory))
{
model.AdjustInventory = permissions.First(x => x.PermissionType == (int)PermissionTypes.AdjustInventory).Action;
}
else
{
model.AdjustInventory = 3;
}
var adjustInventoryPermissions = new List <dynamic>();
adjustInventoryPermissions.Add(new { Id = 3, Name = "Everyone" });
adjustInventoryPermissions.Add(new { Id = 0, Name = "Department Admins" });
adjustInventoryPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
adjustInventoryPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.AdjustInventoryPermissions = new SelectList(adjustInventoryPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CanSeePersonnelLocations))
{
model.ViewPersonnelLocation = permissions.First(x => x.PermissionType == (int)PermissionTypes.CanSeePersonnelLocations).Action;
model.LockViewPersonneLocationToGroup = permissions.First(x => x.PermissionType == (int)PermissionTypes.CanSeePersonnelLocations).LockToGroup;
}
else
{
model.ViewPersonnelLocation = 3;
}
var viewPersonnelLocationPermissions = new List <dynamic>();
viewPersonnelLocationPermissions.Add(new { Id = 3, Name = "Everyone" });
viewPersonnelLocationPermissions.Add(new { Id = 0, Name = "Department Admins" });
viewPersonnelLocationPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
viewPersonnelLocationPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.ViewPersonnelLocationPermissions = new SelectList(viewPersonnelLocationPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CanSeeUnitLocations))
{
model.ViewUnitLocation = permissions.First(x => x.PermissionType == (int)PermissionTypes.CanSeeUnitLocations).Action;
model.LockViewUnitLocationToGroup = permissions.First(x => x.PermissionType == (int)PermissionTypes.CanSeeUnitLocations).LockToGroup;
}
else
{
model.ViewUnitLocation = 3;
}
var viewUnitLocationPermissions = new List <dynamic>();
viewUnitLocationPermissions.Add(new { Id = 3, Name = "Everyone" });
viewUnitLocationPermissions.Add(new { Id = 0, Name = "Department Admins" });
viewUnitLocationPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
viewUnitLocationPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.ViewUnitLocationPermissions = new SelectList(viewUnitLocationPermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.CreateMessage))
{
model.CreateMessage = permissions.First(x => x.PermissionType == (int)PermissionTypes.CreateMessage).Action;
}
else
{
model.CreateMessage = 3;
}
var createMessagePermissions = new List <dynamic>();
createMessagePermissions.Add(new { Id = 3, Name = "Everyone" });
createMessagePermissions.Add(new { Id = 0, Name = "Department Admins" });
createMessagePermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
createMessagePermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.CreateMessagePermissions = new SelectList(createMessagePermissions, "Id", "Name");
if (permissions.Any(x => x.PermissionType == (int)PermissionTypes.ViewGroupUsers))
{
model.ViewGroupsUsers = permissions.First(x => x.PermissionType == (int)PermissionTypes.ViewGroupUsers).Action;
}
else
{
model.ViewGroupsUsers = 3;
}
var viewGroupUsersPermissions = new List <dynamic>();
viewGroupUsersPermissions.Add(new { Id = 3, Name = "Everyone" });
viewGroupUsersPermissions.Add(new { Id = 0, Name = "Department Admins" });
viewGroupUsersPermissions.Add(new { Id = 1, Name = "Department and Group Admins" });
viewGroupUsersPermissions.Add(new { Id = 2, Name = "Department Admins and Select Roles" });
model.ViewGroupUsersPermissions = new SelectList(viewGroupUsersPermissions, "Id", "Name");
return(View(model));
}
