/// <summary> /// Save or update the list of records /// </summary> /// <param name="request">the request containing the entities</param> /// <returns></returns> public JarsUserResponse Any(StoreJarsUser request) { return(ExecuteFaultHandledMethod(() => { IAuthRepository ssAuthRepo = ServiceStackHost.Instance.GetAuthRepository(); IUserAuth ssUser = ssAuthRepo.GetUserAuthByUserName(request.UserAccount.UserName); if (ssUser == null && request.UserAccount.Id != 0) { throw HttpError.NotFound(request.UserAccount.UserName); } UserAuth newUserA = new UserAuth(); if (request.UserAccount.Id == 0) { newUserA.PopulateWith(request.UserAccount); newUserA.LockedDate = DateTime.UtcNow; newUserA.RecoveryToken = Guid.NewGuid().ToString("N"); ssUser = ssAuthRepo.CreateUserAuth(newUserA, "Password123"); //sendemailtouser } else { newUserA.PopulateWith(ssUser); newUserA.PopulateWith(request.UserAccount); ssAuthRepo.UpdateUserAuth(ssUser, newUserA); } //so the user should be updated here.. IJarsUserRepository repository = _DataRepositoryFactory.GetDataRepository <IJarsUserRepository>(); JarsUserResponse response = new JarsUserResponse(); if (request.UserAccount != null) { JarsUser dbUser = new JarsUser(); if (request.UserAccount.Id != 0) { dbUser = repository.GetById(request.UserAccount.Id, true); } else { dbUser.IsActive = false; } dbUser.PopulateWith(ssUser); dbUser.Id = request.UserAccount.Id; dbUser.Settings = request.UserAccount.Settings.ConvertAllTo <JarsSetting>().ToList(); dbUser = repository.CreateUpdate(dbUser, CurrentSessionUsername); response.UserAccount = dbUser.ConvertTo <JarsUserDto>(); } //else // response.UserAccounts = repository.CreateUpdateList(request.UserAccounts).ToList(); return response; })); }
public override void OnSaveData() { if (dxValidator.Validate()) { JarsUser saveObject = defaultBindingSource.Current as JarsUser; ApplyPermissionsToUser(saveObject); StoreJarsUser store = new StoreJarsUser() { IsAppointment = false, UserAccount = saveObject.ConvertTo <JarsUserDto>() }; JarsUserResponse resp = ServiceClient.Post(store); saveObject = resp.UserAccount.ConvertTo <JarsUser>(); base.OnSaveData(); ctr_txtUserName.Enabled = false; } }
//this is the only request that does not require admin role public JarsUserResponse Any(GetJarsUser request) { if (request.EmailOrUserName.IsNullOrEmpty()) { return(null); } var sessionUserName = Request.GetSession().UserName; var sessionUserEmail = Request.GetSession().Email; IAuthRepository ssAuthRepo = ServiceStackHost.Instance.GetAuthRepository(); IUserAuth ssUser = ssAuthRepo.GetUserAuthByUserName(request.EmailOrUserName); if (ssUser == null) { throw HttpError.NotFound("User not found"); } if (ssUser.LockedDate != null) { throw HttpError.Unauthorized("User account locked"); } if (ssUser.Roles.Count == 0 || ssUser.Permissions.Count == 0) { IUserAuth newUserA = new UserAuth(); newUserA.PopulateWith(ssUser); if (ssUser.Roles.Count == 0) { newUserA.Roles.Add("Guest"); } if (ssUser.Permissions.Count == 0) { newUserA.Permissions.Add("ViewOnly"); } ssUser = ssAuthRepo.UpdateUserAuth(ssUser, newUserA); } IJarsUserRepository repository = _DataRepositoryFactory.GetDataRepository <IJarsUserRepository>(); JarsUser acc = repository.Where(u => u.UserName == ssUser.UserName || u.Email == ssUser.Email, request.FetchEagerly).SingleOrDefault(); if (acc == null) { acc = ssUser.ConvertTo <JarsUser>(); acc.Id = 0; acc = repository.CreateUpdate(acc, sessionUserName); } else { //we have to change the id because the 2 tables differ and id's wont match. int accId = acc.Id; acc.PopulateWith(ssUser); acc.Id = accId; acc = repository.CreateUpdate(acc, sessionUserName); } JarsUserResponse response = new JarsUserResponse { UserAccount = acc.ConvertTo <JarsUserDto>() }; //response.jarsUserAccount = FakeDataHelper.FakeUserAccount; return(response); }
private void Auth_and_Assign_Roles_To_Win_Principal() { var client = CreateClient(); var eventClient = CreateEventClient().Start(); //Authenticate AuthenticateResponse authR = client.Post(new Authenticate { UserName = "******", Password = "******", RememberMe = true }); AuthenticateResponse evAuthR = eventClient.Authenticate(new Authenticate { UserName = "******", Password = "******", RememberMe = true }); //get the user from the database JarsUserResponse juResp = client.Post(new GetJarsUser { EmailOrUserName = authR.UserId }); JarsUserResponse juEvResp = eventClient.ServiceClient.Get(new GetJarsUser { EmailOrUserName = evAuthR.UserId }); //assign user roles to the current windows user //this is for single use validation WindowsIdentity MySingleUseIdentity = WindowsIdentity.GetCurrent(); WindowsPrincipal MySingleUsePrincipal = new WindowsPrincipal(MySingleUseIdentity); if (MySingleUsePrincipal.IsInRole(JarsRoles.Admin)) { Assert.IsTrue(true); } //This is for repeated validation use, it sets the principal object on the app domain AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); WindowsPrincipal MyPrincipal = (WindowsPrincipal)Thread.CurrentPrincipal; if (MyPrincipal.IsInRole(JarsRoles.Admin)) { Assert.IsTrue(true); } //if (MyPrincipal.IsInRole(JarsRoles.JarsAdministrators)) // Assert.IsTrue(true); //if (MyPrincipal.IsInRole(JarsRoles.JarsPowerUsers)) // Assert.IsTrue(true); //if (MyPrincipal.IsInRole(JarsRoles.JarsUsers)) // Assert.IsTrue(true); //Create a generic (non windows account related) Identity and principal GenericIdentity MyGenericIdentity = new GenericIdentity("JarsUser"); String[] MyRolesArray = { "Manager", "Teller" }; GenericPrincipal MyGenericPrincipal = new GenericPrincipal(MyGenericIdentity, MyRolesArray); //then we can attach it to the current thread (AppDomain?) Thread.CurrentPrincipal = MyGenericPrincipal; //or use the method below to add the roles of the windows user to the generic identity (as suggested by microsoft) GenericPrincipal genWinBasePrincipal = GetGenericPrincipalFromWindowsIdentity(MyRolesArray); AppDomain.CurrentDomain.SetThreadPrincipal(genWinBasePrincipal); }