private static async Task FillUserDataForStateAsync(FindUserData data, AdminFindUserState stateToFillDataFor, string actionButtonText, string actionToPostTo,
int roleIDWhichUsersToExclude = 0)
{
data.Roles = await SecurityGuiHelper.GetAllRolesAsync();
switch (stateToFillDataFor)
{
case AdminFindUserState.Start:
// no-op
break;
case AdminFindUserState.UsersFound:
data.FoundUsers = await UserGuiHelper.FindUsers(data.FilterOnRole, data.SelectedRoleID, data.FilterOnNickName, data.SpecifiedNickName,
data.FilterOnEmailAddress, data.SpecifiedEmailAddress, roleIDWhichUsersToExclude);
break;
case AdminFindUserState.FinalAction:
case AdminFindUserState.PostAction:
data.SelectedUsers = await UserGuiHelper.GetAllUsersInRangeAsync(data.SelectedUserIDs);
break;
default:
throw new ArgumentOutOfRangeException(nameof(stateToFillDataFor), stateToFillDataFor, null);
}
data.FindUserState = stateToFillDataFor;
data.ActionButtonText = actionButtonText;
data.ActionToPostTo = actionToPostTo;
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
if (!Page.IsPostBack)
{
// bind the Roles repeater to a dataview with all sections.
DataView rolesWithStatistics = SecurityGuiHelper.GetAllRolesWithStatisticsAsDataView();
rpRoles.DataSource = rolesWithStatistics;
rpRoles.DataBind();
}
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
_roleID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["RoleID"]);
if (!Page.IsPostBack)
{
// Get Role
RoleEntity role = SecurityGuiHelper.GetRole(_roleID);
_roleDescription = role.RoleDescription;
// bind the users listbox to an entitycollection with all users.
UserCollection users = UserGuiHelper.GetAllUsersNotInRole(_roleID);
lbxUsers.DataSource = users;
lbxUsers.DataTextField = "NickName";
lbxUsers.DataValueField = "UserID";
lbxUsers.DataBind();
}
}
public async Task <ActionResult> EditUserInfo_FinalAction(EditUserInfoData data)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement))
{
return(RedirectToAction("Index", "Home"));
}
data.UserTitles = await UserGuiHelper.GetAllUserTitlesAsync();
data.Roles = await SecurityGuiHelper.GetAllRolesAsync();
if (!ModelState.IsValid)
{
return(View("~/Views/Admin/EditUserInfo.cshtml", data));
}
data.Sanitize();
data.StripProtocolsFromUrls();
bool result = false;
var user = await UserGuiHelper.GetUserAsync(data.UserId);
if (user != null)
{
result = await UserManager.UpdateUserProfileAsync(data.UserId, data.DateOfBirth, data.EmailAddress, user.EmailAddressIsPublic ?? false, data.IconURL,
data.Location, data.Occupation, data.NewPassword, data.Signature, data.Website, data.UserTitleId,
user.AutoSubscribeToThread, user.DefaultNumberOfMessagesPerPage, data.IsBanned, data.RoleIDs);
}
data.InfoEdited = result;
return(View("~/Views/Admin/EditUserInfo.cshtml", data));
}
/// <summary>
/// Loads the anonymous user session data.
/// </summary>
public static void LoadAnonymousSessionData()
{
ForumRoleForumActionRightCollection forumActionRights = SecurityGuiHelper.GetForumsActionRightsForUser(0); // 0 is the the Anonymous userID.
// add user forums rights to the session object
AddForumsActionRights(forumActionRights);
}
/// <summary>
/// Loads the user and his rights and audits to the session object.
/// </summary>
/// <param name="user">The user to be added to the session.</param>
public static void LoadUserSessionData(UserEntity user)
{
// Adds the user object to session
AddUserObject(user);
ActionRightCollection systemActionRights = SecurityGuiHelper.GetSystemActionRightsForUser(user.UserID);
// add user system rights to the session object
AddSystemActionRights(systemActionRights);
AuditActionCollection auditActions = SecurityGuiHelper.GetAuditActionsForUser(user.UserID);
// add user audit actions to the session object
AddAuditActions(auditActions);
ForumRoleForumActionRightCollection forumActionRights = SecurityGuiHelper.GetForumsActionRightsForUser(user.UserID);
// add user forums rights to the session object
AddForumsActionRights(forumActionRights);
// set the last visit date.
if ((user.UserID > 0) && (user.LastVisitedDate.HasValue))
{
SessionAdapter.AddLastVisitDate(user.LastVisitedDate.Value, true);
}
else
{
SessionAdapter.AddLastVisitDate(DateTime.Now, true);
}
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
_roleID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["RoleID"]);
if (!Page.IsPostBack)
{
// get the role and show the description
RoleEntity role = SecurityGuiHelper.GetRole(_roleID);
if (!role.IsNew)
{
lblRoleDescription.Text = role.RoleDescription;
}
}
}
/// <summary>
/// Gets all IP bans cached in the cache.
/// </summary>
/// <param name="cache">The cache object this methods works on</param>
/// <returns>Dictionary with per range (key) a dictionary with all IP addresses as keys, with the segments falling into the range concatenated
/// to eachother with a '.'</returns>
public static async Task <Dictionary <int, Dictionary <string, IPBanEntity> > > GetAllIPBansAsync(this IMemoryCache cache)
{
var toReturn = cache.Get <Dictionary <int, Dictionary <string, IPBanEntity> > >(CacheKeys.AllIPBans);
if (toReturn == null)
{
// not there, store it.
var allIPBans = await SecurityGuiHelper.GetAllIPBansAsync();
toReturn = new Dictionary <int, Dictionary <string, IPBanEntity> >();
foreach (var currentIPBan in allIPBans)
{
Dictionary <string, IPBanEntity> ipAddresses = null;
if (!toReturn.TryGetValue(currentIPBan.Range, out ipAddresses))
{
// not there yet, add
ipAddresses = new Dictionary <string, IPBanEntity>();
toReturn.Add(currentIPBan.Range, ipAddresses);
}
// add ip address with segments in range to ipAddresses' key list.
var key = string.Empty;
switch (currentIPBan.Range)
{
case 8:
key = currentIPBan.IPSegment1.ToString();
break;
case 16:
key = String.Format("{0}.{1}", currentIPBan.IPSegment1, currentIPBan.IPSegment2);
break;
case 24:
key = String.Format("{0}.{1}.{2}", currentIPBan.IPSegment1, currentIPBan.IPSegment2, currentIPBan.IPSegment3);
break;
case 32:
key = String.Format("{0}.{1}.{2}.{3}", currentIPBan.IPSegment1, currentIPBan.IPSegment2, currentIPBan.IPSegment3, currentIPBan.IPSegment4);
break;
default:
// illegal range, ignore
continue;
}
if (!ipAddresses.ContainsKey(key))
{
ipAddresses.Add(key, currentIPBan);
}
}
// just store it in the cache without any dependency
cache.Set(CacheKeys.AllIPBans, toReturn);
}
return(toReturn);
}
private async Task <AddUsersToRoleData> CreateFilledAddUsersToRoleDataAsync(FindUserData userData, int roleID)
{
var selectedRole = await SecurityGuiHelper.GetRoleAsync(roleID);
return(new AddUsersToRoleData(userData)
{
SelectedRoleDescription = selectedRole?.RoleDescription ?? string.Empty, SelectedRoleID = selectedRole?.RoleID ?? 0
});
}
/// <summary>
/// Reads all actionrights for the current selected forum and shows these settings in the form
/// </summary>
private void ReflectCurrentActionRights()
{
ForumRoleForumActionRightCollection actionRights = SecurityGuiHelper.GetForumActionRightRolesFoForumRole(_roleID, _forumID);
foreach (ForumRoleForumActionRightEntity currentEntity in actionRights)
{
cblForumRights.Items.FindByValue(currentEntity.ActionRightID.ToString()).Selected = true;
}
}
/// <summary>
/// Gets all IP bans cached in the cache.
/// </summary>
/// <returns>Dictionary with per range (key) a dictionary with all IP addresses as keys, with the segments falling into the range concatenated
/// to eachother with a '.'</returns>
public static Dictionary <int, Dictionary <string, IPBanEntity> > GetAllIPBans()
{
Cache activeCache = HttpRuntime.Cache;
Dictionary <int, Dictionary <string, IPBanEntity> > toReturn = (Dictionary <int, Dictionary <string, IPBanEntity> >)activeCache[CacheKeys.AllIPBans];
if (toReturn == null)
{
// not there, store it.
IPBanCollection allIPBans = SecurityGuiHelper.GetAllIPBans(0, 0, false);
toReturn = new Dictionary <int, Dictionary <string, IPBanEntity> >();
foreach (IPBanEntity currentIPBan in allIPBans)
{
Dictionary <string, IPBanEntity> ipAddresses = null;
if (!toReturn.TryGetValue(currentIPBan.Range, out ipAddresses))
{
// not there yet, add
ipAddresses = new Dictionary <string, IPBanEntity>();
toReturn.Add(currentIPBan.Range, ipAddresses);
}
// add ip address with segments in range to ipAddresses' key list.
string key = string.Empty;
switch (currentIPBan.Range)
{
case 8:
key = currentIPBan.IPSegment1.ToString();
break;
case 16:
key = String.Format("{0}.{1}", currentIPBan.IPSegment1, currentIPBan.IPSegment2);
break;
case 24:
key = String.Format("{0}.{1}.{2}", currentIPBan.IPSegment1, currentIPBan.IPSegment2, currentIPBan.IPSegment3);
break;
case 32:
key = String.Format("{0}.{1}.{2}.{3}", currentIPBan.IPSegment1, currentIPBan.IPSegment2, currentIPBan.IPSegment3, currentIPBan.IPSegment4);
break;
default:
// illegal range, ignore
continue;
}
if (!ipAddresses.ContainsKey(key))
{
ipAddresses.Add(key, currentIPBan);
}
}
// just store it in the cache without any dependency
activeCache.Insert(CacheKeys.AllIPBans, toReturn);
}
return(toReturn);
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.SystemManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
if (!Page.IsPostBack)
{
// load the data into the dropdown boxes.
RoleCollection allRoles = SecurityGuiHelper.GetAllRoles();
cbxDefaultRoleNewUsers.DataSource = allRoles;
cbxDefaultRoleNewUsers.DataTextField = "RoleDescription";
cbxDefaultRoleNewUsers.DataValueField = "RoleID";
cbxDefaultRoleNewUsers.DataBind();
cbxAnonymousUserRole.DataSource = allRoles;
cbxAnonymousUserRole.DataTextField = "RoleDescription";
cbxAnonymousUserRole.DataValueField = "RoleID";
cbxAnonymousUserRole.DataBind();
UserTitleCollection userTitles = UserGuiHelper.GetAllUserTitles();
cbxDefaultUserTitleNewUsers.DataSource = userTitles;
cbxDefaultUserTitleNewUsers.DataTextField = "UserTitleDescription";
cbxDefaultUserTitleNewUsers.DataValueField = "UserTitleID";
cbxDefaultUserTitleNewUsers.DataBind();
// preselect the current values of the system parameters.
SystemDataEntity systemData = CacheManager.GetSystemData();
cbxDefaultRoleNewUsers.SelectedValue = systemData.DefaultRoleNewUser.ToString();
cbxAnonymousUserRole.SelectedValue = systemData.AnonymousRole.ToString();
cbxDefaultUserTitleNewUsers.SelectedValue = systemData.DefaultUserTitleNewUser.ToString();
tbxActiveThreadsThreshold.Text = systemData.HoursThresholdForActiveThreads.ToString();
tbxMinNumberOfNonStickyVisibleThreads.Text = systemData.MinNumberOfNonStickyVisibleThreads.ToString();
tbxMinNumberOfThreadsToFetch.Text = systemData.MinNumberOfThreadsToFetch.ToString();
tbxPageSizeInSearchResults.Text = systemData.PageSizeSearchResults.ToString();
chkSendReplyNotifications.Checked = systemData.SendReplyNotifications;
ViewState.Add("ID", systemData.ID);
}
}
/// <summary>
/// Reads all audit actions for the current selected role and shows these settings in the form
/// </summary>
private void ReflectCurrentAuditActions()
{
RoleAuditActionCollection roleAuditActions = SecurityGuiHelper.GetAllAuditActionsForRole(_roleID);
// check the checkboxes in the cblAuditActions list if the value matches an object in the collection
foreach (RoleAuditActionEntity roleAuditAction in roleAuditActions)
{
cblAuditActions.Items.FindByValue(roleAuditAction.AuditActionID.ToString()).Selected = true;
}
}
public async Task <ActionResult> GetActionRights(int roleId, int forumId)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.SecurityManagement))
{
return(RedirectToAction("Index", "Home"));
}
var forumActionRightRolesForForumRole = await SecurityGuiHelper.GetForumActionRightRolesForForumRoleAsync(roleId, forumId);
return(Ok(forumActionRightRolesForForumRole.Select(r => r.ActionRightID).ToList()));
}
public async Task <ActionResult <IEnumerable <SectionDto> > > GetIPBans()
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement))
{
return(RedirectToAction("Index", "Home"));
}
var ipBanDtos = await SecurityGuiHelper.GetAllIPBanDtosAsync();
return(Ok(ipBanDtos));
}
public async Task <ActionResult> EditUserInfo_UserSelected(ActionWithUserSearchData data, string submitAction)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement))
{
return(RedirectToAction("Index", "Home"));
}
if (submitAction == "SearchAgain")
{
return(await EditUserInfo());
}
if (submitAction != "PerformAction")
{
return(RedirectToAction("Index", "Home"));
}
if (data.FindUserData.SelectedUserIDs == null || data.FindUserData.SelectedUserIDs.Count <= 0)
{
return(await EditUserInfo_Find(data));
}
var user = await UserGuiHelper.GetUserAsync(data.FindUserData.SelectedUserIDs.FirstOrDefault());
if (user == null)
{
// not found
return(RedirectToAction("Index", "Home"));
}
var newData = new EditUserInfoData()
{
UserId = user.UserID,
EmailAddress = user.EmailAddress,
NickName = user.NickName,
DateOfBirth = user.DateOfBirth,
Occupation = user.Occupation ?? string.Empty,
Location = user.Location ?? string.Empty,
Signature = user.Signature ?? string.Empty,
Website = user.Website ?? string.Empty,
IconURL = user.IconURL ?? string.Empty,
UserTitleId = user.UserTitleID,
IPAddress = user.IPNumber,
LastVisitDate = user.LastVisitedDate.HasValue ? user.LastVisitedDate.Value.ToString("f") : "Never",
IsBanned = user.IsBanned,
RoleIDs = await SecurityGuiHelper.GetAllRoleIDsForUserAsync(user.UserID),
Roles = await SecurityGuiHelper.GetAllRolesAsync(),
UserTitles = await UserGuiHelper.GetAllUserTitlesAsync(),
};
newData.Sanitize();
return(View("~/Views/Admin/EditUserInfo.cshtml", newData));
}
public async Task <ActionResult> ManageUsersPerRole()
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.SecurityManagement))
{
return(RedirectToAction("Index", "Home"));
}
var data = new UsersInRolesData();
data.AvailableRoles = await SecurityGuiHelper.GetAllRolesAsync();
return(View("~/Views/Admin/ManageUsersPerRole.cshtml", data));
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
_roleID = 0;
if (!Page.IsPostBack)
{
// Get all roles
RoleCollection roles = SecurityGuiHelper.GetAllRoles();
cbxRoles.DataSource = roles;
cbxRoles.DataTextField = "RoleDescription";
cbxRoles.DataValueField = "RoleID";
cbxRoles.DataBind();
if (cbxRoles.Items.Count > 0)
{
cbxRoles.Items[0].Selected = true;
_roleID = HnDGeneralUtils.TryConvertToInt(cbxRoles.SelectedItem.Value);
}
// get the audit actions
AuditActionCollection auditActions = SecurityGuiHelper.GetAllAuditActions();
cblAuditActions.DataSource = auditActions;
cblAuditActions.DataTextField = "AuditActionDescription";
cblAuditActions.DataValueField = "AuditActionID";
cblAuditActions.DataBind();
// Reflect action rights for current selected forum for this role
ReflectCurrentAuditActions();
}
else
{
_roleID = HnDGeneralUtils.TryConvertToInt(cbxRoles.SelectedItem.Value);
}
}
/// <summary>
/// Loads the user and his rights and audits to the session object.
/// </summary>
/// <param name="session">The session the method works on</param>
/// <param name="user">The user to be added to the session.</param>
public static async Task LoadUserSessionDataAsync(this ISession session, UserEntity user)
{
session.AddUserObject(user);
session.AddSystemActionRights(await SecurityGuiHelper.GetSystemActionRightsForUserAsync(user.UserID));
session.AddAuditActions(await SecurityGuiHelper.GetAuditActionsForUserAsync(user.UserID));
session.AddForumsActionRights(await SecurityGuiHelper.GetForumsActionRightsForUserAsync(user.UserID));
if ((user.UserID > 0) && (user.LastVisitedDate.HasValue))
{
session.AddLastVisitDate(user.LastVisitedDate.Value);
}
else
{
session.AddLastVisitDate(DateTime.Now);
}
}
public async Task <ActionResult> SystemParameters()
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.SystemManagement))
{
return(RedirectToAction("Index", "Home"));
}
var data = new SystemParametersData()
{
AllRoles = await SecurityGuiHelper.GetAllRolesAsync(),
AllUserTitles = await UserGuiHelper.GetAllUserTitlesAsync(),
SystemData = await _cache.GetSystemDataAsync()
};
return(View("~/Views/Admin/SystemParameters.cshtml", data));
}
private void Page_Load(object sender, System.EventArgs e)
{
_description = "user";
if (_multiSelect)
{
_description = "users";
}
if (!Page.IsPostBack)
{
RoleCollection roles = SecurityGuiHelper.GetAllRoles();
cbxRoles.DataSource = roles;
cbxRoles.DataTextField = "RoleDescription";
cbxRoles.DataValueField = "RoleID";
cbxRoles.DataBind();
}
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
_roleID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["RoleID"]);
if (!Page.IsPostBack)
{
// get the role and show the description
RoleEntity role = SecurityGuiHelper.GetRole(_roleID);
if (role != null)
{
tbxRoleDescription.Text = role.RoleDescription;
}
// get the system rights
ActionRightCollection systemActionRights = SecurityGuiHelper.GetAllSystemActionRights();
cblSystemRights.DataSource = systemActionRights;
cblSystemRights.DataTextField = "ActionRightDescription";
cblSystemRights.DataValueField = "ActionRightID";
cblSystemRights.DataBind();
// get the action rights set for this role
RoleSystemActionRightCollection systemActionRightRoleCombinations = SecurityGuiHelper.GetSystemActionRightRolesForRole(_roleID);
// check the checkboxes in the cblSystemRights list if the value matches a row in the datatable
foreach (RoleSystemActionRightEntity currentEntity in systemActionRightRoleCombinations)
{
cblSystemRights.Items.FindByValue(currentEntity.ActionRightID.ToString()).Selected = true;
}
}
}
public async Task Invoke(HttpContext context)
{
var ipAddress = context.Connection.RemoteIpAddress;
if (_cache != null)
{
var ipBans = await _cache.GetAllIPBansAsync();
var matchingIPBan = SecurityGuiHelper.GetIPBanMatchingUserIPAddress(ipBans, HnDGeneralUtils.GetRemoteIPAddressAsIP4String(ipAddress));
if (matchingIPBan != null)
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.Redirect(ApplicationAdapter.GetVirtualRoot() + "banned.html");
}
}
await _next.Invoke(context);
}
public async Task <ActionResult> ManageRoleRights()
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.SecurityManagement))
{
return(RedirectToAction("Index", "Home"));
}
var allRoles = await SecurityGuiHelper.GetAllRolesAsync();
var roleId = allRoles.FirstOrDefault()?.RoleID ?? 0;
var allForumIds = await ForumGuiHelper.GetAllForumIdsAsync();
var forumId = allForumIds.FirstOrDefault();
return(await ManageRightsForForum(new ManageForumRoleRightsData()
{
RoleID = roleId, ForumID = forumId
}));
}
public async Task <ActionResult> ShowAuditInfoUser_UserSelected(ActionWithUserSearchData data, string submitAction, string filterAsString, string foundUserIds)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement))
{
return(RedirectToAction("Index", "Home"));
}
if (submitAction == "SearchAgain")
{
return(await ShowAuditInfoUser());
}
if (submitAction != "PerformAction")
{
return(RedirectToAction("Index", "Home"));
}
if (data.FindUserData.SelectedUserIDs == null || data.FindUserData.SelectedUserIDs.Count <= 0 || string.IsNullOrWhiteSpace(foundUserIds))
{
return(await ShowAuditInfoUser_Find(data));
}
int selectedUserId = data.FindUserData.SelectedUserIDs.FirstOrDefault();
var auditDataForView = new ShowAuditInfoUserData(data.FindUserData)
{
AuditData = await SecurityGuiHelper.GetAllAuditsForUserAsync(selectedUserId),
AuditedUser = await UserGuiHelper.GetUserAsync(selectedUserId)
};
data.FindUserData.OverrideFilterAsString(filterAsString);
// we'll keep the search form open so we can quickly view data of multiple users without searching again. This means we'll keep the finduserdata state
// as it is, as this is the end state of this action anyway.
data.FindUserData.ActionButtonText = "View audit info";
data.FindUserData.FindUserState = AdminFindUserState.UsersFound;
var userIDsFoundAsString = foundUserIds.Split(',');
var userIDsOfUsersToLoad = userIDsFoundAsString.Select(us => Convert.ToInt32(us)).ToList();
data.FindUserData.FoundUsers = await UserGuiHelper.GetUsersAsync(userIDsOfUsersToLoad);
return(View("~/Views/Admin/ShowAuditInfoUser.cshtml", auditDataForView));
}
private void Page_Load(object sender, System.EventArgs e)
{
if (!Page.IsPostBack)
{
string banComplainAddress = ApplicationAdapter.GetIPBanComplainEmailAddress();
lnkBanComplaintEmailAddress.Text = banComplainAddress;
lnkBanComplaintEmailAddress.NavigateUrl += banComplainAddress;
// get the set of IP-bans for the given IP address
string ipAddressUser = Request.UserHostAddress;
IPBanEntity matchingBan = SecurityGuiHelper.GetIPBanMatchingUserIPAddress(CacheManager.GetAllIPBans(), ipAddressUser);
if (matchingBan != null)
{
// has to match a ban
lblIPBanDate.Text = matchingBan.IPBanSetOn.ToString("dd-MMM-yyyy HH:mm:ss");
lblIPBanRange.Text = string.Format("{0}.{1}.{2}.{3} / {4}", matchingBan.IPSegment1, matchingBan.IPSegment2, matchingBan.IPSegment3,
matchingBan.IPSegment4, matchingBan.Range);
lblIPBanReason.Text = matchingBan.Reason;
}
}
}
public async Task <ActionResult> EditRole(int roleId)
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.SecurityManagement))
{
return(RedirectToAction("Index", "Home"));
}
var data = new AddEditRoleData {
RoleEdited = await SecurityGuiHelper.GetRoleAsync(roleId)
};
if (data.RoleEdited == null)
{
return(RedirectToRoute("ManageRoles"));
}
await FillAddEditRoleDataAsync(data);
data.SystemRightsSet = SecurityGuiHelper.GetAllSystemActionRightIDsForRole(roleId);
data.AuditActionsSet = SecurityGuiHelper.GetAllAuditActionIDsForRole(roleId);
return(View("~/Views/Admin/EditRole.cshtml", data));
}
/// <summary>
/// Handler for the selectclicked event of the finduser control.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void SelectClickedHandler(object sender, System.EventArgs e)
{
List <int> selectedUserIDs = userFinder.SelectedUserIDs;
if (selectedUserIDs.Count < 0)
{
// nothing selected, return
return;
}
// just use the first selected user
int selectedUserID = selectedUserIDs[0];
UserEntity user = UserGuiHelper.GetUser(selectedUserID);
lblUserName.Text = user.NickName;
AuditDataCoreCollection audits = SecurityGuiHelper.GetAllAuditsForUser(selectedUserID);
phAuditInfo.Visible = true;
rptAudits.DataSource = audits;
rptAudits.DataBind();
}
public async Task <ActionResult> ManageRightsForForum(ManageForumRoleRightsData data, string submitAction = "")
{
if (!this.HttpContext.Session.HasSystemActionRights() || !this.HttpContext.Session.HasSystemActionRight(ActionRights.SecurityManagement))
{
return(RedirectToAction("Index", "Home"));
}
data.AvailableRoles = await SecurityGuiHelper.GetAllRolesAsync();
data.AvailableActionRights = await SecurityGuiHelper.GetAllActionRightsApplybleToAForumAsync();
data.AvailableForums = await ForumGuiHelper.GetAllForumsWithSectionNamesAsync();
switch (submitAction)
{
case "save":
// save the data, then after this action, it'll reload the data and show it.
data.LastActionResult = await SecurityManager.SaveForumActionRightsForForumRoleAsync(data.ActionRightsSet, data.RoleID, data.ForumID)
? "Save successful"
: "Save failed";
break;
case "cancel":
return(RedirectToAction("Index", "Home"));
default:
// nothin'
break;
}
// postback which should simply fill in the data and show the form
var forumActionRightRolesForForumRole = await SecurityGuiHelper.GetForumActionRightRolesForForumRoleAsync(data.RoleID, data.ForumID);
data.ActionRightsSet = forumActionRightRolesForForumRole.Select(r => r.ActionRightID).ToList();
return(View("~/Views/Admin/ManageRightsPerForum.cshtml", data));
}
/// <summary>
/// Loads the anonymous user session data.
/// </summary>
/// <param name="session">The session the method works on</param>
public static async Task LoadAnonymousSessionDataAsync(this ISession session)
{
session.AddForumsActionRights(await SecurityGuiHelper.GetForumsActionRightsForUserAsync(0));
}
