public async Task <IHttpActionResult> PutUserPrivilage(string id, UserPrivilage userPrivilage) { //Check the user is a Admin User var userId = User.Identity.GetUserId(); UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync(); if (userAclForAdmin.UserType != Admin) { return(BadRequest("Only Admin User can Change User Privilage")); } // Check if User exist if (!UserExists(id)) { BadRequest("User id is not valid"); } // Save edited Privilage UserPrivilage aUserPrivilage = await db.UserPrivilages.Where(x => x.UserId == id).SingleOrDefaultAsync(); aUserPrivilage.CanAddDocument = userPrivilage.CanAddDocument; aUserPrivilage.CanDeleteDocument = userPrivilage.CanDeleteDocument; aUserPrivilage.CanTagDocument = userPrivilage.CanTagDocument; await db.SaveChangesAsync(); return(Ok(aUserPrivilage)); }
public async Task <IHttpActionResult> PutACl(string id, UserACL userAcl) { //Check the user is a Admin User var userId = User.Identity.GetUserId(); UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync(); if (userAclForAdmin.UserType != Admin) { return(BadRequest("Only Admin User can Update User ACL")); } // Check if User exist if (!UserExists(id)) { BadRequest("User id is not valid"); } // Save edited AclType UserACL aUserAcl = await db.UserAcls.Where(x => x.UserId == id).SingleOrDefaultAsync(); aUserAcl.UserType = userAcl.UserType; await db.SaveChangesAsync(); return(Ok(aUserAcl)); }
public async Task <IHttpActionResult> GetACl(string id) { // Check if User exist if (!UserExists(id)) { BadRequest("User id is not valid"); } UserACL aUserAcl = await db.UserAcls.Where(x => x.UserId == id).SingleOrDefaultAsync(); return(Ok(aUserAcl)); }
public async Task <IHttpActionResult> GetUserInfo(string id) { //Check the user is a Admin User var userId = User.Identity.GetUserId(); UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync(); if (userAclForAdmin.UserType != Admin) { return(BadRequest("Only Admin User can Delete User")); } // Get the UserInfo var user = await(from u in db.Users join up in db.UserProfiles on u.Id equals up.UserId join uacl in db.UserAcls on u.Id equals uacl.UserId join c in db.Companies on u.CompanyId equals c.Id into cu from cInfo in cu.DefaultIfEmpty() where u.Id == id select new { u.Id, u.UserName, u.Email, u.PasswordHash, up.FirstName, up.LastName, uacl.UserType, CompanyName = cInfo.Name, ConmapyId = (int?)cInfo.Id, }).ToListAsync(); if (user == null) { return(NotFound()); } return(Ok(user)); }
public async Task <IHttpActionResult> DeleteUser(string id) { //Check the user is a Admin User var userId = User.Identity.GetUserId(); UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync(); if (userAclForAdmin.UserType != Admin) { return(BadRequest("Only Admin User can Delete User")); } // is id is valid if (!(db.Users.Any(x => x.Id == id))) { string message = "Invalid Id"; return(BadRequest(message)); } var user = await db.Users.Where(x => x.Id == id).SingleOrDefaultAsync(); var aUserProfile = await db.UserProfiles.Where(x => x.UserId == id).SingleOrDefaultAsync(); var aUserAcl = await db.UserAcls.Where(x => x.UserId == id).SingleOrDefaultAsync(); if (user == null) { return(NotFound()); } db.Users.Remove(user); db.UserAcls.Remove(aUserAcl); db.UserProfiles.Remove(aUserProfile); await db.SaveChangesAsync(); return(Ok("User is deleted")); }
public async Task <IHttpActionResult> GetSequencialRestricted(int id) { //Check the user is a Admin User var userId = User.Identity.GetUserId(); UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync(); if (userAclForAdmin.UserType != Admin) { return(BadRequest("Only Admin User can get Sequencial list")); } Document document = await db.Documents.FindAsync(id); if (document == null) { return(NotFound()); } // Get the SequencialList SequenceACL sequence = await db.SequenceAcls.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync(); return(Ok(sequence)); }
public async Task <IHttpActionResult> Register(RegisterBindingModel model) { UserACL aUserAcl = new UserACL(); UserProfile aUserProfile = new UserProfile(); UserPrivilage aUserPrivilage = new UserPrivilage(); if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (model.UserAclType == Normal || model.UserAclType == Manager) // (a) company must be valid for Manager and Normal user { if (!db.Companies.Any(x => x.Id == model.CompanyId)) { return(BadRequest("This CompanyId is not valid")); } } else { if (model.CompanyId != 0) { return(BadRequest("CompanyId Must be 0 for Admin User")); } } var user = new ApplicationUser() { UserName = model.UserName, Email = model.Email, CompanyId = model.CompanyId }; IdentityResult result = await UserManager.CreateAsync(user, model.Password); if (!result.Succeeded) { return(GetErrorResult(result)); } ApplicationUser aUser = await db.Users.Where(x => x.Email == user.Email).SingleOrDefaultAsync(); //get the UserId // Save UserACL aUserAcl.UserType = model.UserAclType; aUserAcl.UserId = aUser.Id; db.UserAcls.Add(aUserAcl); await db.SaveChangesAsync(); // save UserProfile aUserProfile.FirstName = model.FirstName; aUserProfile.LastName = model.LastName; aUserProfile.UserId = aUser.Id; db.UserProfiles.Add(aUserProfile); await db.SaveChangesAsync(); //Save UserPrivilage aUserPrivilage.CanAddDocument = model.CanAddDocument; aUserPrivilage.CanDeleteDocument = model.CanDeleteDocument; aUserPrivilage.CanTagDocument = model.CanTagDocument; aUserPrivilage.UserId = aUser.Id; db.UserPrivilages.Add(aUserPrivilage); await db.SaveChangesAsync(); return(Ok()); }
public async Task <IHttpActionResult> PutUpdateSequencialRestricted(int id, SequenceACL sequence) { //Check the user is a Admin User var userId = User.Identity.GetUserId(); UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync(); if (userAclForAdmin.UserType != Admin) { return(BadRequest("Only Admin User can Update Sequencial Restricted")); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Document document = await db.Documents.FindAsync(id); if (document == null) { return(NotFound()); } // Check Sequencial List is already created. var sequencialListToCheck = await db.SequenceAcls.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync(); if (sequencialListToCheck != null) { return(BadRequest("Sequencial list is already Exist.")); } // only sequence and present access is updated DocumentACL aDocumentAcl = await db.DocumentAcls.Where(x => x.DocumentId == id).SingleOrDefaultAsync(); SequenceACL aSequenceAcl = await db.SequenceAcls.Where(x => x.DocAclId == aDocumentAcl.Id).SingleOrDefaultAsync(); aSequenceAcl.Sequence = sequence.Sequence; aSequenceAcl.PresentAccess = sequence.PresentAccess; await db.SaveChangesAsync(); // change the DocAclType in DocumentAcl aDocumentAcl.DocAclType = 2; await db.SaveChangesAsync(); //// Check Document have a restricted sequence. //var restrictedListToCheck = await // db.Restricteds.Where(x => x.DocAclId == document.DocumentACLId).SingleOrDefaultAsync(); //if (restrictedListToCheck != null) //{ // db.Restricteds.Remove(restrictedListToCheck); // await db.SaveChangesAsync(); //} //Delete the Document from the DocumentUser Table... db.DocumentUsers.RemoveRange(db.DocumentUsers.Where(x => x.DocumentId == id)); await db.SaveChangesAsync(); // Add user To the DocumentUser Model List <string> userInTagList = sequence.Sequence.Split(',').ToList(); foreach (var userInList in userInTagList) { var len = userInList.Length; if (len != 36 && userInList[0] == 'g') { var groupId = Convert.ToInt64(userInList.Substring(1)); //Check the Group is Exist var groupIsExist = db.Groups.FindAsync(groupId); // Get all the user of the Group var groupUsers = await(from u in db.Users join ug in db.UserGroups on u.Id equals ug.UserId join g in db.Groups on ug.GroupId equals g.Id where g.Id == groupId select new { u.Id, u.UserName, u.Email, u.CompanyId, }).ToListAsync(); // Add User to the Document foreach (var userInGroup in groupUsers) { //check the user is already member of this Document var aDocumentUser = await db.DocumentUsers.Where(x => x.UserId == userInGroup.Id && x.DocumentId == document.Id).SingleOrDefaultAsync(); if (aDocumentUser == null) { DocumentUser documentUser = new DocumentUser(); documentUser.UserId = userInGroup.Id; documentUser.DocumentId = document.Id; db.DocumentUsers.Add(documentUser); await db.SaveChangesAsync(); } } } else { //check the user is already member of this Document var aDocumentUser = await db.DocumentUsers.Where(x => x.UserId == userInList && x.DocumentId == document.Id).SingleOrDefaultAsync(); if (aDocumentUser == null) { DocumentUser documentUser = new DocumentUser(); documentUser.UserId = userInList; documentUser.DocumentId = document.Id; db.DocumentUsers.Add(documentUser); await db.SaveChangesAsync(); } } } return(Ok(sequence)); }
public async Task <IHttpActionResult> PutCreateRestrictedSequence(int id, Restricted restricted) { //Check the user is a Admin User var userId = User.Identity.GetUserId(); UserACL userAclForAdmin = await db.UserAcls.Where(x => x.UserId == userId).SingleOrDefaultAsync(); if (userAclForAdmin.UserType != Admin) { return(BadRequest("Only Admin User can Update User ACL")); } //Check DocAcl and UserId is Given if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Document document = await db.Documents.FindAsync(id); if (document == null) { return(NotFound()); } // only List is updated DocumentACL aDocumentAcl = await db.DocumentAcls.Where(x => x.DocumentId == id).SingleOrDefaultAsync(); Restricted aRestricted = await db.Restricteds.Where(x => x.DocAclId == aDocumentAcl.Id).SingleOrDefaultAsync(); aRestricted.List = restricted.List; //db.Restricteds.Add(aRestricted); await db.SaveChangesAsync(); // change the DocAclType in DocumentAcl aDocumentAcl.DocAclType = 3; await db.SaveChangesAsync(); //Delete the Document from the DocumentUser Table... db.DocumentUsers.RemoveRange(db.DocumentUsers.Where(x => x.DocumentId == id)); await db.SaveChangesAsync(); // Add User to the Document List <string> userInTagList = aRestricted.List.Split(',').ToList(); foreach (var userInList in userInTagList) { var len = userInList.Length; if (len != 36 && userInList[0] == 'g') { var groupId = Convert.ToInt64(userInList.Substring(1)); //Check the Group is Exist var groupIsExist = await db.Groups.FindAsync(groupId); // Get all the user of the Group var groupUsers = await(from u in db.Users join ug in db.UserGroups on u.Id equals ug.UserId join g in db.Groups on ug.GroupId equals g.Id where g.Id == groupId select new { u.Id, u.UserName, u.Email, u.CompanyId, }).ToListAsync(); // Add User to the Document foreach (var userInGroup in groupUsers) { //check the user is already member of this Document var aDocumentUser = await db.DocumentUsers.Where(x => x.UserId == userInGroup.Id && x.DocumentId == document.Id).SingleOrDefaultAsync(); if (aDocumentUser == null) { DocumentUser documentUser = new DocumentUser(); documentUser.UserId = userInGroup.Id; documentUser.DocumentId = document.Id; db.DocumentUsers.Add(documentUser); await db.SaveChangesAsync(); } } } else { //check the user is already member of this Document var aDocumentUser = await db.DocumentUsers.Where(x => x.UserId == userInList && x.DocumentId == document.Id).SingleOrDefaultAsync(); if (aDocumentUser == null) { DocumentUser documentUser = new DocumentUser(); documentUser.UserId = userInList; documentUser.DocumentId = document.Id; db.DocumentUsers.Add(documentUser); await db.SaveChangesAsync(); } } } return(Ok(aRestricted)); }