public ActionResult Index()
{
// Find the user and a list of roles
UserRolesHelper rolesHelper = new UserRolesHelper(db);
var user = db.Users.Find(User.Identity.GetUserId());
var userRoles = rolesHelper.ListUserRoles(user.Id);
var tickets = db.Tickets.Include(t => t.AssignedToUser).Include(t => t.OwnerUser).Include(t => t.Project).Include(t => t.TicketPriority).Include(t => t.TicketStatus).Include(t => t.TicketType);
if (userRoles.Contains("Admin"))
{
return View(tickets.ToList());
}
if (userRoles.Contains("Project Manager"))
{
return View(user.Projects.SelectMany(t => t.Tickets).ToList());
}
if (userRoles.Contains("Developer") && userRoles.Contains("Submitter"))
{
return View(tickets.Where(t => (t.AssignedToUserId == user.Id) || (t.OwnerUserId == user.Id)).ToList());
}
if (userRoles.Contains("Developer"))
{
return View(tickets.Where(t => t.AssignedToUserId == user.Id).ToList());
}
if (userRoles.Contains("Submitter"))
{
return View(tickets.Where(t => t.OwnerUserId == user.Id).ToList());
}
return RedirectToAction("Login", "Account");
}
public ActionResult EditUser(string id)
{
var user = db.Users.Find(id);
AdminUserViewModel AdminModel = new AdminUserViewModel();
UserRolesHelper helper = new UserRolesHelper(db);
var currentRoles = helper.ListUserRoles(id);
var absentRoles = helper.ListAbsentUserRoles(id);
AdminModel.AbsentRoles = new MultiSelectList(absentRoles);
AdminModel.Roles = new MultiSelectList(currentRoles);
AdminModel.User = user;
return View(AdminModel);
}
public ActionResult Index()
{
UserRolesHelper rolesHelper = new UserRolesHelper(db);
var user = db.Users.Find(User.Identity.GetUserId());
var userRoles = rolesHelper.ListUserRoles(user.Id);
if (userRoles.Contains("Admin"))
{
return View(db.Projects.ToList());
}
if (userRoles.Contains("Project Manager") || (userRoles.Contains("Developer")) || (userRoles.Contains("Submitter")))
{
return View(user.Projects.ToList());
}
return RedirectToAction("Index");
}
public ActionResult Create(int? id)
{
ViewBag.TicketId = id;
UserRolesHelper rolesHelper = new UserRolesHelper(db);
var user = db.Users.Find(User.Identity.GetUserId());
var userRoles = rolesHelper.ListUserRoles(user.Id);
Ticket ticket = db.Tickets.Find(id);
ViewBag.Author = user.DisplayName;
if (userRoles.Contains("Admin"))
{
return View();
}
if (userRoles.Contains("Project Manager"))
{
if (ticket.Project.ApplicationUsers.Contains(user))
{
return View();
}
}
if (userRoles.Contains("Developer"))
{
if (ticket.AssignedToUserId == user.Id)
{
return View();
}
}
if (userRoles.Contains("Submitter"))
{
if (ticket.OwnerUserId == user.Id)
{
return View();
}
}
return RedirectToAction("Login", "Account");
}
public ActionResult Details(int? id)
{
if (id == null)
{
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
//Find the user, roles, and ticket Id
UserRolesHelper rolesHelper = new UserRolesHelper(db);
var user = db.Users.Find(User.Identity.GetUserId());
var userRoles = rolesHelper.ListUserRoles(user.Id);
Ticket ticket = db.Tickets.Find(id);
if (ticket == null)
{
return HttpNotFound();
}
//Security for URL hacking
//If user is submitter or developer related to ticket, return that ticket
if (user.Id == ticket.AssignedToUserId || user.Id == ticket.OwnerUserId)
{
return View(ticket);
}
//if user is Admin, return the view
if (userRoles.Contains("Admin"))
{
return View(ticket);
}
if (userRoles.Contains("Project Manager"))
{
if (ticket.Project.ApplicationUsers.Contains(user))
{
return View(ticket);
}
}
if (userRoles.Contains("Developer") && userRoles.Contains("Submitter"))
{
if (ticket.AssignedToUserId == user.Id)
{
return View(ticket);
}
if (ticket.OwnerUserId == user.Id)
{
return View(ticket);
}
}
if (userRoles.Contains("Developer"))
{
if (ticket.AssignedToUserId == user.Id)
{
return View(ticket);
}
}
if (userRoles.Contains("Submitter"))
{
if (ticket.OwnerUserId == user.Id)
{
return View(ticket);
}
}
return RedirectToAction("Login", "Account");
}
public ActionResult Edit(int? id)
{
var user = db.Users.Find(User.Identity.GetUserId());
ProjectsHelper projectHelper = new ProjectsHelper(db);
UserRolesHelper rolesHelper = new UserRolesHelper(db);
var userRoles = rolesHelper.ListUserRoles(user.Id);
Ticket ticket = db.Tickets.Find(id);
if (id == null)
{
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
if (ticket == null)
{
return HttpNotFound();
}
//This line specifies the users that are in the role of Developer- only developers can be assigned to a ticket
ViewBag.AssignedToUserId = new SelectList(rolesHelper.UsersInRole("Developer"), "Id", "DisplayName", ticket.AssignedToUserId);
ViewBag.OwnerUserId = new SelectList(db.Users, "Id", "DisplayName", ticket.OwnerUserId);
//if User is assigned to project, then he can make a ticket for that project;
ViewBag.ProjectId = new SelectList(projectHelper.AssignedProjects(user.Id), "Id", "Title", ticket.ProjectId);
ViewBag.TicketPriorityId = new SelectList(db.TicketPriority, "Id", "Name", ticket.TicketPriorityId);
ViewBag.TicketStatusId = new SelectList(db.TicketStatus, "Id", "Name", ticket.TicketStatusId);
ViewBag.TicketTypeId = new SelectList(db.TicketType, "Id", "Name", ticket.TicketTypeId);
if (userRoles.Contains("Project Manager"))
{
if (ticket.Project.ApplicationUsers.Contains(user))
{
return View(ticket);
}
}
if (userRoles.Contains("Developer"))
{
if (ticket.AssignedToUserId == user.Id)
{
return View(ticket);
}
}
return RedirectToAction("Login", "Account");
}