private UserDto CreateOrUpdateStaffProfile(string cmsUserName, string cmsRoles)
{
var staffProfile = GetStaffProfile(cmsUserName);
var roleIds = GetMappedRoleIds(cmsRoles);
if (staffProfile == null)
{
var request = new AddStaffProfileRequest
{
UserName = cmsUserName,
Password = Guid.NewGuid().ToString(),
FirstName = cmsUserName,
LastName = cmsUserName,
EmailAddress = cmsUserName + Core.Constants.Authentication.NoReplyEmailSuffix,
RoleIds = roleIds
};
ProcessRequest<AddStaffProfileResponse>(request);
}
else
{
var request = new UpdateStaffProfileRequest
{
Id = staffProfile.Id,
UserName = staffProfile.UserUserName,
FirstName = staffProfile.UserFirstName,
LastName = staffProfile.UserLastName,
EmailAddress = staffProfile.UserEmail,
RoleIds = roleIds
};
ProcessRequest<UpdateStaffProfileResponse>(request);
}
return GetUser(cmsUserName);
}
private static void UpdateUser(User user, UpdateStaffProfileRequest request)
{
user.UserName = request.UserName;
user.Email = request.EmailAddress;
user.NamePrefix = request.NamePrefix;
user.FirstName = request.FirstName;
user.MiddleName = request.MiddleName;
user.LastName = request.LastName;
user.NameSuffix = request.NameSuffix;
if (request.LastLoginDate.HasValue)
user.LastLoginDate = request.LastLoginDate;
}
private static void UpdateRoles(IEntityContext context, UpdateStaffProfileRequest request, StaffProfile staffProfile)
{
List<int> newRoleIds = null;
if (request.RoleIds != null)
{
newRoleIds = request.RoleIds.ToList();
EnsureStaffRoleAdded(context, newRoleIds);
}
if (newRoleIds != null)
{
var userRoleSet = context.EntitySet<UserRole>();
var existingRoleIds = staffProfile.User.UserRoles.Select(ur => ur.Role.Id).ToList();
foreach (var existingRoleId in existingRoleIds)
{
if (!newRoleIds.Contains(existingRoleId))
{
var existingUserRole = staffProfile.User.UserRoles.Single(ur => ur.Role.Id == existingRoleId);
staffProfile.User.UserRoles.Remove(existingUserRole);
userRoleSet.Remove(existingUserRole);
}
}
foreach (var newRoleId in newRoleIds)
{
if (!existingRoleIds.Contains(newRoleId))
{
var newRole = context.EntitySet<Role>().Find(newRoleId);
staffProfile.User.AddRole(newRole);
}
}
}
}
private static void UpdatePermissions(IEntityContext context, UpdateStaffProfileRequest request, StaffProfile staffProfile)
{
if (request.Permissions == null)
return;
var permissionSet = context.EntitySet<StaffProfileOrgUnitPermission>();
foreach (var staffProfileOrgUnit in staffProfile.StaffProfileOrgUnits)
{
var permissionsForOrgUnit = request.Permissions.Where(p => p.OrgUnitId == staffProfileOrgUnit.OrgUnitId);
if (!permissionsForOrgUnit.Any())
{
foreach (var permissionToRemove in staffProfileOrgUnit.StaffProfileOrgUnitPermissions.ToList())
{
permissionSet.Remove(permissionToRemove);
}
continue;
}
foreach (var existingPermission in staffProfileOrgUnit.StaffProfileOrgUnitPermissions.ToList())
{
if (!permissionsForOrgUnit.Select(p => p.StaffPermissionValue).Contains(existingPermission.StaffPermissionValue))
{
permissionSet.Remove(existingPermission);
}
else
{
var updatedPermission = permissionsForOrgUnit.Single(p => p.StaffPermissionValue == existingPermission.StaffPermissionValue);
existingPermission.IsGranted = updatedPermission.IsGranted;
existingPermission.AppliesToDescendants = updatedPermission.AppliesToDescendants;
}
}
var permissionsToAdd = permissionsForOrgUnit.Where(p => !staffProfileOrgUnit.StaffProfileOrgUnitPermissions.Select(ep => ep.StaffPermissionValue).Contains(p.StaffPermissionValue));
foreach (var newPermission in permissionsToAdd)
{
var staffProfileOrgUnitPermission = new StaffProfileOrgUnitPermission
{
AppliesToDescendants = newPermission.AppliesToDescendants,
IsGranted = newPermission.IsGranted,
StaffPermissionValue = newPermission.StaffPermissionValue
};
staffProfileOrgUnit.StaffProfileOrgUnitPermissions.Add(staffProfileOrgUnitPermission);
}
}
}
private static void UpdateOrgUnits(IEntityContext context, UpdateStaffProfileRequest request, StaffProfile staffProfile)
{
if (request.OrgUnitIds != null)
{
var staffProfileOrgUnitObjectSet = context.EntitySet<StaffProfileOrgUnit>();
var staffProfileOrgUnitPermissionsObjectSet = context.EntitySet<StaffProfileOrgUnitPermission>();
var existingOrgUnits = staffProfile.StaffProfileOrgUnits.ToList();
foreach (var orgUnit in existingOrgUnits)
{
if (!request.OrgUnitIds.Any(o => o == orgUnit.OrgUnitId))
{
var permissions = orgUnit.StaffProfileOrgUnitPermissions.ToList();
foreach (var permission in permissions)
{
orgUnit.StaffProfileOrgUnitPermissions.Remove(permission);
staffProfileOrgUnitPermissionsObjectSet.Remove(permission);
}
staffProfile.StaffProfileOrgUnits.Remove(orgUnit);
staffProfileOrgUnitObjectSet.Remove(orgUnit);
}
}
foreach (int id in request.OrgUnitIds)
{
if (!staffProfile.StaffProfileOrgUnits.Any(o => o.OrgUnitId == id))
{
staffProfile.StaffProfileOrgUnits.Add(new StaffProfileOrgUnit
{
OrgUnitId = id,
StaffProfileId = staffProfile.Id
});
}
}
}
}
/// <summary>
/// Updates the staff handler.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="response">The response.</param>
/// <returns></returns>
public UpdateStaffProfileResponse UpdateStaffHandler(UpdateStaffProfileRequest request, UpdateStaffProfileResponse response)
{
ValidateStaffProfile(request);
using (var context = _entityContextFactory.CreateEntityContext())
{
var staffProfiles = context.EntitySet<StaffProfile>();
var staffProfile = staffProfiles.Find(request.Id);
if (staffProfiles.Any(s => s.Id != request.Id && s.User.UserName.ToLower() == request.UserName.ToLower()))
throw new BusinessException("A staff user with the username (" + request.UserName + ") already exists");
if (staffProfiles.Any(s => s.Id != request.Id && s.User.Email.ToLower() == request.EmailAddress.ToLower()))
throw new BusinessException("A staff user with the email address (" + request.EmailAddress + ") already exists");
staffProfile.PrimaryOrgUnitId = request.PrimaryOrgUnitId;
staffProfile.Title = request.Title;
UpdateUser(staffProfile.User, request);
UpdateOrgUnits(context, request, staffProfile);
UpdatePermissions(context, request, staffProfile);
UpdateRoles(context, request, staffProfile);
context.SaveChanges();
if (!request.IsBulkUpdateMode)
{
// Update the org unit entity association data to reflect updated staff user
PublishOrgUnitAssociationsHelper.PublishOrgUnitEntityAssociations(context.ObjectContext, "StaffProfiles", staffProfile.Id);
}
if(!request.DisableCacheRefresh)
UpdateStaffPermissionsCache(staffProfile.UserId);
}
return response;
}