public ActionResult Create()
{
Tipstaff.CPrincipal thisUser = (User as Tipstaff.CPrincipal);
UserAdminVM model = new UserAdminVM();
model.Roles = new SelectList(db.GetAllRoles(), "strength", "Detail");
return(View(model));
}
public ActionResult Edit(int id)
{
UserAdminVM model = new UserAdminVM();
Tipstaff.CPrincipal thisUser = (User as Tipstaff.CPrincipal);
model.User = db.GetUserByID(id);
model.Roles = new SelectList(db.GetAllRoles(), "strength", "Detail", model.User.RoleStrength);
return(View(model));
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
_isAuthorized = false;
UserAccessLevel = AccessLevel.Denied;
//check groups (strart with them for a bigger group target!)
using (TipstaffDB db = new TipstaffDB())
{
UserAccessLevel = (AccessLevel)db.UserAccessLevel(httpContext.User);
}
_isAuthorized = (UserAccessLevel > AccessLevel.Denied && UserAccessLevel >= MinimumRequiredAccessLevel);
IIdentity user = httpContext.User.Identity;
CPrincipal cPrincipal = new CPrincipal(user);
httpContext.User = cPrincipal;
return(_isAuthorized);
}
//
// GET: /Admin/Users/
public ActionResult Index()
{
Tipstaff.CPrincipal thisUser = (User as Tipstaff.CPrincipal);
IEnumerable <User> allUsers = db.GetAllUsers();
if (thisUser.AccessLevel == AccessLevel.SystemAdmin)
{
return(View(allUsers));
}
else
{
List <User> model = new List <User>();
foreach (User u in allUsers)
{
if (u.RoleStrength <= (int)thisUser.AccessLevel)
{
model.Add(u);
}
}
return(View(model));
}
}
