protected override bool AuthorizeCore(HttpContextBase httpContext)
{
if (httpContext == null)
{
throw new ArgumentNullException("httpContext");
}
String[] users = Users.Split(','); //取得輸入user清單
String[] roles = Roles.Split(','); //取得輸入role清單
if (!httpContext.User.Identity.IsAuthenticated) //判斷是否已驗證
{
return(false);
}
var rd = httpContext.Request.RequestContext.RouteData;
string Action = rd.GetRequiredString("action");
string Controller = rd.GetRequiredString("controller");
//string currentArea = rd.Values["area"] as string;
_signInManager = httpContext.GetOwinContext().Get <ApplicationSignInManager>();
//ApplicationSignInManager UserManager = new ApplicationSignInManager(_signInManager);
_UserService.UserName = httpContext.User.Identity.Name.ToString(); //登入的使用者帳號
AspNetUsers AspNetusers = _UserService.GetAspNetUserBySelectPramters();
//if (_MenuService.CheckRequestPage(AspNetusers.Id, Controller))
//{
//return false;
return(true);
//}
//else return false;
}
public async Task <ActionResult> SystemRolesMain(AspNetUsersDetailViewModel AspNetUsersModel, DataAction actions) //, DataAction actions)
//(FormCollection AspNetUsersModel,string guid) //,
{
bool boolResult = true; // 取決於導向頁面, True = 返回SystemRoles, False = 停在本頁
string thisUserID; //暫存 使用者ID
SystemRolesViewModel searchBlock = (SystemRolesViewModel)TempData["SystemRolesSelect"];
// KeepSelectBlock
SystemRolesKeepSelectBlock(searchBlock, actions);
// STEP 1. 前端驗證是否通過
if (ModelState.IsValid)
{
// STEP 2. 建立容器 user
var user = new ApplicationUser
{
UserName = AspNetUsersModel.UserName,
Email = AspNetUsersModel.Email,
PhoneNumber = AspNetUsersModel.PhoneNumber,
UpdateTime = AspNetUsersModel.UpdateTime,
CreateTime = AspNetUsersModel.CreateTime,
UpdateUser = SignInManagerId,
Status = true
};
if (actions == DataAction.Create)
{
#region STEP 3. 判斷動作, [新增]
user.CreateUser = SignInManagerId;
user.Id = Guid.NewGuid().ToString().ToUpper();
_UserService.UserName = user.UserName;
_UserService.UserEmail = user.Email;
// STEP 4. 該使用者資訊是否存在資料庫, null才可繼續建立
if (_UserService.GetAspNetUserBySelectPramters() == null)
{
var result = await UserManager.CreateAsync(user, AspNetUsersModel.Password);
if (result.Succeeded)
{
//建立使用者應要把 MenuTree 權限也寫入!
_UserService.CreateUserMenuTree(user.Id);
TempData["message"] = EnumHelper.GetEnumDescription(DataAction.CreateScuess);
thisUserID = user.Id;
// For more information on how to enable account confirmation and password reset please visit https://go.microsoft.com/fwlink/?LinkID=320771
// 傳送包含此連結的電子郵件
//string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
//var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
//await UserManager.SendEmailAsync(user.Id, "確認您的帳戶", "請按一下此連結確認您的帳戶 <a href=\"" + callbackUrl + "\">這裏</a>");
}
else
{
// 建立失敗, 回傳錯誤訊息
AddErrors(result);
boolResult = false;
}
}
else
{
// 建立失敗, 回傳錯誤訊息
CustomerIdentityError(EnumHelper.GetEnumDescription(DataAction.CreateFailReapet));
boolResult = false;
}
#endregion STEP 3. 判斷動作, [新增]
}
else if (actions == DataAction.Update)
{
#region STEP 3. 判斷動作, [更新]
if (!string.IsNullOrEmpty(AspNetUsersModel.Old_Password) &&
!string.IsNullOrEmpty(AspNetUsersModel.Password))
{
bool passwordIsEdit = false;
try
{
var checkPassword = UserManager.PasswordHasher.
VerifyHashedPassword(AspNetUsersModel.Password, AspNetUsersModel.Old_Password);
if (checkPassword != PasswordVerificationResult.Success)
{
passwordIsEdit = true;
}
}
catch
{
passwordIsEdit = true;
}
if (passwordIsEdit)
{
user.Id = AspNetUsersModel.Id;
// 變更密碼
var result = await UserManager.
ChangePasswordAsync(user.Id, AspNetUsersModel.Old_Password, AspNetUsersModel.Password);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
}
else
{
// 建立失敗, 回傳錯誤訊息
AddErrors(result);
boolResult = false;
}
}
else
{
// 建立失敗, 回傳錯誤訊息
CustomerIdentityError(EnumHelper.GetEnumDescription(DataAction.UpdateFail));
boolResult = false;
}
}
_UserService.AspNetUsersDetailViewModelUpdate(AspNetUsersModel, SignInManagerId);
//可以批次增加同時輸入很多個Table
_UserService.Save();
TempData["message"] = EnumHelper.GetEnumDescription(DataAction.UpdateScuess);
#endregion STEP 3. 判斷動作, [更新]
}
else
{
string ErrorMsg = "";
foreach (var items in ModelState.Values)
{
foreach (ModelError Erroritem in items.Errors)
{
ErrorMsg += Erroritem.ErrorMessage + " ";
}
}
CustomerIdentityError(ErrorMsg);
boolResult = false;
}
if (boolResult)
{
return(RedirectToAction("SystemRoles", new
{
ViewModel = searchBlock,
pages = searchBlock.page
}));
}
}
return(View(AspNetUsersModel));
}