public virtual async Task <BlogPost> CreateAsync( [NotNull] CmsUser author, [NotNull] Blog blog, [NotNull] string title, [NotNull] string slug, [CanBeNull] string shortDescription = null, [CanBeNull] string content = null) { Check.NotNull(author, nameof(author)); Check.NotNull(blog, nameof(blog)); Check.NotNullOrEmpty(title, nameof(title)); Check.NotNullOrEmpty(slug, nameof(slug)); await CheckBlogExistenceAsync(blog.Id); var blogPost = new BlogPost( GuidGenerator.Create(), blog.Id, author.Id, title, slug, shortDescription, content, CurrentTenant.Id ); await CheckSlugExistenceAsync(blog.Id, blogPost.Slug); return(blogPost); }
public async Task RemoveUserFromRolesAsync(CmsUser user, params string[] roleNames) { foreach (var role in roleNames) { await _manager.RemoveFromRoleAsync(user.Id, role); } }
public virtual async Task <Comment> CreateAsync([NotNull] CmsUser creator, [NotNull] string entityType, [NotNull] string entityId, [NotNull] string text, [CanBeNull] Guid?repliedCommentId = null) { Check.NotNull(creator, nameof(creator)); Check.NotNullOrWhiteSpace(entityType, nameof(entityType), CommentConsts.MaxEntityTypeLength); Check.NotNullOrWhiteSpace(entityId, nameof(entityId), CommentConsts.MaxEntityIdLength); Check.NotNullOrWhiteSpace(text, nameof(text), CommentConsts.MaxTextLength); if (!await DefinitionStore.IsDefinedAsync(entityType)) { throw new EntityNotCommentableException(entityType); } return(new Comment( GuidGenerator.Create(), entityType, entityId, text, repliedCommentId, creator.Id, CurrentTenant.Id)); }
private bool IsPasswordValid(CmsUser user, string password) { return(SimpleHash.VerifyHash(password, SimpleHash.Algorith.SHA512, user.Hash )); }
public async Task <bool> CreateAsync(UserViewModel model) { if (!_modelState.IsValid) { return(false); } var existingUser = await _users.GetUserByNameAsync(model.UserName); if (existingUser != null) { _modelState.AddModelError(string.Empty, "The user already exists!"); return(false); } if (string.IsNullOrWhiteSpace(model.NewPassword)) { _modelState.AddModelError(string.Empty, "You must type a password."); return(false); } var newUser = new CmsUser { DisplayName = model.DisplayName, Email = model.Email, UserName = model.UserName }; await _users.CreateAsync(newUser, model.NewPassword); await _users.AddUserToRoleAsync(newUser, model.SelectedRole); return(true); }
public async Task <ActionResult <CmsUser> > PostUser([FromBody] CmsUser user) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } try { var result = await _userManager.CreateAsync(user, user.PasswordHash); if (result == IdentityResult.Success) { result = await _userManager.AddToRoleAsync(user, "admin"); if (result != IdentityResult.Success) { return(BadRequest(result)); } } else { return(BadRequest(result)); } user = await _userManager.FindByEmailAsync(user.Email); return(CreatedAtAction("GetUser", new { id = user.Id }, user)); } catch (Exception ex) { _loggin.LogError($"Failed to create User: {ex}"); return(BadRequest("Failed Create User")); } }
public async Task <Rating> SetStarAsync(CmsUser user, string entityType, string entityId, short starCount) { var currentUserRating = await RatingRepository.GetCurrentUserRatingAsync(entityType, entityId, user.Id); if (currentUserRating != null) { currentUserRating.SetStarCount(starCount); return(await RatingRepository.UpdateAsync(currentUserRating)); } if (!await RatingDefinitionStore.IsDefinedAsync(entityType)) { throw new EntityCantHaveRatingException(entityType); } return(await RatingRepository.InsertAsync( new Rating( GuidGenerator.Create(), entityType, entityId, starCount, user.Id, CurrentTenant.Id ) )); }
public async Task <string> GenerateJwtAsync(CmsUser user) { var claims = new List <Claim> { new(ClaimTypes.NameIdentifier, user.Id), new(ClaimTypes.Email, user.Email), new(ClaimTypes.Name, user.FirstName), new(ClaimTypes.Surname, user.LastName) }; var isAdministrator = await _userManager.IsInRoleAsync(user, CmsUserRoles.AdminRole).ConfigureAwait(false); if (isAdministrator) { claims.Add(new Claim(ClaimTypes.Role, CmsUserRoles.AdminRole)); } var token = new JwtSecurityToken( claims: claims, expires: DateTime.UtcNow.AddDays(7), signingCredentials: new SigningCredentials(_appJwt.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var tokenHandler = new JwtSecurityTokenHandler(); var encryptedToken = tokenHandler.WriteToken(token); return(encryptedToken); }
public static async Task RegisterAdminAsync() { using (var users = new UserRepository()) { var user = await users.GetUserByNameAsync("admin"); if (user == null) { var adminUser = new CmsUser { UserName = "******", Email = "*****@*****.**", DisplayName = "Administartor" }; await users.CreateAsync(adminUser, "Passw0rd1234!"); } } using (var roles = new RoleRepository()) { if (roles.GetRoleByNameAsync("admin") == null) { await roles.CreateAsync(new IdentityRole("admin")); } if (roles.GetRoleByNameAsync("editor") == null) { await roles.CreateAsync(new IdentityRole("editor")); } if (roles.GetRoleByNameAsync("author") == null) { await roles.CreateAsync(new IdentityRole("author")); } } }
private static async Task SeedUsers(UserManager <CmsUser> userManager) { const string adminName = "admin"; var usr = await userManager.FindByNameAsync(adminName) .ConfigureAwait(false); if (usr == null) { var user = new CmsUser { UserName = adminName, Email = "*****@*****.**", FirstName = "admin", LastName = "admin" }; var result = await userManager.CreateAsync(user, "admin") .ConfigureAwait(false); if (result.Succeeded) { await userManager.AddToRoleAsync(user, CmsUserRoles.AdminRole) .ConfigureAwait(false); } } }
public static PermissionType NaviAccessMode(IDbContext db, CmsUser cmsUser, NaviNode navi) { PermissionType mode = PermissionType.Default; if (cmsUser != null && cmsUser.RoleId >= RoleType.Super) { mode = PermissionType.Admin; } else if (cmsUser != null && navi != null) { NaviNode currentNode = navi; while (currentNode != null) { NaviPermission pp = db.Set <NaviPermission>().SingleOrDefault( e => e.User.Id == cmsUser.Id && e.Section.Id == currentNode.Id); if (pp != null) { mode = pp.AccessMode; break; } currentNode = currentNode.Parent; } } return(mode); }
public static PermissionType PageAccessMode(IDbContext db, CmsUser cmsUser, CmsPage page) { PermissionType mode = PermissionType.Default; if (cmsUser != null && cmsUser.RoleId >= RoleType.Super) { //supervisor mode = PermissionType.Admin; } else if (cmsUser != null && page != null) { PagePermission pp = db.Set <PagePermission>().SingleOrDefault( e => e.User.Id == cmsUser.Id && e.Page.Id == page.Id); if (pp != null) { mode = pp.AccessMode; } else { mode = NaviAccessMode(db, cmsUser, page.NaviNode); } } // TODO: Add site specific access checking if (CmsHelper.Site == "fratalk" && page.Type.Title == "PAGE" && mode != PermissionType.Admin) { return(PermissionType.Default); } return(mode); }
public ActionResult Edit(CmsUser user, FormCollection forms) { user.Password = forms.Get("Password"); this.userService.Update(user); TempData["SuccessResult"] = "Account information was successfully saved"; return(RedirectToAction("Edit", "Accounts", new { id = user.Id })); }
public ActionResult Edit(CmsUser user, FormCollection forms) { user.Password = forms.Get("Password"); this.userService.Update(user); TempData["SuccessResult"] = "Account information was successfully saved"; return RedirectToAction("Edit", "Accounts", new {id = user.Id}); }
public void SetUp() { alex = new CmsUser(){Login = "******", Password = "******"}; var userData = new Mock<IUserData>(); userData.Setup(x => x.Login("alex", "password")).Returns(alex); UserService userService = new UserService(userData.Object); controller = new AccountController(userService); }
public ViewResult Manage(string id, string sectionId, string adName) { var allNodes = db.Set <NaviNode>().OrderBy(e => e.NodeName).ToList(); TreeBuilder tb = new TreeBuilder(allNodes); IEnumerable <SelectListItem> sections = tb.BuildTree(); ViewBag.AccessModes = AccessModes; IEnumerable <SelectListItem> users = db.Set <CmsUser>().OrderBy(e => e.UserName) .ToList().Select(e => new SelectListItem { Value = e.AdName, Text = e.UserName }); ViewBag.Users = users; //pre-selected information if (!String.IsNullOrWhiteSpace(sectionId)) { int sid = Convert.ToInt32(sectionId); NaviNode n = db.Set <NaviNode>().SingleOrDefault(e => e.Id == sid); if (n != null) { ViewBag.SectionId = sid; } } //current user role if (!String.IsNullOrWhiteSpace(id)) { int pageId = Convert.ToInt32(id); CmsPage p = db.Set <CmsPage>().SingleOrDefault(e => e.Id == pageId); if (p != null) { ViewBag.SectionId = p.NaviNode.Id; ViewBag.PageId = pageId; } } if (!String.IsNullOrWhiteSpace(adName)) { CmsUser u = db.Set <CmsUser>().SingleOrDefault(e => e.AdName == adName); if (u != null) { ViewBag.AdName = adName; } } ViewBag.RoleId = SecurityHelper.CurrentCmsUserRole(db); return(View(sections)); }
public ViewResult Edit(int?id) { if (null != id) { CmsUser user = this.userService.Load(id.Value); return(View(user)); } return(View(new CmsUser())); }
public CmsUserResult(CmsUser user) { UserID = user.UserID; UserName = user.UserName; FullName = string.IsNullOrEmpty(user.FullName) ? $"{user.FirstName} {user.MiddleName} {user.LastName}" : user.FullName; Email = user.Email; UserPrivilegeLevel = user.UserPrivilegeLevel; }
public CmsUser Login(string userName, string password) { CmsUser user = userData.Login(userName, password); if (null != user && IsPasswordValid(user, password)) { return(user); } return(null); }
private bool IsPasswordValid(string userName, string password) { CmsUser user = this.userService.Login(userName, password); if (null != user) { return(user.IsValid); } return(false); }
public static RoleType CurrentCmsUserRole(IDbContext db) { RoleType role = RoleType.Normal; CmsUser cmsUser = CurrentCmsUser(db); if (cmsUser != null) { role = cmsUser.RoleId; } return(role); }
public void SetUp() { alex = new CmsUser() { Login = "******", Password = "******" }; var userData = new Mock <IUserData>(); userData.Setup(x => x.Login("alex", "password")).Returns(alex); UserService userService = new UserService(userData.Object); controller = new AccountController(userService); }
public static CmsUser CurrentCmsUser(IDbContext db) { CmsUser cmsUser = null; if (HttpContext.Current.User != null) { IIdentity WinId = HttpContext.Current.User.Identity; WindowsIdentity wi = (WindowsIdentity)WinId; string accountName = wi.Name.ToLower(); cmsUser = db.Set <CmsUser>().SingleOrDefault(e => e.AdName == accountName); } return(cmsUser); }
private static async Task EnsureUser(UserManager <CmsUser> userManager, InitialUserInfo userInfo) { var user = await userManager.FindByNameAsync(userInfo.UserName); if (user == null) { user = new CmsUser { UserName = userInfo.UserName, Email = userInfo.Email, DisplayName = userInfo.DisplayName, EmailConfirmed = true }; await userManager.CreateAsync(user, userInfo.Password); } }
public CmsUserResult(CmsUser user) { UserID = user.UserID; UserName = user.UserName; if (string.IsNullOrEmpty(user.FullName)) { FullName = $"{user.FirstName} {user.MiddleName} {user.LastName}"; } else { FullName = user.FullName; } Email = user.Email; UserPrivilegeLevel = user.UserPrivilegeLevel; }
public async Task SeedAsync() { _ctx.Database.EnsureCreated(); IdentityRole role = await _roleManager.FindByNameAsync("admin"); if (role == null) { var roleResult = _roleManager.CreateAsync(new IdentityRole { Id = "admin", Name = "admin", NormalizedName = "admin", ConcurrencyStamp = DateTime.Now.Ticks.ToString() }); if (roleResult.Result != IdentityResult.Success) { throw new InvalidOperationException("Could not create new user role"); } } CmsUser user = await _userManager.FindByEmailAsync("*****@*****.**"); if (user == null) { user = new CmsUser { ApiUser = true, Email = "*****@*****.**", UserName = "******" }; var result = await _userManager.CreateAsync(user, "P@ssw0rd!"); if (result == IdentityResult.Success) { result = await _userManager.AddToRoleAsync(user, "admin"); if (result != IdentityResult.Success) { throw new InvalidOperationException("Could not add user to role"); } } else { throw new InvalidOperationException("Could not create new user in seeder"); } } }
public static bool IsSuperUser(CmsUser cmsUser) { bool isSuperUser = false; isSuperUser = cmsUser != null && cmsUser.RoleId >= RoleType.Super; //return isSuperUser; //if (HttpContext.Current.User != null) //{ // IIdentity WinId = HttpContext.Current.User.Identity; // WindowsIdentity wi = (WindowsIdentity)WinId; // string accountName = wi.Name.ToLower(); // CmsUser cmsUser = db.CmsUsers.SingleOrDefault(e => e.Id == accountName); // isSuperUser = cmsUser != null && cmsUser.RoleId >= 1; //if (!isSuperUser) //{ // //HashSet<string> groupNames = new HashSet<string>(); // if (!wi.IsAnonymous && wi.IsAuthenticated) // { // WindowsPrincipal user = new WindowsPrincipal(wi); // IdentityReferenceCollection irc = wi.Groups; // foreach (IdentityReference ir in irc) // { // //groupNames.Add(ir.Translate(typeof(NTAccount)).Value); // isSuperUser = superuserSet.Contains(ir.Translate(typeof(NTAccount)).Value); // if (isSuperUser) // { // break; // } // } // } //} //} return(isSuperUser); }
public ViewResult UserPermissions(string u) { ViewBag.RoleId = SecurityHelper.CurrentCmsUserRole(db); CmsUser user = db.Set <CmsUser>().SingleOrDefault(e => e.AdName == u); if (user == null) { ViewBag.Message = "User does not exist."; return(View("error")); } List <PagePermission> pp = db.Set <PagePermission>().Where(e => e.User.AdName == u).ToList(); List <NaviPermission> np = db.Set <NaviPermission>().Where(e => e.User.AdName == u).ToList(); ViewBag.Page = pp; ViewBag.Navi = np; ViewBag.User = user; return(View(user)); }
private void ClearPermissions(CmsUser user) { List <NaviPermission> naviPermissions = db.Set <NaviPermission>().Where(e => e.User.Id == user.Id).ToList(); foreach (NaviPermission np in naviPermissions) { db.Set <NaviPermission>().Remove(np); } List <PagePermission> PagePermissions = db.Set <PagePermission>().Where(e => e.User.Id == user.Id).ToList(); foreach (PagePermission pp in PagePermissions) { db.Set <PagePermission>().Remove(pp); } }
[CustomeAuthorizeForAjaxAndNonAjax(Roles = "RegisterNewCMSUser")] //This method is called using ajax requests so authorize it with the custome attribute we created for the logged in users with the appropriate role. public async Task <IActionResult> Register(RegisterViewModel model) { if (ModelState.IsValid) { //Create new user object as ApplicationUser instance, thensubmit it to AspNetUsers using UserManager. var user = new CmsUser { UserName = model.Email, Email = model.Email, DisplayName = model.DisplayName //AspNetUsers table has nearly 14 columns, we fill email and and password only. //others will be filled by microsoft if requierd. //Also, we added the column DisplayName, so we will fill it as well. }; // Store user data in AspNetUsers database table var result = await _userManager.CreateAsync(user, model.Password); //this will create a user, and assign true to "result" if creation is successful. //if creation is not successful, "result" will contain Errors array and description for each one. // If user is successfully created, sign-in the user using: if (result.Succeeded) { //After the successfull Create or Edit, we do not return a view because we already did the Create or Edit using Ajax request, //which means we did not reload the page, so return the _ViewAll.cshtml which has the html table, return it as serialized html in json file, to be rendered in Index.cshtml as a partial view: return(Json(new { isValid = true, html = SerializeHtmlElemtnsToString.RenderRazorViewToString(this, "_ViewAll", _userManager.Users) })); //return NotFound(); } //If result is not success, If there are any errors, add them to the ModelState object // which will be displayed by the validation summary tag helper foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } return(Json(new { isValid = false, html = SerializeHtmlElemtnsToString.RenderRazorViewToString(this, "Register", model) })); } //if the model submitted is not valid according to the Attriburtes in [] in the model file in Models folder: return(Json(new { isValid = false, html = SerializeHtmlElemtnsToString.RenderRazorViewToString(this, "Register", model) })); }
public ViewResult SingleUser(string username, string start, string end) { DateTime sDate = Convert.ToDateTime(start); DateTime eDate = Convert.ToDateTime(end); CmsUser user = _userRepo.GetAll().Single(e => e.AdName == username); var publishPages = _verPageRepo.GetAll() .Where(e => e.Published.CompareTo(sDate) >= 0 && e.Published.CompareTo(eDate) < 0 && e.PublishedBy == user.AdName) .Select(e => e.Title + ", " + e.Published).ToList(); var createPages = _pageRepo.GetAll() .Where(e => e.Created.CompareTo(sDate) >= 0 && e.Created.CompareTo(eDate) < 0 && e.CreatedBy == user.AdName) .Select(e => e.Title + ", " + e.Created).ToList(); ViewBag.UserName = user.UserName; ViewBag.PublishPages = publishPages; ViewBag.CreatePages = createPages; return(View()); }
public static void RegisterAdmin() { using (var context = new CmsContext()) using (var userStore = new UserStore <CmsUser>(context)) using (var userManager = new UserManager <CmsUser>(userStore)) { var user = userStore.FindByNameAsync("admin").Result; if (user == null) { var adminUser = new CmsUser { UserName = "******", Email = "*****@*****.**", DisplayName = "Administrator" }; userManager.Create(adminUser, "Passw0rd1234"); } } }
public void Save(CmsUser user) { base.Save(user); }