public async Task <IActionResult> CreatePermission()
{
var team = await _context.Teams.SingleOrDefaultAsync(m => m.Slug == TeamSlug && m.IsActive);
if (team == null)
{
return(NotFound());
}
var roles = await _context.TeamRoles.ToListAsync();
var model = new CreateTeamPermissionViewModel
{
TeamName = team.Name,
Roles = roles
.Select(r => new SelectListItem(r.Name.Humanize(LetterCasing.Title), r.Id.ToString()))
.ToList()
};
return(View(model));
}
public async Task <IActionResult> CreatePermission(CreateTeamPermissionViewModel model)
{
var team = await _context.Teams.SingleOrDefaultAsync(m => m.Slug == TeamSlug && m.IsActive);
if (team == null)
{
return(NotFound());
}
// find possible user from db
var foundUser = await _context.Users.SingleOrDefaultAsync(a =>
a.CampusKerberos == model.UserLookup.ToLower() ||
a.NormalizedEmail == model.UserLookup.SafeToUpper());
// otherwise, create the user
if (foundUser == null)
{
// find user
Person user = null;
if (model.UserLookup.Contains("@"))
{
user = await _directorySearchService.GetByEmail(model.UserLookup.ToLower());
}
else
{
var directoryUser = await _directorySearchService.GetByKerberos(model.UserLookup.ToLower());
if (directoryUser != null && !directoryUser.IsInvalid)
{
user = directoryUser.Person;
}
}
// create user
if (user != null)
{
var userToCreate = new User
{
Email = user.Mail,
UserName = user.Mail,
CampusKerberos = user.Kerberos,
Name = user.FullName
};
var userPrincipal = new ClaimsPrincipal();
userPrincipal.AddIdentity(new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.NameIdentifier, userToCreate.CampusKerberos),
new Claim(ClaimTypes.Name, userToCreate.Name)
}));
var loginInfo = new ExternalLoginInfo(userPrincipal, "UCDavis", userToCreate.CampusKerberos, null);
var createResult = await _userManager.CreateAsync(userToCreate);
if (createResult.Succeeded)
{
await _userManager.AddLoginAsync(userToCreate, loginInfo);
foundUser = userToCreate;
}
}
}
ModelState.Clear();
TryValidateModel(model);
// find or create failed
if (foundUser == null)
{
ModelState.AddModelError("UserLookup", "User Not Found");
return(View(model));
}
// look for existing permissions
if (await _context.TeamPermissions.AnyAsync(a =>
a.TeamId == team.Id &&
a.UserId == foundUser.Id &&
a.RoleId == model.SelectedRole))
{
ModelState.AddModelError("UserLookup", "User with selected role already exists.");
return(View(model));
}
// check model
if (!ModelState.IsValid)
{
return(View(model));
}
// create permission and save it
var role = await _context.TeamRoles.SingleAsync(a => a.Id == model.SelectedRole);
var teamPermission = new TeamPermission
{
TeamId = team.Id,
Role = role,
UserId = foundUser.Id
};
_context.TeamPermissions.Add(teamPermission);
await _context.SaveChangesAsync();
// send user notification
try
{
await _emailService.SendNewTeamMemberNotice(team, foundUser, role);
}
catch (Exception ex)
{
Log.Error(ex, "New Member Notice email failed.");
}
return(RedirectToAction(nameof(Roles), new { team = team.Slug }));
}
