/// <summary>
/// Save or update the list of records
/// </summary>
/// <param name="request">the request containing the entities</param>
/// <returns></returns>
public JarsUserResponse Any(StoreJarsUser request)
{
return(ExecuteFaultHandledMethod(() =>
{
IAuthRepository ssAuthRepo = ServiceStackHost.Instance.GetAuthRepository();
IUserAuth ssUser = ssAuthRepo.GetUserAuthByUserName(request.UserAccount.UserName);
if (ssUser == null && request.UserAccount.Id != 0)
{
throw HttpError.NotFound(request.UserAccount.UserName);
}
UserAuth newUserA = new UserAuth();
if (request.UserAccount.Id == 0)
{
newUserA.PopulateWith(request.UserAccount);
newUserA.LockedDate = DateTime.UtcNow;
newUserA.RecoveryToken = Guid.NewGuid().ToString("N");
ssUser = ssAuthRepo.CreateUserAuth(newUserA, "Password123");
//sendemailtouser
}
else
{
newUserA.PopulateWith(ssUser);
newUserA.PopulateWith(request.UserAccount);
ssAuthRepo.UpdateUserAuth(ssUser, newUserA);
}
//so the user should be updated here..
IJarsUserRepository repository = _DataRepositoryFactory.GetDataRepository <IJarsUserRepository>();
JarsUserResponse response = new JarsUserResponse();
if (request.UserAccount != null)
{
JarsUser dbUser = new JarsUser();
if (request.UserAccount.Id != 0)
{
dbUser = repository.GetById(request.UserAccount.Id, true);
}
else
{
dbUser.IsActive = false;
}
dbUser.PopulateWith(ssUser);
dbUser.Id = request.UserAccount.Id;
dbUser.Settings = request.UserAccount.Settings.ConvertAllTo <JarsSetting>().ToList();
dbUser = repository.CreateUpdate(dbUser, CurrentSessionUsername);
response.UserAccount = dbUser.ConvertTo <JarsUserDto>();
}
//else
// response.UserAccounts = repository.CreateUpdateList(request.UserAccounts).ToList();
return response;
}));
}
public override void OnSaveData()
{
if (dxValidator.Validate())
{
JarsUser saveObject = defaultBindingSource.Current as JarsUser;
ApplyPermissionsToUser(saveObject);
StoreJarsUser store = new StoreJarsUser()
{
IsAppointment = false,
UserAccount = saveObject.ConvertTo <JarsUserDto>()
};
JarsUserResponse resp = ServiceClient.Post(store);
saveObject = resp.UserAccount.ConvertTo <JarsUser>();
base.OnSaveData();
ctr_txtUserName.Enabled = false;
}
}
//this is the only request that does not require admin role
public JarsUserResponse Any(GetJarsUser request)
{
if (request.EmailOrUserName.IsNullOrEmpty())
{
return(null);
}
var sessionUserName = Request.GetSession().UserName;
var sessionUserEmail = Request.GetSession().Email;
IAuthRepository ssAuthRepo = ServiceStackHost.Instance.GetAuthRepository();
IUserAuth ssUser = ssAuthRepo.GetUserAuthByUserName(request.EmailOrUserName);
if (ssUser == null)
{
throw HttpError.NotFound("User not found");
}
if (ssUser.LockedDate != null)
{
throw HttpError.Unauthorized("User account locked");
}
if (ssUser.Roles.Count == 0 || ssUser.Permissions.Count == 0)
{
IUserAuth newUserA = new UserAuth();
newUserA.PopulateWith(ssUser);
if (ssUser.Roles.Count == 0)
{
newUserA.Roles.Add("Guest");
}
if (ssUser.Permissions.Count == 0)
{
newUserA.Permissions.Add("ViewOnly");
}
ssUser = ssAuthRepo.UpdateUserAuth(ssUser, newUserA);
}
IJarsUserRepository repository = _DataRepositoryFactory.GetDataRepository <IJarsUserRepository>();
JarsUser acc = repository.Where(u => u.UserName == ssUser.UserName || u.Email == ssUser.Email, request.FetchEagerly).SingleOrDefault();
if (acc == null)
{
acc = ssUser.ConvertTo <JarsUser>();
acc.Id = 0;
acc = repository.CreateUpdate(acc, sessionUserName);
}
else
{
//we have to change the id because the 2 tables differ and id's wont match.
int accId = acc.Id;
acc.PopulateWith(ssUser);
acc.Id = accId;
acc = repository.CreateUpdate(acc, sessionUserName);
}
JarsUserResponse response = new JarsUserResponse
{
UserAccount = acc.ConvertTo <JarsUserDto>()
};
//response.jarsUserAccount = FakeDataHelper.FakeUserAccount;
return(response);
}
private void Auth_and_Assign_Roles_To_Win_Principal()
{
var client = CreateClient();
var eventClient = CreateEventClient().Start();
//Authenticate
AuthenticateResponse authR = client.Post(new Authenticate {
UserName = "******", Password = "******", RememberMe = true
});
AuthenticateResponse evAuthR = eventClient.Authenticate(new Authenticate {
UserName = "******", Password = "******", RememberMe = true
});
//get the user from the database
JarsUserResponse juResp = client.Post(new GetJarsUser {
EmailOrUserName = authR.UserId
});
JarsUserResponse juEvResp = eventClient.ServiceClient.Get(new GetJarsUser {
EmailOrUserName = evAuthR.UserId
});
//assign user roles to the current windows user
//this is for single use validation
WindowsIdentity MySingleUseIdentity = WindowsIdentity.GetCurrent();
WindowsPrincipal MySingleUsePrincipal = new WindowsPrincipal(MySingleUseIdentity);
if (MySingleUsePrincipal.IsInRole(JarsRoles.Admin))
{
Assert.IsTrue(true);
}
//This is for repeated validation use, it sets the principal object on the app domain
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
WindowsPrincipal MyPrincipal = (WindowsPrincipal)Thread.CurrentPrincipal;
if (MyPrincipal.IsInRole(JarsRoles.Admin))
{
Assert.IsTrue(true);
}
//if (MyPrincipal.IsInRole(JarsRoles.JarsAdministrators))
// Assert.IsTrue(true);
//if (MyPrincipal.IsInRole(JarsRoles.JarsPowerUsers))
// Assert.IsTrue(true);
//if (MyPrincipal.IsInRole(JarsRoles.JarsUsers))
// Assert.IsTrue(true);
//Create a generic (non windows account related) Identity and principal
GenericIdentity MyGenericIdentity = new GenericIdentity("JarsUser");
String[] MyRolesArray = { "Manager", "Teller" };
GenericPrincipal MyGenericPrincipal = new GenericPrincipal(MyGenericIdentity, MyRolesArray);
//then we can attach it to the current thread (AppDomain?)
Thread.CurrentPrincipal = MyGenericPrincipal;
//or use the method below to add the roles of the windows user to the generic identity (as suggested by microsoft)
GenericPrincipal genWinBasePrincipal = GetGenericPrincipalFromWindowsIdentity(MyRolesArray);
AppDomain.CurrentDomain.SetThreadPrincipal(genWinBasePrincipal);
}
