public ActionResult AddUserToRole(AddUserToRoleRequest req)
{
try
{
string roleName = req.roleName;
int userId = req.userId;
var cookie = HttpContext.Current.Request.Cookies["sid"];
if (cookie == null)
{
throw new WrongOrExpiredToken();
}
string token = HttpContext.Current.Request.Cookies["sid"].Value;
if (String.IsNullOrWhiteSpace(token))
{
throw new WrongOrExpiredToken();
}
UserInfoExtended info = _authProvider.AuthenticateByToken(token);
if (!info.Roles.Contains("ADMIN"))
{
throw new UnauthorizedAccessException("User has to be admin to perform this action.");
}
_mngr.AddUserToRole(roleName, userId);
_ctx.OutgoingResponse.StatusCode = HttpStatusCode.OK;
return(new ActionResult
{
Message = "User is added to specified role."
});
}
catch (UnauthorizedAccessException e)
{
var myf = new MyFault {
Details = e.Message
};
throw new WebFaultException <MyFault>(myf, HttpStatusCode.Unauthorized);
}
catch (SSOBaseException e)
{
var myf = new MyFault {
Details = e.Message
};
throw new WebFaultException <MyFault>(myf, e.StatusCode);
}
catch (Exception e)
{
var myf = new MyFault {
Details = "There has been an error while performing AddUserToRole action."
};
throw new WebFaultException <MyFault>(myf, HttpStatusCode.InternalServerError);
}
}
public ActionResult ChangePassword(ChangePasswordRequest pwModel)
{
try
{
var cookie = HttpContext.Current.Request.Cookies["sid"];
if (cookie == null)
{
throw new WrongOrExpiredToken();
}
string token = HttpContext.Current.Request.Cookies["sid"].Value;
if (String.IsNullOrWhiteSpace(token))
{
throw new WrongOrExpiredToken();
}
UserInfoExtended info = _authProvider.AuthenticateByToken(token);
if (!info.Roles.Contains("ADMIN"))
{
throw new UnauthorizedAccessException("User has to be admin to perform this action.");
}
_mngr.ChangePassword(pwModel);
return(new ActionResult
{
Message = "Password changed."
});
}
catch (UnauthorizedAccessException e)
{
var myf = new MyFault {
Details = e.Message
};
throw new WebFaultException <MyFault>(myf, HttpStatusCode.Unauthorized);
}
catch (SSOBaseException e)
{
var myf = new MyFault {
Details = e.Message
};
throw new WebFaultException <MyFault>(myf, e.StatusCode);
}
catch (Exception)
{
var myf = new MyFault {
Details = "There has been an error while changePassword action."
};
throw new WebFaultException <MyFault>(myf, HttpStatusCode.InternalServerError);
}
}
public AuthResponse Auth()
{
try
{
var cookie = HttpContext.Current.Request.Cookies["sid"];
if (cookie == null)
{
throw new WrongOrExpiredToken();
}
string token = HttpContext.Current.Request.Cookies["sid"].Value;
if (String.IsNullOrWhiteSpace(token))
{
throw new WrongOrExpiredToken();
}
return(_identityMngr.Auth(token));
}
catch (WrongOrExpiredToken e)
{
// unset cookie
var current = HttpContext.Current.Request.Cookies["sid"];
if (current != null)
{
HttpContext.Current.Response.Cookies.Remove("sid");
current.Value = null;
current.Expires = DateTime.Now.AddDays(-10);
current.HttpOnly = true;
HttpContext.Current.Response.SetCookie(current);
}
var myf = new MyFault {
Details = e.Message
};
throw new WebFaultException <MyFault>(myf, e.StatusCode);
}
catch (SSOBaseException e)
{
var myf = new MyFault {
Details = e.Message
};
throw new WebFaultException <MyFault>(myf, e.StatusCode);
}
catch (Exception e)
{
var myf = new MyFault {
Details = "There has been an error in authorization process."
};
throw new WebFaultException <MyFault>(myf, HttpStatusCode.InternalServerError);
}
}
public AuthResponse Auth(string token)
{
try
{
return(_mngr.Auth(token));
}
catch (SSOBaseException e)
{
var myf = new MyFault {
Details = e.Message
};
throw new WebFaultException <MyFault>(myf, e.StatusCode);
}
catch (Exception)
{
var myf = new MyFault {
Details = "There has been an error in authorization process."
};
throw new WebFaultException <MyFault>(myf, HttpStatusCode.InternalServerError);
}
}
