/// <summary>
/// Count users.
/// </summary>
/// <param name="appContext"></param>
/// <param name="filters"></param>
/// <returns></returns>
public static async Task <int> Count(Services.WcmsAppContext appContext, Dictionary <string, object> filters)
{
DataSorting orderBy = DataSorting.Validation;
// Build the query...
var query = _GetQuery(appContext, filters, ref orderBy);
if (query == null)
{
return(0);
}
else
{
// Trace performance...
appContext?.AddPerfLog("UserAuthorizationHandler::Count::Query built");
// Execute the query...
int count = await query.CountAsync();
// Trace performance...
appContext?.AddPerfLog("UserAuthorizationHandler::Count::Query executed");
// Exit...
return(count);
}
}
/// <summary>
/// Execute the authorization middleware logic.
/// </summary>
/// <param name="context"></param>
/// <param name="appContext"></param>
/// <param name="hostEnvironment"></param>
/// <param name="authorizationService"></param>
/// <param name="loggerFactory"></param>
/// <returns></returns>
public async Task Invoke(HttpContext context,
Services.WcmsAppContext appContext,
IHostingEnvironment hostEnvironment,
IAuthorizationService authorizationService,
ILoggerFactory loggerFactory)
{
int init = 0;
bool adminPages = false;
bool needUser = false;
string virtualPath = null;
IFileInfo flInf = null;
var sw = new Stopwatch(); sw.Start();
// Checking....
if (context == null)
{
throw new Exception("Authorization failed: Invalid context!!!");
}
else if (appContext == null)
{
throw new Exception("Authorization failed: Invalid app context!!!");
}
else if (hostEnvironment == null ||
hostEnvironment.ContentRootPath == null)
{
throw new Exception("Authorization failed: Invalid app env!!!");
}
else if (authorizationService == null)
{
throw new Exception("Authorization failed: Invalid authz!!!");
}
else if ((virtualPath = context?.Request?.Path.Value) == null)
{
throw new Exception("Authorization failed: Invalid path!!!");
}
// Init...
ILogger log = loggerFactory?.CreateLogger(typeof(AuthorizationMiddleware).FullName);
// Manage redirection from old vieetpartage site...
#if TRUE
{
string redirection = VepUrlRedirection.Migrate(
Microsoft.AspNetCore.Http.Extensions.UriHelper.GetDisplayUrl(context?.Request));
if (redirection != null)
{
context.Response.Redirect(redirection, false);
return;
}
}
#endif
// Special cases where we don't need to initialize and check the access right...
if (virtualPath == "/Plaintext")
{
// Performance test cases...
await context.Response.WriteAsync("Ok\r\n");
// Trace performance and exit...
appContext?.AddPerfLog("AuthorizationMiddleware::Plaintext");
return;
}
#if DEBUG
//else if (virtualPath.Contains("ng2") == true)
//{
// // Allow common lib files...
// log?.LogInformation("Access granted to path \"{0}\": Lib files.", virtualPath);
// // Execute the next middleware...
// await _NextMiddleWare(appContext, "AuthorizationMiddleware::3.1", "AuthorizationMiddleware::3.1", context);
// return;
//}
#endif
else if (virtualPath.StartsWith(CRoute.RouteStaticFile_Lib) == true)
{
// Allow common lib files...
log?.LogInformation("Access granted to path \"{0}\": Lib files.", virtualPath);
// Execute the next middleware...
await _NextMiddleWare(appContext, "AuthorizationMiddleware::3.1", "AuthorizationMiddleware::3.1", context);
return;
}
else if (virtualPath.StartsWith($"{CRoute.RouteStaticFile_Admin}/assets") == true ||
virtualPath.StartsWith($"{CRoute.RouteStaticFile_Admin}/global") == true)
{
// Allow admin lib files...
log?.LogInformation("Access granted to path \"{0}\": Admin Lib files.", virtualPath);
// Execute the next middleware...
await _NextMiddleWare(appContext, "AuthorizationMiddleware::3.2", "AuthorizationMiddleware::3.2", context);
return;
}
else if (virtualPath.StartsWith($"{CRoute.RouteStaticFile_Theme}") == true)
{
// Allow theme files...
log?.LogInformation("Access granted to path \"{0}\": Theme files.", virtualPath);
// Execute the next middleware...
await _NextMiddleWare(appContext, "AuthorizationMiddleware::3.3", "AuthorizationMiddleware::3.3", context);
return;
}
else if (virtualPath.StartsWith("/jollyany") == true)
{
// Jollyany theme...
context.Request.Path = new PathString(virtualPath.Replace("/jollyany", $"{CRoute.RouteStaticFile_Theme}jollyany"));
// Allow theme files...
log?.LogInformation("Access granted to path \"{0}\": Theme files.", virtualPath);
// Execute the next middleware...
await _NextMiddleWare(appContext, "AuthorizationMiddleware::3.4", "AuthorizationMiddleware::3.4", context);
return;
}
// Route overwritting cases...
else if (virtualPath.StartsWith(CRoute.RouteStaticFile_Admin) == true)
{
// Admin area...
if (virtualPath == CRoute.RouteStaticFile_Admin)
{
// Redirect...
context.Response.Redirect($"{CRoute.RouteStaticFile_Admin}/");
appContext?.AddPerfLog("AuthorizationMiddleware::/admin");
return;
}
else if (virtualPath == $"{CRoute.RouteStaticFile_Admin}/")
{
needUser = true;
adminPages = true;
virtualPath += "index.html";
context.Request.Path = new PathString(virtualPath);
}
else if (virtualPath == $"{CRoute.RouteStaticFile_Admin}/index" ||
virtualPath == $"{CRoute.RouteStaticFile_Admin}/posts" ||
virtualPath == $"{CRoute.RouteStaticFile_Admin}/pages" ||
virtualPath == $"{CRoute.RouteStaticFile_Admin}/calendar" ||
virtualPath == $"{CRoute.RouteStaticFile_Admin}/users")
{
needUser = true;
adminPages = true;
virtualPath += ".html";
context.Request.Path = new PathString(virtualPath);
}
else
{
// Admin page not allowsed, redirect to admin error page...
log?.LogInformation("\"{0}\" not allowed, redirect to admin error page.", virtualPath);
virtualPath = $"{CRoute.RouteStaticFile_Admin}/error-404.html";
context.Request.Path = new PathString(virtualPath);
// Execute the next middleware...
await _NextMiddleWare(appContext, "AuthorizationMiddleware::3.1", "AuthorizationMiddleware::3.3", context);
return;
}
}
// Initialize the application the site context
// and check if the site can be view by the current user...
if ((init = await appContext.InitSiteAsync(context, authorizationService)) != 1)
{
// We failed to initialize the context...
if (init == 0)
{
// The site cannot be found.
log?.LogError("Site {0} cannot be found!!!", context.Request.Host);
_StopChain(appContext, "AuthorizationMiddleware::40", context);
context.Response.StatusCode = 500;
await context.Response.WriteAsync($"Site {context.Request.Host} cannot be found!!!");
}
else if (init == 2)
{
// The region cannot be found.
log?.LogInformation("Region {0} cannot be found!!!", appContext.RouteRegionName);
_StopChain(appContext, "AuthorizationMiddleware::41", context);
context.Response.StatusCode = 500;
await context.Response.WriteAsync($"Region {appContext.RouteRegionName} cannot be found!!!");
}
else if (init == 3)
{
// The site module cannot be found.
log?.LogInformation("{0} module cannot be found!!!", appContext.RouteRegionName);
_StopChain(appContext, "AuthorizationMiddleware::44", context);
context.Response.StatusCode = 500;
await context.Response.WriteAsync($"{appContext.RouteRegionName} module cannot be found!!!");
}
else
{
// Access is not granted, redirect to login page...
if (context.Request.Path.Value.ToLower() == CRoute.RouteAccountLogin.ToLower())
{
// Here something failed because we should not have a redirection on the login page.
log?.LogCritical("Internal ERROR: Init failed for {0}!!!", context.Request.Path);
_StopChain(appContext, "AuthorizationMiddleware::42", context);
context.Response.StatusCode = 500;
await context.Response.WriteAsync($"Internal ERROR: Init failed for {context.Request.Path}!!!");
}
else
{
log?.LogInformation("Access denied to path \"{0}\": Redirect to {CRoute.RouteAccountLogin}.", virtualPath);
_StopChain(appContext, "AuthorizationMiddleware::43", context);
context.Response.StatusCode = 401;
//context.Response.Redirect(CRoute.RouteAccountLogin);
}
}
// Exit...
return;
}
// Check if we need a signed user...
else if (needUser == true &&
appContext.SignInManager.IsSignedIn(context.User) == false)
{
// Here the page need a signed user, but no user is signed in,
// so redirect to login page to authenticated the user...
log?.LogInformation("Access denied to path \"{0}\": A signed user is needed.", virtualPath);
if (adminPages == true)
{
//virtualPath = virtualPath.Replace(".html", string.Empty);
//context.Request.Path = new PathString(virtualPath);
context.Response.Redirect(CRoute.RouteAccountLogin);
}
else
{
context.Response.StatusCode = 401;
}
_StopChain(appContext, "AuthorizationMiddleware::6", context);
return;
}
// Check access to the true file system...
else if (((flInf = hostEnvironment?.WebRootFileProvider?.GetFileInfo(virtualPath))?.Exists ?? true) == true)
{
if (adminPages == true)
{
// Allow admin pages...
log?.LogInformation("Access granted to path \"{0}\": Admin pages.", virtualPath);
await _NextMiddleWare(appContext, "AuthorizationMiddleware::7.1", "AuthorizationMiddleware::7.2", context);
return;
}
// Virtual path should not refer to the true file system...Denied the access...
log?.LogInformation("Access denied to path \"{0}\": Access denied to the true FS.", virtualPath);
context.Response.StatusCode = 403;
_StopChain(appContext, "AuthorizationMiddleware::8", context);
return;
}
else
{
log?.LogInformation("flInf.PhysicalPath=\"{0}\".", flInf?.PhysicalPath);
// Create site path from the virtual path...
string sitePath = $"/{appContext.Site.Id}{virtualPath}";
// Is site path exist ?
if (((flInf = hostEnvironment?.WebRootFileProvider?.GetFileInfo(sitePath))?.Exists ?? false) == true)
{
// We have a site file, overwrite the path...
context.Request.Path = new PathString(sitePath);
// Check for root and libraries files (js libs, css, images and themes) of the site...
virtualPath = virtualPath.ToLower();
if (virtualPath == "/favicon.ico" ||
virtualPath == "/robots.txt" ||
virtualPath == "/podcast.xml" ||
virtualPath == "/logo.png" ||
virtualPath.StartsWith(CRoute.RouteStaticFile_Js) == true ||
virtualPath.StartsWith(CRoute.RouteStaticFile_Css) == true ||
virtualPath.StartsWith(CRoute.RouteStaticFile_Images) == true ||
virtualPath.StartsWith(CRoute.RouteStaticFile_Lib) == true ||
(virtualPath.StartsWith(CRoute.RouteStaticFile_Theme)) == true)
{
// Libraries are allowed...
log?.LogInformation("Access granted to path \"{0}\" (\"{1}\"): Site file public and common.", virtualPath, sitePath);
await _NextMiddleWare(appContext, "AuthorizationMiddleware::9.1", "AuthorizationMiddleware::9.2", context);
return;
}
// Check for post files...
else if (virtualPath.StartsWith(CRoute.RouteStaticFile_PostPub) == true)
{
// We have a post public file, allowed...
log?.LogInformation("Access granted to path \"{0}\": Access allowed to file from public post.", virtualPath);
await _NextMiddleWare(appContext, "AuthorizationMiddleware::10.1", "AuthorizationMiddleware::10.2", context);
return;
}
else if (virtualPath.StartsWith(CRoute.RouteStaticFile_Post) == true)
{
// We have a post private file, check access right...
int postId = 0;
Post post = null;
string[] folders = virtualPath.Split(_sep);
if (folders != null &&
folders.Length == 6 &&
int.TryParse(folders[4], out postId) == true &&
(post = await(new PostProvider(appContext))?.Get(postId)) != null)
{
// Here, the current user have read access to the post...
log?.LogInformation("Access granted to path \"{0}\": Access allowed.", virtualPath);
await _NextMiddleWare(appContext, "AuthorizationMiddleware::11.1", "AuthorizationMiddleware::11.2", context);
return;
}
}
// Other files are not allowed...
log?.LogInformation("Access denied to path \"{0}\": Not allowed.", virtualPath);
context.Response.StatusCode = 403;
_StopChain(appContext, "AuthorizationMiddleware::12", context);
return;
}
else
{
// This is not site file, let other middleware process the request...
log?.LogInformation("Let other middleware process \"{0} - {1}\".", virtualPath, flInf?.PhysicalPath);
await _NextMiddleWare(appContext, "AuthorizationMiddleware::13.1", "AuthorizationMiddleware::13.2", context);
return;
}
}
}
/// <summary>
/// Get pages.
/// </summary>
/// <param name="appContext"></param>
/// <param name="onlyInMenu"></param>
/// <param name="parent"></param>
/// <returns></returns>
public static async Task <IEnumerable <Page> > Get(Services.WcmsAppContext appContext, bool onlyInMenu, int?parent = null)
{
// Checking...
if ((appContext?.IsValid() ?? false) == false)
{
// Trace performance...
appContext?.AddPerfLog("PageAuthorizationHandler::Get::Invalid context");
return(null);
}
// User role and groups...
string userRole = appContext.User?.HigherRole() ?? null;
List <int> userGroupIds = appContext.User?.GroupsId();
bool haveGroup = (userGroupIds != null && userGroupIds.Count() != 0);
// Base query...
var query = appContext.AppDbContext.Pages?.Where(p => p.SiteId == appContext.Site.Id);
// Menu filter...
if (onlyInMenu == true)
{
query = query?.Where(p => p.PositionInNavigation != 0);
}
// Parent filter...
if (parent == null)
{
query = query?.Where(p => p.ParentId == null);
}
else if (parent != -1)
{
query = query?.Where(p => p.ParentId == parent.Value);
}
// Filtering based on the region...
if (appContext.Site.HasRegions == true && (appContext.Region?.Id ?? -1) != -1)
{
query = query?
.Where(p => p.Region1 == 0 || p.Region1 == appContext.Region.Id ||
p.Region2 == 0 || p.Region2 == appContext.Region.Id ||
p.Region3 == 0 || p.Region3 == appContext.Region.Id ||
p.Region4 == 0 || p.Region4 == appContext.Region.Id ||
p.Region5 == 0 || p.Region5 == appContext.Region.Id ||
p.Region6 == 0 || p.Region6 == appContext.Region.Id ||
p.Region7 == 0 || p.Region7 == appContext.Region.Id ||
p.Region8 == 0 || p.Region8 == appContext.Region.Id ||
p.Region9 == 0 || p.Region9 == appContext.Region.Id ||
p.Region10 == 0 || p.Region10 == appContext.Region.Id);
}
// Authorization filtering...
// Administrator and publicator have read rights on all pages of the same groups...
if ((userRole == ClaimValueRole.Administrator || userRole == ClaimValueRole.Publicator) &&
haveGroup == true)
{
query = query?
.Where(p => (p.Private == false ||
(p.Group1 != -1 && (appContext.User.Group1 == p.Group1 || appContext.User.Group2 == p.Group1 || appContext.User.Group3 == p.Group1 || appContext.User.Group4 == p.Group1 || appContext.User.Group5 == p.Group1 || appContext.User.Group6 == p.Group1 || appContext.User.Group7 == p.Group1 || appContext.User.Group8 == p.Group1 || appContext.User.Group9 == p.Group1 || appContext.User.Group10 == p.Group1)) ||
(p.Group2 != -1 && (appContext.User.Group1 == p.Group2 || appContext.User.Group2 == p.Group2 || appContext.User.Group3 == p.Group2 || appContext.User.Group4 == p.Group2 || appContext.User.Group5 == p.Group2 || appContext.User.Group6 == p.Group2 || appContext.User.Group7 == p.Group2 || appContext.User.Group8 == p.Group2 || appContext.User.Group9 == p.Group2 || appContext.User.Group10 == p.Group2)) ||
(p.Group3 != -1 && (appContext.User.Group1 == p.Group3 || appContext.User.Group2 == p.Group3 || appContext.User.Group3 == p.Group3 || appContext.User.Group4 == p.Group3 || appContext.User.Group5 == p.Group3 || appContext.User.Group6 == p.Group3 || appContext.User.Group7 == p.Group3 || appContext.User.Group8 == p.Group3 || appContext.User.Group9 == p.Group3 || appContext.User.Group10 == p.Group3)) ||
(p.Group4 != -1 && (appContext.User.Group1 == p.Group4 || appContext.User.Group2 == p.Group4 || appContext.User.Group3 == p.Group4 || appContext.User.Group4 == p.Group4 || appContext.User.Group5 == p.Group4 || appContext.User.Group6 == p.Group4 || appContext.User.Group7 == p.Group4 || appContext.User.Group8 == p.Group4 || appContext.User.Group9 == p.Group4 || appContext.User.Group10 == p.Group4)) ||
(p.Group5 != -1 && (appContext.User.Group1 == p.Group5 || appContext.User.Group2 == p.Group5 || appContext.User.Group3 == p.Group5 || appContext.User.Group4 == p.Group5 || appContext.User.Group5 == p.Group5 || appContext.User.Group6 == p.Group5 || appContext.User.Group7 == p.Group5 || appContext.User.Group8 == p.Group5 || appContext.User.Group9 == p.Group5 || appContext.User.Group10 == p.Group5)) ||
(p.Group6 != -1 && (appContext.User.Group1 == p.Group6 || appContext.User.Group2 == p.Group6 || appContext.User.Group3 == p.Group6 || appContext.User.Group4 == p.Group6 || appContext.User.Group5 == p.Group6 || appContext.User.Group6 == p.Group6 || appContext.User.Group7 == p.Group6 || appContext.User.Group8 == p.Group6 || appContext.User.Group9 == p.Group6 || appContext.User.Group10 == p.Group6)) ||
(p.Group7 != -1 && (appContext.User.Group1 == p.Group7 || appContext.User.Group2 == p.Group7 || appContext.User.Group3 == p.Group7 || appContext.User.Group4 == p.Group7 || appContext.User.Group5 == p.Group7 || appContext.User.Group6 == p.Group7 || appContext.User.Group7 == p.Group7 || appContext.User.Group8 == p.Group7 || appContext.User.Group9 == p.Group7 || appContext.User.Group10 == p.Group7)) ||
(p.Group8 != -1 && (appContext.User.Group1 == p.Group8 || appContext.User.Group2 == p.Group8 || appContext.User.Group3 == p.Group8 || appContext.User.Group4 == p.Group8 || appContext.User.Group5 == p.Group8 || appContext.User.Group6 == p.Group8 || appContext.User.Group7 == p.Group8 || appContext.User.Group8 == p.Group8 || appContext.User.Group9 == p.Group8 || appContext.User.Group10 == p.Group8)) ||
(p.Group9 != -1 && (appContext.User.Group1 == p.Group9 || appContext.User.Group2 == p.Group9 || appContext.User.Group3 == p.Group9 || appContext.User.Group4 == p.Group9 || appContext.User.Group5 == p.Group9 || appContext.User.Group6 == p.Group9 || appContext.User.Group7 == p.Group9 || appContext.User.Group8 == p.Group9 || appContext.User.Group9 == p.Group9 || appContext.User.Group10 == p.Group9)) ||
(p.Group10 != -1 && (appContext.User.Group1 == p.Group10 || appContext.User.Group2 == p.Group10 || appContext.User.Group3 == p.Group10 || appContext.User.Group4 == p.Group10 || appContext.User.Group5 == p.Group10 || appContext.User.Group6 == p.Group10 || appContext.User.Group7 == p.Group10 || appContext.User.Group8 == p.Group10 || appContext.User.Group9 == p.Group10 || appContext.User.Group10 == p.Group10))));
}
// Contributeur and reader can only read published page of the same groups...
else if ((userRole == ClaimValueRole.Contributor || userRole == ClaimValueRole.Reader) &&
haveGroup == true)
{
query = query?
.Where(p => p.State == State.Valided &&
(p.Private == false ||
(p.Group1 != -1 && (appContext.User.Group1 == p.Group1 || appContext.User.Group2 == p.Group1 || appContext.User.Group3 == p.Group1 || appContext.User.Group4 == p.Group1 || appContext.User.Group5 == p.Group1 || appContext.User.Group6 == p.Group1 || appContext.User.Group7 == p.Group1 || appContext.User.Group8 == p.Group1 || appContext.User.Group9 == p.Group1 || appContext.User.Group10 == p.Group1)) ||
(p.Group2 != -1 && (appContext.User.Group1 == p.Group2 || appContext.User.Group2 == p.Group2 || appContext.User.Group3 == p.Group2 || appContext.User.Group4 == p.Group2 || appContext.User.Group5 == p.Group2 || appContext.User.Group6 == p.Group2 || appContext.User.Group7 == p.Group2 || appContext.User.Group8 == p.Group2 || appContext.User.Group9 == p.Group2 || appContext.User.Group10 == p.Group2)) ||
(p.Group3 != -1 && (appContext.User.Group1 == p.Group3 || appContext.User.Group2 == p.Group3 || appContext.User.Group3 == p.Group3 || appContext.User.Group4 == p.Group3 || appContext.User.Group5 == p.Group3 || appContext.User.Group6 == p.Group3 || appContext.User.Group7 == p.Group3 || appContext.User.Group8 == p.Group3 || appContext.User.Group9 == p.Group3 || appContext.User.Group10 == p.Group3)) ||
(p.Group4 != -1 && (appContext.User.Group1 == p.Group4 || appContext.User.Group2 == p.Group4 || appContext.User.Group3 == p.Group4 || appContext.User.Group4 == p.Group4 || appContext.User.Group5 == p.Group4 || appContext.User.Group6 == p.Group4 || appContext.User.Group7 == p.Group4 || appContext.User.Group8 == p.Group4 || appContext.User.Group9 == p.Group4 || appContext.User.Group10 == p.Group4)) ||
(p.Group5 != -1 && (appContext.User.Group1 == p.Group5 || appContext.User.Group2 == p.Group5 || appContext.User.Group3 == p.Group5 || appContext.User.Group4 == p.Group5 || appContext.User.Group5 == p.Group5 || appContext.User.Group6 == p.Group5 || appContext.User.Group7 == p.Group5 || appContext.User.Group8 == p.Group5 || appContext.User.Group9 == p.Group5 || appContext.User.Group10 == p.Group5)) ||
(p.Group6 != -1 && (appContext.User.Group1 == p.Group6 || appContext.User.Group2 == p.Group6 || appContext.User.Group3 == p.Group6 || appContext.User.Group4 == p.Group6 || appContext.User.Group5 == p.Group6 || appContext.User.Group6 == p.Group6 || appContext.User.Group7 == p.Group6 || appContext.User.Group8 == p.Group6 || appContext.User.Group9 == p.Group6 || appContext.User.Group10 == p.Group6)) ||
(p.Group7 != -1 && (appContext.User.Group1 == p.Group7 || appContext.User.Group2 == p.Group7 || appContext.User.Group3 == p.Group7 || appContext.User.Group4 == p.Group7 || appContext.User.Group5 == p.Group7 || appContext.User.Group6 == p.Group7 || appContext.User.Group7 == p.Group7 || appContext.User.Group8 == p.Group7 || appContext.User.Group9 == p.Group7 || appContext.User.Group10 == p.Group7)) ||
(p.Group8 != -1 && (appContext.User.Group1 == p.Group8 || appContext.User.Group2 == p.Group8 || appContext.User.Group3 == p.Group8 || appContext.User.Group4 == p.Group8 || appContext.User.Group5 == p.Group8 || appContext.User.Group6 == p.Group8 || appContext.User.Group7 == p.Group8 || appContext.User.Group8 == p.Group8 || appContext.User.Group9 == p.Group8 || appContext.User.Group10 == p.Group8)) ||
(p.Group9 != -1 && (appContext.User.Group1 == p.Group9 || appContext.User.Group2 == p.Group9 || appContext.User.Group3 == p.Group9 || appContext.User.Group4 == p.Group9 || appContext.User.Group5 == p.Group9 || appContext.User.Group6 == p.Group9 || appContext.User.Group7 == p.Group9 || appContext.User.Group8 == p.Group9 || appContext.User.Group9 == p.Group9 || appContext.User.Group10 == p.Group9)) ||
(p.Group10 != -1 && (appContext.User.Group1 == p.Group10 || appContext.User.Group2 == p.Group10 || appContext.User.Group3 == p.Group10 || appContext.User.Group4 == p.Group10 || appContext.User.Group5 == p.Group10 || appContext.User.Group6 == p.Group10 || appContext.User.Group7 == p.Group10 || appContext.User.Group8 == p.Group10 || appContext.User.Group9 == p.Group10 || appContext.User.Group10 == p.Group10))));
}
// Have role but no group...
else if (userRole == ClaimValueRole.Administrator || userRole == ClaimValueRole.Publicator)
{
query = query?.Where(p => p.Private == false);
}
else if (userRole == ClaimValueRole.Contributor || userRole == ClaimValueRole.Reader)
{
query = query?.Where(p => p.State == State.Valided && p.Private == false);
}
// No role and no group...
else
{
query = query?.Where(p => p.State == State.Valided && p.Private == false);
}
if (query == null)
{
// Trace performance...
appContext?.AddPerfLog("PageAuthorizationHandler::Get::Query build failed");
return(null);
}
// Trace performance...
appContext?.AddPerfLog("PageAuthorizationHandler::Get::Query built");
List <Page> pages = await query
.OrderBy(p => p.PositionInNavigation)
#if !PERF_ISSUE
//TODO: Add a way to customize fields we want to retrieve with the request...
#if !DENORMALIZE
.Include(p => p.PageGroups)
.Include(p => p.PageRegions)
.Include(p => p.PageCategorys)
.Include(p => p.PageTags)
#endif
.Include(p => p.PageClaims)
#endif
.AsNoTracking()
.ToListAsync();
// Trace performance...
appContext?.AddPerfLog("PageAuthorizationHandler::Get::Query executed");
return(pages);
}
/// <summary>
/// Get users.
/// </summary>
/// <param name="appContext"></param>
/// <param name="filters"></param>
/// <param name="skip"></param>
/// <param name="take"></param>
/// <param name="allFields"></param>
/// <returns></returns>
public static async Task <IEnumerable <ApplicationUser> > Get(Services.WcmsAppContext appContext, Dictionary <string, object> filters, int skip, int take, bool allFields)
{
DataSorting orderBy = DataSorting.Email;
// Checking...
if (skip < 0)
{
skip = 0;
}
else if (take <= 0)
{
take = 20;
}
else if (take > 200)
{
take = 200;
}
// Build the query...
var query = _GetQuery(appContext, filters, ref orderBy);
if (query == null)
{
return(null);
}
// Sorting...
if (orderBy == DataSorting.UserName)
{
query = query.OrderBy(p => p.UserName);
}
else if (orderBy == DataSorting.Email)
{
query = query.OrderBy(p => p.Email);
}
// Fields included...
if (allFields == true)
{
query = query
.Include(p => p.Claims)
.Select(p => new ApplicationUser
{
AccessFailedCount = p.AccessFailedCount,
Email = p.Email,
EmailConfirmed = p.EmailConfirmed,
Id = p.Id,
//LockoutEnabled = p.LockoutEnabled,
LockoutEnd = p.LockoutEnd,
//PhoneNumber = p.PhoneNumber,
PhoneNumberConfirmed = p.PhoneNumberConfirmed,
UserName = p.UserName,
});
//.Include(p => p.Creator); //TODO: Only need for Unit test.
}
// Trace performance...
appContext?.AddPerfLog("UserAuthorizationHandler::Get::Query built");
// Execute the query...
IEnumerable <ApplicationUser> items = await query
.Skip(skip *take).Take(take)
.ToListAsync();
// Trace performance...
appContext?.AddPerfLog("UserAuthorizationHandler::Get::Query executed");
// Exit...
return(items);
}