public ContentApprovalsManagerPageController(
IApprovalDefinitionRepository repoDefinitions,
IContentRepository repoContent,
IApprovalRepository repoApprovals,
IApprovalEngine engine,
UIRoleProvider roles,
UIUserProvider users,
IContentSecurityRepository repoSecurity)
{
this.repoDefinitions = repoDefinitions;
this.repoContent = repoContent;
this.repoApprovals = repoApprovals;
this.engine = engine;
// if the editors role does not exist, create it and assign access rights
if (!roles.RoleExists(editors))
{
roles.CreateRole(editors);
var permissions = repoSecurity.Get(ContentReference.RootPage).CreateWritableClone() as IContentSecurityDescriptor;
permissions.AddEntry(new AccessControlEntry(editors,
AccessLevel.Create | AccessLevel.Edit | AccessLevel.Delete | AccessLevel.Read | AccessLevel.Publish));
repoSecurity.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
}
// create three users and add them to roles
UIUserCreateStatus status;
IEnumerable <string> errors = Enumerable.Empty <string>();
if (users.GetUser(userName1) == null)
{
users.CreateUser(
userName1, password,
email: userName1.ToLower() + emailBase,
passwordQuestion: null, passwordAnswer: null,
isApproved: true, status: out status, errors: out errors);
roles.AddUserToRoles(userName1, new string[] { admins });
}
if (users.GetUser(userName2) == null)
{
users.CreateUser(
userName2, password, userName2.ToLower() + emailBase,
null, null, true, out status, out errors);
roles.AddUserToRoles(userName2, new string[] { editors });
}
if (users.GetUser(userName3) == null)
{
users.CreateUser(
userName3, password, userName3.ToLower() + emailBase,
null, null, true, out status, out errors);
roles.AddUserToRoles(userName3, new string[] { editors });
}
}
private DateTime?GetDate()
{
IUIUser user = null;
try
{
user = _uiUserProvider.GetUser(_principalAccessor.CurrentName());
}
catch
{
// We swallow all exceptions because the implementation
// of _uiUserProvider might throw but that doesnt matter here
}
return(user?.CreationDate);
}
private void AddUser(string userName, string fullName, string passWord, string[] roleNames)
{
if (UIUserProvider.GetUser(userName) == null)
{
var email = string.Format("epic-{0}@mailinator.com", userName);
IEnumerable <string> erros;
UIUserCreateStatus status;
var user = UIUserProvider.CreateUser(userName, passWord, email, null, null, true, out status, out erros);
UIRoleProvider.AddUserToRoles(user.Username, roleNames);
var profile = EPiServerProfile.Get(user.Username);
var nameParts = fullName.Split(' ');
profile["FirstName"] = nameParts[0];
profile["LastName"] = nameParts[1];
// E-mail must be part of profile properties to be resolved by QueryableNotificationUsersImpl
profile["Email"] = email;
profile.Save();
}
}
public ActionResult Index()
{
bool created = false;
var user = _userProvider.GetUser("*****@*****.**");
if (user == null)
{
var userCreated = _userProvider.CreateUser("*****@*****.**", "Episerver123!", "*****@*****.**", "Do you like cats?", "Who doesn't like cats?", isApproved: true, out UIUserCreateStatus status, out IEnumerable <string> errors);
if (status != UIUserCreateStatus.Success)
{
return(Content($"Admin user ([email protected] / Episerver123!) failed to create [Error: {string.Join(",", errors)}]"));
}
created = true;
user = userCreated;
}
// Ensure Role Exists
var adminRole = _roleProvider.GetAllRoles();
if (!adminRole.Any(x => x.Name == AdminRole))
{
_roleProvider.CreateRole(AdminRole);
}
// Ensure seed user in admin role
var roles = _roleProvider.GetRolesForUser(user.Username);
if (!roles.Contains(AdminRole))
{
_roleProvider.AddUserToRoles(user.Username, new[] { AdminRole });
}
return(Content($"Admin user ([email protected] / Episerver123!) exists already and is in {AdminRole} role"));
}
// GET: CreateAdminAccount
public ActionResult Index()
{
var admin = _uIUserProvider.GetUser("Admin");
return(View(admin));
}
public ActionResult Index(string submit)
{
int countOfRolesCreated = 0;
int countOfUsersCreated = 0;
#region Use EPiServer classes to create roles and users
UIUserCreateStatus status;
IEnumerable <string> errors = new List <string>();
foreach (string role in rolesToCreate)
{
if (!roles.RoleExists(role))
{
roles.CreateRole(role);
countOfRolesCreated++;
}
}
foreach (var item in Users)
{
if (users.GetUser(item.UserName) == null)
{
var newUser = users.CreateUser(item.UserName, password,
email: $"{item.UserName.ToLower()}{email}",
passwordQuestion: null, passwordAnswer: null,
isApproved: true,
status: out status, errors: out errors);
if (status == UIUserCreateStatus.Success)
{
countOfUsersCreated++;
roles.AddUserToRoles(item.UserName, item.Roles);
}
}
}
#endregion
#region Use EPiServer classes to give access rights to Root, Recycle Bin, and News & Events
SetSecurity(ContentReference.RootPage, adminsRole, AccessLevel.FullAccess);
SetSecurity(ContentReference.RootPage, "WebAdmins", AccessLevel.NoAccess);
SetSecurity(ContentReference.RootPage, "Administrators", AccessLevel.NoAccess);
SetSecurity(ContentReference.RootPage, contentCreatorsRole, AccessLevel.Read | AccessLevel.Create | AccessLevel.Edit | AccessLevel.Delete);
SetSecurity(ContentReference.RootPage, marketersRole, AccessLevel.Create | AccessLevel.Publish);
SetSecurity(ContentReference.WasteBasket, adminsRole, AccessLevel.FullAccess);
SetSecurity(ContentReference.WasteBasket, "Administrators", AccessLevel.NoAccess);
// find the News & Events page
var criteria = new PropertyCriteriaCollection
{
new PropertyCriteria
{
Name = "PageName",
Type = PropertyDataType.LongString,
Condition = CompareCondition.Equal,
Value = "News & Events"
}
};
var pages = pageFinder.FindPagesWithCriteria(ContentReference.StartPage, criteria);
if (pages.Count == 1)
{
// give News Editors full access and remove all access for others
var news = pages[0].ContentLink;
SetSecurity(news, newsEditorsRole, AccessLevel.FullAccess, overrideInherited: true);
SetSecurity(news, contentCreatorsRole, AccessLevel.NoAccess, overrideInherited: true);
SetSecurity(news, marketersRole, AccessLevel.NoAccess, overrideInherited: true);
}
// find the Press Releases page
criteria = new PropertyCriteriaCollection
{
new PropertyCriteria
{
Name = "PageName",
Type = PropertyDataType.LongString,
Condition = CompareCondition.Equal,
Value = "Press Releases"
}
};
pages = pageFinder.FindPagesWithCriteria(ContentReference.StartPage, criteria);
if (pages.Count == 1)
{
// allow Lawyers and C-Level Execs to edit Press Releases
// so they can approve/decline changes
var pressReleases = pages[0].ContentLink;
SetSecurity(pressReleases, lawyersRole, AccessLevel.Edit, overrideInherited: true);
SetSecurity(pressReleases, cLevelExecsRole, AccessLevel.Edit, overrideInherited: true);
}
#endregion
RegisterPersonas.IsEnabled = false;
ViewData["message"] = $"Register personas completed successfully. {countOfRolesCreated} roles created. {countOfUsersCreated} users created and added to roles.";
return(View("~/Features/RegisterPersonas/RegisterPersonas.cshtml"));
}
