/// <summary>
/// Loads the file library acl.
/// </summary>
/// <param name="entity">The entity.</param>
/// <returns></returns>
private bool LoadFileLibraryAcl(WorkflowInstanceEntity entity, out FileStorage fs, out AccessControlList acl)
{
acl = null;
fs = null;
// Resolve ContainerKey
string containerName = "FileLibrary";
string containerKey = string.Empty;
if (entity.OwnerDocumentId.HasValue)
{
containerKey = UserRoleHelper.CreateDocumentContainerKey(entity.OwnerDocumentId.Value);
}
//else
// TODO: Extend Owner Processing
// Check ContainerKey
if (string.IsNullOrEmpty(containerKey))
{
return(false);
}
// Open ACL
BaseIbnContainer bic = BaseIbnContainer.Create(containerName, containerKey);
fs = (FileStorage)bic.LoadControl("FileStorage");
acl = AccessControlList.GetACL(fs.Root.Id);
return(true);
}
// GET: Task/Edit/5
public ActionResult Edit(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
ProjectTask projectTask = TaskHelper.GetTask((int)id);
if (projectTask == null)
{
return(HttpNotFound());
}
var users = UserRoleHelper.AllUsersInRole("Developer");
var userId = users.Select(i => new SelectListItem()
{
Text = i.UserName, Value = i.Id.ToString()
}).ToList();
ViewBag.ProjectId = ProjectHelper.AllProjectsByUser(User.Identity.GetUserId())
.Select(i => new SelectListItem()
{
Text = i.Name, Value = i.Id.ToString()
}).ToList();
ViewBag.UserId = userId;
return(View(projectTask));
}
public ActionResult Delete(int thisTripId, FormCollection collection)
{
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId()))
{
if (!UserRoleHelper.IsEmployee(User.Identity.GetUserId()))// check if current user has admin or employee rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
}
int NumberOfReservations = countReservavtionsMade((int)thisTripId);
Trip trip = dbcontext.Trips.Find(thisTripId); //get current trip
//check for reservations. Cannot edit while there are any and trip is yet to end
var currTime = DateTime.Now;
if (NumberOfReservations > 0 && trip.DateBack > currTime)
{
return(RedirectToAction("Index", new { Message = ManageMessageId.CannotEditEntry }));
}
dbcontext.Trips.Remove(trip);
dbcontext.SaveChanges();
return(RedirectToAction("Index", new { Message = ManageMessageId.DeleteEntrySuccess }));
}
public async Task <ActionResult> ManageView()
{
try
{
Log.Info("ManageView");
var templates = await new TemplateController().GetTemplates();
if (templates.Count > 0)
{
ViewBag.Templates = templates.OrderBy(s => s.TemplateName).Where(t => t.IsManageTemplate).ToList();
}
ViewBag.IsAdmin = UserRoleHelper.IsAdmin(System.Web.HttpContext.Current.User.Identity.Name);
return(View());
}
catch (Exception exception)
{
ViewBag.ErrorMessage = "Error";
ViewBag.ErrorDetails = exception.Message;
Log.Error(exception);
return(View("Error"));
}
}
public ActionResult Create(Coach model) //public ActionResult Create(CoachesViewModel model)
{
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId())) // check if current user has admin rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
if (ModelState.IsValid)
{
/*Coach coach = new Coach() // this commented code was when Coach Entity had TripID FK in it, but it
* always required TripID in creation, so it was scrapped. A possible soluiton is to only
* Create a coach from a Trip edit link containing its Id, but that would mean a coach would
* only be created for a trip (bad idea)
* {
* Brand = model.Brand,
* VehModel = model.VehModel,
* Seats = model.Seats,
* DateAdded = model.DateAdded,
* VehicleNumber = model.VehicleNumber,
* VehScreenshot = model.VehScreenshot
* };*/
//model.Id_Trip = 0; -> commented TripID FK line In DBentities\Coach.cs
dbcontext.Coaches.Add(model);
dbcontext.SaveChanges();
return(RedirectToAction("Index", new { Message = ManageMessageId.CreateEntrySuccess }));
}
return(View(model));
}
// GET: Trip/Delete/5
public ActionResult Delete(int?thisTripId)
{
if (thisTripId == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId()))
{
if (!UserRoleHelper.IsEmployee(User.Identity.GetUserId()))// check if current user has admin or employee rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
}
//check for reservations. Cannot edit while there are any. Placeholder
int NumberOfReservations = countReservavtionsMade((int)thisTripId);
Trip trip = dbcontext.Trips.Find(thisTripId); //get current trip
if (trip == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.NotFound));
}
//check for reservations. Cannot edit while there are any and trip is yet to end
var currTime = DateTime.Now;
if (NumberOfReservations > 0 && trip.DateBack > currTime)
{
return(RedirectToAction("Index", new { Message = ManageMessageId.CannotEditEntry }));
}
return(View(trip));
}
// GET: /Coaches/Index
public ActionResult Index(ManageMessageId?message)
{
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId())) // check if current user has admin rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
ViewBag.StatusMessage =
message == ManageMessageId.EditDetailsSuccess ? "All changes have been saved."
: message == ManageMessageId.CreateEntrySuccess ? "Successfully added a new vehicle."
: message == ManageMessageId.DeleteEntrySuccess ? "Successfully deleted a vehicle."
: message == ManageMessageId.Error ? "An error has occured."
: "";
CoachesViewModels model = new CoachesViewModels();
// add every coach item to the list, then save the list in model's List: Coach. Return the model to view
var list = new List <Coach>();
foreach (var item in dbcontext.Coaches.ToList())
{
list.Add(item);
}
model.List = list;
return(View(model));
}
private Expression <Func <TUserRole, TValue> > GetUserRoleLambda <TValue>(Mapper.UserRoleColumnType columnType)
{
var param = Expression.Parameter(UserRoleType, "p");
var memberAccess = UserRoleHelper.GetMemberAccess(param, columnType);
return(Expression.Lambda <Func <TUserRole, TValue> >(memberAccess, param));
}
public async Task<ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new ApplicationUser { UserName = model.Email, Email = model.Email };
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
UserRoleHelper.AddUserToRole(user.Id, model.Role);
await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
// For more information on how to enable account confirmation and password reset please visit https://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
// string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
// var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
// await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
return RedirectToAction("Index", "Manage");
}
AddErrors(result);
}
ViewBag.Role = new SelectList(db.Roles, "Name", "Name");
// If we got this far, something failed, redisplay form
return View(model);
}
protected void grdMain_ItemCommand(object source, DataGridCommandEventArgs e)
{
if (e.CommandName == "Select")
{
int selId = int.Parse(e.Item.Cells[0].Text);
string sText = "";
string sTitle = "";
using (IDataReader reader = Mediachase.IBN.Business.Common.GetArticle(selId))
{
if (reader.Read())
{
sTitle = reader["Question"].ToString();
sText = String.Format("<div style='border-top: solid 1px #95B7F3; padding:0px;background-color:ffffe1;'>" +
"<div style='padding:5px; cursor:default;background-color:#FFD275;'><b>{0}</b></div>" +
"<div style='padding:5px;'>{1}</div>" +
"</div>", reader["Question"].ToString(), reader["AnswerHTML"].ToString());
}
}
Common.AddHistory(ObjectTypes.KnowledgeBase, selId, sTitle);
Common.IncreaseArticleCounter(selId);
string sFiles = "";
string containerName = "FileLibrary";
string containerKey = UserRoleHelper.CreateArticleContainerKey(selId);
CS.BaseIbnContainer bic = CS.BaseIbnContainer.Create(containerName, containerKey);
CS.FileStorage fs = (CS.FileStorage)bic.LoadControl("FileStorage");
CS.FileInfo[] _fi = fs.Root.GetFiles();
if (_fi.Length > 0)
{
string _containerName = "FileLibrary";
string _containerKey = "EMailAttach";
CS.BaseIbnContainer _bic = CS.BaseIbnContainer.Create(_containerName, _containerKey);
CS.FileStorage _fs = (CS.FileStorage)_bic.LoadControl("FileStorage");
CS.DirectoryInfo di = _fs.GetDirectory(_fs.Root.Id, guid, true);
foreach (CS.FileInfo fi in _fi)
{
fs.CopyFile(fi.Id, di.Id, true);
}
_fi = _fs.GetFiles(di);
foreach (CS.FileInfo fi in _fi)
{
sFiles += String.Format("<div style='padding-bottom:1px;'><img align='absmiddle' src='{0}' width='16' height='16'> {1} <img src='{2}' align='absmiddle' width='16' height='16' style='cursor:pointer;' onclick='_deleteFile({3})' title='{4}' /></div>",
ResolveUrl("~/Common/ContentIcon.aspx?IconID=" + fi.FileBinaryContentTypeId),
Util.CommonHelper.GetShortFileName(fi.Name, 40),
ResolveUrl("~/Layouts/Images/delete.gif"),
fi.Id,
LocRM2.GetString("tDelete"));
}
}
sText = sText.Replace("\r\n", "");
sText = sText.Replace("\t", "");
sText = sText.Replace("\\", "\\\\");
sText = sText.Replace("\"", "\\\"");
Page.ClientScript.RegisterStartupScript(this.GetType(), Guid.NewGuid().ToString(), String.Format("CloseAll(\"{0}\", \"{1}\");", sFiles, sText), true);
}
}
private Expression <Func <TUserRole, bool> > GetUserRoleLambda(Mapper.UserRoleColumnType columnType, object value)
{
var param = Expression.Parameter(UserRoleType, "p");
var memberAccess = UserRoleHelper.GetMemberAccess(param, columnType);
var content = Expression.Constant(value);
var equal = Expression.Equal(memberAccess, content);
return(Expression.Lambda <Func <TUserRole, bool> >(equal, param));
}
// GET: Location/Create
public ActionResult Create()
{
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId())) // check if current user has admin rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
return(View());
}
public override bool IsUserInRole(string username, string roleName)
{
var userid = GetUserID(username);
var roleid = Context.GetRoleID(roleName);
var join = UserRoleHelper.New();
UserRoleMapper.UserID(join, userid)
.RoleID(join, roleid);
return(Context.IsJoinExist(join));
}
public ActionResult AssignDeveloper(int ticketId)
{
var model = new AssignDevelopersTicketModel();
var ticket = db.Tickets.FirstOrDefault(p => p.Id == ticketId);
var userRoleHelper = new UserRoleHelper();
var users = userRoleHelper.UsersInRole("Developer");
model.TicketId = ticketId;
model.DeveloperList = new SelectList(users, "Id", "Name");
return(View(model));
}
public ActionResult EditUserRoles(string id)
{
var user = db.Users.Find(id);
var helper = new UserRoleHelper();
var model = new AdminUserViewModel();
model.User = user;
model.SelectedRoles = helper.ListUserRoles(id).ToArray();
model.Roles = new MultiSelectList(db.Roles, "Name", "Name", model.SelectedRoles);
return(View(model));
}
public ActionResult EditUser(string id)
{
var user = db.Users.Find(id);
AdminUserViewModel adminModel = new AdminUserViewModel();
UserRoleHelper helper = new UserRoleHelper();
var selected = helper.ListUserRoles(id);
adminModel.Roles = new MultiSelectList(db.Roles, "Name", "Name", selected);
adminModel.User = new ApplicationUser();
adminModel.User = user;
return(View(adminModel));
}
public ActionResult EditUserRoles(string Id)
{
var user = db.Users.Find(Id);
var helper = new UserRoleHelper();
var model = new AdminUserViewModels();
model.User = user;
model.SelectedRoles = helper.ListUserRoles(Id).ToArray();
model.Roles = new MultiSelectList(db.Roles, "Name", "Name", model.SelectedRoles);
// parameter is an IEnumerable, valuefield is what gets actually passed for each selected items
// text field is what is shown, our roles pass a name and we show a name
return(View(model));
}
public ActionResult ChangeRole(string id)
{
var model = new UserRoleViewModel();
var userRoleHelper = new UserRoleHelper();
model.Id = id;
model.Name = db.Users.FirstOrDefault(p => p.Id == id).Name;
var roles = userRoleHelper.GetAllRoles();
var userRoles = userRoleHelper.GetUserRoles(id);
model.Roles = new MultiSelectList(roles, "Name", "Name", userRoles);
return(View(model));
}
public ActionResult ChangeRole(string id)
{
var model = new UserRoleViewModel();
var userRoleHelper = new UserRoleHelper();
model.Id = id;
model.Name = User.Identity.Name;
var roles = userRoleHelper.GetAllRoles();
var userRoles = userRoleHelper.GetUserRoles(id);
model.Roles = new MultiSelectList(roles, "Name", "Name", userRoles);
return(View(model));
}
// duplicated action EDIT POST/GET and changed to EditUserRoles
// GET: ManageUsers/EditUserRoles/5
public ActionResult EditUserRoles(string Id)
{
if (Id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId())) // check if current user has admin rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
ApplicationUser CurrUser = dbcontext.Users.Find(Id);
if (CurrUser == null)
{
return(HttpNotFound());
}
EditUserRoleViewModel field = new EditUserRoleViewModel(); // get access to model fields we will be showing
var userStore = new UserStore <ApplicationUser>(dbcontext); // access to roles using Identity Framework
var userManager = new UserManager <ApplicationUser>(userStore);
// update db info with new data given by user in form View
field.Id = CurrUser.Id;
field.UserName = CurrUser.UserName;
field.Email = CurrUser.Email;
field.Name = CurrUser.Name;
field.Surname = CurrUser.Surname;
field.Country = CurrUser.Country;
field.Town = CurrUser.Town;
field.Street = CurrUser.Street;
field.NumHouse = CurrUser.NumHouse;
field.NumFlat = CurrUser.NumFlat;
field.ZIPCode = CurrUser.ZIPCode;
field.PhoneNumber = CurrUser.PhoneNumber;
if (UserRoleHelper.IsAdmin(field.Id))
{
field.RoleType = UserRoleTypes.Administrator;
}
if (UserRoleHelper.IsEmployee(field.Id))
{
field.RoleType = UserRoleTypes.Employee;
}
if (UserRoleHelper.IsUser(field.Id))
{
field.RoleType = UserRoleTypes.Customer;
}
return(View(field));
}
public ActionResult EditProjectManager(int id)
{
AdminProjectViewModel adminProject = new AdminProjectViewModel();
var prj = db.Projects.Find(id);
UserRoleHelper helper = new UserRoleHelper();
var selected = helper.UsersInRole("ProjectManager").ToList();
adminProject.Projects = new Project();
adminProject.ProjectManager = new SelectList(selected, "Id", "FullName", selected);
adminProject.Projects.Id = prj.Id;
adminProject.Name = prj.Name;
return(View(adminProject));
}
public ActionResult AssignRole(string Id)
{
var model = new UserRoleViewModel();
var userRoleHelper = new UserRoleHelper();
model.Id = Id;
model.UserName = db.Users.FirstOrDefault(p => p.Id == Id).UserName;
var roles = userRoleHelper.GetAllroles();
var userRoles = userRoleHelper.GetUserRoles(Id);
model.Roles = new MultiSelectList(roles, "Name", "Name", userRoles);
return(View(model));
}
public ActionResult EditUser([Bind(Include = "User, Roles, SelectedRoles")] AdminUserViewModel model)
{
var userId = model.User.Id;
UserRoleHelper helper = new UserRoleHelper();
foreach (var rolermv in db.Roles.Select(r => r.Name).ToList())
{
helper.RemoveUserFromRole(userId, rolermv);
}
foreach (var roleadd in model.SelectedRoles)
{
helper.AddUserToRole(userId, roleadd);
}
return(RedirectToAction("Index"));
}
// GET: Coaches/Delete/5
public ActionResult Delete(int id)
{
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId())) // check if current user has admin rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
Coach CurrVeh = dbcontext.Coaches.Find(id);
if (CurrVeh == null)
{
return(HttpNotFound());
}
return(View(CurrVeh));
}
public ActionResult Create(Location model)
{
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId())) // check if current user has admin rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
if (ModelState.IsValid)
{
dbcontext.Locations.Add(model);
dbcontext.SaveChanges();
return(RedirectToAction("Index", new { Message = ManageMessageId.CreateEntrySuccess }));
}
return(View(model));
}
public ActionResult Index()
{
UserRoleHelper helper = new UserRoleHelper();
List <AdminUserViewModel> users = new List <AdminUserViewModel>();
foreach (var user in db.Users.ToList())
{
var eachUser = new AdminUserViewModel();
eachUser.User = user;
eachUser.SelectedRoles = helper.ListUserRoles(user.Id).ToArray();
users.Add(eachUser);
}
return(View(users.OrderBy(u => u.User.LastName).ToList()));
}
// GET: Location/Edit/5
public ActionResult Edit(int id)
{
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId())) // check if current user has admin rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
Location CurrLoc = dbcontext.Locations.Find(id);
if (CurrLoc == null)
{
return(HttpNotFound());
}
return(View(CurrLoc));
}
public ActionResult Create([Bind(Include = "Name")] Household household)
{
if (ModelState.IsValid)
{
db.Households.Add(household);
db.SaveChanges();
var headOfHouseHold = User.Identity.GetUserId();
HouseholdsHelper.AddUserToHousehold(headOfHouseHold, household.Id);
UserRoleHelper.AddUserToRole(headOfHouseHold, "HeadOfHouseHold");
household.HouseholdCreatorId = headOfHouseHold;
household.Created = DateTimeOffset.Now;
return(RedirectToAction("Details", "Households"));
}
return(View(household));
}
// what does Bind do: 2 approches: we can either create a model with all properties we want to edit in this Action OR we can
// use Bind(Exclude = "") Bind(Include = "") to tell which properties from a given model to take and edit or exclude
// usually first approach is better via: https://cpratt.co/stop-using-bind/
// but here I do not want to create a new model since Im not going to use this too often and have no
// plans to change this Action often PLUS UserModel is build in and not something I created from scratch so I dont want to edit it more than needed
public ActionResult Edit([Bind(Include = "Id,Name,Surname,Street,NumHouse,NumFlat,Town,ZIPCode,Country,Email," +
" EmailConfirmed,PasswordHash,SecurityStamp,PhoneNumber,PhoneNumberConfirmed,TwoFactorEnabled," +
" LockoutEndDateUtc,LockoutEnabled,AccessFailedCount,UserName")] ApplicationUser applicationUser)
{
if (!UserRoleHelper.IsAdmin(User.Identity.GetUserId())) // check if current user has admin rights
{
return(RedirectToAction("AccessDenied", "Manage"));
}
if (ModelState.IsValid)
{
dbcontext.Entry(applicationUser).State = System.Data.Entity.EntityState.Modified;
dbcontext.SaveChanges();
return(RedirectToAction("Index", new { Message = ManageMessageId.EditUserSuccess }));
}
return(View(applicationUser));
}
// GET: Task/Create
public ActionResult Create()
{
var users = UserRoleHelper.AllUsersInRole("Developer");
var userId = users.Select(i => new SelectListItem()
{
Text = i.UserName, Value = i.Id.ToString()
}).ToList();
ViewBag.ProjectId = ProjectHelper.AllProjectsByUser(User.Identity.GetUserId())
.Select(i => new SelectListItem()
{
Text = i.Name, Value = i.Id.ToString()
}).ToList();
ViewBag.UserId = userId;
return(View());
}