示例#1
0
        public static bool HasUserPermission(User user, int? CountryID, PermissionLevel requiredLevel, UserPermissionsContainer userPermissions = null)
        {
            if (user != null)
            {
                if (!String.IsNullOrEmpty(user.Permissions))
                {
                    if (userPermissions == null)
                    {
                        userPermissions = JsonConvert.DeserializeObject<UserPermissionsContainer>(user.Permissions);
                    }

                    if (userPermissions.Permissions != null)
                    {
                        if (userPermissions.Permissions.Any(p => p.Level == PermissionLevel.Admin && (p.CountryID == null || p.CountryID == CountryID)))
                        {
                            //user is admin (for given country or all countries)
                            return true;
                        }

                        if (userPermissions.Permissions.Any(p => p.Level == requiredLevel && (p.CountryID == null || p.CountryID == CountryID)))
                        {
                            //user has required level of access (for given country or all countries)
                            return true;
                        }
                    }
                }
            }
            return false;
        }
示例#2
0
        public static void Log(User user, AuditEventType eventType, string eventDescription, string comment)
        {
            try
            {
                OCM.Core.Data.OCMEntities dataModel = new OCM.Core.Data.OCMEntities();
                var auditEntry = new Core.Data.AuditLog();

                if (user == null)
                {
                    auditEntry.User = dataModel.Users.First(u => u.ID == (int)StandardUsers.System);
                }
                else
                {
                    auditEntry.UserID = user.ID;
                }

                auditEntry.EventDescription = "[" + eventType.ToString() + "]:" + (eventDescription != null ? eventDescription : "");
                auditEntry.Comment = comment;
                auditEntry.EventDate = DateTime.UtcNow;

                dataModel.AuditLogs.Add(auditEntry);
                dataModel.SaveChanges();

                System.Diagnostics.Debug.WriteLine("Log:"+auditEntry.EventDescription);
            }
            catch (Exception)
            {
                //TODO: fallback to alternative logging
            }
        }
示例#3
0
 public static bool IsUserAdministrator(User user)
 {
     if (HasUserPermission(user, null, PermissionLevel.Admin))
     {
         return true;
     }
     //fallback legacy check
     return HasUserPermission(user, StandardPermissionAttributes.Administrator, "true");
 }
示例#4
0
 public static bool HasUserPermission(User user, StandardPermissionAttributes permissionAttribute, string attributeValue)
 {
     if (user != null && attributeValue != null)
     {
         if (user.Permissions != null)
         {
             if (user.Permissions.Contains("[" + permissionAttribute.ToString() + "=" + attributeValue + "]"))
             {
                 return true;
             }
         }
     }
     return false;
 }
示例#5
0
        public ActionResult EditUser(OCM.API.Common.Model.User userDetails)
        {
            if (ModelState.IsValid)
            {
                var userManager = new UserManager();

                //save
                if (userManager.UpdateUserProfile(userDetails, true))
                {
                    return(RedirectToAction("Users"));
                }
            }

            return(View(userDetails));
        }
示例#6
0
        /// <summary>
        /// For a list of ChargePoint objects, attempt to populate the AddressInfo (at least country) based on lat/lon if not already populated
        /// </summary>
        /// <param name="itemList"></param>
        /// <param name="coreRefData"></param>

        public void UpdateImportedPOIList(ImportReport poiResults, User user)
        {
            var submissionManager = new SubmissionManager();
            int itemCount = 1;
            foreach (var newPOI in poiResults.Added)
            {
                Log("Importing New POI " + itemCount + ": " + newPOI.AddressInfo.ToString());
                submissionManager.PerformPOISubmission(newPOI, user, false);
            }

            foreach (var updatedPOI in poiResults.Updated)
            {
                Log("Importing Updated POI " + itemCount + ": " + updatedPOI.AddressInfo.ToString());
                submissionManager.PerformPOISubmission(updatedPOI, user, performCacheRefresh: false, disablePOISuperseding: true);
            }

            foreach (var delisted in poiResults.Delisted)
            {
                Log("Delisting Removed POI " + itemCount + ": " + delisted.AddressInfo.ToString());
                delisted.SubmissionStatus = null;
                delisted.SubmissionStatusTypeID = (int)StandardSubmissionStatusTypes.Delisted_RemovedByDataProvider;

                submissionManager.PerformPOISubmission(delisted, user, false);
            }

            //refresh POI cache
            var cacheTask = Task.Run(async () =>
            {
                return await OCM.Core.Data.CacheManager.RefreshCachedData();
            });
            cacheTask.Wait();

            //temp get all providers references for recognised duplicates
            /*var dupeRefs = from dupes in poiResults.Duplicates
                           where !String.IsNullOrEmpty(dupes.DataProvidersReference)
                           select dupes.DataProvidersReference;
            string dupeOutput = "";
            foreach(var d in dupeRefs)
            {
                dupeOutput += ",'"+d+"'";
            }
            System.Diagnostics.Debug.WriteLine(dupeOutput);*/

            if (poiResults.ProviderDetails.DefaultDataProvider != null)
            {
                //update date last updated for this provider
                new DataProviderManager().UpdateDateLastImport(poiResults.ProviderDetails.DefaultDataProvider.ID);
            }
        }
示例#7
0
        /// <summary>
        /// Consumers should prepare a new/updated ChargePoint with as much info populated as possible
        /// </summary>
        /// <param name="submission">ChargePoint info for submission, if ID and UUID set will be treated as an update</param>
        /// <returns>false on error or not enough data supplied</returns>
        public async Task <ValidationResult> PerformPOISubmission(Model.ChargePoint updatedPOI, Model.User user, bool performCacheRefresh = true, bool disablePOISuperseding = false)
        {
            try
            {
                var  poiManager             = new POIManager();
                bool enableEditQueueLogging = bool.Parse(ConfigurationManager.AppSettings["EnableEditQueue"]);
                bool isUpdate = false;
                bool userCanEditWithoutApproval = false;
                bool isSystemUser = false;
                int? supersedesID = null;//POI from another data provider which has been superseded by an edit

                //if user signed in, check if they have required permission to perform an edit/approve (if required)
                if (user != null)
                {
                    if (user.ID == (int)StandardUsers.System)
                    {
                        isSystemUser = true;
                    }

                    //if user is system user, edits/updates are not recorded in edit queue
                    if (isSystemUser)
                    {
                        enableEditQueueLogging = false;
                    }

                    userCanEditWithoutApproval = POIManager.CanUserEditPOI(updatedPOI, user);
                }

                var dataModel = new Core.Data.OCMEntities();

                //if poi is an update, validate if update can be performed
                if (updatedPOI.ID > 0 && !String.IsNullOrEmpty(updatedPOI.UUID))
                {
                    if (dataModel.ChargePoints.Any(c => c.Id == updatedPOI.ID && c.Uuid == updatedPOI.UUID))
                    {
                        //update is valid poi, check if user has permission to perform an update
                        isUpdate = true;
                        if (userCanEditWithoutApproval)
                        {
                            AllowUpdates = true;
                        }
                        if (!AllowUpdates && !enableEditQueueLogging)
                        {
                            //valid update requested but updates not allowed
                            return(new ValidationResult {
                                IsValid = false, Message = "Updates are disabled"
                            });
                        }
                    }
                    else
                    {
                        //update does not correctly identify an existing poi
                        return(new ValidationResult {
                            IsValid = false, Message = "Update does not correctly match an existing POI"
                        });
                    }
                }

                //validate if minimal required data is present
                if (updatedPOI.AddressInfo.Title == null || (updatedPOI.AddressInfo.Country == null && updatedPOI.AddressInfo.CountryID == null))
                {
                    return(new ValidationResult {
                        IsValid = false, Message = "Update failed basic validation"
                    });
                }

                //convert to DB version of POI and back so that properties are fully populated
                using (var refDataManager = new ReferenceDataManager())
                {
                    var refData = await refDataManager.GetCoreReferenceDataAsync();

                    updatedPOI = PopulateFullPOI(updatedPOI, refData);
                }

                Model.ChargePoint oldPOI = null;

                if (updatedPOI.ID > 0)
                {
                    //get json snapshot of current cp data to store as 'previous'
                    oldPOI = await poiManager.Get(updatedPOI.ID);
                }

                //if user cannot edit directly, add to edit queue for approval
                var editQueueItem = new Core.Data.EditQueueItem {
                    DateSubmitted = DateTime.UtcNow
                };
                if (enableEditQueueLogging)
                {
                    editQueueItem.EntityId   = updatedPOI.ID;
                    editQueueItem.EntityType = dataModel.EntityTypes.FirstOrDefault(t => t.Id == 1);
                    //charging point location entity type id

                    //serialize cp as json

                    //null extra data we don't want to serialize/compare
                    updatedPOI.UserComments = null;
                    updatedPOI.MediaItems   = null;

                    string editData = PerformSerialisationToString(updatedPOI, new JsonSerializerSettings {
                        NullValueHandling = NullValueHandling.Ignore
                    });

                    editQueueItem.EditData = editData;

                    if (updatedPOI.ID > 0)
                    {
                        //check if poi will change with this edit, if not we discard it completely
                        if (!poiManager.HasDifferences(oldPOI, updatedPOI))
                        {
                            System.Diagnostics.Debug.WriteLine("POI Update has no changes, discarding change.");
                            return(new ValidationResult {
                                IsValid = true, ItemId = updatedPOI.ID, Message = "No POI changes detected"
                            });
                        }
                        else
                        {
                            editQueueItem.PreviousData = PerformSerialisationToString(oldPOI, new JsonSerializerSettings {
                                NullValueHandling = NullValueHandling.Ignore
                            });
                        }
                    }

                    if (user != null)
                    {
                        editQueueItem.User = dataModel.Users.FirstOrDefault(u => u.Id == user.ID);
                    }
                    var processedByUser = editQueueItem.User ?? dataModel.Users.FirstOrDefault(u => u.Id == (int)StandardUsers.System);

                    editQueueItem.IsProcessed = false;
                    dataModel.EditQueueItems.Add(editQueueItem);
                    //TODO: send notification of new item for approval

                    //save edit queue item
                    dataModel.SaveChanges();

                    //if previous edit queue item exists by same user for same POI, mark as processed
                    var previousEdits = dataModel.EditQueueItems.Where(e => e.UserId == editQueueItem.UserId && e.EntityId == editQueueItem.EntityId && e.EntityTypeId == editQueueItem.EntityTypeId && e.Id != editQueueItem.Id && e.IsProcessed != true);
                    foreach (var previousEdit in previousEdits)
                    {
                        previousEdit.IsProcessed     = true;
                        previousEdit.ProcessedByUser = processedByUser;

                        previousEdit.DateProcessed = DateTime.UtcNow;
                    }
                    //save updated edit queue items
                    dataModel.SaveChanges();
                }

                //prepare and save changes POI changes/addition
                if (isUpdate && !AllowUpdates)
                {
                    //user has submitted an edit but is not an approved editor
                    //SendEditSubmissionNotification(updatedPOI, user);

                    //user is not an editor, item is now pending in edit queue for approval.
                    return(new ValidationResult {
                        IsValid = true, ItemId = updatedPOI.ID, Message = "Update submitted for review"
                    });
                }

                if (isUpdate && updatedPOI.SubmissionStatusTypeID >= 1000)
                {
                    //update is a delisting, skip superseding poi
                    System.Diagnostics.Debug.WriteLine("skipping superseding of imported POI due to delisting");
                }
                else
                {
                    //if poi being updated exists from an imported source we supersede the old POI with the new version, unless we're doing a fresh import from same data provider
                    if (!disablePOISuperseding)
                    {
                        //if update by non-system user will change an imported/externally provided data, supersede old POI with new one (retain ID against new POI)
                        if (isUpdate && !isSystemUser && oldPOI.DataProviderID != (int)StandardDataProviders.OpenChargeMapContrib)
                        {
                            //move old poi to new id, set status of new item to superseded
                            supersedesID = poiManager.SupersedePOI(dataModel, oldPOI, updatedPOI);
                        }
                    }
                }

                //user is an editor, go ahead and store the addition/update
                //set/update cp properties
                var cpData = poiManager.PopulateChargePoint_SimpleToData(updatedPOI, dataModel);

                //if item has no submission status and user permitted to edit, set to published
                if (userCanEditWithoutApproval && cpData.SubmissionStatusTypeId == null)
                {
                    cpData.SubmissionStatusTypeId = (int)StandardSubmissionStatusTypes.Submitted_Published; //hack due to conflicting state change for SubmissionStatusType
                }
                else
                {
                    //no submission status, set to 'under review'
                    if (cpData.SubmissionStatusTypeId == null)
                    {
                        cpData.SubmissionStatusTypeId = (int)StandardSubmissionStatusTypes.Submitted_UnderReview;
                    }
                }

                cpData.DateLastStatusUpdate = DateTime.UtcNow;

                if (!isUpdate)
                {
                    //new data objects need added to data model before save
                    if (cpData.AddressInfo != null)
                    {
                        dataModel.AddressInfos.Add(cpData.AddressInfo);
                    }

                    dataModel.ChargePoints.Add(cpData);
                }

                //finally - save poi update
                dataModel.SaveChanges();

                //get id of update/new poi
                int newPoiID = cpData.Id;

                //this is an authorised update, reflect change in edit queue item
                if (enableEditQueueLogging && user != null && user.ID > 0)
                {
                    var editUser = dataModel.Users.FirstOrDefault(u => u.Id == user.ID);
                    editQueueItem.User = editUser;

                    if (newPoiID > 0)
                    {
                        editQueueItem.EntityId = newPoiID;
                    }

                    //if user is authorised to edit, process item automatically without review
                    if (userCanEditWithoutApproval)
                    {
                        editQueueItem.ProcessedByUser = editUser;
                        editQueueItem.DateProcessed   = DateTime.UtcNow;
                        editQueueItem.IsProcessed     = true;
                    }

                    //save edit queue item changes
                    dataModel.SaveChanges();
                }
                else
                {
                    //anonymous submission, update edit queue item
                    if (enableEditQueueLogging && user == null)
                    {
                        if (newPoiID > 0)
                        {
                            editQueueItem.EntityId = newPoiID;
                        }
                        dataModel.SaveChanges();
                    }
                }

                System.Diagnostics.Debug.WriteLine("Added/Updated CP:" + cpData.Id);

                //if user is not anonymous, log their submission and update their reputation points
                if (user != null)
                {
                    AuditLogManager.Log(user, isUpdate ? AuditEventType.UpdatedItem : AuditEventType.CreatedItem, "Modified OCM-" + cpData.Id, null);
                    //add reputation points
                    new UserManager().AddReputationPoints(user, 1);
                }

                //preserve new POI Id for caller
                updatedPOI.ID = cpData.Id;

                if (performCacheRefresh)
                {
                    if (supersedesID != null)
                    {
                        await CacheManager.RefreshCachedPOI((int)supersedesID);
                    }
                    await CacheManager.RefreshCachedPOI(updatedPOI.ID);
                }

                return(new ValidationResult {
                    IsValid = true, ItemId = updatedPOI.ID, Message = "Update submitted."
                });
            }
            catch (Exception exp)
            {
                System.Diagnostics.Debug.WriteLine(exp.ToString());
                AuditLogManager.ReportWebException(true, null, AuditEventType.SystemErrorWeb, "POI Submission Failed", exp);

                //error performing submission
                return(new ValidationResult {
                    IsValid = false, Message = "Submission Failed with an Exception: " + exp.Message
                });
            }
        }
示例#8
0
 public int PerformSubmission(Common.Model.MediaItem mediaItem, Model.User user)
 {
     return(-1);
 }
示例#9
0
        private static void SendPOICommentSubmissionNotifications(Common.Model.UserComment comment, Model.User user, Core.Data.UserComment dataComment)
        {
            try
            {
                //prepare notification
                NotificationManager notification = new NotificationManager();

                Hashtable msgParams = new Hashtable();
                msgParams.Add("Description", "");
                msgParams.Add("ChargePointID", comment.ChargePointID);
                msgParams.Add("ItemURL", "https://openchargemap.org/site/poi/details/" + comment.ChargePointID);
                msgParams.Add("UserName", user != null ? user.Username : comment.UserName);
                msgParams.Add("MessageBody", "Comment (" + dataComment.UserCommentType.Title + ") added to OCM-" + comment.ChargePointID + ": " + dataComment.Comment);

                //if fault report, attempt to notify operator
                if (dataComment.UserCommentType.Id == (int)StandardCommentTypes.FaultReport)
                {
                    //decide if we can send a fault notification to the operator
                    notification.PrepareNotification(NotificationType.FaultReport, msgParams);

                    //notify default system recipients
                    bool operatorNotified = false;
                    if (dataComment.ChargePoint.Operator != null)
                    {
                        if (!String.IsNullOrEmpty(dataComment.ChargePoint.Operator.FaultReportEmail))
                        {
                            try
                            {
                                notification.SendNotification(dataComment.ChargePoint.Operator.FaultReportEmail, ConfigurationManager.AppSettings["DefaultRecipientEmailAddresses"].ToString());
                                operatorNotified = true;
                            }
                            catch (Exception)
                            {
                                System.Diagnostics.Debug.WriteLine("Fault report: failed to notify operator");
                            }
                        }
                    }

                    if (!operatorNotified)
                    {
                        notification.Subject += " (OCM: Could not notify Operator)";
                        notification.SendNotification(NotificationType.LocationCommentReceived);
                    }
                }
                else
                {
                    //normal comment, notification to OCM only
                    notification.PrepareNotification(NotificationType.LocationCommentReceived, msgParams);

                    //notify default system recipients
                    notification.SendNotification(NotificationType.LocationCommentReceived);
                }
            }
            catch (Exception)
            {
                ;;  // failed to send notification
            }
        }
示例#10
0
        /// <summary>
        /// Submit a new comment against a given charge equipment id
        /// </summary>
        /// <param name="comment"></param>
        /// <returns>ID of new comment, -1 for invalid cp, -2 for general error saving comment</returns>
        public async Task <int> PerformSubmission(Common.Model.UserComment comment, Model.User user)
        {
            //TODO: move all to UserCommentManager
            //populate data model comment from simple comment object

            var dataModel       = new Core.Data.OCMEntities();
            int cpID            = comment.ChargePointID;
            var dataComment     = new Core.Data.UserComment();
            var dataChargePoint = dataModel.ChargePoints.FirstOrDefault(c => c.Id == cpID);

            if (dataChargePoint == null)
            {
                return(-1);                         //invalid charge point specified
            }
            dataComment.ChargePointId = dataChargePoint.Id;

            dataComment.Comment = comment.Comment;
            int commentTypeID = comment.CommentTypeID ?? 10; //default to General Comment

            // some clients may post a CommentType object instead of just an ID
            if (comment.CommentType != null)
            {
                commentTypeID = comment.CommentType.ID;
            }

            dataComment.UserCommentTypeId = commentTypeID;

            int?checkinStatusType = comment.CheckinStatusTypeID;

            dataComment.CheckinStatusTypeId = (byte?)comment.CheckinStatusTypeID;

            // some clients may post a CheckinStatusType object instead of just an ID
            if (dataComment.CheckinStatusTypeId == null && comment.CheckinStatusType != null)
            {
                dataComment.CheckinStatusTypeId = (byte?)comment.CheckinStatusType.ID;
            }

            dataComment.UserName    = comment.UserName;
            dataComment.Rating      = comment.Rating;
            dataComment.RelatedUrl  = comment.RelatedURL;
            dataComment.DateCreated = DateTime.UtcNow;

            if (user != null && user.ID > 0)
            {
                var ocmUser = dataModel.Users.FirstOrDefault(u => u.Id == user.ID);

                if (ocmUser != null)
                {
                    dataComment.UserId   = ocmUser.Id;
                    dataComment.UserName = ocmUser.Username;
                }
            }

            try
            {
                dataChargePoint.DateLastStatusUpdate = DateTime.UtcNow;
                dataModel.UserComments.Add(dataComment);

                dataModel.SaveChanges();

                if (user != null)
                {
                    AuditLogManager.Log(user, AuditEventType.CreatedItem, "Added Comment " + dataComment.Id + " to OCM-" + cpID, null);
                    //add reputation points
                    new UserManager().AddReputationPoints(user, 1);
                }

                //SendPOICommentSubmissionNotifications(comment, user, dataComment);

                //TODO: only refresh cache for specific POI
                await CacheManager.RefreshCachedPOI(dataComment.ChargePoint.Id);

                return(dataComment.Id);
            }
            catch (Exception exp)
            {
                return(-2); //error saving
            }
        }
示例#11
0
        public ActionResult Edit(User updateProfile)
        {
            if (ModelState.IsValid)
            {
                try
                {
                    if (Session["UserID"] != null)
                    {
                        // TODO: Add update logic here
                        var userManager = new UserManager();
                        var user = userManager.GetUser((int)Session["UserID"]);

                        bool updatedOK = false;
                        if (user.ID == updateProfile.ID)
                        {
                            updatedOK = userManager.UpdateUserProfile(updateProfile, false);
                        }

                        if (updatedOK)
                        {
                            return RedirectToAction("Index");
                        }
                        else
                        {
                            TempData["UpdateFailed"] = true;
                        }
                    }

                    return View();
                }
                catch
                {
                    return View();
                }
            }
            return View(updateProfile);
        }
示例#12
0
        /// <summary>
        /// Submit a new comment against a given charge equipment id
        /// </summary>
        /// <param name="comment"></param>
        /// <returns>ID of new comment, -1 for invalid cp, -2 for general error saving comment</returns>
        public int PerformSubmission(Common.Model.UserComment comment, Model.User user)
        {
            //TODO: move all to UserCommentManager
            //populate data model comment from simple comment object

            var dataModel   = new Core.Data.OCMEntities();
            int cpID        = comment.ChargePointID;
            var dataComment = new Core.Data.UserComment();

            dataComment.ChargePoint = dataModel.ChargePoints.FirstOrDefault(c => c.ID == cpID);

            if (dataComment.ChargePoint == null)
            {
                return(-1);                                 //invalid charge point specified
            }
            dataComment.Comment = comment.Comment;
            int commentTypeID = 10; //default to General Comment

            if (comment.CommentType != null)
            {
                commentTypeID = comment.CommentType.ID;
            }
            dataComment.UserCommentType = dataModel.UserCommentTypes.FirstOrDefault(t => t.ID == commentTypeID);
            if (comment.CheckinStatusType != null)
            {
                dataComment.CheckinStatusType = dataModel.CheckinStatusTypes.FirstOrDefault(t => t.ID == comment.CheckinStatusType.ID);
            }
            dataComment.UserName    = comment.UserName;
            dataComment.Rating      = comment.Rating;
            dataComment.RelatedURL  = comment.RelatedURL;
            dataComment.DateCreated = DateTime.UtcNow;

            if (user != null && user.ID > 0)
            {
                var ocmUser = dataModel.Users.FirstOrDefault(u => u.ID == user.ID);

                if (ocmUser != null)
                {
                    dataComment.User     = ocmUser;
                    dataComment.UserName = ocmUser.Username;
                }
            }

            /*if (dataComment.User==null)
             * {
             *  return -3; //rejected, not authenticated
             * }*/

            try
            {
                dataComment.ChargePoint.DateLastStatusUpdate = DateTime.UtcNow;
                dataModel.UserComments.Add(dataComment);

                dataModel.SaveChanges();

                if (user != null)
                {
                    AuditLogManager.Log(user, AuditEventType.CreatedItem, "Added Comment " + dataComment.ID + " to OCM-" + cpID, null);
                    //add reputation points
                    new UserManager().AddReputationPoints(user, 1);
                }

                //SendPOICommentSubmissionNotifications(comment, user, dataComment);

                //TODO: only refresh cache for specific POI
                CacheManager.RefreshCachedPOI(dataComment.ChargePoint.ID);

                return(dataComment.ID);
            }
            catch (Exception)
            {
                return(-2); //error saving
            }
        }
示例#13
0
 /// <summary>
 /// Add reputation points to a user
 /// </summary>
 /// <param name="user"></param>
 /// <param name="amount"></param>
 public void AddReputationPoints(User user, int amount)
 {
     try
     {
         if (user != null)
         {
             if (user.ID > 0)
             {
                 var userData = dataModel.Users.First(u => u.ID == user.ID);
                 if (userData != null)
                 {
                     if (userData.ReputationPoints == null) userData.ReputationPoints = 0;
                     userData.ReputationPoints += amount;
                     dataModel.SaveChanges();
                 }
             }
         }
     }
     catch (Exception)
     {
         //could not add points to given user
     }
 }
示例#14
0
        /// <summary>
        /// Apply updates to a user profile
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        public bool UpdateUserProfile(User updatedProfile, bool allowAdminChanges)
        {
            try
            {
                if (updatedProfile != null)
                {
                    if (updatedProfile.ID > 0)
                    {
                        var userData = dataModel.Users.First(u => u.ID == updatedProfile.ID);
                        if (userData != null)
                        {
                            if (userData.IdentityProvider == "OCM" && String.IsNullOrWhiteSpace(updatedProfile.EmailAddress))
                            {
                                //cannot proceed with update, email required as user name for login
                                return false;
                            }
                            if (userData.EmailAddress != updatedProfile.EmailAddress && !string.IsNullOrWhiteSpace(updatedProfile.EmailAddress))
                            {
                                //ensure email address is not in use by another account before changing
                                if (dataModel.Users.Any(e => e.ID != userData.ID && e.EmailAddress != null && e.EmailAddress.Trim().ToLower() == updatedProfile.EmailAddress.ToLower().Trim()))
                                {
                                    //cannot proceed, user is trying to change email address to match another user
                                    return false;
                                }
                            }

                            userData.Location = updatedProfile.Location;
                            userData.Profile = updatedProfile.Profile;
                            userData.Username = updatedProfile.Username;
                            userData.WebsiteURL = updatedProfile.WebsiteURL;

                            userData.IsProfilePublic = (updatedProfile.IsProfilePublic != null ? (bool)updatedProfile.IsProfilePublic : false);
                            userData.IsPublicChargingProvider = (updatedProfile.IsPublicChargingProvider != null ? (bool)updatedProfile.IsPublicChargingProvider : false);
                            userData.IsEmergencyChargingProvider = (updatedProfile.IsEmergencyChargingProvider != null ? (bool)updatedProfile.IsEmergencyChargingProvider : false);
                            userData.EmailAddress = updatedProfile.EmailAddress;

                            userData.Latitude = updatedProfile.Latitude;
                            userData.Longitude = updatedProfile.Longitude;

                            //TODO: SyncedSettings
                            if (allowAdminChanges)
                            {
                                userData.ReputationPoints = updatedProfile.ReputationPoints;
                                userData.Identifier = updatedProfile.Identifier;
                                userData.Permissions = updatedProfile.Permissions;
                                userData.IdentityProvider = updatedProfile.IdentityProvider;
                            }

                            if (userData.IdentityProvider == "OCM" && !String.IsNullOrWhiteSpace(userData.EmailAddress)) userData.Identifier = userData.EmailAddress;

                            dataModel.SaveChanges();

                            return true;
                        }
                    }
                }
            }
            catch (Exception)
            {
                //could not update user
                return false;
            }

            return false;
        }
示例#15
0
        public bool GrantPermission(User user, StandardPermissionAttributes permissionAttribute, string attributeValue, bool removeOnly, User administrator)
        {
            //to apply permissions we add or remove from the permissions list attached to the user details, we also maintain a string in the legacy semicolon seperated format for apps/code which still requires the older format.
            var userDetails = dataModel.Users.FirstOrDefault(u => u.ID == user.ID);
            if (userDetails != null)
            {
                UserPermissionsContainer userPermissions = new UserPermissionsContainer();
                if (!String.IsNullOrEmpty(user.Permissions))
                {
                    userPermissions = JsonConvert.DeserializeObject<UserPermissionsContainer>(user.Permissions);
                }

                //apply permission to legacypermission tag of user details
                string attributeTag = "[" + permissionAttribute.ToString() + "=" + attributeValue + "];";

                if (userPermissions.LegacyPermissions == null) userPermissions.LegacyPermissions = "";
                if (userPermissions.Permissions == null) userPermissions.Permissions = new List<UserPermission>();

                if (!removeOnly)
                {
                    //add permission

                    //append permission attribute for user

                    //legacy format is [AttributeName1=Value];[AttributeName2=Value]; -legacy  format is maintained as LegacyPermissions  field in JSON format, for older apps (mainly older versions of OCM app)
                    if (!userPermissions.LegacyPermissions.Contains(attributeTag))
                    {
                        if (!userPermissions.LegacyPermissions.EndsWith(";") && userPermissions.LegacyPermissions != "") userPermissions.LegacyPermissions += ";";
                        userPermissions.LegacyPermissions += attributeTag;

                        //add permission to main permission list
                        if (permissionAttribute == StandardPermissionAttributes.CountryLevel_Editor)
                        {
                            var permission = new UserPermission();
                            if (attributeValue != "All")
                            {
                                permission.CountryID = int.Parse(attributeValue);
                            }
                            permission.Level = PermissionLevel.Editor;
                            userPermissions.Permissions.Add(permission);
                        }

                        //TODO: administrator permissions
                        AuditLogManager.Log(administrator, AuditEventType.PermissionGranted, "User: "******"; Permission:" + permissionAttribute.ToString(), null);
                    }
                }
                else
                {
                    //remove permission
                    userPermissions.LegacyPermissions = userPermissions.LegacyPermissions.Replace(attributeTag, "");

                    if (permissionAttribute == StandardPermissionAttributes.CountryLevel_Editor)
                    {
                        if (attributeValue != "All")
                        {
                            int countryID = int.Parse(attributeValue);
                            userPermissions.Permissions.RemoveAll(p => p.Level == PermissionLevel.Editor && p.CountryID == countryID);
                        }
                        else
                        {
                            userPermissions.Permissions.RemoveAll(p => p.Level == PermissionLevel.Editor);
                        }
                    }
                    AuditLogManager.Log(administrator, AuditEventType.PermissionRemoved, "User: "******"; Permission:" + permissionAttribute.ToString(), null);
                }

                //remove requested permission attribute if it exists
                if (userDetails.PermissionsRequested != null)
                {
                    userDetails.PermissionsRequested = userDetails.PermissionsRequested.Replace(attributeTag, "");
                }

                userDetails.Permissions = JsonConvert.SerializeObject(userPermissions, Formatting.None, new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore });
                dataModel.SaveChanges();
                return true;
            }
            else
            {
                return false;
            }
        }