public static AddEditAccountViewModel SetPermissionFlags(this AddEditAccountViewModel model) { model.EditingSelf = model.UserId == Permission.GetCurrentUserId(); bool permission = !model.EditingSelf && UserContext.GetUserContext().ContextName == UserContext.UserContextName.Administration; model.CanEditProviderOrganisation = permission; model.CanEditRole = !model.EditingSelf; model.CanEditUserType = permission; return(model); }
/// <summary> /// Populate an add user view model. /// </summary> /// <param name="model"> /// The model. /// </param> /// <param name="db"> /// The db. /// </param> /// <param name="userId"> /// The user ID or email address. /// </param> /// <returns> /// The <see cref="AddEditAccountViewModel" />. /// </returns> public static AddEditAccountViewModel Populate(this AddEditAccountViewModel model, ProviderPortalEntities db, string userId = null) { model.SetPermissionFlags(); model.UserTypes = GetUserTypes(db); AspNetUser user = null; if (userId != null) { user = db.AspNetUsers.FirstOrDefault(x => x.Id == userId || x.Email == userId || x.UserName == userId); if (user == null) { throw new ArgumentOutOfRangeException("User " + userId + " not found."); } model.Roles = GetRoles(); model.AspNetRoles = GetAspNetRoles(db, model.Roles); } if (user != null) { model.UserId = user.Id; model.EditingSelf = model.UserId == Permission.GetCurrentUserId(); model.Email = user.Email; model.RoleId = user.AspNetRoles.First().Name; model.UserTypeId = user.ProviderUserTypeId; model.UserType = user.ProviderUserType.ProviderUserTypeName; model.Name = user.Name; model.Address = user.Address == null ? new AddressViewModel() : new AddressViewModel(user.Address); model.PhoneNumber = user.PhoneNumber; model.IsDeleted = user.IsDeleted; model.IsSecureAccessUser = user.IsSecureAccessUser; if (user.Providers2.Any()) { Provider provider = user.Providers2.First(); model.ProviderId = "P" + provider.ProviderId; model.Provider = provider.ProviderName; } else if (user.Organisations2.Any()) { Organisation organisation = user.Organisations2.First(); model.ProviderId = "O" + organisation.OrganisationId; model.Organisation = organisation.OrganisationName; } else { model.ProviderId = string.Empty; model.Provider = string.Empty; } } else { model.RoleId = string.Empty; model.UserTypeId = 0; model.Roles = GetRoles(); model.AspNetRoles = GetAspNetRoles(db, model.Roles); } model.Address = model.Address ?? new AddressViewModel(); model.Address.Populate(db); return(model); }
/// <summary> /// Validate an <see cref="AddEditAccountViewModel" />. Base validation is done via model annotations this does /// additional sanity checks. /// </summary> /// <param name="model"> /// The model. /// </param> /// <param name="db"> /// The db. /// </param> /// <param name="state"> /// The state. /// </param> public static void Validate(this AddEditAccountViewModel model, ProviderPortalEntities db, ModelStateDictionary state) { model.SetPermissionFlags(); if (model.CanEditRole && model.RoleId == null) { state.AddModelError("RoleId", AppGlobal.Language.GetText("Account_Role_MustSpecifyRole", "The Role field is required")); } if (!model.EditingSelf && model.CanEditRole && model.RoleId != null && GetRoles().All(x => x.Value != model.RoleId.ToString(CultureInfo.InvariantCulture))) { state.AddModelError("RoleId", AppGlobal.Language.GetText("Account_Role_InvalidRole", "Invalid role")); } if (model.CanEditUserType && GetUserTypes(db).All(x => x.Value != model.UserTypeId.ToString(CultureInfo.InvariantCulture))) { state.AddModelError( "UserTypeId", AppGlobal.Language.GetText("Account_Role_InvalidUserType", "Invalid user type")); } var user = db.AspNetUsers.FirstOrDefault(x => x.Id == model.UserId); model.Email = String.IsNullOrEmpty(model.Email) ? String.Empty : model.Email.Trim(); if (model.UserId != null && user == null) { state.AddModelError("Email", AppGlobal.Language.GetText("Account_Role_AccountNotFound", "User account not found")); } else if (user == null || !model.Email.Equals(user.Email, StringComparison.CurrentCultureIgnoreCase)) { var inUse = db.AspNetUsers.Any(x => x.Email == model.Email); if (inUse) { state.AddModelError("Email", AppGlobal.Language.GetText("Account_Role_EmailInUse", "That email address is already in use for another account")); } } if (model.CanEditProviderOrganisation) { var roleInContext = db.AspNetRoles.FirstOrDefault(x => x.Name.Equals(model.RoleId)); if (roleInContext != null && String.IsNullOrWhiteSpace(model.ProviderId)) { var roleContext = (UserContext.UserContextName)roleInContext.UserContextId; if (roleContext == UserContext.UserContextName.Provider) { state.AddModelError("Provider", String.IsNullOrWhiteSpace(model.Provider) ? AppGlobal.Language.GetText("Account_Provider_RequiredMessage", "Provider is required") : AppGlobal.Language.GetText("Account_Provider_InvalidProvider", "Invalid provider")); } else if (roleContext == UserContext.UserContextName.Organisation) { state.AddModelError("Organisation", String.IsNullOrWhiteSpace(model.Provider) ? AppGlobal.Language.GetText("Account_Organisation_RequiredMessage", "Organisation is required") : AppGlobal.Language.GetText("Account_OPrganisation_InvalidOrganisation", "Invalid organisation")); } } } // SA users do not have addresses if (!model.IsSecureAccessUser) { model.Address.Validate(db, state); } }