user and role management improvements
This commit is contained in:
Shaun Walker
parent
2780e4d029
commit
9d083726be
@ -63,7 +63,7 @@ else
|
||||
<Row>
|
||||
<td>@context.User.DisplayName</td>
|
||||
<td>
|
||||
<button type="button" class="btn btn-danger" @onclick=@(async () => await DeleteUserRole(context.UserRoleId))>@Localizer["Delete"]</button>
|
||||
<ActionDialog Header="Remove User" Message="@Localizer["Are You Sure You Wish To Remove {0} From This Role?", context.User.DisplayName]" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUserRole(context.UserRoleId))" ResourceKey="DeleteUserRole" />
|
||||
</td>
|
||||
</Row>
|
||||
</Pager>
|
||||
@ -140,9 +140,10 @@ else
|
||||
await UserRoleService.AddUserRoleAsync(userrole);
|
||||
}
|
||||
|
||||
await GetUserRoles();
|
||||
await logger.LogInformation("User Assigned To Role {UserRole}", userrole);
|
||||
AddModuleMessage(Localizer["User Assigned To Role"], MessageType.Success);
|
||||
await GetUserRoles();
|
||||
StateHasChanged();
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -161,9 +162,10 @@ else
|
||||
try
|
||||
{
|
||||
await UserRoleService.DeleteUserRoleAsync(UserRoleId);
|
||||
await GetUserRoles();
|
||||
await logger.LogInformation("User Removed From Role {UserRoleId}", UserRoleId);
|
||||
AddModuleMessage(Localizer["User Removed From Role"], MessageType.Success);
|
||||
await GetUserRoles();
|
||||
StateHasChanged();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
|
||||
@ -131,26 +131,34 @@
|
||||
{
|
||||
if (password == confirm)
|
||||
{
|
||||
var user = new User();
|
||||
user.SiteId = PageState.Site.SiteId;
|
||||
user.Username = username;
|
||||
user.Password = password;
|
||||
user.Email = email;
|
||||
user.DisplayName = string.IsNullOrWhiteSpace(displayname) ? username : displayname;
|
||||
user.PhotoFileId = null;
|
||||
|
||||
user = await UserService.AddUserAsync(user);
|
||||
|
||||
if (user != null)
|
||||
var user = await UserService.GetUserAsync(username, PageState.Site.SiteId);
|
||||
if (user == null)
|
||||
{
|
||||
await SettingService.UpdateUserSettingsAsync(settings, user.UserId);
|
||||
await logger.LogInformation("User Created {User}", user);
|
||||
NavigationManager.NavigateTo(NavigateUrl());
|
||||
user = new User();
|
||||
user.SiteId = PageState.Site.SiteId;
|
||||
user.Username = username;
|
||||
user.Password = password;
|
||||
user.Email = email;
|
||||
user.DisplayName = string.IsNullOrWhiteSpace(displayname) ? username : displayname;
|
||||
user.PhotoFileId = null;
|
||||
|
||||
user = await UserService.AddUserAsync(user);
|
||||
|
||||
if (user != null)
|
||||
{
|
||||
await SettingService.UpdateUserSettingsAsync(settings, user.UserId);
|
||||
await logger.LogInformation("User Created {User}", user);
|
||||
NavigationManager.NavigateTo(NavigateUrl());
|
||||
}
|
||||
else
|
||||
{
|
||||
await logger.LogError("Error Adding User {Username} {Email}", username, email);
|
||||
AddModuleMessage(Localizer["Error Adding User. Please Ensure Password Meets Complexity Requirements And Username And Email Are Not Already In Use."], MessageType.Error);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
await logger.LogError("Error Adding User {Username} {Email}", username, email);
|
||||
AddModuleMessage(Localizer["Error Adding User. Please Ensure Password Meets Complexity Requirements And Username Is Not Already In Use."], MessageType.Error);
|
||||
AddModuleMessage(Localizer["Username Already Exists"], MessageType.Warning);
|
||||
}
|
||||
}
|
||||
else
|
||||
|
||||
@ -13,10 +13,15 @@
|
||||
}
|
||||
else
|
||||
{
|
||||
<ActionLink Action="Add" Text="Add User" ResourceKey="AddUser" />
|
||||
|
||||
<div class="d-flex p-1">
|
||||
<input class="form-control mr-4" @bind="@_search" /><button class="btn btn-outline-primary ml-1" @onclick="OnSearch">@Localizer["Search"]</button>
|
||||
<div class="form-row">
|
||||
<div class="col">
|
||||
<ActionLink Action="Add" Text="Add User" ResourceKey="AddUser" />
|
||||
</div>
|
||||
<div class="col">
|
||||
<div class="input-group flex-nowrap">
|
||||
<input class="form-control" @bind="@_search" /> <button class="btn btn-secondary" @onclick="OnSearch">@Localizer["Search"]</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<Pager Items="@userroles">
|
||||
@ -31,7 +36,10 @@ else
|
||||
<ActionLink Action="Edit" Parameters="@($"id=" + context.UserId.ToString())" ResourceKey="EditUser" />
|
||||
</td>
|
||||
<td>
|
||||
<ActionDialog Header="Delete User" Message="@Localizer["Are You Sure You Wish To Delete {0}?", context.User.DisplayName]" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUser(context))" ResourceKey="DeleteUser" />
|
||||
@if (context.Role.Name != RoleNames.Host)
|
||||
{
|
||||
<ActionDialog Header="Delete User" Message="@Localizer["Are You Sure You Wish To Delete {0}?", context.User.DisplayName]" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUser(context))" ResourceKey="DeleteUser" />
|
||||
}
|
||||
</td>
|
||||
<td>
|
||||
<ActionLink Action="Roles" Parameters="@($"id=" + context.UserId.ToString())" ResourceKey="Roles" />
|
||||
@ -57,19 +65,19 @@ else
|
||||
|
||||
private List<UserRole> Search(string search)
|
||||
{
|
||||
var results = allroles.Where(item => item.Role.Name == RoleNames.Registered || (item.Role.Name == RoleNames.Host && UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)));
|
||||
|
||||
if (string.IsNullOrEmpty(_search))
|
||||
{
|
||||
return allroles.Where(item => item.Role.Name == RoleNames.Registered).ToList();
|
||||
results = results.Where(item =>
|
||||
(
|
||||
item.User.Username.Contains(search, StringComparison.OrdinalIgnoreCase) ||
|
||||
item.User.Email.Contains(search, StringComparison.OrdinalIgnoreCase) ||
|
||||
item.User.DisplayName.Contains(search, StringComparison.OrdinalIgnoreCase)
|
||||
)
|
||||
);
|
||||
}
|
||||
return allroles
|
||||
.Where(item => item.Role.Name == RoleNames.Registered &&
|
||||
(
|
||||
item.User.Username.Contains(search, StringComparison.OrdinalIgnoreCase) ||
|
||||
item.User.Email.Contains(search, StringComparison.OrdinalIgnoreCase) ||
|
||||
item.User.DisplayName.Contains(search, StringComparison.OrdinalIgnoreCase)
|
||||
)
|
||||
)
|
||||
.ToList();
|
||||
return results.ToList();
|
||||
}
|
||||
|
||||
private async Task OnSearch()
|
||||
|
||||
@ -64,10 +64,10 @@ else
|
||||
<Row>
|
||||
<td>@context.Role.Name</td>
|
||||
<td>
|
||||
@if (context.Role.Name != RoleNames.Registered)
|
||||
{
|
||||
<button type="button" class="btn btn-danger" @onclick=@(async () => await DeleteUserRole(context.UserRoleId))>@Localizer["Delete"]</button>
|
||||
}
|
||||
@if (context.Role.Name != RoleNames.Registered && (context.Role.Name != RoleNames.Host || userid != PageState.User.UserId))
|
||||
{
|
||||
<ActionDialog Header="Remove Role" Message="@Localizer["Are You Sure You Wish To Remove This User From The {0} Role?", context.Role.Name]" Action="Delete" Security="SecurityAccessLevel.Admin" Class="btn btn-danger" OnClick="@(async () => await DeleteUserRole(context.UserRoleId))" ResourceKey="DeleteUserRole" />
|
||||
}
|
||||
</td>
|
||||
</Row>
|
||||
</Pager>
|
||||
@ -92,7 +92,14 @@ else
|
||||
userid = Int32.Parse(PageState.QueryString["id"]);
|
||||
User user = await UserService.GetUserAsync(userid, PageState.Site.SiteId);
|
||||
name = user.DisplayName;
|
||||
roles = await RoleService.GetRolesAsync(PageState.Site.SiteId);
|
||||
if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host))
|
||||
{
|
||||
roles = await RoleService.GetRolesAsync(PageState.Site.SiteId, true);
|
||||
}
|
||||
else
|
||||
{
|
||||
roles = await RoleService.GetRolesAsync(PageState.Site.SiteId);
|
||||
}
|
||||
await GetUserRoles();
|
||||
}
|
||||
catch (Exception ex)
|
||||
@ -171,9 +178,10 @@ else
|
||||
await UserRoleService.AddUserRoleAsync(userrole);
|
||||
}
|
||||
|
||||
await GetUserRoles();
|
||||
await logger.LogInformation("User Assigned To Role {UserRole}", userrole);
|
||||
AddModuleMessage(Localizer["User Assigned To Role"], MessageType.Success);
|
||||
await GetUserRoles();
|
||||
StateHasChanged();
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -192,9 +200,10 @@ else
|
||||
try
|
||||
{
|
||||
await UserRoleService.DeleteUserRoleAsync(UserRoleId);
|
||||
await GetUserRoles();
|
||||
await logger.LogInformation("User Removed From Role {UserRoleId}", UserRoleId);
|
||||
AddModuleMessage(Localizer["User Removed From Role"], MessageType.Success);
|
||||
await GetUserRoles();
|
||||
StateHasChanged();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
using Oqtane.Models;
|
||||
using Oqtane.Models;
|
||||
using System.Collections.Generic;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
@ -8,6 +8,8 @@ namespace Oqtane.Services
|
||||
{
|
||||
Task<List<Role>> GetRolesAsync(int siteId);
|
||||
|
||||
Task<List<Role>> GetRolesAsync(int siteId, bool includeGlobalRoles);
|
||||
|
||||
Task<Role> GetRoleAsync(int roleId);
|
||||
|
||||
Task<Role> AddRoleAsync(Role role);
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
using Oqtane.Models;
|
||||
using Oqtane.Models;
|
||||
using System.Threading.Tasks;
|
||||
using System.Net.Http;
|
||||
using System.Linq;
|
||||
@ -22,7 +22,12 @@ namespace Oqtane.Services
|
||||
|
||||
public async Task<List<Role>> GetRolesAsync(int siteId)
|
||||
{
|
||||
List<Role> roles = await GetJsonAsync<List<Role>>($"{Apiurl}?siteid={siteId}");
|
||||
return await GetRolesAsync(siteId, false);
|
||||
}
|
||||
|
||||
public async Task<List<Role>> GetRolesAsync(int siteId, bool includeGlobalRoles)
|
||||
{
|
||||
List<Role> roles = await GetJsonAsync<List<Role>>($"{Apiurl}?siteid={siteId}&global={includeGlobalRoles}");
|
||||
return roles.OrderBy(item => item.Name).ToList();
|
||||
}
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
using System.Collections.Generic;
|
||||
using System.Collections.Generic;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Oqtane.Enums;
|
||||
@ -21,12 +21,16 @@ namespace Oqtane.Controllers
|
||||
_logger = logger;
|
||||
}
|
||||
|
||||
// GET: api/<controller>?siteid=x
|
||||
// GET: api/<controller>?siteid=x&global=true/false
|
||||
[HttpGet]
|
||||
[Authorize(Roles = RoleNames.Registered)]
|
||||
public IEnumerable<Role> Get(string siteid)
|
||||
public IEnumerable<Role> Get(string siteid, string global)
|
||||
{
|
||||
return _roles.GetRoles(int.Parse(siteid));
|
||||
if (string.IsNullOrEmpty(global))
|
||||
{
|
||||
global = "false";
|
||||
}
|
||||
return _roles.GetRoles(int.Parse(siteid), bool.Parse(global));
|
||||
}
|
||||
|
||||
// GET api/<controller>/5
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
using System.Collections.Generic;
|
||||
using System.Collections.Generic;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Oqtane.Enums;
|
||||
@ -6,6 +6,7 @@ using Oqtane.Models;
|
||||
using Oqtane.Shared;
|
||||
using Oqtane.Infrastructure;
|
||||
using Oqtane.Repository;
|
||||
using System.Linq;
|
||||
|
||||
namespace Oqtane.Controllers
|
||||
{
|
||||
@ -13,13 +14,15 @@ namespace Oqtane.Controllers
|
||||
public class UserRoleController : Controller
|
||||
{
|
||||
private readonly IUserRoleRepository _userRoles;
|
||||
private readonly IRoleRepository _roles;
|
||||
private readonly ITenantResolver _tenants;
|
||||
private readonly ISyncManager _syncManager;
|
||||
private readonly ILogManager _logger;
|
||||
|
||||
public UserRoleController(IUserRoleRepository userRoles, ITenantResolver tenants, ISyncManager syncManager, ILogManager logger)
|
||||
public UserRoleController(IUserRoleRepository userRoles, IRoleRepository roles, ITenantResolver tenants, ISyncManager syncManager, ILogManager logger)
|
||||
{
|
||||
_userRoles = userRoles;
|
||||
_roles = roles;
|
||||
_syncManager = syncManager;
|
||||
_tenants = tenants;
|
||||
_logger = logger;
|
||||
@ -46,8 +49,13 @@ namespace Oqtane.Controllers
|
||||
[Authorize(Roles = RoleNames.Admin)]
|
||||
public UserRole Post([FromBody] UserRole userRole)
|
||||
{
|
||||
if (ModelState.IsValid)
|
||||
var role = _roles.GetRole(userRole.RoleId);
|
||||
if (ModelState.IsValid && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
|
||||
{
|
||||
if (role.Name == RoleNames.Host)
|
||||
{
|
||||
_userRoles.DeleteUserRoles(userRole.UserId);
|
||||
}
|
||||
userRole = _userRoles.AddUserRole(userRole);
|
||||
_syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
|
||||
_logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userRole);
|
||||
@ -60,7 +68,8 @@ namespace Oqtane.Controllers
|
||||
[Authorize(Roles = RoleNames.Admin)]
|
||||
public UserRole Put(int id, [FromBody] UserRole userRole)
|
||||
{
|
||||
if (ModelState.IsValid)
|
||||
var role = _roles.GetRole(userRole.RoleId);
|
||||
if (ModelState.IsValid && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
|
||||
{
|
||||
userRole = _userRoles.UpdateUserRole(userRole);
|
||||
_syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
|
||||
@ -75,9 +84,17 @@ namespace Oqtane.Controllers
|
||||
public void Delete(int id)
|
||||
{
|
||||
UserRole userRole = _userRoles.GetUserRole(id);
|
||||
_userRoles.DeleteUserRole(id);
|
||||
_syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
|
||||
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userRole);
|
||||
if (User.IsInRole(RoleNames.Host) || userRole.Role.Name != RoleNames.Host)
|
||||
{
|
||||
_userRoles.DeleteUserRole(id);
|
||||
if (userRole.Role.Name == RoleNames.Host)
|
||||
{
|
||||
var role = _roles.GetRoles(_tenants.GetAlias().SiteId).FirstOrDefault(item => item.Name == RoleNames.Registered);
|
||||
_userRoles.AddUserRole(new UserRole { UserId = userRole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
|
||||
}
|
||||
_syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
|
||||
_logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userRole);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
using System.Collections.Generic;
|
||||
using System.Collections.Generic;
|
||||
using Oqtane.Models;
|
||||
|
||||
namespace Oqtane.Repository
|
||||
@ -11,5 +11,6 @@ namespace Oqtane.Repository
|
||||
UserRole UpdateUserRole(UserRole userRole);
|
||||
UserRole GetUserRole(int userRoleId);
|
||||
void DeleteUserRole(int userRoleId);
|
||||
void DeleteUserRoles(int userId);
|
||||
}
|
||||
}
|
||||
|
||||
@ -649,9 +649,9 @@ namespace Oqtane.Repository
|
||||
_roleRepository.AddRole(new Role {SiteId = site.SiteId, Name = RoleNames.Admin, Description = "Site Administrators", IsAutoAssigned = false, IsSystem = true});
|
||||
|
||||
_profileRepository.AddProfile(new Profile
|
||||
{SiteId = site.SiteId, Name = "FirstName", Title = "First Name", Description = "Your First Or Given Name", Category = "Name", ViewOrder = 1, MaxLength = 50, DefaultValue = "", IsRequired = true, IsPrivate = false});
|
||||
{SiteId = site.SiteId, Name = "FirstName", Title = "First Name", Description = "Your First Or Given Name", Category = "Name", ViewOrder = 1, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false});
|
||||
_profileRepository.AddProfile(new Profile
|
||||
{SiteId = site.SiteId, Name = "LastName", Title = "Last Name", Description = "Your Last Or Family Name", Category = "Name", ViewOrder = 2, MaxLength = 50, DefaultValue = "", IsRequired = true, IsPrivate = false});
|
||||
{SiteId = site.SiteId, Name = "LastName", Title = "Last Name", Description = "Your Last Or Family Name", Category = "Name", ViewOrder = 2, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false});
|
||||
_profileRepository.AddProfile(new Profile
|
||||
{SiteId = site.SiteId, Name = "Street", Title = "Street", Description = "Street Or Building Address", Category = "Address", ViewOrder = 3, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false});
|
||||
_profileRepository.AddProfile(
|
||||
|
||||
@ -58,5 +58,14 @@ namespace Oqtane.Repository
|
||||
_db.UserRole.Remove(userRole);
|
||||
_db.SaveChanges();
|
||||
}
|
||||
|
||||
public void DeleteUserRoles(int userId)
|
||||
{
|
||||
foreach (UserRole userRole in _db.UserRole.Where(item => item.Role.SiteId != null))
|
||||
{
|
||||
_db.UserRole.Remove(userRole);
|
||||
}
|
||||
_db.SaveChanges();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user