Merge pull request #1274 from sbwalker/dev

user and role management improvements
2021-04-23 16:09:19 -04:00
parent 65aac34f8c 9d083726be
commit 310c782326
11 changed files with 123 additions and 58 deletions
--- a/Oqtane.Server/Controllers/RoleController.cs
+++ b/Oqtane.Server/Controllers/RoleController.cs
@ -1,4 +1,4 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Authorization;
 using Oqtane.Enums;
@ -21,12 +21,16 @@ namespace Oqtane.Controllers
            _logger = logger;
        }

-        // GET: api/<controller>?siteid=x
+        // GET: api/<controller>?siteid=x&global=true/false
        [HttpGet]
        [Authorize(Roles = RoleNames.Registered)]
-        public IEnumerable<Role> Get(string siteid)
+        public IEnumerable<Role> Get(string siteid, string global)
        {
-            return _roles.GetRoles(int.Parse(siteid));
+            if (string.IsNullOrEmpty(global))
+            {
+                global = "false";
+            }
+            return _roles.GetRoles(int.Parse(siteid), bool.Parse(global));
        }

        // GET api/<controller>/5
--- a/Oqtane.Server/Controllers/UserRoleController.cs
+++ b/Oqtane.Server/Controllers/UserRoleController.cs
@ -1,4 +1,4 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Authorization;
 using Oqtane.Enums;
@ -6,6 +6,7 @@ using Oqtane.Models;
 using Oqtane.Shared;
 using Oqtane.Infrastructure;
 using Oqtane.Repository;
+using System.Linq;

 namespace Oqtane.Controllers
 {
@ -13,13 +14,15 @@ namespace Oqtane.Controllers
    public class UserRoleController : Controller
    {
        private readonly IUserRoleRepository _userRoles;
+        private readonly IRoleRepository _roles;
        private readonly ITenantResolver _tenants;
        private readonly ISyncManager _syncManager;
        private readonly ILogManager _logger;

-        public UserRoleController(IUserRoleRepository userRoles, ITenantResolver tenants, ISyncManager syncManager, ILogManager logger)
+        public UserRoleController(IUserRoleRepository userRoles, IRoleRepository roles, ITenantResolver tenants, ISyncManager syncManager, ILogManager logger)
        {
            _userRoles = userRoles;
+            _roles = roles;
            _syncManager = syncManager;
            _tenants = tenants;
            _logger = logger;
@ -46,8 +49,13 @@ namespace Oqtane.Controllers
        [Authorize(Roles = RoleNames.Admin)]
        public UserRole Post([FromBody] UserRole userRole)
        {
-            if (ModelState.IsValid)
+            var role = _roles.GetRole(userRole.RoleId);
+            if (ModelState.IsValid && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
            {
+                if (role.Name == RoleNames.Host)
+                {
+                    _userRoles.DeleteUserRoles(userRole.UserId);
+                }
                userRole = _userRoles.AddUserRole(userRole);
                _syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
                _logger.Log(LogLevel.Information, this, LogFunction.Create, "User Role Added {UserRole}", userRole);
@ -60,7 +68,8 @@ namespace Oqtane.Controllers
        [Authorize(Roles = RoleNames.Admin)]
        public UserRole Put(int id, [FromBody] UserRole userRole)
        {
-            if (ModelState.IsValid)
+            var role = _roles.GetRole(userRole.RoleId);
+            if (ModelState.IsValid && (User.IsInRole(RoleNames.Host) || role.Name != RoleNames.Host))
            {
                userRole = _userRoles.UpdateUserRole(userRole);
                _syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
@ -75,9 +84,17 @@ namespace Oqtane.Controllers
        public void Delete(int id)
        {
            UserRole userRole = _userRoles.GetUserRole(id);
-            _userRoles.DeleteUserRole(id);
-            _syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
-            _logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userRole);
+            if (User.IsInRole(RoleNames.Host) || userRole.Role.Name != RoleNames.Host)
+            {
+                _userRoles.DeleteUserRole(id);
+                if (userRole.Role.Name == RoleNames.Host)
+                {
+                    var role = _roles.GetRoles(_tenants.GetAlias().SiteId).FirstOrDefault(item => item.Name == RoleNames.Registered);
+                    _userRoles.AddUserRole(new UserRole { UserId = userRole.UserId, RoleId = role.RoleId, EffectiveDate = null, ExpiryDate = null });
+                }
+                _syncManager.AddSyncEvent(_tenants.GetTenant().TenantId, EntityNames.User, userRole.UserId);
+                _logger.Log(LogLevel.Information, this, LogFunction.Delete, "User Role Deleted {UserRole}", userRole);
+            }
        }
    }
 }
--- a/Oqtane.Server/Repository/Interfaces/IUserRoleRepository.cs
+++ b/Oqtane.Server/Repository/Interfaces/IUserRoleRepository.cs
@ -1,4 +1,4 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using Oqtane.Models;

 namespace Oqtane.Repository
@ -11,5 +11,6 @@ namespace Oqtane.Repository
        UserRole UpdateUserRole(UserRole userRole);
        UserRole GetUserRole(int userRoleId);
        void DeleteUserRole(int userRoleId);
+        void DeleteUserRoles(int userId);
    }
 }
--- a/Oqtane.Server/Repository/SiteRepository.cs
+++ b/Oqtane.Server/Repository/SiteRepository.cs
@ -649,9 +649,9 @@ namespace Oqtane.Repository
            _roleRepository.AddRole(new Role {SiteId = site.SiteId, Name = RoleNames.Admin, Description = "Site Administrators", IsAutoAssigned = false, IsSystem = true});

            _profileRepository.AddProfile(new Profile
-                {SiteId = site.SiteId, Name = "FirstName", Title = "First Name", Description = "Your First Or Given Name", Category = "Name", ViewOrder = 1, MaxLength = 50, DefaultValue = "", IsRequired = true, IsPrivate = false});
+                {SiteId = site.SiteId, Name = "FirstName", Title = "First Name", Description = "Your First Or Given Name", Category = "Name", ViewOrder = 1, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false});
            _profileRepository.AddProfile(new Profile
-                {SiteId = site.SiteId, Name = "LastName", Title = "Last Name", Description = "Your Last Or Family Name", Category = "Name", ViewOrder = 2, MaxLength = 50, DefaultValue = "", IsRequired = true, IsPrivate = false});
+                {SiteId = site.SiteId, Name = "LastName", Title = "Last Name", Description = "Your Last Or Family Name", Category = "Name", ViewOrder = 2, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false});
            _profileRepository.AddProfile(new Profile
                {SiteId = site.SiteId, Name = "Street", Title = "Street", Description = "Street Or Building Address", Category = "Address", ViewOrder = 3, MaxLength = 50, DefaultValue = "", IsRequired = false, IsPrivate = false});
            _profileRepository.AddProfile(
--- a/Oqtane.Server/Repository/UserRoleRepository.cs
+++ b/Oqtane.Server/Repository/UserRoleRepository.cs
@ -58,5 +58,14 @@ namespace Oqtane.Repository
            _db.UserRole.Remove(userRole);
            _db.SaveChanges();
        }
+
+        public void DeleteUserRoles(int userId)
+        {
+            foreach (UserRole userRole in _db.UserRole.Where(item => item.Role.SiteId != null))
+            {
+                _db.UserRole.Remove(userRole);
+            }
+            _db.SaveChanges();
+        }
    }
 }