245 lines
7.0 KiB
C#
245 lines
7.0 KiB
C#
using System;
|
|
using System.Linq;
|
|
using System.Web.Mvc;
|
|
using System.Web.Security;
|
|
using MileageTraker.Web.ViewModels.User;
|
|
|
|
namespace MileageTraker.Web.Controllers
|
|
{
|
|
[Authorize(Roles = "Administrator, Developer")]
|
|
public class UserController : ControllerBase
|
|
{
|
|
public ActionResult Index()
|
|
{
|
|
return View(DataService.GetUsers().ToList());
|
|
}
|
|
|
|
public ActionResult Details(Guid id)
|
|
{
|
|
var user = Membership.GetUser(id);
|
|
if (user == null)
|
|
{
|
|
return HttpNotFound();
|
|
}
|
|
return View(DataService.GetUser(id));
|
|
}
|
|
|
|
public JsonResult UsernameAvailable(string username)
|
|
{
|
|
var user = DataService.FindUserByUsername(username);
|
|
return Json(user == null, JsonRequestBehavior.AllowGet);
|
|
}
|
|
|
|
public JsonResult EmailAvailable(string email)
|
|
{
|
|
var user = DataService.FindUserByEmail(email);
|
|
return Json(user == null, JsonRequestBehavior.AllowGet);
|
|
}
|
|
|
|
public ActionResult Create()
|
|
{
|
|
var vm = new CreateUserViewModel
|
|
{
|
|
AvailableRoles = Roles.GetAllRoles()
|
|
};
|
|
|
|
return View(vm);
|
|
}
|
|
|
|
[HttpPost]
|
|
public ActionResult Create(CreateUserViewModel viewModel)
|
|
{
|
|
if (ModelState.IsValid)
|
|
{
|
|
MembershipCreateStatus membershipCreateStatus;
|
|
var membershipUser =
|
|
Membership.CreateUser(
|
|
viewModel.Username,
|
|
viewModel.Password,
|
|
viewModel.Email,
|
|
null,
|
|
null,
|
|
true,
|
|
out membershipCreateStatus);
|
|
|
|
if (membershipUser == null)
|
|
{
|
|
ModelState.AddModelError("", ErrorCodeToString(membershipCreateStatus));
|
|
viewModel.AvailableRoles = Roles.GetAllRoles();
|
|
return View(viewModel);
|
|
}
|
|
|
|
if (viewModel.Roles != null && viewModel.Roles.Any())
|
|
{
|
|
Roles.AddUserToRoles(
|
|
membershipUser.UserName,
|
|
viewModel.Roles);
|
|
}
|
|
|
|
var user = DataService.GetUser((Guid) membershipUser.ProviderUserKey);
|
|
user.FullName = viewModel.FullName;
|
|
DataService.UpdateUserPersonalInfo(user);
|
|
|
|
TempData["StatusMessage"] = "User " + user.Username + " created";
|
|
return RedirectToAction("Index");
|
|
}
|
|
|
|
viewModel.AvailableRoles = Roles.GetAllRoles();
|
|
return View(viewModel);
|
|
}
|
|
|
|
public ActionResult Edit(Guid id)
|
|
{
|
|
var user = DataService.GetUser(id);
|
|
if (user == null)
|
|
{
|
|
return HttpNotFound();
|
|
}
|
|
|
|
var vm = new EditUserViewModel(user)
|
|
{
|
|
Roles = Roles.GetRolesForUser(user.Username),
|
|
AvailableRoles = Roles.GetAllRoles()
|
|
};
|
|
|
|
return View(vm);
|
|
}
|
|
|
|
[HttpPost]
|
|
public ActionResult Edit(EditUserViewModel viewModel)
|
|
{
|
|
if (ModelState.IsValid)
|
|
{
|
|
var user = DataService.GetUser(viewModel.UserId);
|
|
viewModel.UpdateUser(user);
|
|
DataService.UpdateUserPersonalInfo(user);
|
|
|
|
Roles.RemoveUserFromRoles(user.Username, Roles.GetAllRoles());
|
|
if (viewModel.Roles != null && viewModel.Roles.Any())
|
|
{
|
|
Roles.AddUserToRoles(
|
|
user.Username,
|
|
viewModel.Roles);
|
|
}
|
|
|
|
TempData["StatusMessage"] = "Changes saved for " + user.Username;
|
|
return RedirectToAction("Details", new { id = viewModel.UserId});
|
|
}
|
|
return View(viewModel);
|
|
}
|
|
|
|
public ActionResult SetPassword(Guid id)
|
|
{
|
|
var user = Membership.GetUser(id);
|
|
if (user == null)
|
|
return HttpNotFound();
|
|
|
|
var viewModel = new SetPasswordViewModel {UserId = id, Username = user.UserName};
|
|
return View(viewModel);
|
|
}
|
|
|
|
[HttpPost]
|
|
public ActionResult SetPassword(SetPasswordViewModel viewModel)
|
|
{
|
|
if (ModelState.IsValid)
|
|
{
|
|
DataService.UpdateUserPassword(viewModel.UserId, viewModel.NewPassword);
|
|
TempData["StatusMessage"] = "Password set for " + viewModel.Username;
|
|
return RedirectToAction("Details", new { id = viewModel.UserId});
|
|
}
|
|
|
|
// If we got this far, something failed, redisplay form
|
|
return View(viewModel);
|
|
}
|
|
|
|
public ActionResult DisableUser(Guid id)
|
|
{
|
|
var user = DataService.GetUser(id);
|
|
if (user == null)
|
|
{
|
|
return HttpNotFound();
|
|
}
|
|
user.IsApproved = false;
|
|
DataService.UpdateUser(user);
|
|
|
|
TempData["StatusMessage"] = user.Username + " disabled";
|
|
|
|
if (Request.UrlReferrer != null)
|
|
return Redirect(Request.UrlReferrer.AbsolutePath);
|
|
return RedirectToAction("Index");
|
|
}
|
|
|
|
public ActionResult EnableUser(Guid id)
|
|
{
|
|
var user = DataService.GetUser(id);
|
|
if (user == null)
|
|
{
|
|
return HttpNotFound();
|
|
}
|
|
user.IsApproved = true;
|
|
DataService.UpdateUser(user);
|
|
|
|
TempData["StatusMessage"] = user.Username + " enabled";
|
|
|
|
if (Request.UrlReferrer != null)
|
|
return Redirect(Request.UrlReferrer.AbsolutePath);
|
|
return RedirectToAction("Index");
|
|
}
|
|
|
|
public ActionResult UnlockUser(Guid id)
|
|
{
|
|
var user = DataService.GetUser(id);
|
|
if (user == null)
|
|
{
|
|
return HttpNotFound();
|
|
}
|
|
user.IsLockedOut = false;
|
|
user.PasswordFailuresSinceLastSuccess = 0;
|
|
DataService.UpdateUser(user);
|
|
|
|
TempData["StatusMessage"] = user.Username + " unlocked";
|
|
|
|
if (Request.UrlReferrer != null)
|
|
return Redirect(Request.UrlReferrer.AbsolutePath);
|
|
return RedirectToAction("Index");
|
|
}
|
|
|
|
private static string ErrorCodeToString(MembershipCreateStatus createStatus)
|
|
{
|
|
// See http://go.microsoft.com/fwlink/?LinkID=177550 for
|
|
// a full list of status codes.
|
|
switch (createStatus)
|
|
{
|
|
case MembershipCreateStatus.DuplicateUserName:
|
|
return "User name already exists. Please enter a different user name.";
|
|
|
|
case MembershipCreateStatus.DuplicateEmail:
|
|
return "A user name for that e-mail address already exists. Please enter a different e-mail address.";
|
|
|
|
case MembershipCreateStatus.InvalidPassword:
|
|
return "The password provided is invalid. Please enter a valid password value.";
|
|
|
|
case MembershipCreateStatus.InvalidEmail:
|
|
return "The e-mail address provided is invalid. Please check the value and try again.";
|
|
|
|
case MembershipCreateStatus.InvalidAnswer:
|
|
return "The password retrieval answer provided is invalid. Please check the value and try again.";
|
|
|
|
case MembershipCreateStatus.InvalidQuestion:
|
|
return "The password retrieval question provided is invalid. Please check the value and try again.";
|
|
|
|
case MembershipCreateStatus.InvalidUserName:
|
|
return "The user name provided is invalid. Please check the value and try again.";
|
|
|
|
case MembershipCreateStatus.ProviderError:
|
|
return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
|
|
|
|
case MembershipCreateStatus.UserRejected:
|
|
return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
|
|
|
|
default:
|
|
return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
|
|
}
|
|
}
|
|
}
|
|
} |