#region License Information /* HeuristicLab * Copyright (C) 2002-2015 Heuristic and Evolutionary Algorithms Laboratory (HEAL) * * This file is part of HeuristicLab. * * HeuristicLab is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * HeuristicLab is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with HeuristicLab. If not, see . */ #endregion using HeuristicLab.Clients.Hive.WebJobManager.Services; using HeuristicLab.Clients.Hive.WebJobManager.Services.Imports; using HeuristicLab.Clients.Hive.WebJobManager.ViewModels.User; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using System; namespace HeuristicLab.Clients.Hive.WebJobManager.Controllers { /// /// Handles all the actions for user management /// public class UserController : Controller { private WebLoginService weblog; private HiveServiceLocatorWeb serviceLocator; private AccessAdministrationClient accessClient; private Guid userId; private UserViewModel vm; private IHostingEnvironment _environment; public UserController(IHostingEnvironment env) { weblog = WebLoginService.Instance; _environment = env; } /// /// Init required services and checks login /// /// private bool init() { var u = HttpContext.Session.GetString("UserId"); if (u == null || u == "" || Guid.Parse(u) == Guid.Empty) { return false; } else { try { userId = Guid.Parse(u); serviceLocator = weblog.getServiceLocator(userId); accessClient = weblog.getAccessAdminClient(userId); vm = new UserViewModel(accessClient, weblog.getCurrentUser(userId)); if (weblog.getCurrentUser(userId).HasUserAdminAccess()) return serviceLocator.CheckLogin(); else return false; } catch (NullReferenceException) { return false; } } } #region Users /// /// Show users page /// /// public IActionResult Index() { if (init()) { ViewBag.Title = "Users"; vm.refreshAll(); //Refreshall for users, groups and roles ViewBag.SessionId = HttpContext.Session.GetString("UserId"); return View("Index", vm); } else { return RedirectToAction("Index", "Job"); } } public IActionResult SelectUser(string id) { if (init()) { Guid curr = Guid.Parse(id); vm.refreshAll(); if (curr == Guid.Empty) {//new user ViewBag.Title = "Add User"; } else {//View an existing user vm.SelectedUser = vm.getUserById(curr); vm.SelectedUserSubscriptions = accessClient.getSubscribedGroups(curr); vm.SelectedUserRoles = accessClient.getRoles(vm.SelectedUser); ViewBag.title = vm.SelectedUser.UserName; } ViewBag.Title += " - Users"; ViewBag.SessionId = HttpContext.Session.GetString("UserId"); return View("Index", vm); //Uses Index page too, with the additional info in the Viewmodel } else { return RedirectToAction("Index", "Job"); } } /// /// Saves an existing user or adds a new user /// /// Username /// Full name /// Email /// User ID /// Roles to add to the user /// Groups to subscribe the user to /// [HttpPost] public IActionResult saveUser(string inpusername, string inpfullname, string inpemail, string u, string[] rolestoadd, string[] groupstoadd) { if (init()) { var uid = Guid.Parse(u); Access.User user; if (uid == Guid.Empty)//checks if user is new or exists user = new Access.User(); else user = accessClient.Users.Find(x => x.Id == uid); user.FullName = inpfullname; user.Email = inpemail; if (uid == Guid.Empty) {//New user user.UserName = inpusername; uid = accessClient.addUser(user); accessClient.RefreshUsers(); var newpass = accessClient.resetPassword(uid); sendPassmail(accessClient.Users.Find(x => x.Id == uid), newpass); //password received through mail ViewBag.Title = user.UserName + " added - User"; } else {//Existing user accessClient.updateUser(user); ViewBag.Title = user.UserName + " updated - User"; } accessClient.RefreshUsers();//Refresh data from user user = accessClient.Users.Find(x => x.Id == uid); foreach (var s in rolestoadd) {//Loop to add roles var role = accessClient.Roles.Find(x => x.Name == s); accessClient.addRoleToUser(user, role); } accessClient.RefreshUserGroups(); foreach (var g in groupstoadd) {//loop to subscribe to groups var gid = Guid.Parse(g); var group = accessClient.Groups.Find(x => x.Id == gid); accessClient.addMember(user, group); } if (uid != Guid.Empty && uid == weblog.getCurrentUser(userId).currentUser.Id) return RedirectToAction("Index", "Home");//Logout if current user else return RedirectToAction("SelectUser", new { id = uid.ToString() }); } else { return RedirectToAction("Index", "Job"); } } /// /// Sends email for a specific user, containg a password /// /// User to mail /// Password to send public static void sendPassmail(Access.User u, string pass) {/* SmtpClient smtpClient = new SmtpClient("smtp.gmail.com",587); smtpClient.UseDefaultCredentials = true; smtpClient.Credentials = new System.Net.NetworkCredential("trac.heuristiclab@gmail.com", "||||||||||||"); smtpClient.DeliveryMethod = SmtpDeliveryMethod.Network; smtpClient.EnableSsl = true; MailMessage mail = new MailMessage(); //Setting From , To and CC mail.From = new MailAddress("trac.heuristiclab@gmail.com", "HeuristicLab"); mail.Subject = "Password changed - HeuristicLab Hive"; mail.Body = "Hello " + u.FullName + ", " + Environment.NewLine + Environment.NewLine+ "Your password was changed through the HeuristicLab Hive web application." + Environment.NewLine+ "The new password for " + u.UserName + " is ' " + pass + " '." + Environment.NewLine + Environment.NewLine + "HeuristicLab Hive"; mail.To.Add(new MailAddress(u.Email)); smtpClient.Send(mail); */ } public IActionResult ApproveUser(string id) { if (init()) { Guid curr = Guid.Parse(id); vm.refreshAll(); var us = vm.getUserById(curr); us.IsApproved = true; accessClient.updateUser(us); return RedirectToAction("SelectUser", new { id = id }); } else { return RedirectToAction("Index", "Job"); } } /// /// Delete a user /// /// User ID to delete /// public IActionResult deleteUser(string id) { if (init()) { var uid = Guid.Parse(id); vm.refreshUsers(); if (uid == Guid.Empty) {//check for empty Guid, should not happen but still vm.message = "Something went wrong, user is not deleted"; return View("Index", vm); } else { var user = vm.getUserById(uid); vm.message = user.UserName + " (" + user.FullName + ") has been deleted"; accessClient.DeleteUser(user); vm.refreshAll();//refreshAll for index view ViewBag.Title = "Users"; return View("Index", vm);//No redirect to save the viewbag message } } else { return RedirectToAction("Index", "Job"); } } /// /// Deletes a role from a user /// /// User Id /// Role name /// public IActionResult deleteUserRole(string id, string role) { if (init()) { var uid = Guid.Parse(id); vm.refreshAll(); var user = vm.getUserById(uid); var r = vm.getRoleByName(role); accessClient.deleteUserRole(user, r); return RedirectToAction("SelectUser", new { id = id }); } else { return RedirectToAction("Index", "Job"); } } /// /// Delete user from a group /// /// User Id /// Group Id /// public IActionResult deleteUserGroup(string id, string group) { if (init()) { var gid = Guid.Parse(group); var mid = Guid.Parse(id); vm.refreshGroups().refreshUsers(); var user = vm.getUserById(mid); var gr = vm.getGroupById(gid); accessClient.deleteMember(user, gr); return RedirectToAction("SelectUser", new { id = id }); } else { return RedirectToAction("Index", "Job"); } } #endregion #region Groups /// /// Shows the groups overview, opening up with "Add group" /// /// public IActionResult Groups() { if (init()) { ViewBag.Title = "Groups"; vm.refreshGroups().refreshUsers(); return View("Groups", vm); } else { return RedirectToAction("Index", "Job"); } } /// /// Show information for a specific group (Guid.empty = new group) /// /// Group ID /// public IActionResult SelectGroup(string id) { if (init()) { Guid curr = Guid.Parse(id); vm .refreshGroups() .refreshUsers(); if (curr == Guid.Empty) {//Add group ViewBag.Title = "Add group"; } else {//Show existing group info and possibility to edit vm.SelectedGroup = vm.getGroupById(curr); vm.SelectedGroupMembers = accessClient.getGroupMembers(curr); ViewBag.title = vm.SelectedGroup.Name; } ViewBag.Title += " - Group"; return View("Groups", vm); } else { return RedirectToAction("Index", "Job"); } } /// /// Saves an exisiting group or adds a new one. /// /// Group name /// Group id (empty for new) /// Users to add to group /// Groups to add to group /// [HttpPost] public IActionResult saveGroup(string inpgroupname, string u, string[] userstoadd, string[] groupstoadd) { if (init()) { var uid = Guid.Parse(u); vm.refreshGroups().refreshUsers(); Access.UserGroup group; if (uid == Guid.Empty)//Create new group group = new Access.UserGroup(); else//Find existing group group = accessClient.Groups.Find(x => x.Id == uid); group.Name = inpgroupname; if (uid == Guid.Empty) {//New Group add uid = accessClient.addGroup(group); ViewBag.Title = group.Name + " added - Group"; } else {//Existing group update accessClient.updateGroup(group); ViewBag.Title = group.Name + " updated - Group"; } vm.refreshGroups(); group = vm.getGroupById(uid); //refresh group info foreach (var s in userstoadd) {//Subscribes members to group var tempid = Guid.Parse(s); var member = vm.getUserById(tempid); accessClient.addMember(member, group); } foreach (var g in groupstoadd) {//Subscribes groups to group var tempid = Guid.Parse(g); var member = vm.getGroupById(tempid); accessClient.addMember(member, group); } return RedirectToAction("SelectGroup", new { id = uid.ToString() }); } else { return RedirectToAction("Index", "Job"); } } /// /// Delete an existing group /// /// Group to delete /// public IActionResult deleteGroup(string id) { if (init()) { var uid = Guid.Parse(id); vm.refreshGroups(); if (uid == Guid.Empty) {//Check for empty ID, should not happen but still.. vm.message = "Something went wrong, group is not deleted"; return View("Groups", vm); } else {//Deletes the user group var group = vm.getGroupById(uid); vm.message = group.Name + " has been deleted"; accessClient.deleteUserGroup(group); vm.refreshGroups(); return View("Groups", vm); } } else { return RedirectToAction("Index", "Job"); } } /// /// Delete a member from a group /// /// Group id /// User id /// Group selected public IActionResult deleteMember(string g, string m) { if (init()) { var gid = Guid.Parse(g); var mid = Guid.Parse(m); vm.refreshGroups().refreshUsers(); if (gid == Guid.Empty || mid == Guid.Empty) {//Should not be empty but still.. vm.message = "Something went wrong, member is not deleted"; return View("Groups", vm); } else {//Deletes the member var group = vm.getGroupById(gid); Access.UserGroupBase member = vm.getUserById(mid); if (member == null) { member = vm.getGroupById(mid); } vm.message = " Member deleted"; accessClient.deleteMember(member, group); vm.refreshGroups(); return RedirectToAction("SelectGroup", new { id = g }); } } else { return RedirectToAction("Index", "Job"); } } #endregion #region Roles /// /// Shows roles overview, opening with "Add role" /// /// public IActionResult Roles() { if (init()) { ViewBag.Title = "Roles"; vm.refreshRoles(); return View("Roles", vm); } else { return RedirectToAction("Index", "Job"); } } /// /// Shows information for a specific role /// /// Role name /// public IActionResult SelectRole(string name) { if (init()) { vm.refreshRoles(); if (name == "" || name == null) {//Add role ViewBag.Title = "Add Role"; } else {//Edit/view role vm.SelectedRole = vm.getRoleByName(name); vm.SelectedRoleEnrolled = accessClient.getEnrolled(vm.SelectedRole); ViewBag.title = vm.SelectedRole.Name; } ViewBag.Title += " - Roles"; return View("Roles", vm); } else { return RedirectToAction("Index", "Job"); } } /// /// Saves a role or adds a new one /// /// Role name /// [HttpPost] public IActionResult saveRole(string inprolename) { if (init()) { Access.Role role = accessClient.Roles.Find(x => x.Name == inprolename); if (role == null) { role = new Access.Role(); role.Name = inprolename; accessClient.addRole(role); } accessClient.RefreshRoles(); return RedirectToAction("SelectRole", new { name = inprolename }); } else { return RedirectToAction("Index", "Job"); } } /// /// Delete a role /// /// Role name /// public IActionResult deleteRole(string name) { if (init()) { accessClient.deleteRole(name); return RedirectToAction("Roles"); } else { return RedirectToAction("Index", "Job"); } } /// /// Deletes a user from a role /// /// User id /// Role name /// public IActionResult deleteRoleUser(string id, string role) { if (init()) { var uid = Guid.Parse(id); vm.refreshAll(); var user = vm.getUserById(uid); var r = vm.getRoleByName(role); vm.message = role + " role has been deleted from " + user.FullName; accessClient.deleteUserRole(user, r); return RedirectToAction("SelectRole", new { name = role }); } else { return RedirectToAction("Index", "Job"); } } #endregion } }