#region License Information
/* HeuristicLab
* Copyright (C) 2002-2015 Heuristic and Evolutionary Algorithms Laboratory (HEAL)
*
* This file is part of HeuristicLab.
*
* HeuristicLab is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* HeuristicLab is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with HeuristicLab. If not, see .
*/
#endregion
using HeuristicLab.Clients.Hive.WebJobManager.Services;
using HeuristicLab.Clients.Hive.WebJobManager.Services.Imports;
using HeuristicLab.Clients.Hive.WebJobManager.ViewModels.User;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using System;
namespace HeuristicLab.Clients.Hive.WebJobManager.Controllers
{
///
/// Handles all the actions for user management
///
public class UserController : Controller
{
private WebLoginService weblog;
private HiveServiceLocatorWeb serviceLocator;
private AccessAdministrationClient accessClient;
private Guid userId;
private UserViewModel vm;
private IHostingEnvironment _environment;
public UserController(IHostingEnvironment env)
{
weblog = WebLoginService.Instance;
_environment = env;
}
///
/// Init required services and checks login
///
///
private bool init()
{
var u = HttpContext.Session.GetString("UserId");
if (u == null || u == "" || Guid.Parse(u) == Guid.Empty)
{
return false;
}
else
{
try
{
userId = Guid.Parse(u);
serviceLocator = weblog.getServiceLocator(userId);
accessClient = weblog.getAccessAdminClient(userId);
vm = new UserViewModel(accessClient, weblog.getCurrentUser(userId));
if (weblog.getCurrentUser(userId).HasUserAdminAccess())
return serviceLocator.CheckLogin();
else
return false;
}
catch (NullReferenceException)
{
return false;
}
}
}
#region Users
///
/// Show users page
///
///
public IActionResult Index()
{
if (init())
{
ViewBag.Title = "Users";
vm.refreshAll();
//Refreshall for users, groups and roles
ViewBag.SessionId = HttpContext.Session.GetString("UserId");
return View("Index", vm);
}
else
{
return RedirectToAction("Index", "Job");
}
}
public IActionResult SelectUser(string id)
{
if (init())
{
Guid curr = Guid.Parse(id);
vm.refreshAll();
if (curr == Guid.Empty)
{//new user
ViewBag.Title = "Add User";
}
else
{//View an existing user
vm.SelectedUser = vm.getUserById(curr);
vm.SelectedUserSubscriptions = accessClient.getSubscribedGroups(curr);
vm.SelectedUserRoles = accessClient.getRoles(vm.SelectedUser);
ViewBag.title = vm.SelectedUser.UserName;
}
ViewBag.Title += " - Users";
ViewBag.SessionId = HttpContext.Session.GetString("UserId");
return View("Index", vm);
//Uses Index page too, with the additional info in the Viewmodel
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Saves an existing user or adds a new user
///
/// Username
/// Full name
/// Email
/// User ID
/// Roles to add to the user
/// Groups to subscribe the user to
///
[HttpPost]
public IActionResult saveUser(string inpusername, string inpfullname, string inpemail, string u, string[] rolestoadd, string[] groupstoadd)
{
if (init())
{
var uid = Guid.Parse(u);
Access.User user;
if (uid == Guid.Empty)//checks if user is new or exists
user = new Access.User();
else
user = accessClient.Users.Find(x => x.Id == uid);
user.FullName = inpfullname;
user.Email = inpemail;
if (uid == Guid.Empty)
{//New user
user.UserName = inpusername;
uid = accessClient.addUser(user);
accessClient.RefreshUsers();
var newpass = accessClient.resetPassword(uid);
sendPassmail(accessClient.Users.Find(x => x.Id == uid), newpass);
//password received through mail
ViewBag.Title = user.UserName + " added - User";
}
else
{//Existing user
accessClient.updateUser(user);
ViewBag.Title = user.UserName + " updated - User";
}
accessClient.RefreshUsers();//Refresh data from user
user = accessClient.Users.Find(x => x.Id == uid);
foreach (var s in rolestoadd)
{//Loop to add roles
var role = accessClient.Roles.Find(x => x.Name == s);
accessClient.addRoleToUser(user, role);
}
accessClient.RefreshUserGroups();
foreach (var g in groupstoadd)
{//loop to subscribe to groups
var gid = Guid.Parse(g);
var group = accessClient.Groups.Find(x => x.Id == gid);
accessClient.addMember(user, group);
}
if (uid != Guid.Empty && uid == weblog.getCurrentUser(userId).currentUser.Id)
return RedirectToAction("Index", "Home");//Logout if current user
else
return RedirectToAction("SelectUser", new { id = uid.ToString() });
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Sends email for a specific user, containg a password
///
/// User to mail
/// Password to send
public static void sendPassmail(Access.User u, string pass)
{/*
SmtpClient smtpClient = new SmtpClient("smtp.gmail.com",587);
smtpClient.UseDefaultCredentials = true;
smtpClient.Credentials = new System.Net.NetworkCredential("trac.heuristiclab@gmail.com", "||||||||||||");
smtpClient.DeliveryMethod = SmtpDeliveryMethod.Network;
smtpClient.EnableSsl = true;
MailMessage mail = new MailMessage();
//Setting From , To and CC
mail.From = new MailAddress("trac.heuristiclab@gmail.com", "HeuristicLab");
mail.Subject = "Password changed - HeuristicLab Hive";
mail.Body = "Hello " + u.FullName + ", " + Environment.NewLine + Environment.NewLine+
"Your password was changed through the HeuristicLab Hive web application." + Environment.NewLine+
"The new password for " + u.UserName + " is ' " + pass + " '." + Environment.NewLine + Environment.NewLine +
"HeuristicLab Hive";
mail.To.Add(new MailAddress(u.Email));
smtpClient.Send(mail);
*/
}
public IActionResult ApproveUser(string id)
{
if (init())
{
Guid curr = Guid.Parse(id);
vm.refreshAll();
var us = vm.getUserById(curr);
us.IsApproved = true;
accessClient.updateUser(us);
return RedirectToAction("SelectUser", new { id = id });
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Delete a user
///
/// User ID to delete
///
public IActionResult deleteUser(string id)
{
if (init())
{
var uid = Guid.Parse(id);
vm.refreshUsers();
if (uid == Guid.Empty)
{//check for empty Guid, should not happen but still
vm.message = "Something went wrong, user is not deleted";
return View("Index", vm);
}
else
{
var user = vm.getUserById(uid);
vm.message = user.UserName + " (" + user.FullName + ") has been deleted";
accessClient.DeleteUser(user);
vm.refreshAll();//refreshAll for index view
ViewBag.Title = "Users";
return View("Index", vm);//No redirect to save the viewbag message
}
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Deletes a role from a user
///
/// User Id
/// Role name
///
public IActionResult deleteUserRole(string id, string role)
{
if (init())
{
var uid = Guid.Parse(id);
vm.refreshAll();
var user = vm.getUserById(uid);
var r = vm.getRoleByName(role);
accessClient.deleteUserRole(user, r);
return RedirectToAction("SelectUser", new { id = id });
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Delete user from a group
///
/// User Id
/// Group Id
///
public IActionResult deleteUserGroup(string id, string group)
{
if (init())
{
var gid = Guid.Parse(group);
var mid = Guid.Parse(id);
vm.refreshGroups().refreshUsers();
var user = vm.getUserById(mid);
var gr = vm.getGroupById(gid);
accessClient.deleteMember(user, gr);
return RedirectToAction("SelectUser", new { id = id });
}
else
{
return RedirectToAction("Index", "Job");
}
}
#endregion
#region Groups
///
/// Shows the groups overview, opening up with "Add group"
///
///
public IActionResult Groups()
{
if (init())
{
ViewBag.Title = "Groups";
vm.refreshGroups().refreshUsers();
return View("Groups", vm);
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Show information for a specific group (Guid.empty = new group)
///
/// Group ID
///
public IActionResult SelectGroup(string id)
{
if (init())
{
Guid curr = Guid.Parse(id);
vm
.refreshGroups()
.refreshUsers();
if (curr == Guid.Empty)
{//Add group
ViewBag.Title = "Add group";
}
else
{//Show existing group info and possibility to edit
vm.SelectedGroup = vm.getGroupById(curr);
vm.SelectedGroupMembers = accessClient.getGroupMembers(curr);
ViewBag.title = vm.SelectedGroup.Name;
}
ViewBag.Title += " - Group";
return View("Groups", vm);
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Saves an exisiting group or adds a new one.
///
/// Group name
/// Group id (empty for new)
/// Users to add to group
/// Groups to add to group
///
[HttpPost]
public IActionResult saveGroup(string inpgroupname, string u, string[] userstoadd, string[] groupstoadd)
{
if (init())
{
var uid = Guid.Parse(u);
vm.refreshGroups().refreshUsers();
Access.UserGroup group;
if (uid == Guid.Empty)//Create new group
group = new Access.UserGroup();
else//Find existing group
group = accessClient.Groups.Find(x => x.Id == uid);
group.Name = inpgroupname;
if (uid == Guid.Empty)
{//New Group add
uid = accessClient.addGroup(group);
ViewBag.Title = group.Name + " added - Group";
}
else
{//Existing group update
accessClient.updateGroup(group);
ViewBag.Title = group.Name + " updated - Group";
}
vm.refreshGroups();
group = vm.getGroupById(uid);
//refresh group info
foreach (var s in userstoadd)
{//Subscribes members to group
var tempid = Guid.Parse(s);
var member = vm.getUserById(tempid);
accessClient.addMember(member, group);
}
foreach (var g in groupstoadd)
{//Subscribes groups to group
var tempid = Guid.Parse(g);
var member = vm.getGroupById(tempid);
accessClient.addMember(member, group);
}
return RedirectToAction("SelectGroup", new { id = uid.ToString() });
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Delete an existing group
///
/// Group to delete
///
public IActionResult deleteGroup(string id)
{
if (init())
{
var uid = Guid.Parse(id);
vm.refreshGroups();
if (uid == Guid.Empty)
{//Check for empty ID, should not happen but still..
vm.message = "Something went wrong, group is not deleted";
return View("Groups", vm);
}
else
{//Deletes the user group
var group = vm.getGroupById(uid);
vm.message = group.Name + " has been deleted";
accessClient.deleteUserGroup(group);
vm.refreshGroups();
return View("Groups", vm);
}
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Delete a member from a group
///
/// Group id
/// User id
/// Group selected
public IActionResult deleteMember(string g, string m)
{
if (init())
{
var gid = Guid.Parse(g);
var mid = Guid.Parse(m);
vm.refreshGroups().refreshUsers();
if (gid == Guid.Empty || mid == Guid.Empty)
{//Should not be empty but still..
vm.message = "Something went wrong, member is not deleted";
return View("Groups", vm);
}
else
{//Deletes the member
var group = vm.getGroupById(gid);
Access.UserGroupBase member = vm.getUserById(mid);
if (member == null)
{
member = vm.getGroupById(mid);
}
vm.message = " Member deleted";
accessClient.deleteMember(member, group);
vm.refreshGroups();
return RedirectToAction("SelectGroup", new { id = g });
}
}
else
{
return RedirectToAction("Index", "Job");
}
}
#endregion
#region Roles
///
/// Shows roles overview, opening with "Add role"
///
///
public IActionResult Roles()
{
if (init())
{
ViewBag.Title = "Roles";
vm.refreshRoles();
return View("Roles", vm);
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Shows information for a specific role
///
/// Role name
///
public IActionResult SelectRole(string name)
{
if (init())
{
vm.refreshRoles();
if (name == "" || name == null)
{//Add role
ViewBag.Title = "Add Role";
}
else
{//Edit/view role
vm.SelectedRole = vm.getRoleByName(name);
vm.SelectedRoleEnrolled = accessClient.getEnrolled(vm.SelectedRole);
ViewBag.title = vm.SelectedRole.Name;
}
ViewBag.Title += " - Roles";
return View("Roles", vm);
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Saves a role or adds a new one
///
/// Role name
///
[HttpPost]
public IActionResult saveRole(string inprolename)
{
if (init())
{
Access.Role role = accessClient.Roles.Find(x => x.Name == inprolename);
if (role == null)
{
role = new Access.Role();
role.Name = inprolename;
accessClient.addRole(role);
}
accessClient.RefreshRoles();
return RedirectToAction("SelectRole", new { name = inprolename });
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Delete a role
///
/// Role name
///
public IActionResult deleteRole(string name)
{
if (init())
{
accessClient.deleteRole(name);
return RedirectToAction("Roles");
}
else
{
return RedirectToAction("Index", "Job");
}
}
///
/// Deletes a user from a role
///
/// User id
/// Role name
///
public IActionResult deleteRoleUser(string id, string role)
{
if (init())
{
var uid = Guid.Parse(id);
vm.refreshAll();
var user = vm.getUserById(uid);
var r = vm.getRoleByName(role);
vm.message = role + " role has been deleted from " + user.FullName;
accessClient.deleteUserRole(user, r);
return RedirectToAction("SelectRole", new { name = role });
}
else
{
return RedirectToAction("Index", "Job");
}
}
#endregion
}
}