lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-09-22 20:13:50 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
Files
9f3b3e27d967d9b8f73f2373753a57f2ffb28c3a
Orchard/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs
Suha Can 9f3b3e27d9 - 14887: User name and email uniqueness should be enforced. 
--HG--
branch : dev
2010-03-01 19:06:28 -08:00

179 lines
6.8 KiB
C#
Raw Blame History

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Mvc;
using Orchard.Localization;
using Orchard.ContentManagement;
using Orchard.Security;
using Orchard.UI.Notify;
using Orchard.Users.Models;
using Orchard.Users.ViewModels;
namespace Orchard.Users.Controllers {
public class AdminController : Controller, IUpdateModel {
private readonly IMembershipService _membershipService;
public AdminController(
IOrchardServices services,
IMembershipService membershipService) {
Services = services;
_membershipService = membershipService;
T = NullLocalizer.Instance;
}
public IOrchardServices Services { get; set; }
public Localizer T { get; set; }
public ActionResult Index() {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to list users")))
return new HttpUnauthorizedResult();
var users = Services.ContentManager
.Query<User, UserRecord>()
.Where(x => x.UserName != null)
.List();
var model = new UsersIndexViewModel {
Rows = users
.Select(x => new UsersIndexViewModel.Row { User = x })
.ToList()
};
return View(model);
}
public ActionResult Create() {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult();
var user = Services.ContentManager.New<IUser>(UserDriver.ContentType.Name);
var model = new UserCreateViewModel {
User = Services.ContentManager.BuildEditorModel(user)
};
return View(model);
}
[HttpPost, ActionName("Create")]
public ActionResult CreatePOST() {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult();
var model = new UserCreateViewModel();
UpdateModel(model);
var user = _membershipService.CreateUser(new CreateUserParams(
model.UserName,
model.Password,
model.Email,
null, null, true));
model.User = Services.ContentManager.UpdateEditorModel(user, this);
string userExistsMessage = VerifyUserUnicity(model.UserName, model.Email);
if (userExistsMessage != null) {
AddModelError("NotUniqueUserName", T(userExistsMessage));
}
if (model.Password != model.ConfirmPassword) {
AddModelError("ConfirmPassword", T("Password confirmation must match"));
}
if (ModelState.IsValid == false) {
Services.TransactionManager.Cancel();
return View(model);
}
return RedirectToAction("edit", new {user.Id});
}
public ActionResult Edit(int id) {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult();
return View(new UserEditViewModel {
User = Services.ContentManager.BuildEditorModel<User>(id)
});
}
[HttpPost, ActionName("Edit")]
public ActionResult EditPOST(int id) {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult();
var model = new UserEditViewModel {
User = Services.ContentManager.UpdateEditorModel<User>(id, this)
};
// apply additional model properties that were posted on form
UpdateModel(model);
string userExistsMessage = VerifyUserUnicity(id, model.UserName, model.Email);
if (userExistsMessage != null) {
AddModelError("NotUniqueUserName", T(userExistsMessage));
}
if (!ModelState.IsValid) {
Services.TransactionManager.Cancel();
return View(model);
}
Services.Notifier.Information(T("User information updated"));
return RedirectToAction("Edit", new { id });
}
public ActionResult Delete(int id) {
if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")))
return new HttpUnauthorizedResult();
Services.ContentManager.Remove(Services.ContentManager.Get(id));
Services.Notifier.Information(T("User deleted"));
return RedirectToAction("Index");
}
#region private
private string VerifyUserUnicity(string userName, string email) {
IEnumerable<User> allUsers = Services.ContentManager.Query<User, UserRecord>().List();
foreach (var user in allUsers) {
if (String.Equals(userName, user.UserName, StringComparison.OrdinalIgnoreCase)) {
return "A user with that name already exists";
}
if (String.Equals(email, user.Email, StringComparison.OrdinalIgnoreCase)) {
return "A user with that email already exists";
}
}
return null;
}
private string VerifyUserUnicity(int id, string userName, string email) {
IEnumerable<User> allUsers = Services.ContentManager.Query<User, UserRecord>().List();
foreach (var user in allUsers) {
if (user.Id == id)
continue;
if (String.Equals(userName, user.UserName, StringComparison.OrdinalIgnoreCase)) {
return "A user with that name already exists";
}
if (String.Equals(email, user.Email, StringComparison.OrdinalIgnoreCase)) {
return "A user with that email already exists";
}
}
return null;
}
#endregion
bool IUpdateModel.TryUpdateModel<TModel>(TModel model, string prefix, string[] includeProperties, string[] excludeProperties) {
return TryUpdateModel(model, prefix, includeProperties, excludeProperties);
}
public void AddModelError(string key, LocalizedString errorMessage) {
ModelState.AddModelError(key, errorMessage.ToString());
}
}
}
Reference in New Issue View Git Blame Copy Permalink