77 lines
2 KiB
C#
77 lines
2 KiB
C#
using Authinator.Backend.Database;
|
|
using Authinator.Backend.Database.Tables;
|
|
using Authinator.Backend.Utils;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.Mvc.RazorPages;
|
|
using Microsoft.EntityFrameworkCore;
|
|
|
|
namespace Authinator.Pages;
|
|
|
|
public class AdminEditACLModel : PageModel {
|
|
public ACL ModelACL = null!;
|
|
|
|
public IActionResult OnGet() {
|
|
var db = new DatabaseContext();
|
|
|
|
if (!Request.HttpContext.IsAdmin(db))
|
|
return StatusCode(StatusCodes.Status403Forbidden);
|
|
|
|
var id = int.Parse((string)(RouteData.Values["id"] ?? string.Empty));
|
|
|
|
if (!db.ACLs.Any(p => p.Id == id)) {
|
|
return BadRequest();
|
|
}
|
|
|
|
ModelACL = db.ACLs.Include(p => p.Groups).First(p => p.Id == id);
|
|
return Page();
|
|
}
|
|
|
|
public async Task<IActionResult> OnPost() {
|
|
var db = new DatabaseContext();
|
|
|
|
if (!Request.HttpContext.IsAdmin(db))
|
|
return StatusCode(StatusCodes.Status403Forbidden);
|
|
|
|
if (Request.Form["action"] == "save") {
|
|
var id = int.Parse((string)(RouteData.Values["id"] ?? string.Empty));
|
|
|
|
if (!db.Users.Any(p => p.Id == id)) {
|
|
return BadRequest();
|
|
}
|
|
|
|
var user = db.Users.Include(p => p.Groups).First(p => p.Id == id);
|
|
|
|
var newReference = Request.Form["reference"].ToString();
|
|
var newUsername = Request.Form["username"].ToString();
|
|
var newEmail = Request.Form["email"].ToString();
|
|
var newGroups = Request.Form["group"].Select(int.Parse!).Select(p => db.Groups.First(q => q.Id == p)).ToList();
|
|
|
|
if (!string.IsNullOrWhiteSpace(newReference) && newReference != user.Reference) {
|
|
if (db.Users.Any(p => p.Reference == newReference)) {
|
|
return BadRequest();
|
|
}
|
|
|
|
user.Reference = newReference;
|
|
}
|
|
|
|
if (!string.IsNullOrWhiteSpace(newUsername) && newUsername != user.Username) {
|
|
if (db.Users.Any(p => p.Username == newUsername)) {
|
|
return BadRequest();
|
|
}
|
|
|
|
user.Username = newUsername;
|
|
}
|
|
|
|
if (!string.IsNullOrWhiteSpace(newEmail) && newEmail != user.Email) {
|
|
user.Email = newEmail;
|
|
}
|
|
|
|
user.Groups = newGroups;
|
|
|
|
await db.SaveChangesAsync();
|
|
}
|
|
|
|
return Redirect("/Admin");
|
|
}
|
|
}
|