diff --git a/PlexRequests.Core/ISecurityExtensions.cs b/PlexRequests.Core/ISecurityExtensions.cs index cc1b856fd..0db6689b1 100644 --- a/PlexRequests.Core/ISecurityExtensions.cs +++ b/PlexRequests.Core/ISecurityExtensions.cs @@ -8,7 +8,11 @@ namespace PlexRequests.Core public interface ISecurityExtensions { Response AdminLoginRedirect(Permissions perm, NancyContext context); + Response AdminLoginRedirect(NancyContext context, params Permissions[] perm); bool DoesNotHavePermissions(Permissions perm, IUserIdentity currentUser); + + Response HasAnyPermissionsRedirect(NancyContext context, string routeName, HttpStatusCode code, + params Permissions[] perm); bool DoesNotHavePermissions(int perm, IUserIdentity currentUser); Func ForbiddenIfNot(Func test); bool HasAnyPermissions(IUserIdentity user, params Permissions[] perm); diff --git a/PlexRequests.Core/SecurityExtensions.cs b/PlexRequests.Core/SecurityExtensions.cs index bc99d7231..62ef48cb9 100644 --- a/PlexRequests.Core/SecurityExtensions.cs +++ b/PlexRequests.Core/SecurityExtensions.cs @@ -184,7 +184,31 @@ namespace PlexRequests.Core var r = response(context); return r.StatusCode == code - ? new RedirectResponse(url.ToString()) + ? new RedirectResponse(url.ToString()) + : null; + } + public Response HasAnyPermissionsRedirect(NancyContext context, string routeName, HttpStatusCode code, params Permissions[] perm) + { + var url = Linker.BuildRelativeUri(context, routeName); + + var response = ForbiddenIfNot(ctx => + { + var permissions = GetPermissions(ctx.CurrentUser); + var hasPermission = false; + foreach (var p in perm) + { + var result = permissions.HasFlag(p); + if (result) + { + hasPermission = true; + } + } + return hasPermission; + }); + + var r = response(context); + return r.StatusCode == code + ? new RedirectResponse(url.ToString()) : null; } @@ -194,7 +218,13 @@ namespace PlexRequests.Core // This will redirect us to the Login Page if we don't have the correct permission passed in (e.g. Admin with Http 403 status code). return HasPermissionsRedirect(perm, context, "LocalLogin", HttpStatusCode.Forbidden); } - + + public Response AdminLoginRedirect(NancyContext context, params Permissions[] perm) + { + // This will redirect us to the Login Page if we don't have the correct permission passed in (e.g. Admin with Http 403 status code). + return HasAnyPermissionsRedirect(context, "LocalLogin", HttpStatusCode.Forbidden, perm); + } + // BELOW IS A COPY FROM THE SecurityHooks CLASS! /// diff --git a/PlexRequests.Services/Jobs/PlexUserChecker.cs b/PlexRequests.Services/Jobs/PlexUserChecker.cs index e44067186..220be5e69 100644 --- a/PlexRequests.Services/Jobs/PlexUserChecker.cs +++ b/PlexRequests.Services/Jobs/PlexUserChecker.cs @@ -45,7 +45,8 @@ namespace PlexRequests.Services.Jobs { private static readonly Logger Log = LogManager.GetCurrentClassLogger(); - public PlexUserChecker(IPlexUserRepository plexUsers, IPlexApi plexAPi, IJobRecord rec, ISettingsService plexSettings, ISettingsService prSettings, ISettingsService umSettings) + public PlexUserChecker(IPlexUserRepository plexUsers, IPlexApi plexAPi, IJobRecord rec, ISettingsService plexSettings, ISettingsService prSettings, ISettingsService umSettings, + IRequestService requestService) { Repo = plexUsers; JobRecord = rec; @@ -53,6 +54,7 @@ namespace PlexRequests.Services.Jobs PlexSettings = plexSettings; PlexRequestSettings = prSettings; UserManagementSettings = umSettings; + RequestService = requestService; } private IJobRecord JobRecord { get; } @@ -61,7 +63,7 @@ namespace PlexRequests.Services.Jobs private ISettingsService PlexSettings { get; } private ISettingsService PlexRequestSettings { get; } private ISettingsService UserManagementSettings { get; } - + private IRequestService RequestService { get; } public void Execute(IJobExecutionContext context) { @@ -76,6 +78,7 @@ namespace PlexRequests.Services.Jobs } var plexUsers = PlexApi.GetUsers(settings.PlexAuthToken); var userManagementSettings = UserManagementSettings.GetSettings(); + var requests = RequestService.GetAll().ToList(); var dbUsers = Repo.GetAll().ToList(); foreach (var user in plexUsers.User) @@ -84,6 +87,7 @@ namespace PlexRequests.Services.Jobs if (dbUser != null) { var needToUpdate = false; + var usernameChanged = false; // Do we need up update any info? if (dbUser.EmailAddress != user.Email) @@ -95,10 +99,30 @@ namespace PlexRequests.Services.Jobs { dbUser.Username = user.Username; needToUpdate = true; + usernameChanged = true; } if (needToUpdate) { + if (usernameChanged) + { + // Since the username has changed, we need to update all requests with that username (unless we are using the alias!) + if (string.IsNullOrEmpty(dbUser.UserAlias)) + { + // Update all requests + var requestsWithThisUser = requests.Where(x => x.RequestedUsers.Contains(user.Username)).ToList(); + foreach (var r in requestsWithThisUser) + { + r.RequestedUsers.Remove(user.Username); // Remove old + r.RequestedUsers.Add(dbUser.Username); // Add new + } + + if (requestsWithThisUser.Any()) + { + RequestService.BatchUpdate(requestsWithThisUser); + } + } + } Repo.Update(dbUser); } diff --git a/PlexRequests.Services/Notification/NotificationEngine.cs b/PlexRequests.Services/Notification/NotificationEngine.cs index c849e378e..e776e2d57 100644 --- a/PlexRequests.Services/Notification/NotificationEngine.cs +++ b/PlexRequests.Services/Notification/NotificationEngine.cs @@ -72,7 +72,21 @@ namespace PlexRequests.Services.Notification Log.Debug("Notifying Users Count {0}", users.Count); foreach (var model in modelChanged) { - var selectedUsers = users.Select(x => x.Username).Intersect(model.RequestedUsers, StringComparer.CurrentCultureIgnoreCase); + var selectedUsers = new List(); + + foreach (var u in users) + { + var requestUser = model.RequestedUsers.FirstOrDefault( + x => x.Equals(u.Username, StringComparison.CurrentCultureIgnoreCase) || x.Equals(u.UserAlias, StringComparison.CurrentCultureIgnoreCase)); + if (string.IsNullOrEmpty(requestUser)) + { + continue; + } + + selectedUsers.Add(requestUser); + } + + //var selectedUsers = users.Select(x => x.Username).Intersect(model.RequestedUsers, StringComparer.CurrentCultureIgnoreCase); foreach (var user in selectedUsers) { Log.Info("Notifying user {0}", user); diff --git a/PlexRequests.UI/Modules/ApprovalModule.cs b/PlexRequests.UI/Modules/ApprovalModule.cs index 6ecc54cd3..54914d795 100644 --- a/PlexRequests.UI/Modules/ApprovalModule.cs +++ b/PlexRequests.UI/Modules/ApprovalModule.cs @@ -56,10 +56,8 @@ namespace PlexRequests.UI.Modules ISettingsService hpSettings, IHeadphonesApi hpApi, ISettingsService pr, ITransientFaultQueue faultQueue , ISecurityExtensions security) : base("approval", pr, security) { - this.RequiresAnyClaim(UserClaims.Admin, UserClaims.PowerUser); - Before += (ctx) => Security.AdminLoginRedirect(Permissions.Administrator, ctx); - Before += (ctx) => Security.AdminLoginRedirect(Permissions.ManageRequests, ctx); + Before += (ctx) => Security.AdminLoginRedirect(ctx, Permissions.Administrator,Permissions.ManageRequests); Service = service; CpService = cpService; diff --git a/PlexRequests.UI/Modules/BaseModule.cs b/PlexRequests.UI/Modules/BaseModule.cs index e0ea40363..81427c924 100644 --- a/PlexRequests.UI/Modules/BaseModule.cs +++ b/PlexRequests.UI/Modules/BaseModule.cs @@ -101,6 +101,9 @@ namespace PlexRequests.UI.Modules private string _username; + /// + /// Returns the Username or UserAlias + /// protected string Username { get diff --git a/PlexRequests.UI/Views/Requests/Index.cshtml b/PlexRequests.UI/Views/Requests/Index.cshtml index 8909be59b..5b840cc1e 100644 --- a/PlexRequests.UI/Views/Requests/Index.cshtml +++ b/PlexRequests.UI/Views/Requests/Index.cshtml @@ -180,18 +180,18 @@
Request status: {{#if available}} - @UI.Search_Available_on_plex + @UI.Search_Available_on_plex {{else}} - {{#if approved}} - @UI.Search_Processing_Request - {{else if denied}} - @UI.Search_Request_denied - {{#if deniedReason}} - - {{/if}} - {{else}} - @UI.Search_Pending_approval - {{/if}} + {{#if approved}} + @UI.Search_Processing_Request + {{else if denied}} + @UI.Search_Request_denied + {{#if deniedReason}} + + {{/if}} + {{else}} + @UI.Search_Pending_approval + {{/if}} {{/if}}
@@ -199,7 +199,6 @@ {{#if denied}}
Denied: -
{{/if}}