Fixed some issues with the user management work

PlexRequests.Core/UserMapper.cs

@@ -61,7 +61,6 @@ namespace PlexRequests.Core
             return new UserIdentity
             {
                 UserName = user.UserName,
-                Claims = ByteConverterHelper.ReturnObject<string[]>(user.Claims)
             };
         }
 
@@ -100,7 +99,7 @@ namespace PlexRequests.Core
             return users.Any();
         }
 
-        public Guid? CreateUser(string username, string password, string[] claims = default(string[]), UserProperties properties = null)
+        public Guid? CreateUser(string username, string password, UserProperties properties = null)
         {
             var salt = PasswordHasher.GenerateSalt();
 
@@ -110,7 +109,7 @@ namespace PlexRequests.Core
                 UserGuid = Guid.NewGuid().ToString(),
                 Salt = salt,
                 Hash = PasswordHasher.ComputeHash(password, salt),
-                Claims = ByteConverterHelper.ReturnBytes(claims),
+                Claims = new byte[] {0},
                 UserProperties = ByteConverterHelper.ReturnBytes(properties ?? new UserProperties()),
             };
             Repo.Insert(userModel);
@@ -148,17 +147,17 @@ namespace PlexRequests.Core
 
         public Guid? CreateAdmin(string username, string password, UserProperties properties = null)
         {
-            return CreateUser(username, password, new[] { UserClaims.RegularUser, UserClaims.PowerUser, UserClaims.Admin }, properties);
+            return CreateUser(username, password, properties);
         }
 
         public Guid? CreatePowerUser(string username, string password, UserProperties properties = null)
         {
-            return CreateUser(username, password, new[] { UserClaims.RegularUser, UserClaims.PowerUser }, properties);
+            return CreateUser(username, password, properties);
         }
 
         public Guid? CreateRegularUser(string username, string password, UserProperties properties = null)
         {
-            return CreateUser(username, password, new[] { UserClaims.RegularUser }, properties);
+            return CreateUser(username, password, properties);
         }
 
         public IEnumerable<string> GetAllClaims()
@@ -208,7 +207,7 @@ namespace PlexRequests.Core
 
     public interface ICustomUserMapper
     {
-        Guid? CreateUser(string username, string password, string[] claims, UserProperties props);
+        Guid? CreateUser(string username, string password, UserProperties props);
 
         Guid? CreateUser(string username, string password, int permissions, int features,
             UserProperties properties = null);

PlexRequests.Helpers/Permissions/Permissions.cs

@@ -34,7 +34,7 @@ namespace PlexRequests.Helpers.Permissions
     public enum Permissions
     {
         [Display(Name = "Access Administration Settings")]
-        AdminSettings = 1,
+        Administrator = 1,
 
         [Display(Name = "Request Movie")]
         RequestMovie = 2,

PlexRequests.Store/PlexRequests.Store.csproj

@@ -85,6 +85,7 @@
     <Compile Include="Repository\SettingsJsonRepository.cs" />
     <Compile Include="Repository\RequestJsonRepository.cs" />
     <Compile Include="Repository\GenericRepository.cs" />
+    <Compile Include="Repository\UserRepository.cs" />
     <Compile Include="RequestedModel.cs" />
     <Compile Include="UserEntity.cs" />
     <Compile Include="UserLogins.cs" />

PlexRequests.Store/Repository/UserRepository.cs

@@ -0,0 +1,110 @@
+#region Copyright
+// /************************************************************************
+//    Copyright (c) 2016 Jamie Rees
+//    File: UserRepository.cs
+//    Created By:
+//
+//    Permission is hereby granted, free of charge, to any person obtaining
+//    a copy of this software and associated documentation files (the
+//    "Software"), to deal in the Software without restriction, including
+//    without limitation the rights to use, copy, modify, merge, publish,
+//    distribute, sublicense, and/or sell copies of the Software, and to
+//    permit persons to whom the Software is furnished to do so, subject to
+//    the following conditions:
+//
+//    The above copyright notice and this permission notice shall be
+//    included in all copies or substantial portions of the Software.
+//
+//    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+//    EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+//    MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+//    NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+//    LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+//    OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+//    WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//  ************************************************************************/
+#endregion
+
+using System;
+using System.Collections.Generic;
+using System.Data;
+using System.Threading.Tasks;
+using Dapper;
+using Dapper.Contrib.Extensions;
+using PlexRequests.Helpers;
+
+namespace PlexRequests.Store.Repository
+{
+    public class UserRepository : BaseGenericRepository<UsersModel>, IUserRepository
+    {
+        public UserRepository(ISqliteConfiguration config, ICacheProvider cache) : base(config,cache)
+        {
+            DbConfig = config;
+            Cache = cache;
+        }
+
+        private ISqliteConfiguration DbConfig { get; }
+        private  ICacheProvider Cache { get; }
+        private IDbConnection Db => DbConfig.DbConnection();
+
+        public UsersModel GetUser(string userGuid)
+        {
+            var sql = @"SELECT * FROM UsersModel
+            WHERE Userguid = @UserGuid";
+            return Db.QueryFirstOrDefault<UsersModel>(sql, new {UserGuid = userGuid});
+        }
+
+        public UsersModel GetUserByUsername(string username)
+        {
+            var sql = @"SELECT * FROM UsersModel
+            WHERE UserName = @UserName";
+            return Db.QueryFirstOrDefault<UsersModel>(sql, new {UserName = username});
+        }
+
+        public async Task<UsersModel> GetUserAsync(string userguid)
+        {
+            var sql = @"SELECT * FROM UsersModel
+            WHERE UserGuid = @UserGuid";
+            return await Db.QueryFirstOrDefaultAsync<UsersModel>(sql, new {UserGuid = userguid});
+        }
+
+        #region abstract implimentation
+        [Obsolete]
+        public override UsersModel Get(string id)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        [Obsolete]
+        public override Task<UsersModel> GetAsync(int id)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        [Obsolete]
+        public override UsersModel Get(int id)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        [Obsolete]
+        public override Task<UsersModel> GetAsync(string id)
+        {
+            throw new System.NotImplementedException();
+        }
+
+        #endregion
+    }
+
+
+    public interface IUserRepository
+    {
+        UsersModel GetUser(string userGuid);
+        UsersModel GetUserByUsername(string username);
+        Task<UsersModel> GetUserAsync(string userguid);
+        IEnumerable<UsersModel> Custom(Func<IDbConnection, IEnumerable<UsersModel>> func);
+        long Insert(UsersModel entity);
+        void Delete(UsersModel entity);
+    }
+}
+

PlexRequests.Store/SqlTables.sql

@@ -9,7 +9,8 @@ CREATE TABLE IF NOT EXISTS Users
     Hash								BLOB NOT NULL,
 	UserProperties						BLOB,
 	Permissions							INTEGER,
-	Features							INTEGER
+	Features							INTEGER,
+	Claims								BLOB
 );
 
 CREATE TABLE IF NOT EXISTS UserLogins

PlexRequests.UI/Modules/BaseModule.cs

@@ -30,10 +30,13 @@ using System.Linq;
 using System.Threading;
 
 using Nancy;
-
+using Ninject;
 using PlexRequests.Core;
 using PlexRequests.Core.SettingModels;
 using PlexRequests.Helpers;
+using PlexRequests.Helpers.Permissions;
+using PlexRequests.Store;
+using PlexRequests.Store.Repository;
 using PlexRequests.UI.Helpers;
 using PlexRequests.UI.Models;
 
@@ -118,6 +121,10 @@ namespace PlexRequests.UI.Modules
 
         protected IDictionary<string, string> Cookies => Request?.Cookies;
 
+        // This is not ideal, but it's cleaner than having to pass it down through each module.
+        [Inject]
+        protected IUserRepository UserRepository { get; set; }
+
         protected bool IsAdmin
         {
             get
@@ -126,8 +133,14 @@ namespace PlexRequests.UI.Modules
                 {
                     return false;
                 }
-                var claims = Context?.CurrentUser.Claims.ToList();
+
-                return claims.Contains(UserClaims.Admin) || claims.Contains(UserClaims.PowerUser);
+                var user = UserRepository.GetUserByUsername(Context?.CurrentUser?.UserName);
+
+                if (user == null) return false;
+
+                var permissions = (Permissions) user.Permissions;
+                return permissions.HasFlag(Permissions.Administrator);
+                // TODO: Check admin role
             }
         }
 

PlexRequests.UI/NinjectModules/RepositoryModule.cs

@@ -46,6 +46,8 @@ namespace PlexRequests.UI.NinjectModules
             Bind<IIssueService>().To<IssueJsonService>();
             Bind<ISettingsRepository>().To<SettingsJsonRepository>();
             Bind<IJobRecord>().To<JobRecord>();
+
+            Bind<IUserRepository>().To<UserRepository>();
         }
 
     }