Project-Unite/Views/Admin/Roles.cshtml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

@model IEnumerable<Project_Unite.Models.Role>

@{
    ViewBag.Title = "Administrator Control Panel";
}

<h2>Roles</h2>

<p>
    @Html.ActionLink("Create New", "CreateRole")
</p>
<table class="table">
    <tr>
		<th style="width:65%">
		    Role
		</th>
        <th>Priority</th>
        <th>Actions</th>
    </tr>

@foreach (var item in Model.OrderByDescending(x=>x.Priority)) {
    if (ACL.CanManageRole(User.Identity.Name, item.Id))
    {
    <tr>
        <td>
            <strong style="color:@item.ColorHex">@Html.DisplayFor(modelItem => item.Name)</strong> (@Html.DisplayFor(modelItem => item.Id))
            <p>@Html.DisplayFor(modelItem => item.Description)</p>
        </td>
        <td>
            @item.Priority
            @if (item.Priority < Model.Count() - 1)
            {
                <a href="@Url.Action("RaisePriority", "Admin", new { id = item.Id })" class="btn btn-default"><span class="glyphicon glyphicon-arrow-up"></span></a>
            }
            @if (item.Priority > 0)
            {
                <a href="@Url.Action("LowerPriority", "Admin", new { id = item.Id })" class="btn btn-default"><span class="glyphicon glyphicon-arrow-down"></span></a>
            }

        </td>
        <td>
            @Html.ActionLink("Edit", "EditRole", new { id = item.Id }, new { @class = "btn btn-default" }) 
			@Html.ActionLink("Details", "RoleDetails", new { id = item.Id }, new { @class = "btn btn-default" }) 
			@if (User.Identity.IsAdmin())
            {
            @Html.ActionLink("Delete", "DeleteRole", new { id = item.Id }, new { @class = "btn btn-danger" })
            }
        </td>
    </tr>
    }
}

</table>

<hr/>

<h4>Role priorities</h4>

<p>ShiftOS users can have multiple roles at once - and me, Michael, as a programmer, had to find a way to get the user's most granting role - the one with the most permissions. Since this could change at any time (new roles, new permission definitions, etc) I needed a way to arbitrarily determine what the best role to use when determining what users can and can't do.</p>

<p>So, I set up a role priority system. You can use the buttons above to modify a role's priority. The role listing will display all roles on the site, sorted by priority, from highest to lowest. The highest-priority role assigned to a user will determine the color of their username and the permissions they are given. It will also determine what roles the user can modify - we don't want developers messing up admin permissions, do we?</p>

<p>You will only see roles on this page that you have permission to alter.</p>

<p>Also, the lowest-priority role in the system will become the role of all future users - so don't be giving it admin privileges, pretty please.</p>