private void addEdit()
{
try
{
// Roles
List<string> roles = new List<string>();
if (ckAccountManage.Checked) roles.Add(SecurityBLL.ROLE_ACCOUNT_MANAGE);
if (ckAccountEdit.Checked) roles.Add(SecurityBLL.ROLE_ACCOUNT_EDIT);
if (ckAccountView.Checked) roles.Add(SecurityBLL.ROLE_ACCOUNT_VIEW);
if (ckDataManage.Checked) roles.Add(SecurityBLL.ROLE_DATA_MANAGE);
if (ckDataEdit.Checked) roles.Add(SecurityBLL.ROLE_DATA_EDIT);
if (ckDataView.Checked) roles.Add(SecurityBLL.ROLE_DATA_VIEW);
if (ckViewsManage.Checked) roles.Add(SecurityBLL.ROLE_VIEWS_MANAGE);
if (ckViewsEdit.Checked) roles.Add(SecurityBLL.ROLE_VIEWS_EDIT);
if (ckViewsView.Checked) roles.Add(SecurityBLL.ROLE_VIEWS_VIEW);
if (ckAlarmManage.Checked) roles.Add(SecurityBLL.ROLE_ALARM_MANAGE);
if (ckAlarmEdit.Checked) roles.Add(SecurityBLL.ROLE_ALARM_EDIT);
if (ckAlarmView.Checked) roles.Add(SecurityBLL.ROLE_ALARM_VIEW);
if (_addEditState == 0 || _editingAccount == null)
{
_editingAccount = new Account();
_editingAccount.Username = txtUsername.Text;
_editingAccount.Password = txtPassword.Text;
}
_editingAccount.Email = txtEmail.Text;
_editingAccount.FullName = txtFullName.Text;
_editingAccount.IsApproved = approveCheckBox.Checked;
_editingAccount.IsLocked = lockCheckBox.Checked;
if (_addEditState == 0)
{
if (AccountBLL.Current.Insert(_editingAccount))
{
SecurityBLL.Current.SetRolesForUser(_editingAccount.Username, roles.ToArray());
ShowSuccessMessage(Resources.Message_AddAccountSuccess);
}
prepareToAdd();
BindingData();
return;
}
if (_addEditState == 1)
{
if (AccountBLL.Current.Update(_editingAccount))
{
SecurityBLL.Current.SetRolesForUser(_editingAccount.Username, roles.ToArray());
ShowSuccessMessage(Resources.Message_EditAccountSuccess);
}
}
}
catch (Exception exception)
{
ShowErrorMessage(exception.Message);
//if (_addEditState == 1)
// entityConntext.Refresh(RefreshMode.StoreWins, _editingAccount);
}
}
/// <summary>
/// Admin change password of an user
/// </summary>
/// <param name="user"></param>
/// <param name="newPassword"></param>
/// <returns></returns>
public bool ChangePassword(Account user, string newPassword)
{
using (var entityConntext = new GeoViewerEntities())
{
SecurityBLL.Current.CheckPermissionThrowException(new string[]
{
SecurityBLL.ROLE_ACCOUNT_EDIT,
SecurityBLL.ROLE_ACCOUNT_MANAGE
});
user.Password = newPassword.GetMd5Hash();
entityConntext.AttachUpdatedObject(user);
return entityConntext.SaveChanges() > 0;
}
}
/// <summary>
/// Create a new Account object.
/// </summary>
/// <param name="username">Initial value of the Username property.</param>
/// <param name="email">Initial value of the Email property.</param>
/// <param name="password">Initial value of the Password property.</param>
/// <param name="createdDate">Initial value of the CreatedDate property.</param>
/// <param name="isApproved">Initial value of the IsApproved property.</param>
/// <param name="isLocked">Initial value of the IsLocked property.</param>
public static Account CreateAccount(global::System.String username, global::System.String email, global::System.String password, global::System.DateTime createdDate, global::System.Boolean isApproved, global::System.Boolean isLocked)
{
Account account = new Account();
account.Username = username;
account.Email = email;
account.Password = password;
account.CreatedDate = createdDate;
account.IsApproved = isApproved;
account.IsLocked = isLocked;
return account;
}
/// <summary>
/// Deprecated Method for adding a new object to the Accounts EntitySet. Consider using the .Add method of the associated ObjectSet<T> property instead.
/// </summary>
public void AddToAccounts(Account account)
{
base.AddObject("Accounts", account);
}
private void prepareToEdit()
{
if (accountGridView.SelectedRows.Count == 0)
{
MessageBox.Show(Resources.Warning_NoRecordSelected);
return;
}
_editingAccount = AccountBLL.Current.GetByUsername(accountGridView.SelectedRows[0].Cells["Username"].Value.ToString());
if (_editingAccount != null)
{
_addEditState = 1;
txtUsername.Text = _editingAccount.Username;
txtUsername.Enabled = false;
txtEmail.Text = _editingAccount.Email;
txtFullName.Text = _editingAccount.FullName;
resetPassButton.Visible = true;
addeditBox.Enabled = true;
approveCheckBox.Checked = _editingAccount.IsApproved;
lockCheckBox.Checked = _editingAccount.IsLocked;
// Roles
ckAccountManage.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_ACCOUNT_MANAGE);
ckAccountEdit.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_ACCOUNT_EDIT);
ckAccountView.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_ACCOUNT_VIEW);
ckDataManage.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_DATA_MANAGE);
ckDataEdit.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_DATA_EDIT);
ckDataView.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_DATA_VIEW);
ckViewsManage.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_VIEWS_MANAGE);
ckViewsEdit.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_VIEWS_EDIT);
ckViewsView.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_VIEWS_VIEW);
ckAlarmManage.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_ALARM_MANAGE);
ckAlarmEdit.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_ALARM_EDIT);
ckAlarmView.Checked = SecurityBLL.Current.IsUserInRole(_editingAccount, SecurityBLL.ROLE_ALARM_VIEW);
}
}
private void prepareToAdd()
{
_addEditState = 0;
_editingAccount = null;
txtEmail.Text = txtFullName.Text = txtPassword.Text = txtUsername.Text = "";
txtUsername.Enabled = true;
resetPassButton.Visible = false;
addeditBox.Enabled = true;
approveCheckBox.Checked = true;
lockCheckBox.Checked = false;
}
public bool Delete(Account account)
{
using (var entityConntext = new GeoViewerEntities())
{
SecurityBLL.Current.CheckPermissionThrowException(SecurityBLL.ROLE_ACCOUNT_MANAGE);
// Check RootAdmin
if (account.Username == "RootAdmin") throw new Exception(Resources.Error_CannotDeleteRootAdmin);
entityConntext.AttachUpdatedObject(account, EntityState.Deleted);
return entityConntext.SaveChanges() > 0;
}
}
public bool Update(Account account)
{
using (var entityConntext = new GeoViewerEntities())
{
SecurityBLL.Current.CheckPermissionThrowException(new string[]
{
SecurityBLL.ROLE_ACCOUNT_MANAGE,
SecurityBLL.ROLE_ACCOUNT_EDIT
});
Validate(account);
int count =
entityConntext.Accounts.Count(
ent => ent.Username != account.Username && ent.Email == account.Email);
if (count > 0)
{
throw new Exception(Resources.Error_Account_EmailIsUsed);
}
entityConntext.AttachUpdatedObject(account);
return entityConntext.SaveChanges() > 0;
}
}
public void Validate(Account account)
{
if (!account.Username.IsValidUsername()) throw new Exception(Resources.Error_UsernameInvalid);
if (!account.Email.IsValidEmail()) throw new Exception(Resources.Error_EmailInvalid);
if (!account.FullName.IsValidLength(0, 100)) throw new Exception(Resources.Error_FullNameInvalid);
// Check RootAdmin
if (account.Username == "RootAdmin" && (!account.IsApproved || account.IsLocked)) throw new Exception(Resources.Error_CannotLockRootAdmin);
}
public void Logout()
{
_logedInUser = null;
}
public void Login(string username, string password)
{
using (var entityConntext = new GeoViewerEntities())
{
string md5Pass = password.GetMd5Hash();
Account obj = entityConntext.Accounts.SingleOrDefault(ent => ent.Username == username);
if (obj == null) throw new Exception(Properties.Resources.Error_Account_AccountNotExist);
if (obj.Password != md5Pass) throw new Exception(Properties.Resources.Error_Account_PasswordNotMatch);
if (!obj.IsApproved) throw new Exception(Resources.Error_Account_UnApproved);
if (obj.IsLocked) throw new Exception(Resources.Error_Account_IsLocked);
_logedInUser = obj;
obj.LastLoginDate = DateTime.Now;
entityConntext.SaveChanges();
}
}
public bool Insert(Account account)
{
using (var entityConntext = new GeoViewerEntities())
{
SecurityBLL.Current.CheckPermissionThrowException(SecurityBLL.ROLE_ACCOUNT_MANAGE);
Validate(account);
int count = entityConntext.Accounts.Count(ent => ent.Username == account.Username);
if (count > 0) throw new Exception(Properties.Resources.Error_Account_UsernameExist);
count = entityConntext.Accounts.Count(ent => ent.Email == account.Email);
if (count > 0) throw new Exception(Properties.Resources.Error_Account_EmailExist);
account.Password = account.Password.GetMd5Hash();
account.CreatedDate = DateTime.Now;
account.IsApproved = true;
account.IsLocked = false;
entityConntext.Accounts.AddObject(account);
return entityConntext.SaveChanges() > 0;
}
}
public bool IsUserInRoles(Account user, string[] roles, bool requireAll = false)
{
return IsUserInRoles(user.Username, roles, requireAll);
}
public bool IsUserInRole(Account user, string role)
{
return IsUserInRole(user.Username, role);
}
