protected void Page_PreInit(object sender, EventArgs e)
        {
            AuthAdmin authAdmin = new AuthAdmin(db);

            AdminUser = authAdmin.Authorise();


            if (AdminUser == null)
            {
                Session.Remove("IsAuthorized");
                Response.Redirect("/admin/login.aspx?redirect=" + Request.RawUrl);
            }
            else
            {
                string currentURL = GetCurrentURL();

                if (currentURL.StartsWith("\\admin"))
                {
                    int adminLength = "\\admin".Length;
                    currentURL = currentURL.Substring(adminLength, currentURL.Length - adminLength);
                }
                AdminPermission = AdminUser.CRM_SystemAccessAdmins.SingleOrDefault(s => s.CRM_SystemAccess != null && s.CRM_SystemAccess.Path.ToLower() == currentURL.ToLower());

                bool CanView = true;

                if (!Request.RawUrl.StartsWith("/admin/default.aspx"))
                {
                    if (AdminPermission == null || !AdminPermission.IsRead)
                    {
                        CanView = false;

                        AdminPermission = AdminUser.CRM_SystemAccessAdmins.SingleOrDefault(s => s.CRM_SystemAccess == null && ((string)s.BespokeURL).ToLower() == Request.RawUrl);


                        if (AdminPermission == null || !AdminPermission.IsRead)
                        {
                            CanView = false;
                        }
                        else if (AdminPermission != null)
                        {
                            CanView = true;
                        }
                    }
                }

                if (!CanView)
                {
                    NoticeManager.SetMessage("You do not have permission to view this page, please contact a Master Admin", "/admin");
                }


                IsAuthorised            = true;
                Session["IsAuthorized"] = true;
            }
        }
Ejemplo n.º 2
0
        public void Initialize()
        {
            db = new MainDataContext();

            if (HttpContext.Current.CurrentHandler is AdminPage)
            {
                AdminPage adminPage = (AdminPage)HttpContext.Current.CurrentHandler;
                CurrentAdmin = adminPage.AdminUser;
            }
            else
            {
                AuthAdmin AuthAdmin = new AuthAdmin(db);
                CurrentAdmin = AuthAdmin.Authorise();
            }
        }
Ejemplo n.º 3
0
        public List <_DataTableColumn> GetSchema()
        {
            if (GetDataTable() == null)
            {
                _DataTable datatable = new _DataTable();
                datatable.TableReference = Type.Name;
                datatable.FriendlyName   = Type.Name;
                datatable.IsAllowCustom  = false;
                db._DataTables.InsertOnSubmit(datatable);
                db.SubmitChanges();
            }


            int viewID = ViewID;

            if (viewID == -1)
            {
                AuthAdmin auth = new AuthAdmin(db);
                viewID = auth.Authorise().ID;
            }

            List <_DataTableColumn> dtc = (from p in GetDataTable()._DataTableColumns
                                           where p.AdminID == viewID
                                           orderby p.OrderNo
                                           select p).ToList();

            if (IncludeDataReference)
            {
                var fields = GetAllFields();

                _DataTableColumn tempDTC = new _DataTableColumn();
                tempDTC.AdminID            = 0;
                tempDTC._DataTableID       = 0;
                tempDTC._DataFieldName     = "Reference";
                tempDTC._DataFieldFriendly = "Reference";
                tempDTC.OrderNo            = 999;
                dtc.Add(tempDTC);
            }

            return(dtc);
        }
        public void ProcessRequest(HttpContext context)
        {
            byte   route     = Convert.ToByte(HttpContext.Current.Request.QueryString["route"]);
            string recordid  = HttpContext.Current.Request.QueryString["recordid"];
            string returnurl = HttpContext.Current.Request.QueryString["returnURL"];
            string message   = "Done";

            using (MainDataContext db = new MainDataContext())
            {
                AuthAdmin auth = new AuthAdmin(db);

                if (auth.Authorise() == null)
                {
                    context.Response.Write("Admin Auth Error");
                    context.Response.End();
                }
                db.Dispose();
            }
            DateTime timekey = DateTime.Parse(HttpUtility.UrlDecode(HttpContext.Current.Request.QueryString["timekey"]));

            if (UKTime.Now > timekey.AddMinutes(62))
            {
                NoticeManager.SetMessage("This action has expired for security reasons - did you use your browser back button?", HttpUtility.UrlDecode(returnurl));
            }
            else
            {
                bool disableNoticeManager = false;
                using (MainDataContext db = new MainDataContext())
                {
                    switch (route)
                    {
                    case (byte)ActionLink.Route.RemoveAdminFromCalendarItem:
                    {
                        CRM_CalendarAdmin calendarAdmin = db.CRM_CalendarAdmins.Single(c => c.ID.ToString() == recordid);

                        message = calendarAdmin.AdminName + " removed from " + calendarAdmin.CRM_Calendar.DisplayName;
                        db.CRM_CalendarAdmins.DeleteOnSubmit(calendarAdmin);
                        db.SubmitChanges();
                    }
                    break;

                    case (byte)ActionLink.Route.RemoveFamilyPerson:
                    {
                        CRM_FamilyPerson familyPerson = db.CRM_FamilyPersons.Single(f => f.ID.ToString() == recordid);
                        message = familyPerson.CRM_Person.Fullname + " removed from the " + familyPerson.CRM_Family.Name + " family";
                        db.CRM_FamilyPersons.DeleteOnSubmit(familyPerson);
                        db.SubmitChanges();
                    }
                    break;

                    case (byte)ActionLink.Route.ArchiveTaskParticipant:
                    {
                        CRM_TaskParticipant participant = db.CRM_TaskParticipants.Single(t => t.ID.ToString() == recordid);
                        participant.IsArchived = true;
                        db.SubmitChanges();
                        message = participant.Name + " archived.";
                    }
                    break;

                    case (byte)ActionLink.Route.ReinstateTaskParticipant:
                    {
                        CRM_TaskParticipant participant = db.CRM_TaskParticipants.Single(t => t.ID.ToString() == recordid);
                        participant.IsArchived = false;
                        db.SubmitChanges();
                        message = participant.Name + " reinstated.";
                    }
                    break;

                    case (byte)ActionLink.Route.ArchivePassPerson:
                    {
                        CRM_AnnualPassPerson person = db.CRM_AnnualPassPersons.Single(t => t.ID.ToString() == recordid);
                        person.IsArchived = true;
                        db.SubmitChanges();
                        message = person.DisplayName + " archived.";
                    }
                    break;

                    case (byte)ActionLink.Route.ReinstatePassPerson:
                    {
                        CRM_AnnualPassPerson person = db.CRM_AnnualPassPersons.Single(t => t.ID.ToString() == recordid);
                        person.IsArchived = false;
                        db.SubmitChanges();
                        message = person.DisplayName + " reinstanted.";
                    }
                    break;


                    case (byte)ActionLink.Route.ToggleReadStatus:
                    {
                        NoteManager manager = new NoteManager();
                        bool        IsRead  = manager.IsRead(Convert.ToInt32(recordid));
                        disableNoticeManager = true;
                        if (IsRead)
                        {
                            MarkAsUnread(recordid);
                            message = "Marked as unread.";
                        }
                        else
                        {
                            MarkAsRead(recordid);
                            message = "Marked as read.";
                        }
                    }
                    break;

                    case (byte)ActionLink.Route.MarkNoteAsRead:
                    {
                        MarkAsRead(recordid);
                        db.SubmitChanges();
                        message = "Marked as read.";
                    }
                    break;

                    case (byte)ActionLink.Route.MarkNoteAsUnread:
                    {
                        MarkAsUnread(recordid);
                        db.SubmitChanges();
                        message = "Marked as unread.";
                    }
                    break;

                    case (byte)ActionLink.Route.DeleteOrganisationSchool:
                    {
                        CRM_OrganisationSchool orgSchool = db.CRM_OrganisationSchools.FirstOrDefault(s => s.ID.ToString() == recordid);
                        if (orgSchool != null)
                        {
                            db.CRM_OrganisationSchools.DeleteOnSubmit(orgSchool);
                            db.SubmitChanges();
                            message = "Link removed";
                        }
                    }
                    break;

                    case (byte)ActionLink.Route.ToggleInviteIsAttended:
                    {
                        CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid);
                        if (invite != null)
                        {
                            invite.IsAttended = !invite.IsAttended;
                            db.SubmitChanges();
                            message = "Invite Attendance Toggled";
                        }
                    }
                    break;

                    case (byte)ActionLink.Route.ToggleInviteIsBooked:
                    {
                        CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid);
                        if (invite != null)
                        {
                            invite.IsBooked = !invite.IsBooked;
                            db.SubmitChanges();
                            message = "Invite Booked Toggled";
                        }
                    }
                    break;

                    case (byte)ActionLink.Route.ToggleInviteIsCancelled:
                    {
                        CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid);
                        if (invite != null)
                        {
                            invite.IsCancelled = !invite.IsCancelled;
                            db.SubmitChanges();
                            message = "Invite Cancellation Toggled";
                        }
                    }
                    break;

                    case (byte)ActionLink.Route.ToggleInviteIsInvited:
                    {
                        CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid);
                        if (invite != null)
                        {
                            invite.IsInvited = !invite.IsInvited;
                            db.SubmitChanges();
                            message = "Invite Toggled";
                        }
                    }
                    break;

                    case (byte)ActionLink.Route.DeleteInvite:
                    {
                        CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid);
                        if (invite != null)
                        {
                            db.CRM_CalendarInvites.DeleteOnSubmit(invite);
                            db.SubmitChanges();
                            message = "Invite Removed";
                        }
                    }
                    break;

                    case (byte)ActionLink.Route.ToggleGiftAidRecord:
                    {
                        CRM_FundraisingGiftProfileLog log = db.CRM_FundraisingGiftProfileLogs.FirstOrDefault(f => f.ID.ToString() == recordid);
                        if (log != null)
                        {
                            if (!log.IsConfirmed)
                            {
                                log.TimestampConfirmed = UKTime.Now;
                                log.IsConfirmed        = true;
                            }
                            else
                            {
                                log.TimestampConfirmed = null;
                                log.IsConfirmed        = false;
                            }

                            db.SubmitChanges();
                            message = "Gift aid record toggled";
                        }
                    }
                    break;

                    case (byte)ActionLink.Route.DeleteGiftAidRecord:
                    {
                        CRM_FundraisingGiftProfileLog log = db.CRM_FundraisingGiftProfileLogs.FirstOrDefault(f => f.ID.ToString() == recordid);
                        if (log != null)
                        {
                            db.CRM_FundraisingGiftProfileLogs.DeleteOnSubmit(log);
                            db.SubmitChanges();
                            message = "Gift aid record deleted";
                        }
                    }
                    break;
                    }

                    db.Dispose();

                    if (!disableNoticeManager)
                    {
                        NoticeManager.SetMessage(message, HttpUtility.UrlDecode(returnurl));
                    }
                    else
                    {
                        HttpContext.Current.Response.Redirect(returnurl);
                    }
                }
            }
        }