private QueryBody GetUpdateAuthorisationQuery(Authorisation authorisation) { SqlParameter[] parameters = new SqlParameter[] { new SqlParameter(AuthorisationParameter.ID, GetDBValue(authorisation.Id)), new SqlParameter(AuthorisationParameter.AUTHORISATION_CODE, GetDBValue(authorisation.AuthorisationCode)), new SqlParameter(AuthorisationParameter.START_TIME, GetDBValue(authorisation.StartTime)), new SqlParameter(AuthorisationParameter.END_TIME, GetDBValue(authorisation.EndTime)), new SqlParameter(AuthorisationParameter.USER_ID, GetDBValue(authorisation.UserId)), }; string updateStr = string.Format("UPDATE {0} SET", TableName); string setAuthCode = string.Format("{0} = {1}", AuthorisationColumn.AUTHORISATION_CODE, AuthorisationParameter.AUTHORISATION_CODE); string setStartTime = string.Format("{0} = {1}", AuthorisationColumn.START_TIME, AuthorisationParameter.START_TIME); string setEndTime = string.Format("{0} = {1}", AuthorisationColumn.END_TIME, AuthorisationParameter.END_TIME); string setUserId = string.Format("{0} = {1}", AuthorisationColumn.USER_ID, AuthorisationParameter.USER_ID); string whereId = string.Format("WHERE {0} = {1}", AuthorisationColumn.ID, GetDBValue(authorisation.Id)); string query = string.Format("{0} {1}, {2}, {3}, {4} {5}", updateStr, setAuthCode, setStartTime, setEndTime, setUserId, whereId); return(new QueryBody(query, parameters)); }
//------------------------------------------------------------------------------------------------------------------------------------------------------------- protected void UpdateLoginPanel() { bool isLoggedIn = Authorisation.DoIsLoggedIn(); if (isLoggedIn) { MGUser currentUser = Authorisation.CurrentUser; // 22-Mar-2016 - The ResolveClientURL is now actioned in the preRender event in the MGLink itself, so no need to replicate here ... // We are now using relative links to make everything a bit shorter ... HL.HRef = "~/Code/Security/UserSplashPage.aspx"; HL.InnerText = SecureStringWrapper.Decrypt(currentUser.Username).ToString(); HL.Title = "Update my details"; //HLT.InnerHtml = "<a href='" + Page.ResolveClientUrl("~/Code/Security/Logout.aspx") + "' title='Logout of the site'>Logout</a>"; HLT.HRef = "~/Code/Security/Logout.aspx"; HLT.InnerText = "Log out"; HLT.Title = "Log out of the site"; } else { HL.HRef = "~/Code/Security/Login.aspx"; HL.InnerText = "Login"; HLT.InnerHtml = ""; HLT.Visible = false; } }
private QueryBody GetInsertAuthorisationQuery(Authorisation authorisation) { SqlParameter[] parameters = new SqlParameter[] { new SqlParameter(AuthorisationParameter.AUTHORISATION_CODE, GetDBValue(authorisation.AuthorisationCode)), new SqlParameter(AuthorisationParameter.START_TIME, GetDBValue(authorisation.StartTime)), new SqlParameter(AuthorisationParameter.END_TIME, GetDBValue(authorisation.EndTime)), new SqlParameter(AuthorisationParameter.USER_ID, GetDBValue(authorisation.UserId)), }; string insertSection = string.Format("INSERT INTO {0}({1}, {2}, {3}, {4})", TableName, AuthorisationColumn.AUTHORISATION_CODE, AuthorisationColumn.START_TIME, AuthorisationColumn.END_TIME, AuthorisationColumn.USER_ID); string valueSection = string.Format("VALUES ({0}, {1}, {2}, {3})", AuthorisationParameter.AUTHORISATION_CODE, AuthorisationParameter.START_TIME, AuthorisationParameter.END_TIME, AuthorisationParameter.USER_ID); string query = string.Format("{0} {1}", insertSection, valueSection); return(new QueryBody(query, parameters)); }
/// <summary> /// Validate the object. /// </summary> /// <exception cref="ValidationException"> /// Thrown if validation fails /// </exception> public virtual void Validate() { if (ConsentId == null) { throw new ValidationException(ValidationRules.CannotBeNull, "ConsentId"); } if (Initiation == null) { throw new ValidationException(ValidationRules.CannotBeNull, "Initiation"); } if (Charges != null) { foreach (var element in Charges) { if (element != null) { element.Validate(); } } } if (ExchangeRateInformation != null) { ExchangeRateInformation.Validate(); } if (Initiation != null) { Initiation.Validate(); } if (Authorisation != null) { Authorisation.Validate(); } }
public ServiceResponse <Authorisation> GetAuthorisation() { var serviceResponse = new ServiceResponse <Authorisation>(); try { var activities = authorisationManagerDataProxy.GetActivities(); var roles = authorisationManagerDataProxy.GetRoles(activities); var userAuthorisations = authorisationManagerDataProxy.GetUserAuthorisations(roles); var authorisation = new Authorisation(); authorisation.Activities.AddRange(activities); authorisation.Roles.AddRange(roles); authorisation.UserAuthorisations.AddRange(userAuthorisations); serviceResponse = new ServiceResponse <Authorisation>() { Payload = authorisation }; } catch (Exception ex) { serviceResponse.IsError = true; serviceResponse.Message = ex.Message; logger.Log("AuthorisationManagerServer.GetAuthorisation" + ex.Message, LogCategory.Exception, LogPriority.None); logger.Log(ex.StackTrace, LogCategory.Exception, LogPriority.None); } return(serviceResponse); }
/// <summary> /// <para>Use this function to create and get your Access-Token.</para> /// <para>NOTE!</para> /// <para>This functions should be used only once to get your access-token. If used again the authorisation-code given to you by Fortnox will be invalid. </para> /// </summary> /// <param name="AuthorisationCode">The authorisation-code given to you by Fortnox</param> /// <param name="ClientSecret">The Client-Secret code given to you by Fortnox</param> /// <returns>The Access-Token to use with Fortnox</returns> public string GetAccessToken(string AuthorisationCode, string ClientSecret) { string AccessToken = ""; try { if (string.IsNullOrEmpty(AuthorisationCode) || string.IsNullOrEmpty(ClientSecret)) { return(""); } HttpWebRequest wr = SetupRequest(ConnectionCredentials.FortnoxAPIServer + "/customers", AuthorisationCode, ClientSecret); WebResponse response = wr.GetResponse(); Stream responseStream = response.GetResponseStream(); XmlSerializer xs = new XmlSerializer(typeof(Authorisation)); Authorisation auth = (Authorisation)xs.Deserialize(responseStream); AccessToken = auth.AccessToken; } catch (WebException we) { Error = HandleException(we); } return(AccessToken); }
/// <summary> /// Ensures that the user is authorised to perform the desired operation. /// </summary> /// <param name="action"></param> /// <param name="typeName"></param> /// <returns>A value indicating whether the user is authorised.</returns> public virtual bool EnsureAuthorised(string action, string typeName) { bool output = false; using (LogGroup logGroup = LogGroup.Start("Ensuring that the current user is authorised to performed the desired action.", NLog.LogLevel.Debug)) { LogWriter.Debug("Require authorisation: " + RequireAuthorisation.ToString()); bool isAuthorised = false; if (RequireAuthorisation) { isAuthorised = Authorisation.UserCan(action, typeName); LogWriter.Debug("Is authorised: " + isAuthorised); if (!isAuthorised) { FailAuthorisation(action, typeName); } output = isAuthorised; } else // Authorisation is not required, so the user is authorised by default { output = true; } LogWriter.Debug("Return value: " + output.ToString()); } return(output); }
protected override void Render(System.Web.UI.HtmlTextWriter writer) { using (LogGroup logGroup = LogGroup.StartDebug("Rendering base XML projection.")) { // If the DataSource is not null then perform the custom XML output if (DataSource != null) { if (DataSource is IEntity) { Authorisation.EnsureUserCan("View", (IEntity)DataSource); } else { Authorisation.EnsureUserCan("View", (IEntity[])DataSource); } LogWriter.Debug("XSLT file path: " + XsltFilePath); XmlProjectionRenderer renderer = new XmlProjectionRenderer(QueryStrings.Type); renderer.DataSource = DataSource; renderer.XsltFile = XsltFilePath; renderer.Render(writer); } // Otherwise allow the standard render to occur else { LogWriter.Debug("DataSource == null. Skipping dynamic render and using base render"); base.Render(writer); } } }
private Authorisation OnPopulateResultListCallBack(DbDataReader dataReader) { Authorisation authorisation = new Authorisation(); PopulateAuthorisation(authorisation, dataReader); return(authorisation); }
public ActionResult DeleteConfirmed(int id) { Authorisation authorisation = db.Opwauthorisation2.Find(id); db.Opwauthorisation2.Remove(authorisation); db.SaveChanges(); return(RedirectToAction("Index")); }
//------------------------------------------------------------------------------------------------------------------------------------------------------------- protected void Page_Load(object sender, EventArgs e) { Testing.Visible = true; // Hide the main login button once the user has logged in, otherwise this might get a little confusing ... bool isLoggedIn = Authorisation.DoIsLoggedIn(); if (isLoggedIn) { MainLoginButton.Visible = false; } //WebDocConversion.Test(MGLSessionInterface.Instance().Config); StringBuilder str = new StringBuilder(); str.Append("<script type='text/javascript'>"); // 18-Mar-2016 - Get the JS Version ... string jsVersionConfig = MGLApplicationInterface.Instance().JSVersion; str.Append("var jsVersionConfig=" + jsVersionConfig + ";"); //-----a----- Display any warnings or confirmation messages to the user // Session timeout warning is the default (and most common) ... // 20-Apr-2016 - show a logout confirmation ... string showLogoutStr = Request.Params.Get("ShowLogout"); if (string.IsNullOrEmpty(showLogoutStr) == false && showLogoutStr == "1") { ctlInfoSplash.SetupInfoSplash(true, "You have successfully logged out.", false); str.Append("window.setTimeout( 'HideInfoSplash();', 3000 );"); } else { // 21-Apr-2016 - show a password reset message if any ... string showPasswordReset = Request.Params.Get("FromPasswordReset"); if (string.IsNullOrEmpty(showPasswordReset) == false && showPasswordReset == "1") { ctlInfoSplash.SetupInfoSplash(true, "Password reset successfully - You are now logged in.", false); str.Append("window.setTimeout( 'HideInfoSplash();', 3000 );"); } else if (MGLSessionInterface.Instance().SessionExpired == true) { // Show the session expiry warning ... // can we do something in here with the duration? ctlInfoSplash.SetupInfoSplash(false, "Session expired - please log in again.", true); str.Append("window.setTimeout( 'HideInfoSplash();', 3000 );"); MGLSessionInterface.Instance().SessionExpired = false; } } str.Append("</script>"); jsStuff.Controls.Add(new LiteralControl(str.ToString())); }
private void PopulateAuthorisation(Authorisation authorisation, DbDataReader dataReader) { string idColumnStr = dataReader[AuthorisationColumn.ID] != null ? dataReader[AuthorisationColumn.ID].ToString() : string.Empty; if (!string.IsNullOrEmpty(idColumnStr) && long.TryParse(idColumnStr, out long id)) { authorisation.Id = id; } Guid guidResult; string authorisationColumnStr = dataReader[AuthorisationColumn.AUTHORISATION_CODE] != null ? dataReader[AuthorisationColumn.AUTHORISATION_CODE].ToString() : string.Empty; if (!string.IsNullOrEmpty(authorisationColumnStr) && Guid.TryParse(authorisationColumnStr, out guidResult)) { authorisation.AuthorisationCode = guidResult; } DateTime starttime; string starttimeStr = dataReader[AuthorisationColumn.START_TIME] != null ? dataReader[AuthorisationColumn.START_TIME].ToString() : string.Empty; if (!string.IsNullOrEmpty(starttimeStr) && DateTime.TryParse(starttimeStr, out starttime)) { authorisation.StartTime = starttime; } DateTime endtime; string endtimeStr = dataReader[AuthorisationColumn.END_TIME] != null ? dataReader[AuthorisationColumn.END_TIME].ToString() : string.Empty; if (!string.IsNullOrEmpty(endtimeStr) && DateTime.TryParse(endtimeStr, out endtime)) { authorisation.EndTime = endtime; } long userId; string userIdStr = dataReader[AuthorisationColumn.USER_ID] != null ? dataReader[AuthorisationColumn.USER_ID].ToString() : string.Empty; if (!string.IsNullOrEmpty(userIdStr) && long.TryParse(userIdStr, out userId)) { authorisation.UserId = userId; } }
public void TestDeleteQuery() { //Arrange Authorisation test = new Authorisation(con); //Act test.Logout(1); //Assert }
public void TestDeleteAccount() { //Arrange Authorisation test = new Authorisation(con); //Act test.RemoveAccount(0); //Assert }
public void TestAddAccount() { //Arrange Authorisation test = new Authorisation(con); //Act //test.AddAccount(1, "test2", "test"); //Assert }
bool CanEnterAdminArea(User user, IResource admin) { IEnumerable<Group> groups = u.Groups; if ( Authorisation.IsAnyDenied( groups, admin ) { return false; } if ( Authorisation.IsDenied( user, admin ) { return false; } return (Authorisation.IsAuthorised( user, admin ) || Authorisation.IsAnyAuthorised( groups, admin )); }
public ActionResult Edit([Bind(Include = "User_ID,User_Name,User_Password,Email,Company,Usersect,Usersectcode,User_Approval_Limit,WorkId,approvalStatus")] Authorisation authorisation) { if (ModelState.IsValid) { db.Entry(authorisation).State = EntityState.Modified; db.SaveChanges(); return(RedirectToAction("Index")); } return(View(authorisation)); }
public void EmptyLogin_ThrowsException() { b.Info.Flow(); string userName = string.Empty; Authorisation a = new Authorisation(); Assert.Throws <ArgumentOutOfRangeException>(() => { a.IsValid(userName); }); }
//--------------------------------------------------------------------------------------------------------------------------------------------------------------- // public static void Configure(bool requireSecurity, string applicationName, ConfigurationInfo lcf, LoginConfig loginConfig) { public static void Configure(bool requireSecurity, string applicationName, string applicationURL, ConfigurationInfo lcf) { // no need to setup if security is not required if (requireSecurity) { // Authorisation.Authorisation.SetupSecurity(applicationName, lcf, loginConfig ); Authorisation.SetupSecurity(applicationName, applicationURL, lcf); } RequireSecurity = requireSecurity; }
public void TestInsertQuery() { //Arrange Authorisation test = new Authorisation(con); //Act //test.Login("test", DateTime.Now); //Assert }
public ActionResult Create([Bind(Include = "User_ID,User_Name,User_Password,Email,Company,Usersect,Usersectcode,User_Approval_Limit,WorkId")] Authorisation authorisation) { if (ModelState.IsValid) { db.Opwauthorisation2.Add(authorisation); db.SaveChanges(); return(RedirectToAction("Index")); } return(View(authorisation)); }
public void Init() { user1 = new User(Data.FirstUserLogin, Data.FirstUserPassword); user2 = new User(Data.SecondUserLogin, Data.SecondUserPassword); user3 = new User(Data.ThirdUserLogin, Data.ThirdUserPassword); autorisation = new Authorisation(); sendingMess = new SendingMessages(); exit = new Exit(); spamMessage = new PuttingMessageToSpam(); settings = new SettingSettings(); }
public ActionResult Authorisation(Authorisation authorisation) { if (ModelState.IsValid) { if (Membership.ValidateUser(authorisation.Login, authorisation.Password)) { FormsAuthentication.SetAuthCookie(authorisation.Login, true); return(Json(new { url = Url.Action("Index", "Home") })); } } return(Json(new { errorText = "Неправильний логін чи пароль" })); }
public void KnownBadLogin_Rejected() { b.Info.Flow(); string userName = "******"; bool loggedIn = false; Authorisation a = new Authorisation(); loggedIn = a.IsValid(userName); Assert.False(loggedIn, "Bad UserName Must Not Login"); }
public void NullLogin_ThrowsException() { b.Info.Flow(); string userName = string.Empty; Authorisation a = new Authorisation(); Assert.Throws <ArgumentNullException>(() => { // TODO : Implement Login Call here a.IsValid(userName); }); }
private QueryBody GetDeletionAuthorisationQuery(Authorisation authorisation) { SqlParameter[] parameters = new SqlParameter[] { new SqlParameter(AuthorisationParameter.ID, GetDBValue(authorisation.Id)), }; string query = string.Format("DELETE FROM {0} WHERE ID = {1}", TableName, AuthorisationParameter.ID); return(new QueryBody(query, parameters)); }
public static Authorisation NoAuth(TestContext context) { string env = context.Properties["Environment"].ToString(); Authorisation = new Authorisation { Endpoint = context.Properties[$"{env}:Endpoint"].ToString(), Subscription = context.Properties["NoSubscription"].ToString() }; return(Authorisation); }
/// <summary> /// Method for execute registration /// </summary> private void Register(object sender, RoutedEventArgs e) { if (validateValues()) { content.editPassword.Password = Authorisation.ComputeSha256Hash(content.editPassword.Password); if (viewModel.registerUser(new ParamsForRegister(content.editName.Text, content.editSurname.Text, content.editUsername.Text, content.editPassword.Password, content.editRepPassword.Password, content.comboGroup.SelectedItem.ToString(), content.editZal.Text, content.editTicket.Text))) { App.setUser(content.editUsername.Text); this.NavigationService.Navigate(new Uri("Pages/ProfilePage.xaml", UriKind.Relative)); } } }
public ActionResult Authorise(Authorisation userModel) { { using (OPWContext2 db = new OPWContext2()) { var userDetails = db.Opwauthorisation2.Where(x => x.User_Name == userModel.User_Name && x.User_Password == userModel.User_Password && x.approvalStatus == ApprovalStatus.Approved).FirstOrDefault(); if (userDetails == null) { userModel.LoginErrorMessage = "Wrong username or password."; return(View("Index", userModel)); } else { Session["userID"] = userDetails.User_ID; Session["userName"] = userDetails.User_Name; //OPW Users if (userDetails.Usersect == User_Section.MandE_Works) { return(RedirectToAction("MEDashBoard", "Authorisation")); } else if (userDetails.Usersect == User_Section.Elective_Works) { return(RedirectToAction("EWDashBoard", "Authorisation")); } else if (userDetails.Usersect == User_Section.Capital_works) { return(RedirectToAction("CWDashBoard", "Authorisation")); } else if (userDetails.Usersect == User_Section.Storage) { return(RedirectToAction("StorageDashBoard", "Authorisation")); } // DEASP Approvers else if (userDetails.Usersect == User_Section.Accommodation) { return(RedirectToAction("AccomDashBoard", "Authorisation")); } else if (userDetails.Usersect == User_Section.Finance) { return(RedirectToAction("FinanceDashBoard", "Authorisation")); } //Adminstrators else if (userDetails.Usersect == User_Section.Admin) { return(RedirectToAction("AdminDashBoard", "Authorisation")); } return(View("Index", userModel)); } } } }
public void KnownGoodLogin_Works() { b.Info.Flow(); string userName = "******"; bool loggedIn = false; Authorisation a = new Authorisation(); loggedIn = a.IsValid(userName); Assert.True(loggedIn, "Good UserName Must Login"); }
public AuthorisationController(Authorisation authorisationForm) { this.authorisationForm = authorisationForm; }