private void btnAdd_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
bool alreadyExists = false;
foreach (ComponentArt.Web.UI.GridItem dgItem in dgUserGroups.Items)
{
if (dgItem["Description"].ToString() == txtDescription.Text)
{
alreadyExists = true;
}
}
if (alreadyExists)
{
lblError.Text = "User group already added with that name.";
lblError.Visible = true;
}
else if (txtDescription.Text == "")
{
lblError.Text = "Please specify a name for the user group.";
lblError.Visible = true;
}
else
{
Facade.IRole facRole = new Facade.Security();
facRole.AddRole(txtDescription.Text);
BindGrid();
}
}
}
public static bool CanAccess(params eSystemPortion[] systemPortions)
{
bool canAccess = false;
HttpContext httpContext = HttpContext.Current;
Facade.ISecurity facSecurity = new Facade.Security();
Facade.IUser facUser = new Facade.User();
string[] userRoleString = (((Entities.CustomPrincipal)httpContext.User).UserRole.Split(new char[] { ',' }));
eUserRole[] userRole = new eUserRole[userRoleString.Length];
for (int i = 0; i < userRoleString.Length; i++)
{
userRole[i] = (eUserRole)int.Parse(userRoleString[i]);
}
// Store this user's roles and the portions testing against in the session.
httpContext.Session["UserRole"] = userRole;
httpContext.Session["SystemPortions"] = systemPortions;
foreach (eSystemPortion sp in systemPortions)
{
if (facSecurity.CanAccessPortion(userRole, sp))
{
canAccess = true;
break;
}
}
return(canAccess);
}
private void UpdateUser(ComponentArt.Web.UI.GridItem item, string command)
{
switch (command)
{
case "UPDATE":
string description = item["Description"].ToString();
int roleId = Convert.ToInt32(item["RoleId"]);
Facade.IRole facRole = new Facade.Security();
facRole.UpdateRole(roleId, description);
// BindGrid();
//int extraId = Convert.ToInt32(item["ExtraId"].ToString());
//Facade.IJobExtra facJobExtra = new Facade.Job();
//Entities.Extra updatingExtra = facJobExtra.GetExtraForExtraId(extraId);
//updatingExtra.ExtraState = (eExtraState)Enum.Parse(typeof(eExtraState), item["ExtraState"].ToString());
//updatingExtra.ExtraAmount = Decimal.Parse(item["ExtraAmount"].ToString(), NumberStyles.Currency);
//updatingExtra.ClientContact = item["ClientContact"].ToString();
//facJobExtra.UpdateExtra(updatingExtra, ((Entities.CustomPrincipal)Page.User).UserName);
break;
}
}
protected void cmdLock_Click(object sender, System.EventArgs e)
{
Entities.CustomPrincipal loggedOnUser = (Entities.CustomPrincipal)Page.User;
Facade.UserAdmin facUserAdmin = new Facade.UserAdmin();
Facade.Security facSecurity = new Facade.Security();
int IdentityId = Convert.ToInt32(Request.QueryString["identityId"]);
if (cmdLock.Text == "Lock")
{
if (facUserAdmin.LockUser(IdentityId))
{
cmdLock.Text = "Unlock";
}
else
{
lblMessage.Text = "Failed to lock User.";
}
}
else if (cmdLock.Text == "Unlock")
{
if (facUserAdmin.UnLockUser(IdentityId))
{
cmdLock.Text = "Lock";
}
else
{
lblMessage.Text = "Failed to unlock User.";
}
}
}
public void ProcessRequest(HttpContext context)
{
var queryString = context.Request.QueryString;
var clientId = queryString["client_id"];
var redirectUri = queryString["redirect_uri"];
var returnUri = redirectUri;
try
{
var user = context.User;
var isClientUser = user.IsInRole(((int)Orchestrator.eUserRole.ClientUser).ToString());
Facade.ISecurity facSecurity = new Facade.Security();
var code = facSecurity.GenerateOAuth2Code(clientId, redirectUri, user.Identity.Name, isClientUser);
returnUri += $"?state={queryString["state"]}&code={code}";
}
catch (ApplicationException ex)
{
returnUri += $"?error={ex.Message}";
}
catch
{
returnUri += "?error=authentication_failed";
}
context.Response.Redirect(returnUri, false);
}
void btnEdit_Click(object sender, EventArgs e)
{
HttpContext httpContext = HttpContext.Current;
Facade.ISecurity facSecurity = new Facade.Security();
Facade.IUser facUser = new Facade.User();
string[] userRoleString = (((Entities.CustomPrincipal)httpContext.User).UserRole.Split(new char[] { ',' }));
eUserRole[] userRole = new eUserRole[userRoleString.Length];
for (int i = 0; i < userRoleString.Length; i++)
{
userRole[i] = (eUserRole)int.Parse(userRoleString[i]);
}
bool canEdit = false;
foreach (eUserRole r in userRole)
{
if (r == eUserRole.SystemAdministrator)
{
canEdit = true;
}
}
if (canEdit)
{
NotesEditor.EditModes = Telerik.Web.UI.EditModes.All;
}
else
{
NotesEditor.EditModes = Telerik.Web.UI.EditModes.Preview;
}
}
protected void btnSubmit_Click(object sender, System.EventArgs e)
{
Facade.Security facSecurity = new Facade.Security();
Entities.User busUser = new Entities.User();
Entities.CustomPrincipal loggedOnUser = (Entities.CustomPrincipal)Page.User;
if (facSecurity.ValidatePassword(txtUsername.Text, txtNewPassword.Text))
{
if (facSecurity.UpdatePassword(txtUsername.Text, txtNewPassword.Text, loggedOnUser.UserName))
{
pnlChangePassword.Visible = false;
pnlChangePasswordConfirmation.Visible = true;
if (Request["returnURL"] != null)
{
Response.Redirect(Request.QueryString["returnURL"]);
}
}
else
{
lblMessage.Text = ("The password has not been updated. Please note old passwords cannot be used again for at least one year.");
lblMessage.Visible = true;
}
}
else
{
rfvComplexPwd.IsValid = false;
lblMessage.Visible = false;
}
}
private void PopulateRoles()
{
pnlConfigureRoles.Visible = true;
Facade.IRole facRole = new Facade.Security();
DataSet allRoles = facRole.GetAllRoles();
Entities.RoleCollection assignedRoles = facRole.GetRolesForSystemPortion((eSystemPortion)int.Parse(cboSystemPortion.SelectedValue));
Entities.RoleCollection unassignedRoles = facRole.GetUnassignedRolesForSystemPortion((eSystemPortion)int.Parse(cboSystemPortion.SelectedValue));
// Roles which can access system portion
lbAssignedRoles.DataSource = assignedRoles;
lbAssignedRoles.DataBind();
// Roles which cannot access system portion
lbUnassignedRoles.DataSource = unassignedRoles;
lbUnassignedRoles.DataBind();
}
protected void Page_Load(object sender, System.EventArgs e)
{
if (!((Entities.CustomPrincipal)Page.User).IsInRole(((int)eUserRole.SystemAdministrator).ToString()) && !((Entities.CustomPrincipal)Page.User).IsInRole(((int)eUserRole.UserAdministrator).ToString()))
{
Response.Redirect("~/security/accessdenied.aspx");
}
if (!IsPostBack)
{
Facade.ISecurity facSecurity = new Facade.Security();
cboSystemPortion.DataSource = facSecurity.GetAllSystemPortions();
cboSystemPortion.DataValueField = "SystemPortionId";
cboSystemPortion.DataTextField = "Description";
cboSystemPortion.DataBind();
}
}
private void btnUpdate_Click(object sender, System.EventArgs e)
{
Facade.IRole facRole = new Facade.Security();
string roleIdsCSV = String.Empty;
foreach (ListItem li in lbAssignedRoles.Items)
{
if (roleIdsCSV != String.Empty)
{
roleIdsCSV += ",";
}
roleIdsCSV += int.Parse(li.Value);
}
facRole.UpdateRolesForSystemPortion((eSystemPortion)int.Parse(cboSystemPortion.SelectedValue), roleIdsCSV);
}
protected void btnRemove_Click(object sender, EventArgs e)
{
bool success = false;
Entities.CustomPrincipal loggedOnUser = (Entities.CustomPrincipal)Page.User;
Facade.IUserAdmin facUserAdmin = new Facade.UserAdmin();
Facade.ISecurity facSecurity = new Facade.Security();
success = facUserAdmin.UpdateUserState((int)ViewState["identityId"], (int)eIdentityStatus.Deleted, loggedOnUser.Name);
if (success)
{
this.ReturnValue = "CloseAndRefresh";
this.Close();
}
else
{
lblMessage.Text = "Update User failed. Please try again.";
}
}
protected string path = "releaseNotes.html"; //specify the path to your file
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
//set the external file content in the editor
NotesEditor.Content = ReadFile(Server.MapPath(path));
NotesEditor.EditModes = Telerik.Web.UI.EditModes.Preview;
}
HttpContext httpContext = HttpContext.Current;
Facade.ISecurity facSecurity = new Facade.Security();
Facade.IUser facUser = new Facade.User();
string[] userRoleString = (((Entities.CustomPrincipal)httpContext.User).UserRole.Split(new char[] { ',' }));
eUserRole[] userRole = new eUserRole[userRoleString.Length];
for (int i = 0; i < userRoleString.Length; i++)
{
userRole[i] = (eUserRole)int.Parse(userRoleString[i]);
}
bool canEdit = false;
foreach (eUserRole r in userRole)
{
if (r == eUserRole.SystemAdministrator)
{
canEdit = true;
}
}
if (!canEdit)
{
Server.Transfer("relnotes.aspx");
}
pnldmin.Visible = canEdit;
}
protected void Page_Load(object sender, System.EventArgs e)
{
// Get roles that can access requested SystemPortion
Facade.IRole facRole = new Facade.Security();
Entities.RoleCollection rolesForSystemPortions = facRole.GetRolesForSystemPortions((eSystemPortion[])Session["SystemPortions"]);
// Display Roles that can access the requested SystemPortion
for (int i = 0; i < rolesForSystemPortions.Count; i++)
{
Entities.Role currentRole = (Entities.Role)rolesForSystemPortions[i];
if (i == 0)
{
lblRole.Text = currentRole.Name;
}
else if (i == 1 && rolesForSystemPortions.Count == 2)
{
lblRole.Text += " and " + currentRole.Name;
}
else if (i == 1 && rolesForSystemPortions.Count > 2)
{
lblRole.Text += ", " + currentRole.Name;
}
else if (i == (rolesForSystemPortions.Count - 1))
{
lblRole.Text += " and " + currentRole.Name;
}
else
{
lblRole.Text += ", " + currentRole.Name;
}
}
// Display the username of the requesting user
lblUser.Text += ((Entities.CustomPrincipal)Page.User).UserName;
}
private void addUser()
{
if (Page.IsValid)
{
Entities.CustomPrincipal loggedOnUser = (Entities.CustomPrincipal)Page.User;
Facade.IUserAdmin facUserAdmin = new Facade.UserAdmin();
Facade.ISecurity facSecurity = new Facade.Security();
int organisationId = 0;
int teamId = 0;
bool plannerRemoved = false;
if (m_isClient == true)
{
organisationId = Convert.ToInt32(cboClient.SelectedValue);
}
else
{
teamId = Convert.ToInt32(cboTeam.SelectedItem.Value);
}
int retIdentityId;
if (string.IsNullOrEmpty(txtSelectedRoles.Value))
{
lblMessage.Text = "Edit user failed. At least one role must be selected.";
return;
}
string[] sRoles = txtSelectedRoles.Value.Substring(1).Split(',');
int[] iRoles = new int[sRoles.Length];
for (int count = 0; count <= sRoles.Length - 1; count++)
{
iRoles[count] = Convert.ToInt32(sRoles[count]);
}
var validateRolesResult = facUserAdmin.ValidateUserRoles(txtUserName.Text, iRoles);
if (!validateRolesResult.Success)
{
if (validateRolesResult.Infringements.Select(i => i.Description).Contains("PlannerRemoved") && validateRolesResult.Infringements.Count == 1)
{
plannerRemoved = true;
}
else
{
lblMessage.Text = string.Join("<br />", validateRolesResult.Infringements.Select(i => i.Description));
return;
}
}
if (btnAdd.Text == "Add")
{
// Validate password
if (facSecurity.ValidatePassword(txtUserName.Text, txtPassword.Text))
{
rfvComplex.IsValid = true;
}
else
{
rfvComplex.IsValid = false;
return;
}
if (!m_isClient)
{
retIdentityId = facUserAdmin.AddUser(txtUserName.Text, txtPassword.Text, txtForenames.Text, txtSurname.Text, iRoles, teamId, loggedOnUser.Name, txtEmail.Text, chkCanAccessFromAnywhere.Checked, chkScannedLicense.Checked);
}
else
{
retIdentityId = facUserAdmin.AddUserForClient(txtUserName.Text, txtPassword.Text, txtForenames.Text, txtSurname.Text, iRoles, organisationId, loggedOnUser.Name, txtEmail.Text, chkScannedLicense.Checked);
}
if (retIdentityId > 0)
{
if (chkEmailDetails.Checked && m_isClient && pnlEmailDetails.Visible)
{
EmailClient();
}
this.ReturnValue = "CloseAndRefresh";
this.Close();
}
else if (retIdentityId == -1)
{
lblMessage.Text = "The Username has already been added to the application.";
}
else
{
lblMessage.Text = "Add new User failed. Please try again.";
}
}
else if (btnAdd.Text == "Update")
{
bool success = false;
if (!m_isClient)
{
success = facUserAdmin.UpdateUser((int)ViewState["identityId"], txtPassword.Text, txtForenames.Text, txtSurname.Text, Convert.ToInt32(cboUserStatus.SelectedValue), iRoles, teamId, loggedOnUser.Name, txtEmail.Text, chkCanAccessFromAnywhere.Checked, chkScannedLicense.Checked, plannerRemoved);
}
else
{
success = facUserAdmin.UpdateUserForClient((int)ViewState["identityId"], txtPassword.Text, txtForenames.Text, txtSurname.Text, Convert.ToInt32(cboUserStatus.SelectedValue), iRoles, organisationId, loggedOnUser.Name, txtEmail.Text, chkScannedLicense.Checked);
}
if (success)
{
this.ReturnValue = "CloseAndRefresh";
this.Close();
}
else
{
lblMessage.Text = "Update User failed. Please try again.";
}
}
}
}
protected void btnLogon_Click(object sender, System.EventArgs e)
{
int logonAttempts = 1;
if (ViewState["LogonAttempts"] != null)
{
logonAttempts = Convert.ToInt32(ViewState["LogonAttempts"]);
}
Entities.User user = null;
var facSecurity = new Facade.Security();
var logonResult = facSecurity.Logon(txtUserName.Text, txtPIN.Text, logonAttempts, ref user);
switch (logonResult)
{
case Enums.eLogonResult.Success:
// Check that this user can log in from this location.
bool canProceed = facSecurity.CanLoginFromLocation(txtUserName.Text, Request.ServerVariables["REMOTE_ADDR"]);
if (canProceed)
{
switch (user.UserStatus)
{
case Enums.eUserStatus.FirstLogon:
GoToChangePassword();
break;
case Enums.eUserStatus.PasswordReset:
GoToChangePassword();
break;
case Enums.eUserStatus.Active:
this.ProcessLogon();
break;
}
Session["UserName"] = user.UserName;
}
else
{
Response.Redirect("illegallocation.aspx");
}
break;
case Enums.eLogonResult.UsernameInvalid:
lblMessage.Text = "Invalid Username.";
lblMessage.Visible = true;
break;
case Enums.eLogonResult.AccountLocked:
lblMessage.Text = "This account has been locked. Please contact your local/site administrator.";
lblMessage.Visible = true;
break;
case Enums.eLogonResult.PasswordInvalid:
lblMessage.Text = "Incorrect Password.";
lblMessage.Visible = true;
logonAttempts++;
ViewState["LogonAttempts"] = logonAttempts;
break;
case Enums.eLogonResult.PasswordExpired:
GoToChangePassword(isPasswordExpired: true);
break;
case Enums.eLogonResult.AccountDeleted:
lblMessage.Text = "This account has been deleted. Please contact your local/site administrator.";
lblMessage.Visible = true;
break;
case Enums.eLogonResult.SystemError:
lblMessage.Text = "An error has occurred. Please try again later or contact us at the helpdesk for futher information.";
lblMessage.Visible = true;
break;
}
}
