private void btnAdd_Click(object sender, EventArgs e) { if (Page.IsValid) { bool alreadyExists = false; foreach (ComponentArt.Web.UI.GridItem dgItem in dgUserGroups.Items) { if (dgItem["Description"].ToString() == txtDescription.Text) { alreadyExists = true; } } if (alreadyExists) { lblError.Text = "User group already added with that name."; lblError.Visible = true; } else if (txtDescription.Text == "") { lblError.Text = "Please specify a name for the user group."; lblError.Visible = true; } else { Facade.IRole facRole = new Facade.Security(); facRole.AddRole(txtDescription.Text); BindGrid(); } } }
public static bool CanAccess(params eSystemPortion[] systemPortions) { bool canAccess = false; HttpContext httpContext = HttpContext.Current; Facade.ISecurity facSecurity = new Facade.Security(); Facade.IUser facUser = new Facade.User(); string[] userRoleString = (((Entities.CustomPrincipal)httpContext.User).UserRole.Split(new char[] { ',' })); eUserRole[] userRole = new eUserRole[userRoleString.Length]; for (int i = 0; i < userRoleString.Length; i++) { userRole[i] = (eUserRole)int.Parse(userRoleString[i]); } // Store this user's roles and the portions testing against in the session. httpContext.Session["UserRole"] = userRole; httpContext.Session["SystemPortions"] = systemPortions; foreach (eSystemPortion sp in systemPortions) { if (facSecurity.CanAccessPortion(userRole, sp)) { canAccess = true; break; } } return(canAccess); }
private void UpdateUser(ComponentArt.Web.UI.GridItem item, string command) { switch (command) { case "UPDATE": string description = item["Description"].ToString(); int roleId = Convert.ToInt32(item["RoleId"]); Facade.IRole facRole = new Facade.Security(); facRole.UpdateRole(roleId, description); // BindGrid(); //int extraId = Convert.ToInt32(item["ExtraId"].ToString()); //Facade.IJobExtra facJobExtra = new Facade.Job(); //Entities.Extra updatingExtra = facJobExtra.GetExtraForExtraId(extraId); //updatingExtra.ExtraState = (eExtraState)Enum.Parse(typeof(eExtraState), item["ExtraState"].ToString()); //updatingExtra.ExtraAmount = Decimal.Parse(item["ExtraAmount"].ToString(), NumberStyles.Currency); //updatingExtra.ClientContact = item["ClientContact"].ToString(); //facJobExtra.UpdateExtra(updatingExtra, ((Entities.CustomPrincipal)Page.User).UserName); break; } }
protected void cmdLock_Click(object sender, System.EventArgs e) { Entities.CustomPrincipal loggedOnUser = (Entities.CustomPrincipal)Page.User; Facade.UserAdmin facUserAdmin = new Facade.UserAdmin(); Facade.Security facSecurity = new Facade.Security(); int IdentityId = Convert.ToInt32(Request.QueryString["identityId"]); if (cmdLock.Text == "Lock") { if (facUserAdmin.LockUser(IdentityId)) { cmdLock.Text = "Unlock"; } else { lblMessage.Text = "Failed to lock User."; } } else if (cmdLock.Text == "Unlock") { if (facUserAdmin.UnLockUser(IdentityId)) { cmdLock.Text = "Lock"; } else { lblMessage.Text = "Failed to unlock User."; } } }
public void ProcessRequest(HttpContext context) { var queryString = context.Request.QueryString; var clientId = queryString["client_id"]; var redirectUri = queryString["redirect_uri"]; var returnUri = redirectUri; try { var user = context.User; var isClientUser = user.IsInRole(((int)Orchestrator.eUserRole.ClientUser).ToString()); Facade.ISecurity facSecurity = new Facade.Security(); var code = facSecurity.GenerateOAuth2Code(clientId, redirectUri, user.Identity.Name, isClientUser); returnUri += $"?state={queryString["state"]}&code={code}"; } catch (ApplicationException ex) { returnUri += $"?error={ex.Message}"; } catch { returnUri += "?error=authentication_failed"; } context.Response.Redirect(returnUri, false); }
void btnEdit_Click(object sender, EventArgs e) { HttpContext httpContext = HttpContext.Current; Facade.ISecurity facSecurity = new Facade.Security(); Facade.IUser facUser = new Facade.User(); string[] userRoleString = (((Entities.CustomPrincipal)httpContext.User).UserRole.Split(new char[] { ',' })); eUserRole[] userRole = new eUserRole[userRoleString.Length]; for (int i = 0; i < userRoleString.Length; i++) { userRole[i] = (eUserRole)int.Parse(userRoleString[i]); } bool canEdit = false; foreach (eUserRole r in userRole) { if (r == eUserRole.SystemAdministrator) { canEdit = true; } } if (canEdit) { NotesEditor.EditModes = Telerik.Web.UI.EditModes.All; } else { NotesEditor.EditModes = Telerik.Web.UI.EditModes.Preview; } }
protected void btnSubmit_Click(object sender, System.EventArgs e) { Facade.Security facSecurity = new Facade.Security(); Entities.User busUser = new Entities.User(); Entities.CustomPrincipal loggedOnUser = (Entities.CustomPrincipal)Page.User; if (facSecurity.ValidatePassword(txtUsername.Text, txtNewPassword.Text)) { if (facSecurity.UpdatePassword(txtUsername.Text, txtNewPassword.Text, loggedOnUser.UserName)) { pnlChangePassword.Visible = false; pnlChangePasswordConfirmation.Visible = true; if (Request["returnURL"] != null) { Response.Redirect(Request.QueryString["returnURL"]); } } else { lblMessage.Text = ("The password has not been updated. Please note old passwords cannot be used again for at least one year."); lblMessage.Visible = true; } } else { rfvComplexPwd.IsValid = false; lblMessage.Visible = false; } }
private void PopulateRoles() { pnlConfigureRoles.Visible = true; Facade.IRole facRole = new Facade.Security(); DataSet allRoles = facRole.GetAllRoles(); Entities.RoleCollection assignedRoles = facRole.GetRolesForSystemPortion((eSystemPortion)int.Parse(cboSystemPortion.SelectedValue)); Entities.RoleCollection unassignedRoles = facRole.GetUnassignedRolesForSystemPortion((eSystemPortion)int.Parse(cboSystemPortion.SelectedValue)); // Roles which can access system portion lbAssignedRoles.DataSource = assignedRoles; lbAssignedRoles.DataBind(); // Roles which cannot access system portion lbUnassignedRoles.DataSource = unassignedRoles; lbUnassignedRoles.DataBind(); }
protected void Page_Load(object sender, System.EventArgs e) { if (!((Entities.CustomPrincipal)Page.User).IsInRole(((int)eUserRole.SystemAdministrator).ToString()) && !((Entities.CustomPrincipal)Page.User).IsInRole(((int)eUserRole.UserAdministrator).ToString())) { Response.Redirect("~/security/accessdenied.aspx"); } if (!IsPostBack) { Facade.ISecurity facSecurity = new Facade.Security(); cboSystemPortion.DataSource = facSecurity.GetAllSystemPortions(); cboSystemPortion.DataValueField = "SystemPortionId"; cboSystemPortion.DataTextField = "Description"; cboSystemPortion.DataBind(); } }
private void btnUpdate_Click(object sender, System.EventArgs e) { Facade.IRole facRole = new Facade.Security(); string roleIdsCSV = String.Empty; foreach (ListItem li in lbAssignedRoles.Items) { if (roleIdsCSV != String.Empty) { roleIdsCSV += ","; } roleIdsCSV += int.Parse(li.Value); } facRole.UpdateRolesForSystemPortion((eSystemPortion)int.Parse(cboSystemPortion.SelectedValue), roleIdsCSV); }
protected void btnRemove_Click(object sender, EventArgs e) { bool success = false; Entities.CustomPrincipal loggedOnUser = (Entities.CustomPrincipal)Page.User; Facade.IUserAdmin facUserAdmin = new Facade.UserAdmin(); Facade.ISecurity facSecurity = new Facade.Security(); success = facUserAdmin.UpdateUserState((int)ViewState["identityId"], (int)eIdentityStatus.Deleted, loggedOnUser.Name); if (success) { this.ReturnValue = "CloseAndRefresh"; this.Close(); } else { lblMessage.Text = "Update User failed. Please try again."; } }
protected string path = "releaseNotes.html"; //specify the path to your file protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { //set the external file content in the editor NotesEditor.Content = ReadFile(Server.MapPath(path)); NotesEditor.EditModes = Telerik.Web.UI.EditModes.Preview; } HttpContext httpContext = HttpContext.Current; Facade.ISecurity facSecurity = new Facade.Security(); Facade.IUser facUser = new Facade.User(); string[] userRoleString = (((Entities.CustomPrincipal)httpContext.User).UserRole.Split(new char[] { ',' })); eUserRole[] userRole = new eUserRole[userRoleString.Length]; for (int i = 0; i < userRoleString.Length; i++) { userRole[i] = (eUserRole)int.Parse(userRoleString[i]); } bool canEdit = false; foreach (eUserRole r in userRole) { if (r == eUserRole.SystemAdministrator) { canEdit = true; } } if (!canEdit) { Server.Transfer("relnotes.aspx"); } pnldmin.Visible = canEdit; }
protected void Page_Load(object sender, System.EventArgs e) { // Get roles that can access requested SystemPortion Facade.IRole facRole = new Facade.Security(); Entities.RoleCollection rolesForSystemPortions = facRole.GetRolesForSystemPortions((eSystemPortion[])Session["SystemPortions"]); // Display Roles that can access the requested SystemPortion for (int i = 0; i < rolesForSystemPortions.Count; i++) { Entities.Role currentRole = (Entities.Role)rolesForSystemPortions[i]; if (i == 0) { lblRole.Text = currentRole.Name; } else if (i == 1 && rolesForSystemPortions.Count == 2) { lblRole.Text += " and " + currentRole.Name; } else if (i == 1 && rolesForSystemPortions.Count > 2) { lblRole.Text += ", " + currentRole.Name; } else if (i == (rolesForSystemPortions.Count - 1)) { lblRole.Text += " and " + currentRole.Name; } else { lblRole.Text += ", " + currentRole.Name; } } // Display the username of the requesting user lblUser.Text += ((Entities.CustomPrincipal)Page.User).UserName; }
private void addUser() { if (Page.IsValid) { Entities.CustomPrincipal loggedOnUser = (Entities.CustomPrincipal)Page.User; Facade.IUserAdmin facUserAdmin = new Facade.UserAdmin(); Facade.ISecurity facSecurity = new Facade.Security(); int organisationId = 0; int teamId = 0; bool plannerRemoved = false; if (m_isClient == true) { organisationId = Convert.ToInt32(cboClient.SelectedValue); } else { teamId = Convert.ToInt32(cboTeam.SelectedItem.Value); } int retIdentityId; if (string.IsNullOrEmpty(txtSelectedRoles.Value)) { lblMessage.Text = "Edit user failed. At least one role must be selected."; return; } string[] sRoles = txtSelectedRoles.Value.Substring(1).Split(','); int[] iRoles = new int[sRoles.Length]; for (int count = 0; count <= sRoles.Length - 1; count++) { iRoles[count] = Convert.ToInt32(sRoles[count]); } var validateRolesResult = facUserAdmin.ValidateUserRoles(txtUserName.Text, iRoles); if (!validateRolesResult.Success) { if (validateRolesResult.Infringements.Select(i => i.Description).Contains("PlannerRemoved") && validateRolesResult.Infringements.Count == 1) { plannerRemoved = true; } else { lblMessage.Text = string.Join("<br />", validateRolesResult.Infringements.Select(i => i.Description)); return; } } if (btnAdd.Text == "Add") { // Validate password if (facSecurity.ValidatePassword(txtUserName.Text, txtPassword.Text)) { rfvComplex.IsValid = true; } else { rfvComplex.IsValid = false; return; } if (!m_isClient) { retIdentityId = facUserAdmin.AddUser(txtUserName.Text, txtPassword.Text, txtForenames.Text, txtSurname.Text, iRoles, teamId, loggedOnUser.Name, txtEmail.Text, chkCanAccessFromAnywhere.Checked, chkScannedLicense.Checked); } else { retIdentityId = facUserAdmin.AddUserForClient(txtUserName.Text, txtPassword.Text, txtForenames.Text, txtSurname.Text, iRoles, organisationId, loggedOnUser.Name, txtEmail.Text, chkScannedLicense.Checked); } if (retIdentityId > 0) { if (chkEmailDetails.Checked && m_isClient && pnlEmailDetails.Visible) { EmailClient(); } this.ReturnValue = "CloseAndRefresh"; this.Close(); } else if (retIdentityId == -1) { lblMessage.Text = "The Username has already been added to the application."; } else { lblMessage.Text = "Add new User failed. Please try again."; } } else if (btnAdd.Text == "Update") { bool success = false; if (!m_isClient) { success = facUserAdmin.UpdateUser((int)ViewState["identityId"], txtPassword.Text, txtForenames.Text, txtSurname.Text, Convert.ToInt32(cboUserStatus.SelectedValue), iRoles, teamId, loggedOnUser.Name, txtEmail.Text, chkCanAccessFromAnywhere.Checked, chkScannedLicense.Checked, plannerRemoved); } else { success = facUserAdmin.UpdateUserForClient((int)ViewState["identityId"], txtPassword.Text, txtForenames.Text, txtSurname.Text, Convert.ToInt32(cboUserStatus.SelectedValue), iRoles, organisationId, loggedOnUser.Name, txtEmail.Text, chkScannedLicense.Checked); } if (success) { this.ReturnValue = "CloseAndRefresh"; this.Close(); } else { lblMessage.Text = "Update User failed. Please try again."; } } } }
protected void btnLogon_Click(object sender, System.EventArgs e) { int logonAttempts = 1; if (ViewState["LogonAttempts"] != null) { logonAttempts = Convert.ToInt32(ViewState["LogonAttempts"]); } Entities.User user = null; var facSecurity = new Facade.Security(); var logonResult = facSecurity.Logon(txtUserName.Text, txtPIN.Text, logonAttempts, ref user); switch (logonResult) { case Enums.eLogonResult.Success: // Check that this user can log in from this location. bool canProceed = facSecurity.CanLoginFromLocation(txtUserName.Text, Request.ServerVariables["REMOTE_ADDR"]); if (canProceed) { switch (user.UserStatus) { case Enums.eUserStatus.FirstLogon: GoToChangePassword(); break; case Enums.eUserStatus.PasswordReset: GoToChangePassword(); break; case Enums.eUserStatus.Active: this.ProcessLogon(); break; } Session["UserName"] = user.UserName; } else { Response.Redirect("illegallocation.aspx"); } break; case Enums.eLogonResult.UsernameInvalid: lblMessage.Text = "Invalid Username."; lblMessage.Visible = true; break; case Enums.eLogonResult.AccountLocked: lblMessage.Text = "This account has been locked. Please contact your local/site administrator."; lblMessage.Visible = true; break; case Enums.eLogonResult.PasswordInvalid: lblMessage.Text = "Incorrect Password."; lblMessage.Visible = true; logonAttempts++; ViewState["LogonAttempts"] = logonAttempts; break; case Enums.eLogonResult.PasswordExpired: GoToChangePassword(isPasswordExpired: true); break; case Enums.eLogonResult.AccountDeleted: lblMessage.Text = "This account has been deleted. Please contact your local/site administrator."; lblMessage.Visible = true; break; case Enums.eLogonResult.SystemError: lblMessage.Text = "An error has occurred. Please try again later or contact us at the helpdesk for futher information."; lblMessage.Visible = true; break; } }