Ejemplo n.º 1
0
    protected void Page_Load(object sender, EventArgs e)
    {
        Master.SelectedTab = tabID.tabUnknown;
        string szUser = String.Empty;

        if (!IsPostBack)
        {
            lblErr.Text = String.Empty;
            string szAuthToken = util.GetStringParam(Request, "auth");
            if (!String.IsNullOrEmpty(szAuthToken))
            {
                using (MFBWebService ws = new MFBWebService())
                    szUser = ws.GetEncryptedUser(szAuthToken);
            }

            bool fIsLocalOrSecure = MFBWebService.CheckSecurity(Request);

            // If no valid auth token, fall back to the authenticated name.
            if (String.IsNullOrEmpty(szUser) && Page.User.Identity.IsAuthenticated && fIsLocalOrSecure)
            {
                szUser = Page.User.Identity.Name;
            }

            // Require a secure connection for other than debugging.
            if (!fIsLocalOrSecure && !Request.IsSecureConnection)
            {
                szUser = string.Empty;
            }

            try
            {
                if (String.IsNullOrEmpty(szUser))
                {
                    throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized);
                }

                int idFlight = util.GetIntParam(Request, "idFlight", LogbookEntry.idFlightNew);
                if (idFlight == LogbookEntry.idFlightNew)
                {
                    throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized);
                }

                LogbookEntry le = new LogbookEntry();
                if (!le.FLoadFromDB(idFlight, szUser))
                {
                    throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized);
                }

                mfbSignFlight.Flight = le;
                CFIStudentMap sm = new CFIStudentMap(szUser);
                if (sm.Instructors.Count() == 0)
                {
                    mfbSignFlight.SigningMode = Controls_mfbSignFlight.SignMode.AdHoc;
                    mfbSignFlight.CFIProfile  = null;
                    mvSignFlight.SetActiveView(vwAcceptTerms);
                }
                else
                {
                    cmbInstructors.DataSource = sm.Instructors;
                    cmbInstructors.DataBind();
                    mvSignFlight.SetActiveView(vwPickInstructor);
                }


                lblHeader.Text              = String.Format(System.Globalization.CultureInfo.CurrentCulture, Resources.SignOff.SignFlightHeader, MyFlightbook.Profile.GetUser(le.User).UserFullName);
                lblDisclaimerResponse.Text  = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement1);
                lblDisclaimerResponse2.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement2);
            }
            catch (MyFlightbookException ex)
            {
                lblErr.Text = ex.Message;
            }
        }
    }
Ejemplo n.º 2
0
        protected void Page_Load(object sender, EventArgs e)
        {
            if (String.Compare(Request.HttpMethod, "GET", StringComparison.OrdinalIgnoreCase) == 0)
            {
                return;
            }

            if (!Request.IsSecureConnection)
            {
                throw new HttpException((int)HttpStatusCode.Forbidden, "Image upload MUST be on a secure channel");
            }

            if (ShuntState.IsShunted)
            {
                throw new MyFlightbookException(ShuntState.ShuntMessage);
            }

            System.Web.UI.HtmlControls.HtmlInputFile imgPicture = (System.Web.UI.HtmlControls.HtmlInputFile)FindControl("imgPicture");
            if (imgPicture == null)
            {
                throw new MyFlightbookException("No control named 'imgPicture' found!");
            }

            string szErr = "OK";

            try
            {
                string szUser = string.Empty;
                string szAuth = Request.Form["txtAuthToken"];
                if (String.IsNullOrEmpty(szAuth))
                {
                    // check for an oAuth token
                    using (OAuthServiceCall service = new OAuthServiceCall(Request))
                    {
                        szAuth = service.GeneratedAuthToken;

                        // Verify that you're allowed to modify images.
                        if (!MFBOauthServer.CheckScope(service.Token.Scope, MFBOAuthScope.images))
                        {
                            throw new UnauthorizedAccessException(String.Format(CultureInfo.CurrentCulture, "Requested action requires scope \"{0}\", which is not granted.", MFBOAuthScope.images.ToString()));
                        }
                    }
                }

                using (MFBWebService ws = new MFBWebService())
                {
                    szUser = ws.GetEncryptedUser(szAuth);
                }

                if (string.IsNullOrEmpty(szUser))
                {
                    throw new MyFlightbookException(Resources.WebService.errBadAuth);
                }

                HttpPostedFile pf = imgPicture.PostedFile;
                if (pf == null || pf.ContentLength == 0)
                {
                    throw new MyFlightbookException(Resources.WebService.errNoImageProvided);
                }

                // Upload the image, and then perform a pseudo idempotency check on it.
                MFBImageInfo mfbii = UploadForUser(szUser, pf, Request.Form["txtComment"] ?? string.Empty);
                mfbii.IdempotencyCheck();
            }
            catch (MyFlightbookException ex)
            {
                szErr = ex.Message;
            }

            Response.Clear();
            Response.ContentType = "text/plain; charset=utf-8";
            Response.Write(szErr);
        }
    protected void Page_Load(object sender, EventArgs e)
    {
        Master.SelectedTab = tabID.tabUnknown;

        if (!IsPostBack)
        {
            lblErr.Text = String.Empty;
            string szAuthToken = util.GetStringParam(Request, "auth");
            if (!String.IsNullOrEmpty(szAuthToken))
            {
                Username = MFBWebService.GetEncryptedUser(szAuthToken);
            }

            bool fIsLocalOrSecure = MFBWebService.CheckSecurity(Request);

            // If no valid auth token, fall back to the authenticated name.
            if (String.IsNullOrEmpty(Username) && Page.User.Identity.IsAuthenticated && fIsLocalOrSecure)
            {
                Username = Page.User.Identity.Name;
            }

            // Require a secure connection for other than debugging.
            if (!fIsLocalOrSecure && !Request.IsSecureConnection)
            {
                Username = string.Empty;
            }

            try
            {
                if (String.IsNullOrEmpty(Username))
                {
                    throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized);
                }

                int idFlight = util.GetIntParam(Request, "idFlight", LogbookEntry.idFlightNew);
                if (idFlight == LogbookEntry.idFlightNew)
                {
                    throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized);
                }

                LogbookEntry le = new LogbookEntry();
                if (!le.FLoadFromDB(idFlight, Username))
                {
                    throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized);
                }

                mfbSignFlight.Flight = le;
                CFIStudentMap sm = new CFIStudentMap(Username);

                if (Username == null)
                {
                    throw new MyFlightbookValidationException("No username for previously signed flights");
                }

                Dictionary <string, LogbookEntry> d = PreviouslySignedAdhocFlights;

                // If no instructors, and no previously signed flights, assume ad-hoc and go straight to accept terms.
                if (!sm.Instructors.Any() && d.Keys.Count == 0)
                {
                    mfbSignFlight.SigningMode = Controls_mfbSignFlight.SignMode.AdHoc;
                    mfbSignFlight.CFIProfile  = null;
                    mvSignFlight.SetActiveView(vwAcceptTerms);
                }
                else
                {
                    rptInstructors.DataSource = sm.Instructors;
                    rptInstructors.DataBind();

                    List <string> lstKeys = new List <string>(d.Keys);
                    lstKeys.Sort();
                    List <LogbookEntry> lstPrevInstructors = new List <LogbookEntry>();

                    foreach (string sz in lstKeys)
                    {
                        lstPrevInstructors.Add(d[sz]);
                    }

                    rptPriorInstructors.DataSource = lstPrevInstructors;
                    rptPriorInstructors.DataBind();

                    mvSignFlight.SetActiveView(vwPickInstructor);
                }


                lblHeader.Text              = String.Format(CultureInfo.CurrentCulture, Resources.SignOff.SignFlightHeader, MyFlightbook.Profile.GetUser(le.User).UserFullName);
                lblDisclaimerResponse.Text  = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement1);
                lblDisclaimerResponse2.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement2);
            }
            catch (MyFlightbookException ex)
            {
                lblErr.Text = ex.Message;
            }
        }
    }