public ObjectResult ChangePassword(User user)
{
try
{
using (SecurityEntities context = new SecurityEntities())
{
User item = context.Users.Where(d => d.UserCode == user.UserCode).FirstOrDefault();
if (item != null)
{
item.Password = user.PasswordHash;
context.Entry(item).State = System.Data.Entity.EntityState.Modified;
context.SaveChanges();
return(ObjectResult.Succeed());
}
else
{
return(ObjectResult.Fail("User doesn't exist."));
}
}
}
catch (Exception ex)
{
return(ObjectResult.Fail(ex));
}
}
public static void EnablePrivilegeOnProcess(Process process, SecurityEntities privilege)
{
SafeNativeHandle processToken;
if (!AdvancedAPI.OpenProcessToken(process.Handle, TokenAccessLevels.AdjustPrivileges,
out processToken))
{
throw new Win32Exception();
}
using (processToken)
{
LUID luid;
if (!AdvancedAPI.LookupPrivilegeValue(null, privilege.ToString(), out luid))
{
throw new Win32Exception();
}
var tkp = new TokenPrivileges(PrivilegeAttributes.Enabled, luid);
if (
!AdvancedAPI.AdjustTokenPrivileges(processToken, false, ref tkp, (uint)Marshal.SizeOf(tkp),
IntPtr.Zero, IntPtr.Zero) ||
Marshal.GetLastWin32Error() != 0)
{
throw new Win32Exception();
}
}
}
public User CheckUserLogin(User user)
{
using (SecurityEntities context = new SecurityEntities())
{
return(context.Users.Where(d => d.UserCode == user.UserCode && d.Password == user.PasswordHash).FirstOrDefault());
}
}
public List <ScreenPermissionListTreeResult> GetScreenPermissionListTree(ScreenPermissionListCriteria criteria)
{
using (SecurityEntities context = new SecurityEntities())
{
return(context.GetScreenPermissionListTree(criteria.UserID, criteria.UserRole).ToList());
}
}
public virtual Dictionary <string, List <string> > LoadUserGroup()
{
using (SecurityEntities db = new SecurityEntities())
return(db.tbs_UserGroup
.GroupBy(a => a.UserCode)
.ToDictionary(k => k.Key, v => v.Select(a => a.GroupCode).ToList()));
}
protected void UsersEntityDataSource_Selected(object sender, EntityDataSourceSelectedEventArgs e)
{
var userIds = e.Results.Cast <Membership>().Select(x => x.UserId).ToArray();
var db = new SecurityEntities();
users = (from row in db.Users where userIds.Contains(row.UserId) select row).ToArray();
db.Dispose();
db = null;
}
public RoleEditEventArgs(string roleName)
{
var db = new SecurityEntities();
this.m_role = (from item in db.Roles
where item.Application.ApplicationName == System.Web.Security.Roles.ApplicationName &&
item.RoleName == roleName
select item).FirstOrDefault();
}
public void InsertUser(User user, string listCompany, string listPlant)
{
using (SecurityEntities context = new SecurityEntities())
{
Context.Entry(user).State = System.Data.Entity.EntityState.Added;
//insert new mapping
Context.SaveChanges();
}
}
public void UpdateRole()
{
var db = new SecurityEntities();
var role = Role.GetRole(CreatedRoleTextBox.Text, db);
role.ApplicationId = new Guid(ApplicationIdTextBox.Text);
role.Description = DescriptionTextBox.Text;
role.LoweredRoleName = RoleNameTextBox.Text.ToLower();
role.RoleName = RoleNameTextBox.Text;
db.SaveChanges();
RiseUpdated(new RoleEditEventArgs(RoleNameTextBox.Text));
}
public virtual List <GroupPermissionMap> LoadPermissionGroupMap()
{
using (SecurityEntities db = new SecurityEntities())
return(db.tbs_PermissionGroupMap
.Select(a => new GroupPermissionMap
{
AcResourceName = a.AcResourceName,
GroupCode = a.GroupCode,
PermissionCode = a.PermissionCode,
})
.ToList());
}
public bool TryAuthenticate(string loginName, string password)
{
using (SecurityEntities db = new SecurityEntities())
{
return(db.tbs_User
.Where(a => (a.LoginName == loginName) &&
a.IsActive &&
a.Password == password)
.Select(a => a.UserCode)
.Count() > 0);
}
}
public static void UpdateRole(string roleName, string description)
{
var db = new SecurityEntities();
Role role = (from item in db.Roles
where item.Application.ApplicationName == System.Web.Security.Roles.ApplicationName &&
item.RoleName == roleName
select item).FirstOrDefault();
if (role != null)
{
role.Description = description;
}
db.SaveChanges();
}
public UserInformation GetUserInformation(string loginName)
{
using (SecurityEntities db = new SecurityEntities())
{
return(db.tbs_User
.Where(a => (a.LoginName == loginName))
.Select(a => new UserInformation
{
UserCode = a.UserCode,
LoginName = a.LoginName,
})
.FirstOrDefault());
}
}
public virtual List <ScreenItem> LoadScreenItem()
{
using (SecurityEntities db = new SecurityEntities())
return(db.tbs_ScreenItem
.Select(a => new ScreenItem
{
AcResourceName = a.AcResourceName,
ItemSequence = a.ItemSequence,
MenuGroupCode = a.ManuGroupCode,
ScreenCode = a.ScreenCode,
ScreenName = a.ScreenName,
IsSingleton = a.IsSingleton ?? false,
AllowAnonymous = a.AllowAnonymous ?? false,
})
.ToList());
}
public virtual List <UserPermissionMap> LoadPermissionUserMap()
{
using (SecurityEntities db = new SecurityEntities())
{
var qry = from p in db.tbs_PermissionUserMap
join u in db.tbs_User on p.UserCode equals u.UserCode
select new UserPermissionMap
{
AcResourceName = p.AcResourceName,
UserCode = p.UserCode,
LoginName = u.LoginName,
PermissionCode = p.PermissionCode,
};
return(qry.ToList());
}
}
protected void RolesDataSource_QueryCreated(object sender, QueryCreatedEventArgs e)
{
if (!string.IsNullOrEmpty(SearchUserId.Text))
{
var userId = new Guid(SearchUserId.Text);
var db = new SecurityEntities();
if (SearchFilterLabel.Text == "InRole")
{
e.Query = db.Users.Where(x => x.UserId == userId).SelectMany(x => x.Roles).OrderBy(x => x.RoleName);
}
else if (SearchFilterLabel.Text == "NotInRole")
{
var q1 = db.Users.Where(x => x.UserId == userId).SelectMany(x => x.Roles);
e.Query = db.Roles.Except(q1).OrderBy(x => x.RoleName);
}
}
}
public List <UserAndRoleListResult> GetUserAndRoleList(UserCriteria criteria)
{
using (SecurityEntities context = new SecurityEntities())
{
var result = new List <UserAndRoleListResult>();
if (criteria.Type.Equals("User"))
{
result = context.GetUserAndRoleList(userID: criteria.UserID
, userRole: null
).ToList();
}
else
{
result = context.GetUserAndRoleList(userID: null
, userRole: criteria.UserID
).ToList();
}
return(result);
}
}
public virtual Dictionary <string, List <RestrictedControlItem> > LoadRestrictedControlItem()
{
using (SecurityEntities db = new SecurityEntities())
{
string disable = AccessControlAction.Disable.ToString();
string hide = AccessControlAction.Hide.ToString();
string readOnly = AccessControlAction.ReadOnly.ToString();
return(db.tbs_RestrictControlItem
.Select(a => new RestrictedControlItem
{
ACA = 0 == string.Compare(disable, a.AccessControlAction, true) ? AccessControlAction.Disable :
0 == string.Compare(hide, a.AccessControlAction, true) ? AccessControlAction.Hide :
0 == string.Compare(readOnly, a.AccessControlAction, true) ? AccessControlAction.ReadOnly :
AccessControlAction.None,
AcResourceName = a.AcResourceName,
ControlId = a.ControlId,
FullClassName = a.FullClassName,
PermissionCode = a.PermissionCode,
})
.GroupBy(a => a.FullClassName)
.ToDictionary(k => k.Key, v => v.ToList()));
}
}
public void CreateRole()
{
CreatedRoleTextBox.Text = "";
var db = new SecurityEntities();
var role = new Role()
{
ApplicationId = new Guid(ApplicationIdTextBox.Text),
Description = DescriptionTextBox.Text,
LoweredRoleName = RoleNameTextBox.Text.ToLower(),
RoleId = new Guid(RoleIdTextBox.Text),
RoleName = RoleNameTextBox.Text,
};
db.Roles.AddObject(role);
db.SaveChanges();
switch (PostCreateMode)
{
case PostCreateModeEnum.None:
break;
case PostCreateModeEnum.Create:
PrepareToCreate();
break;
case PostCreateModeEnum.Update:
PrepareToUpdate();
LoadRole(role.RoleId);
break;
default:
break;
}
CreateStatusLabel.ForeColor = System.Drawing.Color.Green;
CreateStatusLabel.Text = "Role '" + role.RoleName + "' was created.";
CreatedRoleTextBox.Text = role.RoleName;
RiseCreated(new RoleEditEventArgs(role));
}
/// <summary>
/// Inicializa la clase.
/// </summary>
/// <param name="context">Objeto de ámbito para el manejo de datos.</param>
public GenericRepository(SecurityEntities context, ContextFactory contextFactory)
{
this.Context = context;
this.ContextFactory = contextFactory;
_dbSet = context.Set <TDAL>();
}
/// <summary>
/// Inicializa la clase.
/// </summary>
/// <param name="context">Objeto de ámbito para el manejo de datos.</param>
public GenericRepository(SecurityEntities context)
{
Context = context;
_dbSet = context.Set <TDAL>();
}
public override IHttpActionResult Put(Guid id, [FromBody] User value)
{
GetAuthorization();
if (!IsAuthorize(GenericApiController.Utilities.Actions.Put))
{
return(Content(HttpStatusCode.Unauthorized, "Unauthorized"));
}
var item = repo.Repo.GetByID(id, filter: GetDataConstrains());
if (item != null)
{
using (var context = new SecurityEntities())
{
var originalItem = context.User
//.Include(j => j.UserService)
//.Include(j => j.UserServiceAccess)
//.Include(j => j.UserRole)
.Single(j => j.UserId == value.UserId);
// Update scalar/complex properties
context.Entry(originalItem).CurrentValues.SetValues(value);
// Update references
// Update UserService
if (value.UserService != null)
{
foreach (var childItem in value.UserService)
{
var originalDetailsItem = originalItem.UserService
.Where(c => c.UserServiceID == childItem.UserServiceID && c.UserServiceID != null)
.SingleOrDefault();
// Is original child item with same ID in DB?
if (originalDetailsItem != null)
{
childItem.CreateUserId = originalDetailsItem.CreateUserId;
childItem.CreateDate = originalDetailsItem.CreateDate;
context.Entry(originalDetailsItem).CurrentValues.SetValues(childItem);
}
else
{
childItem.UserServiceID = Guid.NewGuid();
originalItem.UserService.Add(childItem);
}
}
// Don't consider the child items we have just added above.
// (We need to make a copy of the list by using .ToList() because
// _dbContext.ChildItems.Remove in this loop does not only delete
// from the context but also from the child collection. Without making
// the copy we would modify the collection we are just interating
// through - which is forbidden and would lead to an exception.)
foreach (var originalChildItem in
originalItem.UserService.Where(c => c.UserServiceID != null).ToList())
{
// Are there child items in the DB which are NOT in the
// new child item collection anymore?
if (!value.UserService.Any(c => c.UserServiceID == originalChildItem.UserServiceID))
{
// Yes -> It's a deleted child item -> Delete
context.UserService.Remove(originalChildItem);
}
}
}
//update UserServiceAccess
if (value.UserServiceAccess != null)
{
foreach (var childItem in value.UserServiceAccess)
{
var originalDetailsItem = originalItem.UserServiceAccess
.Where(c => c.UserServiceAccessID == childItem.UserServiceAccessID && c.UserServiceAccessID != null)
.SingleOrDefault();
// Is original child item with same ID in DB?
if (originalDetailsItem != null)
{
childItem.CreateUserId = originalDetailsItem.CreateUserId;
childItem.CreateDate = originalDetailsItem.CreateDate;
context.Entry(originalDetailsItem).CurrentValues.SetValues(childItem);
}
else
{
childItem.UserServiceAccessID = Guid.NewGuid();
originalItem.UserServiceAccess.Add(childItem);
}
}
foreach (var originalChildItem in
originalItem.UserServiceAccess.Where(c => c.UserServiceAccessID != null).ToList())
{
// Are there child items in the DB which are NOT in the
// new child item collection anymore?
if (!value.UserServiceAccess.Any(c => c.UserServiceAccessID == originalChildItem.UserServiceAccessID))
{
// Yes -> It's a deleted child item -> Delete
context.UserServiceAccess.Remove(originalChildItem);
}
}
}
//update UserRole
if (value.UserRole != null)
{
foreach (var childItem in value.UserRole)
{
var originalDetailsItem = originalItem.UserRole
.Where(c => c.UserRoleId == childItem.UserRoleId && c.UserRoleId != null)
.SingleOrDefault();
// Is original child item with same ID in DB?
if (originalDetailsItem != null)
{
childItem.CreateUserId = originalDetailsItem.CreateUserId;
childItem.CreateDate = originalDetailsItem.CreateDate;
context.Entry(originalDetailsItem).CurrentValues.SetValues(childItem);
}
else
{
childItem.UserRoleId = Guid.NewGuid();
originalItem.UserRole.Add(childItem);
}
}
foreach (var originalChildItem in
originalItem.UserRole.Where(c => c.UserRoleId != null).ToList())
{
// Are there child items in the DB which are NOT in the
// new child item collection anymore?
if (!value.UserRole.Any(c => c.UserRoleId == originalChildItem.UserRoleId))
{
// Yes -> It's a deleted child item -> Delete
context.UserRole.Remove(originalChildItem);
}
}
}
context.SaveChanges();
}
return(Content(HttpStatusCode.OK, value));
}
else
{
return(Content(HttpStatusCode.Unauthorized, "Unauthorized"));
}
}
public SecurityService()
{
Context = new SecurityEntities();
}
