public static string DeleteAccounts(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
{
return("");
}
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of ids that will be deleted for the log
sSql = "select account_id, account_name, provider, login_id from cloud_account where account_id in (" + sDeleteArray + ")";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
{
throw new Exception(sErr);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
sSql = "delete from cloud_account where account_id in (" + sDeleteArray + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.CloudAccount, dr["account_id"].ToString(), dr["account_name"].ToString(), dr["provider"].ToString() + " Account for LoginID [" + dr["login_id"].ToString() + "] Deleted");
}
return(sErr);
}
public static string DeleteCredentials(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
{
return("");
}
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of credential_ids that will be deleted for the log
sSql = "select credential_name,credential_id from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " +
"and credential_id not in (select distinct credential_id from asset where credential_id is not null)";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
{
throw new Exception(sErr);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//delete asset_credential
sSql = "delete from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " +
"and credential_id not in (select distinct credential_id from asset where credential_id is not null)";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Credential, dr["credential_id"].ToString(), dr["credential_name"].ToString(), "Credential Deleted");
}
return(sErr);
}
public static string DeleteClouds(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of ids that will be deleted for the log
sSql = "select cloud_id, cloud_name, provider from clouds where cloud_id in (" + sDeleteArray + ")";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
throw new Exception(sErr);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
sSql = "delete from clouds where cloud_id in (" + sDeleteArray + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
throw new Exception(sErr);
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
//reget the cloud providers class in the session
ui.SetCloudProviders(ref sErr);
if (!string.IsNullOrEmpty(sErr))
throw new Exception("Error: Unable to load Cloud Providers XML." + sErr);
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Cloud, dr["cloud_id"].ToString(), dr["cloud_name"].ToString(), dr["provider"].ToString() + " Cloud Deleted.");
}
return sErr;
}
public static string DeleteCredentials(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of credential_ids that will be deleted for the log
sSql = "select credential_name,credential_id from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " +
"and credential_id not in (select distinct credential_id from asset where credential_id is not null)";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
{
throw new Exception(sErr);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//delete asset_credential
sSql = "delete from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " +
"and credential_id not in (select distinct credential_id from asset where credential_id is not null)";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Credential, dr["credential_id"].ToString(), dr["credential_name"].ToString(), "Credential Deleted");
}
return sErr;
}
public static string DeleteAccounts(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of ids that will be deleted for the log
sSql = "select account_id, account_name, provider, login_id from cloud_account where account_id in (" + sDeleteArray + ")";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
throw new Exception(sErr);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
sSql = "delete from cloud_account where account_id in (" + sDeleteArray + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
throw new Exception(sErr);
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.CloudAccount, dr["account_id"].ToString(), dr["account_name"].ToString(), dr["provider"].ToString() + " Account for LoginID [" + dr["login_id"].ToString() + "] Deleted");
}
return sErr;
}
public static string DeleteDomains(string sDeleteArray)
{
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
{
return("");
}
sDeleteArray = ui.QuoteUp(sDeleteArray);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//delete domains
sSql = "delete from ldap_domain where ldap_domain in (" + sDeleteArray.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Domain, sDeleteArray.ToString(), sDeleteArray.ToString(), "Domain(s) Deleted");
return(sErr);
}
public static string DeleteDomains(string sDeleteArray)
{
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//delete domains
sSql = "delete from ldap_domain where ldap_domain in (" + sDeleteArray.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Domain, sDeleteArray.ToString(), sDeleteArray.ToString(), "Domain(s) Deleted");
return sErr;
}
public static string SaveAsset(object[] oAsset)
{
// check the # of elements in the array
if (oAsset.Length != 19)
{
return("Incorrect number of Asset Properties:" + oAsset.Length.ToString());
}
string sAssetID = oAsset[0].ToString();
string sAssetName = oAsset[1].ToString().Replace("'", "''");
string sDbName = oAsset[2].ToString().Replace("'", "''");
string sPort = oAsset[3].ToString();
string sConnectionType = oAsset[4].ToString();
string sIsConnection = "0"; // oAsset[5].ToString();
string sAddress = oAsset[5].ToString().Replace("'", "''");
// mode is edit or add
string sMode = oAsset[6].ToString();
string sCredentialID = oAsset[7].ToString();
string sCredUsername = oAsset[8].ToString().Replace("'", "''");
string sCredPassword = oAsset[9].ToString().Replace("'", "''");
string sShared = oAsset[10].ToString();
string sCredentialName = oAsset[11].ToString().Replace("'", "''");
string sCredentialDescr = oAsset[12].ToString().Replace("'", "''");
string sDomain = oAsset[13].ToString().Replace("'", "''");
string sCredentialType = oAsset[14].ToString();
string sAssetStatus = oAsset[15].ToString();
string sPrivilegedPassword = oAsset[16].ToString();
string sTagArray = oAsset[17].ToString();
string sConnString = oAsset[18].ToString().Replace("'", "''");
// for logging
string sOriginalAssetName = "";
string sOriginalPort = "";
string sOriginalDbName = "";
string sOriginalAddress = "";
string sOriginalConnectionType = "";
string sOriginalUserName = "";
string sOriginalConnString = "";
string sOriginalCredentialID = "";
string sOriginalAssetStatus = "";
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
//if we are editing get the original values
//this is getting original values for logging purposes
if (sMode == "edit")
{
DataRow dr = null;
sSql = "select a.asset_name, a.asset_status, a.port, a.db_name, a.address, a.db_name, a.connection_type, a.conn_string, ac.username, a.credential_id," +
" case when a.is_connection_system = '1' then 'Yes' else 'No' end as is_connection_system " +
" from asset a " +
" left outer join asset_credential ac on ac.credential_id = a.credential_id " +
" where a.asset_id = '" + sAssetID + "'";
if (!dc.sqlGetDataRow(ref dr, sSql, ref sErr))
{
throw new Exception(sErr);
}
else
{
if (dr != null)
{
sOriginalAssetName = dr["asset_name"].ToString();
sOriginalPort = (object.ReferenceEquals(dr["port"], DBNull.Value) ? "" : dr["port"].ToString());
sOriginalDbName = (object.ReferenceEquals(dr["db_name"], DBNull.Value) ? "" : dr["db_name"].ToString());
sOriginalAddress = (object.ReferenceEquals(dr["address"], DBNull.Value) ? "" : dr["address"].ToString());
sOriginalConnectionType = (object.ReferenceEquals(dr["connection_type"], DBNull.Value) ? "" : dr["connection_type"].ToString());
sOriginalUserName = (object.ReferenceEquals(dr["username"], DBNull.Value) ? "" : dr["username"].ToString());
sOriginalConnString = (object.ReferenceEquals(dr["conn_string"], DBNull.Value) ? "" : dr["conn_string"].ToString());
sOriginalCredentialID = (object.ReferenceEquals(dr["credential_id"], DBNull.Value) ? "" : dr["credential_id"].ToString());
sOriginalAssetStatus = dr["asset_status"].ToString();
}
}
}
//NOTE NOTE NOTE!
//the following is a catch 22.
//if we're adding a new asset, we will need to figure out the credential first so we can save the credential id on the asset
//but if it's a new local credential, it gets the asset id as it's name.
//so.........
//if it's a new asset, go ahead and get the new guid for it here so the credential add will work.
if (sMode == "add")
{
sAssetID = ui.NewGUID();
}
//and move on...
// there are three CredentialType's
// 1) 'selected' = user selected a different credential, just save the credential_id
// 2) 'new' = user created a new shared or local credential
// 3) 'existing' = same credential, just update the username,description ad password
string sPriviledgedPasswordUpdate = null;
if (sCredentialType == "new")
{
if (sPrivilegedPassword.Length == 0)
{
sPriviledgedPasswordUpdate = "NULL";
}
else
{
sPriviledgedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'";
}
//if it's a local credential, the credential_name is the asset_id.
//if it's shared, there will be a name.
if (sShared == "1")
{
sCredentialName = sAssetID;
//whack and add - easiest way to avoid conflicts
sSql = "delete from asset_credential where credential_name = '" + sCredentialName + "' and shared_or_local = '1'";
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
{
throw new Exception(sErr);
}
}
//now we're clear to add
sCredentialID = "'" + ui.NewGUID() + "'";
sSql = "insert into asset_credential " +
"(credential_id,credential_name,username,password,domain,shared_or_local,shared_cred_desc,privileged_password) " +
"values (" + sCredentialID + ",'" + sCredentialName + "','" + sCredUsername + "','" + dc.EnCrypt(sCredPassword) + "','" + sDomain + "','" + sShared + "','" + sCredentialDescr + "'," + sPriviledgedPasswordUpdate + ")";
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
{
if (sErr == "key_violation")
{
throw new Exception("A Credential with that name already exists. Please select another name.");
}
else
{
throw new Exception(sErr);
}
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sCredentialName, "");
}
else if (sCredentialType == "existing")
{
sCredentialID = "'" + sCredentialID + "'";
// bugzilla 1126 if the password has not changed leave it as is.
string sPasswordUpdate = null;
if (sCredPassword == "($%#d@x!&")
{
// password has not been touched
sPasswordUpdate = "";
}
else
{
// updated password
sPasswordUpdate = ",password = '******'";
}
// bugzilla 1260
// same for privileged_password
if (sPrivilegedPassword == "($%#d@x!&")
{
// password has not been touched
sPriviledgedPasswordUpdate = "";
}
else
{
// updated password
// bugzilla 1352 priviledged password can be blank, so if it is, set it to null
if (sPrivilegedPassword.Length == 0)
{
sPriviledgedPasswordUpdate = ",privileged_password = null";
}
else
{
sPriviledgedPasswordUpdate = ",privileged_password = '******'";
}
}
sSql = "update asset_credential " +
"set username = '******'" + sPasswordUpdate + sPriviledgedPasswordUpdate + ",domain = '" + sDomain + "'," +
"shared_or_local = '" + sShared + "',shared_cred_desc = '" + sCredentialDescr + "'" +
"where credential_id = " + sCredentialID;
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
{
throw new Exception(sErr);
}
// add security log
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + "Changed credential", sOriginalUserName, sCredUsername);
}
else
{
// user selected a shared credential
// remove the local credential if one exists
if (sOriginalCredentialID.Length > 0)
{
sSql = "delete from asset_credential where credential_id = '" + sOriginalCredentialID + "' and shared_or_local = '1'";
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
{
throw new Exception(sErr);
}
// add security log
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Credential deleted" + sOriginalCredentialID + " " + sOriginalUserName);
}
sCredentialID = "'" + sCredentialID + "'";
}
// checks that cant be done on the client side
// is the name unique?
string sInuse = "";
if (sMode == "edit")
{
sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' and asset_id <> '" + sAssetID + "' limit 1";
}
else
{
sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' limit 1";
}
if (!dc.sqlGetSingleString(ref sInuse, sSql, ref sErr))
{
throw new Exception(sErr);
}
else
if (!string.IsNullOrEmpty(sInuse))
{
return("Asset Name '" + sAssetName + "' already in use, choose another." + sAssetID);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
if (sMode == "edit")
{
sSql = "update asset set asset_name = '" + sAssetName + "'," +
" asset_status = '" + sAssetStatus + "'," +
" address = '" + sAddress + "'" + "," +
" conn_string = '" + sConnString + "'" + "," +
" db_name = '" + sDbName + "'," +
" port = " + (sPort == "" ? "NULL" : "'" + sPort + "'") + "," +
" connection_type = '" + sConnectionType + "'," +
" is_connection_system = '" + (sIsConnection == "Yes" ? 1 : 0) + "'," +
" credential_id = " + sCredentialID +
" where asset_id = '" + sAssetID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
else
{
sSql = "insert into asset (asset_id,asset_name,asset_status,address,conn_string,db_name,port,connection_type,is_connection_system,credential_id)" +
" values (" +
"'" + sAssetID + "'," +
"'" + sAssetName + "'," +
"'" + sAssetStatus + "'," +
"'" + sAddress + "'," +
"'" + sConnString + "'," +
"'" + sDbName + "'," +
(sPort == "" ? "NULL" : "'" + sPort + "'") + "," +
"'" + sConnectionType + "'," +
"'0'," +
sCredentialID + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
#region "tags"
// remove the existing tags
sSql = "delete from object_tags where object_id = '" + sAssetID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
// add user groups, if there are any
if (sTagArray.Length > 0)
{
ArrayList aTags = new ArrayList(sTagArray.Split(','));
foreach (string sTagName in aTags)
{
sSql = "insert object_tags (object_id, object_type, tag_name)" +
" values ('" + sAssetID + "', 2, '" + sTagName + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
#endregion
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
//--------------------------------------------------------------------------------------------------
// NOTE! too many if edit... probably need to just make 2 functions, update asset, and create asset
//--------------------------------------------------------------------------------------------------
// add security log
// since this is not handled as a page postback, theres no "Viewstate" settings
// so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the
// update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here
if (sMode == "edit")
{
string sOrigCredUsername = GetCredentialNameFromID(sOriginalCredentialID.Replace("'", "")).ToString();
string sCurrentCredUsername = GetCredentialNameFromID(sCredentialID.Replace("'", "")).ToString();
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Name", sOriginalAssetName, sAssetName);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Address", sOriginalAddress, sAddress);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Port", sOriginalPort, sPort);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " DB Name", sOriginalDbName, sDbName);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Connection Type", sOriginalConnectionType, sConnectionType);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Credential", sOrigCredUsername, sCurrentCredUsername);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Status", sOriginalAssetStatus, sAssetStatus);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " ConnString", sOriginalConnString, sConnString);
}
else
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Asset Created");
}
// no errors to here, so return an empty string
return("");
}
public static string DeleteAssets(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
ArrayList arrList = new ArrayList();
arrList.AddRange(sDeleteArray.Split(','));
if (sDeleteArray.Length < 36)
{
return("");
}
StringBuilder sbAssetIDString = new StringBuilder();
StringBuilder sbAssetsCantDelete = new StringBuilder();
foreach (string sAssetID in arrList)
{
if (sAssetID.Length == 36)
{
// what about the instance tables?????
// bugzilla 1290 Assets that have history (task_instance table) can not be deleted
// exclude them from the list and return a message noting the asset(s) that could not be deleted
// check if this asset has any history rows.
sSql = "select count(*) from tv_task_instance where asset_id = '" + sAssetID + "'";
int iHistory = 0;
if (!dc.sqlGetSingleInteger(ref iHistory, sSql, ref sErr))
{
throw new Exception(sErr);
}
// if there is no history add this to the delete list,
// otherwise add the task id to the non delete list
if (iHistory == 0)
{
sbAssetIDString.Append("'" + sAssetID + "',");
}
else
{
sbAssetsCantDelete.Append("'" + sAssetID + "',");
};
}
}
// trim the trailing ,
if (sbAssetsCantDelete.ToString().Length > 2)
{
sbAssetsCantDelete.Remove(sbAssetsCantDelete.Length - 1, 1);
}
;
if (sbAssetIDString.ToString().Length > 2)
{
// delete from these tables:
// asset, asset_credential (if the credential is local).
// trim the trailing ,
sbAssetIDString.Remove(sbAssetIDString.Length - 1, 1);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// delete asset_credential
sSql = "delete from asset_credential" +
" where shared_or_local = 1" +
" and credential_id in (select credential_id from asset where asset_id in (" + sbAssetIDString.ToString() + "))";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
// delete asset
sSql = "delete from asset where asset_id in (" + sbAssetIDString.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
// add security log
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sbAssetIDString.ToString(), "Batch Asset Delete", "Deleted Assets in batch mode");
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
;
// if some did not get deleted return a message.
if (sbAssetsCantDelete.Length > 2)
{
string sTaskNames = "";
sSql = "select asset_name from asset where asset_id in (" + sbAssetsCantDelete.ToString() + ")";
if (!dc.csvGetList(ref sTaskNames, sSql, ref sErr, true))
{
throw new Exception(sErr);
}
return("Asset deletion completed. Asset(s) (" + sTaskNames + ") could not be deleted because history rows exist.");
}
else
{
return(sErr);
}
}
public static string SaveCloud(string sMode, string sCloudID, string sCloudName, string sProvider, string sAPIUrl)
{
// for logging
string sOriginalName = null;
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
//if we are editing get the original values
if (sMode == "edit")
{
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
sSql = "select cloud_name from clouds " +
"where cloud_id = '" + sCloudID + "'";
if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr))
{
throw new Exception("Error getting original cloud name:" + sErr);
}
sSql = "update clouds set" +
" cloud_name = '" + sCloudName + "'," +
" provider = '" + sProvider + "'," +
" api_url = '" + sAPIUrl + "'" +
" where cloud_id = '" + sCloudID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error updating cloud: " + sErr);
}
ui.WriteObjectChangeLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, sOriginalName, sCloudName);
}
else
{
sCloudID = ui.NewGUID();
sSql = "insert into clouds (cloud_id, cloud_name, provider, api_url)" +
" values ('" + sCloudID + "'," +
"'" + sCloudName + "'," +
"'" + sProvider + "'," +
"'" + sAPIUrl + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error creating cloud: " + sErr);
}
ui.WriteObjectAddLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, "Cloud Created");
}
oTrans.Commit();
//update the cloud providers class in the session
CloudProviders cp = ui.GetCloudProviders();
cp[sProvider].RefreshClouds();
ui.UpdateCloudProviders(cp);
}
catch (Exception ex)
{
throw new Exception("Error: General Exception: " + ex.Message);
}
// no errors to here, so return an empty string
return("{'cloud_id':'" + sCloudID + "'}");
}
public string wmCreateTask(object[] oObj)
{
try
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
// we are passing in 8 elements, if we have 8 go
//if (oObj.Length != 8) return "Incorrect list of attributes";
string sTaskName = oObj[0].ToString().Replace("'", "''").Trim();
string sTaskCode = oObj[1].ToString().Replace("'", "''").Trim();
string sTaskDesc = oObj[2].ToString().Replace("'", "''").Trim();
//string sTaskOrder = "";
//if (oObj.Length > 4)
// sTaskOrder = oObj[4].ToString().Trim();
// checks that cant be done on the client side
// is the name unique?
sSql = "select task_id from task " +
" where (task_code = '" + sTaskCode + "' or task_name = '" + sTaskName + "')";
string sValueExists = "";
if (!dc.sqlGetSingleString(ref sValueExists, sSql, ref sErr))
{
throw new Exception("Unable to check for existing names." + sErr);
}
if (sValueExists != "")
{
return "Another Task with that Code or Name exists, please choose another value.";
}
// passed client and server validations, create the user
string sNewID = ui.NewGUID();
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// all good, save the new user and redirect to the user edit page.
sSql = "insert task" +
" (task_id, original_task_id, version, default_version," +
" task_name, task_code, task_desc, created_dt)" +
" values " +
"('" + sNewID + "', '" + sNewID + "', 1.0000, 1, '" +
sTaskName + "', '" + sTaskCode + "', '" + sTaskDesc + "', now())";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
// every task gets a MAIN codeblock... period.
sSql = "insert task_codeblock (task_id, codeblock_name)" +
" values ('" + sNewID + "', 'MAIN')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception("Error updating the DB." + ex.Message);
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewID, sTaskName, "");
// success, return the new task_id
return "task_id=" + sNewID;
}
catch (Exception ex)
{
throw new Exception("One or more invalid or missing AJAX arguments." + ex.Message);
}
}
public void wmToggleStep(string sStepID, string sVisible)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
sVisible = (sVisible == "1" ? "1" : "0");
try
{
if (ui.IsGUID(sStepID))
{
string sErr = "";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
string sUserID = ui.GetSessionUserID();
//is there a row?
int iRowCount = 0;
dc.sqlGetSingleInteger(ref iRowCount, "select count(*) from task_step_user_settings" +
" where user_id = '" + sUserID + "'" +
" and step_id = '" + sStepID + "'", ref sErr);
if (iRowCount == 0)
{
oTrans.Command.CommandText = "insert into task_step_user_settings" +
" (user_id, step_id, visible, breakpoint, skip)" +
" values ('" + sUserID + "','" + sStepID + "', " + sVisible + ", 0, 0)";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to toggle step (0) [" + sStepID + "]." + sErr);
}
else
{
oTrans.Command.CommandText = " update task_step_user_settings set visible = '" + sVisible + "'" +
" where step_id = '" + sStepID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to toggle step (1) [" + sStepID + "]." + sErr);
}
oTrans.Commit();
return;
}
else
{
throw new Exception("Unable to toggle step. Missing or invalid step_id.");
}
}
catch (Exception ex)
{
throw ex;
}
}
public string wmRenameCodeblock(string sTaskID, string sOldCodeblockName, string sNewCodeblockName)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
FunctionTemplates.HTMLTemplates ft = new FunctionTemplates.HTMLTemplates();
try
{
if (ui.IsGUID(sTaskID))
{
// first make sure we are not trying to rename it something that already exists.
string sErr = "";
string sSQL = "select count(*) from task_codeblock where task_id = '" + sTaskID + "'" +
" and codeblock_name = '" + sNewCodeblockName + "'";
int iCount = 0;
if (!dc.sqlGetSingleInteger(ref iCount, sSQL, ref sErr))
{
throw new Exception("Unable to check codeblock names for task." + sErr);
}
if (iCount != 0)
{
return ("Codeblock Name already in use, choose another.");
}
// do it
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//update the codeblock table
sSQL = "update task_codeblock set codeblock_name = '" + sNewCodeblockName +
"' where codeblock_name = '" + sOldCodeblockName +
"' and task_id = '" + sTaskID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//and any steps in that codeblock
sSQL = "update task_step set codeblock_name = '" + sNewCodeblockName +
"' where codeblock_name = '" + sOldCodeblockName +
"' and task_id = '" + sTaskID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//the fun part... rename it where it exists in any steps
//but this must be in a loop of only the steps where that codeblock reference exists.
sSQL = "select step_id from task_step" +
" where task_id = '" + sTaskID + "'" +
" and ExtractValue(function_xml, '//codeblock[1]') = '" + sOldCodeblockName + "'";
oTrans.Command.CommandText = sSQL;
DataTable dtSteps = new DataTable();
if (!oTrans.ExecGetDataTable(ref dtSteps, ref sErr))
{
throw new Exception("Unable to get steps referencing the Codeblock." + sErr);
}
foreach (DataRow dr in dtSteps.Rows)
{
ft.SetNodeValueinXMLColumn("task_step", "function_xml", "step_id = '" + dr["step_id"].ToString() + "'", "//codeblock[. = '" + sOldCodeblockName + "']", sNewCodeblockName);
}
//all done
oTrans.Commit();
return sErr;
}
else
{
throw new Exception("Unable to get codeblocks for task. Missing or invalid task_id.");
}
}
catch (Exception ex)
{
throw ex;
}
}
public static string SaveAsset(object[] oAsset)
{
// check the # of elements in the array
if (oAsset.Length != 19) return "Incorrect number of Asset Properties:" + oAsset.Length.ToString();
string sAssetID = oAsset[0].ToString();
string sAssetName = oAsset[1].ToString().Replace("'", "''");
string sDbName = oAsset[2].ToString().Replace("'", "''");
string sPort = oAsset[3].ToString();
string sConnectionType = oAsset[4].ToString();
string sIsConnection = "0"; // oAsset[5].ToString();
string sAddress = oAsset[5].ToString().Replace("'", "''");
// mode is edit or add
string sMode = oAsset[6].ToString();
string sCredentialID = oAsset[7].ToString();
string sCredUsername = oAsset[8].ToString().Replace("'", "''");
string sCredPassword = oAsset[9].ToString().Replace("'", "''");
string sShared = oAsset[10].ToString();
string sCredentialName = oAsset[11].ToString().Replace("'", "''");
string sCredentialDescr = oAsset[12].ToString().Replace("'", "''");
string sDomain = oAsset[13].ToString().Replace("'", "''");
string sCredentialType = oAsset[14].ToString();
string sAssetStatus = oAsset[15].ToString();
string sPrivilegedPassword = oAsset[16].ToString();
string sTagArray = oAsset[17].ToString();
string sConnString = oAsset[18].ToString().Replace("'", "''");
// for logging
string sOriginalAssetName = "";
string sOriginalPort = "";
string sOriginalDbName = "";
string sOriginalAddress = "";
string sOriginalConnectionType = "";
string sOriginalUserName = "";
string sOriginalConnString = "";
string sOriginalCredentialID = "";
string sOriginalAssetStatus = "";
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
//if we are editing get the original values
//this is getting original values for logging purposes
if (sMode == "edit")
{
DataRow dr = null;
sSql = "select a.asset_name, a.asset_status, a.port, a.db_name, a.address, a.db_name, a.connection_type, a.conn_string, ac.username, a.credential_id," +
" case when a.is_connection_system = '1' then 'Yes' else 'No' end as is_connection_system " +
" from asset a " +
" left outer join asset_credential ac on ac.credential_id = a.credential_id " +
" where a.asset_id = '" + sAssetID + "'";
if (!dc.sqlGetDataRow(ref dr, sSql, ref sErr))
throw new Exception(sErr);
else
{
if (dr != null)
{
sOriginalAssetName = dr["asset_name"].ToString();
sOriginalPort = (object.ReferenceEquals(dr["port"], DBNull.Value) ? "" : dr["port"].ToString());
sOriginalDbName = (object.ReferenceEquals(dr["db_name"], DBNull.Value) ? "" : dr["db_name"].ToString());
sOriginalAddress = (object.ReferenceEquals(dr["address"], DBNull.Value) ? "" : dr["address"].ToString());
sOriginalConnectionType = (object.ReferenceEquals(dr["connection_type"], DBNull.Value) ? "" : dr["connection_type"].ToString());
sOriginalUserName = (object.ReferenceEquals(dr["username"], DBNull.Value) ? "" : dr["username"].ToString());
sOriginalConnString = (object.ReferenceEquals(dr["conn_string"], DBNull.Value) ? "" : dr["conn_string"].ToString());
sOriginalCredentialID = (object.ReferenceEquals(dr["credential_id"], DBNull.Value) ? "" : dr["credential_id"].ToString());
sOriginalAssetStatus = dr["asset_status"].ToString();
}
}
}
//NOTE NOTE NOTE!
//the following is a catch 22.
//if we're adding a new asset, we will need to figure out the credential first so we can save the credential id on the asset
//but if it's a new local credential, it gets the asset id as it's name.
//so.........
//if it's a new asset, go ahead and get the new guid for it here so the credential add will work.
if (sMode == "add")
sAssetID = ui.NewGUID();
//and move on...
// there are three CredentialType's
// 1) 'selected' = user selected a different credential, just save the credential_id
// 2) 'new' = user created a new shared or local credential
// 3) 'existing' = same credential, just update the username,description ad password
string sPriviledgedPasswordUpdate = null;
if (sCredentialType == "new")
{
if (sPrivilegedPassword.Length == 0)
sPriviledgedPasswordUpdate = "NULL";
else
sPriviledgedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'";
//if it's a local credential, the credential_name is the asset_id.
//if it's shared, there will be a name.
if (sShared == "1")
{
sCredentialName = sAssetID;
//whack and add - easiest way to avoid conflicts
sSql = "delete from asset_credential where credential_name = '" + sCredentialName + "' and shared_or_local = '1'";
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
throw new Exception(sErr);
}
//now we're clear to add
sCredentialID = "'" + ui.NewGUID() + "'";
sSql = "insert into asset_credential " +
"(credential_id,credential_name,username,password,domain,shared_or_local,shared_cred_desc,privileged_password) " +
"values (" + sCredentialID + ",'" + sCredentialName + "','" + sCredUsername + "','" + dc.EnCrypt(sCredPassword) + "','" + sDomain + "','" + sShared + "','" + sCredentialDescr + "'," + sPriviledgedPasswordUpdate + ")";
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
{
if (sErr == "key_violation")
throw new Exception("A Credential with that name already exists. Please select another name.");
else
throw new Exception(sErr);
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sCredentialName, "");
}
else if (sCredentialType == "existing")
{
sCredentialID = "'" + sCredentialID + "'";
// bugzilla 1126 if the password has not changed leave it as is.
string sPasswordUpdate = null;
if (sCredPassword == "($%#d@x!&")
// password has not been touched
sPasswordUpdate = "";
else
// updated password
sPasswordUpdate = ",password = '******'";
// bugzilla 1260
// same for privileged_password
if (sPrivilegedPassword == "($%#d@x!&")
// password has not been touched
sPriviledgedPasswordUpdate = "";
else
{
// updated password
// bugzilla 1352 priviledged password can be blank, so if it is, set it to null
if (sPrivilegedPassword.Length == 0)
sPriviledgedPasswordUpdate = ",privileged_password = null";
else
sPriviledgedPasswordUpdate = ",privileged_password = '******'";
}
sSql = "update asset_credential " +
"set username = '******'" + sPasswordUpdate + sPriviledgedPasswordUpdate + ",domain = '" + sDomain + "'," +
"shared_or_local = '" + sShared + "',shared_cred_desc = '" + sCredentialDescr + "'" +
"where credential_id = " + sCredentialID;
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
throw new Exception(sErr);
// add security log
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + "Changed credential", sOriginalUserName, sCredUsername);
}
else
{
// user selected a shared credential
// remove the local credential if one exists
if (sOriginalCredentialID.Length > 0)
{
sSql = "delete from asset_credential where credential_id = '" + sOriginalCredentialID + "' and shared_or_local = '1'";
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
throw new Exception(sErr);
// add security log
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Credential deleted" + sOriginalCredentialID + " " + sOriginalUserName);
}
sCredentialID = "'" + sCredentialID + "'";
}
// checks that cant be done on the client side
// is the name unique?
string sInuse = "";
if (sMode == "edit")
sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' and asset_id <> '" + sAssetID + "' limit 1";
else
sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' limit 1";
if (!dc.sqlGetSingleString(ref sInuse, sSql, ref sErr))
throw new Exception(sErr);
else
if (!string.IsNullOrEmpty(sInuse))
return "Asset Name '" + sAssetName + "' already in use, choose another." + sAssetID;
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
if (sMode == "edit")
{
sSql = "update asset set asset_name = '" + sAssetName + "'," +
" asset_status = '" + sAssetStatus + "'," +
" address = '" + sAddress + "'" + "," +
" conn_string = '" + sConnString + "'" + "," +
" db_name = '" + sDbName + "'," +
" port = " + (sPort == "" ? "NULL" : "'" + sPort + "'") + "," +
" connection_type = '" + sConnectionType + "'," +
" is_connection_system = '" + (sIsConnection == "Yes" ? 1 : 0) + "'," +
" credential_id = " + sCredentialID +
" where asset_id = '" + sAssetID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
else
{
sSql = "insert into asset (asset_id,asset_name,asset_status,address,conn_string,db_name,port,connection_type,is_connection_system,credential_id)" +
" values (" +
"'" + sAssetID + "'," +
"'" + sAssetName + "'," +
"'" + sAssetStatus + "'," +
"'" + sAddress + "'," +
"'" + sConnString + "'," +
"'" + sDbName + "'," +
(sPort == "" ? "NULL" : "'" + sPort + "'") + "," +
"'" + sConnectionType + "'," +
"'0'," +
sCredentialID + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
#region "tags"
// remove the existing tags
sSql = "delete from object_tags where object_id = '" + sAssetID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
// add user groups, if there are any
if (sTagArray.Length > 0)
{
ArrayList aTags = new ArrayList(sTagArray.Split(','));
foreach (string sTagName in aTags)
{
sSql = "insert object_tags (object_id, object_type, tag_name)" +
" values ('" + sAssetID + "', 2, '" + sTagName + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
#endregion
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
//--------------------------------------------------------------------------------------------------
// NOTE! too many if edit... probably need to just make 2 functions, update asset, and create asset
//--------------------------------------------------------------------------------------------------
// add security log
// since this is not handled as a page postback, theres no "Viewstate" settings
// so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the
// update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here
if (sMode == "edit")
{
string sOrigCredUsername = GetCredentialNameFromID(sOriginalCredentialID.Replace("'", "")).ToString();
string sCurrentCredUsername = GetCredentialNameFromID(sCredentialID.Replace("'", "")).ToString();
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Name", sOriginalAssetName, sAssetName);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Address", sOriginalAddress, sAddress);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Port", sOriginalPort, sPort);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " DB Name", sOriginalDbName, sDbName);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Connection Type", sOriginalConnectionType, sConnectionType);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Credential", sOrigCredUsername, sCurrentCredUsername);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Status", sOriginalAssetStatus, sAssetStatus);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " ConnString", sOriginalConnString, sConnString);
}
else
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Asset Created");
}
// no errors to here, so return an empty string
return "";
}
public static string SaveAccount(string sMode, string sAccountID, string sAccountName, string sAccountNumber, string sProvider,
string sLoginID, string sLoginPassword, string sLoginPasswordConfirm, string sIsDefault, string sAutoManageSecurity)
{
// for logging
string sOriginalName = "";
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = "";
string sErr = "";
//if we are editing get the original values
if (sMode == "edit")
{
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
sSql = "select account_name from cloud_account " +
"where account_id = '" + sAccountID + "'";
if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr))
{
throw new Exception("Error getting original account name:" + sErr);
}
// only update the passwword if it has changed
string sNewPassword = "";
if (sLoginPassword != "($%#d@x!&")
{
sNewPassword = "******" + dc.EnCrypt(sLoginPassword) + "'";
}
sSql = "update cloud_account set" +
" account_name = '" + sAccountName + "'," +
" account_number = '" + sAccountNumber + "'," +
" provider = '" + sProvider + "'," +
" is_default = '" + sIsDefault + "'," +
" auto_manage_security = '" + sAutoManageSecurity + "'," +
" login_id = '" + sLoginID + "'" +
sNewPassword +
" where account_id = '" + sAccountID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error updating account: " + sErr);
}
ui.WriteObjectChangeLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, sOriginalName, sAccountName);
}
else
{
//now, for some reason we were having issues with the initial startup of apache
//not able to perform the very first database hit.
//this line serves as an inital db hit, but we aren't trapping it or showing the error
dc.TestDBConnection(ref sErr);
//if there are no rows yet, make this one the default even if the box isn't checked.
if (sIsDefault == "0")
{
int iExists = -1;
sSql = "select count(*) as cnt from cloud_account";
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
System.Threading.Thread.Sleep(300);
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
System.Threading.Thread.Sleep(300);
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
throw new Exception("Unable to count Cloud Accounts: " + sErr);
}
}
}
if (iExists == 0)
{
sIsDefault = "1";
}
}
sAccountID = ui.NewGUID();
sSql = "insert into cloud_account (account_id, account_name, account_number, provider, is_default, login_id, login_password, auto_manage_security)" +
" values ('" + sAccountID + "'," +
"'" + sAccountName + "'," +
"'" + sAccountNumber + "'," +
"'" + sProvider + "'," +
"'" + sIsDefault + "'," +
"'" + sLoginID + "'," +
"'" + dc.EnCrypt(sLoginPassword) + "'," +
"'" + sAutoManageSecurity + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error creating account: " + sErr);
}
ui.WriteObjectAddLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, "Account Created");
}
//if "default" was selected, unset all the others
if (dc.IsTrue(sIsDefault))
{
oTrans.Command.CommandText = "update cloud_account set is_default = 0 where account_id <> '" + sAccountID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error updating defaults: " + sErr);
}
}
oTrans.Commit();
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
{
throw new Exception("Error refreshing accounts in session: " + sErr);
}
}
catch (Exception ex)
{
throw new Exception("Error: General Exception: " + ex.Message);
}
// no errors to here, so return an empty string
return("{'account_id':'" + sAccountID + "', 'account_name':'" + sAccountName + "', 'provider':'" + sProvider + "'}");
}
public static string SaveCredential(object[] oAsset)
{
// we are passing in 16 elements, if we have 16 go
if (oAsset.Length != 8)
{
return("Incorrect list of attributes:" + oAsset.Length.ToString());
}
string sCredentialID = oAsset[0].ToString();
string sCredentialName = oAsset[1].ToString().Replace("'", "''");
string sUserName = oAsset[2].ToString().Replace("'", "''");
string sCredentialDesc = oAsset[3].ToString().Replace("'", "''");
string sPassword = oAsset[4].ToString();
string sDomain = oAsset[5].ToString();
string sMode = oAsset[6].ToString();
string sPrivilegedPassword = oAsset[7].ToString();
// for logging
string sOriginalUserName = null;
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
//if we are editing get the original values
if (sMode == "edit")
{
sSql = "select username from asset_credential " +
"where credential_id = '" + sCredentialID + "'";
if (!dc.sqlGetSingleString(ref sOriginalUserName, sSql, ref sErr))
{
throw new Exception(sErr);
}
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
// only update the passwword if it has changed
string sNewPassword = "";
if (sPassword != "($%#d@x!&")
{
sNewPassword = "******" + dc.EnCrypt(sPassword) + "'";
}
// bugzilla 1260
// same for privileged_password
string sPriviledgedPasswordUpdate = null;
if (sPrivilegedPassword == "($%#d@x!&")
{
// password has not been touched
sPriviledgedPasswordUpdate = "";
}
else
{
// updated password
sPriviledgedPasswordUpdate = ",privileged_password = '******'";
}
sSql = "update asset_credential set" +
" credential_name = '" + sCredentialName + "'," +
" username = '******'," +
" domain = '" + sDomain.Replace("'", "''") + "'," +
" shared_cred_desc = '" + sCredentialDesc + "'" +
sNewPassword +
sPriviledgedPasswordUpdate +
" where credential_id = '" + sCredentialID + "'";
}
else
{
// if the priviledged password is empty just set it to null
string sPrivilegedPasswordUpdate = "NULL";
if (sPrivilegedPassword.Length != 0)
{
sPrivilegedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'";
}
;
sSql = "insert into asset_credential (credential_id, credential_name, username, password, domain, shared_cred_desc, shared_or_local, privileged_password)" +
" values (" + "'" + ui.NewGUID() + "'," +
"'" + sCredentialName.Replace("'", "''") + "'," +
"'" + sUserName.Replace("'", "''") + "'," +
"'" + dc.EnCrypt(sPassword) + "'," +
"'" + sDomain.Replace("'", "''") + "'," +
"'" + sCredentialDesc.Replace("'", "''") + "'," +
"'0'," + sPrivilegedPasswordUpdate + ")";
}
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
if (sErr == "key_violation")
{
throw new Exception("A Credential with that name already exists. Please select another name.");
}
else
{
throw new Exception(sErr);
}
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
// since this is not handled as a page postback, theres no "Viewstate" settings
// so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the
// update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here
if (sMode == "edit")
{
ui.WriteObjectChangeLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), sOriginalUserName, sUserName.Replace("'", "''"));
}
else
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), "Credential Created");
}
// no errors to here, so return an empty string
return("");
}
private void DeleteCodeblock(string sCodeblockID)
{
try
{
string sErr = "";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//first, delete any steps that are embedded content on steps in this codeblock
//(because embedded steps have their parent step_id as the codeblock name.)
oTrans.Command.CommandText = "delete em from task_step em" +
" join task_step p on em.task_id = p.task_id" +
" and em.codeblock_name = p.step_id" +
" where p.task_id = '" + sTaskID + "'" +
" and p.codeblock_name = '" + sCodeblockID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
ui.RaiseError(Page, "Unable to delete embedded Steps from Codeblock.", true, sErr);
return;
}
oTrans.Command.CommandText = "delete u from task_step_user_settings u" +
" join task_step ts on u.step_id = ts.step_id" +
" where ts.task_id = '" + sTaskID + "'" +
" and ts.codeblock_name = '" + sCodeblockID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
ui.RaiseError(Page, "Unable to delete Steps user settings for Steps in Codeblock.", true, sErr);
return;
}
oTrans.Command.CommandText = "delete from task_step" +
" where task_id = '" + sTaskID + "'" +
" and codeblock_name = '" + sCodeblockID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
ui.RaiseError(Page, "Unable to delete Steps from Codeblock.", true, sErr);
return;
}
oTrans.Command.CommandText = "delete from task_codeblock" +
" where task_id = '" + sTaskID + "'" +
" and codeblock_name = '" + sCodeblockID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
ui.RaiseError(Page, "Unable to delete Codeblock.", true, sErr);
return;
}
oTrans.Commit();
if (!GetCodeblocks(ref sErr))
{
ui.RaiseError(Page, "Warning. Successfully deleted the Codeblock" +
" but there was an error refreshing the page. Please reload the page manually. " + sErr, true, "");
return;
}
if (!GetSteps("MAIN", ref sErr))
{
ui.RaiseError(Page, "Warning. Successfully deleted the Codeblock" +
" but there was an error refreshing the page. Please reload the page manually. " + sErr, true, "");
return;
}
udpSteps.Update();
}
catch (Exception ex)
{
ui.RaiseError(Page, "Exception:", true, ex.Message);
}
}
public static string SaveDomain(object[] oAsset)
{
// we are passing in 4 elements, if we have 16 go
if (oAsset.Length != 4) return "Incorrect list of attributes:" + oAsset.Length.ToString();
string sEditDomain = oAsset[0].ToString();
string sDomain = oAsset[1].ToString().Replace("'", "''");
string sAddress = oAsset[2].ToString().Replace("'", "''");
string sMode = oAsset[3].ToString();
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
// before updating or adding make sure the domain name is available
if (sEditDomain != sDomain)
{
try
{
sSql = "select ldap_domain from ldap_domain where ldap_domain = '" + sDomain + "'";
string sDomainExists = "";
if (!dc.sqlGetSingleString(ref sDomainExists, sSql, ref sErr))
{
throw new Exception(sErr);
}
else
{
if (!string.IsNullOrEmpty(sDomainExists))
{
return "Domain name exists, choose another name.";
}
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
// if the domain name changed update all of the asset_credential's using this domain
if (sDomain != sEditDomain){
sSql = "update asset_credential set domain = '" + sDomain + "' where domain = '" + sEditDomain + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
sSql = "update ldap_domain set ldap_domain = '" + sDomain + "'," + "address = '" + sAddress + "' where ldap_domain = '" + sEditDomain + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
else
{
sSql = "insert into ldap_domain (ldap_domain,address)" +
" values ('" + sDomain + "'," +
"'" + sAddress + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
if (sMode == "edit")
{
ui.WriteObjectChangeLog(Globals.acObjectTypes.Domain, sEditDomain, sEditDomain, sEditDomain, sDomain);
}
else
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Domain, sDomain, sDomain, "Domain Created");
}
// no errors to here, so return an empty string
return "";
}
private bool ReIDSteps(ref dataAccess.acTransaction oTrans, string sUserID, string sTaskID, ref string sErr)
{
//We join this to task_step on step_id, and only issue new GUID's
//to the rows that are in conflict.
//saves time, and if no steps are in conflict, the imported version is an exact match of the
//exported one.
//( and yes, I realize I did not join task_step on the task_id.
// thats because the step_id is a guid AND the PK on the table. not necessary to check
// it against task_id too.)
oTrans.Command.CommandText = "select its.step_id" +
" from import_task_step its" +
" join task_step ts on its.step_id = ts.step_id" +
" where its.user_id = '" + sUserID + "'" +
" and its.task_id = '" + sTaskID + "'";
DataTable dtSteps = new DataTable();
if (!oTrans.ExecGetDataTable(ref dtSteps, ref sErr))
{
throw new Exception(sErr);
}
if (dtSteps.Rows.Count > 0)
{
foreach (DataRow drSteps in dtSteps.Rows)
{
//update each row by:
//*) getting a new guid
//*) searching for references to the old ID and replacing them
// specifically in function_xml
//*) updating the row with the new guid
string sOrigStepID = drSteps["step_id"].ToString();
string sNewStepID = ui.NewGUID();
//this will update any references in function_xml with
// the new guid of this step
oTrans.Command.CommandText = "update import_task_step" +
" set function_xml = replace(function_xml, '" + sOrigStepID + "', '" + sNewStepID + "')" +
" where ifnull(ExtractValue(function_xml, '(//*[. = ''" + sOrigStepID + "''])'), '') <> ''";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//then finally, we will update the actual step rows with the new id
oTrans.Command.CommandText = "update import_task_step" +
" set step_id = '" + sNewStepID + "'" +
" where step_id = '" + sOrigStepID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
return(true);
}
public bool Import(string sUserID, string sTaskIDs, ref string sErr)
{
string sSQL = "";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//we're doing this in a loop
//why? because each row may have different import requirements
//(overwrite, new version, etc.)
//Now we are adding different import types not necessarily tied to task/proc.
//for now we're still just doing it all here until there's a good reason to split it out
if (sTaskIDs.Length > 0)
{
sSQL = "select task_id, task_code, task_name, import_mode from import_task" +
" where user_id = '" + sUserID + "'" +
" and task_id in (" + sTaskIDs + ")";
DataTable dt = new DataTable();
if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr))
{
throw new Exception(sErr);
}
if (dt.Rows.Count > 0)
{
foreach (DataRow dr in dt.Rows)
{
string sTaskID = dr["task_id"].ToString();
string sNewTaskID = dr["task_id"].ToString();
string sTaskCode = dr["task_code"].ToString();
string sImportMode = dr["import_mode"].ToString();
string sOTID = "";
int iCount = 0;
switch (sImportMode)
{
case "New":
//just jam in the new row, IF there are no GUID conflicts.
//~~~ NEW tasks get manipulated.
//* MIGHT have their ID changed if there's a collision
//* WILL have the original_task_id reset
//* WILL have the version reset to 1.000
//* WILL be loaded as 'Development' status
//* WILL be the default version
//check ID
oTrans.Command.CommandText = "select count(*) from task" +
" where task_id = '" + sTaskID + "'";
if (!oTrans.ExecGetSingleInteger(ref iCount, ref sErr))
{
throw new Exception("Unable to check for GUID conflicts.<br />" + sErr);
}
//if there's a GUID conflict then just generate a new guid for this task.
if (iCount > 0)
{
sNewTaskID = ui.NewGUID();
}
//check the steps to see if there are any GUID conflicts
//and repair them if necessary
if (!ReIDSteps(ref oTrans, sUserID, sTaskID, ref sErr))
{
throw new Exception("Unable to issue new Step GUIDs.<br />" + sErr);
}
//insert the manipulated TASK
oTrans.Command.CommandText = "insert into task" +
" (task_id, original_task_id, version," +
" task_name, task_code, task_desc, task_status," +
" use_connector_system, default_version," +
" concurrent_instances, queue_depth, parameter_xml, created_dt)" +
" select" +
" '" + sNewTaskID + "', '" + sNewTaskID + "', 1.000," +
" task_name, task_code, task_desc, 'Development'," +
" use_connector_system, 1," +
" concurrent_instances, queue_depth, parameter_xml, created_dt" +
" from import_task" +
" where user_id = '" + sUserID + "'" +
" and task_id = '" + sTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "New - Created via Import");
break;
case "New Version":
//if it's a new version, we need to make sure the "original_task_id"
//is correct in the target database.
//(no guarantee the original_id in the source db is correct.)
//just jam in the new row, IF there are no GUID conflicts.
//~~~ NEW VERSION tasks get manipulated.
//* MIGHT have their ID changed if there's a collision
//* MIGHT have the original_task_id reset (to match the target)
//* WILL have the version reset to the user selection
//* WILL be loaded as 'Development' status
//* WILL NOT be the default version
//check ID
oTrans.Command.CommandText = "select count(*) from task" +
" where task_id = '" + sTaskID + "'";
if (!oTrans.ExecGetSingleInteger(ref iCount, ref sErr))
{
throw new Exception("Unable to check for GUID conflicts.<br />" + sErr);
}
//if there's a GUID conflict then just generate a new guid for this task.
//and re-id the steps
if (iCount > 0)
{
sNewTaskID = ui.NewGUID();
}
//check the steps to see if there are any GUID conflicts
//and repair them if necessary
if (!ReIDSteps(ref oTrans, sUserID, sTaskID, ref sErr))
{
throw new Exception("Unable to issue new Step GUIDs.<br />" + sErr);
}
//NOW, we need to make sure this task is connected to it's family
//we do this by ensuring the original_task_id matches.
//BUT, we got here by assuming the task_code was the key.
//so... find the original_task_id for this task_code
oTrans.Command.CommandText = "select original_task_id" +
" from task where task_code = '" + sTaskCode + "' limit 1";
if (!oTrans.ExecGetSingleString(ref sOTID, ref sErr))
{
throw new Exception("Unable to get original task ID for [" + sTaskCode + "].<br />" + sErr);
}
//insert the manipulated TASK
oTrans.Command.CommandText = "insert into task" +
" (task_id, original_task_id, version," +
" task_name, task_code, task_desc, task_status," +
" use_connector_system, default_version," +
" concurrent_instances, queue_depth, parameter_xml, created_dt)" +
" select" +
" '" + sNewTaskID + "', '" + sOTID + "', version," +
" task_name, task_code, task_desc, 'Development'," +
" use_connector_system, 0," +
" concurrent_instances, queue_depth, parameter_xml, created_dt" +
" from import_task" +
" where user_id = '" + sUserID + "'" +
" and task_id = '" + sTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "New Version - Created via Import");
break;
/*
* Note: I stopped here because I'm not convinced that "Overwrite" is a safe or useful
* feature.
*
* So, we'll come back to it if needed.
*
* Be aware, this was pseudocode... it never worked, was just placeholder stuff and ideas.
*/
//case "Overwrite":
// //stomp it, but make sure to set the task_id/original_task_id
// //to match in the target db.
// //just because the code matches doesn't mean the ID's do.
// //we can just UPDATE the task row
// //DON'T FORGET to DELETE the existing steps and codeblocks
// //we need to make sure the "original_task_id"
// //is correct in the target database.
// //(no guarantee the original_id in the source db is correct.)
// //~~~ OVERWRITE tasks get manipulated.
// //* MIGHT have their ID changed to match the code/version being imported
// //* MIGHT have the original_task_id reset (to match the target)
// //* WILL have the version reset to the user selection
// //* WILL be loaded as 'Development' status
// //* MIGHT be the default version (not gonna update that value)
// //NOW, we need to make sure this task is connected to it's family
// //we do this by ensuring the original_task_id matches.
// //BUT, we got here by assuming the task_code was the key.
// //so... find the task AND original_task_id for this task_code
// oTrans.Command.CommandText = "select top 1 task_id" +
// " from task where task_code = '" + sTaskCode + "'";
// if (!oTrans.ExecGetSingleString(ref sNewTaskID, ref sErr))
// throw new Exception("Unable to get task ID for [" + sTaskCode + "].<br />" + sErr);
// oTrans.Command.CommandText = "select top 1 original_task_id" +
// " from task where task_code = '" + sTaskCode + "'";
// if (!oTrans.ExecGetSingleString(ref sOTID, ref sErr))
// throw new Exception("Unable to get original task ID for [" + sTaskCode + "].<br />" + sErr);
// //get a datareader on the import_task row
// sSQL = "select task_desc, manual_or_digital, use_connector_system," +
// " concurrent_instances, queue_depth, parameter_xml, created_dt" +
// " from import_task" +
// " where user_id = '" + sUserID + "'" +
// " and task_id = '" + sTaskID + "'";
// OdbcDataReader drTaskRow = null;
// if (!dc.sqlGetDataReader(ref drTaskRow, sSQL, ref sErr)) return false;
// if (drTaskRow.HasRows)
// {
// //insert the manipulated TASK
// //THIS WAS NEVER TESTED
// oTrans.Command.CommandText = "update task" +
// " set task_desc = ''," +
// " manual_or_digital = ''," +
// " use_connector_system = ''," +
// " concurrent_instances = ''," +
// " queue_depth = ''," +
// " parameter_xml = ''," +
// " created_dt = ''" +
// " select" +
// " '" + sNewTaskID + "', '" + sOTID + "', version," +
// " task_name, task_code, task_desc, 'Development', manual_or_digital," +
// " use_connector_system, 0," +
// " concurrent_instances, queue_depth, parameter_xml, created_dt" +
// " from import_task" +
// " where user_id = '" + sUserID + "'" +
// " and task_id = '" + sTaskID + "'";
// if (!oTrans.ExecUpdate(ref sErr))
// throw new Exception(sErr);
// }
// ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "Overwritten by Import");
// break;
default:
break;
}
//CODEBLOCKS AND STEPS can be done here... they are just inserted
// (because they were manipulated already if needed)
//CODEBLOCKS
oTrans.Command.CommandText = "insert into task_codeblock" +
" (task_id, codeblock_name)" +
" select" +
" '" + sNewTaskID + "', codeblock_name" +
" from import_task_codeblock" +
" where user_id = '" + sUserID + "'" +
" and task_id = '" + sTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//STEPS
oTrans.Command.CommandText = "insert into task_step" +
" (step_id, task_id, codeblock_name, step_order, commented," +
" locked, function_name, function_xml, step_desc, output_parse_type," +
" output_row_delimiter, output_column_delimiter, variable_xml)" +
" select" +
" step_id, '" + sNewTaskID + "', codeblock_name, step_order, commented," +
" locked, function_name, function_xml, step_desc, output_parse_type," +
" output_row_delimiter, output_column_delimiter, variable_xml" +
" from import_task_step" +
" where user_id = '" + sUserID + "'" +
" and task_id = '" + sTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
else
{
sErr = "No Task import items were found.";
oTrans.RollBack();
return(false);
}
//whack those rows from the import table.
//why? their disposition has now changed, and we don't wanna accidentally reload them.
//or add confusion to the user.
oTrans.Command.CommandText = "delete from import_task where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Command.CommandText = "delete from import_task_codeblock where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Command.CommandText = "delete from import_task_step where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
//all done with everything... close it out
oTrans.Commit();
return(true);
}
public static string SaveCredential(object[] oAsset)
{
// we are passing in 16 elements, if we have 16 go
if (oAsset.Length != 8) return "Incorrect list of attributes:" + oAsset.Length.ToString();
string sCredentialID = oAsset[0].ToString();
string sCredentialName = oAsset[1].ToString().Replace("'", "''");
string sUserName = oAsset[2].ToString().Replace("'", "''");
string sCredentialDesc = oAsset[3].ToString().Replace("'", "''");
string sPassword = oAsset[4].ToString();
string sDomain = oAsset[5].ToString();
string sMode = oAsset[6].ToString();
string sPrivilegedPassword = oAsset[7].ToString();
// for logging
string sOriginalUserName = null;
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
//if we are editing get the original values
if (sMode == "edit")
{
sSql = "select username from asset_credential " +
"where credential_id = '" + sCredentialID + "'";
if (!dc.sqlGetSingleString(ref sOriginalUserName, sSql, ref sErr))
{
throw new Exception(sErr);
}
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
// only update the passwword if it has changed
string sNewPassword = "";
if (sPassword != "($%#d@x!&")
{
sNewPassword = "******" + dc.EnCrypt(sPassword) + "'";
}
// bugzilla 1260
// same for privileged_password
string sPriviledgedPasswordUpdate = null;
if (sPrivilegedPassword == "($%#d@x!&")
{
// password has not been touched
sPriviledgedPasswordUpdate = "";
}
else
{
// updated password
sPriviledgedPasswordUpdate = ",privileged_password = '******'";
}
sSql = "update asset_credential set" +
" credential_name = '" + sCredentialName + "'," +
" username = '******'," +
" domain = '" + sDomain.Replace("'", "''") + "'," +
" shared_cred_desc = '" + sCredentialDesc + "'" +
sNewPassword +
sPriviledgedPasswordUpdate +
" where credential_id = '" + sCredentialID + "'";
}
else
{
// if the priviledged password is empty just set it to null
string sPrivilegedPasswordUpdate = "NULL";
if (sPrivilegedPassword.Length != 0)
{
sPrivilegedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'";
};
sSql = "insert into asset_credential (credential_id, credential_name, username, password, domain, shared_cred_desc, shared_or_local, privileged_password)" +
" values (" + "'" + ui.NewGUID() + "'," +
"'" + sCredentialName.Replace("'", "''") + "'," +
"'" + sUserName.Replace("'", "''") + "'," +
"'" + dc.EnCrypt(sPassword) + "'," +
"'" + sDomain.Replace("'", "''") + "'," +
"'" + sCredentialDesc.Replace("'", "''") + "'," +
"'0'," + sPrivilegedPasswordUpdate + ")";
}
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
if (sErr == "key_violation")
throw new Exception("A Credential with that name already exists. Please select another name.");
else
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
// since this is not handled as a page postback, theres no "Viewstate" settings
// so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the
// update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here
if (sMode == "edit")
{
ui.WriteObjectChangeLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), sOriginalUserName, sUserName.Replace("'", "''"));
}
else
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), "Credential Created");
}
// no errors to here, so return an empty string
return "";
}
public static string SaveCloud(string sMode, string sCloudID, string sCloudName, string sProvider, string sAPIUrl)
{
// for logging
string sOriginalName = null;
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
//if we are editing get the original values
if (sMode == "edit")
{
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
sSql = "select cloud_name from clouds " +
"where cloud_id = '" + sCloudID + "'";
if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr))
throw new Exception("Error getting original cloud name:" + sErr);
sSql = "update clouds set" +
" cloud_name = '" + sCloudName + "'," +
" provider = '" + sProvider + "'," +
" api_url = '" + sAPIUrl + "'" +
" where cloud_id = '" + sCloudID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Error updating cloud: " + sErr);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, sOriginalName, sCloudName);}
else
{
sCloudID = ui.NewGUID();
sSql = "insert into clouds (cloud_id, cloud_name, provider, api_url)" +
" values ('" + sCloudID + "'," +
"'" + sCloudName + "'," +
"'" + sProvider + "'," +
"'" + sAPIUrl + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Error creating cloud: " + sErr);
ui.WriteObjectAddLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, "Cloud Created");
}
oTrans.Commit();
//update the cloud providers class in the session
CloudProviders cp = ui.GetCloudProviders();
cp[sProvider].RefreshClouds();
ui.UpdateCloudProviders(cp);
}
catch (Exception ex)
{
throw new Exception("Error: General Exception: " + ex.Message);
}
// no errors to here, so return an empty string
return "{'cloud_id':'" + sCloudID + "'}";
}
public static string SaveUserEdits(object[] oUser)
{
string sChangeDetail = "User Details updated.";
// verify the right number of properties
if (oUser.Length != 10)
{
return("Incorrect number of User Properties.");
}
string sEditUserID = oUser[0].ToString();
string sLoginID = oUser[1].ToString();
string sFullName = oUser[2].ToString();
string sAuthType = oUser[3].ToString();
string sUserPassword = oUser[4].ToString();
string sForcePasswordChange = oUser[5].ToString();
string sUserRole = oUser[6].ToString();
string sEmail = oUser[7].ToString();
string sStatus = oUser[8].ToString();
string sGroupArray = oUser[9].ToString();
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
// checks that cant be done on the client side
// is the name unique?
string sInuse = "";
if (!dc.sqlGetSingleString(ref sInuse, "select user_id from users where username = '******' and user_id <> '" + sEditUserID + "' limit 1", ref sErr))
{
throw new Exception(sErr);
}
else
{
if (!string.IsNullOrEmpty(sInuse))
{
return("Login ID '" + sLoginID + "' is unavailable, please choose another.");
}
}
// CHANGE Per conference call 5-11-09 we are using a random 9 char mask
// if the password has not changed this will be the same 9 chars
string sPasswordUpdate = null;
bool boolPasswordChanged = false;
if (sUserPassword == "($%#d@x!&")
{
// password has not been touched
sPasswordUpdate = ",";
boolPasswordChanged = false;
}
else
{
// password changed
sChangeDetail += " Password changed.";
if (sAuthType == "local")
{
// bugzilla 1347
// check the user password history setting, and make sure the password was not used in the past x passwords
if (dc.PasswordInHistory(dc.EnCrypt(sUserPassword.Trim()), sEditUserID, ref sErr))
{
return("Passwords can not be reused, please choose another password");
}
;
if (sErr != null)
{
return(sErr);
}
;
if (!dc.PasswordIsComplex(sUserPassword.Trim(), ref sErr))
{
return(sErr);
}
else
{
sPasswordUpdate = ",user_password = '******',";
boolPasswordChanged = true;
}
}
else if (sAuthType == "ldap")
{
sPasswordUpdate = ",user_password = NULL,";
}
else
{
return("Unknown Authentication type.");
}
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
sSql = "update users set" +
" full_name = '" + sFullName + "'," +
" username = '******'" + sPasswordUpdate +
" force_change = '" + sForcePasswordChange + "'," +
" authentication_type = '" + sAuthType + "'," +
" email = '" + sEmail + "'," +
" failed_login_attempts = '0'," +
" status = '" + sStatus + "'," +
" user_role = '" + sUserRole + "'" +
" where user_id = '" + sEditUserID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
if (boolPasswordChanged)
{
// add Password history if it changed
sSql = "insert user_password_history (user_id, change_time,password) values ('" + sEditUserID + "',now(),'" + dc.EnCrypt(sUserPassword.Trim()) + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
#region "tags"
// remove the existing tags
sSql = "delete from object_tags where object_id = '" + sEditUserID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
// add user groups, if there are any
if (sGroupArray.Length > 0)
{
ArrayList aGroups = new ArrayList(sGroupArray.Split(','));
foreach (string sGroupName in aGroups)
{
sSql = "insert object_tags (object_id, object_type, tag_name)" +
" values ('" + sEditUserID + "', 1, '" + sGroupName + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
#endregion
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
ui.WriteObjectChangeLog(Globals.acObjectTypes.User, sEditUserID, sFullName.Trim().Replace("'", "''"), sChangeDetail);
// no errors to here, so return an empty string
return("");
}
public string wmDeleteTasks(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
string sTaskNames = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
//NOTE: right now this plows ALL versions. There is an enhancement to possibly 'retire' a task, or
//only delete certain versions.
try
{
// what about the instance tables?????
// bugzilla 1290 Tasks that have history (task_instance table) can not be deleted
// exclude them from the list and return a message noting the task(s) that could not be deleted
// first we need a list of tasks that will not be deleted
sSql = "select task_name from task t " +
"where t.original_task_id in (" + sDeleteArray.ToString() + ") " +
"and t.task_id in (select ti.task_id from tv_task_instance ti where ti.task_id = t.task_id)";
if (!dc.csvGetList(ref sTaskNames, sSql, ref sErr, true))
throw new Exception(sErr);
// list of tasks that will be deleted
//we have an array of 'original_task_id'.
//we need an array or task_id
//build one.
sSql = "select t.task_id from task t " +
"where t.original_task_id in (" + sDeleteArray.ToString() + ") " +
"and t.task_id not in (select ti.task_id from tv_task_instance ti where ti.task_id = t.task_id)";
string sTaskIDs = "";
if (!dc.csvGetList(ref sTaskIDs, sSql, ref sErr, true))
throw new Exception(sErr);
// if any tasks can be deleted
if (sTaskIDs.Length > 1)
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//oTrans.Command.CommandText = "delete from task_asset_attribute where task_id in (" + sTaskIDs + ")";
//if (!oTrans.ExecUpdate(ref sErr))
// throw new Exception(sErr);
oTrans.Command.CommandText = "delete from task_step_user_settings" +
" where step_id in" +
" (select step_id from task_step where task_id in (" + sTaskIDs + "))";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "delete from task_step where task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "delete from task_codeblock where task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "delete from task where task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Commit();
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Task, "Multiple", "Original Task IDs", sDeleteArray.ToString());
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if the sTaskNames contains any names, then send back a message that these were not deleted because of history records.
if (sTaskNames.Length > 0)
{
return "Task(s) (" + sTaskNames + ") have history rows and could not be deleted.";
}
else
{
return sErr;
}
}
public static string DeleteAssets(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
ArrayList arrList = new ArrayList();
arrList.AddRange(sDeleteArray.Split(','));
if (sDeleteArray.Length < 36)
return "";
StringBuilder sbAssetIDString = new StringBuilder();
StringBuilder sbAssetsCantDelete = new StringBuilder();
foreach (string sAssetID in arrList)
{
if (sAssetID.Length == 36)
{
// what about the instance tables?????
// bugzilla 1290 Assets that have history (task_instance table) can not be deleted
// exclude them from the list and return a message noting the asset(s) that could not be deleted
// check if this asset has any history rows.
sSql = "select count(*) from tv_task_instance where asset_id = '" + sAssetID + "'";
int iHistory = 0;
if (!dc.sqlGetSingleInteger(ref iHistory, sSql, ref sErr))
throw new Exception(sErr);
// if there is no history add this to the delete list,
// otherwise add the task id to the non delete list
if (iHistory == 0)
{
sbAssetIDString.Append("'" + sAssetID + "',");
}
else
{
sbAssetsCantDelete.Append("'" + sAssetID + "',");
};
}
}
// trim the trailing ,
if (sbAssetsCantDelete.ToString().Length > 2) { sbAssetsCantDelete.Remove(sbAssetsCantDelete.Length - 1, 1); };
if (sbAssetIDString.ToString().Length > 2)
{
// delete from these tables:
// asset, asset_credential (if the credential is local).
// trim the trailing ,
sbAssetIDString.Remove(sbAssetIDString.Length - 1, 1);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// delete asset_credential
sSql = "delete from asset_credential" +
" where shared_or_local = 1" +
" and credential_id in (select credential_id from asset where asset_id in (" + sbAssetIDString.ToString() + "))";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
// delete asset
sSql = "delete from asset where asset_id in (" + sbAssetIDString.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Commit();
// add security log
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sbAssetIDString.ToString(), "Batch Asset Delete", "Deleted Assets in batch mode");
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
};
// if some did not get deleted return a message.
if (sbAssetsCantDelete.Length > 2)
{
string sTaskNames = "";
sSql = "select asset_name from asset where asset_id in (" + sbAssetsCantDelete.ToString() + ")";
if (!dc.csvGetList(ref sTaskNames, sSql, ref sErr, true))
throw new Exception(sErr);
return "Asset deletion completed. Asset(s) (" + sTaskNames + ") could not be deleted because history rows exist.";
}
else
{
return sErr;
}
}
public bool Import(string sUserID, string sTaskIDs, ref string sErr)
{
string sSQL = "";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//we're doing this in a loop
//why? because each row may have different import requirements
//(overwrite, new version, etc.)
//Now we are adding different import types not necessarily tied to task/proc.
//for now we're still just doing it all here until there's a good reason to split it out
if (sTaskIDs.Length > 0)
{
sSQL = "select task_id, task_code, task_name, import_mode from import_task" +
" where user_id = '" + sUserID + "'" +
" and task_id in (" + sTaskIDs + ")";
DataTable dt = new DataTable();
if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr))
throw new Exception(sErr);
if (dt.Rows.Count > 0)
{
foreach (DataRow dr in dt.Rows)
{
string sTaskID = dr["task_id"].ToString();
string sNewTaskID = dr["task_id"].ToString();
string sTaskCode = dr["task_code"].ToString();
string sImportMode = dr["import_mode"].ToString();
string sOTID = "";
int iCount = 0;
switch (sImportMode)
{
case "New":
//just jam in the new row, IF there are no GUID conflicts.
//~~~ NEW tasks get manipulated.
//* MIGHT have their ID changed if there's a collision
//* WILL have the original_task_id reset
//* WILL have the version reset to 1.000
//* WILL be loaded as 'Development' status
//* WILL be the default version
//check ID
oTrans.Command.CommandText = "select count(*) from task" +
" where task_id = '" + sTaskID + "'";
if (!oTrans.ExecGetSingleInteger(ref iCount, ref sErr))
throw new Exception("Unable to check for GUID conflicts.<br />" + sErr);
//if there's a GUID conflict then just generate a new guid for this task.
if (iCount > 0)
{
sNewTaskID = ui.NewGUID();
}
//check the steps to see if there are any GUID conflicts
//and repair them if necessary
if (!ReIDSteps(ref oTrans, sUserID, sTaskID, ref sErr))
throw new Exception("Unable to issue new Step GUIDs.<br />" + sErr);
//insert the manipulated TASK
oTrans.Command.CommandText = "insert into task" +
" (task_id, original_task_id, version," +
" task_name, task_code, task_desc, task_status," +
" use_connector_system, default_version," +
" concurrent_instances, queue_depth, parameter_xml, created_dt)" +
" select" +
" '" + sNewTaskID + "', '" + sNewTaskID + "', 1.000," +
" task_name, task_code, task_desc, 'Development'," +
" use_connector_system, 1," +
" concurrent_instances, queue_depth, parameter_xml, created_dt" +
" from import_task" +
" where user_id = '" + sUserID + "'" +
" and task_id = '" + sTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "New - Created via Import");
break;
case "New Version":
//if it's a new version, we need to make sure the "original_task_id"
//is correct in the target database.
//(no guarantee the original_id in the source db is correct.)
//just jam in the new row, IF there are no GUID conflicts.
//~~~ NEW VERSION tasks get manipulated.
//* MIGHT have their ID changed if there's a collision
//* MIGHT have the original_task_id reset (to match the target)
//* WILL have the version reset to the user selection
//* WILL be loaded as 'Development' status
//* WILL NOT be the default version
//check ID
oTrans.Command.CommandText = "select count(*) from task" +
" where task_id = '" + sTaskID + "'";
if (!oTrans.ExecGetSingleInteger(ref iCount, ref sErr))
throw new Exception("Unable to check for GUID conflicts.<br />" + sErr);
//if there's a GUID conflict then just generate a new guid for this task.
//and re-id the steps
if (iCount > 0)
sNewTaskID = ui.NewGUID();
//check the steps to see if there are any GUID conflicts
//and repair them if necessary
if (!ReIDSteps(ref oTrans, sUserID, sTaskID, ref sErr))
throw new Exception("Unable to issue new Step GUIDs.<br />" + sErr);
//NOW, we need to make sure this task is connected to it's family
//we do this by ensuring the original_task_id matches.
//BUT, we got here by assuming the task_code was the key.
//so... find the original_task_id for this task_code
oTrans.Command.CommandText = "select original_task_id" +
" from task where task_code = '" + sTaskCode + "' limit 1";
if (!oTrans.ExecGetSingleString(ref sOTID, ref sErr))
throw new Exception("Unable to get original task ID for [" + sTaskCode + "].<br />" + sErr);
//insert the manipulated TASK
oTrans.Command.CommandText = "insert into task" +
" (task_id, original_task_id, version," +
" task_name, task_code, task_desc, task_status," +
" use_connector_system, default_version," +
" concurrent_instances, queue_depth, parameter_xml, created_dt)" +
" select" +
" '" + sNewTaskID + "', '" + sOTID + "', version," +
" task_name, task_code, task_desc, 'Development'," +
" use_connector_system, 0," +
" concurrent_instances, queue_depth, parameter_xml, created_dt" +
" from import_task" +
" where user_id = '" + sUserID + "'" +
" and task_id = '" + sTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "New Version - Created via Import");
break;
/*
Note: I stopped here because I'm not convinced that "Overwrite" is a safe or useful
feature.
So, we'll come back to it if needed.
Be aware, this was pseudocode... it never worked, was just placeholder stuff and ideas.
*/
//case "Overwrite":
// //stomp it, but make sure to set the task_id/original_task_id
// //to match in the target db.
// //just because the code matches doesn't mean the ID's do.
// //we can just UPDATE the task row
// //DON'T FORGET to DELETE the existing steps and codeblocks
// //we need to make sure the "original_task_id"
// //is correct in the target database.
// //(no guarantee the original_id in the source db is correct.)
// //~~~ OVERWRITE tasks get manipulated.
// //* MIGHT have their ID changed to match the code/version being imported
// //* MIGHT have the original_task_id reset (to match the target)
// //* WILL have the version reset to the user selection
// //* WILL be loaded as 'Development' status
// //* MIGHT be the default version (not gonna update that value)
// //NOW, we need to make sure this task is connected to it's family
// //we do this by ensuring the original_task_id matches.
// //BUT, we got here by assuming the task_code was the key.
// //so... find the task AND original_task_id for this task_code
// oTrans.Command.CommandText = "select top 1 task_id" +
// " from task where task_code = '" + sTaskCode + "'";
// if (!oTrans.ExecGetSingleString(ref sNewTaskID, ref sErr))
// throw new Exception("Unable to get task ID for [" + sTaskCode + "].<br />" + sErr);
// oTrans.Command.CommandText = "select top 1 original_task_id" +
// " from task where task_code = '" + sTaskCode + "'";
// if (!oTrans.ExecGetSingleString(ref sOTID, ref sErr))
// throw new Exception("Unable to get original task ID for [" + sTaskCode + "].<br />" + sErr);
// //get a datareader on the import_task row
// sSQL = "select task_desc, manual_or_digital, use_connector_system," +
// " concurrent_instances, queue_depth, parameter_xml, created_dt" +
// " from import_task" +
// " where user_id = '" + sUserID + "'" +
// " and task_id = '" + sTaskID + "'";
// OdbcDataReader drTaskRow = null;
// if (!dc.sqlGetDataReader(ref drTaskRow, sSQL, ref sErr)) return false;
// if (drTaskRow.HasRows)
// {
// //insert the manipulated TASK
// //THIS WAS NEVER TESTED
// oTrans.Command.CommandText = "update task" +
// " set task_desc = ''," +
// " manual_or_digital = ''," +
// " use_connector_system = ''," +
// " concurrent_instances = ''," +
// " queue_depth = ''," +
// " parameter_xml = ''," +
// " created_dt = ''" +
// " select" +
// " '" + sNewTaskID + "', '" + sOTID + "', version," +
// " task_name, task_code, task_desc, 'Development', manual_or_digital," +
// " use_connector_system, 0," +
// " concurrent_instances, queue_depth, parameter_xml, created_dt" +
// " from import_task" +
// " where user_id = '" + sUserID + "'" +
// " and task_id = '" + sTaskID + "'";
// if (!oTrans.ExecUpdate(ref sErr))
// throw new Exception(sErr);
// }
// ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "Overwritten by Import");
// break;
default:
break;
}
//CODEBLOCKS AND STEPS can be done here... they are just inserted
// (because they were manipulated already if needed)
//CODEBLOCKS
oTrans.Command.CommandText = "insert into task_codeblock" +
" (task_id, codeblock_name)" +
" select" +
" '" + sNewTaskID + "', codeblock_name" +
" from import_task_codeblock" +
" where user_id = '" + sUserID + "'" +
" and task_id = '" + sTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//STEPS
oTrans.Command.CommandText = "insert into task_step" +
" (step_id, task_id, codeblock_name, step_order, commented," +
" locked, function_name, function_xml, step_desc, output_parse_type," +
" output_row_delimiter, output_column_delimiter, variable_xml)" +
" select" +
" step_id, '" + sNewTaskID + "', codeblock_name, step_order, commented," +
" locked, function_name, function_xml, step_desc, output_parse_type," +
" output_row_delimiter, output_column_delimiter, variable_xml" +
" from import_task_step" +
" where user_id = '" + sUserID + "'" +
" and task_id = '" + sTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
}
else
{
sErr = "No Task import items were found.";
oTrans.RollBack();
return false;
}
//whack those rows from the import table.
//why? their disposition has now changed, and we don't wanna accidentally reload them.
//or add confusion to the user.
oTrans.Command.CommandText = "delete from import_task where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "delete from import_task_codeblock where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "delete from import_task_step where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
//all done with everything... close it out
oTrans.Commit();
return true;
}
public string wmApproveTask(string sTaskID, string sMakeDefault)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
string sUserID = ui.GetSessionUserID();
if (ui.IsGUID(sTaskID) && ui.IsGUID(sUserID))
{
string sErr = "";
string sSQL = "";
//check to see if this is the first task to be approved.
//if it is, we will make it default.
sSQL = "select count(*) from task" +
" where original_task_id = " +
" (select original_task_id from task where task_id = '" + sTaskID + "')" +
" and task_status = 'Approved'";
int iCount = 0;
if (!dc.sqlGetSingleInteger(ref iCount, sSQL, ref sErr))
{
throw new Exception("Unable to count Tasks in this family.." + sErr);
}
if (iCount == 0)
sMakeDefault = "1";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//flag all the other tasks as not default if this one is meant to be
if (sMakeDefault == "1")
{
sSQL = "update task set" +
" default_version = 0" +
" where original_task_id =" +
" (select original_task_id from (select original_task_id from task where task_id = '" + sTaskID + "') as x)";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Unable to update task [" + sTaskID + "]." + sErr);
}
sSQL = "update task set" +
" task_status = 'Approved'," +
" default_version = 1" +
" where task_id = '" + sTaskID + "';";
}
else
{
sSQL = "update task set" +
" task_status = 'Approved'" +
" where task_id = '" + sTaskID + "'";
}
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Unable to update task [" + sTaskID + "]." + sErr);
}
oTrans.Commit();
ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, "Status", "Development", "Approved");
if (sMakeDefault == "1")
ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, "Default", "Set as Default Version.");
}
else
{
throw new Exception("Unable to update task. Missing or invalid task id. [" + sTaskID + "]");
}
}
catch (Exception ex)
{
throw ex;
}
return "";
}
public static string DeleteUsers(string sDeleteArray)
{
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
string WhoAmI = ui.GetSessionUserID();
try
{
ArrayList arrList = new ArrayList();
arrList.AddRange(sDeleteArray.Split(','));
if (sDeleteArray.Length < 36)
{
return("");
}
StringBuilder sbDeleteNow = new StringBuilder();
StringBuilder sbDeleteLater = new StringBuilder();
StringBuilder sbAll = new StringBuilder();
foreach (string sUserID in arrList)
{
if (sUserID.Length == 36)
{
//you cannot delete yourself!!!
if (sUserID != WhoAmI)
{
sbAll.Append("'" + sUserID + "',");
//this will flag a user for later deletion by the system
//it returns the user_id back if it's safe to delete now
if (UserHasHistory(sUserID))
{
sbDeleteLater.Append("'" + sUserID + "',");
}
else
{
sbDeleteNow.Append("'" + sUserID + "',");
}
}
}
}
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// stuff to delete no matter what...
if (sbAll.Length != 0)
{
sbAll.Remove(sbAll.Length - 1, 1);
////delete any attributes for these users
//sSql = "delete from user_assign_defaults where user_id in (" + sbAll.ToString() + ")";
//oTrans.Command.CommandText = sSql;
//if (!oTrans.ExecUpdate(ref sErr))
// throw new Exception(sErr);
}
// delete some users...
if (sbDeleteNow.Length != 0)
{
sbDeleteNow.Remove(sbDeleteNow.Length - 1, 1);
sSql = "delete from users where user_id in (" + sbDeleteNow.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
// flag the others...
if (sbDeleteLater.Length != 0)
{
sbDeleteLater.Remove(sbDeleteLater.Length - 1, 1);
sSql = "update users set status = 86 where user_id in (" + sbDeleteLater.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
return("User(s) deleted.");
}
private string CopyTask(int iMode, string sSourceTaskID, string sNewTaskName, string sNewTaskCode)
{
//iMode 0=new task, 1=new major version, 2=new minor version
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sErr = "";
string sSQL = "";
string sNewTaskID = ui.NewGUID();
int iIsDefault = 0;
string sTaskName = "";
double dVersion = 1.000;
double dMaxVer = 0.000;
string sOTID = "";
//do it all in a transaction
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//figure out the new name and selected version
oTrans.Command.CommandText = "select task_name, version, original_task_id from task where task_id = '" + sSourceTaskID + "'";
DataRow dr = null;
if (!oTrans.ExecGetDataRow(ref dr, ref sErr))
throw new Exception("Unable to find task for ID [" + sSourceTaskID + "]." + sErr);
sTaskName = dr["task_name"].ToString();
dVersion = Convert.ToDouble(dr["version"]);
sOTID = dr["original_task_id"].ToString();
//figure out the new version
switch (iMode)
{
case 0:
sTaskName = sNewTaskName;
iIsDefault = 1;
dVersion = 1.000;
sOTID = sNewTaskID;
break;
case 1:
//gotta get the highest version
sSQL = "select max(version) from task where task_id = '" + sOTID + "'";
dc.sqlGetSingleDouble(ref dMaxVer, sSQL, ref sErr);
if (sErr != "")
{
oTrans.RollBack();
throw new Exception(sErr);
}
dVersion = dMaxVer + 1;
break;
case 2:
sSQL = "select max(version) from task where task_id = '" + sOTID + "'" +
" and cast(version as unsigned) = " + Convert.ToInt32(dVersion);
dc.sqlGetSingleDouble(ref dMaxVer, sSQL, ref sErr);
if (sErr != "")
{
oTrans.RollBack();
throw new Exception(sErr);
}
dVersion = dMaxVer + 0.001;
break;
default: //a iMode is required
throw new Exception("A mode required for this copy operation." + sErr);
}
//if we are versioning, AND there are not yet any 'Approved' versions,
//we set this new version to be the default
//(that way it's the one that you get taken to when you pick it from a list)
if (iMode > 0)
{
sSQL = "select case when count(*) = 0 then 1 else 0 end" +
" from task where original_task_id = '" + sOTID + "'" +
" and task_status = 'Approved'";
dc.sqlGetSingleInteger(ref iIsDefault, sSQL, ref sErr);
if (sErr != "")
{
oTrans.RollBack();
throw new Exception(sErr);
}
}
//start copying
oTrans.Command.CommandText = "create temporary table _copy_task" +
" select * from task where task_id = '" + sSourceTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//update the task_id
oTrans.Command.CommandText = "update _copy_task set" +
" task_id = '" + sNewTaskID + "'," +
" original_task_id = '" + sOTID + "'," +
" version = '" + dVersion + "'," +
" task_name = '" + sTaskName + "'," +
" default_version = " + iIsDefault.ToString() + "," +
" task_status = 'Development'," +
" created_dt = now()";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//update the task_code if necessary
if (iMode == 0)
{
oTrans.Command.CommandText = "update _copy_task set task_code = '" + sNewTaskCode + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
//codeblocks
oTrans.Command.CommandText = "create temporary table _copy_task_codeblock" +
" select '" + sNewTaskID + "' as task_id, codeblock_name" +
" from task_codeblock where task_id = '" + sSourceTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//USING TEMPORARY TABLES... need a place to hold step ids while we manipulate them
oTrans.Command.CommandText = "create temporary table _step_ids" +
" select distinct step_id, uuid() as newstep_id" +
" from task_step where task_id = '" + sSourceTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//steps temp table
oTrans.Command.CommandText = "create temporary table _copy_task_step" +
" select step_id, '" + sNewTaskID + "' as task_id, codeblock_name, step_order, commented," +
" locked, function_name, function_xml, step_desc, output_parse_type, output_row_delimiter," +
" output_column_delimiter, variable_xml" +
" from task_step where task_id = '" + sSourceTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//update the step id
oTrans.Command.CommandText = "update _copy_task_step a, _step_ids b" +
" set a.step_id = b.newstep_id" +
" where a.step_id = b.step_id";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//update steps with codeblocks that reference a step (embedded steps)
oTrans.Command.CommandText = "update _copy_task_step a, _step_ids b" +
" set a.codeblock_name = b.newstep_id" +
" where b.step_id = a.codeblock_name";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//spin the steps and update any embedded step id's in the commands
oTrans.Command.CommandText = "select step_id, newstep_id from _step_ids";
DataTable dtStepIDs = new DataTable();
if (!oTrans.ExecGetDataTable(ref dtStepIDs, ref sErr))
throw new Exception("Unable to get step ids." + sErr);
foreach (DataRow drStepIDs in dtStepIDs.Rows)
{
oTrans.Command.CommandText = "update _copy_task_step" +
" set function_xml = replace(lower(function_xml), '" + drStepIDs["step_id"].ToString().ToLower() + "', '" + drStepIDs["newstep_id"].ToString() + "')" +
" where function_name in ('if','loop','exists')";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
//finally, put the temp steps table in the real steps table
oTrans.Command.CommandText = "insert into task select * from _copy_task";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "insert into task_codeblock select * from _copy_task_codeblock";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "insert into task_step select * from _copy_task_step";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//finally, if we versioned up and we set this one as the new default_version,
//we need to unset the other row
if (iMode > 0 && iIsDefault == 1)
{
oTrans.Command.CommandText = "update task" +
" set default_version = 0" +
" where original_task_id = '" + sOTID + "'" +
" and task_id <> '" + sNewTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
oTrans.Commit();
return sNewTaskID;
}
public static string SaveDomain(object[] oAsset)
{
// we are passing in 4 elements, if we have 16 go
if (oAsset.Length != 4)
{
return("Incorrect list of attributes:" + oAsset.Length.ToString());
}
string sEditDomain = oAsset[0].ToString();
string sDomain = oAsset[1].ToString().Replace("'", "''");
string sAddress = oAsset[2].ToString().Replace("'", "''");
string sMode = oAsset[3].ToString();
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
// before updating or adding make sure the domain name is available
if (sEditDomain != sDomain)
{
try
{
sSql = "select ldap_domain from ldap_domain where ldap_domain = '" + sDomain + "'";
string sDomainExists = "";
if (!dc.sqlGetSingleString(ref sDomainExists, sSql, ref sErr))
{
throw new Exception(sErr);
}
else
{
if (!string.IsNullOrEmpty(sDomainExists))
{
return("Domain name exists, choose another name.");
}
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
// if the domain name changed update all of the asset_credential's using this domain
if (sDomain != sEditDomain)
{
sSql = "update asset_credential set domain = '" + sDomain + "' where domain = '" + sEditDomain + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
sSql = "update ldap_domain set ldap_domain = '" + sDomain + "'," + "address = '" + sAddress + "' where ldap_domain = '" + sEditDomain + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
else
{
sSql = "insert into ldap_domain (ldap_domain,address)" +
" values ('" + sDomain + "'," +
"'" + sAddress + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
if (sMode == "edit")
{
ui.WriteObjectChangeLog(Globals.acObjectTypes.Domain, sEditDomain, sEditDomain, sEditDomain, sDomain);
}
else
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Domain, sDomain, sDomain, "Domain Created");
}
// no errors to here, so return an empty string
return("");
}
public void wmDeleteStep(string sStepID)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
string sErr = "";
string sSQL = "";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//you have to know which one we are removing
string sDeletedStepOrder = "0";
string sTaskID = "";
string sCodeblock = "";
string sFunction = "";
string sFunctionXML = "";
sSQL = "select task_id, codeblock_name, step_order, function_name, function_xml" +
" from task_step where step_id = '" + sStepID + "'";
DataRow dr = null;
if (!dc.sqlGetDataRow(ref dr, sSQL, ref sErr))
throw new Exception("Unable to get details for step." + sErr);
if (dr != null)
{
sDeletedStepOrder = dr["step_order"].ToString();
sTaskID = dr["task_id"].ToString();
sCodeblock = dr["codeblock_name"].ToString();
sFunction = dr["function_name"].ToString();
sFunctionXML = dr["function_xml"].ToString();
//for logging, we'll stick the whole command XML into the log
//so we have a complete record of the step that was just deleted.
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Task, sTaskID, sFunction,
"Codeblock:" + sCodeblock +
" Step Order:" + sDeletedStepOrder +
" Command Type:" + sFunction +
" Details:" + sFunctionXML);
}
//"embedded" steps have a codeblock name referencing their "parent" step.
//if we're deleting a parent, whack all the children
sSQL = "delete from task_step where codeblock_name = '" + sStepID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to delete step." + sErr);
//step might have user_settings
sSQL = "delete from task_step_user_settings where step_id = '" + sStepID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to delete step user settings." + sErr);
//now whack the parent
sSQL = "delete from task_step where step_id = '" + sStepID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to delete step." + sErr);
sSQL = "update task_step set step_order = step_order - 1" +
" where task_id = '" + sTaskID + "'" +
" and codeblock_name = '" + sCodeblock + "'" +
" and step_order > " + sDeletedStepOrder;
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to reorder steps after deletion." + sErr);
oTrans.Commit();
}
catch (Exception ex)
{
throw ex;
}
}
public static string DeleteClouds(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
{
return("");
}
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of ids that will be deleted for the log
sSql = "select cloud_id, cloud_name, provider from clouds where cloud_id in (" + sDeleteArray + ")";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
{
throw new Exception(sErr);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
sSql = "delete from clouds where cloud_id in (" + sDeleteArray + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
//reget the cloud providers class in the session
ui.SetCloudProviders(ref sErr);
if (!string.IsNullOrEmpty(sErr))
{
throw new Exception("Error: Unable to load Cloud Providers XML." + sErr);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Cloud, dr["cloud_id"].ToString(), dr["cloud_name"].ToString(), dr["provider"].ToString() + " Cloud Deleted.");
}
return(sErr);
}
public static string SaveAccount(string sMode, string sAccountID, string sAccountName, string sAccountNumber, string sProvider,
string sLoginID, string sLoginPassword, string sLoginPasswordConfirm, string sIsDefault, string sAutoManageSecurity)
{
// for logging
string sOriginalName = "";
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = "";
string sErr = "";
//if we are editing get the original values
if (sMode == "edit")
{
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
sSql = "select account_name from cloud_account " +
"where account_id = '" + sAccountID + "'";
if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr))
throw new Exception("Error getting original account name:" + sErr);
// only update the passwword if it has changed
string sNewPassword = "";
if (sLoginPassword != "($%#d@x!&")
{
sNewPassword = "******" + dc.EnCrypt(sLoginPassword) + "'";
}
sSql = "update cloud_account set" +
" account_name = '" + sAccountName + "'," +
" account_number = '" + sAccountNumber + "'," +
" provider = '" + sProvider + "'," +
" is_default = '" + sIsDefault + "'," +
" auto_manage_security = '" + sAutoManageSecurity + "'," +
" login_id = '" + sLoginID + "'" +
sNewPassword +
" where account_id = '" + sAccountID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Error updating account: " + sErr);
ui.WriteObjectChangeLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, sOriginalName, sAccountName);}
else
{
//now, for some reason we were having issues with the initial startup of apache
//not able to perform the very first database hit.
//this line serves as an inital db hit, but we aren't trapping it or showing the error
dc.TestDBConnection(ref sErr);
//if there are no rows yet, make this one the default even if the box isn't checked.
if (sIsDefault == "0")
{
int iExists = -1;
sSql = "select count(*) as cnt from cloud_account";
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
System.Threading.Thread.Sleep(300);
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
System.Threading.Thread.Sleep(300);
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
throw new Exception("Unable to count Cloud Accounts: " + sErr);
}
}
if (iExists == 0)
sIsDefault = "1";
}
sAccountID = ui.NewGUID();
sSql = "insert into cloud_account (account_id, account_name, account_number, provider, is_default, login_id, login_password, auto_manage_security)" +
" values ('" + sAccountID + "'," +
"'" + sAccountName + "'," +
"'" + sAccountNumber + "'," +
"'" + sProvider + "'," +
"'" + sIsDefault + "'," +
"'" + sLoginID + "'," +
"'" + dc.EnCrypt(sLoginPassword) + "'," +
"'" + sAutoManageSecurity + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Error creating account: " + sErr);
ui.WriteObjectAddLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, "Account Created");
}
//if "default" was selected, unset all the others
if (dc.IsTrue(sIsDefault))
{
oTrans.Command.CommandText = "update cloud_account set is_default = 0 where account_id <> '" + sAccountID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Error updating defaults: " + sErr);
}
oTrans.Commit();
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
throw new Exception("Error refreshing accounts in session: " + sErr);
}
catch (Exception ex)
{
throw new Exception("Error: General Exception: " + ex.Message);
}
// no errors to here, so return an empty string
return "{'account_id':'" + sAccountID + "', 'account_name':'" + sAccountName + "', 'provider':'" + sProvider + "'}";
}
public string wmUpdateTag(string sOldTagName, string sNewTagName, string sDescription)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSQL = null;
string sErr = null;
//do the description no matter what just to be quick
sSQL = "update lu_tags set tag_desc = '" + sDescription + "' where tag_name = '" + sNewTagName + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr)) { throw new Exception(sErr); }
//don't do this unless the name has changed
if (sNewTagName != sOldTagName)
{
try
{
sSQL = "select tag_name from lu_tags where tag_name = '" + sNewTagName + "'";
string sTagExists = "";
if (!dc.sqlGetSingleString(ref sTagExists, sSQL, ref sErr))
throw new Exception(sErr);
else
{
if (!string.IsNullOrEmpty(sTagExists))
return "Tag [" + sNewTagName + "] exists - choose another name.";
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
sSQL = "update object_tags set tag_name = '" + sNewTagName + "' where tag_name = '" + sOldTagName + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
sSQL = "update lu_tags set tag_name = '" + sNewTagName + "'" +
" where tag_name = '" + sOldTagName + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
ui.WriteObjectChangeLog(acObjectTypes.None, sNewTagName, "", "Tag Updated [" + sOldTagName + "-->" + sNewTagName + "].");
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
// no errors to here, so return an empty string
return "";
}
private void DeleteCodeblock(string sCodeblockID)
{
try
{
string sErr = "";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//first, delete any steps that are embedded content on steps in this codeblock
//(because embedded steps have their parent step_id as the codeblock name.)
oTrans.Command.CommandText = "delete em from task_step em" +
" join task_step p on em.task_id = p.task_id" +
" and em.codeblock_name = p.step_id" +
" where p.task_id = '" + sTaskID + "'" +
" and p.codeblock_name = '" + sCodeblockID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
ui.RaiseError(Page, "Unable to delete embedded Steps from Codeblock.", true, sErr);
return;
}
oTrans.Command.CommandText = "delete u from task_step_user_settings u" +
" join task_step ts on u.step_id = ts.step_id" +
" where ts.task_id = '" + sTaskID + "'" +
" and ts.codeblock_name = '" + sCodeblockID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
ui.RaiseError(Page, "Unable to delete Steps user settings for Steps in Codeblock.", true, sErr);
return;
}
oTrans.Command.CommandText = "delete from task_step" +
" where task_id = '" + sTaskID + "'" +
" and codeblock_name = '" + sCodeblockID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
ui.RaiseError(Page, "Unable to delete Steps from Codeblock.", true, sErr);
return;
}
oTrans.Command.CommandText = "delete from task_codeblock" +
" where task_id = '" + sTaskID + "'" +
" and codeblock_name = '" + sCodeblockID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
ui.RaiseError(Page, "Unable to delete Codeblock.", true, sErr);
return;
}
oTrans.Commit();
if (!GetCodeblocks(ref sErr))
{
ui.RaiseError(Page, "Warning. Successfully deleted the Codeblock" +
" but there was an error refreshing the page. Please reload the page manually. " + sErr, true, "");
return;
}
if (!GetSteps("MAIN", ref sErr))
{
ui.RaiseError(Page, "Warning. Successfully deleted the Codeblock" +
" but there was an error refreshing the page. Please reload the page manually. " + sErr, true, "");
return;
}
udpSteps.Update();
}
catch (Exception ex)
{
ui.RaiseError(Page, "Exception:", true, ex.Message);
}
}
public static string SaveNewUser(object[] oUser)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
acUI.AppGlobals ag = new acUI.AppGlobals();
string sSql = null;
string sErr = null;
// check the number of properties
if (oUser.Length != 10)
{
return("Incorrect list of user properties");
}
string sLoginID = oUser[0].ToString();
string sFullName = oUser[1].ToString();
string sAuthType = oUser[2].ToString();
string sUserPassword = oUser[3].ToString();
string sGeneratePW = oUser[4].ToString();
string sForcePasswordChange = oUser[5].ToString();
string sUserRole = oUser[6].ToString();
string sEmail = oUser[7].ToString();
string sStatus = oUser[8].ToString();
string sGroupArray = oUser[9].ToString();
// checks that cant be done on the client side
// is the name unique?
string sInuse = "";
if (!dc.sqlGetSingleString(ref sInuse, "select user_id from users where username = '******' limit 1", ref sErr))
{
return("sErr");
}
else
{
if (!string.IsNullOrEmpty(sInuse))
{
return("Login ID '" + sLoginID + "' is unavailable, please choose another.");
}
}
// password
string sPassword = null;
if (sAuthType == "local")
{
if (sGeneratePW == "1") //generate an initial strong password
{
sUserPassword = dc.GenerateNewPassword();
}
sPassword = "******" + dc.EnCrypt(sUserPassword) + "'";
}
else if (sAuthType == "ldap")
{
sPassword = "******";
}
else
{
return("Unknown Authentication Type.");
}
// passed client and server validations, create the user
string sNewUserID = ui.NewGUID();
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// all good, save the new user and redirect to the user edit page.
sSql = "insert users" +
" (user_id,username,full_name,authentication_type,user_password,force_change,email,status,user_role)" +
" values " +
"('" + sNewUserID + "'," +
"'" + sLoginID.Trim().Replace("'", "''") + "'," +
"'" + sFullName.Trim().Replace("'", "''") + "'," +
"'" + sAuthType + "'," + sPassword + "," +
"'" + sForcePasswordChange + "'," +
"'" + sEmail.Trim() + "'," +
"'" + sStatus + "'," +
"'" + sUserRole + "'" +
")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
#region "groups"
// add user groups, if there are any
if (sGroupArray.Length > 0)
{
ArrayList aGroups = new ArrayList(sGroupArray.Split(','));
foreach (string sGroupName in aGroups)
{
sSql = "insert object_tags (object_id, object_type, tag_name)" +
" values ('" + sNewUserID + "', 1, '" + sGroupName + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
#endregion
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.User, sNewUserID, sFullName.Trim().Replace("'", "''"), "");
//email out the password
string sBody = "";
if (!dc.sqlGetSingleString(ref sBody, "select new_user_email_message from login_security_settings where id = 1", ref sErr))
{
throw new Exception(sErr);
}
//default message if undefined in the table
if (string.IsNullOrEmpty(sBody))
{
sBody = sFullName + " - an account has been created for you in " + ag.APP_NAME + "." + Environment.NewLine + Environment.NewLine +
"Your User Name: " + sLoginID + "." + Environment.NewLine +
"Your temporary password: "******"." + Environment.NewLine;
}
//replace our special tokens with the values
sBody = sBody.Replace("##FULLNAME##", sFullName).Replace("##USERNAME##", sLoginID);
if (sGeneratePW == "1")
{
sBody = sBody.Replace("##PASSWORD##", sUserPassword);
}
else
{
sBody = sBody.Replace("##PASSWORD##", "Will be provided by an Administrator.");
}
if (!ui.SendEmailMessage(sEmail.Trim(), ag.APP_COMPANYNAME + " Account Management", "Welcome to " + ag.APP_COMPANYNAME, sBody, ref sErr))
{
throw new Exception(sErr);
}
// no errors to here, so return an empty string
return("");
}
