Ejemplo n.º 1
0
        ///<summary></summary>
        public static T GetObject <T>(MethodBase methodBase, params object[] parameters)
        {
            if (RemotingClient.RemotingRole != RemotingRole.ClientWeb)
            {
                throw new ApplicationException("Meth.GetObject may only be used when RemotingRole is ClientWeb.");
            }
            //can't verify return type
            DtoGetObject dto = new DtoGetObject();

            if (typeof(T).IsGenericType)
            {
                Type listType = typeof(T).GetGenericArguments()[0];
                dto.ObjectType = "List<" + listType.FullName + ">";
            }
            else
            {
                dto.ObjectType = typeof(T).FullName;
            }
            dto.MethodName           = methodBase.DeclaringType.Name + "." + methodBase.Name;
            dto.Params               = DtoObject.ConstructArray(parameters, GetParamTypes(methodBase));
            dto.Credentials          = new Credentials();
            dto.Credentials.Username = Security.CurUser.UserName;
            dto.Credentials.Password = Security.PasswordTyped;          //.CurUser.Password;
            return(RemotingClient.ProcessGetObject <T>(dto));
        }
Ejemplo n.º 2
0
 ///<summary>Will throw an exception if server cannot validate username and password.
 ///configPath will be empty from a workstation and filled from the server.  If Ecw, odpass will actually be the hash.</summary>
 public static Userod LogInWeb(string oduser, string odpass, string configPath, string clientVersionStr, bool usingEcw)
 {
     //Unusual remoting role check designed for first time logging in via middle tier.
     if (RemotingClient.RemotingRole == RemotingRole.ServerWeb)
     {
         Userod user = Userods.CheckUserAndPassword(oduser, odpass, usingEcw);
         if (string.IsNullOrEmpty(odpass))                 //All middle tier connections must pass in a password.
         {
             throw new Exception("Invalid username or password.");
         }
         string command          = "SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
         string dbVersionStr     = Db.GetScalar(command);
         string serverVersionStr = Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
                         #if DEBUG
         if (Assembly.GetAssembly(typeof(Db)).GetName().Version.Build == 0)
         {
             command      = "SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'";                     //Using this during debug in the head makes it open fast with less fiddling.
             dbVersionStr = Db.GetScalar(command);
         }
                         #endif
         if (dbVersionStr != serverVersionStr)
         {
             throw new Exception("Version mismatch.  Server:" + serverVersionStr + "  Database:" + dbVersionStr);
         }
         if (!string.IsNullOrEmpty(clientVersionStr))
         {
             Version clientVersion = new Version(clientVersionStr);
             Version serverVersion = new Version(serverVersionStr);
             if (clientVersion > serverVersion)
             {
                 throw new Exception("Version mismatch.  Client:" + clientVersionStr + "  Server:" + serverVersionStr);
             }
         }
         //if clientVersion == serverVersion, than we need do nothing.
         //if clientVersion < serverVersion, than an update will later be triggered.
         //Security.CurUser=user;//we're on the server, so this is meaningless
         return(user);
         //return 0;//meaningless
     }
     else
     {
         //Because RemotingRole has not been set, and because CurUser has not been set,
         //this particular method is more verbose than most and does not use Meth.
         //It's not a good example of the standard way of doing things.
         DtoGetObject dto = new DtoGetObject();
         dto.Credentials          = new Credentials();
         dto.Credentials.Username = oduser;
         dto.Credentials.Password = odpass;              //Userods.EncryptPassword(password);
         dto.ComputerName         = Security.CurComputerName;
         dto.MethodName           = "OpenDentBusiness.Security.LogInWeb";
         dto.ObjectType           = typeof(Userod).FullName;
         object[] parameters = new object[] { oduser, odpass, configPath, clientVersionStr, usingEcw };
         dto.Params = DtoObject.ConstructArray(MethodBase.GetCurrentMethod(), parameters);
         //Purposefully throws exceptions.
         //If hasConnectionLost was set to true then the user would be stuck in an infinite loop of trying to connect to a potentially invalid Middle Tier URI.
         //Therefore, set hasConnectionLost false so that the user gets an error message immediately in the event that Middle Tier cannot be reached.
         return(RemotingClient.ProcessGetObject <Userod>(dto, false));
     }
 }
Ejemplo n.º 3
0
        ///<summary>Optionally set hasConnectionLost true to keep the calling thread here until a connection to the Middle Tier connection can be established
        ///in the event of a web connection failure. Set hasConnectionLost to false if a throw is desired when a connection cannot be made.</summary>
        public static T ProcessGetObject <T>(DtoGetObject dto, bool hasConnectionLost = true)
        {
            string result = SendAndReceive(dto, hasConnectionLost);

            try {
                return(XmlConverterSerializer.Deserialize <T>(result));
            }
            catch (Exception ex) {
                throw ProcessExceptionDeserialize(result, ex);
            }
        }
Ejemplo n.º 4
0
        ///<summary></summary>
        public static T GetObject <T>(MethodBase methodBase, params object[] parameters)
        {
            if (RemotingClient.RemotingRole != RemotingRole.ClientWeb)
            {
                throw new ApplicationException("Meth.GetObject may only be used when RemotingRole is ClientWeb.");
            }
            //can't verify return type
            DtoGetObject dto = new DtoGetObject();

            if (typeof(T).IsGenericType)
            {
                Type listType = typeof(T).GetGenericArguments()[0];
                dto.ObjectType = "List<" + listType.FullName + ">";
            }
            else
            {
                dto.ObjectType = typeof(T).FullName;
            }
            dto.MethodName = methodBase.DeclaringType.Namespace + "."
                             + methodBase.DeclaringType.Name + "." + methodBase.Name;
            dto.Params               = DtoObject.ConstructArray(methodBase, parameters);
            dto.Credentials          = new Credentials();
            dto.Credentials.Username = Security.CurUser.UserName;
            dto.Credentials.Password = Security.PasswordTyped;          //.CurUser.Password;
            dto.ComputerName         = Security.CurComputerName;
            T retval = default(T);

            try {
                retval = RemotingClient.ProcessGetObject <T>(dto);
            }
            catch (ODException ex) {
                if (ex.ErrorCode == (int)ODException.ErrorCodes.CheckUserAndPasswordFailed)
                {
                    if (RemotingClient.HasLoginFailed)                     //login has already failed and we got another CheckUserAndPasswordFailed error, just throw
                    {
                        throw;
                    }
                    CredentialsFailed();
                    retval = GetObject <T>(methodBase, parameters);
                }
                else
                {
                    throw;
                }
            }
            return(retval);
        }
Ejemplo n.º 5
0
        ///<summary></summary>
        public static T ProcessGetObject <T>(DtoGetObject dto)
        {
            string result = SendAndReceive(dto);          //this might throw an exception if server unavailable

            try {
                return(XmlConverter.Deserialize <T>(result));

                /*
                 * XmlSerializer serializer=new XmlSerializer(typeof(T));
                 *      //Type.GetType("OpenDentBusiness."+dto.ObjectType));
                 * StringReader strReader=new StringReader(result);
                 * XmlReader xmlReader=XmlReader.Create(strReader);
                 * object obj=serializer.Deserialize(xmlReader);
                 * strReader.Close();
                 * xmlReader.Close();
                 * return (T)obj;*/
            }
            catch {
                DtoException exception = (DtoException)DataTransferObject.Deserialize(result);
                throw new Exception(exception.Message);
            }
        }
Ejemplo n.º 6
0
Archivo: Security.cs Proyecto: mnisl/OD
		//<summary>Obsolete</summary>
		//public static void ResetPassword(){
			//FIXME:UPDATE-MULTIPLE-TABLES
			/*string command="UPDATE userod,grouppermissions SET userod.Password='' "
				+"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
				+"AND grouppermissions.PermType=24";
 			Db.NonQ(command);
			 */
			//Code updated to be compatible with Oracle as well as MySQL.
			/*
			string command="SELECT userod.UserNum FROM userod,grouppermissions "
				+"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
				+"AND grouppermissions.PermType=24";
			DataTable table=Db.GetTable(command); 
			if(table.Rows.Count==0){
				throw new ApplicationException("No admin exists.");
			}
			command="UPDATE userod SET Password='' WHERE UserNum="+POut.PString(table.Rows[0][0].ToString());
			Db.NonQ(command);
		}*/

		///<summary>RemotingRole has not yet been set to ClientWeb, but it will if this succeeds.  Will throw an exception if server cannot validate username and password.  configPath will be empty from a workstation and filled from the server.  If Ecw, odpass will actually be the hash.</summary>
		public static Userod LogInWeb(string oduser,string odpass,string configPath,string clientVersionStr,bool usingEcw) {
			//Very unusual method.  Remoting role can't be checked, but is implied by the presence of a value in configPath.
			if(configPath != "") {//RemotingRole.ServerWeb
				Userods.LoadDatabaseInfoFromFile(ODFileUtils.CombinePaths(configPath,"OpenDentalServerConfig.xml"));
				//ODFileUtils.CombinePaths(
				//  ,"OpenDentalServerConfig.xml"));
				//Path.GetDirectoryName(Application.ExecutablePath),"OpenDentalServerConfig.xml"));
				//Application.StartupPath,"OpenDentalServerConfig.xml"));
				//Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),"OpenDentalServerConfig.xml"));
				//Environment.CurrentDirectory,"OpenDentalServerConfig.xml"));
				//Then, check username and password
				Userod user=Userods.CheckUserAndPassword(oduser,odpass,usingEcw);
				/*#if DEBUG
					if(oduser==""){
						user=Userods.GetUserByName("Admin",usingEcw);//without checking password.  Makes debugging faster.
						//No, don't do it this way.  This is the server, so need to pass it in properly from the client or Security.PasswordTyped will be absent on the server.
					}
				#endif*/
				if(user==null) {
					throw new Exception("Invalid username or password.");
				}
				string command="SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
				string dbVersionStr=Db.GetScalar(command);
				string serverVersionStr=Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
				#if DEBUG
					if(Assembly.GetAssembly(typeof(Db)).GetName().Version.Build==0) {
						command="SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'";//Using this during debug in the head makes it open fast with less fiddling.
						dbVersionStr=Db.GetScalar(command);
					}
				#endif
				if(dbVersionStr!=serverVersionStr) {
					throw new Exception("Version mismatch.  Server:"+serverVersionStr+"  Database:"+dbVersionStr);
				}
				Version clientVersion=new Version(clientVersionStr);
				Version serverVersion=new Version(serverVersionStr);
				if(clientVersion > serverVersion){
					throw new Exception("Version mismatch.  Client:"+clientVersionStr+"  Server:"+serverVersionStr);
				}
				//if clientVersion == serverVersion, than we need do nothing.
				//if clientVersion < serverVersion, than an update will later be triggered.
				//Security.CurUser=user;//we're on the server, so this is meaningless
				return user;
				//return 0;//meaningless
			}
			else {
				//Because RemotingRole has not been set, and because CurUser has not been set,
				//this particular method is more verbose than most and does not use Meth.
				//It's not a good example of the standard way of doing things.
				DtoGetObject dto=new DtoGetObject();
				dto.Credentials=new Credentials();
				dto.Credentials.Username=oduser;
				dto.Credentials.Password=odpass;//Userods.EncryptPassword(password);
				dto.MethodName="OpenDentBusiness.Security.LogInWeb";
				dto.ObjectType=typeof(Userod).FullName;
				object[] parameters=new object[] { oduser,odpass,configPath,clientVersionStr,usingEcw };
				Type[] objTypes=new Type[] { typeof(string),typeof(string),typeof(string),typeof(string),typeof(bool) };
				dto.Params=DtoObject.ConstructArray(parameters,objTypes);
				return RemotingClient.ProcessGetObject<Userod>(dto);//can throw exception
			}
		}
Ejemplo n.º 7
0
 ///<summary>Pass in a serialized dto.  It returns a dto which must be deserialized by the client.
 ///Set serverMapPath to the root directory of the OpenDentalServerConfig.xml.  Typically Server.MapPath(".") from a web service.
 ///Optional parameter because it is not necessary for Unit Tests (mock server).</summary>
 public static string ProcessDto(string dtoString, string serverMapPath = "")
 {
                 #if DEBUG
     //System.Threading.Thread.Sleep(100);//to test slowness issues with web service.
                 #endif
     DataTransferObject dto = DataTransferObject.Deserialize(dtoString);
     try {
         string[] methNameComps = GetComponentsFromDtoMeth(dto.MethodName);
         if (methNameComps.Length == 3 && methNameComps[2].ToLower() == "hashpassword")
         {
             return(GetHashPassword(dto));
         }
         //Always attempt to set the database connection settings from the config file if they haven't been set yet.
         //We use to ONLY load in database settings when Security.LogInWeb was called but that is not good enough now that we have more services.
         //E.g. We do not want to manually call "Security.LogInWeb" from the CEMT when all we want is a single preference value.
         if (string.IsNullOrEmpty(DataConnection.GetServerName()) && string.IsNullOrEmpty(DataConnection.GetConnectionString()))
         {
             RemotingClient.RemotingRole = RemotingRole.ServerWeb;
             //the application virtual path is usually /OpenDentalServer, but may be different if hosting multiple databases on one IIS server
             string configFilePath = "";
             if (!string.IsNullOrWhiteSpace(HostingEnvironment.ApplicationVirtualPath) && HostingEnvironment.ApplicationVirtualPath.Length > 1)
             {
                 //There can be multiple config files within a physical path that is shared by multiple IIS ASP.NET applications.
                 //In order for the same physical path to host multiple applications, they each need a unique config file for db connection settings.
                 //Each application will have a unique ApplicationVirtualPath which we will use to identify the corresponding config.xml.
                 configFilePath = ODFileUtils.CombinePaths(serverMapPath, HostingEnvironment.ApplicationVirtualPath.Trim('/') + "Config.xml");
             }
             if (string.IsNullOrWhiteSpace(configFilePath) ||
                 !File.Exists(configFilePath))                           //returns false if the file doesn't exist, user doesn't have permission for file, path is blank or null
             {
                 //either configFilePath not set or file doesn't exist, default to OpenDentalServerConfig.xml
                 configFilePath = ODFileUtils.CombinePaths(serverMapPath, "OpenDentalServerConfig.xml");
             }
             Userods.LoadDatabaseInfoFromFile(configFilePath);
         }
         //Set Security.CurUser so that queries can be run against the db as if it were this user.
         Security.CurUser = Userods.CheckUserAndPassword(dto.Credentials.Username
                                                         , dto.Credentials.Password
                                                         , Programs.IsEnabled(ProgramName.eClinicalWorks));
         Security.PasswordTyped = dto.Credentials.Password;
         Type type = dto.GetType();
         #region DtoGetTable
         if (type == typeof(DtoGetTable))
         {
             DtoGetTable dtoGetTable        = (DtoGetTable)dto;
             string[]    fullNameComponents = GetComponentsFromDtoMeth(dtoGetTable.MethodName);
             string      assemblyName       = fullNameComponents[0];       //OpenDentBusiness or else a plugin name
             string      className          = fullNameComponents[1];
             string      methodName         = fullNameComponents[2];
             Type        classType          = null;
             Assembly    ass = Plugins.GetAssembly(assemblyName);
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetTable.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetTable.MethodName);
             }
             object[]  paramObjs = DtoObject.GenerateObjects(parameters);
             DataTable dt        = (DataTable)methodInfo.Invoke(null, paramObjs);
             String    response  = XmlConverter.TableToXml(dt);
             return(response);
         }
         #endregion
         #region DtoGetTableLow
         else if (type == typeof(DtoGetTableLow))
         {
             DtoGetTableLow dtoGetTableLow = (DtoGetTableLow)dto;
             DtoObject[]    parameters     = dtoGetTableLow.Params;
             object[]       paramObjs      = DtoObject.GenerateObjects(parameters);
             DataTable      dt             = Reports.GetTable((string)paramObjs[0]);
             String         response       = XmlConverter.TableToXml(dt);
             return(response);
         }
         #endregion
         #region DtoGetDS
         else if (type == typeof(DtoGetDS))
         {
             DtoGetDS dtoGetDS           = (DtoGetDS)dto;
             string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetDS.MethodName);
             string   assemblyName       = fullNameComponents[0];          //OpenDentBusiness or else a plugin name
             string   className          = fullNameComponents[1];
             string   methodName         = fullNameComponents[2];
             Type     classType          = null;
             Assembly ass = Plugins.GetAssembly(assemblyName);
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetDS.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetDS.MethodName);
             }
             object[] paramObjs = DtoObject.GenerateObjects(parameters);
             DataSet  ds        = (DataSet)methodInfo.Invoke(null, paramObjs);
             String   response  = XmlConverter.DsToXml(ds);
             return(response);
         }
         #endregion
         #region DtoGetSerializableDictionary
         else if (type == typeof(DtoGetSerializableDictionary))
         {
             DtoGetSerializableDictionary dtoGetSD = (DtoGetSerializableDictionary)dto;
             string[] fullNameComponents           = GetComponentsFromDtoMeth(dtoGetSD.MethodName);
             string   assemblyName = fullNameComponents[0];                //OpenDentBusiness or else a plugin name
             string   className    = fullNameComponents[1];
             string   methodName   = fullNameComponents[2];
             Type     classType    = null;
             Assembly ass          = Plugins.GetAssembly(assemblyName);
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetSD.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetSD.MethodName);
             }
             object[] paramObjs  = DtoObject.GenerateObjects(parameters);
             Object   objResult  = methodInfo.Invoke(null, paramObjs);
             Type     returnType = methodInfo.ReturnType;
             return(XmlConverter.Serialize(returnType, objResult));
         }
         #endregion
         #region DtoGetLong
         else if (type == typeof(DtoGetLong))
         {
             DtoGetLong dtoGetLong         = (DtoGetLong)dto;
             string[]   fullNameComponents = GetComponentsFromDtoMeth(dtoGetLong.MethodName);
             string     assemblyName       = fullNameComponents[0];        //OpenDentBusiness or else a plugin name
             string     className          = fullNameComponents[1];
             string     methodName         = fullNameComponents[2];
             Type       classType          = null;
             Assembly   ass = Plugins.GetAssembly(assemblyName);
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetLong.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetLong.MethodName);
             }
             object[] paramObjs  = DtoObject.GenerateObjects(parameters);
             long     longResult = (long)methodInfo.Invoke(null, paramObjs);
             return(longResult.ToString());
         }
         #endregion
         #region DtoGetInt
         else if (type == typeof(DtoGetInt))
         {
             DtoGetInt dtoGetInt          = (DtoGetInt)dto;
             string[]  fullNameComponents = GetComponentsFromDtoMeth(dtoGetInt.MethodName);
             string    assemblyName       = fullNameComponents[0];         //OpenDentBusiness or else a plugin name
             string    className          = fullNameComponents[1];
             string    methodName         = fullNameComponents[2];
             Type      classType          = null;
             Assembly  ass = Plugins.GetAssembly(assemblyName);
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetInt.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetInt.MethodName);
             }
             object[] paramObjs = DtoObject.GenerateObjects(parameters);
             int      intResult = (int)methodInfo.Invoke(null, paramObjs);
             return(intResult.ToString());
         }
         #endregion
         #region DtoGetDouble
         else if (type == typeof(DtoGetDouble))
         {
             DtoGetDouble dtoGetDouble       = (DtoGetDouble)dto;
             string[]     fullNameComponents = GetComponentsFromDtoMeth(dtoGetDouble.MethodName);
             string       assemblyName       = fullNameComponents[0];      //OpenDentBusiness or else a plugin name
             string       className          = fullNameComponents[1];
             string       methodName         = fullNameComponents[2];
             Type         classType          = null;
             Assembly     ass = Plugins.GetAssembly(assemblyName);
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetDouble.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetDouble.MethodName);
             }
             object[] paramObjs    = DtoObject.GenerateObjects(parameters);
             double   doubleResult = (double)methodInfo.Invoke(null, paramObjs);
             return(doubleResult.ToString());
         }
         #endregion
         #region DtoGetVoid
         else if (type == typeof(DtoGetVoid))
         {
             DtoGetVoid dtoGetVoid         = (DtoGetVoid)dto;
             string[]   fullNameComponents = GetComponentsFromDtoMeth(dtoGetVoid.MethodName);
             string     assemblyName       = fullNameComponents[0];        //OpenDentBusiness or else a plugin name
             string     className          = fullNameComponents[1];
             string     methodName         = fullNameComponents[2];
             Type       classType          = null;
             Assembly   ass = Plugins.GetAssembly(assemblyName);
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetVoid.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetVoid.MethodName);
             }
             object[] paramObjs = DtoObject.GenerateObjects(parameters);
             methodInfo.Invoke(null, paramObjs);
             return("0");
         }
         #endregion
         #region DtoGetObject
         else if (type == typeof(DtoGetObject))
         {
             DtoGetObject dtoGetObject       = (DtoGetObject)dto;
             string[]     fullNameComponents = GetComponentsFromDtoMeth(dtoGetObject.MethodName);
             string       assemblyName       = fullNameComponents[0];      //OpenDentBusiness or else a plugin name
             string       className          = fullNameComponents[1];
             string       methodName         = fullNameComponents[2];
             //if(className != "Security" || methodName != "LogInWeb") {//because credentials will be checked inside that method
             //	Userods.CheckCredentials(dtoGetObject.Credentials);//will throw exception if fails.
             //}
             Type     classType = null;
             Assembly ass       = Plugins.GetAssembly(assemblyName);
             //if(className!="Security" || methodName!="LogInWeb") {//Do this for everything except Security.LogInWeb, because Plugins.GetAssembly will fail in that case.
             //	ass=Plugins.GetAssembly(assemblyName);
             //}
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetObject.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetObject.MethodName);
             }
             if (className == "Security" && methodName == "LogInWeb")
             {
                 parameters[2] = new DtoObject(serverMapPath, typeof(string));                     //because we can't access this variable from within OpenDentBusiness.
                 RemotingClient.RemotingRole = RemotingRole.ServerWeb;
             }
             object[] paramObjs  = DtoObject.GenerateObjects(parameters);
             Object   objResult  = methodInfo.Invoke(null, paramObjs);
             Type     returnType = methodInfo.ReturnType;
             if (returnType.IsInterface)
             {
                 objResult  = new DtoObject(objResult, objResult?.GetType() ?? returnType);
                 returnType = typeof(DtoObject);
             }
             return(XmlConverter.Serialize(returnType, objResult));
         }
         #endregion
         #region DtoGetString
         else if (type == typeof(DtoGetString))
         {
             DtoGetString dtoGetString       = (DtoGetString)dto;
             string[]     fullNameComponents = GetComponentsFromDtoMeth(dtoGetString.MethodName);
             string       assemblyName       = fullNameComponents[0];      //OpenDentBusiness or else a plugin name
             string       className          = fullNameComponents[1];
             string       methodName         = fullNameComponents[2];
             Type         classType          = null;
             Assembly     ass = Plugins.GetAssembly(assemblyName);
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetString.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetString.MethodName);
             }
             object[] paramObjs = DtoObject.GenerateObjects(parameters);
             string   strResult = (string)methodInfo.Invoke(null, paramObjs);
             strResult = XmlConverter.XmlEscape(strResult);
             return(strResult);
         }
         #endregion
         #region DtoGetBool
         else if (type == typeof(DtoGetBool))
         {
             DtoGetBool dtoGetBool         = (DtoGetBool)dto;
             string[]   fullNameComponents = GetComponentsFromDtoMeth(dtoGetBool.MethodName);
             string     assemblyName       = fullNameComponents[0];        //OpenDentBusiness or else a plugin name
             string     className          = fullNameComponents[1];
             string     methodName         = fullNameComponents[2];
             Type       classType          = null;
             Assembly   ass = Plugins.GetAssembly(assemblyName);
             if (ass == null)
             {
                 classType = Type.GetType(assemblyName                      //actually, the namespace which we require to be same as assembly by convention
                                          + "." + className + "," + assemblyName);
             }
             else                                     //plugin was found
             {
                 classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
                                         + "." + className);
             }
             DtoObject[] parameters = dtoGetBool.Params;
             Type[]      paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
             MethodInfo  methodInfo = classType.GetMethod(methodName, paramTypes);
             if (methodInfo == null)
             {
                 throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetBool.MethodName);
             }
             object[] paramObjs  = DtoObject.GenerateObjects(parameters);
             bool     boolResult = (bool)methodInfo.Invoke(null, paramObjs);
             return(boolResult.ToString());
         }
         #endregion
         else
         {
             throw new NotSupportedException("Dto type not supported: " + type.FullName);
         }
     }
     catch (Exception e) {
         DtoException exception = new DtoException();
         exception.ExceptionType = e.GetType().BaseType.Name;              //Since the exception was down converted to a regular exception, we need the BaseType.
         if (e.InnerException == null)
         {
             exception.Message = e.Message;
         }
         else
         {
             exception.Message = e.InnerException.Message;
         }
         return(exception.Serialize());
     }
 }
Ejemplo n.º 8
0
        //<summary>Obsolete</summary>
        //public static void ResetPassword(){
        //FIXME:UPDATE-MULTIPLE-TABLES

        /*string command="UPDATE userod,grouppermissions SET userod.Password='' "
         +"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
         +"AND grouppermissions.PermType=24";
         * Db.NonQ(command);
         */
        //Code updated to be compatible with Oracle as well as MySQL.

        /*
         * string command="SELECT userod.UserNum FROM userod,grouppermissions "
         +"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
         +"AND grouppermissions.PermType=24";
         * DataTable table=Db.GetTable(command);
         * if(table.Rows.Count==0){
         *      throw new ApplicationException("No admin exists.");
         * }
         * command="UPDATE userod SET Password='' WHERE UserNum="+POut.PString(table.Rows[0][0].ToString());
         * Db.NonQ(command);
         * }*/

        ///<summary>RemotingRole has not yet been set to ClientWeb, but it will if this succeeds.  Will throw an exception if server cannot validate username and password.  configPath will be empty from a workstation and filled from the server.  If Ecw, odpass will actually be the hash.</summary>
        public static Userod LogInWeb(string oduser, string odpass, string configPath, string clientVersionStr, bool usingEcw)
        {
            //Very unusual method.  Remoting role can't be checked, but is implied by the presence of a value in configPath.
            if (configPath != "")             //RemotingRole.ServerWeb
            {
                Userods.LoadDatabaseInfoFromFile(ODFileUtils.CombinePaths(configPath, "OpenDentalServerConfig.xml"));
                //ODFileUtils.CombinePaths(
                //  ,"OpenDentalServerConfig.xml"));
                //Path.GetDirectoryName(Application.ExecutablePath),"OpenDentalServerConfig.xml"));
                //Application.StartupPath,"OpenDentalServerConfig.xml"));
                //Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),"OpenDentalServerConfig.xml"));
                //Environment.CurrentDirectory,"OpenDentalServerConfig.xml"));
                //Then, check username and password
                Userod user = Userods.CheckUserAndPassword(oduser, odpass, usingEcw);
                                #if DEBUG
                //if(oduser=="Admin"){
                //	user=Userods.GetUserByName("Admin",usingEcw);//without checking password.  Makes debugging faster.
                //}
                                #endif
                if (user == null)
                {
                    throw new Exception("Invalid username or password.");
                }
                string command          = "SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
                string dbVersionStr     = Db.GetScalar(command);
                string serverVersionStr = Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
                                #if DEBUG
                if (Assembly.GetAssembly(typeof(Db)).GetName().Version.Build == 0)
                {
                    command      = "SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'";                     //Using this during debug in the head makes it open fast with less fiddling.
                    dbVersionStr = Db.GetScalar(command);
                }
                                #endif
                if (dbVersionStr != serverVersionStr)
                {
                    throw new Exception("Version mismatch.  Server:" + serverVersionStr + "  Database:" + dbVersionStr);
                }
                Version clientVersion = new Version(clientVersionStr);
                Version serverVersion = new Version(serverVersionStr);
                if (clientVersion > serverVersion)
                {
                    throw new Exception("Version mismatch.  Client:" + clientVersionStr + "  Server:" + serverVersionStr);
                }
                //if clientVersion == serverVersion, than we need do nothing.
                //if clientVersion < serverVersion, than an update will later be triggered.
                //Security.CurUser=user;//we're on the server, so this is meaningless
                return(user);
                //return 0;//meaningless
            }
            else
            {
                //Because RemotingRole has not been set, and because CurUser has not been set,
                //this particular method is more verbose than most and does not use Meth.
                //It's not a good example of the standard way of doing things.
                DtoGetObject dto = new DtoGetObject();
                dto.Credentials          = new Credentials();
                dto.Credentials.Username = oduser;
                dto.Credentials.Password = odpass;              //Userods.EncryptPassword(password);
                dto.MethodName           = "Security.LogInWeb";
                dto.ObjectType           = typeof(Userod).FullName;
                object[] parameters = new object[] { oduser, odpass, configPath, clientVersionStr, usingEcw };
                Type[]   objTypes   = new Type[] { typeof(string), typeof(string), typeof(string), typeof(string), typeof(bool) };
                dto.Params = DtoObject.ConstructArray(parameters, objTypes);
                return(RemotingClient.ProcessGetObject <Userod>(dto));              //can throw exception
            }
        }