Ejemplo n.º 1
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            // first try and authorize the user
            if (httpContext == null)
            {
                throw new ArgumentNullException("httpContext");
            }

            IPrincipal user = httpContext.User;
            if (user.Identity.IsAuthenticated)
            {
                // now check to see if the user in the doctor role
                var context = new HVDbContext();

                // check to see if the role exists
                var roles = this.Roles.Split(',');
                if (roles.Length > 0)
                {
                    // find the roles in the database
                    foreach (var r in roles)
                    {
                        var role = context.Roles.Where(t => t.RoleName.Equals(r)).FirstOrDefault();
                        if (role != null)
                        {
                            var userdb = context.Users.Where(t => t.UserName.Equals(user.Identity.Name)).FirstOrDefault();
                            if (userdb != null)
                            {
                                // now find the role and user association
                                var ru = context.UserRoles.Where(t => t.RoleId.Equals(role.RoleId) && t.UserId.Equals(userdb.UserId)).FirstOrDefault();
                                if (ru != null)
                                {
                                    // we found the association so we are good
                                    return true;
                                }
                            }
                        }
                    }
                }
            }

            // if we make it here user is not authenticated
            return false;
        }
        public ActionResult GetUserList()
        {
            var ret = new { status = "ok" };

            // get a list of users
            var context = new HVDbContext();
            var users = (from t in context.HealthVaultUsers
                         select new
                         {
                             t.Id,
                             t.RecordId,
                             t.Name,
                         }).ToList();

            // compose the response
            return Json(new
            {
                status = ret.status,
                users = users.Select(a => new { a.Id, a.Name, imageUrl = HVUserImageHelper.Default.GetImageUrl(a.RecordId) }).ToList(),
            }, JsonRequestBehavior.AllowGet);
        }
Ejemplo n.º 3
0
        private void SaveUser(PersonInfo personInfo, string token)
        {
            // create a new context
            var context = new HVDbContext();

            // check if the user already exists
            var user = (from t in context.HealthVaultUsers
                        where t.PersonId.Equals(personInfo.PersonId)
                        select t).FirstOrDefault();

            if (user == null)
            {
                // add user to collection
                context.HealthVaultUsers.Add(new HealthVaultUser()
                {
                    HealthRecordState = personInfo.SelectedRecord.State.ToString(),
                    Name = personInfo.SelectedRecord.Name,
                    PersonId = personInfo.PersonId,
                    RecordId = personInfo.SelectedRecord.Id,
                    WCToken = token,
                    PersonInfoObject = personInfo.GetXml()
                });
            }
            else
            {
                // update the user
                user.HealthRecordState = personInfo.SelectedRecord.State.ToString();
                user.Name = personInfo.SelectedRecord.Name;
                user.PersonId = personInfo.PersonId;
                user.RecordId = personInfo.SelectedRecord.Id;
                user.WCToken = token;
                user.PersonInfoObject = personInfo.GetXml();
            }

            // save the record
            context.SaveChanges();
        }
        public ActionResult GetUserData(int userId = -1)
        {
            // just do a basic check
            if (userId == -1)
                return Json(new { status = "error", msg = "userId not sent" }, JsonRequestBehavior.AllowGet);

            // try to find the user
            var context = new HVDbContext();
            var user = (from t in context.HealthVaultUsers
                        where t.Id == userId
                        select t).FirstOrDefault();

            // if no user is found return error
            if (user == null)
                return Json(new { status = "error", msg = "userId not found" }, JsonRequestBehavior.AllowGet);

            // extract the token and make the request to health vault for all the data
            var authToken = user.WCToken;

            // register the type in the HV SDK
            ItemTypeManager.RegisterTypeHandler(HVJournalEntry.TypeId, typeof(HVJournalEntry), true);

            // create the appropriate objects for health vault
            var appId = HealthApplicationConfiguration.Current.ApplicationId;
            WebApplicationCredential cred = new WebApplicationCredential(
                appId,
                authToken,
                HealthApplicationConfiguration.Current.ApplicationCertificate);

            // setup the user
            WebApplicationConnection connection = new WebApplicationConnection(appId, cred);
            PersonInfo personInfo = null;
            try
            {
                personInfo = HealthVaultPlatform.GetPersonInfo(connection);
            }
            catch
            {
                return Json(new { status = "error", msg = "Unable to connect to HealthVault service" }, JsonRequestBehavior.AllowGet);
            }

            // get the selected record
            var authRecord = personInfo.SelectedRecord;

            // make sure there is a record returned
            if (authRecord == null)
                return Json(new { status = "error", msg = "cannot get selected record" }, JsonRequestBehavior.AllowGet);

            // before we add make sure we still have permission to read
            var result = authRecord.QueryPermissionsByTypes(new List<Guid>() { HVJournalEntry.TypeId }).FirstOrDefault();
            if (!result.Value.OnlineAccessPermissions.HasFlag(HealthRecordItemPermissions.Read))
                return Json(new { status = "error", msg = "unable to create record as no permission is given from health vault" }, JsonRequestBehavior.AllowGet);

            // search hv for the records
            HealthRecordSearcher searcher = authRecord.CreateSearcher();
            HealthRecordFilter filter = new HealthRecordFilter(HVJournalEntry.TypeId);
            searcher.Filters.Add(filter);
            HealthRecordItemCollection entries = searcher.GetMatchingItems()[0];
            var ret = entries.Cast<HVJournalEntry>().ToList().Select(t => t.JournalEntry);

            return Json(new { status = "ok", data = ret }, JsonRequestBehavior.AllowGet);
        }