public bool DeleteDB()
{
bool deleted = false;
CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal;
var permission = Permissions.DeleteAll.ToString().ToLower();
/// audit both successfull and failed authorization checks
if (principal.IsInRole(permission))
{
value = 0;
Console.WriteLine("DeleteDB() passed for user {0}.", principal.Identity.Name);
deleted = true;
}
else
{
Console.WriteLine("DeleteDB() failed for user {0}.", principal.Identity.Name);
}
return(deleted);
}
public bool ModifyDB(int newValue)
{
bool modified = false;
CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal;
var permission = Permissions.Modify.ToString().ToLower();
/// audit both successfull and failed authorization checks
if (principal.IsInRole(permission))
{
value = newValue;
Console.WriteLine("ModifyDB() passed for user {0}.", principal.Identity.Name);
modified = true;
}
else
{
Console.WriteLine("ModifyDB() failed for user {0}.", principal.Identity.Name);
}
return(modified);
}
public bool DeleteEntityDB(int id)
{
bool deleted = false;
CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal;
var permission = Permissions.Delete.ToString().ToLower();
/// audit both successfull and failed authorization checks
if (principal.IsInRole(permission))
{
Console.WriteLine("DeleteEntityDB() passed for user {0}.", principal.Identity.Name);
DataBase.DeleteEntity(id);
deleted = true;
logger.Log(principal.Identity.Name, "DeleteEntityDB", "", EventType.AuthorizationSuccess);
}
else
{
logger.Log(principal.Identity.Name, "DeleteEntityDB", permission, EventType.AuthorizationFailure);
Console.WriteLine("DeleteEntityDB() failed for user {0}.", principal.Identity.Name);
}
return(deleted);
}
public bool ModifyReading(double newValue, int id)
{
bool modified = false;
CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal;
var permission = Permissions.Modify.ToString().ToLower();
/// audit both successfull and failed authorization checks
if (principal.IsInRole(permission))
{
Console.WriteLine("ModifyDB() passed for user {0}.", principal.Identity.Name);
DataBase.ModifyReading(id, newValue);
modified = true;
logger.Log(principal.Identity.Name, "ModifyReading", "", EventType.AuthorizationSuccess);
}
else
{
logger.Log(principal.Identity.Name, "ModifyReading", permission, EventType.AuthorizationFailure);
Console.WriteLine("ModifyDB() failed for user {0}.", principal.Identity.Name);
}
return(modified);
}
public void ModifyDiscount(int discount)
{
string clientUsername = GetClientUserName();
CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal;
if (principal.IsInRole("Admin"))
{
Console.WriteLine("\nModifying discount...");
Database.Discount = discount;
Database.WriteDiscount();
try
{
Audit.ChangeSuccess(clientUsername, "discount.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
else
{
try
{
Audit.AuthorizationFailed(GetClientUserName(), "Modify Discount",
$"Modify Discount can be used only by user in the Admin group.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
ErrorMessage("Admin", "Modify Discount");
}
}
public bool CheckIfReservationCanBePaied(int reservationsId)
{
CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal;
if (principal.IsInRole("Korisnik") || principal.IsInRole("SuperKorisnik"))
{
string clientUsername = GetClientUserName();
string clientRole = GetClientRole();
foreach (User u in Database.users)
{
if (u.Username.Equals(clientUsername))
{
foreach (Reservation r in u.Reservations)
{
if (r.Id.Equals(reservationsId))
{
foreach (Performance p in Database.performances)
{
if (p.Id.Equals(r.PerformanceId))
{
if (r.State.Equals(ReservationState.UNPAID))
{
if (clientRole.Equals("Korisnik"))
{
if (u.Balance >= r.TicketQuantity * p.TicketPrice)
{
return(true);
}
}
else
{
if (u.Balance >= r.TicketQuantity * p.TicketPrice - (r.TicketQuantity * p.TicketPrice) * (Database.Discount / 100))
{
return(true);
}
}
}
}
}
}
}
}
}
try
{
Audit.MethodCallFailed(GetClientUserName(), "Pay Reservation",
$"User did not enter a valid id of reservation.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
return(false);
}
else
{
try
{
Audit.AuthorizationFailed(GetClientUserName(), "Pay Reservation",
$"Pay Reservation can be used only by user in the Korisnik or SuperKorisnik group.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
ErrorMessage("Korisnik or SuperKorisnik", "Pay Reservation");
return(false);
}
}
public void PayReservation(int reservationsId)
{
CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal;
if (principal.IsInRole("Korisnik") || principal.IsInRole("SuperKorisnik"))
{
string clientUsername = GetClientUserName();
string clientRole = GetClientRole();
Console.WriteLine("\nPaying reservation...");
foreach (User u in Database.users)
{
if (u.Username.Equals(clientUsername))
{
foreach (Reservation r in u.Reservations)
{
foreach (Performance p in Database.performances)
{
if (p.Id.Equals(r.PerformanceId))
{
if (r.Id.Equals(reservationsId))
{
if (clientRole.Equals("Korisnik"))
{
u.Balance -= r.TicketQuantity * p.TicketPrice;
try
{
Audit.ChangeSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "balance.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
else
{
u.Balance -= r.TicketQuantity * p.TicketPrice - (r.TicketQuantity * p.TicketPrice) * (Database.Discount / 100);
try
{
Audit.ChangeSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "balance.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
for (int i = 0; i < u.Reservations.Count(); i++)
{
if (u.Reservations[i].Id.Equals(reservationsId))
{
u.Reservations[i].State = ReservationState.PAID;
try
{
Audit.PayReservationSuccess(clientUsername, ReservationState.UNPAID.ToString(), ReservationState.PAID.ToString());
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
Database.WriteReservations();
Database.WriteUsers();
}
}
}
}
}
}
}
}
}
else
{
try
{
Audit.AuthorizationFailed(GetClientUserName(), "Pay Reservation",
$"Pay Reservation can be used only by user in the Korisnik or SuperKorisnik group.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
ErrorMessage("Korisnik or SuperKorisnik", "Pay Reservation");
}
}
public bool CheckIfPerformanceExists(int id, int methodID)
{
CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal;
if (methodID == 2)
{
if (principal.IsInRole("Admin"))
{
foreach (Performance p in Database.performances)
{
if (p.Id.Equals(id))
{
return(true);
}
}
try
{
Audit.MethodCallFailed(GetClientUserName(), "Modify Performance",
$"User did not enter a valid id of perfrormance.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
return(false);
}
else
{
try
{
Audit.AuthorizationFailed(GetClientUserName(), "Modify Performance",
$"Modify performance can be used only by user in the Admin group.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
ErrorMessage("Admin", "Modify Performance");
return(false);
}
}
else
{
if (principal.IsInRole("Korisnik") || principal.IsInRole("SuperKorisnik"))
{
foreach (Performance p in Database.performances)
{
if (p.Id.Equals(id))
{
return(true);
}
}
try
{
Audit.MethodCallFailed(GetClientUserName(), "Make Reservation",
$"User did not enter a valid id of perfrormance.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
return(false);
}
else
{
try
{
Audit.AuthorizationFailed(GetClientUserName(), "Make Reservation",
$"Make Reservation can be used only by user in the Korisnik or SuperKorisnik group.");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
ErrorMessage("Korisnik or SuperKorisnik", "Make Reservation");
return(false);
}
}
}