protected void Page_Load(object sender, System.EventArgs e) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); // To see how many labs the group chosen has int userID = Convert.ToInt32(Session["UserID"]); int groupID = Convert.ToInt32(Session["GroupID"]); int[] labClientIDList = AdministrativeUtilities.GetGroupLabClients(groupID); if (labClientIDList != null) { Session["ClientCount"]=labClientIDList.Length; if (labClientIDList.Length>1) { Response.Redirect("myClientList.aspx"); Session["LabClientList"] = labClientIDList; } else if (labClientIDList.Length ==1) { // get the lab client int clientID = labClientIDList[0]; Session["ClientID"]= clientID; Response.Redirect("myClient.aspx"); } else if (labClientIDList.Length ==0) { Response.Redirect("myClient.aspx"); } } }
protected void Page_Load(object sender, System.EventArgs e) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); if(Session["UserID"] != null) { Response.Redirect(Global.FormatRegularURL(Request,"myGroups.aspx")); } else { bool requireSSL = Convert.ToBoolean(ConfigurationManager.AppSettings["haveSSL"]); string Url; if ((requireSSL)&&(!Request.IsSecureConnection)) { Url = Global.FormatSecureURL(Request,"login.aspx"); Response.Redirect(Url); } else if ((!requireSSL)&&(Request.IsSecureConnection)) { Url = Global.FormatRegularURL(Request,"login.aspx"); Response.Redirect(Url); } } ArrayList messagesList = new ArrayList(); SystemMessage[] messages = wrapper.GetSystemMessagesWrapper(SystemMessage.SYSTEM,0,0,0); foreach(SystemMessage message in messages) { messagesList.Add(message); } messagesList.Sort(new DateComparer()); messagesList.Reverse(); repSystemMessage.DataSource = messagesList; repSystemMessage.DataBind(); if (messagesList==null) lblSystemMessage.Text ="<p>No Messages at this time</p>"; }
/// <summary> /// Returns a hashmap of service admin grants. /// Keys are process agent IDs where the process agent is the qualifier of the grant /// Values are lists of service admin grants that have that process agent as a qualifier /// /// A grant is a service admin grant if /// 1. The agent is a service admin group /// 2. The function should be a "service admin" or "service management" ticket type /// 3. qualifier should be a process agent /// </summary> /// <returns></returns> protected Dictionary<int, List<Grant>> getServiceAdminGrants() { // initializations Dictionary<int, List<Grant>> servAdminGrants = new Dictionary<int, List<Grant>>(); AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); // get all grants int[] grantIDs = wrapper.ListGrantIDsWrapper(); Grant[] grants = wrapper.GetGrantsWrapper(grantIDs); int effGroupID = Convert.ToInt32(Session["GroupID"]); foreach (Grant grant in grants) { if (grant.agentID.Equals(effGroupID)) { // check if the grant is a service admin or service manage grant // 1. agent should be a "service admin" group // 2. function should be a "service admin" or "service management" ticket type // 3. qualifier should be a process agent int paID = 0; Qualifier qualifier = new Qualifier(); string function = grant.function; if (TicketTypes.IsAdministerPAType(function)) { // get process agent that corresponds to qualifier qualifier = AuthorizationAPI.GetQualifier(grant.qualifierID); paID = qualifier.qualifierReferenceID; } else if (TicketTypes.IsManagePAType(function)) { bool isManage = true; bool isProcessAgent = false; int targetId = -1; qualifier = AuthorizationAPI.GetQualifier(grant.qualifierID); //Qualifier is a Resource Mapping if (qualifier.qualifierType.Equals(Qualifier.resourceMappingQualifierTypeID)) { //int resourceMappingID = ; ResourceMapping mapping = ticketIssuer.GetResourceMapping(qualifier.qualifierReferenceID); if (mapping != null) { ResourceMappingKey mappingKey = mapping.Key; if (mapping.Key.Type.Equals(ResourceMappingTypes.GROUP)) { if (mapping.values[0].Type == ResourceMappingTypes.CLIENT) paID = ticketIssuer.FindProcessAgentIdForClient((int)mapping.values[0].Entry, ProcessAgentType.SCHEDULING_SERVER); } else if (mapping.Key.Type.Equals(ResourceMappingTypes.PROCESS_AGENT)) { if (mapping.values[2].Type.Equals(ResourceMappingTypes.TICKET_TYPE))// && mapping.values[2].Entry.Equals(TicketTypes.GetTicketType(TicketTypes.MANAGE_USS_GROUP))) { paID = (int)mapping.values[1].Entry; ResourceMappingValue[] mappingValues = mapping.values; //TO BE FIXED: I am assuming that the Mapping has 3 values, the 3rd one being the Ticket Type, //the 2nd one being the Process Agent, and the 1st one the Resource Type. //if (mappingValues[2].Type.Equals(ResourceMappingTypes.TICKET_TYPE)) //{ // if (TicketTypes.IsManagePAType((string)mappingValues[2].Entry)) // isManage = true; //} if (mappingValues[1].Type.Equals(ResourceMappingTypes.PROCESS_AGENT)) { isProcessAgent = true; targetId = (int)mappingValues[1].Entry; } } } } } } if (paID > 0) { //get the list of grants that correspond to the process agent qualifier List<Grant> list = new List<Grant>(); if (servAdminGrants.TryGetValue(paID, out list)) { // process agent already exists // add grant list.Add(grant); } else // process agent does not exist // add list { list = new List<Grant>(); list.Add(grant); servAdminGrants.Add(paID, list); } } } } return servAdminGrants; }
private static void ExecuteExperimentExecutionRecipe(ProcessAgentInfo labServer, ref LabClient client, ref DateTime startExecution, long duration, int userTZ, int userID, int groupID, string groupName, out BrokerDB brokerDB, out Coupon coupon) { int essId = 0; ProcessAgentInfo essAgent = null; long ticketDuration = 7200; //Default to 2 hours // Add a 10 minutes to ESS ticket duration ( in seconds ) to extend beyond experiment expiration if (duration != -1) { //ticketDuration = duration + 60; // For testing only add a minute ticketDuration = duration + 600; // Add 10 minutes beyond the experiment end } else { ticketDuration = -1; } // Authorization wrapper AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); // create ticket issuer and payload factory brokerDB = new BrokerDB(); TicketLoadFactory factory = TicketLoadFactory.Instance(); if (client.needsESS) { essId = brokerDB.FindProcessAgentIdForClient(client.clientID, ProcessAgentType.EXPERIMENT_STORAGE_SERVER); } // 1. Create Coupon for ExperimentCollection coupon = brokerDB.CreateCoupon(); // // 2. create ServiceBroker experiment record and get corresponding experiment id // This checks authorization. long experimentID = wrapper.CreateExperimentWrapper(StorageStatus.INITIALIZED, userID, groupID, labServer.agentId, client.clientID, essId, startExecution, duration); // Store a record of the Experiment Collection Coupon DataStorageAPI.InsertExperimentCoupon(experimentID, coupon.couponId); string essWebAddress = null; // If a ESS is specified Create the ESS Tickets, this should only happen if a resource is mapped if (essId > 0) { //3.A create ESS administer experiment ticket, Add 10 minutes to duration // This must be created before the ESS experiment records may be created essAgent = brokerDB.GetProcessAgentInfo(essId); if ((essAgent != null) && !essAgent.retired) { brokerDB.AddTicket(coupon, TicketTypes.ADMINISTER_EXPERIMENT, essAgent.AgentGuid, brokerDB.GetIssuerGuid(), ticketDuration, factory.createAdministerExperimentPayload(experimentID, essAgent.webServiceUrl)); //3.B create store record ticket brokerDB.AddTicket(coupon, TicketTypes.STORE_RECORDS, essAgent.agentGuid, labServer.agentGuid, ticketDuration, factory.StoreRecordsPayload(true, experimentID, essAgent.webServiceUrl)); //3.C create retrieve experiment ticket, retrieve Experiment Records never expires, unless experiment deleted // This should be changed to a long but finite period once eadExisting Expermint is in place. brokerDB.AddTicket(coupon, TicketTypes.RETRIEVE_RECORDS, essAgent.agentGuid, brokerDB.GetIssuerGuid(), -1, factory.RetrieveRecordsPayload(experimentID, essAgent.webServiceUrl)); // 3.D Create the ESS Experiment Records ExperimentStorageProxy ess = new ExperimentStorageProxy(); ess.AgentAuthHeaderValue = new AgentAuthHeader(); ess.AgentAuthHeaderValue.coupon = essAgent.identOut; ess.AgentAuthHeaderValue.agentGuid = ProcessAgentDB.ServiceGuid; ess.Url = essAgent.webServiceUrl; essWebAddress = essAgent.webServiceUrl; // Call the ESS to create the ESS Records and open the experiment StorageStatus status = ess.OpenExperiment(experimentID, ticketDuration); if (status != null) DataStorageAPI.UpdateExperimentStatus(status); } } // // 4. create the execution ticket for the experiment // // 4.A create payload string payload = factory.createExecuteExperimentPayload(essWebAddress, startExecution, duration, userTZ, groupName, brokerDB.GetIssuerGuid(), experimentID); // 4.B create experiment execution ticket. brokerDB.AddTicket(coupon, TicketTypes.EXECUTE_EXPERIMENT, labServer.agentGuid, labServer.agentGuid, ticketDuration, payload); // 4.C Create sessionRedemption Ticket string sessionPayload = factory.createRedeemSessionPayload(userID, groupID, client.clientID); brokerDB.AddTicket(coupon, TicketTypes.REDEEM_SESSION, brokerDB.GetIssuerGuid(), brokerDB.GetIssuerGuid(), ticketDuration, sessionPayload); }
public ExperimentRecord[] RetrieveExperimentRecords(long experimentID, int userID, int groupID, Criterion[] criteria) { int roles = 0; ExperimentRecord[] records = null; AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); roles = wrapper.GetExperimentAuthorizationWrapper(experimentID, userID, groupID); if ((roles | ExperimentAccess.READ) == ExperimentAccess.READ) { records = RetrieveExperimentRecords(experimentID, criteria); } else { throw new AccessDeniedException("You do not have permission to read this experiment"); } return records; }
public Experiment RetrieveExperiment(long experimentID, int userID, int groupID) { int roles = 0; Experiment experiment = null; AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); roles = wrapper.GetExperimentAuthorizationWrapper(experimentID, userID, groupID); if ((roles | ExperimentAccess.READ) == ExperimentAccess.READ) { experiment = new Experiment(); experiment.experimentId = experimentID; experiment.issuerGuid = ProcessAgentDB.ServiceGuid; ProcessAgentInfo ess = GetExperimentESS(experimentID); if (ess != null) { ExperimentStorageProxy essProxy = new ExperimentStorageProxy(); Coupon opCoupon = GetEssOpCoupon(experimentID, TicketTypes.RETRIEVE_RECORDS, 60, ess.agentGuid); if (opCoupon == null) { string payload = TicketLoadFactory.Instance().RetrieveRecordsPayload(experimentID, ess.webServiceUrl); opCoupon = CreateTicket(TicketTypes.RETRIEVE_RECORDS, ess.agentGuid, ProcessAgentDB.ServiceGuid, 60, payload); } essProxy.OperationAuthHeaderValue = new OperationAuthHeader(); essProxy.OperationAuthHeaderValue.coupon = opCoupon; essProxy.Url = ess.webServiceUrl; experiment.records = essProxy.GetRecords(experimentID, null); } } else { throw new AccessDeniedException("You do not have permission to read this experiment"); } return experiment; }
public static bool checkUser(string username) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); int userID = -1; try { userID = wrapper.GetUserIDWrapper(username); if (userID > 0) return true; else return false; } catch { return false; } }
protected void btnSubmit_Click(object sender, System.EventArgs e) { string registrationMailAddress = ConfigurationManager.AppSettings["registrationMailAddress"]; AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); if(txtUsername.Text == "") { lblResponse.Text = Utilities.FormatErrorMessage("Missing user name."); lblResponse.Visible = true; return; } else { string userName = txtUsername.Text; int userID = AdministrativeAPI.GetUserID(userName, 0); if(userID <= 0) { lblResponse.Text = Utilities.FormatErrorMessage("User name was not found."); lblResponse.Visible = true; return; } if (txtEmail.Text == null || txtEmail.Text == "") { lblResponse.Text = Utilities.FormatErrorMessage("Missing email field."); lblResponse.Visible = true; return; } else { string email = txtEmail.Text ; User lostPassUser = AdministrativeAPI.GetUser(userID); if (lostPassUser == null || lostPassUser.userID == 0) { // userID does not exist in the database lblResponse.Text = Utilities.FormatErrorMessage("The user does not exist."); lblResponse.Visible = true; } else if (email.ToLower() != lostPassUser.email.ToLower()) { // email does not match email record in our database lblResponse.Text = Utilities.FormatErrorMessage("Please use the user name AND email you were registered with."); lblResponse.Visible = true; } else if (lostPassUser.lockAccount) { // email does not match email record in our database lblResponse.Text = Utilities.FormatErrorMessage("The user account is locked out! Please send a help message to resolve this issue."); lblResponse.Visible = true; } else if (lostPassUser.userName.ToLower().CompareTo("superuser") ==0) { // email does not match email record in our database lblResponse.Text = Utilities.FormatErrorMessage("Password reset is not supported for this user. Please use the help system to contact a system administrator."); lblResponse.Visible = true; MailMessage mail = new MailMessage(); mail.From = registrationMailAddress; // bugReportMailAddress mail.To = ConfigurationManager.AppSettings["bugReportMailAddress"]; ; mail.Subject = "[iLab] Attempt to reset password failed"; StringBuilder sb = new StringBuilder(); sb.AppendLine("An attempt was made to change the password for the following user!\n\r"); sb.AppendLine("Username: "******"Email: " + lostPassUser.email); sb.Append("Site URL: " + ProcessAgentDB.ServiceAgent.codeBaseUrl + "\n\r"); sb.Append("Site GUID: " + ProcessAgentDB.ServiceAgent.agentGuid + "\n\r"); sb.Append("\n\r\n\r"); sb.Append("Additional Information:\n\r"); sb.Append("User Host Name: " + Request.UserHostName + "\n\r"); sb.Append("User Host Address: " + Request.UserHostAddress + "\n\r"); sb.Append("User Browser: " + Request.Browser.Type + "\n\r"); sb.Append("User Browser Agent: " + Request.UserAgent + "\n\r"); sb.Append("User Platform: " + Request.Browser.Platform + "\n\r"); sb.Append("URL used to access page: " + Request.Url + "\n\r"); sb.Append("URL Referrer: " + Request.UrlReferrer + "\n\r"); sb.Append("Machine Name: " + Server.MachineName + "\n\r"); sb.Append("Server Type: " + Server.GetType() + "\n\r"); sb.Append("iLab Release: " + iLabGlobal.Release + "\n\r"); mail.Body = sb.ToString(); SmtpMail.SmtpServer = "127.0.0.1"; try { SmtpMail.Send(mail); // email sent message lblResponse.Text = Utilities.FormatConfirmationMessage("Your request has been submitted. A new password has been created and emailed to the email address you entered below."); lblResponse.Visible = true; } catch (Exception ex) { // trouble sending request for password // Report detailed SMTP Errors string smtpErrorMsg; smtpErrorMsg = "Exception: " + ex.Message; //check the InnerException if (ex.InnerException != null) smtpErrorMsg += "<br>Inner Exceptions:"; while (ex.InnerException != null) { smtpErrorMsg += "<br>" + ex.InnerException.Message; ex = ex.InnerException; } lblResponse.Text = Utilities.FormatErrorMessage("Trouble sending email. Your request could not be submitted - please inform an administrator.<br>" + smtpErrorMsg); lblResponse.Visible = true; } } else // send password to requestor's email address { MailMessage mail = new MailMessage(); mail.From = registrationMailAddress; mail.To = lostPassUser.email; mail.Subject = "[iLabs] Service Broker Password Reset" ; StringBuilder buf = new StringBuilder(); buf.AppendLine("Username: "******"Email: " + email); buf.AppendLine("Your old password has been reset to the following password. For security reasons, please login and use the 'My Account' page to reset your password."); buf.AppendLine("Password: "******"127.0.0.1"; try { SmtpMail.Send(mail); // email sent message lblResponse.Text = Utilities.FormatConfirmationMessage("Your request has been submitted. A new password has been created and emailed to the email address you entered below."); lblResponse.Visible = true; } catch (Exception ex) { // trouble sending request for password // Report detailed SMTP Errors string smtpErrorMsg; smtpErrorMsg = "Exception: " + ex.Message; //check the InnerException if (ex.InnerException != null) smtpErrorMsg += "<br>Inner Exceptions:"; while( ex.InnerException != null ) { smtpErrorMsg += "<br>" + ex.InnerException.Message; ex = ex.InnerException; } lblResponse.Text = Utilities.FormatErrorMessage("Trouble sending email. Your request could not be submitted - please inform an administrator.<br>" + smtpErrorMsg); lblResponse.Visible = true; } } } } }
//---------------------------------------------------------------------------------------// protected void btnSubmit_Click(object sender, System.EventArgs e) { string userName = txtUsername.Text.Trim(); string email = txtEmail.Text.Trim(); string prompt = "Please enter "; string errorMessage = null; if (userName.Length == 0) { errorMessage = prompt + "Username"; } else if (email.Length == 0) { errorMessage = prompt + "Email Address"; } if (errorMessage != null) { lblResponse.Text = Utilities.FormatErrorMessage(errorMessage); lblResponse.Visible = true; return; } AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); int userID = wrapper.GetUserIDWrapper(userName); if (userID < 0) { // userID does not exist in the database lblResponse.Text = Utilities.FormatErrorMessage("This username does not exist."); lblResponse.Visible = true; return; } User[] lostPassUsers = wrapper.GetUsersWrapper(new int[] { userID }); if (lostPassUsers[0].userID == 0) { // userID does not exist in the database lblResponse.Text = Utilities.FormatErrorMessage("This username does not exist."); lblResponse.Visible = true; } else if (email.ToLower() != wrapper.GetUsersWrapper(new int[] { userID })[0].email.ToLower()) { // email does not match email record in our database lblResponse.Text = Utilities.FormatErrorMessage("Please use the username AND email you were registered with."); lblResponse.Visible = true; } else // send password to requestor's email address { // // Email new password to user // string subject = "[" + this.serviceBrokerName + "] Lost Password"; StringWriter message = new StringWriter(); message.WriteLine("Username: "******"Email: " + email); message.WriteLine(); message.WriteLine("Your old password has been reset to the following password." + " For security reasons, please login and use the 'My Account' page to reset your password."); message.WriteLine(); message.WriteLine("Password: "******"Your request has been submitted. A new password will be created and emailed to you at the email address specified."); lblResponse.Visible = true; } catch (Exception ex) { // trouble sending request for password // Report detailed SMTP Errors string smtpErrorMsg; smtpErrorMsg = "Exception: " + ex.Message; //check the InnerException if (ex.InnerException != null) smtpErrorMsg += "<br>Inner Exceptions:"; while (ex.InnerException != null) { smtpErrorMsg += "<br>" + ex.InnerException.Message; ex = ex.InnerException; } lblResponse.Text = Utilities.FormatErrorMessage("Trouble sending email. Your request could not be submitted - please inform an administrator.<br>" + smtpErrorMsg); lblResponse.Visible = true; } } }
protected void btnSaveChanges_Click(object sender, System.EventArgs e) { BrokerDB brokerDB = new BrokerDB(); AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); if(txtNewPassword.Text.CompareTo(txtConfirmPassword.Text) != 0 ) { lblResponse.Text = Utilities.FormatErrorMessage("Password fields don't match. Try again!"); lblResponse.Visible = true; txtNewPassword.Text = null; txtConfirmPassword.Text = null; } else { //if a field is left blank, it is not updated try { User userInfo = wrapper.GetUsersWrapper(new int[] {Convert.ToInt32(Session["UserID"])})[0]; Authority auth = brokerDB.AuthorityRetrieve(userInfo.authID); if (txtUsername.Text.Trim()=="") { txtUsername.Text = userInfo.userName; } if(txtFirstName.Text.Trim() == "") { txtFirstName.Text = userInfo.firstName ; } if(txtLastName.Text.Trim() == "") { txtLastName.Text = userInfo.lastName ; } if(txtEmail.Text.Trim() == "") { txtEmail.Text = userInfo.email ; } if (userInfo.reason==null) userInfo.reason = ""; if (userInfo.affiliation==null) userInfo.affiliation=""; if (userInfo.xmlExtension==null) userInfo.xmlExtension=""; wrapper.ModifyUserWrapper (userInfo.userID,txtUsername.Text,auth.authorityID,auth.authTypeID, txtFirstName.Text , txtLastName.Text , txtEmail.Text ,userInfo.affiliation, userInfo.reason, userInfo.xmlExtension,userInfo.lockAccount ); lblResponse.Text = Utilities.FormatConfirmationMessage("User \"" + txtUsername.Text + "\" information has been updated."); lblResponse.Visible = true; if (auth.authTypeID == (int) AuthenticationType.AuthTypeID.Native) { if (txtNewPassword.Text != "") { wrapper.SetNativePasswordWrapper(Convert.ToInt32(Session["UserID"]), txtNewPassword.Text); } } if (txtUsername.Text.CompareTo(Session["UserName"].ToString())!= 0) Session["UserName"]= txtUsername.Text; // Send a confirmation message to the user string email; if(txtEmail.Text.Trim() == "") { // use old email if it wasn't changed, new if it was email = userInfo.email; } else { email = txtEmail.Text.Trim(); } if (email != null && email.Length > 0) { MailMessage mail = new MailMessage(); mail.From = registrationMailAddress; mail.To = email; mail.Subject = "[iLabs] Service Broker Account Update Confirmation"; mail.Body = "Your Service Broker account has been updated to the following:\n\r"; mail.Body += "-------------------------------------------------------------\n\r\n\r"; mail.Body += "User Name: " + txtUsername.Text + "\n\r"; mail.Body += "First Name: " + txtFirstName.Text + "\n\r"; mail.Body += "Last Name: " + txtLastName.Text + "\n\r"; mail.Body += "Email: " + txtEmail.Text + "\n\r\n\r"; mail.Body += "For security reasons, your password has not been included in this message." + "\n\r"; SmtpMail.SmtpServer = "127.0.0.1"; try { SmtpMail.Send(mail); } catch(Exception e2) { // if the confirmation message fails, c'est la vie... string msg = "Error sending email notification: (" + e2.Message + ". " + e2.GetBaseException() + "). Contact " + supportMailAddress + "."; lblResponse.Text = Utilities.FormatErrorMessage(msg); lblResponse.Visible = true; } } } catch (Exception ex) { string msg = "Error updating account ("+ex.Message+". "+ex.GetBaseException()+"). Contact " + supportMailAddress + "."; lblResponse.Text = Utilities.FormatErrorMessage(msg); lblResponse.Visible = true; } } }
protected void Page_Load(object sender, System.EventArgs e) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); if(! IsPostBack) { LoadAuthorityList(); //Populate textboxes with User's data User sessionUser = new User(); sessionUser = wrapper.GetUsersWrapper(new int[]{Convert.ToInt32(Session["UserID"])})[0]; txtUsername.Text = sessionUser.userName; txtFirstName.Text = sessionUser.firstName; txtLastName.Text = sessionUser.lastName; txtEmail.Text = sessionUser.email; txtNewPassword.Text = ""; txtConfirmPassword.Text = ""; ddlAuthorities.SelectedValue = sessionUser.authID.ToString(); ddlAuthorities.Enabled = false; // To list all the groups a user belongs to int userID = Convert.ToInt32(Session["UserID"]); int[] groupIDs = wrapper.ListGroupsForUserWrapper (userID); //since we already have the groups a user has access // if we use wrapper here, it will deny authentication Group[] gps = AdministrativeAPI.GetGroups(groupIDs); ArrayList nonRequestGroups = new ArrayList(); ArrayList requestGroups = new ArrayList(); foreach(Group g in gps) { if (g.groupName.EndsWith("request")) requestGroups.Add(g); else if(!g.groupName.Equals("NewUserGroup")) nonRequestGroups.Add(g); } //List Groups that user belongs to in blue box if ((nonRequestGroups!=null)&& (nonRequestGroups.Count>0)) { for (int i=0;i<nonRequestGroups.Count;i++) { lblGroups.Text+= ((Group)nonRequestGroups[i]).groupName; if (i != nonRequestGroups.Count-1) lblGroups.Text +=", "; } } else { lblGroups.Text = "No group"; } //List Groups that user has requested to in blue box if ((requestGroups!=null)&& (requestGroups.Count>0)) { for (int i=0;i<requestGroups.Count;i++) { int origGroupID = AdministrativeAPI.GetAssociatedGroupID(((Group)requestGroups[i]).groupID); string origGroupName = AdministrativeAPI.GetGroups(new int[] {origGroupID})[0].groupName; lblRequestGroups.Text+= origGroupName; if (i != requestGroups.Count-1) lblRequestGroups.Text +=", "; } } else { lblRequestGroups.Text = "No group"; } } }
//---------------------------------------------------------------------------------------// protected void btnSave_Click(object sender, EventArgs e) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); if (txtNewPassword.Text.CompareTo(txtConfirmPassword.Text) != 0) { lblResponse.Text = Utilities.FormatErrorMessage("Password fields don't match. Try again!"); lblResponse.Visible = true; txtNewPassword.Text = null; txtConfirmPassword.Text = null; } else { //if a field is left blank, it is not updated try { User userInfo = wrapper.GetUsersWrapper(new int[] { Convert.ToInt32(Session["UserID"]) })[0]; if (txtUsername.Text.Trim() == "") { txtUsername.Text = userInfo.userName; } if (txtFirstName.Text.Trim() == "") { txtFirstName.Text = userInfo.firstName; } if (txtLastName.Text.Trim() == "") { txtLastName.Text = userInfo.lastName; } if (txtEmail.Text.Trim() == "") { txtEmail.Text = userInfo.email; } if (userInfo.reason == null) userInfo.reason = ""; if (userInfo.affiliation == null) userInfo.affiliation = ""; if (userInfo.xmlExtension == null) userInfo.xmlExtension = ""; wrapper.ModifyUserWrapper(userInfo.userID, txtUsername.Text, txtUsername.Text, AuthenticationType.NativeAuthentication, txtFirstName.Text, txtLastName.Text, txtEmail.Text, userInfo.affiliation, userInfo.reason, userInfo.xmlExtension, userInfo.lockAccount); lblResponse.Text = Utilities.FormatConfirmationMessage("User \"" + txtUsername.Text + "\" information has been updated."); lblResponse.Visible = true; if (txtNewPassword.Text != "") { wrapper.SetNativePasswordWrapper(Convert.ToInt32(Session["UserID"]), txtNewPassword.Text); } if (txtUsername.Text.CompareTo(Session["UserName"].ToString()) != 0) Session["UserName"] = txtUsername.Text; // Send a confirmation message to the user string email; if (txtEmail.Text.Trim() == "") { // use old email if it wasn't changed, new if it was email = userInfo.email; } else { email = txtEmail.Text.Trim(); } // // Email account update confirmation // string subject = "[" + this.serviceBrokerName + "] Account Update Confirmation"; StringWriter message = new StringWriter(); message.WriteLine("Your ServiceBroker account has been updated to the following:"); message.WriteLine("------------------------------------------------------------"); message.WriteLine(); message.WriteLine("User Name: " + txtUsername.Text); message.WriteLine("First Name: " + txtFirstName.Text); message.WriteLine("Last Name: " + txtLastName.Text); message.WriteLine("Email Address: " + txtEmail.Text); message.WriteLine(); message.WriteLine("For security reasons, your password has not been included in this message."); string body = message.ToString(); string from = registrationMailAddress; string to = email; MailMessage mailMessage = new MailMessage(from, to, subject, body); SmtpClient smtpClient = new SmtpClient(Consts.STR_LocalhostIP); try { smtpClient.Send(mailMessage); } catch { // if the confirmation message fails, c'est la vie... } } catch (Exception ex) { string msg = "Error updating account (" + ex.Message + ". " + ex.GetBaseException() + "). Contact " + supportMailAddress + "."; lblResponse.Text = Utilities.FormatErrorMessage(msg); lblResponse.Visible = true; } } }
//---------------------------------------------------------------------------------------// protected void Page_Load(object sender, EventArgs e) { lblResponse.Visible = false; if (!IsPostBack) { // // Populate textboxes with the user's information // AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); User sessionUser = new User(); int userID = Convert.ToInt32(Session[Consts.STRSSN_UserID]); sessionUser = wrapper.GetUsersWrapper(new int[] { userID })[0]; txtUsername.Enabled = false; txtUsername.Text = sessionUser.userName; txtFirstName.Text = sessionUser.firstName; txtLastName.Text = sessionUser.lastName; txtEmail.Text = sessionUser.email; txtNewPassword.Text = ""; txtConfirmPassword.Text = ""; // To list all the groups a user belongs to int[] groupIDs = wrapper.ListGroupsForAgentWrapper(userID); //since we already have the groups a user has access // if we use wrapper here, it will deny authentication Group[] gps = AdministrativeAPI.GetGroups(groupIDs); ArrayList nonRequestGroups = new ArrayList(); ArrayList requestGroups = new ArrayList(); foreach (Group g in gps) { if (g.groupName.EndsWith("request")) requestGroups.Add(g); else if (!g.groupName.Equals("NewUserGroup")) nonRequestGroups.Add(g); } // // List Groups for which the user is a member // StringBuilder sb = new StringBuilder(); if ((nonRequestGroups != null) && (nonRequestGroups.Count > 0)) { for (int i = 0; i < nonRequestGroups.Count; i++) { sb.Append(((Group)nonRequestGroups[i]).groupName); if (i < nonRequestGroups.Count - 1) { sb.Append("<br />"); } } } else { sb.Append("No group"); } lblGroups.Text = sb.ToString(); // // List Groups for which the user has requested membership // sb = new StringBuilder(); if ((requestGroups != null) && (requestGroups.Count > 0)) { for (int i = 0; i < requestGroups.Count; i++) { int origGroupID = AdministrativeAPI.GetAssociatedGroupID(((Group)requestGroups[i]).groupID); string origGroupName = AdministrativeAPI.GetGroups(new int[] { origGroupID })[0].groupName; sb.Append(origGroupName); if (i < requestGroups.Count - 1) { sb.Append("<br />"); } } } else { sb.Append("No group"); } lblRequestGroups.Text = sb.ToString(); } }
public ExperimentRecord[] RetrieveExperimentRecords(long experimentID, Criterion[] carray) { ExperimentRecord[] records = null; BrokerDB brokerDB = new BrokerDB(); int roles = 0; int userID = 0; int groupID = 0; //long[] expIDs = null; Ticket expTicket = brokerDB.RetrieveTicket(opHeader.coupon, TicketTypes.REDEEM_SESSION); if (expTicket != null && !expTicket.IsExpired()) { //Parse payload, only get what is needed XmlQueryDoc expDoc = new XmlQueryDoc(expTicket.payload); //long expID = -1; string userStr = expDoc.Query("RedeemSessionPayload/userID"); if ((userStr != null) && (userStr.Length > 0)) userID = Convert.ToInt32(userStr); string groupStr = expDoc.Query("RedeemSessionPayload/groupID"); if ((groupStr != null) && (groupStr.Length > 0)) groupID = Convert.ToInt32(groupStr); if (userID > 0) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); roles = wrapper.GetExperimentAuthorizationWrapper(experimentID, userID, groupID); } if ((roles | ExperimentAccess.READ) == ExperimentAccess.READ) { records = brokerDB.RetrieveExperimentRecords(experimentID, carray); } else { throw new AccessDeniedException("You do not have the required permission to access the experiment"); } } return records; }
public Experiment RetrieveExperiment(long experimentID) { Experiment experiment = null; BrokerDB brokerDB = new BrokerDB(); int roles = 0; int userID = 0; int groupID = 0; //long[] expIDs = null; Ticket expTicket = brokerDB.RetrieveTicket(opHeader.coupon, TicketTypes.REDEEM_SESSION); if (expTicket != null && !expTicket.IsExpired()) { //Parse payload, only get what is needed XmlQueryDoc expDoc = new XmlQueryDoc(expTicket.payload); //long expID = -1; string userStr = expDoc.Query("RedeemSessionPayload/userID"); if ((userStr != null) && (userStr.Length > 0)) userID = Convert.ToInt32(userStr); string groupStr = expDoc.Query("RedeemSessionPayload/groupID"); if ((groupStr != null) && (groupStr.Length > 0)) groupID = Convert.ToInt32(groupStr); if (userID > 0) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); roles = wrapper.GetExperimentAuthorizationWrapper(experimentID, userID, groupID); } if ((roles | ExperimentAccess.READ) == ExperimentAccess.READ) { experiment = new Experiment(); experiment.experimentId = experimentID; experiment.issuerGuid = ProcessAgentDB.ServiceGuid; ProcessAgentInfo ess = brokerDB.GetExperimentESS(experimentID); if (ess != null) { ExperimentStorageProxy essProxy = new ExperimentStorageProxy(); Coupon opCoupon = brokerDB.GetEssOpCoupon(experimentID, TicketTypes.RETRIEVE_RECORDS, 60, ess.agentGuid); if (opCoupon == null) { string payload = TicketLoadFactory.Instance().RetrieveRecordsPayload(experimentID, ess.webServiceUrl); opCoupon = brokerDB.CreateTicket(TicketTypes.RETRIEVE_RECORDS, ess.agentGuid, ProcessAgentDB.ServiceGuid, 60, payload); } essProxy.OperationAuthHeaderValue = new OperationAuthHeader(); essProxy.OperationAuthHeaderValue.coupon = opCoupon; essProxy.Url = ess.webServiceUrl; essProxy.GetRecords(experimentID, null); } } else { throw new AccessDeniedException("You do not have permission to read this experiment"); } } return experiment; }
private void btnSubmit_Click(object sender, System.EventArgs e) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); string userName = null; if(txtUsername.Text == "" || txtFirstName.Text == "" || txtLastName.Text == "" || txtEmail.Text == "" || txtPassword.Text == "" || txtConfirmPassword.Text == "") { lblResponse.Text = Utilities.FormatErrorMessage("You must enter a Username, first name, last name, email and password."); lblResponse.Visible = true; return; } if(txtPassword.Text != txtConfirmPassword.Text ) { lblResponse.Text = Utilities.FormatErrorMessage("Password fields don't match, please reenter."); lblResponse.Visible = true; txtPassword.Text = null; txtConfirmPassword.Text = null; return; } userName = txtUsername.Text.Trim(); int curUser = AdministrativeAPI.GetUserID(userName); if (curUser > 0) { lblResponse.Text = Utilities.FormatErrorMessage("The username you entered is already registered. Please check to see if you have a forgotten password, or choose another username."); lblResponse.Visible = true; txtPassword.Text = null; txtConfirmPassword.Text = null; return; } if(ConfigurationSettings.AppSettings["useAffiliationDDL"].Equals("true")) { if (ddlAffiliation.SelectedIndex < 1) { lblResponse.Text = Utilities.FormatErrorMessage("Please select an affiliation."); lblResponse.Visible = true; return; } } else { if (txtAffiliation.Text == "") { lblResponse.Text = Utilities.FormatErrorMessage("Please enter an affiliation."); lblResponse.Visible = true; return; } } try { string firstName = txtFirstName.Text.Trim() ; string lastName = txtLastName.Text.Trim() ; string email = txtEmail.Text.Trim() ; string affiliation; if(ConfigurationSettings.AppSettings["useAffiliationDDL"].Equals("true")) { affiliation = ddlAffiliation.Items [ddlAffiliation.SelectedIndex ].Value ; } else { affiliation = txtAffiliation.Text.Trim(); } string principalString = userName; string authenType = AuthenticationType.NativeAuthentication ; string reason = txtReason.Text.Trim(); if (ConfigurationSettings.AppSettings["chooseGroups"] != null) { if (ConfigurationSettings.AppSettings["chooseGroups"].Equals("false")) chooseGroup = false; } int initialGroup = wrapper.GetGroupIDWrapper(Group.NEWUSERGROUP); int newUserGroupID = initialGroup; if (ConfigurationSettings.AppSettings["initialGroup"] != null) { int tmpID = wrapper.GetGroupIDWrapper(ConfigurationSettings.AppSettings["initialGroup"]); if (tmpID > 0) initialGroup = tmpID; } if (chooseGroup) { if (ConfigurationSettings.AppSettings["useRequestGroup"] != null) { if (ConfigurationSettings.AppSettings["useRequestGroup"].Equals("false")) useRequestGroups = false; } if (ddlGroup.SelectedIndex > 0) initialGroup = wrapper.GetGroupIDWrapper(ddlGroup.Items[ddlGroup.SelectedIndex].Text); } int userID = -1; try { // adduserwrapper doesn't work here since there the user isn't logged in yet. // user the admin API call directly instead if ((useRequestGroups) && (initialGroup != newUserGroupID)) { userID = AdministrativeAPI.AddUser(userName, principalString, authenType, firstName, lastName, email, affiliation, reason, "", AdministrativeUtilities.GetGroupRequestGroup(initialGroup), false); } else { userID = AdministrativeAPI.AddUser(userName, principalString, authenType, firstName, lastName, email, affiliation, reason, "", initialGroup, false); } } catch(Exception ex) { lblResponse.Text = Utilities.FormatErrorMessage("User could not be added. " + ex.Message + "<br>Please notify " + supportMailAddress); lblResponse.Visible = true; return; } if( userID!= -1) { Session["UserID"] = userID; Session["UserName"] = userName; AuthenticationAPI.SetNativePassword (userID, txtPassword.Text ); // setnativepasswordwrapper doesn't work here since there the user isn't logged in yet. // user the admin API call directly instead //wrapper.SetNativePasswordWrapper (userID, txtPassword.Text ); FormsAuthentication.SetAuthCookie(userName , false); try { // Check for GroupItems, since the user may not be in the target group at this time // We can not recusively check all groups, but will us the initial target group. //int[] groupIDs = AdministrativeAPI.ListGroupsForAgentRecursively(userID); Group[] groups = AdministrativeAPI.GetGroups(new int[] { initialGroup }); foreach (Group grp in groups) { if (ConfigurationSettings.AppSettings[grp.groupName + "Item"] != null) { string docUrl = ConfigurationSettings.AppSettings[grp.groupName + "Item"]; if (docUrl != null) { addClientItems(docUrl, userID); } } } } catch (Exception ge) { lblResponse.Text = Utilities.FormatErrorMessage(ge.Message); } // email registration StringBuilder message = new StringBuilder(); string subject = "[iLabs] New User Registration"; message.Append("\n"); message.Append("User Name: " + userName + "\n\r"); message.Append("Name: " + firstName + " " + lastName + "\n\r"); message.Append("Email: " + email + "\n\r\n\r"); message.Append("iLab URL: " + ProcessAgentDB.ServiceAgent.codeBaseUrl + "\n\r\n\r"); Group[] myGroups = AdministrativeAPI.GetGroups(new int[] { initialGroup }); if (useRequestGroups) { subject += " Request"; message.Append("You have requested to be added to: " + myGroups[0].GroupName + "\n\r\n\r"); message.Append("Your request has been forwarded to the administrator. "); message.Append("An email will be sent to you once your request has been processed.\n\r\n\r"); } else { subject = "[iLabs] New User Registration"; message.Append("You have been added to: " + myGroups[0].GroupName + "\n\r\n\r"); } MailMessage mail = new MailMessage(); mail.From = registrationMailAddress; mail.To = registrationMailAddress; if (email != "") { mail.Cc = email; } mail.Subject = subject; mail.Body = message.ToString(); SmtpMail.SmtpServer = "127.0.0.1"; try { SmtpMail.Send(mail); Response.Redirect("login.aspx"); } catch (Exception ex) { // Report detailed SMTP Errors string smtpErrorMsg; smtpErrorMsg = "Exception: " + ex.Message; //check the InnerException if (ex.InnerException != null) smtpErrorMsg += "<br>Inner Exceptions:"; while( ex.InnerException != null ) { smtpErrorMsg += "<br>" + ex.InnerException.Message; ex = ex.InnerException; } string msg; msg = "Your request has been submitted, but the system was unable to send the notification email. Please cut & paste this entire message, and send it to " + registrationMailAddress; msg += "<br><br>" + mail.Subject + "<br>" + mail.Body; msg += "<br><br>" + smtpErrorMsg; lblResponse.Text = Utilities.FormatErrorMessage(msg); lblResponse.Visible = true; } } else { lblResponse.Text = Utilities.FormatErrorMessage("Your ID has been taken. Please choose a different user ID."); lblResponse.Visible = true; } // moved 2 statements into if block which sets user ID to the session - Karim } catch (Exception ex) { lblResponse.Text = Utilities.FormatErrorMessage("Error registering this user. Please report to an administrator at " + supportMailAddress + ".<br>" + ex.Message); lblResponse.Visible = true; } }
private void Page_Load(object sender, System.EventArgs e) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); // Group options -- Default is to use the DropDownList with request groups, if no request group is selected // the specified initialGroup will be used. Default to newUserGroup if no initialGroup // If useRequestGroup is set to false the dropdownList will be populated with actual groups and user will be // made a member of the selected group. If defaultGroups is set the comma delimited list of groups will be used. // If chooseGroup is set to false the dropdown list will not be displayed and user will be assigned to the initialGroup if (ConfigurationSettings.AppSettings["chooseGroups"] != null) { if (ConfigurationSettings.AppSettings["chooseGroups"].Equals("false")) chooseGroup = false; } if (ConfigurationSettings.AppSettings["useRequestGroup"] != null) { if (ConfigurationSettings.AppSettings["useRequestGroup"].Equals("false")) useRequestGroups = false; } if(!IsPostBack) { // Set up affiliation options if(ConfigurationSettings.AppSettings["useAffiliationDDL"].Equals("true")) { String afList = ConfigurationSettings.AppSettings["affiliationOptions"]; char [] delimiter = {','}; String [] options =afList.Split(delimiter,100); for(int i =0;i< options.Length;i++) { ddlAffiliation.Items.Add(options[i]); } if(options.Length > 0) { ddlAffiliation.Items[0].Selected = false; } } else { // Setup default affiliation } if (chooseGroup) { ddlGroup.Items.Add("-- None --"); //Don' t use wrapper since it only lists a user's group int[] gpIDs = wrapper.ListGroupIDsWrapper(); Group[] gps = AdministrativeAPI.GetGroups(gpIDs); ArrayList aList = new ArrayList(); for (int i = 0; i < gps.Length; i++) { if (useRequestGroups) { if (gps[i].groupType.Equals(GroupType.REQUEST)) { int origGroupID = AdministrativeAPI.GetAssociatedGroupID(((Group)gps[i]).groupID); string origGroupName = AdministrativeAPI.GetGroups(new int[] { origGroupID })[0].groupName; aList.Add(origGroupName); } } else { if (gps[i].groupType.Equals(GroupType.REGULAR) && (gps[i].groupID >= 10)) { aList.Add(gps[i].groupName); } } } for (int i = 0; i < aList.Count; i++) { ddlGroup.Items.Add(aList[i].ToString()); } } else { ddlGroup.Visible = false; trowRequestGroup.Visible = false; } } }
protected void btnSubmit_Click(object sender, System.EventArgs e) { AuthorizationWrapperClass wrapper = new AuthorizationWrapperClass(); if(txtUsername.Text == "") { lblResponse.Text = Utilities.FormatErrorMessage("Missing user ID field."); lblResponse.Visible = true; return; } else { string userName = txtUsername.Text; int userID = wrapper.GetUserIDWrapper(userName) ; if (txtEmail.Text == "") { lblResponse.Text = Utilities.FormatErrorMessage("Missing email field."); lblResponse.Visible = true; return; } else { string email = txtEmail.Text ; User[] lostPassUsers = wrapper.GetUsersWrapper (new int[]{userID}); if (lostPassUsers[0].userID == 0) { // userID does not exist in the database lblResponse.Text = Utilities.FormatErrorMessage("This user does not exist."); lblResponse.Visible = true; } else if( email.ToLower () != wrapper.GetUsersWrapper (new int[] {userID})[0].email.ToLower ()) { // email does not match email record in our database lblResponse.Text = Utilities.FormatErrorMessage("Please use the user ID AND email you were registered with."); lblResponse.Visible = true; } else // send password to requestor's email address { MailMessage mail = new MailMessage(); mail.From = registrationMailAddress; mail.To = email; mail.Subject = "[iLabs] Service Broker Password Reminder" ; mail.Body = "Username: "******"\n\r"; mail.Body += "Email: " + email + "\n\r\n\r"; mail.Body +="Your old password has been reset to the following password. For security reasons, please login and use the 'My Account' page to reset your password.\n\r\n\r"; mail.Body += "Password: "******"127.0.0.1"; try { SmtpMail.Send(mail); // email sent message lblResponse.Text = Utilities.FormatConfirmationMessage("Your request has been submitted. A new password will be created and emailed to the email address you entered below."); lblResponse.Visible = true; } catch (Exception ex) { // trouble sending request for password // Report detailed SMTP Errors string smtpErrorMsg; smtpErrorMsg = "Exception: " + ex.Message; //check the InnerException if (ex.InnerException != null) smtpErrorMsg += "<br>Inner Exceptions:"; while( ex.InnerException != null ) { smtpErrorMsg += "<br>" + ex.InnerException.Message; ex = ex.InnerException; } lblResponse.Text = Utilities.FormatErrorMessage("Trouble sending email. Your request could not be submitted - please inform an administrator.<br>" + smtpErrorMsg); lblResponse.Visible = true; } } } } }