/// <summary>
/// Get client name
/// </summary>
/// <param name="oHostSecurityToken">HostSecurityToken obtained when security provider of IWS is called</param>
/// <param name="memOrOrgId">Member or Org id</param>
/// <param name="isMember">boolean value (is member)</param>
/// <returns></returns>
public ClientDetailReturnValue GetClientDetail(HostSecurityToken oHostSecurityToken, Guid memOrOrgId, bool isMember)
{
ClientDetailReturnValue returnValue = new ClientDetailReturnValue();
if (Functions.ValidateIWSToken(oHostSecurityToken))
{
oClientService = new ClientService();
returnValue = oClientService.GetClientDetail(Functions.GetLogonIdFromToken(oHostSecurityToken), memOrOrgId,
isMember);
}
else
{
returnValue = new ClientDetailReturnValue();
returnValue.Success = false;
returnValue.Message = "Invalid Token";
}
return(returnValue);
}
private void DoLogin(string username, string password)
{
// Block MSH from loggin into FED because it is too well known
// Block rekoop integration user as well as it should only be using web services
if (username.Trim().ToLower() == "msh" || username.Trim().ToLower() == "rekoop")
{
_lblError.Text = "Invalid logon details";
return;
}
_logonService = new LogonServiceClient();
LogonReturnValue returnValue;
returnValue = _logonService.Logon(username, password);
if (!returnValue.Success)
{
_lblError.Text = returnValue.Message;
return;
}
Session[SessionName.LogonName] = username;
Session["LogonID"] = returnValue.LogonId;
if (null == Session[SessionName.ControlSettings])
{
PopulateControlPermissions(returnValue.UserType);
}
Session[SessionName.LogonSettings] = returnValue;
if (!string.IsNullOrEmpty(returnValue.WebStyleSheet))
{
// This session is used for all kind of operation being done on CSS files
Session[SessionName.StyleSheet] = returnValue.WebStyleSheet;
// This session is used for security purpose
// for instance, if user change the CSS contents, then on click of preview button of ChangeStyle.aspx screen
// the new temperory CSS file is created and this CSS is set to Session[SessionName.StyleSheet]
// and if user wants to cancel the operation, the Session[SessionName.UserStyleSheet] will set to Session[SessionName.StyleSheet]
Session[SessionName.UserStyleSheet] = returnValue.WebStyleSheet;
}
if (returnValue.UserType == 2)
{
_clientService = new ClientServiceClient();
bool isMember = true;
Guid memOrOrgId = Guid.Empty;
if (returnValue.MemberId == IRIS.Law.WebApp.App_Code.DataConstants.DummyGuid)
{
memOrOrgId = returnValue.OrganisationId;
isMember = false;
}
else
{
memOrOrgId = returnValue.MemberId;
}
ClientDetailReturnValue _clientReturnValue = _clientService.GetClientDetail(returnValue.LogonId, memOrOrgId,
isMember);
Session[SessionName.MemberId] = returnValue.MemberId;
Session[SessionName.OrganisationId] = returnValue.OrganisationId;
Session[SessionName.ClientRef] = _clientReturnValue.ClientReference;
Session[SessionName.ClientName] = _clientReturnValue.Name;
}
if (returnValue.IsFirstTimeLoggedIn && returnValue.UserType != 1)
{
Response.Redirect("~/Pages/Password/ForceChangePassword.aspx", true);
}
if (Session["CurrentPage"] != null)
{
Response.Redirect(Session["CurrentPage"].ToString());
}
else
{
Response.Redirect("Home.aspx", true);
}
}
/// <summary>
/// Get client name
/// </summary>
/// <param name="oHostSecurityToken">HostSecurityToken obtained when security provider of IWS is called</param>
/// <param name="memOrOrgId">Member or Org id</param>
/// <param name="isMember">boolean value (is member)</param>
/// <returns></returns>
public ClientDetailReturnValue GetClientDetail(HostSecurityToken oHostSecurityToken, Guid memOrOrgId, bool isMember)
{
ClientDetailReturnValue returnValue = new ClientDetailReturnValue();
if (Functions.ValidateIWSToken(oHostSecurityToken))
{
oClientService = new ClientService();
returnValue = oClientService.GetClientDetail(Functions.GetLogonIdFromToken(oHostSecurityToken), memOrOrgId,
isMember);
}
else
{
returnValue = new ClientDetailReturnValue();
returnValue.Success = false;
returnValue.Message = "Invalid Token";
}
return returnValue;
}
/// <summary>
/// Get client name
/// </summary>
/// <param name="logonId">Logon id obtained when logging on to the Client service</param>
/// <param name="memOrOrgId">Member or Org id</param>
/// <param name="isMember">boolean value (is member)</param>
/// <returns></returns>
public ClientDetailReturnValue GetClientDetail(Guid logonId, Guid memOrOrgId, bool isMember)
{
ClientDetailReturnValue returnValue = new ClientDetailReturnValue();
try
{
// Get the logged on user from the current logons and add their
// ApplicationSettings the list of concurrent sessions.
// ApplicationSettings.Instance can now be used to get the
// ApplicationSettings for this session.
Host.LoadLoggedOnUser(logonId);
try
{
Guid memberId = DataConstants.DummyGuid;
Guid organisationId = DataConstants.DummyGuid;
if (isMember)
memberId = memOrOrgId;
else
organisationId = memOrOrgId;
Functions.RestrictRekoopIntegrationUser(UserInformation.Instance.DbUid);
switch (UserInformation.Instance.UserType)
{
case DataConstants.UserType.Staff:
// Can do everything
break;
case DataConstants.UserType.ThirdParty:
if (!SrvClientCommon.WebAllowedToAccessClient(memberId, organisationId))
throw new Exception("Access denied");
break;
case DataConstants.UserType.Client:
if (!ApplicationSettings.Instance.IsUser(memberId, organisationId))
throw new Exception("Access denied");
break;
default:
throw new Exception("Access denied");
}
returnValue.ClientReference = SrvClientCommon.GetClientReference(memOrOrgId);
returnValue.Name = SrvClientCommon.GetClientName(memOrOrgId, isMember);
}
finally
{
// Remove the logged on user's ApplicationSettings from the
// list of concurrent sessions
Host.UnloadLoggedOnUser();
}
}
catch (System.Data.SqlClient.SqlException)
{
returnValue.Success = false;
returnValue.Message = Functions.SQLErrorMessage;
}
catch (Exception ex)
{
returnValue.Success = false;
returnValue.Message = ex.Message;
}
return returnValue;
}
