/// <summary> /// Renders left menu based on <see cref="ModuleGroup"/> and <see cref="Module"/> stored in admin database. /// </summary> /// <param name="e"></param> protected override void OnLoad(EventArgs e) { base.OnLoad(e); if (ConfigurationManager.AppSettings["appId"] == null) { throw new ArgumentException("appId must be specified in configuration file."); } int appId = int.Parse(ConfigurationManager.AppSettings["appId"]); var dotWebDb = new DotWebDb(); var groups = dotWebDb.ModuleGroups .Include(g => g.App) .Include(g => g.Modules) .Where(g => g.App.Id == appId && g.ShowInLeftMenu == true) .OrderBy(o => o.OrderNo).ToList(); this.Groups.Clear(); foreach (var group in groups) { var navBarGroup = new DevExpress.Web.NavBarGroup(group.Title); var modules = group.Modules.Where(m => m.ShowInLeftMenu == true).OrderBy(m => m.OrderNo); foreach (var module in modules) { var moduleUrl = module.Url; if (module.ModuleType == ModuleType.AutoGenerated) { moduleUrl = "~/" + module.TableName + "/list"; } navBarGroup.Items.Add(new DevExpress.Web.NavBarItem(module.Title, module.Title, null, moduleUrl)); } this.Groups.Add(navBarGroup); } dotWebDb.Dispose(); }
void FillPrincipalIdCombo(ASPxComboBox comboBox, string principalType) { if (principalType == "User") { using (var context = new DotWebDb()) { var users = context.Users.ToList(); comboBox.DataSource = users; comboBox.ValueField = "Id"; comboBox.TextField = "UserName"; comboBox.DataBind(); } } else if (principalType == "Group") { using (var context = new DotWebDb()) { int appId = int.Parse(Session["AppId"].ToString()); var userGroups = context.UserGroups.Where(g => g.AppId == appId).ToList(); comboBox.DataSource = userGroups; comboBox.ValueField = "Id"; comboBox.TextField = "GroupName"; comboBox.DataBind(); } } }
protected void btnLogin_Click(object sender, EventArgs e) { using (var context = new IdentityDb()) { var userStore = new UserStore <IdentityUser>(context); var userManager = new UserManager <IdentityUser>(userStore); var user = userManager.Find(tbUserName.Text, tbPassword.Text); if (user == null) { lblError.Text = "Invalid username or password!"; divError.Attributes["class"] = "form-field visible"; } else { var authMgr = HttpContext.Current.GetOwinContext().Authentication; var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie); authMgr.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity); using (var appContext = new DotWebDb()) { var appUser = appContext.Users.SingleOrDefault(u => u.UserName.Equals(user.UserName, StringComparison.InvariantCultureIgnoreCase)); if (appUser != null) { Session["user"] = appUser; } } Response.Redirect("~/"); } } }
public static List <User> getUserName() { using (DotWebDb context = new DotWebDb()) { return(context.Users.ToList()); } }
public static string RetrieveUserNameById(int userId) { using (DotWebDb context = new DotWebDb()) { User user = context.Users.FirstOrDefault(p => p.UserId == userId); if (user != null) { return(user.FullName); } } return(""); }
public static string RetrieveUserGroupNameById(int groupId) { using (DotWebDb context = new DotWebDb()) { UserGroup userGroup = context.UserGroups.FirstOrDefault(p => p.GroupId == groupId); if (userGroup != null) { return(userGroup.GroupName); } } return(""); }
public static int RetrieveOrganizationByName(string organizationName) { using (DotWebDb context = new DotWebDb()) { var organization = context.Organizations.FirstOrDefault(o => o.Name == organizationName); if (organization != null) { return(organization.Id); } } return(0); }
public static int?RetrieveOrganizationIdByUserName(string userName) { using (DotWebDb context = new DotWebDb()) { var user = context.Users.FirstOrDefault(p => p.UserName == userName); if (user != null) { return(user.OrganizationId); } } return(0); }
private static int getOrganizationId() { using (DotWebDb context = new DotWebDb()) { Organization name = context.Organizations.FirstOrDefault(o => o.Name == "ENG"); if (name != null) { return(name.Id); } } return(0); }
protected void btnCreateUser_Click(object sender, EventArgs e) { try { using (var context = new IdentityDb()) { var userStore = new UserStore <IdentityUser>(context); var userManager = new UserManager <IdentityUser>(userStore); var user = new IdentityUser() { UserName = tbUserName.Text, Email = tbEmail.Text }; IdentityResult result = userManager.Create(user, tbPassword.Text); if (result.Succeeded) { using (var appContext = new DotWebDb()) { var appUser = new User() { Id = user.Id, UserName = user.UserName, Email = user.Email, FirstName = tbFirstName.Text, LastName = tbLastName.Text, OrganizationId = cbOrganization.SelectedItem == null ? null : (int?)int.Parse(cbOrganization.SelectedItem.Value.ToString()) }; appContext.Users.Add(appUser); appContext.SaveChanges(); } Response.Redirect(Request.QueryString["ReturnUrl"] ?? "~/Admin/Users.aspx"); } else { lblError.Text = ""; foreach (var error in result.Errors) { lblError.Text += error; } divError.Attributes["class"] = "form-field visible"; } } } catch (Exception ex) { lblError.Text = ex.Message; divError.Attributes["class"] = "form-field visible"; } }
void Session_Start(object sender, EventArgs e) { if (HttpContext.Current.User.Identity.IsAuthenticated && HttpContext.Current.Session["user"] == null) { using (var appContext = new DotWebDb()) { var appUser = appContext.Users.SingleOrDefault(u => u.UserName.Equals(HttpContext.Current.User.Identity.Name, StringComparison.InvariantCultureIgnoreCase)); if (appUser != null) { Session["user"] = appUser; } } } }
public static string CheckUser(string password) { if (string.IsNullOrEmpty(password)) { return(""); } using (DotWebDb context = new DotWebDb()) { int organizationId = getOrganizationId(); User user = context.Users.Where(p => p.OrganizationId == organizationId && p.AuthKey == password).FirstOrDefault(); if (user != null) { return(user.UserName); } } return(""); }
public static List <User> RetrieveUsersByGroupId(string groupId) { using (DotWebDb context = new DotWebDb()) { int[] userIdArray; string sql = "SELECT DISTINCT UserId FROM UserGroupMembers WHERE GroupId = @GroupId"; using (SqlConnection con = new SqlConnection(context.Database.Connection.ConnectionString)) { if (con.State == ConnectionState.Closed) { con.Open(); } using (SqlCommand cmd = new SqlCommand(sql, con)) { cmd.Parameters.AddWithValue("@GroupId", groupId); cmd.CommandTimeout = 7000; DataSet dsData = new DataSet(); new SqlDataAdapter(cmd).Fill(dsData); userIdArray = new int[dsData.Tables[0].Rows.Count]; if (dsData.Tables[0].Rows.Count > 0) { for (int i = 0; i < dsData.Tables[0].Rows.Count; i++) { userIdArray[i] = Convert.ToInt32(dsData.Tables[0].Rows[i][0]); } } } } List <User> lUsers = (from a in context.Users where userIdArray.Contains(a.UserId) select a).ToList(); return(lUsers); } }
public static List <PermissionType> GetPermissions(User user, string url, int appId) { var result = new List <PermissionType>(); var accessRights = new List <AccessRight>(); using (var context = new DotWebDb()) { // Get group membership var membership = context.UserGroupMembers.Include(m => m.Group) .Where(m => m.UserId == user.Id && m.Group.AppId == appId).ToList(); // Add everyone var everyone = context.UserGroups.SingleOrDefault(g => g.AppId == appId && g.GroupName.Equals(Constants.Everyone, StringComparison.InvariantCultureIgnoreCase)); if (everyone != null) { membership.Add(new UserGroupMembers() { UserId = user.Id, Group = everyone }); } // extract its id var sb = new StringBuilder(); foreach (var mbr in membership) { sb = sb.AppendFormat("{0},", mbr.Group.Id); } var gids = sb.ToString(); // Get module and module group of the URL Module module = null; if (!url.EndsWith(".aspx")) { var strs = url.Split(new char[] { '/' }, StringSplitOptions.RemoveEmptyEntries); if (strs.Length == 2) { var moduleName = strs[0]; module = context.Modules.Include(m => m.Group).SingleOrDefault(m => m.ModuleType == ModuleType.AutoGenerated && m.TableName.Equals(moduleName, StringComparison.InvariantCultureIgnoreCase) && m.Group.AppId == appId); } } if (module == null) { module = context.Modules.Include(m => m.Group).SingleOrDefault(m => m.ModuleType == ModuleType.CustomUrl && m.Url.Equals(url, StringComparison.InvariantCultureIgnoreCase)); } // Get access rights for module and module groups if (module != null) { // user - module access rights accessRights.AddRange(context.AccessRights.Include(r => r.Role.Permissions).Where(r => r.SecuredObjectType == SecuredObjectType.Module && r.SecuredObjectId == module.Id && r.PrincipalType == PrincipalType.User && r.PrincipalId == user.Id).ToList()); // user - module group access rights accessRights.AddRange(context.AccessRights.Include(r => r.Role.Permissions).Where(r => r.SecuredObjectType == SecuredObjectType.ModuleGroup && r.SecuredObjectId == module.Group.Id && r.PrincipalType == PrincipalType.User && r.PrincipalId == user.Id).ToList()); // user group - module access rights accessRights.AddRange(context.AccessRights.Include(r => r.Role.Permissions).Where(r => r.SecuredObjectType == SecuredObjectType.Module && r.SecuredObjectId == module.Id && r.PrincipalType == PrincipalType.Group && gids.Contains(r.PrincipalId)).ToList()); // user group - module group access rights accessRights.AddRange(context.AccessRights.Include(r => r.Role.Permissions).Where(r => r.SecuredObjectType == SecuredObjectType.ModuleGroup && r.SecuredObjectId == module.Group.Id && r.PrincipalType == PrincipalType.Group && gids.Contains(r.PrincipalId)).ToList()); } // user - app access rights accessRights.AddRange(context.AccessRights.Include(r => r.Role.Permissions).Where(r => r.SecuredObjectType == SecuredObjectType.App && r.SecuredObjectId == appId && r.PrincipalType == PrincipalType.User && r.PrincipalId == user.Id).ToList()); // user group - app access rights accessRights.AddRange(context.AccessRights.Include(r => r.Role.Permissions).Where(r => r.SecuredObjectType == SecuredObjectType.App && r.SecuredObjectId == appId && r.PrincipalType == PrincipalType.Group && gids.Contains(r.PrincipalId)).ToList()); } foreach (var accessRight in accessRights) { foreach (var permission in accessRight.Role.Permissions) { if (!result.Contains(permission.PermissionType)) { result.Add(permission.PermissionType); } } } return(result); }