Example #1
0
        public SessionObjects AddProfilePic(IConnectToDB _Connect, SessionObjects SO, FormCollection _formCollection)
        {
            try
            {
                if (_formCollection.Keys.Count > 1)
                {
                    SecurityHelper       securityHelper  = new SecurityHelper();
                    IdentityHelper       identityHelper  = new IdentityHelper();
                    ER_DML               er_dml          = new ER_DML();
                    add                  addHelp         = new add();
                    long?                identitiesId    = ER_Tools.ConvertToInt64(identityHelper.GetIdentityID(_Connect, _formCollection["identitiesUUID"].ToString()));
                    string               fileName        = _formCollection["fileName"].ToString();
                    string               fileType        = _formCollection["fileType"].ToString();
                    long?                fileSize        = ER_Tools.ConvertToInt64(_formCollection["fileSize"].ToString());
                    byte[]               fileContent     = Encoding.UTF8.GetBytes(_formCollection["profileImage"].ToString());
                    Guid?                ProfilesUUID    = ER_Tools.ConvertToGuid(_formCollection["profilesUUID"].ToString());
                    long?                Profiles_ID     = GetProfileId(_Connect, ProfilesUUID.ToString());
                    long?                profileImagesId = 0;
                    var                  profileImagesDT = GetImageIdByProfile(_Connect, Profiles_ID);
                    DataColumnCollection _dccColumnID    = profileImagesDT.Columns;

                    if (_dccColumnID.Contains("PROFILE_IMAGES_ID") && profileImagesDT.Rows.Count > 0)
                    {
                        Values.UpdateProfileImages ProfileImagesModel = null;
                        ProfileImagesModel = addHelp.UPDATE_ENTRY_Profile_Images(_Connect, new Values.UpdateProfileImages
                        {
                            I_PROFILE_IMAGES_ID = profileImagesDT.Rows[0].Field <long?>("PROFILE_IMAGES_ID"),
                            I_PROFILES_ID       = Profiles_ID,
                            I_FILE_NAME         = fileName,
                            I_FILE_SIZE         = fileSize,
                            I_CONTENT_TYPE      = fileType,
                            I_VALUE             = fileContent
                        });

                        profileImagesId = ProfileImagesModel.O_PROFILE_IMAGES_ID;

                        //Enable Profile Image
                        er_dml.TOGGLE_OBJECT(_Connect, "PROFILE_IMAGES", profileImagesId, "Y");
                    }
                    else
                    {
                        //Values.AddProfilesSecPriv ProfilesSecPrivModel = null;
                        //ProfilesSecPrivModel = addHelp.ADD_ENTRY_Profiles_Sec_Priv(_Connect, new Values.AddProfilesSecPriv
                        //{
                        //    I_OBJECT_TYPE = "Permission",
                        //    I_PROFILES_ID = Profiles_ID,
                        //    I_PRIVILEGES_ID = ER_Tools.ConvertToInt64(securityHelper.GetPrivID(_Connect, "CREATE OBJECT")),
                        //    I_ENABLED = 'Y',
                        //    I_IDENTITIES_ID = identitiesId
                        //});

                        Values.AddProfileImages ProfileImagesModel = null;
                        ProfileImagesModel = addHelp.ADD_ENTRY_Profile_Images(_Connect, new Values.AddProfileImages
                        {
                            I_IDENTITIES_ID = identitiesId,
                            I_PROFILES_UUID = ProfilesUUID,
                            I_ENABLED       = 'Y',
                            I_FILE_NAME     = fileName,
                            I_FILE_SIZE     = fileSize,
                            I_CONTENT_TYPE  = fileType,
                            I_VALUE         = fileContent
                        });
                    }

                    //Set Profile Image
                    _session.SetString("ProfileImage", GetProfileImage(_Connect, identitiesId));
                }
            }
            catch
            {
            }

            return(SO);
        }
Example #2
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            ConnectToDB _Connect = new ConnectToDB {
                Platform      = RevampCoreSettings.Platform,
                DBConnString  = RevampCoreSettings.DbConnect,
                SourceDBOwner = RevampCoreSettings.SystemDBName
            };
            IConnectToDB   IConnect       = _Connect;
            SecurityHelper securityHelper = new SecurityHelper();
            AppHelper      appHelper      = new AppHelper();

            SessionObjects SO = null;

            try
            {
                byte[] tempSession    = null;
                bool   sessionPresent = filterContext.HttpContext.Session.TryGetValue("SO", out tempSession);
                SO = sessionPresent ? Tools.Box.FromByteArray <SessionObjects>(tempSession) : new SessionObjects();
            }
            catch
            {
                filterContext.Result = new RedirectResult("~/login");
            }

            if (SO != null && SO.SessionIdentity != null)
            {
                bool hasthesePrivs = false;
                bool PrivsCheck    = false;
                if (CheckForThesePrivileges != null && CheckForThesePrivileges.Length > 0)
                {
                    PrivsCheck    = true;
                    hasthesePrivs = securityHelper.DoesIdentityHavePrivileges(IConnect, SO.SessionIdentity.Identity.identities_id, CheckForThesePrivileges);
                }

                bool hasthesePrivsOnCore = false;
                bool PrivsOnCoreCheck    = false;
                if (CheckForThesePrivilegesOnCore != null && CheckForThesePrivilegesOnCore.Length > 0)
                {
                    var  formCollection = filterContext.HttpContext.Request.Form;
                    Guid?coreUUID       = null;

                    //Cores
                    if (!string.IsNullOrEmpty(CoreUUID))
                    {
                        if (formCollection.ContainsKey(CoreUUID))
                        {
                            coreUUID = ER_Tools.ConvertToGuid(formCollection[CoreUUID].ToString());
                        }
                        else if (filterContext.HttpContext.Request.Query.ContainsKey(CoreUUID))
                        {
                            coreUUID = ER_Tools.ConvertToGuid(filterContext.HttpContext.Request.Query[CoreUUID].ToString());
                        }
                    }

                    //Applications
                    if (!string.IsNullOrEmpty(ApplicationUUID))
                    {
                        Guid?appUUID = null;

                        if (formCollection.ContainsKey(ApplicationUUID))
                        {
                            appUUID = ER_Tools.ConvertToGuid(formCollection[ApplicationUUID].ToString());
                        }
                        else if (filterContext.HttpContext.Request.Query.ContainsKey(ApplicationUUID))
                        {
                            appUUID = ER_Tools.ConvertToGuid(filterContext.HttpContext.Request.Query[ApplicationUUID].ToString());
                        }

                        coreUUID = appHelper.GetAppCoreUUID(_Connect, appUUID);
                    }

                    //Roles
                    if (!string.IsNullOrEmpty(RoleUUID))
                    {
                        Guid?roleUUID = null;

                        if (formCollection.ContainsKey(RoleUUID))
                        {
                            roleUUID = ER_Tools.ConvertToGuid(formCollection[RoleUUID].ToString());
                        }
                        else if (filterContext.HttpContext.Request.Query.ContainsKey(RoleUUID))
                        {
                            roleUUID = ER_Tools.ConvertToGuid(filterContext.HttpContext.Request.Query[RoleUUID].ToString());
                        }

                        coreUUID = securityHelper.GetRoleCoreUUID(_Connect, roleUUID);
                    }

                    //Groups
                    if (!string.IsNullOrEmpty(GroupUUID))
                    {
                        Guid?groupUUID = null;

                        if (formCollection.ContainsKey(GroupUUID))
                        {
                            groupUUID = ER_Tools.ConvertToGuid(formCollection[GroupUUID].ToString());
                        }
                        else if (filterContext.HttpContext.Request.Query.ContainsKey(GroupUUID))
                        {
                            groupUUID = ER_Tools.ConvertToGuid(filterContext.HttpContext.Request.Query[GroupUUID].ToString());
                        }

                        coreUUID = securityHelper.GetGroupCoreUUID(_Connect, groupUUID);
                    }

                    //Check for privileges on core
                    if (coreUUID != null)
                    {
                        PrivsOnCoreCheck    = true;
                        hasthesePrivsOnCore = securityHelper.DoesIdentityHavePrivilegeOnCore(IConnect, SO.SessionIdentity.Identity.identities_id, CheckForThesePrivilegesOnCore, coreUUID);
                    }
                }

                bool hastheseRoles = false;
                bool RolesCheck    = false;
                if (CheckForTheseRoles != null && CheckForTheseRoles.Length > 0)
                {
                    RolesCheck    = true;
                    hastheseRoles = securityHelper.DoesIdentityHaveRoles(IConnect, CheckForTheseRoles, SO.SessionIdentity.Identity.identities_id);
                }

                if (PrivsCheck || RolesCheck || PrivsOnCoreCheck)
                {
                    //if((PrivsOnCoreCheck && !hasthesePrivsOnCore))
                    //{
                    //    hasthesePrivs = false;
                    //    hastheseRoles = false;
                    //}

                    if (hasthesePrivs == false && hastheseRoles == false && hasthesePrivsOnCore == false)
                    {
                        if (isActionResult)
                        {
                            filterContext.HttpContext.Response.StatusCode = 403;
                            filterContext.Result = new RedirectResult("/error/error404");
                        }
                        else
                        {
                            filterContext.HttpContext.Response.StatusCode = 403;

                            var result = new JsonResult(new
                            {
                                Data            = new { Success = false, Data = "Access Denied" },
                                ContentEncoding = System.Text.Encoding.UTF8,
                                ContentType     = "application/json"
                                                  //JsonRequestBehavior = JsonRequestBehavior.AllowGet
                            });
                            filterContext.Result = result;
                        }
                    }
                }
            }

            base.OnActionExecuting(filterContext);
        }