public static bool CreateUser(string AUsername, string APassword, string AFirstName, string AFamilyName, string AModulePermissions)
{
TDBTransaction ReadTransaction = null;
TDBTransaction SubmitChangesTransaction = null;
bool UserExists = false;
bool SubmissionOK = false;
// TODO: check permissions. is the current user allowed to create other users?
SUserTable userTable = new SUserTable();
SUserRow newUser = userTable.NewRowTyped();
newUser.UserId = AUsername;
newUser.FirstName = AFirstName;
newUser.LastName = AFamilyName;
if (AUsername.Contains("@"))
{
newUser.EmailAddress = AUsername;
newUser.UserId = AUsername.Substring(0, AUsername.IndexOf("@")).
Replace(".", string.Empty).
Replace("_", string.Empty).ToUpper();
}
// Check whether the user that we are asked to create already exists
DBAccess.GDBAccessObj.BeginAutoReadTransaction(IsolationLevel.ReadCommitted, ref ReadTransaction,
delegate
{
if (SUserAccess.Exists(newUser.UserId, ReadTransaction))
{
TLogging.Log("Cannot create new user as a user with User Name '" + newUser.UserId + "' already exists!");
UserExists = true;
}
});
if (UserExists)
{
return false;
}
userTable.Rows.Add(newUser);
string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);
if (UserAuthenticationMethod == "OpenPetraDBSUser")
{
if (APassword.Length > 0)
{
newUser.PasswordSalt = PasswordHelper.GetNewPasswordSalt();
newUser.PasswordHash = PasswordHelper.GetPasswordHash(APassword, newUser.PasswordSalt);
newUser.PasswordNeedsChange = true;
}
}
else
{
try
{
IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);
if (!auth.CreateUser(AUsername, APassword, AFirstName, AFamilyName))
{
newUser = null;
}
}
catch (Exception e)
{
TLogging.Log("Problem loading user authentication method " + UserAuthenticationMethod + ": " + e.ToString());
return false;
}
}
if (newUser != null)
{
DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction, ref SubmissionOK,
delegate
{
SUserAccess.SubmitChanges(userTable, SubmitChangesTransaction);
List <string>modules = new List <string>();
if (AModulePermissions == DEMOMODULEPERMISSIONS)
{
modules.Add("PTNRUSER");
modules.Add("FINANCE-1");
ALedgerTable theLedgers = ALedgerAccess.LoadAll(SubmitChangesTransaction);
foreach (ALedgerRow ledger in theLedgers.Rows)
{
modules.Add("LEDGER" + ledger.LedgerNumber.ToString("0000"));
}
}
else
{
string[] modulePermissions = AModulePermissions.Split(new char[] { ',' });
foreach (string s in modulePermissions)
{
if (s.Trim().Length > 0)
{
modules.Add(s.Trim());
}
}
}
SUserModuleAccessPermissionTable moduleAccessPermissionTable = new SUserModuleAccessPermissionTable();
foreach (string module in modules)
{
SUserModuleAccessPermissionRow moduleAccessPermissionRow = moduleAccessPermissionTable.NewRowTyped();
moduleAccessPermissionRow.UserId = newUser.UserId;
moduleAccessPermissionRow.ModuleId = module;
moduleAccessPermissionRow.CanAccess = true;
moduleAccessPermissionTable.Rows.Add(moduleAccessPermissionRow);
}
SUserModuleAccessPermissionAccess.SubmitChanges(moduleAccessPermissionTable, SubmitChangesTransaction);
// TODO: table permissions should be set by the module list
string[] tables = new string[] {
"p_bank", "p_church", "p_family", "p_location",
"p_organisation", "p_partner", "p_partner_location",
"p_partner_type", "p_person", "p_unit", "p_venue"
};
SUserTableAccessPermissionTable tableAccessPermissionTable = new SUserTableAccessPermissionTable();
foreach (string table in tables)
{
SUserTableAccessPermissionRow tableAccessPermissionRow = tableAccessPermissionTable.NewRowTyped();
tableAccessPermissionRow.UserId = newUser.UserId;
tableAccessPermissionRow.TableName = table;
tableAccessPermissionTable.Rows.Add(tableAccessPermissionRow);
}
SUserTableAccessPermissionAccess.SubmitChanges(tableAccessPermissionTable, SubmitChangesTransaction);
SubmissionOK = true;
});
return true;
}
return false;
}
private static Boolean SaveUser(String AUserID, SUserTable AUserDataTable)
{
TDBTransaction TheTransaction;
if ((AUserDataTable != null) && (AUserDataTable.Rows.Count > 0))
{
TheTransaction = DBAccess.GDBAccessObj.BeginTransaction(IsolationLevel.Serializable);
try
{
SUserAccess.SubmitChanges(AUserDataTable, TheTransaction);
DBAccess.GDBAccessObj.CommitTransaction();
}
catch (Exception Exc)
{
TLogging.Log("An Exception occured during the saving of a User:" + Environment.NewLine + Exc.ToString());
DBAccess.GDBAccessObj.RollbackTransaction();
throw;
}
}
else
{
// nothing to save!
return false;
}
return true;
}
private DataTable GetFoundationOwnerListTable(TDBTransaction AReadTransaction, string ATableName)
{
// Used in Foundation Details screen.
SUserTable TmpUserTable = new SUserTable();
TmpUserTable = (SUserTable)DBAccess.GDBAccessObj.SelectDT(TmpUserTable, "SELECT " + SUserTable.GetPartnerKeyDBName() + ',' +
SUserTable.GetUserIdDBName() + ',' +
SUserTable.GetFirstNameDBName() + ',' +
SUserTable.GetLastNameDBName() + ' ' +
"FROM PUB_" + SUserTable.GetTableDBName() + ' ' +
"WHERE " + SUserTable.GetPartnerKeyDBName() + " <> 0 " +
"AND " + SUserTable.GetUserIdDBName() +
" IN (SELECT " + SUserModuleAccessPermissionTable.GetUserIdDBName() + ' ' +
"FROM PUB_" + SUserModuleAccessPermissionTable.GetTableDBName() + ' ' +
"WHERE " + SUserModuleAccessPermissionTable.GetModuleIdDBName() +
" = 'DEVUSER')" + "AND " + SUserTable.GetRetiredDBName() +
" = FALSE", AReadTransaction, null, -1, -1);
SUserRow EmptyDR = TmpUserTable.NewRowTyped(false);
EmptyDR.PartnerKey = 0;
EmptyDR.UserId = "";
TmpUserTable.Rows.InsertAt(EmptyDR, 0);
return TmpUserTable;
}
