private void InferRoleSelection()
{
_selectedRole = LookupBLL.Roles.Find(p => p.Id == Int16.Parse(ddlRoles.SelectedValue));
if (_selectedRole == null)
{
ShiptalkException.ThrowSecurityException("Possible role list manipulation. The selected role was not found.", "Sorry. We're unable to serve your request. Please contact support for assistance");
}
//DisplayMessage("Sorry. We're unable to serve your request. Please contact support for assistance.");
}
private bool IsAuthorized()
{
//return AccessRulesBLL.CheckReadOnlyAccess(this.AccountInfo, UserData);
bool AuthResult = AccessRulesBLL.CanViewSubStateUser(UserSubStateRegionData.RegionId, UserSubStateRegionData.IsAdmin, UserData.StateFIPS, ViewerUserData);
if (!AuthResult)
{
ShiptalkException.ThrowSecurityException(string.Format("Access denied. User :{0} cannot view {1}.", this.AccountInfo.UserId, UserData.UserId), "You are not authorized to view the User information.");
}
return(AuthResult);
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsAuthorized())
{
ShiptalkException.ThrowSecurityException(string.Format("Access denied. User :{0} cannot edit {1}.", this.AccountInfo.UserId, UserData.UserId), "You are not authorized to edit the User information.");
}
InitializeView();
//Pbattineni - 10/08/12
oldEmailId = (formView.FindControl("oldEmail") as TextBox).Text.ToString();
}
private void InferRoleSelection()
{
Role CMSRole = LookupBLL.GetRole(Scope.CMS, true);
if (Int16.Parse(ddlRoles.SelectedValue) == CMSRole.Id)
{
_selectedRole = CMSRole;
}
else
{
_selectedRole = LookupBLL.Roles.Find(p => p.Id == Int16.Parse(ddlRoles.SelectedValue));
}
if (_selectedRole == null)
{
ShiptalkException.ThrowSecurityException("Possible role list manipulation. The selected role was not found.", "Sorry. We're unable to serve your request. Please contact support for assistance");
}
}
protected void Application_Error(object sender, EventArgs e)
{
bool RedirectToCustomErrorPage = true;
string ErrorPagesVirPath = "~/ErrorPages/";
string Error404Page = ErrorPagesVirPath + "404.aspx";
string CustomErrorPage = ErrorPagesVirPath + "CustomError.aspx";
string SessionUnavailablePage = ErrorPagesVirPath + "SessionExpired.aspx";
string UnAuthorizedAccessPage = ErrorPagesVirPath + "UnAuthorizedAccess.aspx";
try
{
Exception Ex = HttpContext.Current.Error;
var request = HttpContext.Current.Request;
string mesg = Ex.Message.ToLower();
string pagePath = Request.Url.PathAndQuery.ToString();
string WEB_EVENT_NAME = "WebEventRequestInformation";
bool IsAuthenticated = (HttpContext.Current.User != null && HttpContext.Current.User.Identity.IsAuthenticated);
bool IsUserLoggedIn = IsAuthenticated && ShiptalkPrincipal.IsSessionActive;
string UserInfo = IsUserLoggedIn ? GetUserInfo(ShiptalkPrincipal.UserId) : "Unhandled error. Caught in global.asax.";
ErrorHandlerUtil.HandleError(Ex, HttpContext.Current, UserInfo);
if (Ex is HttpUnhandledException)
{
//The default action: Must redirect to custom page. The event must be logged before that.
RedirectToCustomErrorPage = true;
Application.Add(WEB_EVENT_NAME, CreateWebEventRequestInfo(request));
}
else if (Ex is HttpException)
{
Server.ClearError();
HttpException httpEx = Ex as HttpException;
if (httpEx.GetHttpCode() == 404)
{
if (pagePath.ToLower().EndsWith(".aspx"))
{
//We need to redirect User to 404 page.
RedirectToCustomErrorPage = false;
//For now, we are not going to log this event.
//Application.Add(WEB_EVENT_NAME, CreateWebEventRequestInfo(request));
Response.Redirect(Error404Page);
return;
}
else
{
//Here we do not take any action. We do not want to keep logging for some cached image request that does not exist.
//404 for Gif, JPG and other requests handled here. fakeimg.jpg
//If we try to redirect user to another page, user will get
//undesired results, just because of a missing insignificant image.
Response.ClearContent();
RedirectToCustomErrorPage = false;
return;
}
}
}
else if (Ex is ShiptalkException)
{
ShiptalkException shipEx = Ex as ShiptalkException;
if (shipEx != null && shipEx.ExceptionType.HasValue)
{
if (shipEx.ExceptionType.Value == ShiptalkException.ShiptalkExceptionTypes.UN_AUTHORIZED_EXCEPTION)
{
//Redirect if session expired.
//We're not going to log this event.
Server.ClearError();
RedirectToCustomErrorPage = false;
Response.Redirect(UnAuthorizedAccessPage, true);
}
else if (shipEx.ExceptionType.Value == ShiptalkException.ShiptalkExceptionTypes.SESSION_EXPIRED_OR_UNAVAILABLE)
{
//Redirect if session expired.
//We're not going to log this event.
Server.ClearError();
RedirectToCustomErrorPage = false;
Response.Redirect(SessionUnavailablePage, true);
}
}
}
else if (Ex is System.Security.SecurityException)
{
//Redirect if session expired.
//We're not going to log this event.
Server.ClearError();
RedirectToCustomErrorPage = false;
Response.Redirect(UnAuthorizedAccessPage, true);
}
}
catch (Exception OuterEx) { RedirectToCustomErrorPage = true; }
if (RedirectToCustomErrorPage)
{
Server.Transfer(CustomErrorPage);
}
//Response.Write(string.Format("<h1>{0}</h1>", Server.GetLastError().StackTrace.ToString()));
//Response.Flush();
//Response.End();
}
