public TerminateUserSessionResponse TerminateUserSession(TerminateUserSessionRequest request) { Platform.CheckForNullReference(request, "request"); Platform.CheckForNullReference(request.SessionIds, "SessionIds"); // exclude the current session - user must not delete own active session! var sessionIds = request.SessionIds.Where(id => id != CurrentUserSessionId).ToList(); if (sessionIds.Count == 0) { throw new RequestValidationException(SR.MessageCannotDeleteOwnUserCurrentSession); } // load all sessions by id var where = new UserSessionSearchCriteria(); where.SessionId.In(sessionIds); var sessions = PersistenceContext.GetBroker <IUserSessionBroker>().Find(where); // terminate all sessions foreach (var session in sessions) { session.Terminate(); } return(new TerminateUserSessionResponse(sessions.Select(s => s.SessionId).ToList())); }
public TerminateUserSessionResponse TerminateUserSession(TerminateUserSessionRequest request) { Platform.CheckForNullReference(request, "request"); Platform.CheckForNullReference(request.SessionIds, "SessionIds"); // exclude the current session - user must not delete own active session! var sessionIds = request.SessionIds.Where(id => id != CurrentUserSessionId).ToList(); if (sessionIds.Count == 0) { throw new RequestValidationException(SR.MessageCannotDeleteOwnUserCurrentSession); } // load all sessions by id var where = new UserSessionSearchCriteria(); where.SessionId.In(sessionIds); where.IsImpersonated.EqualTo(false); // impersonated sessions cannot be terminated in this manner var sessions = PersistenceContext.GetBroker <IUserSessionBroker>().Find(where); // terminate sessions foreach (var session in sessions) { // but only if the current user is actually authorized to do so EnsureCurrentUserAuthorizedToManage(session.User.AccountType); session.Terminate(); } return(new TerminateUserSessionResponse(sessions.Select(s => s.SessionId).ToList())); }
/// <summary> /// Gets the session identified by the specified session token, or null if no session exists. /// </summary> /// <param name="sessionToken"></param> /// <returns></returns> private UserSession GetSession(SessionToken sessionToken) { if (String.IsNullOrEmpty(sessionToken.Id)) { return(null); //we know this isn't valid, so don't go to the database. } var where = new UserSessionSearchCriteria(); where.SessionId.EqualTo(sessionToken.Id); // use query caching here to hopefully speed this up a bit var sessions = PersistenceContext.GetBroker <IUserSessionBroker>().Find( where, new SearchResultPage(0, 1), new EntityFindOptions { Cache = true }); // ensure case-sensitive match, returns null if no match return(CollectionUtils.SelectFirst(sessions, s => s.SessionId == sessionToken.Id)); }
public TerminateUserSessionResponse TerminateUserSession(TerminateUserSessionRequest request) { Platform.CheckForNullReference(request, "request"); Platform.CheckForNullReference(request.SessionIds, "SessionIds"); // exclude the current session - user must not delete own active session! var sessionIds = request.SessionIds.Where(id => id != CurrentUserSessionId).ToList(); if(sessionIds.Count == 0) throw new RequestValidationException(SR.MessageCannotDeleteOwnUserCurrentSession); // load all sessions by id var where = new UserSessionSearchCriteria(); where.SessionId.In(sessionIds); where.IsImpersonated.EqualTo(false); // impersonated sessions cannot be terminated in this manner var sessions = PersistenceContext.GetBroker<IUserSessionBroker>().Find(where); // terminate sessions foreach (var session in sessions) { // but only if the current user is actually authorized to do so EnsureCurrentUserAuthorizedToManage(session.User.AccountType); session.Terminate(); } return new TerminateUserSessionResponse(sessions.Select(s => s.SessionId).ToList()); }
/// <summary> /// Gets the session identified by the specified session token, or null if no session exists. /// </summary> /// <param name="sessionToken"></param> /// <returns></returns> private UserSession GetSession(SessionToken sessionToken) { if (String.IsNullOrEmpty(sessionToken.Id)) return null; //we know this isn't valid, so don't go to the database. var where = new UserSessionSearchCriteria(); where.SessionId.EqualTo(sessionToken.Id); // use query caching here to hopefully speed this up a bit var sessions = PersistenceContext.GetBroker<IUserSessionBroker>().Find( where, new SearchResultPage(0, 1), new EntityFindOptions { Cache = true }); // ensure case-sensitive match, returns null if no match return CollectionUtils.SelectFirst(sessions, s => s.SessionId == sessionToken.Id); }
public TerminateUserSessionResponse TerminateUserSession(TerminateUserSessionRequest request) { Platform.CheckForNullReference(request, "request"); Platform.CheckForNullReference(request.SessionIds, "SessionIds"); // exclude the current session - user must not delete own active session! var sessionIds = request.SessionIds.Where(id => id != CurrentUserSessionId).ToList(); if(sessionIds.Count == 0) throw new RequestValidationException(SR.MessageCannotDeleteOwnUserCurrentSession); // load all sessions by id var where = new UserSessionSearchCriteria(); where.SessionId.In(sessionIds); var sessions = PersistenceContext.GetBroker<IUserSessionBroker>().Find(where); // terminate all sessions foreach (var session in sessions) { session.Terminate(); } return new TerminateUserSessionResponse(sessions.Select(s => s.SessionId).ToList()); }