///<summary></summary>
public static T GetObject <T>(MethodBase methodBase, params object[] parameters)
{
if (RemotingClient.RemotingRole != RemotingRole.ClientWeb)
{
throw new ApplicationException("Meth.GetObject may only be used when RemotingRole is ClientWeb.");
}
//can't verify return type
DtoGetObject dto = new DtoGetObject();
if (typeof(T).IsGenericType)
{
Type listType = typeof(T).GetGenericArguments()[0];
dto.ObjectType = "List<" + listType.FullName + ">";
}
else
{
dto.ObjectType = typeof(T).FullName;
}
dto.MethodName = methodBase.DeclaringType.Name + "." + methodBase.Name;
dto.Params = DtoObject.ConstructArray(parameters, GetParamTypes(methodBase));
dto.Credentials = new Credentials();
dto.Credentials.Username = Security.CurUser.UserName;
dto.Credentials.Password = Security.PasswordTyped; //.CurUser.Password;
return(RemotingClient.ProcessGetObject <T>(dto));
}
///<summary>Will throw an exception if server cannot validate username and password.
///configPath will be empty from a workstation and filled from the server. If Ecw, odpass will actually be the hash.</summary>
public static Userod LogInWeb(string oduser, string odpass, string configPath, string clientVersionStr, bool usingEcw)
{
//Unusual remoting role check designed for first time logging in via middle tier.
if (RemotingClient.RemotingRole == RemotingRole.ServerWeb)
{
Userod user = Userods.CheckUserAndPassword(oduser, odpass, usingEcw);
if (string.IsNullOrEmpty(odpass)) //All middle tier connections must pass in a password.
{
throw new Exception("Invalid username or password.");
}
string command = "SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
string dbVersionStr = Db.GetScalar(command);
string serverVersionStr = Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
#if DEBUG
if (Assembly.GetAssembly(typeof(Db)).GetName().Version.Build == 0)
{
command = "SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'"; //Using this during debug in the head makes it open fast with less fiddling.
dbVersionStr = Db.GetScalar(command);
}
#endif
if (dbVersionStr != serverVersionStr)
{
throw new Exception("Version mismatch. Server:" + serverVersionStr + " Database:" + dbVersionStr);
}
if (!string.IsNullOrEmpty(clientVersionStr))
{
Version clientVersion = new Version(clientVersionStr);
Version serverVersion = new Version(serverVersionStr);
if (clientVersion > serverVersion)
{
throw new Exception("Version mismatch. Client:" + clientVersionStr + " Server:" + serverVersionStr);
}
}
//if clientVersion == serverVersion, than we need do nothing.
//if clientVersion < serverVersion, than an update will later be triggered.
//Security.CurUser=user;//we're on the server, so this is meaningless
return(user);
//return 0;//meaningless
}
else
{
//Because RemotingRole has not been set, and because CurUser has not been set,
//this particular method is more verbose than most and does not use Meth.
//It's not a good example of the standard way of doing things.
DtoGetObject dto = new DtoGetObject();
dto.Credentials = new Credentials();
dto.Credentials.Username = oduser;
dto.Credentials.Password = odpass; //Userods.EncryptPassword(password);
dto.ComputerName = Security.CurComputerName;
dto.MethodName = "OpenDentBusiness.Security.LogInWeb";
dto.ObjectType = typeof(Userod).FullName;
object[] parameters = new object[] { oduser, odpass, configPath, clientVersionStr, usingEcw };
dto.Params = DtoObject.ConstructArray(MethodBase.GetCurrentMethod(), parameters);
//Purposefully throws exceptions.
//If hasConnectionLost was set to true then the user would be stuck in an infinite loop of trying to connect to a potentially invalid Middle Tier URI.
//Therefore, set hasConnectionLost false so that the user gets an error message immediately in the event that Middle Tier cannot be reached.
return(RemotingClient.ProcessGetObject <Userod>(dto, false));
}
}
///<summary>Optionally set hasConnectionLost true to keep the calling thread here until a connection to the Middle Tier connection can be established
///in the event of a web connection failure. Set hasConnectionLost to false if a throw is desired when a connection cannot be made.</summary>
public static T ProcessGetObject <T>(DtoGetObject dto, bool hasConnectionLost = true)
{
string result = SendAndReceive(dto, hasConnectionLost);
try {
return(XmlConverterSerializer.Deserialize <T>(result));
}
catch (Exception ex) {
throw ProcessExceptionDeserialize(result, ex);
}
}
///<summary></summary>
public static T GetObject <T>(MethodBase methodBase, params object[] parameters)
{
if (RemotingClient.RemotingRole != RemotingRole.ClientWeb)
{
throw new ApplicationException("Meth.GetObject may only be used when RemotingRole is ClientWeb.");
}
//can't verify return type
DtoGetObject dto = new DtoGetObject();
if (typeof(T).IsGenericType)
{
Type listType = typeof(T).GetGenericArguments()[0];
dto.ObjectType = "List<" + listType.FullName + ">";
}
else
{
dto.ObjectType = typeof(T).FullName;
}
dto.MethodName = methodBase.DeclaringType.Namespace + "."
+ methodBase.DeclaringType.Name + "." + methodBase.Name;
dto.Params = DtoObject.ConstructArray(methodBase, parameters);
dto.Credentials = new Credentials();
dto.Credentials.Username = Security.CurUser.UserName;
dto.Credentials.Password = Security.PasswordTyped; //.CurUser.Password;
dto.ComputerName = Security.CurComputerName;
T retval = default(T);
try {
retval = RemotingClient.ProcessGetObject <T>(dto);
}
catch (ODException ex) {
if (ex.ErrorCode == (int)ODException.ErrorCodes.CheckUserAndPasswordFailed)
{
if (RemotingClient.HasLoginFailed) //login has already failed and we got another CheckUserAndPasswordFailed error, just throw
{
throw;
}
CredentialsFailed();
retval = GetObject <T>(methodBase, parameters);
}
else
{
throw;
}
}
return(retval);
}
///<summary></summary>
public static T ProcessGetObject <T>(DtoGetObject dto)
{
string result = SendAndReceive(dto); //this might throw an exception if server unavailable
try {
return(XmlConverter.Deserialize <T>(result));
/*
* XmlSerializer serializer=new XmlSerializer(typeof(T));
* //Type.GetType("OpenDentBusiness."+dto.ObjectType));
* StringReader strReader=new StringReader(result);
* XmlReader xmlReader=XmlReader.Create(strReader);
* object obj=serializer.Deserialize(xmlReader);
* strReader.Close();
* xmlReader.Close();
* return (T)obj;*/
}
catch {
DtoException exception = (DtoException)DataTransferObject.Deserialize(result);
throw new Exception(exception.Message);
}
}
//<summary>Obsolete</summary>
//public static void ResetPassword(){
//FIXME:UPDATE-MULTIPLE-TABLES
/*string command="UPDATE userod,grouppermissions SET userod.Password='' "
+"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
+"AND grouppermissions.PermType=24";
Db.NonQ(command);
*/
//Code updated to be compatible with Oracle as well as MySQL.
/*
string command="SELECT userod.UserNum FROM userod,grouppermissions "
+"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
+"AND grouppermissions.PermType=24";
DataTable table=Db.GetTable(command);
if(table.Rows.Count==0){
throw new ApplicationException("No admin exists.");
}
command="UPDATE userod SET Password='' WHERE UserNum="+POut.PString(table.Rows[0][0].ToString());
Db.NonQ(command);
}*/
///<summary>RemotingRole has not yet been set to ClientWeb, but it will if this succeeds. Will throw an exception if server cannot validate username and password. configPath will be empty from a workstation and filled from the server. If Ecw, odpass will actually be the hash.</summary>
public static Userod LogInWeb(string oduser,string odpass,string configPath,string clientVersionStr,bool usingEcw) {
//Very unusual method. Remoting role can't be checked, but is implied by the presence of a value in configPath.
if(configPath != "") {//RemotingRole.ServerWeb
Userods.LoadDatabaseInfoFromFile(ODFileUtils.CombinePaths(configPath,"OpenDentalServerConfig.xml"));
//ODFileUtils.CombinePaths(
// ,"OpenDentalServerConfig.xml"));
//Path.GetDirectoryName(Application.ExecutablePath),"OpenDentalServerConfig.xml"));
//Application.StartupPath,"OpenDentalServerConfig.xml"));
//Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),"OpenDentalServerConfig.xml"));
//Environment.CurrentDirectory,"OpenDentalServerConfig.xml"));
//Then, check username and password
Userod user=Userods.CheckUserAndPassword(oduser,odpass,usingEcw);
/*#if DEBUG
if(oduser==""){
user=Userods.GetUserByName("Admin",usingEcw);//without checking password. Makes debugging faster.
//No, don't do it this way. This is the server, so need to pass it in properly from the client or Security.PasswordTyped will be absent on the server.
}
#endif*/
if(user==null) {
throw new Exception("Invalid username or password.");
}
string command="SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
string dbVersionStr=Db.GetScalar(command);
string serverVersionStr=Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
#if DEBUG
if(Assembly.GetAssembly(typeof(Db)).GetName().Version.Build==0) {
command="SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'";//Using this during debug in the head makes it open fast with less fiddling.
dbVersionStr=Db.GetScalar(command);
}
#endif
if(dbVersionStr!=serverVersionStr) {
throw new Exception("Version mismatch. Server:"+serverVersionStr+" Database:"+dbVersionStr);
}
Version clientVersion=new Version(clientVersionStr);
Version serverVersion=new Version(serverVersionStr);
if(clientVersion > serverVersion){
throw new Exception("Version mismatch. Client:"+clientVersionStr+" Server:"+serverVersionStr);
}
//if clientVersion == serverVersion, than we need do nothing.
//if clientVersion < serverVersion, than an update will later be triggered.
//Security.CurUser=user;//we're on the server, so this is meaningless
return user;
//return 0;//meaningless
}
else {
//Because RemotingRole has not been set, and because CurUser has not been set,
//this particular method is more verbose than most and does not use Meth.
//It's not a good example of the standard way of doing things.
DtoGetObject dto=new DtoGetObject();
dto.Credentials=new Credentials();
dto.Credentials.Username=oduser;
dto.Credentials.Password=odpass;//Userods.EncryptPassword(password);
dto.MethodName="OpenDentBusiness.Security.LogInWeb";
dto.ObjectType=typeof(Userod).FullName;
object[] parameters=new object[] { oduser,odpass,configPath,clientVersionStr,usingEcw };
Type[] objTypes=new Type[] { typeof(string),typeof(string),typeof(string),typeof(string),typeof(bool) };
dto.Params=DtoObject.ConstructArray(parameters,objTypes);
return RemotingClient.ProcessGetObject<Userod>(dto);//can throw exception
}
}
///<summary>Pass in a serialized dto. It returns a dto which must be deserialized by the client.
///Set serverMapPath to the root directory of the OpenDentalServerConfig.xml. Typically Server.MapPath(".") from a web service.
///Optional parameter because it is not necessary for Unit Tests (mock server).</summary>
public static string ProcessDto(string dtoString, string serverMapPath = "")
{
#if DEBUG
//System.Threading.Thread.Sleep(100);//to test slowness issues with web service.
#endif
DataTransferObject dto = DataTransferObject.Deserialize(dtoString);
try {
string[] methNameComps = GetComponentsFromDtoMeth(dto.MethodName);
if (methNameComps.Length == 3 && methNameComps[2].ToLower() == "hashpassword")
{
return(GetHashPassword(dto));
}
//Always attempt to set the database connection settings from the config file if they haven't been set yet.
//We use to ONLY load in database settings when Security.LogInWeb was called but that is not good enough now that we have more services.
//E.g. We do not want to manually call "Security.LogInWeb" from the CEMT when all we want is a single preference value.
if (string.IsNullOrEmpty(DataConnection.GetServerName()) && string.IsNullOrEmpty(DataConnection.GetConnectionString()))
{
RemotingClient.RemotingRole = RemotingRole.ServerWeb;
//the application virtual path is usually /OpenDentalServer, but may be different if hosting multiple databases on one IIS server
string configFilePath = "";
if (!string.IsNullOrWhiteSpace(HostingEnvironment.ApplicationVirtualPath) && HostingEnvironment.ApplicationVirtualPath.Length > 1)
{
//There can be multiple config files within a physical path that is shared by multiple IIS ASP.NET applications.
//In order for the same physical path to host multiple applications, they each need a unique config file for db connection settings.
//Each application will have a unique ApplicationVirtualPath which we will use to identify the corresponding config.xml.
configFilePath = ODFileUtils.CombinePaths(serverMapPath, HostingEnvironment.ApplicationVirtualPath.Trim('/') + "Config.xml");
}
if (string.IsNullOrWhiteSpace(configFilePath) ||
!File.Exists(configFilePath)) //returns false if the file doesn't exist, user doesn't have permission for file, path is blank or null
{
//either configFilePath not set or file doesn't exist, default to OpenDentalServerConfig.xml
configFilePath = ODFileUtils.CombinePaths(serverMapPath, "OpenDentalServerConfig.xml");
}
Userods.LoadDatabaseInfoFromFile(configFilePath);
}
//Set Security.CurUser so that queries can be run against the db as if it were this user.
Security.CurUser = Userods.CheckUserAndPassword(dto.Credentials.Username
, dto.Credentials.Password
, Programs.IsEnabled(ProgramName.eClinicalWorks));
Security.PasswordTyped = dto.Credentials.Password;
Type type = dto.GetType();
#region DtoGetTable
if (type == typeof(DtoGetTable))
{
DtoGetTable dtoGetTable = (DtoGetTable)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetTable.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetTable.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetTable.MethodName);
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
DataTable dt = (DataTable)methodInfo.Invoke(null, paramObjs);
String response = XmlConverter.TableToXml(dt);
return(response);
}
#endregion
#region DtoGetTableLow
else if (type == typeof(DtoGetTableLow))
{
DtoGetTableLow dtoGetTableLow = (DtoGetTableLow)dto;
DtoObject[] parameters = dtoGetTableLow.Params;
object[] paramObjs = DtoObject.GenerateObjects(parameters);
DataTable dt = Reports.GetTable((string)paramObjs[0]);
String response = XmlConverter.TableToXml(dt);
return(response);
}
#endregion
#region DtoGetDS
else if (type == typeof(DtoGetDS))
{
DtoGetDS dtoGetDS = (DtoGetDS)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetDS.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetDS.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetDS.MethodName);
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
DataSet ds = (DataSet)methodInfo.Invoke(null, paramObjs);
String response = XmlConverter.DsToXml(ds);
return(response);
}
#endregion
#region DtoGetSerializableDictionary
else if (type == typeof(DtoGetSerializableDictionary))
{
DtoGetSerializableDictionary dtoGetSD = (DtoGetSerializableDictionary)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetSD.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetSD.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetSD.MethodName);
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
Object objResult = methodInfo.Invoke(null, paramObjs);
Type returnType = methodInfo.ReturnType;
return(XmlConverter.Serialize(returnType, objResult));
}
#endregion
#region DtoGetLong
else if (type == typeof(DtoGetLong))
{
DtoGetLong dtoGetLong = (DtoGetLong)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetLong.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetLong.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetLong.MethodName);
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
long longResult = (long)methodInfo.Invoke(null, paramObjs);
return(longResult.ToString());
}
#endregion
#region DtoGetInt
else if (type == typeof(DtoGetInt))
{
DtoGetInt dtoGetInt = (DtoGetInt)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetInt.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetInt.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetInt.MethodName);
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
int intResult = (int)methodInfo.Invoke(null, paramObjs);
return(intResult.ToString());
}
#endregion
#region DtoGetDouble
else if (type == typeof(DtoGetDouble))
{
DtoGetDouble dtoGetDouble = (DtoGetDouble)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetDouble.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetDouble.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetDouble.MethodName);
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
double doubleResult = (double)methodInfo.Invoke(null, paramObjs);
return(doubleResult.ToString());
}
#endregion
#region DtoGetVoid
else if (type == typeof(DtoGetVoid))
{
DtoGetVoid dtoGetVoid = (DtoGetVoid)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetVoid.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetVoid.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetVoid.MethodName);
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
methodInfo.Invoke(null, paramObjs);
return("0");
}
#endregion
#region DtoGetObject
else if (type == typeof(DtoGetObject))
{
DtoGetObject dtoGetObject = (DtoGetObject)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetObject.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
//if(className != "Security" || methodName != "LogInWeb") {//because credentials will be checked inside that method
// Userods.CheckCredentials(dtoGetObject.Credentials);//will throw exception if fails.
//}
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
//if(className!="Security" || methodName!="LogInWeb") {//Do this for everything except Security.LogInWeb, because Plugins.GetAssembly will fail in that case.
// ass=Plugins.GetAssembly(assemblyName);
//}
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetObject.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetObject.MethodName);
}
if (className == "Security" && methodName == "LogInWeb")
{
parameters[2] = new DtoObject(serverMapPath, typeof(string)); //because we can't access this variable from within OpenDentBusiness.
RemotingClient.RemotingRole = RemotingRole.ServerWeb;
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
Object objResult = methodInfo.Invoke(null, paramObjs);
Type returnType = methodInfo.ReturnType;
if (returnType.IsInterface)
{
objResult = new DtoObject(objResult, objResult?.GetType() ?? returnType);
returnType = typeof(DtoObject);
}
return(XmlConverter.Serialize(returnType, objResult));
}
#endregion
#region DtoGetString
else if (type == typeof(DtoGetString))
{
DtoGetString dtoGetString = (DtoGetString)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetString.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetString.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetString.MethodName);
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
string strResult = (string)methodInfo.Invoke(null, paramObjs);
strResult = XmlConverter.XmlEscape(strResult);
return(strResult);
}
#endregion
#region DtoGetBool
else if (type == typeof(DtoGetBool))
{
DtoGetBool dtoGetBool = (DtoGetBool)dto;
string[] fullNameComponents = GetComponentsFromDtoMeth(dtoGetBool.MethodName);
string assemblyName = fullNameComponents[0]; //OpenDentBusiness or else a plugin name
string className = fullNameComponents[1];
string methodName = fullNameComponents[2];
Type classType = null;
Assembly ass = Plugins.GetAssembly(assemblyName);
if (ass == null)
{
classType = Type.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className + "," + assemblyName);
}
else //plugin was found
{
classType = ass.GetType(assemblyName //actually, the namespace which we require to be same as assembly by convention
+ "." + className);
}
DtoObject[] parameters = dtoGetBool.Params;
Type[] paramTypes = DtoObject.GenerateTypes(parameters, assemblyName);
MethodInfo methodInfo = classType.GetMethod(methodName, paramTypes);
if (methodInfo == null)
{
throw new ApplicationException("Method not found with " + parameters.Length.ToString() + " parameters: " + dtoGetBool.MethodName);
}
object[] paramObjs = DtoObject.GenerateObjects(parameters);
bool boolResult = (bool)methodInfo.Invoke(null, paramObjs);
return(boolResult.ToString());
}
#endregion
else
{
throw new NotSupportedException("Dto type not supported: " + type.FullName);
}
}
catch (Exception e) {
DtoException exception = new DtoException();
exception.ExceptionType = e.GetType().BaseType.Name; //Since the exception was down converted to a regular exception, we need the BaseType.
if (e.InnerException == null)
{
exception.Message = e.Message;
}
else
{
exception.Message = e.InnerException.Message;
}
return(exception.Serialize());
}
}
//<summary>Obsolete</summary>
//public static void ResetPassword(){
//FIXME:UPDATE-MULTIPLE-TABLES
/*string command="UPDATE userod,grouppermissions SET userod.Password='' "
+"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
+"AND grouppermissions.PermType=24";
* Db.NonQ(command);
*/
//Code updated to be compatible with Oracle as well as MySQL.
/*
* string command="SELECT userod.UserNum FROM userod,grouppermissions "
+"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
+"AND grouppermissions.PermType=24";
* DataTable table=Db.GetTable(command);
* if(table.Rows.Count==0){
* throw new ApplicationException("No admin exists.");
* }
* command="UPDATE userod SET Password='' WHERE UserNum="+POut.PString(table.Rows[0][0].ToString());
* Db.NonQ(command);
* }*/
///<summary>RemotingRole has not yet been set to ClientWeb, but it will if this succeeds. Will throw an exception if server cannot validate username and password. configPath will be empty from a workstation and filled from the server. If Ecw, odpass will actually be the hash.</summary>
public static Userod LogInWeb(string oduser, string odpass, string configPath, string clientVersionStr, bool usingEcw)
{
//Very unusual method. Remoting role can't be checked, but is implied by the presence of a value in configPath.
if (configPath != "") //RemotingRole.ServerWeb
{
Userods.LoadDatabaseInfoFromFile(ODFileUtils.CombinePaths(configPath, "OpenDentalServerConfig.xml"));
//ODFileUtils.CombinePaths(
// ,"OpenDentalServerConfig.xml"));
//Path.GetDirectoryName(Application.ExecutablePath),"OpenDentalServerConfig.xml"));
//Application.StartupPath,"OpenDentalServerConfig.xml"));
//Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),"OpenDentalServerConfig.xml"));
//Environment.CurrentDirectory,"OpenDentalServerConfig.xml"));
//Then, check username and password
Userod user = Userods.CheckUserAndPassword(oduser, odpass, usingEcw);
#if DEBUG
//if(oduser=="Admin"){
// user=Userods.GetUserByName("Admin",usingEcw);//without checking password. Makes debugging faster.
//}
#endif
if (user == null)
{
throw new Exception("Invalid username or password.");
}
string command = "SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
string dbVersionStr = Db.GetScalar(command);
string serverVersionStr = Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
#if DEBUG
if (Assembly.GetAssembly(typeof(Db)).GetName().Version.Build == 0)
{
command = "SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'"; //Using this during debug in the head makes it open fast with less fiddling.
dbVersionStr = Db.GetScalar(command);
}
#endif
if (dbVersionStr != serverVersionStr)
{
throw new Exception("Version mismatch. Server:" + serverVersionStr + " Database:" + dbVersionStr);
}
Version clientVersion = new Version(clientVersionStr);
Version serverVersion = new Version(serverVersionStr);
if (clientVersion > serverVersion)
{
throw new Exception("Version mismatch. Client:" + clientVersionStr + " Server:" + serverVersionStr);
}
//if clientVersion == serverVersion, than we need do nothing.
//if clientVersion < serverVersion, than an update will later be triggered.
//Security.CurUser=user;//we're on the server, so this is meaningless
return(user);
//return 0;//meaningless
}
else
{
//Because RemotingRole has not been set, and because CurUser has not been set,
//this particular method is more verbose than most and does not use Meth.
//It's not a good example of the standard way of doing things.
DtoGetObject dto = new DtoGetObject();
dto.Credentials = new Credentials();
dto.Credentials.Username = oduser;
dto.Credentials.Password = odpass; //Userods.EncryptPassword(password);
dto.MethodName = "Security.LogInWeb";
dto.ObjectType = typeof(Userod).FullName;
object[] parameters = new object[] { oduser, odpass, configPath, clientVersionStr, usingEcw };
Type[] objTypes = new Type[] { typeof(string), typeof(string), typeof(string), typeof(string), typeof(bool) };
dto.Params = DtoObject.ConstructArray(parameters, objTypes);
return(RemotingClient.ProcessGetObject <Userod>(dto)); //can throw exception
}
}
