public override bool IsAuthorized(AuthFilterContext context)
{
if (DomainUtility.IsTestEnvironment)
{
return(true);
}
using (APIAccessService apiAccessService = new APIAccessService())
{
//when a client is calling main api ,they have to put token,which is password, in header named token
if (context.ActionContext.Request.Headers.Contains("token"))
{
return(apiAccessService.HasAccess(ApiUtility.GetIPAddress(), context.ActionContext.Request.Headers.GetValues("token").FirstOrDefault()));
}
else
{
if (AccessUtility.CalledByLocalSA(HttpContext.Current.Request))
{
//it is called from single action module in same server with same ip.
return(true);
}
else
{
//when bpms user panel is calling engine api,every request should have formToken in its parameters.
string formToken = context.ActionContext.RequestContext.Url.Request.GetHttpContext().Request.QueryString[FormTokenUtility.FormToken];
return(FormTokenUtility.ValidateFormToken(formToken, HttpContext.Current.Session.SessionID));
}
}
}
}
public BpmsCartableApiControlBase()
{
if (this.MyRequest.Headers.AllKeys.Contains("clientIp"))
{
this.ClientIp = this.MyRequest.Headers["clientIp"].ToStringObj();
}
else
{
this.ClientIp = ApiUtility.GetIPAddress();
}
using (APIAccessService apiAccessService = new APIAccessService())
{
//api call using toke header,which is password, or formToken ,which is a parameter like antiforgerytoken cosist of sessionId and mainDynamicFormId encripted by sessionId.
if (!this.MyRequest.Headers.AllKeys.Contains("token"))
{
this.ClientUserName = DomainUtility.IsTestEnvironment ? "bpms_expert" : base.UserInfo.Username;
this.ClientFormToken = this.MyRequest.QueryString[FormTokenUtility.FormToken].ToStringObj();
this.ClientId = HttpContext.Current.Session.SessionID;
this.ApiSessionId = DomainUtility.CreateApiSessionID(this.ClientId, this.ClientIp);
this.IsEncrypted = FormTokenUtility.GetIsEncrypted(this.ClientFormToken, this.ClientId);
}
else
{
if (this.MyRequest.Headers.AllKeys.Contains("userName"))
{
this.ClientUserName = this.MyRequest.Headers["userName"].ToStringObj();
}
this.ClientId = this.MyRequest.Headers["clientId"].ToStringObj();
this.ApiSessionId = DomainUtility.CreateApiSessionID(this.ClientId, this.ClientIp);;
//set ApiSessionID
if (!apiAccessService.HasAccess(ApiUtility.GetIPAddress(), this.MyRequest.Headers.GetValues("token").FirstOrDefault()))
{
throw new Exception("You are not authorized to access this application.");
}
this.IsEncrypted = this.MyRequest.Headers["isEncrypted"].ToStringObj() == "1";
}
}
}
public object PostPopUp(Guid?applicationPageId = null, Guid?threadTaskID = null, Guid?formID = null, string controlId = "")
{
SingleActionSettingDTO setting = base.GetSetting();
if (setting.ProcessID.HasValue)
{
#region .:: Thread ::.
PostTaskFormResponseModel responseVM = null;
//If bpms engine is in different domain.
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
EngineProcessProxy engineProcessProxy = new EngineProcessProxy(setting.WebApiAddress, setting.WebServicePass, base.ClientUserName, ApiUtility.GetIPAddress(), base.ApiSessionId, this.IsEncrypted);
responseVM = engineProcessProxy.PostForm(threadTaskID.Value, formID.Value, controlId, base.MyRequest.GetList(false, string.Empty).ToList());
}
else
{
}
if (!responseVM.IsSuccess)
{
return(new EngineFormResponseDTO(redirectUrl: base.GetRedirectUrl(responseVM.RedirectUrlModel), reloadForm: false,
null, false, messageList: responseVM.ListMessageModel, false));
}
else
{
if (responseVM.IsSubmit)
{
return(new EngineFormResponseDTO(
redirectUrl: base.GetRedirectUrl(responseVM.RedirectUrlModel), reloadForm: false,
listDownloadModel: responseVM.ListDownloadModel,
isSubmit: true,
responseVM.ListMessageModel, true
));
}
else
{
return(new EngineFormResponseDTO(
redirectUrl: base.GetRedirectUrl(responseVM.RedirectUrlModel), reloadForm: true,
listDownloadModel: responseVM.ListDownloadModel,
isSubmit: false,
responseVM.ListMessageModel
));
}
}
#endregion
}
else
{
#region .:: Application ::.
PostFormResponseModel responseVM = null;
//if bpms engine is in different domain
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
EngineApplicationProxy engineApplicationProxy = new EngineApplicationProxy(setting.WebApiAddress, setting.WebServicePass, base.ClientUserName, ApiUtility.GetIPAddress(), base.ApiSessionId, this.IsEncrypted);
responseVM = engineApplicationProxy.PostForm(applicationPageId.Value, controlId, base.MyRequest.GetList(false, string.Empty).ToList());
}
else
{
EngineSharedModel engineSharedModel = new EngineSharedModel(applicationPageId.Value, base.MyRequest.GetList(this.IsEncrypted, base.ApiSessionId).ToList(), base.ClientUserName, base.ApiSessionId);
using (ApplicationPageEngine applicationPageEngine = new ApplicationPageEngine(engineSharedModel))
responseVM = applicationPageEngine.PostForm(controlId);
}
if (!responseVM.IsSuccess)
{
return(new EngineFormResponseDTO(
redirectUrl: base.GetRedirectUrl(responseVM.RedirectUrlModel), reloadForm: false, null,
isSubmit: false, responseVM.ListMessageModel, false));
}
else
{
if (responseVM.IsSubmit)
{
return(new EngineFormResponseDTO(
redirectUrl: base.GetRedirectUrl(responseVM.RedirectUrlModel), reloadForm: false,
listDownloadModel: responseVM.ListDownloadModel, isSubmit: true,
responseVM.ListMessageModel
));
}
else
{
return(new EngineFormResponseDTO(
base.GetRedirectUrl(responseVM.RedirectUrlModel), reloadForm: true,
responseVM.ListDownloadModel, isSubmit: false,
responseVM.ListMessageModel, true
));
}
}
#endregion
}
}
public object PostIndex(Guid?applicationPageId = null, Guid?threadTaskID = null, string controlId = "", Guid?stepID = null, bool?goNext = null)
{
SingleActionSettingDTO setting = base.GetSetting();
if (setting.ProcessID.HasValue)
{
#region .:: Thread ::.
PostTaskFormResponseModel responseVM = null;
//If bpms engine is in different domain.
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
EngineProcessProxy engineProcessProxy = new EngineProcessProxy(setting.WebApiAddress, setting.WebServicePass, base.ClientUserName, ApiUtility.GetIPAddress(), base.ApiSessionId, this.IsEncrypted);
responseVM = engineProcessProxy.PostTaskForm(threadTaskID.Value, controlId, stepID.Value, goNext, base.MyRequest.GetList(false, string.Empty).ToList());
}
else
{
//If engine is in same domain, call it directly.
using (ThreadTaskService threadTaskService = new ThreadTaskService())
{
sysBpmsThreadTask threadTask = threadTaskService.GetInfo(threadTaskID.Value, new string[] { nameof(sysBpmsThreadTask.Thread) });
using (ProcessEngine processEngine = new ProcessEngine(new EngineSharedModel(threadTask.Thread, threadTask.Thread.ProcessID, base.MyRequest.GetList(this.IsEncrypted, base.ApiSessionId).ToList(), base.ClientUserName, base.ApiSessionId)))
{
responseVM = processEngine.PostTaskForm(threadTask.ID, stepID.Value, goNext, controlId);
}
}
}
if (!responseVM.IsSuccess)
{
return(new EngineFormResponseDTO(redirectUrl: base.GetRedirectUrl(responseVM.RedirectUrlModel), reloadForm: false,
null, false, messageList: responseVM.ListMessageModel, false));
}
else
{
if (responseVM.IsSubmit)
{
if (responseVM.IsNextPrevious == true)
{
return(new EngineFormResponseDTO(
redirectUrl: base.GetRedirectUrl(responseVM.RedirectUrlModel),
reloadForm: true,
listDownloadModel: responseVM.ListDownloadModel,
messageList: responseVM.ListMessageModel
)
{
StepID = responseVM.StepID.Value,
});
}
else
{
return new EngineFormResponseDTO(
redirectUrl: string.IsNullOrWhiteSpace(base.GetRedirectUrl(responseVM.RedirectUrlModel)) ? "CartableManage" :
base.GetRedirectUrl(responseVM.RedirectUrlModel), reloadForm: setting.ProcessEndFormID.HasValue,
listDownloadModel: responseVM.ListDownloadModel,
messageList: responseVM.ListMessageModel
)
{
EndAppPageID = setting.ProcessEndFormID,
StepID = responseVM?.StepID,
}
};
}
else
{
return new EngineFormResponseDTO(
redirectUrl: base.GetRedirectUrl(responseVM.RedirectUrlModel),
reloadForm: true,
listDownloadModel: responseVM.ListDownloadModel,
messageList: responseVM.ListMessageModel
)
{
StepID = responseVM.StepID.Value,
}
};
}
#endregion
}
else
{
#region .:: Application ::.
PostFormResponseModel responseVM = null;
//if bpms engine is in different domain
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
EngineApplicationProxy engineApplicationProxy = new EngineApplicationProxy(setting.WebApiAddress, setting.WebServicePass, base.ClientUserName, ApiUtility.GetIPAddress(), base.ApiSessionId, this.IsEncrypted);
responseVM = engineApplicationProxy.PostForm(applicationPageId.Value, controlId, base.MyRequest.GetList(false, string.Empty).ToList());
}
else
{
EngineSharedModel engineSharedModel = new EngineSharedModel(applicationPageId.Value, base.MyRequest.GetList(this.IsEncrypted, base.ApiSessionId).ToList(), base.ClientUserName, base.ApiSessionId);
using (ApplicationPageEngine applicationPageEngine = new ApplicationPageEngine(engineSharedModel))
responseVM = applicationPageEngine.PostForm(controlId);
}
if (!responseVM.IsSuccess)
{
return(new EngineFormResponseDTO(base.GetRedirectUrl(responseVM.RedirectUrlModel), false, null, false, responseVM?.ListMessageModel, false));
}
else
{
return
(new EngineFormResponseDTO(
redirectUrl: base.GetRedirectUrl(responseVM.RedirectUrlModel),
reloadForm: false,
listDownloadModel: responseVM.ListDownloadModel, isSubmit: responseVM.IsSubmit,
responseVM.ListMessageModel, submittedHtmlMessage: setting.AppPageSubmitMessage
));
}
#endregion
}
}
public object GetIndex(Guid?threadTaskID = null, Guid?stepID = null, Guid?applicationPageId = null, Guid?formId = null, Guid?threadId = null)
{
SingleActionSettingDTO setting = base.GetSetting();
try
{
if (setting.ProcessID.HasValue)
{
#region .:: Thread ::.
//If bpms engine is in different domain.
EngineProcessProxy engineProcessProxy = null;
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
engineProcessProxy = new EngineProcessProxy(setting.WebApiAddress, setting.WebServicePass, base.ClientUserName, ApiUtility.GetIPAddress(), base.ApiSessionId, this.IsEncrypted);
}
if (!threadTaskID.HasValue && !threadId.HasValue)
{
//begin Process
BeginTaskResponseModel beginTaskResponseVM = null;
//If bpms engine is in different domain.
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
beginTaskResponseVM = engineProcessProxy.BeginTask(setting.ProcessID.Value, base.MyRequest.GetList(false, string.Empty).ToList());
}
else
{
beginTaskResponseVM = this.BeginTask(setting.ProcessID.Value);
}
threadTaskID = beginTaskResponseVM.ThreadTaskID;
if (!beginTaskResponseVM.Result)
{
return(new
{
MessageList = new List <PostMethodMessage>()
{
new PostMethodMessage(beginTaskResponseVM.Message, DisplayMessageType.error)
},
Result = false,
setting.ShowCardBody
});
}
}
if (!threadTaskID.HasValue && threadId.HasValue)
{
//If bpms engine is in different domain.
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
threadTaskID = engineProcessProxy.GetAccessibleThreadTasks(threadId.Value).FirstOrDefault();
}
else
{
threadTaskID = this.GetAccessibleThreadTasks(threadId.Value).FirstOrDefault();
}
if (!threadTaskID.HasValue || threadTaskID == Guid.Empty)
{
ThreadDetailDTO threadDetailDTO = null;
//show history
//If bpms engine is in different domain.
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
threadDetailDTO = engineProcessProxy.GetThreadDetails(threadId.Value);
}
else
{
threadDetailDTO = this.GetThreadDetails(threadId.Value);
}
return(new
{
ThreadDetailModel = threadDetailDTO,
Result = true,
setting.ShowCardBody
});
}
}
GetTaskFormResponseModel responseVM = null;
//If it must load end process form.
if (formId.HasValue)
{
//If bpms engine is in different domain.
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
responseVM = engineProcessProxy.GetForm(threadTaskID.Value, formId.Value, base.MyRequest.GetList(false, string.Empty).ToList(), false);
}
else
{
//if engine is in same domain, call it directly.
using (ThreadTaskService threadTaskService = new ThreadTaskService())
{
sysBpmsThreadTask threadTask = new ThreadTaskService().GetInfo(threadTaskID.Value, new string[] { nameof(sysBpmsThreadTask.Thread) });
using (ProcessEngine ProcessEngine = new ProcessEngine(new EngineSharedModel(threadTask.ThreadID, threadTask.Thread.ProcessID, base.MyRequest.GetList(this.IsEncrypted, base.ApiSessionId).ToList(), base.ClientUserName, base.ApiSessionId)))
responseVM = ProcessEngine.GetForm(threadTask.ID, formId.Value, false);
}
}
if (responseVM.EngineFormModel != null)
{
responseVM.EngineFormModel.FormModel.HasSubmitButton = true;
}
}
else
{
if (threadTaskID.HasValue)
{
//If bpms engine is in different domain.
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
engineProcessProxy.GetTaskForm(threadTaskID.Value, stepID, base.MyRequest.GetList(false, string.Empty).ToList());
}
else
{
//If engine is in same domain, call it directly.
using (ThreadTaskService threadTaskService = new ThreadTaskService())
{
sysBpmsThreadTask threadTask = new ThreadTaskService().GetInfo(threadTaskID.Value, new string[] { nameof(sysBpmsThreadTask.Thread) });
using (ProcessEngine ProcessEngine = new ProcessEngine(new EngineSharedModel(threadTask.ThreadID, threadTask.Thread.ProcessID, base.MyRequest.GetList(this.IsEncrypted, base.ApiSessionId).ToList(), base.ClientUserName, base.ApiSessionId)))
responseVM = ProcessEngine.GetTaskForm(threadTaskID.Value, stepID);
}
}
}
else
{
responseVM = null;
}
}
if (responseVM?.EngineFormModel != null)
{
string popUpUrl = UrlUtility.GetSingleActionApiUrl(base.MyRequest, base.TabModuleID, base.PortalSettings.DefaultPortalAlias, nameof(SingleActionWorkerController.GetPopUp), nameof(SingleActionWorkerController), "", "threadTaskID=" + threadTaskID);
string postUrl = UrlUtility.GetSingleActionApiUrl(base.MyRequest, base.TabModuleID, base.PortalSettings.DefaultPortalAlias, nameof(SingleActionWorkerController.PostIndex), nameof(SingleActionWorkerController), "", UrlUtility.GetParamsAsArray(new HttpRequestWrapper(base.MyRequest), new string[] { $"threadTaskID={threadTaskID}", $"stepID={responseVM.EngineFormModel.FormModel.StepID}" }).ToArray());
//If bpms engine is in different domain.
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
responseVM.EngineFormModel.SetUrlsForSingleAction(base.PortalSettings.DefaultPortalAlias, new HttpRequestWrapper(base.MyRequest), popUpUrl, postUrl, FormTokenUtility.GetFormToken(base.ApiSessionId, responseVM?.EngineFormModel?.FormModel?.ContentHtml?.DynamicFormID ?? Guid.Empty, responseVM?.EngineFormModel?.FormModel?.IsEncrypted ?? false), base.TabModuleID);
}
else
{
responseVM.EngineFormModel.SetUrls(popUpUrl, postUrl, new HttpRequestWrapper(base.MyRequest), base.PortalSettings.DefaultPortalAlias, FormTokenUtility.GetFormToken(base.ApiSessionId, responseVM?.EngineFormModel?.FormModel?.ContentHtml?.DynamicFormID ?? Guid.Empty, responseVM?.EngineFormModel?.FormModel?.IsEncrypted ?? false));
}
return(new
{
Model = responseVM?.EngineFormModel,
MessageList = responseVM?.ListMessageModel.Select(c => new PostMethodMessage(c.Message, c.DisplayMessageType)),
RedirectUrl = base.GetRedirectUrl(responseVM?.RedirectUrlModel),
Result = true,
setting.ShowCardBody
});
}
else
{
return new
{
MessageList = new List <PostMethodMessage>()
{
new PostMethodMessage("Error in getting information", DisplayMessageType.error)
},
Result = false,
setting.ShowCardBody
}
};
#endregion
}
else
{
#region .:: Application Page ::.
applicationPageId = applicationPageId ?? setting.ApplicationPageID;
GetFormResponseModel responseVM = null;
//if bpms engine is in different domain
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
EngineApplicationProxy engineApplicationProxy = new EngineApplicationProxy(setting.WebApiAddress, setting.WebServicePass, base.ClientUserName, ApiUtility.GetIPAddress(), base.ApiSessionId, this.IsEncrypted);
responseVM = engineApplicationProxy.GetForm(applicationPageId, null, base.MyRequest.GetList(false, string.Empty).ToList());
}
else
{
EngineSharedModel engineSharedModel = new EngineSharedModel(applicationPageId.Value, base.MyRequest.GetList(this.IsEncrypted, base.ApiSessionId).ToList(), base.ClientUserName, base.ApiSessionId);
using (ApplicationPageEngine applicationPageEngine = new ApplicationPageEngine(engineSharedModel))
responseVM = applicationPageEngine.GetForm();
}
if (responseVM?.EngineFormModel != null)
{
string popUpUrl = UrlUtility.GetSingleActionApiUrl(base.MyRequest, base.TabModuleID, base.PortalSettings.DefaultPortalAlias, nameof(SingleActionWorkerController.GetPopUp), nameof(SingleActionWorkerController), "");
string postUrl = UrlUtility.GetSingleActionApiUrl(base.MyRequest, base.TabModuleID, base.PortalSettings.DefaultPortalAlias, nameof(SingleActionWorkerController.PostIndex), nameof(SingleActionWorkerController), "", UrlUtility.GetParamsAsArray(new HttpRequestWrapper(base.MyRequest), new string[] { $"applicationPageId={applicationPageId}" }).ToArray());
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
responseVM.EngineFormModel.SetUrlsForSingleAction(base.PortalSettings.DefaultPortalAlias, new HttpRequestWrapper(base.MyRequest), popUpUrl, postUrl, FormTokenUtility.GetFormToken(base.ApiSessionId, responseVM?.EngineFormModel?.FormModel?.ContentHtml?.DynamicFormID ?? Guid.Empty, responseVM?.EngineFormModel?.FormModel?.IsEncrypted ?? false), base.TabModuleID);
}
else
{
responseVM.EngineFormModel.SetUrls(popUpUrl, postUrl, new HttpRequestWrapper(base.MyRequest), base.PortalSettings.DefaultPortalAlias, FormTokenUtility.GetFormToken(base.ApiSessionId, responseVM?.EngineFormModel?.FormModel?.ContentHtml?.DynamicFormID ?? Guid.Empty, responseVM?.EngineFormModel?.FormModel?.IsEncrypted ?? false));
}
return(new
{
Model = responseVM?.EngineFormModel,
MessageList = responseVM?.ListMessageModel.Select(c => new PostMethodMessage(c.Message, c.DisplayMessageType)),
RedirectUrl = base.GetRedirectUrl(responseVM?.RedirectUrlModel),
Result = true,
setting.ShowCardBody
});
}
else
{
return new
{
MessageList = new List <PostMethodMessage>()
{
new PostMethodMessage("Error while getting information", DisplayMessageType.error)
},
Result = false,
setting.ShowCardBody
}
};
#endregion
}
}
catch
{
return(new
{
MessageList = new List <PostMethodMessage>()
{
new PostMethodMessage("Setting is not complete", DisplayMessageType.error)
},
Result = false,
setting.ShowCardBody
});
}
}
public object GetPopUp(Guid formID, Guid?threadTaskID = null)
{
SingleActionSettingDTO setting = base.GetSetting();
if (setting.ProcessID.HasValue)
{
#region .:: Thread ::.
GetTaskFormResponseModel responseVM = null;
//If bpms engine is in different domain.
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
responseVM = new EngineProcessProxy(setting.WebApiAddress, setting.WebServicePass, base.ClientUserName, ApiUtility.GetIPAddress(), base.ApiSessionId, this.IsEncrypted).GetForm(threadTaskID.Value, formID, base.MyRequest.GetList(false, string.Empty).ToList());
}
else
{
//if engine is in same domain, call it directly.
using (ThreadTaskService threadTaskService = new ThreadTaskService())
{
sysBpmsThreadTask threadTask = new ThreadTaskService().GetInfo(threadTaskID.Value, new string[] { nameof(sysBpmsThreadTask.Thread) });
using (ProcessEngine ProcessEngine = new ProcessEngine(new EngineSharedModel(threadTask.ThreadID, threadTask.Thread.ProcessID, base.MyRequest.GetList(this.IsEncrypted, base.ApiSessionId).ToList(), base.ClientUserName, base.ApiSessionId)))
responseVM = ProcessEngine.GetForm(threadTask.ID, formID, null);
}
}
if (responseVM.EngineFormModel != null)
{
string popUpUrl = UrlUtility.GetSingleActionApiUrl(base.MyRequest, base.TabModuleID, base.PortalSettings.DefaultPortalAlias, nameof(SingleActionWorkerController.GetPopUp), nameof(SingleActionWorkerController), "", "threadTaskID=" + threadTaskID);
string postUrl = UrlUtility.GetSingleActionApiUrl(base.MyRequest, base.TabModuleID, base.PortalSettings.DefaultPortalAlias, nameof(SingleActionWorkerController.PostPopUp), nameof(SingleActionWorkerController), "", UrlUtility.GetParamsAsArray(new HttpRequestWrapper(base.MyRequest), new string[] { $"formID={formID}", $"threadTaskID={threadTaskID}", $"stepID={responseVM.EngineFormModel.FormModel.StepID}" }).ToArray());
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
responseVM.EngineFormModel.SetUrlsForSingleAction(base.PortalSettings.DefaultPortalAlias, new HttpRequestWrapper(base.MyRequest), popUpUrl, postUrl, FormTokenUtility.GetFormToken(base.ApiSessionId, responseVM?.EngineFormModel?.FormModel?.ContentHtml?.DynamicFormID ?? Guid.Empty, responseVM?.EngineFormModel?.FormModel?.IsEncrypted ?? false), base.TabModuleID);
}
else
{
responseVM.EngineFormModel.SetUrls(popUpUrl, postUrl, new HttpRequestWrapper(base.MyRequest), base.PortalSettings.DefaultPortalAlias, FormTokenUtility.GetFormToken(base.ApiSessionId, responseVM?.EngineFormModel?.FormModel?.ContentHtml?.DynamicFormID ?? Guid.Empty, responseVM?.EngineFormModel?.FormModel?.IsEncrypted ?? false));
}
}
return(new
{
Model = responseVM?.EngineFormModel,
MessageList = responseVM?.ListMessageModel.Select(c => new PostMethodMessage(c.Message, c.DisplayMessageType)),
RedirectUrl = base.GetRedirectUrl(responseVM?.RedirectUrlModel),
Result = true,
});
#endregion
}
else
{
#region .:: Application ::.
GetFormResponseModel responseVM = null;
//if bpms engine is in different domain
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
EngineApplicationProxy engineApplicationProxy = new EngineApplicationProxy(setting.WebApiAddress, setting.WebServicePass, base.ClientUserName, ApiUtility.GetIPAddress(), base.ApiSessionId, this.IsEncrypted);
responseVM = engineApplicationProxy.GetForm(null, formID, new HttpRequestWrapper(base.MyRequest).GetList(false, string.Empty).ToList());
}
else
{
using (DynamicFormService dynamicFormService = new DynamicFormService())
{
EngineSharedModel engineSharedModel = new EngineSharedModel(dynamicFormService.GetInfo(formID).ApplicationPageID.Value, base.MyRequest.GetList(false, string.Empty).ToList(), base.ClientUserName, base.ApiSessionId);
using (ApplicationPageEngine applicationPageEngine = new ApplicationPageEngine(engineSharedModel))
responseVM = applicationPageEngine.GetForm();
}
}
if (responseVM.EngineFormModel != null)
{
string popUpUrl = UrlUtility.GetSingleActionApiUrl(base.MyRequest, base.TabModuleID, base.PortalSettings.DefaultPortalAlias, nameof(SingleActionWorkerController.GetPopUp), nameof(SingleActionWorkerController), "");
string postUrl = UrlUtility.GetSingleActionApiUrl(base.MyRequest, base.TabModuleID, base.PortalSettings.DefaultPortalAlias, nameof(SingleActionWorkerController.PostPopUp), nameof(SingleActionWorkerController), "", UrlUtility.GetParamsAsArray(new HttpRequestWrapper(base.MyRequest), new string[] { $"applicationPageId={responseVM.EngineFormModel.ApplicationID}" }).ToArray());
if (!string.IsNullOrWhiteSpace(setting.WebApiAddress))
{
responseVM.EngineFormModel.SetUrlsForSingleAction(base.PortalSettings.DefaultPortalAlias, new HttpRequestWrapper(base.MyRequest), popUpUrl, postUrl, FormTokenUtility.GetFormToken(base.ApiSessionId, responseVM?.EngineFormModel?.FormModel?.ContentHtml?.DynamicFormID ?? Guid.Empty, responseVM?.EngineFormModel?.FormModel?.IsEncrypted ?? false), base.TabModuleID);
}
else
{
responseVM.EngineFormModel.SetUrls(popUpUrl, postUrl, new HttpRequestWrapper(base.MyRequest), base.PortalSettings.DefaultPortalAlias, FormTokenUtility.GetFormToken(base.ApiSessionId, responseVM?.EngineFormModel?.FormModel?.ContentHtml?.DynamicFormID ?? Guid.Empty, responseVM?.EngineFormModel?.FormModel?.IsEncrypted ?? false));
}
}
return(new
{
Model = responseVM?.EngineFormModel,
MessageList = responseVM?.ListMessageModel.Select(c => new PostMethodMessage(c.Message, c.DisplayMessageType)),
RedirectUrl = base.GetRedirectUrl(responseVM?.RedirectUrlModel),
Result = true,
});
#endregion
}
}
public ActionResult Settings()
{
var settings = new SingleActionSettingDTO(base.PortalSettings.PortalId, ModuleContext.Configuration.ModuleSettings);
try
{
if (!string.IsNullOrWhiteSpace(settings.WebApiAddress))
{
settings.ProcessName = settings.ProcessID.HasValue ? new EngineProcessProxy(settings.WebApiAddress, settings.WebServicePass, base.User.Username, ApiUtility.GetIPAddress(), base.Session.SessionID, false).GetInfo(settings.ProcessID.Value)?.Name : "";
settings.ProcessEndFormName = settings.ProcessEndFormID.HasValue ? new EngineFormProxy(settings.WebApiAddress, settings.WebServicePass, base.User.Username, ApiUtility.GetIPAddress(), base.Session.SessionID, false).GetInfo(settings.ProcessEndFormID.Value)?.Name : "";;
settings.ApplicationName = settings.ApplicationPageID.HasValue ? new EngineApplicationProxy(settings.WebApiAddress, settings.WebServicePass, base.User.Username, ApiUtility.GetIPAddress(), base.Session.SessionID, false).GetInfo(settings.ApplicationPageID.Value)?.Name : "";
}
else
{
if (settings.ProcessID.HasValue)
{
using (ProcessService processService = new ProcessService())
settings.ProcessName = processService.GetInfo(settings.ProcessID.Value).Name;
}
if (settings.ProcessEndFormID.HasValue)
{
using (DynamicFormService dynamicFormService = new DynamicFormService())
settings.ProcessEndFormName = dynamicFormService.GetInfo(settings.ProcessEndFormID.Value).Name;
}
if (settings.ApplicationPageID.HasValue)
{
using (DynamicFormService dynamicFormService = new DynamicFormService())
settings.ApplicationName = dynamicFormService.GetInfoByPageID(settings.ApplicationPageID.Value).Name;
}
}
if (string.IsNullOrWhiteSpace(settings.ApplicationName) && string.IsNullOrWhiteSpace(settings.ProcessName))
{
settings.ProcessID = null;
settings.ApplicationPageID = null;
}
}
catch
{
}
if (!string.IsNullOrWhiteSpace(settings.WebApiAddress))
{
ViewBag.ApplicationPageUrl = ApiUtility.GetGeneralApiUrl(base.Request, base.ModuleContext.TabModuleId, base.PortalSettings.DefaultPortalAlias, "GetList", "EngineApplication", FormTokenUtility.GetFormToken(base.Session.SessionID, Guid.Empty, false), true);
ViewBag.ProcessFormUrl = ApiUtility.GetGeneralApiUrl(base.Request, base.ModuleContext.TabModuleId, base.PortalSettings.DefaultPortalAlias, "GetList", "EngineForm", FormTokenUtility.GetFormToken(base.Session.SessionID, Guid.Empty, false), true);
ViewBag.ProcessUrl = ApiUtility.GetGeneralApiUrl(base.Request, base.ModuleContext.TabModuleId, base.PortalSettings.DefaultPortalAlias, "GetList", "EngineProcess", FormTokenUtility.GetFormToken(base.Session.SessionID, Guid.Empty, false), true);
}
else
{
ViewBag.ApplicationPageUrl = UrlUtility.GetApiUrl(base.Request, base.PortalSettings.DefaultPortalAlias, "GetList", "EngineApplication", FormTokenUtility.GetFormToken(base.Session.SessionID, Guid.Empty, false));
ViewBag.ProcessFormUrl = UrlUtility.GetApiUrl(base.Request, base.PortalSettings.DefaultPortalAlias, "GetList", "EngineForm", FormTokenUtility.GetFormToken(base.Session.SessionID, Guid.Empty, false));
ViewBag.ProcessUrl = UrlUtility.GetApiUrl(base.Request, base.PortalSettings.DefaultPortalAlias, "GetList", "EngineProcess", FormTokenUtility.GetFormToken(base.Session.SessionID, Guid.Empty, false));
}
ViewBag.Url = base.ActivePage.FullUrl + "/controller/Settings/action/UpdatePass";
return(View(settings));
}
public System.Net.Http.HttpResponseMessage PostData(string controller, string action, string formToken = "")
{
if (FormTokenUtility.ValidateFormToken(formToken, HttpContext.Current.Session.SessionID))
{
SingleActionSettingDTO setting = new SingleActionSettingDTO(new HttpRequestWrapper(HttpContext.Current.Request), base.PortalSettings.PortalId);
//when calling main api from client application, there is no need to pass formToken to main bpms api.
string url = UrlUtility.GetApiUrl(setting.WebApiAddress, action, controller, "", this.GetParameters().ToArray());
return(ApiUtility.PostData(url, QueryModel.GetFormDataList(this.MyRequest).ToList(), setting.WebServicePass, base.UserInfo.Username, ApiUtility.GetIPAddress(), HttpContext.Current.Session.SessionID, FormTokenUtility.GetIsEncrypted(formToken, HttpContext.Current.Session.SessionID)));
}
else
{
throw new System.Web.Http.HttpResponseException(System.Net.HttpStatusCode.Unauthorized);
}
}
public System.Net.Http.HttpResponseMessage GetData(string controller, string action, string formToken = "")
{
if (FormTokenUtility.ValidateFormToken(formToken, HttpContext.Current.Session.SessionID))
{
SingleActionSettingDTO setting = new SingleActionSettingDTO(new HttpRequestWrapper(HttpContext.Current.Request), base.PortalSettings.PortalId);
//when calling main bpms api from client application, there is no need to pass formToken to main bpms api.
string url = UrlUtility.GetApiUrl(setting.WebApiAddress, action, controller, "", this.GetParameters().ToArray());
var result = ApiUtility.GetData(url, setting.WebServicePass, base.UserInfo.Username, ApiUtility.GetIPAddress(), HttpContext.Current.Session.SessionID, FormTokenUtility.GetIsEncrypted(formToken, HttpContext.Current.Session.SessionID));
/*
* In ReportEngine.cs response would be flushed and as a result sessionID will be rewrite with server
* session ID which is different with singleAction sessionID because it sends data using api to server
* and therefore it must rewrite sessionid there in case user call report or download a file.
*/
SessionIDManager Manager = new SessionIDManager();
Manager.SaveSessionID(HttpContext.Current, HttpContext.Current.Session.SessionID, out bool redirected, out bool IsAdded);
return(result);
}
else
{
throw new System.Web.Http.HttpResponseException(System.Net.HttpStatusCode.Unauthorized);
}
}
