protected void Page_PreInit(object sender, EventArgs e) { AuthAdmin authAdmin = new AuthAdmin(db); AdminUser = authAdmin.Authorise(); if (AdminUser == null) { Session.Remove("IsAuthorized"); Response.Redirect("/admin/login.aspx?redirect=" + Request.RawUrl); } else { string currentURL = GetCurrentURL(); if (currentURL.StartsWith("\\admin")) { int adminLength = "\\admin".Length; currentURL = currentURL.Substring(adminLength, currentURL.Length - adminLength); } AdminPermission = AdminUser.CRM_SystemAccessAdmins.SingleOrDefault(s => s.CRM_SystemAccess != null && s.CRM_SystemAccess.Path.ToLower() == currentURL.ToLower()); bool CanView = true; if (!Request.RawUrl.StartsWith("/admin/default.aspx")) { if (AdminPermission == null || !AdminPermission.IsRead) { CanView = false; AdminPermission = AdminUser.CRM_SystemAccessAdmins.SingleOrDefault(s => s.CRM_SystemAccess == null && ((string)s.BespokeURL).ToLower() == Request.RawUrl); if (AdminPermission == null || !AdminPermission.IsRead) { CanView = false; } else if (AdminPermission != null) { CanView = true; } } } if (!CanView) { NoticeManager.SetMessage("You do not have permission to view this page, please contact a Master Admin", "/admin"); } IsAuthorised = true; Session["IsAuthorized"] = true; } }
public void Initialize() { db = new MainDataContext(); if (HttpContext.Current.CurrentHandler is AdminPage) { AdminPage adminPage = (AdminPage)HttpContext.Current.CurrentHandler; CurrentAdmin = adminPage.AdminUser; } else { AuthAdmin AuthAdmin = new AuthAdmin(db); CurrentAdmin = AuthAdmin.Authorise(); } }
public List <_DataTableColumn> GetSchema() { if (GetDataTable() == null) { _DataTable datatable = new _DataTable(); datatable.TableReference = Type.Name; datatable.FriendlyName = Type.Name; datatable.IsAllowCustom = false; db._DataTables.InsertOnSubmit(datatable); db.SubmitChanges(); } int viewID = ViewID; if (viewID == -1) { AuthAdmin auth = new AuthAdmin(db); viewID = auth.Authorise().ID; } List <_DataTableColumn> dtc = (from p in GetDataTable()._DataTableColumns where p.AdminID == viewID orderby p.OrderNo select p).ToList(); if (IncludeDataReference) { var fields = GetAllFields(); _DataTableColumn tempDTC = new _DataTableColumn(); tempDTC.AdminID = 0; tempDTC._DataTableID = 0; tempDTC._DataFieldName = "Reference"; tempDTC._DataFieldFriendly = "Reference"; tempDTC.OrderNo = 999; dtc.Add(tempDTC); } return(dtc); }
public void ProcessRequest(HttpContext context) { byte route = Convert.ToByte(HttpContext.Current.Request.QueryString["route"]); string recordid = HttpContext.Current.Request.QueryString["recordid"]; string returnurl = HttpContext.Current.Request.QueryString["returnURL"]; string message = "Done"; using (MainDataContext db = new MainDataContext()) { AuthAdmin auth = new AuthAdmin(db); if (auth.Authorise() == null) { context.Response.Write("Admin Auth Error"); context.Response.End(); } db.Dispose(); } DateTime timekey = DateTime.Parse(HttpUtility.UrlDecode(HttpContext.Current.Request.QueryString["timekey"])); if (UKTime.Now > timekey.AddMinutes(62)) { NoticeManager.SetMessage("This action has expired for security reasons - did you use your browser back button?", HttpUtility.UrlDecode(returnurl)); } else { bool disableNoticeManager = false; using (MainDataContext db = new MainDataContext()) { switch (route) { case (byte)ActionLink.Route.RemoveAdminFromCalendarItem: { CRM_CalendarAdmin calendarAdmin = db.CRM_CalendarAdmins.Single(c => c.ID.ToString() == recordid); message = calendarAdmin.AdminName + " removed from " + calendarAdmin.CRM_Calendar.DisplayName; db.CRM_CalendarAdmins.DeleteOnSubmit(calendarAdmin); db.SubmitChanges(); } break; case (byte)ActionLink.Route.RemoveFamilyPerson: { CRM_FamilyPerson familyPerson = db.CRM_FamilyPersons.Single(f => f.ID.ToString() == recordid); message = familyPerson.CRM_Person.Fullname + " removed from the " + familyPerson.CRM_Family.Name + " family"; db.CRM_FamilyPersons.DeleteOnSubmit(familyPerson); db.SubmitChanges(); } break; case (byte)ActionLink.Route.ArchiveTaskParticipant: { CRM_TaskParticipant participant = db.CRM_TaskParticipants.Single(t => t.ID.ToString() == recordid); participant.IsArchived = true; db.SubmitChanges(); message = participant.Name + " archived."; } break; case (byte)ActionLink.Route.ReinstateTaskParticipant: { CRM_TaskParticipant participant = db.CRM_TaskParticipants.Single(t => t.ID.ToString() == recordid); participant.IsArchived = false; db.SubmitChanges(); message = participant.Name + " reinstated."; } break; case (byte)ActionLink.Route.ArchivePassPerson: { CRM_AnnualPassPerson person = db.CRM_AnnualPassPersons.Single(t => t.ID.ToString() == recordid); person.IsArchived = true; db.SubmitChanges(); message = person.DisplayName + " archived."; } break; case (byte)ActionLink.Route.ReinstatePassPerson: { CRM_AnnualPassPerson person = db.CRM_AnnualPassPersons.Single(t => t.ID.ToString() == recordid); person.IsArchived = false; db.SubmitChanges(); message = person.DisplayName + " reinstanted."; } break; case (byte)ActionLink.Route.ToggleReadStatus: { NoteManager manager = new NoteManager(); bool IsRead = manager.IsRead(Convert.ToInt32(recordid)); disableNoticeManager = true; if (IsRead) { MarkAsUnread(recordid); message = "Marked as unread."; } else { MarkAsRead(recordid); message = "Marked as read."; } } break; case (byte)ActionLink.Route.MarkNoteAsRead: { MarkAsRead(recordid); db.SubmitChanges(); message = "Marked as read."; } break; case (byte)ActionLink.Route.MarkNoteAsUnread: { MarkAsUnread(recordid); db.SubmitChanges(); message = "Marked as unread."; } break; case (byte)ActionLink.Route.DeleteOrganisationSchool: { CRM_OrganisationSchool orgSchool = db.CRM_OrganisationSchools.FirstOrDefault(s => s.ID.ToString() == recordid); if (orgSchool != null) { db.CRM_OrganisationSchools.DeleteOnSubmit(orgSchool); db.SubmitChanges(); message = "Link removed"; } } break; case (byte)ActionLink.Route.ToggleInviteIsAttended: { CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid); if (invite != null) { invite.IsAttended = !invite.IsAttended; db.SubmitChanges(); message = "Invite Attendance Toggled"; } } break; case (byte)ActionLink.Route.ToggleInviteIsBooked: { CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid); if (invite != null) { invite.IsBooked = !invite.IsBooked; db.SubmitChanges(); message = "Invite Booked Toggled"; } } break; case (byte)ActionLink.Route.ToggleInviteIsCancelled: { CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid); if (invite != null) { invite.IsCancelled = !invite.IsCancelled; db.SubmitChanges(); message = "Invite Cancellation Toggled"; } } break; case (byte)ActionLink.Route.ToggleInviteIsInvited: { CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid); if (invite != null) { invite.IsInvited = !invite.IsInvited; db.SubmitChanges(); message = "Invite Toggled"; } } break; case (byte)ActionLink.Route.DeleteInvite: { CRM_CalendarInvite invite = db.CRM_CalendarInvites.FirstOrDefault(s => s.ID.ToString() == recordid); if (invite != null) { db.CRM_CalendarInvites.DeleteOnSubmit(invite); db.SubmitChanges(); message = "Invite Removed"; } } break; case (byte)ActionLink.Route.ToggleGiftAidRecord: { CRM_FundraisingGiftProfileLog log = db.CRM_FundraisingGiftProfileLogs.FirstOrDefault(f => f.ID.ToString() == recordid); if (log != null) { if (!log.IsConfirmed) { log.TimestampConfirmed = UKTime.Now; log.IsConfirmed = true; } else { log.TimestampConfirmed = null; log.IsConfirmed = false; } db.SubmitChanges(); message = "Gift aid record toggled"; } } break; case (byte)ActionLink.Route.DeleteGiftAidRecord: { CRM_FundraisingGiftProfileLog log = db.CRM_FundraisingGiftProfileLogs.FirstOrDefault(f => f.ID.ToString() == recordid); if (log != null) { db.CRM_FundraisingGiftProfileLogs.DeleteOnSubmit(log); db.SubmitChanges(); message = "Gift aid record deleted"; } } break; } db.Dispose(); if (!disableNoticeManager) { NoticeManager.SetMessage(message, HttpUtility.UrlDecode(returnurl)); } else { HttpContext.Current.Response.Redirect(returnurl); } } } }