private static async Task <bool> ValidateAsync(IPolicy policy)
{
if (policy.LoginId == 0)
{
return(false);
}
string sql = FrapidDbServer.GetProcedureCommand
(
policy.Database,
"auth.has_access",
new[]
{
"@0",
"@1",
"@2"
});
string entity = policy.ObjectNamespace + "." + policy.ObjectName;
int type = (int)policy.AccessType;
bool result = await Factory.ScalarAsync <bool>(policy.Database, sql, policy.LoginId, entity, type).ConfigureAwait(false);
return(result);
}
public IEnumerable <CustomField> GetCustomFields(string resourceId)
{
if (string.IsNullOrWhiteSpace(this.Database))
{
return(null);
}
if (!this.SkipValidation)
{
if (!this.Validated)
{
this.Validate(AccessTypeEnum.Read, this.LoginId, this.Database, false);
}
if (!this.HasAccess)
{
Log.Information(
$"Access to get custom fields for entity \"{this.FullyQualifiedObjectName}\" was denied to the user with Login ID {this.LoginId}");
throw new UnauthorizedException("Access is denied.");
}
}
string sql;
if (string.IsNullOrWhiteSpace(resourceId))
{
sql =
$"SELECT * FROM config.custom_field_definition_view WHERE table_name='{this.FullyQualifiedObjectName}' ORDER BY field_order;";
return(Factory.Get <CustomField>(this.Database, sql));
}
sql = FrapidDbServer.GetProcedureCommand("config.get_custom_field_definition", new[] { "@0", "@1" });
return(Factory.Get <CustomField>(this.Database, sql, this.FullyQualifiedObjectName, resourceId));
}
public static async Task SavePolicyAsync(string tenant, int officeId, int userId, int[] allowed, int[] disallowed)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "auth.save_user_menu_policy",
new[] { "@0", "@1", "@2", "@3" });
await
Factory.NonQueryAsync(tenant, sql, userId, officeId, string.Join(",", allowed ?? new int[0]),
string.Join(",", disallowed ?? new int[0]));
}
public static async Task SaveGroupPolicyAsync(string tenant, int officeId, int roleId, int[] menuIds)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "auth.save_group_menu_policy",
new[] { "@0", "@1", "@2", "@3" });
await
Factory.NonQueryAsync(tenant, sql, roleId, officeId, string.Join(",", menuIds ?? new int[0]),
string.Empty);
}
public static async Task <Reset> RequestAsync(string tenant, ResetInfo model)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "account.reset_account", new[] { "@0", "@1", "@2" });
return
((await Factory.GetAsync <Reset>(tenant, sql, model.Email, model.Browser, model.IpAddress).ConfigureAwait(false))
.FirstOrDefault());
}
public static DTO.Reset Request(ResetInfo model)
{
string sql = FrapidDbServer.GetProcedureCommand("account.reset_account", new[] { "@0", "@1", "@2" });
return
(Factory.Get <DTO.Reset>(AppUsers.GetTenant(), sql, model.Email, model.Browser, model.IpAddress)
.FirstOrDefault());
}
public static LoginResult SignIn(string email, int officeId, string name, string token, string browser, string ipAddress,
string culture)
{
string sql = FrapidDbServer.GetProcedureCommand("account.google_sign_in", new[] { "@0", "@1", "@2", "@3", "@4", "@5", "@6" });
return(Factory.Get <LoginResult>(AppUsers.GetTenant(), sql, email, officeId, name, token, browser,
ipAddress, culture.Or("en-US")).FirstOrDefault());
}
public static async Task <List <AssociatedUnit> > GetAssociatedUnitsAsync(string tenant, string itemCode)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "inventory.get_associated_units_by_item_code",
new[] { "@0" });
var result = await Factory.GetAsync <AssociatedUnit>(tenant, sql, itemCode).ConfigureAwait(false);
return(result.ToList());
}
public static async Task <LoginResult> DoAsync(string tenant, string email, int officeId, string browser,
string ipAddress,
string culture)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "account.sign_in",
new[] { "@0", "@1", "@2", "@3", "@4" });
return
((await Factory.GetAsync <LoginResult>(tenant, sql, email, officeId, browser, ipAddress, culture).ConfigureAwait(false))
.FirstOrDefault());
}
public static async Task <long> AddAsync(string tenant, GiftCardFund model)
{
string sql = @"SELECT * FROM sales.add_gift_card_fund(@0::integer, @1::integer, @2::bigint, sales.get_gift_card_id_by_gift_card_number(@3), @4::date, @5::date, @6::integer, @7::public.money_strict, @8::integer, @9, @10);";
if (DbProvider.GetDbType(DbProvider.GetProviderName(tenant)) == DatabaseType.SqlServer)
{
sql = FrapidDbServer.GetProcedureCommand(tenant, "sales.add_gift_card_fund", new[] { "@0", "@1", "@2", "@3", "@4", "@5", "@6", "@7", "@8", "@9", "@10" });
}
return(await Factory.ScalarAsync <long>(tenant, sql, model.UserId, model.OfficeId, model.LoginId, model.GiftCardNumber, model.ValueDate, model.BookDate, model.AccountId, model.Amount,
model.CostCenterId, model.ReferenceNumber, model.StatementReference).ConfigureAwait(false));
}
public static async Task <LoginResult> SignInAsync(string tenant, string facebookUserId, string email, int officeId,
string name,
string token, string browser,
string ipAddress, string culture)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "account.fb_sign_in",
new[] { "@0", "@1", "@2", "@3", "@4", "@5", "@6", "@7" });
return
((await Factory.GetAsync <LoginResult>(tenant, sql, facebookUserId, email, officeId, name, token, browser,
ipAddress, culture.Or("en-US")).ConfigureAwait(false)).FirstOrDefault());
}
public async Task <IEnumerable <CustomField> > GetCustomFieldsAsync(string resourceId)
{
if (string.IsNullOrWhiteSpace(this.Database))
{
return(null);
}
if (!this.SkipValidation)
{
if (!this.Validated)
{
await this.ValidateAsync(AccessTypeEnum.Read, this.LoginId, this.Database, false).ConfigureAwait(false);
}
if (!this.HasAccess)
{
Log.Information($"Access to get custom fields for entity \"{this.FullyQualifiedObjectName}\" was denied to the user with Login ID {this.LoginId}");
throw new UnauthorizedException(Resources.AccessIsDenied);
}
}
string sql;
if (string.IsNullOrWhiteSpace(resourceId))
{
sql = $"SELECT * FROM config.custom_field_definition_view WHERE table_name='{this.FullyQualifiedObjectName}' ORDER BY field_order;";
return(await Factory.GetAsync <CustomField>(this.Database, sql).ConfigureAwait(false));
}
sql = FrapidDbServer.GetProcedureCommand
(
this.Database,
"config.get_custom_field_definition",
new[]
{
"@0",
"@1"
});
try
{
return(await Factory.GetAsync <CustomField>(this.Database, sql, this.FullyQualifiedObjectName, resourceId).ConfigureAwait(false));
}
catch (DbException ex)
{
Log.Error(ex.Message);
throw new DataAccessException(this.Database, ex.Message, ex);
}
}
internal static void AddHit(string database, string categoryAlias, string alias)
{
string sql = FrapidDbServer.GetProcedureCommand("website.add_hit", new [] { "@0", "@1" });
Factory.NonQuery(database, sql, categoryAlias, alias);
}
internal static async Task AddHitAsync(string tenant, string categoryAlias, string alias)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "website.add_hit", new[] { "@0", "@1" });
await Factory.NonQueryAsync(tenant, sql, categoryAlias, alias).ConfigureAwait(false);
}
public static async Task CompleteResetAsync(string tenant, string requestId, string password)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "account.complete_reset", new[] { "@0", "@1" });
await Factory.NonQueryAsync(tenant, sql, requestId, password).ConfigureAwait(false);
}
public static async Task AddAsync(string tenant, OpeningCash model)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "sales.add_opening_cash", new[] { "@0", "@1", "@2", "@3", "@4" });
await Factory.NonQueryAsync(tenant, sql, model.UserId, model.TransactionDate.Date, model.Amount, model.ProvidedBy, model.Memo.Or("")).ConfigureAwait(false);
}
public static void Add(string database, string domainName, string adminEmail)
{
string sql = FrapidDbServer.GetProcedureCommand("account.add_installed_domain", new[] { "@0", "@1" });
Factory.NonQuery(database, sql, domainName, adminEmail);
}
public static void SavePolicy(int officeId, int userId, int[] allowed, int[] disallowed)
{
string sql = FrapidDbServer.GetProcedureCommand("auth.save_user_menu_policy", new[] { "@0", "@1", "@2", "@3" });
Factory.NonQuery(AppUsers.GetTenant(), sql, userId, officeId, "{" + string.Join(",", allowed ?? new int[0]) + "}", "{" + string.Join(",", disallowed ?? new int[0]) + "}");
}
public static bool ConfirmRegistration(Guid token)
{
string sql = FrapidDbServer.GetProcedureCommand("account.confirm_registration", new[] { "@0" });
return(Factory.Scalar <bool>(AppUsers.GetTenant(), sql, token));
}
public static void CompleteReset(string requestId, string password)
{
string sql = FrapidDbServer.GetProcedureCommand("account.complete_reset", new[] { "@0", "@1" });
Factory.NonQuery(AppUsers.GetTenant(), sql, requestId, password);
}
public static async Task <bool> AddAsync(string tenant, string email)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "website.add_email_subscription", new[] { "@0" });
return(await Factory.ScalarAsync <bool>(tenant, sql, email).ConfigureAwait(false));
}
public static LoginResult Do(string email, int officeId, string browser, string ipAddress, string culture)
{
string sql = FrapidDbServer.GetProcedureCommand("account.sign_in", new[] { "@0", "@1", "@2", "@3", "@4" });
return(Factory.Get <LoginResult>(AppUsers.GetTenant(), sql, email, officeId, browser, ipAddress, culture).FirstOrDefault());
}
public static async Task AddAsync(string database, string domainName, string adminEmail)
{
string sql = FrapidDbServer.GetProcedureCommand(database, "account.add_installed_domain", new[] { "@0", "@1" });
await Factory.NonQueryAsync(database, sql, domainName, adminEmail).ConfigureAwait(false);
}
public static async Task <bool> ConfirmRegistrationAsync(string tenant, Guid token)
{
string sql = FrapidDbServer.GetProcedureCommand(tenant, "account.confirm_registration", new[] { "@0" });
return(await Factory.ScalarAsync <bool>(tenant, sql, token).ConfigureAwait(false));
}
public static bool Add(string database, string email)
{
string sql = FrapidDbServer.GetProcedureCommand("website.add_email_subscription", new[] { "@0" });
return(Factory.Scalar <bool>(database, sql, email));
}
public static void SaveGroupPolicy(int officeId, int roleId, int[] menuIds)
{
string sql = FrapidDbServer.GetProcedureCommand("auth.save_group_menu_policy", new[] { "@0", "@1", "@2" });
Factory.NonQuery(AppUsers.GetTenant(), sql, roleId, officeId, "{" + string.Join(",", menuIds ?? new int[0]) + "}");
}
