public ActionResult ChangePasswordExpired([ModelBinder(typeof(DevExpressEditorsBinder))] ChangePasswordModel changePasswordModel) { string lastUrl = ""; if (ModelState.IsValid) { changePasswordService = new ChangePasswordService(); changePasswordModel.UserId = (int)Session["userId"]; changePasswordService.ChangePassword(changePasswordModel); if (Session["IsPassExpired"] == "Y") { var LastController = (string)Session["lastController"]; if (!string.IsNullOrEmpty(LastController)) { if (GeneralGetList.GetAuthAction((int)Session["userId"], LastController + "/" + "Detail")) { lastUrl = Url.Action("Detail", LastController); } } if (string.IsNullOrEmpty(lastUrl)) { lastUrl = Url.Action("Index", "Home"); } Session["IsPassExpired"] = "N"; } else { if (string.IsNullOrEmpty(lastUrl)) { lastUrl = Url.Action("Index", "Home"); } } } else { string message = GetErrorModel(); throw new Exception(string.Format("[VALIDATION] {0}", message)); } return(Content(lastUrl)); }
//---------------------------- // handling error and authentication every url //--------------------------- // // Summary: // Called before the action method is invoked. // // Parameters: // filterContext: // Information about the current request and action. protected override void OnActionExecuting(ActionExecutingContext filterContext) { //untuk sementara datanya di tembak nanti kalo sudah jalan ini di nonactive kan //------------------------------------------------------ Session["userId"] = 1; Session["userName"] = "******"; Session["roleName"] = "Administrator"; Session["isAdmin"] = "Y"; Session["branchCode"] = "105"; Session["branchName"] = "NCD"; Session["IsPassExpired"] = "N"; //------------------------------------------------------ String controler = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; String action = filterContext.ActionDescriptor.ActionName; String errorMassage = ""; if ((controler == "_Alert") && (action == "AjaxAlert")) { return; } if (Session["userName"] == null) { if (filterContext.HttpContext.Request.IsAjaxRequest()) { errorMassage = "[VALIDATION] Session not exists (Ajax)"; if (controler != "_Alert") { throw new Exception(errorMassage); } } else { //Action("Detail", "Login"); var urlHelper = new UrlHelper(filterContext.RequestContext); var redirectUrl = urlHelper.Action("Detail", "Login"); filterContext.Result = new RedirectResult(redirectUrl); //base.OnActionExecuting(filterContext); return; } } else { if (Session["IsPassExpired"] == "Y") { if (controler.ToLower() == "changepassword") { } else { errorMassage = "[VALIDATION] tidak punya akses kesini : Pass expired"; throw new Exception(errorMassage); } } else if (Session["isAdmin"] == "Y") { } else { if (action.ToLower() == "checklayout") { if (!GeneralGetList.GetAuthAction((int)Session["userId"], controler + "/" + "Print")) { errorMassage = "[VALIDATION] tidak punya akses kesini"; throw new Exception(errorMassage); } } else if (action.ToLower() == "layout") { int Layout_Id = int.Parse(Request["Layout_Id"]); if (!Rpt.GetAuthLayout((int)Session["userId"], Layout_Id)) { errorMassage = "[VALIDATION] tidak punya akses kesini : layout tidak di temukan"; throw new Exception(errorMassage); } } else if ((action.ToLower() == "print") && (controler.ToLower() == "reportcustom")) { int Report_Id = int.Parse(Request["Report_Id"]); if (!Rpt.GetAuthreport((int)Session["userId"], Report_Id)) { errorMassage = "[VALIDATION] tidak punya akses kesini : report tidak di temukan"; throw new Exception(errorMassage); } } string[] arrAction = { "detail", "won", "lose", "add", "update", "post", "cancel", "close", "bsclose", "paid", "process", "reject", "sendemailtoreqestor", "p2", "p3", "finish", "duplicate", "revision", "reopen", "readytosell", "stoptosell", "checkmice", "checkpassport", "checkvisa", "checktelex", "done", "send", "cancelafterupload" }; string[] arrControlerAttachment = { "miceinquiry" }; string[] arrActionAttachment = { "attachment_upload", "attachment_download", "tabattachmenteditmodesdeletepartial" }; if (arrAction.Contains(action.ToLower())) { if (!GeneralGetList.GetAuthAction((int)Session["userId"], controler + "/" + action)) { errorMassage = "[VALIDATION] tidak punya akses kesini"; throw new Exception(errorMassage); } } else if ((arrActionAttachment.Contains(action.ToLower())) && (arrControlerAttachment.Contains(controler.ToLower()))) { if (!GeneralGetList.GetAuthAction((int)Session["userId"], controler + "/" + action)) { errorMassage = "[VALIDATION] tidak punya akses kesini"; throw new Exception(errorMassage); } } } } if (errorMassage != "") { if (errorMassage.Substring(0, 12) == "[VALIDATION]") { var content = errorMassage; filterContext.Result = new ContentResult { ContentType = "text/plain",//Thanks Colin Content = content }; filterContext.HttpContext.Response.Status = "500 " + errorMassage .Replace("\r", " ") .Replace("\n", " "); //filterContext.HttpContext.AddError(new Exception(errorMassage)); filterContext.HttpContext.Response.TrySkipIisCustomErrors = true; } } //System.Diagnostics.Debug.Print("test OnActionExecuting"); }
public ActionResult Login(string UserName, string Pwd) { var loginModel = new LoginModel(); loginModel.UserName = UserName; loginModel.Pwd = Pwd; loginService = new LoginService(); string lastUrl = ""; if (!loginService.Login(loginModel)) { throw new Exception(string.Format("[VALIDATION] {0}", "Login fail")); } else if (!loginService.CheckDbName()) { throw new Exception(string.Format("[VALIDATION] {0}", "db setting not valid (APP:SpSysGetSapDb, SAP:SpSysGetAppDb) ")); } else if (loginService.CheckPasswordExpired(loginModel.UserName)) { var model = loginService.GetLoginInfo(loginModel.UserName); Session["IsPassExpired"] = "Y"; Session["userId"] = model.UserId; Session["userName"] = model.UserName; Session["roleName"] = model.RoleName; Session["isAdmin"] = GeneralGetList.GetIsAdmin(model.RoleName); Session["branchCode"] = model.BranchCode; Session["branchName"] = model.BranchName; lastUrl = Url.Action("Index", "ChangePassword"); if (!string.IsNullOrEmpty(model.LastController)) { Session["lastController"] = model.LastController; } else { Session["lastController"] = ""; } } else { var model = loginService.GetLoginInfo(loginModel.UserName); Session["IsPassExpired"] = "N"; Session["userId"] = model.UserId; Session["userName"] = model.UserName; Session["roleName"] = model.RoleName; Session["isAdmin"] = GeneralGetList.GetIsAdmin(model.RoleName); Session["branchCode"] = model.BranchCode; Session["branchName"] = model.BranchName; if (!string.IsNullOrEmpty(model.LastController)) { if (GeneralGetList.GetAuthAction((int)Session["userId"], model.LastController + "/" + "Detail")) { lastUrl = Url.Action("Detail", model.LastController); } } if (string.IsNullOrEmpty(lastUrl)) { lastUrl = Url.Action("Index", "Home"); } } return(Content(lastUrl)); }