public ActionResult ChangePasswordExpired([ModelBinder(typeof(DevExpressEditorsBinder))] ChangePasswordModel changePasswordModel)
{
string lastUrl = "";
if (ModelState.IsValid)
{
changePasswordService = new ChangePasswordService();
changePasswordModel.UserId = (int)Session["userId"];
changePasswordService.ChangePassword(changePasswordModel);
if (Session["IsPassExpired"] == "Y")
{
var LastController = (string)Session["lastController"];
if (!string.IsNullOrEmpty(LastController))
{
if (GeneralGetList.GetAuthAction((int)Session["userId"], LastController + "/" + "Detail"))
{
lastUrl = Url.Action("Detail", LastController);
}
}
if (string.IsNullOrEmpty(lastUrl))
{
lastUrl = Url.Action("Index", "Home");
}
Session["IsPassExpired"] = "N";
}
else
{
if (string.IsNullOrEmpty(lastUrl))
{
lastUrl = Url.Action("Index", "Home");
}
}
}
else
{
string message = GetErrorModel();
throw new Exception(string.Format("[VALIDATION] {0}", message));
}
return(Content(lastUrl));
}
//----------------------------
// handling error and authentication every url
//---------------------------
//
// Summary:
// Called before the action method is invoked.
//
// Parameters:
// filterContext:
// Information about the current request and action.
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
//untuk sementara datanya di tembak nanti kalo sudah jalan ini di nonactive kan
//------------------------------------------------------
Session["userId"] = 1;
Session["userName"] = "******";
Session["roleName"] = "Administrator";
Session["isAdmin"] = "Y";
Session["branchCode"] = "105";
Session["branchName"] = "NCD";
Session["IsPassExpired"] = "N";
//------------------------------------------------------
String controler = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
String action = filterContext.ActionDescriptor.ActionName;
String errorMassage = "";
if ((controler == "_Alert") && (action == "AjaxAlert"))
{
return;
}
if (Session["userName"] == null)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
errorMassage = "[VALIDATION] Session not exists (Ajax)";
if (controler != "_Alert")
{
throw new Exception(errorMassage);
}
}
else
{
//Action("Detail", "Login");
var urlHelper = new UrlHelper(filterContext.RequestContext);
var redirectUrl = urlHelper.Action("Detail", "Login");
filterContext.Result = new RedirectResult(redirectUrl);
//base.OnActionExecuting(filterContext);
return;
}
}
else
{
if (Session["IsPassExpired"] == "Y")
{
if (controler.ToLower() == "changepassword")
{
}
else
{
errorMassage = "[VALIDATION] tidak punya akses kesini : Pass expired";
throw new Exception(errorMassage);
}
}
else if (Session["isAdmin"] == "Y")
{
}
else
{
if (action.ToLower() == "checklayout")
{
if (!GeneralGetList.GetAuthAction((int)Session["userId"], controler + "/" + "Print"))
{
errorMassage = "[VALIDATION] tidak punya akses kesini";
throw new Exception(errorMassage);
}
}
else if (action.ToLower() == "layout")
{
int Layout_Id = int.Parse(Request["Layout_Id"]);
if (!Rpt.GetAuthLayout((int)Session["userId"], Layout_Id))
{
errorMassage = "[VALIDATION] tidak punya akses kesini : layout tidak di temukan";
throw new Exception(errorMassage);
}
}
else if ((action.ToLower() == "print") && (controler.ToLower() == "reportcustom"))
{
int Report_Id = int.Parse(Request["Report_Id"]);
if (!Rpt.GetAuthreport((int)Session["userId"], Report_Id))
{
errorMassage = "[VALIDATION] tidak punya akses kesini : report tidak di temukan";
throw new Exception(errorMassage);
}
}
string[] arrAction = { "detail", "won", "lose", "add", "update", "post", "cancel", "close", "bsclose", "paid", "process", "reject", "sendemailtoreqestor", "p2", "p3", "finish", "duplicate", "revision", "reopen", "readytosell", "stoptosell", "checkmice", "checkpassport", "checkvisa", "checktelex", "done", "send", "cancelafterupload" };
string[] arrControlerAttachment = { "miceinquiry" };
string[] arrActionAttachment = { "attachment_upload", "attachment_download", "tabattachmenteditmodesdeletepartial" };
if (arrAction.Contains(action.ToLower()))
{
if (!GeneralGetList.GetAuthAction((int)Session["userId"], controler + "/" + action))
{
errorMassage = "[VALIDATION] tidak punya akses kesini";
throw new Exception(errorMassage);
}
}
else if ((arrActionAttachment.Contains(action.ToLower())) && (arrControlerAttachment.Contains(controler.ToLower())))
{
if (!GeneralGetList.GetAuthAction((int)Session["userId"], controler + "/" + action))
{
errorMassage = "[VALIDATION] tidak punya akses kesini";
throw new Exception(errorMassage);
}
}
}
}
if (errorMassage != "")
{
if (errorMassage.Substring(0, 12) == "[VALIDATION]")
{
var content = errorMassage;
filterContext.Result = new ContentResult
{
ContentType = "text/plain",//Thanks Colin
Content = content
};
filterContext.HttpContext.Response.Status =
"500 " + errorMassage
.Replace("\r", " ")
.Replace("\n", " ");
//filterContext.HttpContext.AddError(new Exception(errorMassage));
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
}
}
//System.Diagnostics.Debug.Print("test OnActionExecuting");
}
public ActionResult Login(string UserName, string Pwd)
{
var loginModel = new LoginModel();
loginModel.UserName = UserName;
loginModel.Pwd = Pwd;
loginService = new LoginService();
string lastUrl = "";
if (!loginService.Login(loginModel))
{
throw new Exception(string.Format("[VALIDATION] {0}", "Login fail"));
}
else if (!loginService.CheckDbName())
{
throw new Exception(string.Format("[VALIDATION] {0}", "db setting not valid (APP:SpSysGetSapDb, SAP:SpSysGetAppDb) "));
}
else if (loginService.CheckPasswordExpired(loginModel.UserName))
{
var model = loginService.GetLoginInfo(loginModel.UserName);
Session["IsPassExpired"] = "Y";
Session["userId"] = model.UserId;
Session["userName"] = model.UserName;
Session["roleName"] = model.RoleName;
Session["isAdmin"] = GeneralGetList.GetIsAdmin(model.RoleName);
Session["branchCode"] = model.BranchCode;
Session["branchName"] = model.BranchName;
lastUrl = Url.Action("Index", "ChangePassword");
if (!string.IsNullOrEmpty(model.LastController))
{
Session["lastController"] = model.LastController;
}
else
{
Session["lastController"] = "";
}
}
else
{
var model = loginService.GetLoginInfo(loginModel.UserName);
Session["IsPassExpired"] = "N";
Session["userId"] = model.UserId;
Session["userName"] = model.UserName;
Session["roleName"] = model.RoleName;
Session["isAdmin"] = GeneralGetList.GetIsAdmin(model.RoleName);
Session["branchCode"] = model.BranchCode;
Session["branchName"] = model.BranchName;
if (!string.IsNullOrEmpty(model.LastController))
{
if (GeneralGetList.GetAuthAction((int)Session["userId"], model.LastController + "/" + "Detail"))
{
lastUrl = Url.Action("Detail", model.LastController);
}
}
if (string.IsNullOrEmpty(lastUrl))
{
lastUrl = Url.Action("Index", "Home");
}
}
return(Content(lastUrl));
}
