//public static Company CurrentCompany(this HttpContextBase Context)
//{
// if (Context == null)
// return null;
// Company company = null;
// User user = Context.CurrentUser();
// BuildingEntities db;
// if (Context.Request.IsAuthenticated)
// {
// company = Context.Session[FormsAuthentication.FormsCookieName + "_Company"] as Company;
// if (company == null)
// {
// using (db = new BuildingEntities())
// {
// company = db.Companies.FirstOrDefault(val => val.ID == user.CompanyID);
// if (user != null)
// {
// Context.Session[FormsAuthentication.FormsCookieName + "_Company"] = company;
// }
// else
// {
// FormsAuthentication.SignOut();
// Context.Response.Redirect("~/");
// }
// }
// }
// }
// return company;
//}
//public static Company CurrentCompany(this HttpContextBase Context, Company Company)
//{
// if (Company == null || Context.CurrentCompany() == null || Context.CurrentCompany().ID == Company.ID)
// {
// Context.Session[FormsAuthentication.FormsCookieName + "_Company"] = Company;
// }
// return Company;
//}
public static User CurrentUser(this HttpContextBase Context, User User)
{
if (User == null || Context.CurrentUser() == null || Context.CurrentUser().ID == User.ID)
{
Context.Session[FormsAuthentication.FormsCookieName] = User;
}
return(User);
}
public static StartReservationItem CreateStartReservationItem(HttpContextBase context, IProvider provider, IReservationItem rsv)
{
var now = DateTime.Now;
var item = new StartReservationItem
{
ReservationID = rsv.ReservationID,
ResourceID = rsv.ResourceID,
ResourceName = rsv.ResourceName,
ReservedByClientID = rsv.ClientID,
ReservedByClientName = string.Format("{0} {1}", rsv.FName, rsv.LName)
};
var currentUser = context.CurrentUser(provider);
if (rsv.ClientIDBegin.HasValue)
{
if (rsv.ClientIDBegin.Value > 0)
{
IClient startedBy = provider.Data.Client.GetClient(rsv.ClientIDBegin.Value);
item.StartedByClientID = startedBy.ClientID;
item.StartedByClientName = string.Format("{0} {1}", startedBy.FName, startedBy.LName);
}
else
{
item.StartedByClientID = 0;
item.StartedByClientName = string.Empty;
}
}
else
{
item.StartedByClientID = currentUser.ClientID;
item.StartedByClientName = string.Format("{0} {1}", currentUser.FName, currentUser.LName);
}
var reservationItem = provider.Scheduler.Reservation.GetReservationWithInvitees(rsv.ReservationID);
var helper = new SchedulerContextHelper(context, provider);
var args = ReservationStateArgs.Create(reservationItem, helper.GetReservationClient(reservationItem), now);
var stateUtil = ReservationStateUtility.Create(now);
ReservationState state = stateUtil.GetReservationState(args);
item.Startable = stateUtil.IsStartable(state);
item.NotStartableMessage = GetNotStartableMessage(state);
var inst = ActionInstances.Find(ActionType.Interlock, rsv.ResourceID);
item.HasInterlock = inst != null;
var res = provider.Scheduler.Resource.GetResource(rsv.ResourceID);
item.ReturnUrl = GetResourceUrl(context, res);
return(item);
}
private bool CanCreateNewReservation(HttpContextBase context)
{
var currentView = context.GetCurrentViewType();
// copied from the old EmptyCell_Click event handler in ReservationView.ascx.vb
if (currentView == ViewType.UserView)
{
return(false);
}
DateTime date = context.Request.SelectedDate();
TimeSpan time = GetReservationTime(context);
// Check for past reservation date times
if (date.Add(time) < DateTime.Now)
{
throw new Exception("You cannot create reservations in the past.");
}
// Check if user has accounts
if (GetCurrentUserActiveClientAccountsCount(context) == 0)
{
throw new Exception("You do not have any accounts with which to make reservations.");
}
// The reservation fence cannot truly be checked until the activity type is selected
// however, authorized users are always impacted by it/
var pathInfo = context.Request.SelectedPath();
IResource res = Provider.Scheduler.Resource.GetResource(pathInfo.ResourceID);
IClient currentUser = context.CurrentUser(Provider);
ClientAuthLevel authLevel = CacheManager.Current.GetAuthLevel(res.ResourceID, currentUser);
if (authLevel < ClientAuthLevel.SuperUser)
{
if (DateTime.Now.AddMinutes(res.ReservFence) < date)
{
throw new Exception("You are trying to make a reservation that is too far in the future.");
}
}
if (currentView == ViewType.DayView || currentView == ViewType.WeekView)
{
context.SetWeekStartDate(GetWeekStartDate(context));
}
return(true);
}
private int SendHardwareTicketEmails(HttpContextBase context)
{
string subject = context.Request["subject"];
string message = context.Request["message"];
if (!int.TryParse(context.Request["resourceId"], out int resourceId))
{
throw new Exception("Invalid parameter: resourceId");
}
var res = Provider.Scheduler.Resource.GetResource(resourceId);
int sent = HelpdeskUtility.SendHardwareIssueEmail(res, context.CurrentUser(Provider).ClientID, subject, message);
return(sent);
}
/// <summary>
/// Ensures that the current session contains data for the authenticated user.
/// </summary>
public static IClient CheckSession(this HttpContextBase context, IProvider provider)
{
if (context == null)
{
throw new ArgumentNullException("context");
}
if (provider == null)
{
throw new ArgumentNullException("provider");
}
IClient model = null;
if (context.User.Identity.IsAuthenticated)
{
model = context.CurrentUser(provider);
}
else
{
// this provides a secret backdoor mechanism for logging in by providing the parameter
// cid in the querystring, no password required (!) - seems like a very bad idea - maybe
// this was a debugging thing that wasn't removed? added IsProduction check to be safe
if (!provider.IsProduction())
{
var qs = context.Request.QueryString;
if (qs.AllKeys.Contains("cid"))
{
if (int.TryParse(qs["cid"], out int cid))
{
model = provider.Data.Client.GetClient(cid);
if (model != null)
{
var user = new GenericPrincipal(new GenericIdentity(model.UserName), model.Roles());
context.User = user;
context.Session[SessionKeys.UserName] = model.UserName;
}
}
}
}
}
return(context.CheckSession(provider, model));
}
public void ProcessRequest(HttpContext context)
{
ContextBase = new HttpContextWrapper(context);
var currentUser = ContextBase.CurrentUser(Provider);
int clientId = currentUser.ClientID;
string name = context.Request.QueryString["name"];
string type = context.Request.QueryString["type"];
string path;
if (!string.IsNullOrEmpty(name))
{
if (type == "zip")
{
path = ZipUtility.CreateArchive(ExcelUtility.GetWorkPath(clientId), name);
if (File.Exists(path))
{
context.Response.ContentType = "application/zip";
context.Response.AddHeader("Content-Disposition", string.Format(@"attachment;filename=""{0}""", Path.GetFileName(path)));
context.Response.WriteFile(path);
return;
}
}
else
{
path = Path.Combine(ExcelUtility.GetWorkPath(clientId), name);
if (File.Exists(path))
{
context.Response.ContentType = "application/vnd.ms-excel";
context.Response.AddHeader("Content-Disposition", string.Format(@"attachment;filename=""{0}""", Path.GetFileName(path)));
context.Response.WriteFile(path);
return;
}
}
}
throw new HttpException(404, "File not found");
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var authHeader = httpContext.Request.Headers["Authorization"];
if (authHeader != null && authHeader.StartsWith("Basic "))
{
string token = authHeader.Replace("Basic ", string.Empty);
string param = Encoding.ASCII.GetString(Convert.FromBase64String(token));
string[] splitter = param.Split(':');
if (splitter.Length == 2)
{
string username = splitter[0];
string password = splitter[1];
var auth = new AuthUtility(Provider.Data.Client);
var c = auth.Login(username, password);
if (c != null && c.ClientActive)
{
httpContext.User = new GenericPrincipal(new GenericIdentity(c.UserName, "Basic"), null);
}
}
}
bool result;
if (RequiredPrivilege == 0)
{
result = true;
}
else
{
result = PrivCheck(httpContext.CurrentUser(Provider));
}
return(result);
}
public static object Start(HttpContextBase context, IProvider provider, int reservationId, int clientId)
{
try
{
var helper = new SchedulerContextHelper(context, provider);
var util = Reservations.Create(provider, DateTime.Now);
var rsv = provider.Scheduler.Reservation.GetReservationWithInvitees(reservationId);
var client = provider.Data.Client.GetClient(clientId);
if (rsv != null)
{
util.Start(rsv, helper.GetReservationClient(rsv, client), context.CurrentUser(provider).ClientID);
return(new { Error = false, Message = "OK" });
}
else
{
return(new { Error = true, Message = $"Cannot find record for ReservationID {reservationId}" });
}
}
catch (Exception ex)
{
return(new { Error = true, ex.Message });
}
}
public string GetReservationAction(HttpContextBase context)
{
SchedulerContextHelper helper = GetContextHelper(context);
context.Session.Remove("ActiveReservationMessage");
context.Session.Remove("ShowStartConfirmationDialog");
var now = DateTime.Now;
var util = Reservations.Create(Provider, now);
var requestedState = GetReservationState(context);
var rsv = helper.GetReservation();
var res = helper.GetResource(rsv.ResourceID);
var client = helper.GetReservationClient(rsv);
var args = ReservationStateArgs.Create(rsv, client, now);
var state = ReservationStateUtility.Create(now).GetReservationState(args);
var currentView = GetView(context);
var currentUser = context.CurrentUser(Provider);
bool confirm = false;
int reservationId = 0;
helper.AppendLog($"ReservationController.GetReservationAction: reservationId = {rsv.ReservationID}, requestedState = {requestedState}, state = {state}, currentView = {currentView}");
switch (requestedState)
{
case ReservationState.StartOnly:
case ReservationState.StartOrDelete:
// If there are previous unended reservations, then ask for confirmation
var endable = Provider.Scheduler.Reservation.SelectEndableReservations(rsv.ResourceID);
if (endable.Count() > 0)
{
var endableReservations = string.Join(",", endable.Select(x => x.ReservationID));
context.Session["ActiveReservationMessage"] = $"[Previous ReservationID: {endableReservations}, Current ReservationID: {rsv.ReservationID}]";
confirm = true;
reservationId = rsv.ReservationID;
}
else
{
util.Start(rsv, helper.GetReservationClient(rsv), currentUser.ClientID);
}
break;
case ReservationState.Endable:
// End reservation
if (state == ReservationState.Endable)
{
util.End(rsv, DateTime.Now, currentUser.ClientID);
}
else
{
string actualBeginDateTime = rsv.ActualBeginDateTime.HasValue ? rsv.ActualBeginDateTime.Value.ToString("yyyy-MM-dd HH:mm:ss") : "null";
throw new InvalidOperationException($"ReservationID {rsv.ReservationID} state is {state}, not Endable. ActualBeginDateTime: {actualBeginDateTime}");
}
break;
case ReservationState.PastSelf:
if (currentView == ViewType.DayView || currentView == ViewType.WeekView)
{
context.SetWeekStartDate(rsv.BeginDateTime.Date);
}
return(SchedulerUtility.GetReturnUrl("ReservationRunNotes.aspx", PathInfo.Create(res), context.Request.SelectedLocationPath(), rsv.ReservationID, context.Request.SelectedDate()));
case ReservationState.Other:
case ReservationState.Invited:
case ReservationState.PastOther:
return(SchedulerUtility.GetReturnUrl("Contact.aspx", PathInfo.Create(res), context.Request.SelectedLocationPath(), rsv.ReservationID, context.Request.SelectedDate()));
default:
// invalid state detected!
// throw new NotImplementedException($"ReservationState = {state} is not implemented");
context.Session["ErrorMessage"] = $"The current reservation state, {state}, is invalid. No actions are defined for this state. [RequestedState = {requestedState}, ReservationID = {reservationId}]";
var vars = new Dictionary <string, object>
{
["current state"] = state,
["requested state"] = requestedState,
["reservationId"] = reservationId,
["tool_engineer"] = args.IsToolEngineer,
["inlab"] = args.IsInLab,
["reserver"] = args.IsReserver,
["invited"] = args.IsInvited,
["authorized"] = args.IsAuthorized,
["before_mct"] = args.IsBeforeMinCancelTime(),
["startable"] = args.IsStartable()
};
helper.SendDebugEmail("ReservationController.GetReservationAction", "Invalid state detected!", "Invalid state detected!", vars);
return(SchedulerUtility.Create(Provider).GetReservationViewReturnUrl(currentView, false, reservationId));
}
string result = SchedulerUtility.Create(Provider).GetReservationViewReturnUrl(currentView, confirm, reservationId);
return(result);
}
public static object HandleRequest(HttpContextBase context, IProvider provider)
{
string action = context.Request["Action"].ToString();
int resourceId = Utility.ConvertTo(context.Request["ResourceID"], 0);
int clientId = Utility.ConvertTo(context.Request["ClientID"], 0);
int ticketId = Utility.ConvertTo(context.Request["TicketID"], 0);
string command = Utility.ConvertTo(context.Request["Command"], string.Empty);
string message = string.Empty;
object result = null;
GenericResult gr;
var res = provider.Scheduler.Reservation.GetResource(resourceId);
var currentUser = context.CurrentUser(provider);
var dataSession = provider.DataAccess.Session;
switch (action)
{
case "SaveReservationHistory":
throw new NotImplementedException();
case "get-tool-engineers":
gr = new GenericResult();
GetToolEngineers(provider, res, gr);
result = gr;
break;
case "add-tool-engineer":
gr = new GenericResult();
AddToolEngineer(dataSession, res, dataSession.Single <Client>(clientId), gr);
GetToolEngineers(provider, res, gr);
result = gr;
break;
case "delete-tool-engineer":
gr = new GenericResult();
DeleteToolEngineer(dataSession, res, dataSession.Single <Client>(clientId), gr);
GetToolEngineers(provider, res, gr);
result = gr;
break;
case "get-buildings":
var buildings = dataSession.Query <Building>().Where(x => x.BuildingIsActive).ToList();
result = GetBuildings(res, buildings);
break;
case "get-labs":
int buildingId = Utility.ConvertTo(context.Request["BuildingID"], 0);
var labs = dataSession.Query <Lab>().Where(x => x.Building.BuildingID == buildingId).ToList();
result = GetLabs(res, labs);
break;
case "get-proctechs":
int labId = Utility.ConvertTo(context.Request["LabID"], 0);
var procTechs = dataSession.Query <ProcessTech>().Where(x => x.Lab.LabID == labId).ToList();
result = GetProcessTechs(res, procTechs);
break;
case "add-resource":
result = AddResource(dataSession, context);
break;
case "upload-image":
result = UploadImage(context);
break;
case "helpdesk-info":
result = HelpdeskInfo(provider.Scheduler.Resource.GetResource(resourceId));
break;
case "helpdesk-list-tickets":
result = HelpdeskListTickets(provider.Scheduler.Resource.GetResource(resourceId));
break;
case "helpdesk-detail":
result = HelpdeskDetail(ticketId, currentUser);
break;
case "helpdesk-post-message":
message = Utility.ConvertTo(context.Request["Message"], string.Empty);
message = $"Posted from scheduler by: {currentUser.DisplayName} ({currentUser.Email})\n----------------------------------------\n{message}";
result = HelpdeskPostMessage(ticketId, message, currentUser);
break;
case "send-hardware-issue-email":
message = Utility.ConvertTo(context.Request["message"], string.Empty);
string subject = Utility.ConvertTo(context.Request["subject"], string.Empty);
int sent = HelpdeskUtility.SendHardwareIssueEmail(res, currentUser.ClientID, subject, message);
result = new GenericResult()
{
Success = sent > 0, Message = $"Emails sent: {sent}", Data = null, Log = null
};
break;
case "interlock":
bool state = Utility.ConvertTo(context.Request["State"], false);
int duration = Utility.ConvertTo(context.Request["Duration"], 0);
uint d = (duration >= 0) ? (uint)duration : 0;
result = HandleInterlockRequest(provider, command, resourceId, state, d);
break;
case "test":
result = new GenericResult()
{
Success = true, Message = $"current client: {currentUser.ClientID}", Data = null, Log = null
};
break;
default:
result = new GenericResult
{
Success = false,
Message = "Invalid action."
};
break;
}
return(result);
}
