//public static Company CurrentCompany(this HttpContextBase Context) //{ // if (Context == null) // return null; // Company company = null; // User user = Context.CurrentUser(); // BuildingEntities db; // if (Context.Request.IsAuthenticated) // { // company = Context.Session[FormsAuthentication.FormsCookieName + "_Company"] as Company; // if (company == null) // { // using (db = new BuildingEntities()) // { // company = db.Companies.FirstOrDefault(val => val.ID == user.CompanyID); // if (user != null) // { // Context.Session[FormsAuthentication.FormsCookieName + "_Company"] = company; // } // else // { // FormsAuthentication.SignOut(); // Context.Response.Redirect("~/"); // } // } // } // } // return company; //} //public static Company CurrentCompany(this HttpContextBase Context, Company Company) //{ // if (Company == null || Context.CurrentCompany() == null || Context.CurrentCompany().ID == Company.ID) // { // Context.Session[FormsAuthentication.FormsCookieName + "_Company"] = Company; // } // return Company; //} public static User CurrentUser(this HttpContextBase Context, User User) { if (User == null || Context.CurrentUser() == null || Context.CurrentUser().ID == User.ID) { Context.Session[FormsAuthentication.FormsCookieName] = User; } return(User); }
public static StartReservationItem CreateStartReservationItem(HttpContextBase context, IProvider provider, IReservationItem rsv) { var now = DateTime.Now; var item = new StartReservationItem { ReservationID = rsv.ReservationID, ResourceID = rsv.ResourceID, ResourceName = rsv.ResourceName, ReservedByClientID = rsv.ClientID, ReservedByClientName = string.Format("{0} {1}", rsv.FName, rsv.LName) }; var currentUser = context.CurrentUser(provider); if (rsv.ClientIDBegin.HasValue) { if (rsv.ClientIDBegin.Value > 0) { IClient startedBy = provider.Data.Client.GetClient(rsv.ClientIDBegin.Value); item.StartedByClientID = startedBy.ClientID; item.StartedByClientName = string.Format("{0} {1}", startedBy.FName, startedBy.LName); } else { item.StartedByClientID = 0; item.StartedByClientName = string.Empty; } } else { item.StartedByClientID = currentUser.ClientID; item.StartedByClientName = string.Format("{0} {1}", currentUser.FName, currentUser.LName); } var reservationItem = provider.Scheduler.Reservation.GetReservationWithInvitees(rsv.ReservationID); var helper = new SchedulerContextHelper(context, provider); var args = ReservationStateArgs.Create(reservationItem, helper.GetReservationClient(reservationItem), now); var stateUtil = ReservationStateUtility.Create(now); ReservationState state = stateUtil.GetReservationState(args); item.Startable = stateUtil.IsStartable(state); item.NotStartableMessage = GetNotStartableMessage(state); var inst = ActionInstances.Find(ActionType.Interlock, rsv.ResourceID); item.HasInterlock = inst != null; var res = provider.Scheduler.Resource.GetResource(rsv.ResourceID); item.ReturnUrl = GetResourceUrl(context, res); return(item); }
private bool CanCreateNewReservation(HttpContextBase context) { var currentView = context.GetCurrentViewType(); // copied from the old EmptyCell_Click event handler in ReservationView.ascx.vb if (currentView == ViewType.UserView) { return(false); } DateTime date = context.Request.SelectedDate(); TimeSpan time = GetReservationTime(context); // Check for past reservation date times if (date.Add(time) < DateTime.Now) { throw new Exception("You cannot create reservations in the past."); } // Check if user has accounts if (GetCurrentUserActiveClientAccountsCount(context) == 0) { throw new Exception("You do not have any accounts with which to make reservations."); } // The reservation fence cannot truly be checked until the activity type is selected // however, authorized users are always impacted by it/ var pathInfo = context.Request.SelectedPath(); IResource res = Provider.Scheduler.Resource.GetResource(pathInfo.ResourceID); IClient currentUser = context.CurrentUser(Provider); ClientAuthLevel authLevel = CacheManager.Current.GetAuthLevel(res.ResourceID, currentUser); if (authLevel < ClientAuthLevel.SuperUser) { if (DateTime.Now.AddMinutes(res.ReservFence) < date) { throw new Exception("You are trying to make a reservation that is too far in the future."); } } if (currentView == ViewType.DayView || currentView == ViewType.WeekView) { context.SetWeekStartDate(GetWeekStartDate(context)); } return(true); }
private int SendHardwareTicketEmails(HttpContextBase context) { string subject = context.Request["subject"]; string message = context.Request["message"]; if (!int.TryParse(context.Request["resourceId"], out int resourceId)) { throw new Exception("Invalid parameter: resourceId"); } var res = Provider.Scheduler.Resource.GetResource(resourceId); int sent = HelpdeskUtility.SendHardwareIssueEmail(res, context.CurrentUser(Provider).ClientID, subject, message); return(sent); }
/// <summary> /// Ensures that the current session contains data for the authenticated user. /// </summary> public static IClient CheckSession(this HttpContextBase context, IProvider provider) { if (context == null) { throw new ArgumentNullException("context"); } if (provider == null) { throw new ArgumentNullException("provider"); } IClient model = null; if (context.User.Identity.IsAuthenticated) { model = context.CurrentUser(provider); } else { // this provides a secret backdoor mechanism for logging in by providing the parameter // cid in the querystring, no password required (!) - seems like a very bad idea - maybe // this was a debugging thing that wasn't removed? added IsProduction check to be safe if (!provider.IsProduction()) { var qs = context.Request.QueryString; if (qs.AllKeys.Contains("cid")) { if (int.TryParse(qs["cid"], out int cid)) { model = provider.Data.Client.GetClient(cid); if (model != null) { var user = new GenericPrincipal(new GenericIdentity(model.UserName), model.Roles()); context.User = user; context.Session[SessionKeys.UserName] = model.UserName; } } } } } return(context.CheckSession(provider, model)); }
public void ProcessRequest(HttpContext context) { ContextBase = new HttpContextWrapper(context); var currentUser = ContextBase.CurrentUser(Provider); int clientId = currentUser.ClientID; string name = context.Request.QueryString["name"]; string type = context.Request.QueryString["type"]; string path; if (!string.IsNullOrEmpty(name)) { if (type == "zip") { path = ZipUtility.CreateArchive(ExcelUtility.GetWorkPath(clientId), name); if (File.Exists(path)) { context.Response.ContentType = "application/zip"; context.Response.AddHeader("Content-Disposition", string.Format(@"attachment;filename=""{0}""", Path.GetFileName(path))); context.Response.WriteFile(path); return; } } else { path = Path.Combine(ExcelUtility.GetWorkPath(clientId), name); if (File.Exists(path)) { context.Response.ContentType = "application/vnd.ms-excel"; context.Response.AddHeader("Content-Disposition", string.Format(@"attachment;filename=""{0}""", Path.GetFileName(path))); context.Response.WriteFile(path); return; } } } throw new HttpException(404, "File not found"); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { var authHeader = httpContext.Request.Headers["Authorization"]; if (authHeader != null && authHeader.StartsWith("Basic ")) { string token = authHeader.Replace("Basic ", string.Empty); string param = Encoding.ASCII.GetString(Convert.FromBase64String(token)); string[] splitter = param.Split(':'); if (splitter.Length == 2) { string username = splitter[0]; string password = splitter[1]; var auth = new AuthUtility(Provider.Data.Client); var c = auth.Login(username, password); if (c != null && c.ClientActive) { httpContext.User = new GenericPrincipal(new GenericIdentity(c.UserName, "Basic"), null); } } } bool result; if (RequiredPrivilege == 0) { result = true; } else { result = PrivCheck(httpContext.CurrentUser(Provider)); } return(result); }
public static object Start(HttpContextBase context, IProvider provider, int reservationId, int clientId) { try { var helper = new SchedulerContextHelper(context, provider); var util = Reservations.Create(provider, DateTime.Now); var rsv = provider.Scheduler.Reservation.GetReservationWithInvitees(reservationId); var client = provider.Data.Client.GetClient(clientId); if (rsv != null) { util.Start(rsv, helper.GetReservationClient(rsv, client), context.CurrentUser(provider).ClientID); return(new { Error = false, Message = "OK" }); } else { return(new { Error = true, Message = $"Cannot find record for ReservationID {reservationId}" }); } } catch (Exception ex) { return(new { Error = true, ex.Message }); } }
public string GetReservationAction(HttpContextBase context) { SchedulerContextHelper helper = GetContextHelper(context); context.Session.Remove("ActiveReservationMessage"); context.Session.Remove("ShowStartConfirmationDialog"); var now = DateTime.Now; var util = Reservations.Create(Provider, now); var requestedState = GetReservationState(context); var rsv = helper.GetReservation(); var res = helper.GetResource(rsv.ResourceID); var client = helper.GetReservationClient(rsv); var args = ReservationStateArgs.Create(rsv, client, now); var state = ReservationStateUtility.Create(now).GetReservationState(args); var currentView = GetView(context); var currentUser = context.CurrentUser(Provider); bool confirm = false; int reservationId = 0; helper.AppendLog($"ReservationController.GetReservationAction: reservationId = {rsv.ReservationID}, requestedState = {requestedState}, state = {state}, currentView = {currentView}"); switch (requestedState) { case ReservationState.StartOnly: case ReservationState.StartOrDelete: // If there are previous unended reservations, then ask for confirmation var endable = Provider.Scheduler.Reservation.SelectEndableReservations(rsv.ResourceID); if (endable.Count() > 0) { var endableReservations = string.Join(",", endable.Select(x => x.ReservationID)); context.Session["ActiveReservationMessage"] = $"[Previous ReservationID: {endableReservations}, Current ReservationID: {rsv.ReservationID}]"; confirm = true; reservationId = rsv.ReservationID; } else { util.Start(rsv, helper.GetReservationClient(rsv), currentUser.ClientID); } break; case ReservationState.Endable: // End reservation if (state == ReservationState.Endable) { util.End(rsv, DateTime.Now, currentUser.ClientID); } else { string actualBeginDateTime = rsv.ActualBeginDateTime.HasValue ? rsv.ActualBeginDateTime.Value.ToString("yyyy-MM-dd HH:mm:ss") : "null"; throw new InvalidOperationException($"ReservationID {rsv.ReservationID} state is {state}, not Endable. ActualBeginDateTime: {actualBeginDateTime}"); } break; case ReservationState.PastSelf: if (currentView == ViewType.DayView || currentView == ViewType.WeekView) { context.SetWeekStartDate(rsv.BeginDateTime.Date); } return(SchedulerUtility.GetReturnUrl("ReservationRunNotes.aspx", PathInfo.Create(res), context.Request.SelectedLocationPath(), rsv.ReservationID, context.Request.SelectedDate())); case ReservationState.Other: case ReservationState.Invited: case ReservationState.PastOther: return(SchedulerUtility.GetReturnUrl("Contact.aspx", PathInfo.Create(res), context.Request.SelectedLocationPath(), rsv.ReservationID, context.Request.SelectedDate())); default: // invalid state detected! // throw new NotImplementedException($"ReservationState = {state} is not implemented"); context.Session["ErrorMessage"] = $"The current reservation state, {state}, is invalid. No actions are defined for this state. [RequestedState = {requestedState}, ReservationID = {reservationId}]"; var vars = new Dictionary <string, object> { ["current state"] = state, ["requested state"] = requestedState, ["reservationId"] = reservationId, ["tool_engineer"] = args.IsToolEngineer, ["inlab"] = args.IsInLab, ["reserver"] = args.IsReserver, ["invited"] = args.IsInvited, ["authorized"] = args.IsAuthorized, ["before_mct"] = args.IsBeforeMinCancelTime(), ["startable"] = args.IsStartable() }; helper.SendDebugEmail("ReservationController.GetReservationAction", "Invalid state detected!", "Invalid state detected!", vars); return(SchedulerUtility.Create(Provider).GetReservationViewReturnUrl(currentView, false, reservationId)); } string result = SchedulerUtility.Create(Provider).GetReservationViewReturnUrl(currentView, confirm, reservationId); return(result); }
public static object HandleRequest(HttpContextBase context, IProvider provider) { string action = context.Request["Action"].ToString(); int resourceId = Utility.ConvertTo(context.Request["ResourceID"], 0); int clientId = Utility.ConvertTo(context.Request["ClientID"], 0); int ticketId = Utility.ConvertTo(context.Request["TicketID"], 0); string command = Utility.ConvertTo(context.Request["Command"], string.Empty); string message = string.Empty; object result = null; GenericResult gr; var res = provider.Scheduler.Reservation.GetResource(resourceId); var currentUser = context.CurrentUser(provider); var dataSession = provider.DataAccess.Session; switch (action) { case "SaveReservationHistory": throw new NotImplementedException(); case "get-tool-engineers": gr = new GenericResult(); GetToolEngineers(provider, res, gr); result = gr; break; case "add-tool-engineer": gr = new GenericResult(); AddToolEngineer(dataSession, res, dataSession.Single <Client>(clientId), gr); GetToolEngineers(provider, res, gr); result = gr; break; case "delete-tool-engineer": gr = new GenericResult(); DeleteToolEngineer(dataSession, res, dataSession.Single <Client>(clientId), gr); GetToolEngineers(provider, res, gr); result = gr; break; case "get-buildings": var buildings = dataSession.Query <Building>().Where(x => x.BuildingIsActive).ToList(); result = GetBuildings(res, buildings); break; case "get-labs": int buildingId = Utility.ConvertTo(context.Request["BuildingID"], 0); var labs = dataSession.Query <Lab>().Where(x => x.Building.BuildingID == buildingId).ToList(); result = GetLabs(res, labs); break; case "get-proctechs": int labId = Utility.ConvertTo(context.Request["LabID"], 0); var procTechs = dataSession.Query <ProcessTech>().Where(x => x.Lab.LabID == labId).ToList(); result = GetProcessTechs(res, procTechs); break; case "add-resource": result = AddResource(dataSession, context); break; case "upload-image": result = UploadImage(context); break; case "helpdesk-info": result = HelpdeskInfo(provider.Scheduler.Resource.GetResource(resourceId)); break; case "helpdesk-list-tickets": result = HelpdeskListTickets(provider.Scheduler.Resource.GetResource(resourceId)); break; case "helpdesk-detail": result = HelpdeskDetail(ticketId, currentUser); break; case "helpdesk-post-message": message = Utility.ConvertTo(context.Request["Message"], string.Empty); message = $"Posted from scheduler by: {currentUser.DisplayName} ({currentUser.Email})\n----------------------------------------\n{message}"; result = HelpdeskPostMessage(ticketId, message, currentUser); break; case "send-hardware-issue-email": message = Utility.ConvertTo(context.Request["message"], string.Empty); string subject = Utility.ConvertTo(context.Request["subject"], string.Empty); int sent = HelpdeskUtility.SendHardwareIssueEmail(res, currentUser.ClientID, subject, message); result = new GenericResult() { Success = sent > 0, Message = $"Emails sent: {sent}", Data = null, Log = null }; break; case "interlock": bool state = Utility.ConvertTo(context.Request["State"], false); int duration = Utility.ConvertTo(context.Request["Duration"], 0); uint d = (duration >= 0) ? (uint)duration : 0; result = HandleInterlockRequest(provider, command, resourceId, state, d); break; case "test": result = new GenericResult() { Success = true, Message = $"current client: {currentUser.ClientID}", Data = null, Log = null }; break; default: result = new GenericResult { Success = false, Message = "Invalid action." }; break; } return(result); }