public static List <Links> getLinksFromDB()
{
String username = Security.getUsername();
LinksDao dataLayer = new LinksDao();
List <Links> userLinks = dataLayer.getUserLinks(username);
SessionVariableManager.setLinks(userLinks);
return(userLinks);
}
//get nav links from db
private void getNavLinks()
{
String username = Security.getUserName();
List <UserLink> links = LinksDao.getUserLinks(username);
foreach (UserLink link in links)
{
writeNavLink(link);
}
}
//this method checks that a user has access to the current url. If not, redirects to the index.aspx page
public static void checkUrl()
{
String username = Security.getUserName();
//get the current url
char[] remove = { '/' }; //used to remove leading / from path to math values stored in db
String currentUrl = HttpContext.Current.Request.CurrentExecutionFilePath.TrimStart(remove);
//get allowed links
List <UserLink> links = LinksDao.getUserLinks(username);
//check if this link is in list
int allowed = links.FindIndex(f => f.getPath() == currentUrl);
//kick user if trying to access unallowed link
if (allowed < 0)
{
HttpContext.Current.Response.Redirect("~/index.aspx");
}
}
