public override void OnActionExecuting(ActionExecutingContext context) { AuthorizedCustomer authorizedCustomer = _cacheHelper.GetAuthorizedCustomer(); if (_cacheHelper.GetSourceType() == XBS.SourceType.AcbaOnline && authorizedCustomer.SecondConfirm == 1) { bool isValid; ApproveIdRequest request = null; ProductIdApproveRequest requestProductId = null; OrderRejectionRequest rejectionRequest = null; RemovalOrderRequest removalOrderRequest = null; string OTP = ""; foreach (var argument in context.ActionArguments.Values.Where(v => v is ApproveIdRequest)) { request = argument as ApproveIdRequest; OTP = request.OTP; break; } foreach (var argument in context.ActionArguments.Values.Where(v => v is OrderRejectionRequest)) { rejectionRequest = argument as OrderRejectionRequest; OTP = rejectionRequest.OTP; break; } foreach (var argument in context.ActionArguments.Values.Where(v => v is RemovalOrderRequest)) { removalOrderRequest = argument as RemovalOrderRequest; OTP = removalOrderRequest.OTP; break; } foreach (var argument in context.ActionArguments.Values.Where(v => v is ProductIdApproveRequest)) { requestProductId = argument as ProductIdApproveRequest; OTP = request.OTP; break; } isValid = _xbSecurity.ValidateOTP(context.HttpContext.Request.Headers["SessionId"], OTP, _cacheHelper.GetClientIp(), _cacheHelper.GetLanguage()); if (!isValid) { Response response = new Response(); response.ResultCode = ResultCodes.validationError; response.Description = (Languages)_cacheHelper.GetLanguage() == Languages.hy ? "Սխալ թվային կոդ։" : "Incorrect OTP code."; context.Result = ResponseExtensions.ToHttpResponse(response); } } }
public override void OnActionExecuting(ActionExecutingContext context) { long id = 0; ApproveIdRequest request = null; OrderRejectionRequest rejectionRequest = null; RemovalOrderRequest removalOrderRequest = null; OrderType orderType = OrderType.NotDefined; foreach (var argument in context.ActionArguments.Values.Where(v => v is ApproveIdRequest)) { request = argument as ApproveIdRequest; id = request.Id; break; } foreach (var argument in context.ActionArguments.Values.Where(v => v is OrderRejectionRequest)) { rejectionRequest = argument as OrderRejectionRequest; id = rejectionRequest.OrderRejection.OrderId; break; } foreach (var argument in context.ActionArguments.Values.Where(v => v is RemovalOrderRequest)) { removalOrderRequest = argument as RemovalOrderRequest; id = removalOrderRequest.Order.RemovingOrderId; orderType = OrderType.RemoveTransaction; break; } AuthorizedCustomer authorizedCustomer = _cacheHelper.GetAuthorizedCustomer(); if ((!_xbService.IsAbleToChangeQuality(authorizedCustomer.UserName, (int)id) && orderType != OrderType.RemoveTransaction) || (authorizedCustomer.Permission != 3 && authorizedCustomer.Permission != 2) || (orderType == OrderType.RemoveTransaction && !authorizedCustomer.IsLastConfirmer)) { Response response = new Response(); byte language = _cacheHelper.GetLanguage() == 0 ? (byte)2 : (byte)1; response.ResultCode = ResultCodes.validationError; response.Description = _xbService.GetTerm(1689, null, (Languages)language); context.Result = ResponseExtensions.ToHttpResponse(response); } }