private void ManageCashMenuPanel_VisibleChanged(object sender, EventArgs e) { if (this.Visible && !DesignMode) { var currUser = GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile; //check if user has access to shop cash button const string btnName = "SAFEMANAGEMENT"; if (!(SecurityProfileProcedures.CanUserModifyResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession))) { this.SafeOperationsButton.Enabled = false; } else { this.SafeOperationsButton.Enabled = true; } //Check if user has access to buttons on this panel /* SecurityProfileProcedures.ModifyButtonAccessBasedOnSecurityProfile(this.Controls, currUser, * ImageButtonControllerGroup.BUTTON_SUFFIX, * ImageButtonControllerGroup.BUTTON_TAGSEP, * ImageButtonControllerGroup.BUTTON_LEAF);*/ } }
private void ManageInventoryMenuPanel_VisibleChanged(object sender, EventArgs e) { if (!DesignMode && this.Visible) { /* UserVO currUser = CashlinxDesktopSession.Instance.LoggedInUserSecurityProfile; * * //Check if user has access to buttons on this panel * SecurityProfileProcedures.ModifyButtonAccessBasedOnSecurityProfile(this.Controls, currUser, * ImageButtonControllerGroup.BUTTON_SUFFIX, * ImageButtonControllerGroup.BUTTON_TAGSEP, * ImageButtonControllerGroup.BUTTON_LEAF); */ string btnName; var currUser = GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile; //Check if user has access to Assign Item Physical Location if (AssignItemPhysicalLocationButton.Enabled) { var idx = this.AssignItemPhysicalLocationButton.Name.IndexOf("Button", System.StringComparison.Ordinal); btnName = AssignItemPhysicalLocationButton.Name.Substring(0, idx).ToUpper(); this.AssignItemPhysicalLocationButton.Enabled = SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession); } //Check if user has access to Change Retail Price Item if (ChangePricingButton.Enabled) { //idx = this.ChangePricingButton.Name.IndexOf("Button"); //btnName = this.ChangePricingButton.Name.Substring(0, idx).ToUpper(); btnName = "CHANGERETAILPRICE"; this.ChangePricingButton.Enabled = SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession); } } }
private void GoToSecurityProfile(string sShopID, string sEmpName) { errorLabel.Text = string.Empty; string errorCode; string errorMesg; UserVO selectedEmployeeData; try { if (SecurityProfileProcedures.GetUserSecurityProfile(sEmpName, sShopID, "", "Y", GlobalDataAccessor.Instance.DesktopSession, out selectedEmployeeData, out errorCode, out errorMesg)) { GlobalDataAccessor.Instance.DesktopSession.SelectedUserProfile = selectedEmployeeData; NavControlBox.IsCustom = true; NavControlBox.CustomDetail = "EmployeeDetails"; NavControlBox.Action = NavBox.NavAction.BACKANDSUBMIT; } else { FileLogger.Instance.logMessage(LogLevel.ERROR, this, "Error in loading security profile for the selected employee " + errorCode + " " + errorMesg); } } catch (Exception ex) { FileLogger.Instance.logMessage(LogLevel.ERROR, this, "Error in loading security profile for the selected employee " + ex.Message); BasicExceptionHandler.Instance.AddException("Security profile could not be loaded for " + sEmpName, new ApplicationException()); } }
private void dataGridViewCustomerID_CellClick(object sender, DataGridViewCellEventArgs e) { if (e.RowIndex > -1) { if ((SecurityProfileProcedures.CanUserModifyResource("EDITGOVTIDTYPEAGENCY", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, GlobalDataAccessor.Instance.DesktopSession)) || (SecurityProfileProcedures.CanUserModifyResource("EDITGOVTIDNUMBER", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, GlobalDataAccessor.Instance.DesktopSession))) { addRowToEnter(e); } } }
private void UtilitiesMenuPanel_VisibleChanged(object sender, EventArgs e) { if (this.Visible && !DesignMode) { int idx; string btnName; var dSession = GlobalDataAccessor.Instance.DesktopSession; var currUser = dSession.LoggedInUserSecurityProfile; //Check if user has access to Customer Holds if (CustomerHoldsButton != null && CustomerHoldsButton.Enabled && !string.IsNullOrEmpty(CustomerHoldsButton.Name)) { idx = this.CustomerHoldsButton.Name.IndexOf("Button", StringComparison.Ordinal); btnName = CustomerHoldsButton.Name.Substring(0, idx).ToUpper(); this.CustomerHoldsButton.Enabled = (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, dSession)); } //Check if user has access to Police activities if (Police_ActivitiesButton != null && Police_ActivitiesButton.Enabled && !string.IsNullOrEmpty(Police_ActivitiesButton.Name)) { idx = this.Police_ActivitiesButton.Name.IndexOf("Button", StringComparison.Ordinal); btnName = Police_ActivitiesButton.Name.Substring(0, idx).ToUpper(); this.Police_ActivitiesButton.Enabled = SecurityProfileProcedures.CanUserViewResource(btnName, currUser, dSession); } /* // removed per CQ - 14915 * //Check if user has access to VOID * if (voidTransactionButton != null && voidTransactionButton.Enabled && !string.IsNullOrEmpty(voidTransactionButton.Name)) * { * idx = this.voidTransactionButton.Name.IndexOf("Button", StringComparison.Ordinal); * btnName = voidTransactionButton.Name.Substring(0, idx).ToUpper(); * this.voidTransactionButton.Enabled = SecurityProfileProcedures.CanUserViewResource(btnName, currUser, dSession); * } */ this.ManageInventoryButton.Enabled = true; this.ManageCashButton.Enabled = true; //if (TransferButton.Enabled) //{ // this.TransferButton.Enabled = (CashlinxDesktop.Desktop.CashlinxDesktopSession.Instance.LoggedInUserSafeAccess); //} //Check if user has permissions to modify security profile btnName = "UPDATE USER PROFILE RESOURCES CURRENT LOCATION ONLY"; const string multipleLocationResource = "UPDATE USER PROFILE RESOURCES MULTIPLE LOCATIONS"; if (Update_Security_ProfileButton != null && Update_Security_ProfileButton.Enabled) { this.Update_Security_ProfileButton.Enabled = ((SecurityProfileProcedures.CanUserModifyResource(btnName, currUser, dSession)) || SecurityProfileProcedures.CanUserModifyResource(multipleLocationResource, currUser, dSession)); } } }
private void addButton_Click(object sender, EventArgs e) { lblMessage.Text = ""; var errorCode = string.Empty; var errorText = string.Empty; //Get the shop roles that are valid from PWN_BR-097 List <string> validShopRoles = new List <string>(); bool retValue = new BusinessRulesProcedures(GlobalDataAccessor.Instance.DesktopSession).GetValidShopRoles(GlobalDataAccessor.Instance.CurrentSiteId, out validShopRoles); if (retValue) { if (SecurityProfileProcedures.AddVisitingEmployee(customTextBoxEmployeeNo.Text, "", GlobalDataAccessor.Instance.CurrentSiteId.StoreNumber, GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile.UserName, validShopRoles, GlobalDataAccessor.Instance.DesktopSession, out errorCode, out errorText)) { MessageBox.Show(@"Visiting employee successfully added"); Close(); } else { //Process the different error codes if (errorCode == "1") { errorText = "The employee number entered is invalid. Please try again."; } if (errorCode == "2") { errorText = "No Valid store id found"; } if (errorCode == "4") { errorText = "The user does not have a shop operations role. Please enter another employee number."; } if (errorCode == "6") { errorText = "Employee is already active in the store"; } if (errorCode == "7") { errorText = "The employee number entered is not active. Please enter another employee number"; } lblMessage.Text = errorText; return; } } else { FileLogger.Instance.logMessage(LogLevel.ERROR, this, "Business rule to load valid shop roles failed"); lblMessage.Text = @"Add Visiting employee failed"; return; } }
private void BuyMenuPanel_VisibleChanged(object sender, EventArgs e) { if (this.Visible && !DesignMode) { UserVO currUser = GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile; //Check if user has permissions to do returns on customer purchase string btnName = "CUSTOMERBUY"; this.CustomerBuyButton.Enabled = (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)); //Check if user has permissions to do vendor purchase btnName = "VENDORBUY"; this.VendorBuyButton.Enabled = (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)); } }
private void ChangePricingMenuPanel_VisibleChanged(object sender, EventArgs e) { if (!DesignMode && this.Visible) { var currUser = GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile; //Check if user has access to buttons on this panel SecurityProfileProcedures.ModifyButtonAccessBasedOnSecurityProfile(this.Controls, currUser, ImageButtonControllerGroup.BUTTON_SUFFIX, ImageButtonControllerGroup.BUTTON_TAGSEP, ImageButtonControllerGroup.BUTTON_LEAF, GlobalDataAccessor.Instance.DesktopSession); } }
private void UpdateCustomerDetails_Load(object sender, EventArgs e) { LoadDataInForm(); //SR 2/16/2010 Roles and resources check added //check the privileges of the logged in user to determine //if the user can edit any information if (!(SecurityProfileProcedures.CanUserModifyResource("UPDATESSN", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, GlobalDataAccessor.Instance.DesktopSession))) { this.labelSSN.Visible = false; this.custSSN.Visible = false; } this.custDateOfBirth.ErrorMessage = Commons.GetMessageString("InvalidDateOfBirth"); }
private void checkUserAccess() { //Check if user has access to PFI Create List var dSession = GlobalDataAccessor.Instance.DesktopSession; var currUser = dSession.LoggedInUserSecurityProfile; if (currUser != null) { int idx = this.PFICreateListButton.Name.IndexOf("Button", System.StringComparison.Ordinal); var btnName = PFICreateListButton.Name.Substring(0, idx).ToUpper(); if (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)) { idx = PFICreateListButton.Name.IndexOf("Button", StringComparison.Ordinal); btnName = PFICreateListButton.Name.Substring(0, idx).ToUpper(); PFICreateListButton.Enabled = SecurityProfileProcedures.CanUserViewResource(btnName, currUser, dSession); } //Check if user has access to PFI Verify idx = this.PFIVerifyButton.Name.IndexOf("Button", System.StringComparison.Ordinal); btnName = PFIVerifyButton.Name.Substring(0, idx).ToUpper(); if (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)) { idx = PFIVerifyButton.Name.IndexOf("Button", StringComparison.Ordinal); btnName = PFIVerifyButton.Name.Substring(0, idx).ToUpper(); PFIVerifyButton.Enabled = SecurityProfileProcedures.CanUserViewResource(btnName, currUser, dSession); } //Check if user has access to PFI Post idx = this.PFIPostButton.Name.IndexOf("Button", System.StringComparison.Ordinal); btnName = PFIPostButton.Name.Substring(0, idx).ToUpper(); if (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)) { idx = PFIPostButton.Name.IndexOf("Button", StringComparison.Ordinal); btnName = PFIPostButton.Name.Substring(0, idx).ToUpper(); PFIPostButton.Enabled = SecurityProfileProcedures.CanUserViewResource(btnName, currUser, dSession); } var isPFIMailersRequiredForState = new BusinessRulesProcedures(GlobalDataAccessor.Instance.DesktopSession).IsPFIMailersRequiredForState(GlobalDataAccessor.Instance.CurrentSiteId); if (isPFIMailersRequiredForState) { //Check if user has access to Print PFI Mailers idx = PrintPFIMailersButton.Name.IndexOf("Button", StringComparison.Ordinal); btnName = PrintPFIMailersButton.Name.Substring(0, idx).ToUpper(); PrintPFIMailersButton.Enabled = true; } } }
private void gvVisitingEmployees_CellContentClick(object sender, DataGridViewCellEventArgs e) { errorLabel.Text = ""; if (e.ColumnIndex == gvVisitingEmployees.Columns[colVisitingDelete.Name].Index || e.ColumnIndex == gvVisitingEmployees.Columns[colVisitingEmployeeNumber.Name].Index) { int iRowIdx = e.RowIndex; string strUserId = Utilities.GetStringValue(gvVisitingEmployees.Rows[iRowIdx].Cells[colVisitingUserId.Name].Value); string strEmpName = Utilities.GetStringValue(gvVisitingEmployees.Rows[iRowIdx].Cells[colVisitingEmpName.Name].Value); string strEmpRole = Utilities.GetStringValue(gvVisitingEmployees.Rows[iRowIdx].Cells[colVisitingEmployeeRole.Name].Value); if (e.ColumnIndex == gvVisitingEmployees.Columns[colVisitingDelete.Name].Index) { if (MessageBox.Show(@"Are you sure you want to delete this employee profile?", "User Confirmation", MessageBoxButtons.YesNo, MessageBoxIcon.Question) == DialogResult.Yes) { var sErrorCode = string.Empty; var sErrorText = string.Empty; bool retVal = SecurityProfileProcedures.DeleteEmployeeProfile(strUserId, "", _StoreNumber, _UserVO.UserName, GlobalDataAccessor.Instance.DesktopSession, out sErrorCode, out sErrorText); if (!retVal) { errorLabel.Text = sErrorText; } else { //Delete the employee row DataRow dr = _ShopVisitingEmployees.Rows.Find(strUserId); _ShopVisitingEmployees.Rows.Remove(dr); PopulateVisitingEmployees(); } } else { return; } } else { ROLEHIERARCHYLEVEL roleLevel = _UserVO.UserRole.CheckRoleHierarchy(strEmpRole); if (roleLevel == ROLEHIERARCHYLEVEL.GREATER) { GoToSecurityProfile(_StoreNumber, strEmpName); } else { MessageBox.Show(@"You cannot change the security profile for a user in an equal or higher role"); } } } }
private void RefundReturnMenuPanel_VisibleChanged(object sender, EventArgs e) { if (this.Visible && !DesignMode) { //Check if user has permissions to do returns on customer purchase UserVO currUser = GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile; string btnName = "RETURNCUSTOMERBUY"; this.ReturnCustomerBuyButton.Enabled = (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)); btnName = "RETURNVENDORBUY"; ReturnVendorBuyButton.Enabled = (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)); btnName = "RETAILSALEREFUND"; this.RefundSaleButton.Enabled = (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)); btnName = "LAYAWAYPAYMENTREFUND"; this.RefundLayawayButton.Enabled = (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)); } }
/*__________________________________________________________________________________________*/ private void UpdateCommentsandNotes_Load(object sender, EventArgs e) { ownerFrm = this.Owner; NavControlBox.Owner = this; CustToEdit = GlobalDataAccessor.Instance.DesktopSession.ActiveCustomer; if (_viewCommentsandNotes) { this.customButtonCancel.Visible = false; //this.customButtonClose.Visible = true; //this.customButtonReset.Visible = false; //this.customButtonSubmit.Visible = false; this.customDataGridViewComments.ReadOnly = true; } else { this.customButtonCancel.Visible = true; //this.customButtonClose.Visible = false; //this.customButtonReset.Visible = true; //this.customButtonSubmit.Visible = true; this.customDataGridViewComments.ReadOnly = false; } _strUser = GlobalDataAccessor.Instance.DesktopSession.UserName; _strStoreNumber = GlobalDataAccessor.Instance.CurrentSiteId.StoreNumber; _strDate = ShopDateTime.Instance.ShopDate.ToString(); //Load the comments data LoadCommentsData(); //check the privileges of the logged in user to determine //if the user can edit comments or only add comments if (!(SecurityProfileProcedures.CanUserModifyResource("EDITCOMMENTS", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, GlobalDataAccessor.Instance.DesktopSession))) { userCanEdit = false; foreach (DataGridViewRow dgvr in customDataGridViewComments.Rows) { dgvr.ReadOnly = true; } } else { userCanEdit = true; } }
private void GunBookMenuPanel_VisibleChanged(object sender, EventArgs e) { if (!DesignMode && this.Visible) { var currUser = GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile; //check if user has access to gun book utilities if (GunBookPrintButton.Enabled) { const string btnName = "PRINT GUN BOOK IN CURRENT LOCATION"; this.GunBookPrintButton.Enabled = (SecurityProfileProcedures.CanUserViewResource(btnName, currUser, GlobalDataAccessor.Instance.DesktopSession)); } //Check if user has access to buttons on this panel /* SecurityProfileProcedures.ModifyButtonAccessBasedOnSecurityProfile(this.Controls, currUser, * ImageButtonControllerGroup.BUTTON_SUFFIX, * ImageButtonControllerGroup.BUTTON_TAGSEP, * ImageButtonControllerGroup.BUTTON_LEAF);*/ } }
private void GetEmployeeProfiles() { string sErrorCode; string sErrorText; try { if (SecurityProfileProcedures.ExecuteGetEmployeeProfileHeader(_UserVO.UserName , null , _StoreNumber , out _ShopVisitingEmployees , out sErrorCode , out sErrorText)) { if (sErrorCode == "0") { _ShopVisitingEmployees.DefaultView.Sort = "employeenumber"; DataColumn[] key = new DataColumn[1]; key[0] = _ShopVisitingEmployees.Columns["userid"]; _ShopVisitingEmployees.PrimaryKey = key; PopulateShopEmployees(); PopulateVisitingEmployees(); } else { errorLabel.Text = sErrorText; } } else { errorLabel.Text = sErrorText; } } catch (Exception ex) { FileLogger.Instance.logMessage(LogLevel.ERROR, this, "Error getting employee profile header" + ex.Message); BasicExceptionHandler.Instance.AddException("Error getting employee profile header", new ApplicationException()); } }
private void dataGridViewCustomerID_CellContentClick(object sender, DataGridViewCellEventArgs e) { if (e.RowIndex > -1) { if (dataGridViewCustomerID.Rows[e.RowIndex].IsNewRow) { if ((SecurityProfileProcedures.CanUserModifyResource("EDITGOVTIDTYPEAGENCY", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, GlobalDataAccessor.Instance.DesktopSession)) || (SecurityProfileProcedures.CanUserModifyResource("EDITGOVTIDNUMBER", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, GlobalDataAccessor.Instance.DesktopSession))) { changeCellDataToEdit(e); } } else { changeCellDataToEdit(e); } } if (dataValid) { dataGridViewCustomerID.RowHeadersVisible = false; } }
private void PawnMenuPanel_VisibleChanged(object sender, EventArgs e) { if (this.Visible && !DesignMode) { //Check if user has access to New Pawn Loan var dSession = GlobalDataAccessor.Instance.DesktopSession; var currUser = dSession.LoggedInUserSecurityProfile; var newPawnLoanButton = this.NewPawnLoanButton; if (newPawnLoanButton != null) { var idx = newPawnLoanButton.Name.IndexOf("Button", System.StringComparison.Ordinal); var btnName = NewPawnLoanButton.Name.Substring(0, idx).ToUpper(); if (!(SecurityProfileProcedures.CanUserViewResource(btnName, currUser, dSession))) { newPawnLoanButton.Enabled = false; } else { newPawnLoanButton.Enabled = true; } } } }
/// <summary> /// Function to to check if the user is authorized to override /// </summary> /// <param name="userName"></param> /// <returns></returns> private bool checkRole(string userName) { string errorCode; string errorMesg; //Get the security profile of the user whose credentials were entered in the override form if (SecurityProfileProcedures.GetUserSecurityProfile(userName, GlobalDataAccessor.Instance.CurrentSiteId.StoreNumber, null, "N", GlobalDataAccessor.Instance.DesktopSession, out managerUserProfile, out errorCode, out errorMesg)) { //check if the manager whose credentials were entered //has modify access on the override resource //return true if yes and false if not if (SecurityProfileProcedures.CanUserModifyResource("OVERRIDE", managerUserProfile, GlobalDataAccessor.Instance.DesktopSession)) { //If the override type is for new pawn loan override //check that the overriding user's limits allow override var managerLimit = 0.0m; if (ManagerOverrideTypes[0] == ManagerOverrideType.NLO) { if (!(SecurityProfileProcedures.CanUserOverridePawnLoanLimit(managerUserProfile, _OverrideAmount[0], GlobalDataAccessor.Instance.DesktopSession, new BusinessRulesProcedures(GlobalDataAccessor.Instance.DesktopSession), out managerLimit))) { MessageBox.Show(@"The amount to override exceeds the amount you can override. Your override limit is " + managerLimit); return(false); } } if (ManagerOverrideTypes[0] == ManagerOverrideType.PURO) { if (!(SecurityProfileProcedures.CanUserOverrideBuyLimit(managerUserProfile, _OverrideAmount[0], out managerLimit))) { MessageBox.Show(@"The amount to override exceeds the amount you can override. Your override limit is " + managerLimit); return(false); } } return(true); } } return(false); }
public void populateCustomerIdentification(List <IdentificationVO> custIds) { dataGridViewCustomerID.Rows.Clear(); string idTypeDesc; string idIssuer; string idNumber; string idExpiryDate; string identId; if (custIds.Count > 0) { foreach (var custid in custIds) { idTypeDesc = custid.DatedIdentDesc; if (Commons.IsStateIdDescription(idTypeDesc)) { idIssuer = custid.IdIssuerCode; } else { idIssuer = custid.IdIssuer; } idNumber = custid.IdValue; if (custid.IdExpiryData == DateTime.MaxValue) { idExpiryDate = string.Empty; } else { idExpiryDate = (custid.IdExpiryData).FormatDate(); } identId = custid.IdentId; var idtypecell = new DataGridViewTextBoxCell(); var issuercell = new DataGridViewTextBoxCell(); var numbercell = new DataGridViewTextBoxCell(); var expirationcell = new DataGridViewTextBoxCell(); var identidcell = new DataGridViewTextBoxCell(); numbercell.MaxInputLength = 20; expirationcell.MaxInputLength = 10; idtypecell.Value = idTypeDesc; issuercell.Value = idIssuer; numbercell.Value = idNumber; expirationcell.Value = idExpiryDate; identidcell.Value = identId; var dgRow = new DataGridViewRow(); dgRow.Cells.Insert(0, idtypecell); dgRow.Cells.Insert(1, issuercell); dgRow.Cells.Insert(2, numbercell); dgRow.Cells.Insert(3, expirationcell); dgRow.Cells.Insert(4, identidcell); dataGridViewCustomerID.Rows.Add(dgRow); } //SR 2/16/2010 Roles and resources check added //check the privileges of the logged in user to determine //if the user can edit id type and agency if (!(SecurityProfileProcedures.CanUserModifyResource("EDITGOVTIDTYPEAGENCY", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, GlobalDataAccessor.Instance.DesktopSession))) { dataGridViewCustomerID.Columns[0].ReadOnly = true; dataGridViewCustomerID.Columns[1].ReadOnly = true; } //check the privileges of the logged in user to determine //if the user can edit id number if (!(SecurityProfileProcedures.CanUserModifyResource("EDITGOVTIDNUMBER", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, GlobalDataAccessor.Instance.DesktopSession))) { dataGridViewCustomerID.Columns[2].ReadOnly = true; } } }
private void CustomerReplace_Load(object sender, EventArgs e) { gunBookData = GlobalDataAccessor.Instance.DesktopSession.GunData; if (gunBookData != null && gunBookData.Rows.Count > 0) { if (GlobalDataAccessor.Instance.DesktopSession.GunAcquireCustomer) { string acquireCustNumber = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_customer_number"]); customerNumber.Text = acquireCustNumber; string acquireCustFirstName = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_first_name"]); string acquireCustLastName = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_last_name"]); string acquireCustMiddleName = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_middle_initial"]); currentName.Text = string.Format("{0} {1} {2}", acquireCustFirstName, acquireCustMiddleName, acquireCustLastName); string acquireCustomerAddress1 = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_address"]); address1.Text = acquireCustomerAddress1; string acquireCustomerCity = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_city"]); string acquireCustomerState = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_state"]); string acquireCustomerZipcode = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_postal_code"]); address2.Text = string.Format("{0},{1} {2}", acquireCustomerCity, acquireCustomerState, acquireCustomerZipcode); string acquireCustIDType = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_id_type"]); string acquireCustIDNumber = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_id_number"]); string acquireCustIDAgency = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_id_agency"]); id.Text = string.Format("{0} {1} {2}", acquireCustIDType, acquireCustIDAgency, acquireCustIDNumber); } else { string dispositionCustNumber = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_customer_number"]); customerNumber.Text = dispositionCustNumber; string dispositionCustLastName = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_last_name"]); string dispositionCustFirstName = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_first_name"]); string dispositionCustMiddleName = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_middle_initial"]); currentName.Text = string.Format("{0} {1} {2}", dispositionCustFirstName, dispositionCustMiddleName, dispositionCustLastName); string dispositionCustomerAddress1 = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_address"]); address1.Text = dispositionCustomerAddress1; string dispositionCustomerCity = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_city"]); string dispositionCustomerState = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_state"]); string dispositionCustomerZipcode = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_postal_code"]); address2.Text = string.Format("{0},{1} {2}", dispositionCustomerCity, dispositionCustomerState, dispositionCustomerZipcode); string dispositionCustIDType = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_id_type"]); string dispositionCustIDAgency = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_id_agency"]); string dispositionCustIDNumber = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_id_number"]); id.Text = string.Format("{0} {1} {2}", dispositionCustIDType, dispositionCustIDAgency, dispositionCustIDNumber); } } if (!SecurityProfileProcedures.CanUserModifyResource("EDIT RESTRICTED GUN BOOK FIELDS", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, GlobalDataAccessor.Instance.DesktopSession)) { tableLayoutPanel2.Visible = false; } else { idEditResource = true; } if (GlobalDataAccessor.Instance.DesktopSession.CustomerEditType == CustomerType.RECEIPT) { label1.Text = "Edit Receipt Customer Information"; } else if (GlobalDataAccessor.Instance.DesktopSession.CustomerEditType == CustomerType.DISPOSITION) { label1.Text = "Edit Disposition Customer Information"; } else { this.label1.Text = GlobalDataAccessor.Instance.DesktopSession.GunAcquireCustomer ? "Replace Receipt Customer Information" : "Replace Disposition Customer Information"; } if (GlobalDataAccessor.Instance.DesktopSession.ActiveCustomer != null && !string.IsNullOrEmpty(GlobalDataAccessor.Instance.DesktopSession.ActiveCustomer.CustomerNumber)) { newCustomer = GlobalDataAccessor.Instance.DesktopSession.ActiveCustomer; if (newCustomer.DateOfBirth != DateTime.MaxValue && newCustomer.Age <= 18) { DialogResult dgr = MessageBox.Show("This customer does not meet the age criteria for firearm transactions. An audit event will be generated. Do you want to continue?", "Firearm Eligibility", MessageBoxButtons.YesNo); if (dgr == DialogResult.No) { NavControlBox.Action = NavBox.NavAction.CANCEL; } } labelCustNumber.Text = newCustomer.CustomerNumber; customTextBoxFirstName.Text = newCustomer.FirstName; customTextBoxLastName.Text = newCustomer.LastName; customTextBoxInitial.Text = newCustomer.MiddleInitial; ComboBox custstate = (ComboBox)state1.Controls[0]; AddressVO custAddr = newCustomer.getHomeAddress(); if (custAddr != null) { customTextBoxAddr1.Text = custAddr.Address1; customTextBoxAddr2.Text = custAddr.Address2; foreach (USState currstate in custstate.Items) { if (currstate.ShortName == custAddr.State_Code) { custstate.SelectedIndex = custstate.Items.IndexOf(currstate); break; } } customTextBoxCity.Text = custAddr.City; zipcode1.Text = custAddr.ZipCode; } IdentificationVO firstIdentity = newCustomer.getFirstIdentity(); //Populate the id details if the first identity cursor is not empty if (firstIdentity != null) { strIdentIssuerName = firstIdentity.IdIssuer; strIdentNumber = firstIdentity.IdValue; ComboBox custId = (ComboBox)this.pwnapp_identificationtype.Controls[0]; foreach (ComboBoxData idtype in custId.Items) { if (idtype.Code == firstIdentity.IdType) { custId.SelectedIndex = custId.Items.IndexOf(idtype); break; } } } else { pwnapp_identificationexpirationdate.Enabled = false; pwnapp_identificationnumber.Enabled = false; } } }
private void CreateVendor_Load(object sender, EventArgs e) { this.NavControlBox.Owner = this; var gSess = GlobalDataAccessor.Instance; var dSession = gSess.DesktopSession; strStoreNumber = gSess.CurrentSiteId.StoreNumber; strUserId = dSession.UserName; currentSearchData = dSession.LookupCriteria; if (dSession.ActiveVendor != null && !dSession.ActiveVendor.NewVendor) { vendor = GlobalDataAccessor.Instance.DesktopSession.ActiveVendor; PopulateVendor(vendor); if (!vendor.CreationStore.Equals(gSess.CurrentSiteId.StoreNumber)) { vendInfoPanel.Enabled = false; if (GlobalDataAccessor.Instance.DesktopSession.VenderFFLRequired) { corporateFFLLabel.Visible = true; customButtonSubmit.Enabled = false; } else { corporateFFLLabel.Visible = false; } } else { const string resourceName = "EDITVENDOR"; var currUser = GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile; if (!(SecurityProfileProcedures.CanUserViewResource(resourceName, currUser, dSession))) { vendInfoPanel.Enabled = false; } } if (!(vendInfoPanel.Enabled)) { customButtonSubmit.Text = "Continue"; if (GlobalDataAccessor.Instance.DesktopSession.VenderFFLRequired && !Utilities.IsValidFFL(ffl.Text)) { customButtonSubmit.Enabled = false; } } } else if (GlobalDataAccessor.Instance.DesktopSession.VenderFFLRequired && GlobalDataAccessor.Instance.DesktopSession.ActiveVendor != null && CashlinxDesktopSession.Instance.ActiveVendor.NewVendor) { vendor = GlobalDataAccessor.Instance.DesktopSession.ActiveVendor; PopulateVendor(vendor); } else if (currentSearchData != null) { this.name.Text = currentSearchData.VendName; //this.taxID.Text = currentSearchData.TaxID; this.taxID.Enabled = false; } this.zipcode.stateChanging += this.state.dependentTextChanged; this.zipcode.cityChanging += city.dependentTextChanged; this.name.Focus(); }
/// <summary> /// Function to call LDAP to validate the user /// </summary> /// <param name="userName"></param> /// <param name="password"></param> /// <returns></returns> private bool callLdap(string userName, string password) { if (GlobalDataAccessor.Instance.DesktopSession.IsSkipLDAP) { return(true); } //See if ldap is enabled var ldapObj = PawnLDAPAccessor.Instance; if (ldapObj.State == PawnLDAPAccessor.LDAPState.CONNECTED) { var refCount = 0; bool lockedOut; DateTime lastModified; string[] pwdHistory; if (ldapObj.AuthorizeUser( userName, password, ref refCount, out lastModified, out pwdHistory, out userDisplayName, out lockedOut)) { if (lockedOut) { MessageBox.Show( "You are now locked out of the system. Please call Shop System Support", "Application Security"); return(false); } } else { return(false); } if (TransferToSafe) { string errorCode; string errorMesg; UserVO transferUser; if (!SecurityProfileProcedures.GetUserSecurityProfile(userName, GlobalDataAccessor.Instance.CurrentSiteId.StoreNumber, "", "N", GlobalDataAccessor.Instance.DesktopSession, out transferUser, out errorCode, out errorMesg)) { BasicExceptionHandler.Instance.AddException( "Security Profile could not be loaded for the logged in user. Cannot Authorize", new ApplicationException()); MessageBox.Show( "User's security profile could not be loaded. Exiting the application"); return(false); } //Check if the user who logged in for destination has safe access if //the transfer is done to safe from cash drawer if (SecurityProfileProcedures.CanUserModifyResource( "SAFEMANAGEMENT", transferUser, GlobalDataAccessor.Instance.DesktopSession)) { transferUserSafeAccess = true; } } } else { FileLogger.Instance.logMessage(LogLevel.ERROR, this, "Cannot validate destination cash drawer user. The LDAP connection is not active"); BasicExceptionHandler.Instance.AddException("Cannot authorize transfer. The LDAP connection is not active", new ApplicationException()); } return(true); }
//Call to login the user and get their security profile /*__________________________________________________________________________________________*/ public override void PerformAuthorization(bool chgUsrPasswd) { var password = string.Empty; var username = string.Empty; if (!this.skipLDAP) { LoggedInUserSecurityProfile = new UserVO(); this.userState = UserDesktopState.NOTLOGGEDIN; //procMsgFormPwd.Show(); //Ensure the LDAP is connected if (PawnLDAPAccessor.Instance.State == PawnLDAPAccessor.LDAPState.DISCONNECTED) { string loginDN; string pwdPolicyCN; string searchDN; string userIdKey; string userPwd; var conf = SecurityAccessor.Instance.EncryptConfig; var ldapService = conf.GetLDAPService( out loginDN, out searchDN, out userIdKey, out userPwd, out pwdPolicyCN); //Initialize LDAP connection PawnLDAPAccessor.Instance.InitializeConnection( conf.DecryptValue(ldapService.Server), conf.DecryptValue(ldapService.Port), loginDN, userPwd, pwdPolicyCN, searchDN, userIdKey); } var attemptCount = 1; do { bool lockedOut; bool needPasswordChange; bool wantsPasswordChange; //var username = string.Empty; var fullAuth = this.PerformLDAPAuthentication( ref attemptCount, ref username, ref password, out lockedOut, out needPasswordChange, out wantsPasswordChange); int outVal = 1; string errCode = string.Empty, errTxt; if (LoginCancel) { try { Application.Exit(); } catch { throw new ApplicationException( "Application has exited due to security violation"); } finally { throw new ApplicationException( "Application has exited due to security violation"); } } if ((!LoginCancel && fullAuth) || (fullAuth && chgUsrPasswd)) { //Check if the user wants to change the password if (wantsPasswordChange || chgUsrPasswd) { var chngPwdForm = new UserChangePassword( PawnLDAPAccessor.Instance.PasswordPolicy, password); DialogResult pwdResult = chngPwdForm.ShowDialog(); if (pwdResult == DialogResult.OK) { password = chngPwdForm.EnteredNewPassword; } } var retVal = true; //int outVal = 1; //var errCode = "0"; //TODO: Update with reference to shared data procedure project when ready // retVal = ShopProcedures.ExecuteUpdateSelectUserInfoActivated( // username.ToLowerInvariant(), -1, out outVal, out errCode, out errTxt); errCode = "0"; if (retVal == false || outVal == 0 || errCode != "0") { MessageBox.Show( "The system has determined that you are not an active user. " + "Please contact Shop System Support. " + "The application will now exit.", "Application Security", MessageBoxButtons.OK, MessageBoxIcon.Stop); try { Application.Exit(); } catch { throw new ApplicationException( "Application has exited due to security violation"); } finally { throw new ApplicationException( "Application has exited due to security violation"); } } } if (!LoginCancel && fullAuth == false) { if (lockedOut) { //TODO: Link to shared data procedures project when ready //ShopProcedures.ExecuteUpdateSelectUserInfoActivated( // username.ToLowerInvariant(), 0, out outVal, out errCode, out errTxt); MessageBox.Show( "The maximum number of attempted failed logins has been exceeded. " + "The user account is now locked. " + "Please contact Shop System Support. " + "The application will now exit.", "Application Security", MessageBoxButtons.OK, MessageBoxIcon.Stop); try { Application.Exit(); } catch { throw new ApplicationException( "Application has exited due to security violation"); } finally { throw new ApplicationException( "Application has exited due to security violation"); } } if (needPasswordChange) { //Invoke password change form //Do not increment attempt count var uPwdForm = new UserChangePassword( PawnLDAPAccessor.Instance.PasswordPolicy, password); DialogResult pwdResult = uPwdForm.ShowDialog(); if (pwdResult == DialogResult.OK) { this.userState = UserDesktopState.LOGGEDIN; password = uPwdForm.EnteredNewPassword; } else { MessageBox.Show( "You must change your password before you will be " + "allowed to log in to the application. " + "The application will now exit.", "Application Security", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); try { Application.Exit(); } catch { throw new ApplicationException( "Application has exited due to user not changing their password"); } finally { throw new ApplicationException( "Application has exited due to user not changing their password"); } } } } if (!LoginCancel && fullAuth == false) { this.userState = UserDesktopState.NOTLOGGEDIN; DialogResult dR = MessageBox.Show( "You have entered invalid credentials. " + "This is your " + (attemptCount.FormatNumberWithSuffix()) + " attempt. " + "Would you like to retry?", "Application Security", MessageBoxButtons.RetryCancel, MessageBoxIcon.Stop); attemptCount++; if (dR == DialogResult.Cancel) { try { Application.Exit(); } catch { throw new ApplicationException( "Application has exited due to security violation"); } finally { throw new ApplicationException( "Application has exited due to security violation"); } } } else { break; } }while (this.userState != UserDesktopState.LOGGEDIN); } if (!LoginCancel && this.userState == UserDesktopState.LOGGEDIN) { //UpdateDesktopUserName(this.desktopForm); //Get role information //The logged in user's security profile will be stored in LoggedInUserSecurityProfile object after the call //TODO: Change to select store prior to getting user security profile //UpdateDesktopUserName(this.desktopForm); if (userState == UserDesktopState.LOGGEDIN) { //Set the password in the users security profile LoggedInUserSecurityProfile.UserCurrentPassword = password; LoggedInUserSecurityProfile.UserID = username; string errorCode = string.Empty; string errorMesg = string.Empty; if (!SecurityProfileProcedures.GetUserSecurityProfile(FullUserName, "", CurrentSiteId.StoreNumber, "N", this, out errorCode, out errorMesg)) { BasicExceptionHandler.Instance.AddException( "Security Profile could not be loaded for the logged in user. Cannot Authorize", new ApplicationException()); MessageBox.Show( "User's security profile could not be loaded. Exiting the application"); Application.Exit(); } } } procMsgFormPwd.Close(); procMsgFormPwd.Dispose(); }
private void submitButton_Click(object sender, EventArgs e) { if (!isFormValid) { MessageBox.Show(@"Fix the errors in the form and submit. " + System.Environment.NewLine + errorMessages.ToString()); return; } //Process added resources List <string> resourcesToAdd = new List <string>(); foreach (string resName in addedResource) { string name = resName; var resData = (from resource in loggedInUser.UserResources where resource.ResourceName == name select resource).FirstOrDefault(); if (resData != null) { resourcesToAdd.Add(resData.ResourceID); resourcesToAdd.Add("Y"); resourcesToAdd.Add(resData.ResourceMask.ToString()); } } List <string> resourcesToRemove = new List <string>(); foreach (string resName in removedResource) { string name = resName; var resData = (from resource in _UserVO.UserResources where resource.ResourceName == name select resource).FirstOrDefault(); if (resData != null) { resourcesToRemove.Add(resData.ResourceID); resourcesToRemove.Add("N"); resourcesToRemove.Add(resData.ResourceMask.ToString()); } } List <string> resourcesToModify = new List <string>(); resourcesToModify.AddRange(resourcesToAdd); resourcesToModify.AddRange(resourcesToRemove); List <string> limitsToModify = new List <string>(); foreach (DataGridViewRow dgvr in gvLimits.Rows) { string editedValue = dgvr.Cells[2].EditedFormattedValue.ToString(); if (editedValue.Contains("$")) { editedValue = editedValue.Remove(0, 1); } decimal limitData = Utilities.GetDecimalValue(editedValue, 0); int prodoffid = Utilities.GetIntegerValue(dgvr.Cells[0].Value, 0); int roleLimitId = Utilities.GetIntegerValue(dgvr.Cells[3].Value, 0); var userLimitData = (from limit in selectedUserLimits where limit.ProdOfferingId == prodoffid && string.IsNullOrEmpty(limit.StoreID) select limit).FirstOrDefault(); if (userLimitData != null) { if (userLimitData.Limit != limitData) { limitsToModify.Add(userLimitData.ProdOfferingId.ToString()); limitsToModify.Add(limitData.ToString()); } } else { limitsToModify.Add(prodoffid.ToString()); if (roleLimitId == 0) { limitsToModify.Add(limitData.ToString()); } else { limitsToModify.Add(limitData == maxLoanStateLimit ? "-1" : limitData.ToString()); } } } string errorCode; string errorText; //Call update employee profile SP GlobalDataAccessor.Instance.beginTransactionBlock(); bool retValue = SecurityProfileProcedures.UpdateEmployeeProfile(_UserVO.UserID, "", _ShopID, loggedInUser.UserName, resourcesToModify, limitsToModify, GlobalDataAccessor.Instance.DesktopSession, out errorCode, out errorText); if (retValue) { MessageBox.Show(@"Successfully updated user profile"); GlobalDataAccessor.Instance.endTransactionBlock(EndTransactionType.COMMIT); } else { MessageBox.Show(errorText); GlobalDataAccessor.Instance.endTransactionBlock(EndTransactionType.ROLLBACK); } NavControlBox.Action = NavBox.NavAction.BACKANDSUBMIT; }
private void GetResourcesDataForSelectedUserInStore() { listBoxAssigned.Items.Clear(); resourcesAvailableListBox.Items.Clear(); selectedUserResources = SecurityProfileProcedures.GetListOfResources(_UserVO, _ShopID); loggedinUserAllResources = SecurityProfileProcedures.GetListOfResources(loggedInUser, _ShopID); selectedUserOnlyResources = new List <string>(); List <string> userResources = new List <string>(); //Populate the assigned resources list foreach (string s in selectedUserResources) { userResources.Add(s); } foreach (string s in userResources) { string s1 = s; string resourceName = (from actorResource in loggedinUserAllResources where actorResource == s1 select actorResource).FirstOrDefault(); if (string.IsNullOrEmpty(resourceName)) { selectedUserOnlyResources.Add(s1); } } if (loggedinUserAllResources.Count > selectedUserResources.Count) { foreach (string s in loggedinUserAllResources) { string s1 = s; string resourceName = (from actorResource in userResources where actorResource == s1 select actorResource).FirstOrDefault(); if (string.IsNullOrEmpty(resourceName)) { loggedinUserOnlyResources.Add(s1); } } } userResources.Sort(); loggedinUserOnlyResources.Sort(); selectedUserOnlyResources.Sort(); listBoxAssigned.Items.AddRange(userResources.ToArray()); //customListBoxAssigned.Items.AddRange(selectedUserOnlyResources.ToArray()); //populate the available resources list List <string> availableResources = loggedinUserOnlyResources; resourcesAvailableListBox.Items.AddRange(availableResources.ToArray()); updateButtons(_Change_Resources, _Change_Limits); if (_ShopID != GlobalDataAccessor.Instance.CurrentSiteId.StoreNumber) { resourcesAvailableListBox.Enabled = false; listBoxAssigned.Enabled = false; } else { resourcesAvailableListBox.Enabled = true; listBoxAssigned.Enabled = true; } }
/*__________________________________________________________________________________________*/ private void IH_ItemHistoryDataGridView_CellMouseUp(object sender, DataGridViewCellMouseEventArgs e) { bool enableAddItem = true; if (e.ColumnIndex >= 0 && e.RowIndex >= 0) { _ActiveTicketNumber = Utilities.GetIntegerValue(IH_ItemHistoryDataGridView.Rows[e.RowIndex].Cells[IH_History_TktNo.Name].Value, 0); int docType = int.Parse(((string)IH_ItemHistoryDataGridView.Rows[e.RowIndex].Cells[0].Value).Substring(12, 1)); string selectedICN = Utilities.GetStringValue(IH_ItemHistoryDataGridView.Rows[e.RowIndex].Cells[0].Value); string status = IH_ItemHistoryDataGridView.Rows[e.RowIndex].Cells[ IH_History_ItemStatusColumn.Name].Value.ToString(); if (e.ColumnIndex == 0) { // string docType = // IH_ItemHistoryDataGridView.Rows[e.RowIndex].Cells[IH_History_DocType.Name]. // Value.ToString(); switch (status) { case "SOLD": if (GlobalDataAccessor.Instance.DesktopSession.CustomerHistorySales != null) { Sale_dialog sd = new Sale_dialog(GlobalDataAccessor.Instance.DesktopSession.CustomerHistorySales.Find (l => l.TicketNumber == _ActiveTicketNumber)); sd.ShowDialog(); } break; case "On Layaway": if (GlobalDataAccessor.Instance.DesktopSession.CustomerHistoryLayaways != null) { LayawayVO ly = GlobalDataAccessor.Instance.DesktopSession.CustomerHistoryLayaways.Find (l => l.TicketNumber == _ActiveTicketNumber); Receipt r; if (ly.Receipts.Count > 0) { r = ly.Receipts[0]; } else { r = new Receipt(); } Layaway_dialog ld = new Layaway_dialog(ly, r); ld.ShowDialog(); } break; case "REF": SaleRefund_Dialog srd = new SaleRefund_Dialog(GlobalDataAccessor.Instance.DesktopSession.CustomerHistorySales.Find (l => l.TicketNumber == _ActiveTicketNumber)); srd.ShowDialog(); break; default: if (GlobalDataAccessor.Instance.DesktopSession.CustomerHistoryPurchases != null && docType == 2) { PurchaseHistory_Dialog d = new PurchaseHistory_Dialog(GlobalDataAccessor.Instance.DesktopSession.CustomerHistoryPurchases.Find(l => l.TicketNumber == _ActiveTicketNumber), 0, status); if (d.isSetup) { d.ShowDialog(); } } else if (status.ToUpper() == "VOID") { if (docType == 1) { PawnLoan pawnLoan = Utilities.CloneObject(GlobalDataAccessor.Instance.DesktopSession.CustomerHistoryLoans.Find(l => l.TicketNumber == _ActiveTicketNumber)); ProductHistory_Dialog productHistory = new ProductHistory_Dialog(pawnLoan, 0); productHistory.ShowDialog(); } else if (docType == 2) { PurchaseHistory_Dialog d = new PurchaseHistory_Dialog( GlobalDataAccessor.Instance.DesktopSession.CustomerHistoryPurchases.Find( l => l.TicketNumber == _ActiveTicketNumber), 0, status); d.ShowDialog(); } } else { var pawnLoan = Utilities.CloneObject(GlobalDataAccessor.Instance.DesktopSession.CustomerHistoryLoans.Find(l => l.TicketNumber == _ActiveTicketNumber)); var productHistory = new ProductHistory_Dialog(pawnLoan, 0); productHistory.ShowDialog(); } break; } } if (docType == 1) { PawnLoan pawnLoan = Utilities.CloneObject(GlobalDataAccessor.Instance.DesktopSession.CustomerHistoryLoans.Find(l => l.TicketNumber == _ActiveTicketNumber)); var gunItems = pawnLoan.Items.Find(i => i.GunNumber > 0 && i.Icn == selectedICN); if (gunItems != null) { enableAddItem = false; } } _ActiveICN = Utilities.GetStringValue(IH_ItemHistoryDataGridView.Rows[e.RowIndex].Cells[IH_History_TransactionNumberColumn.Name].Value, ""); string sLoanStatus = Utilities.GetStringValue(IH_ItemHistoryDataGridView.Rows[e.RowIndex].Cells[IH_History_ItemStatusColumn.Name].Value, ""); PairType <ProductStatus, string> pairType = GlobalDataAccessor.Instance.DesktopSession.LoanStatus .First(pt => pt.Right == sLoanStatus); if (pairType.Left == ProductStatus.PU) { const string resName = "NEWPAWNLOAN"; UserVO currUser = GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile; IH_AddItemToNewPawnLoan.Enabled = SecurityProfileProcedures.CanUserViewResource(resName, currUser, GlobalDataAccessor.Instance.DesktopSession); IH_AddItemToNewPawnLoan.Enabled = enableAddItem; } else { IH_AddItemToNewPawnLoan.Enabled = false; } } }
private void SecurityProfile_Load(object sender, EventArgs e) { try { this.NavControlBox.Owner = this; limitsErrorLabel.Text = ""; resourcesErrorLabel.Text = ""; addedResource = new List <string>(); removedResource = new List <string>(); errorMessages = new StringBuilder(); isFormValid = true; _UserVO = GlobalDataAccessor.Instance.DesktopSession.SelectedUserProfile; employeeNumberLabel.Text = !string.IsNullOrEmpty(_UserVO.EmployeeNumber) ? _UserVO.EmployeeNumber : ""; employeeRoleLabel.Text = _UserVO.UserFirstName + " " + _UserVO.UserLastName + " " + _UserVO.UserRole.RoleName; homeShopIDLabel.Text = _UserVO.FacNumber ?? ""; limitsLastUpdated.Text = _UserVO.LastUpdatedDate.ToShortDateString(); _userStores = _UserVO.ProfileStores; _ShopID = GlobalDataAccessor.Instance.CurrentSiteId.StoreNumber; if (_userStores.Count > 0 && _userStores[0] != null) { foreach (string s in _userStores) { shopIDComboBox.Items.Add(s); } } //TODO: Fix THIS!!!! Should be a static method call!!!!!!!!! new BusinessRulesProcedures(GlobalDataAccessor.Instance.DesktopSession).GetMaxLoanLimit(CashlinxDesktopSession.Instance.CurrentSiteId, out maxLoanStateLimit); loggedInUser = GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile; loggedinUserLimits = new List <LimitsVO>(); //Populate the limits list //Get the limits of the logged in user loggedinUserLimits = SecurityProfileProcedures.GetListOfLimits(loggedInUser, _ShopID); List <ServiceOffering> serviceOfferings = GlobalDataAccessor.Instance.DesktopSession.ServiceOfferings; foreach (ResourceVO rVo in loggedInUser.UserResources) { ResourceVO vo = rVo; var sOffering = (from servOffering in serviceOfferings where servOffering.ServiceOfferingID == vo.ResourceID select servOffering).FirstOrDefault(); if (sOffering.ServiceOfferingID != null) { //Check if that limit is there in loggedinuserlimits var limitData = (from limit in loggedinUserLimits where limit.ServiceOffering == sOffering.ServiceOfferingID select limit).FirstOrDefault(); if (limitData == null) { LimitsVO newLimit = new LimitsVO(); newLimit.ServiceOffering = sOffering.ServiceOfferingID; newLimit.ProdOfferingId = sOffering.ProdOffering; newLimit.ResourceName = vo.ResourceName; newLimit.RoleLimitId = 0; newLimit.StoreID = string.Empty; if (vo.ResourceName == Commons.GetResourceName("NEWPAWNLOAN")) { //Get the limit from business rule decimal maxLoanLimit = 0.0m; if (new BusinessRulesProcedures(GlobalDataAccessor.Instance.DesktopSession).GetMaxLoanLimit(GlobalDataAccessor.Instance.CurrentSiteId, out maxLoanLimit)) { newLimit.Limit = maxLoanLimit; } } if (vo.ResourceName == Commons.GetResourceName("CUSTOMERBUY")) { //Set the limit to the max newLimit.Limit = 99999; } loggedinUserLimits.Add(newLimit); } } } shopIDComboBox.SelectedIndex = _userStores.IndexOf(_ShopID); } catch (Exception ex) { FileLogger.Instance.logMessage(LogLevel.ERROR, this, "Cannot load security profile"); BasicExceptionHandler.Instance.AddException("Security profile could not be loaded " + ex.Message, new ApplicationException(ex.ToString())); } }
public override void PerformAuthorization() { if (FileLogger.Instance.IsLogInfo) { FileLogger.Instance.logMessage(LogLevel.INFO, this, "Performing user authorization..."); } LoggedInUserSecurityProfile = new UserVO(); this.userState = UserDesktopState.NOTLOGGEDIN; //Ensure the LDAP is connected if (PawnLDAPAccessor.Instance.State == PawnLDAPAccessor.LDAPState.DISCONNECTED) { string loginDN; string pwdPolicyCN; string searchDN; string userIdKey; string userPwd; var conf = SecurityAccessor.Instance.EncryptConfig; var ldapService = conf.GetLDAPService( out loginDN, out searchDN, out userIdKey, out userPwd, out pwdPolicyCN);//, //out userName); if (FileLogger.Instance.IsLogDebug) { FileLogger.Instance.logMessage(LogLevel.DEBUG, this, "- Connecting to LDAP server:{0}{1}", System.Environment.NewLine, ldapService); } PawnLDAPAccessor.Instance.InitializeConnection( conf.DecryptValue(ldapService.Server), conf.DecryptValue(ldapService.Port), loginDN, userPwd, pwdPolicyCN, searchDN, userIdKey); } var attemptCount = 1; do { bool lockedOut; bool needPasswordChange; bool wantsPasswordChange; var fullAuth = this.PerformLDAPAuthentication( ref attemptCount, out lockedOut, out needPasswordChange, out wantsPasswordChange); if (FileLogger.Instance.IsLogInfo) { FileLogger.Instance.logMessage( LogLevel.INFO, this, "Authorization attempt: Count = {0}, IsLockedOut = {1}, NeedsPwdChange = {2}, WantsPwdChange = {3}", attemptCount, lockedOut, needPasswordChange, wantsPasswordChange); } var outVal = 0; string errCode, errTxt; if (!LoginCancel && fullAuth) { var retVal = ShopProcedures.ExecuteUpdateSelectUserInfoActivated( username.ToLowerInvariant(), -1, out outVal, out errCode, out errTxt); if (retVal == false || outVal == 0 || errCode != "0") { MessageBox.Show( "The system has determined that you are not an active user. " + "Please contact Shop System Support. " + "The application will now exit.", "Application Security", MessageBoxButtons.OK, MessageBoxIcon.Stop); try { Application.Exit(); } catch { throw new ApplicationException( "Application has exited due to security violation"); } finally { throw new ApplicationException( "Application has exited due to security violation"); } } } if (!LoginCancel && fullAuth == false) { if (lockedOut) { /*ShopProcedures.ExecuteUpdateSelectUserInfoActivated( * username.ToLowerInvariant(), 0, out outVal, out errCode, out errTxt);*/ MessageBox.Show( "The maximum number of attempted failed logins has been exceeded. " + "The user account is now locked. " + "Please contact Shop System Support. " + "The application will now exit.", "Application Security", MessageBoxButtons.OK, MessageBoxIcon.Stop); try { Application.Exit(); } catch { throw new ApplicationException( "Application has exited due to security violation"); } finally { throw new ApplicationException( "Application has exited due to security violation"); } } if (needPasswordChange) { MessageBox.Show( "Your password has expired. " + "The application will now exit.", "Application Security", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); try { Application.Exit(); } catch { throw new ApplicationException( "Application has exited due to an expired password"); } finally { throw new ApplicationException( "Application has exited due to an expired password"); } } } if (!LoginCancel && fullAuth == false) { this.userState = UserDesktopState.NOTLOGGEDIN; break; } else { break; } }while (this.userState != UserDesktopState.LOGGEDIN); if (!LoginCancel && this.userState == UserDesktopState.LOGGEDIN) { if (FileLogger.Instance.IsLogInfo) { FileLogger.Instance.logMessage(LogLevel.INFO, this, "User {0} successfully authorized", FullUserName); } //Get role information //The logged in user's security profile will be stored in LoggedInUserSecurityProfile object after the call string errorCode; string errorMesg; if (!SecurityProfileProcedures.GetUserSecurityProfile(FullUserName, string.Empty, GlobalDataAccessor.Instance.CurrentSiteId.StoreNumber, "N", this, out errorCode, out errorMesg)) { BasicExceptionHandler.Instance.AddException( "Security Profile could not be loaded for the logged in user. Cannot Authorize", new ApplicationException()); MessageBox.Show( "User's security profile could not be loaded. Exiting the application"); Application.Exit(); } else { if (FileLogger.Instance.IsLogInfo) { FileLogger.Instance.logMessage(LogLevel.INFO, this, "User {0} security profile retrieved", FullUserName); } //If the logged in user is not an auditor, display an error message and exit the application if (!SecurityProfileProcedures.CanUserViewResource( "AuditAppAccess", this.LoggedInUserSecurityProfile, this)) { MessageBox.Show("You do not have sufficient security privileges to utilize this Audit application. Exiting the application"); Application.Exit(); } } if (userState == UserDesktopState.LOGGEDIN) { //Set the password in the users security profile LoggedInUserSecurityProfile.UserCurrentPassword = password; } } }
private void EditGunBookRecord_Load(object sender, EventArgs e) { this.NavControlBox.Owner = this; gunBookData = GlobalDataAccessor.Instance.DesktopSession.GunData; gunItemData = GlobalDataAccessor.Instance.DesktopSession.GunItemData; if (gunBookData != null && gunBookData.Rows.Count > 0) { gunCACCCode = Utilities.GetStringValue(gunBookData.Rows[0]["cat_code"]); currentGunNo.Text = Utilities.GetStringValue(gunBookData.Rows[0]["gun_number"]); originalGunNo.Text = Utilities.GetStringValue(gunBookData.Rows[0]["original_gun_number"]); newGunNo.Text = Utilities.GetStringValue(gunBookData.Rows[0]["new_gun_number"]); status.Text = Utilities.GetStringValue(gunBookData.Rows[0]["status_cd"]); statusDate.Text = Utilities.GetDateTimeValue(gunBookData.Rows[0]["status_date"]).ToString("d", DateTimeFormatInfo.InvariantInfo); gunBound.Text = Utilities.GetStringValue(gunBookData.Rows[0]["gun_bound"]); pageRecord.Text = Utilities.GetStringValue(gunBookData.Rows[0]["gun_page"]) + "/" + Utilities.GetStringValue(gunBookData.Rows[0]["record_number"]); manufacturer.Text = Utilities.GetStringValue(gunBookData.Rows[0]["manufacturer"]); model.Text = Utilities.GetStringValue(gunBookData.Rows[0]["model"]); serialNumber.Text = Utilities.GetStringValue(gunBookData.Rows[0]["serial_number"]); caliber.Text = Utilities.GetStringValue(gunBookData.Rows[0]["caliber"]); type.Text = Utilities.GetStringValue(gunBookData.Rows[0]["gun_type"]); importer.Text = Utilities.GetStringValue(gunBookData.Rows[0]["importer"]); icnDocType = Utilities.GetStringValue(gunBookData.Rows[0]["icn_doc_type"]); icn.Text = Utilities.IcnGenerator(Utilities.GetIntegerValue(gunBookData.Rows[0]["icn_store"]), Utilities.GetIntegerValue(gunBookData.Rows[0]["icn_year"]), Utilities.GetIntegerValue(gunBookData.Rows[0]["icn_doc"]), Utilities.GetStringValue(gunBookData.Rows[0]["icn_doc_type"]), Utilities.GetIntegerValue(gunBookData.Rows[0]["icn_item"]), Utilities.GetIntegerValue(gunBookData.Rows[0]["icn_sub_item"])); //acquisition data acquireCustNumber = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_customer_number"]); acquisitionCustomerNo.Text = acquireCustNumber; acquireTransactionType = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_transaction_type"]); acquisitionType.Text = acquireTransactionType; acquireCustFirstName = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_first_name"]); acquireCustLastName = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_last_name"]); acquireCustMiddleName = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_middle_initial"]); acquisitionName.Text = acquireCustFirstName + " " + acquireCustMiddleName + " " + acquireCustLastName; acquisitionTicket.Text = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_document_number"]); acquireCustomerAddress1 = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_address"]); acquisitionAddress1.Text = acquireCustomerAddress1; acquireCustomerCity = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_city"]); acquireCustomerState = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_state"]); acquireCustomerZipcode = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_postal_code"]); acquisitionAddress2.Text = acquireCustomerCity + "," + acquireCustomerState + " " + acquireCustomerZipcode; acquisitionDate.Text = Utilities.GetDateTimeValue(gunBookData.Rows[0]["acquire_date"]).ToShortDateString(); acquireCustIDType = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_id_type"]); acquireCustIDNumber = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_id_number"]); acquireCustIDAgency = Utilities.GetStringValue(gunBookData.Rows[0]["acquire_id_agency"]); acquisitionID.Text = acquireCustIDType + " " + acquireCustIDAgency + " " + acquireCustIDNumber; //disposition data dispositionCustNumber = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_customer_number"]); dispositionCustomerNo.Text = dispositionCustNumber; dispTransactionType = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_transaction_type"]); dispositionType.Text = dispTransactionType; dispositionCustLastName = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_last_name"]); dispositionCustFirstName = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_first_name"]); dispositionCustMiddleName = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_middle_initial"]); dispositionName.Text = dispositionCustFirstName + " " + dispositionCustMiddleName + " " + dispositionCustLastName; dispositionTicket.Text = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_document_number"]); dispositionCustomerAddress1 = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_address"]); dispositionAddress1.Text = dispositionCustomerAddress1; dispositionCustomerCity = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_city"]); dispositionCustomerState = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_state"]); dispositionCustomerZipcode = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_postal_code"]); dispositionAddress2.Text = dispositionCustomerCity + "," + dispositionCustomerState + " " + dispositionCustomerZipcode; dispositionDate.Text = Utilities.GetDateTimeValue(gunBookData.Rows[0]["disposition_date"]).ToShortDateString(); dispositionCustIDType = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_id_type"]); dispositionCustIDAgency = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_id_agency"]); dispositionCustIDNumber = Utilities.GetStringValue(gunBookData.Rows[0]["disposition_id_number"]); dispositionID.Text = dispositionCustIDType + " " + dispositionCustIDAgency + " " + dispositionCustIDNumber; string gunStatus = Utilities.GetStringValue((gunBookData.Rows[0]["status_cd"])); if (gunStatus == "VO" || gunStatus == "PS") { labelErrMessage.Text = Commons.GetMessageString("GunEditError"); DisableActions(); } if (string.IsNullOrEmpty(dispositionCustNumber)) { DispositionReplace.Enabled = false; DispositionEdit.Enabled = false; } if (!SecurityProfileProcedures.CanUserModifyResource("EDIT GUN BOOK", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, CashlinxPawnSupportSession.Instance) && !SecurityProfileProcedures.CanUserModifyResource("EDIT RESTRICTED GUN BOOK FIELDS", GlobalDataAccessor.Instance.DesktopSession.LoggedInUserSecurityProfile, CashlinxPawnSupportSession.Instance)) { firearmDescEdit.Enabled = false; AcquisitionEdit.Enabled = false; AcquisitionReplace.Enabled = false; DispositionEdit.Enabled = false; DispositionReplace.Enabled = false; } if (string.IsNullOrEmpty(acquireCustNumber)) { AcquisitionEdit.Enabled = false; AcquisitionReplace.Enabled = false; } if (acquireTransactionType == "T" || acquireTransactionType == "C") { AcquisitionEdit.Enabled = false; AcquisitionReplace.Enabled = false; } if (dispTransactionType == "T" || dispTransactionType == "C") { DispositionReplace.Enabled = false; DispositionEdit.Enabled = false; } } else { labelErrMessage.Text = "Gun Book data not found"; DisableActions(); } }
private void GetLimitsDataForSelectedUserInStore() { selectedUserLimits = new List <LimitsVO>(); //Get the limits of the selected user selectedUserLimits = SecurityProfileProcedures.GetListOfLimits(_UserVO, _ShopID); //check if all the resources which belong to the selected user has //associated limit and if yes check if its there in selecteduserlimits //and if not get the limit from the business rule List <ServiceOffering> serviceOfferings = GlobalDataAccessor.Instance.DesktopSession.ServiceOfferings; foreach (ResourceVO rVo in _UserVO.UserResources) { ResourceVO vo = rVo; if (vo.Assigned == "N") { continue; } var sOffering = (from servOffering in serviceOfferings where servOffering.ServiceOfferingID == vo.ResourceID select servOffering).FirstOrDefault(); if (sOffering.ServiceOfferingID != null) { //Check if that limit is there in selecteduserlimits var limitData = (from limit in loggedinUserLimits where limit.ServiceOffering == sOffering.ServiceOfferingID select limit).FirstOrDefault(); if (limitData == null) { LimitsVO newLimit = new LimitsVO(); newLimit.ServiceOffering = sOffering.ServiceOfferingID; newLimit.ProdOfferingId = sOffering.ProdOffering; newLimit.ResourceName = vo.ResourceName; newLimit.RoleLimitId = 0; newLimit.StoreID = string.Empty; if (vo.ResourceName == Commons.GetResourceName("NEWPAWNLOAN")) { //Get the limit from business rule decimal maxLoanLimit = 0.0m; if (new BusinessRulesProcedures(GlobalDataAccessor.Instance.DesktopSession).GetMaxLoanLimit(GlobalDataAccessor.Instance.CurrentSiteId, out maxLoanLimit)) { newLimit.Limit = maxLoanLimit; } } if (vo.ResourceName == Commons.GetResourceName("CUSTOMERBUY")) { //Set the limit to the max newLimit.Limit = 99999; } selectedUserLimits.Add(newLimit); } } } this.gvLimits.AutoGenerateColumns = false; foreach (LimitsVO limitData in selectedUserLimits) { if (limitData.StoreNumber == string.Empty) { //If the limit being shown is the default limit //Make sure the corresponding resource is still part //of the user's resources list var resName = (from resource in selectedUserResources where resource == limitData.ResourceName select resource).FirstOrDefault(); if (resName == null) { continue; } } DataGridViewRow dgvr = new DataGridViewRow(); DataGridViewTextBoxCell cell1 = new DataGridViewTextBoxCell(); cell1.Value = limitData.ProdOfferingId.ToString(); dgvr.Cells.Insert(0, cell1); DataGridViewTextBoxCell cell2 = new DataGridViewTextBoxCell(); cell2.Value = limitData.ResourceName.ToString(); dgvr.Cells.Insert(1, cell2); DataGridViewTextBoxCell cell3 = new DataGridViewTextBoxCell(); cell3.Value = limitData.Limit; dgvr.Cells.Insert(2, cell3); DataGridViewTextBoxCell cell4 = new DataGridViewTextBoxCell(); cell4.Value = limitData.RoleLimitId; dgvr.Cells.Insert(3, cell4); gvLimits.Rows.Add(dgvr); } //Set the format for the limit field to currency //TO DO - when limit type attribute is added the format will change accordingly gvLimits.Columns[2].DefaultCellStyle.Format = "C"; populateLimitsDataGrid(); }