public static void SetUpSession(bool fromportal = false, Models.Authentication objAuthenticationUser = null)
{
try {
var ProductParamDictionary = new StringDictionary();
var objUser = new Models.Authentication();
var menuService = new Services.MenuService();
bool LOCALDEBUG = false;
string fromProduct = null;
string decryptedProductParams = null;
LOCALDEBUG = Convert.ToBoolean(ConfigurationManager.AppSettings["LOCALDEBUG"]);
if (LOCALDEBUG == false)
{
if (HttpContext.Current.Request.QueryString["FromPortal"] != null)
{
fromProduct = HttpContext.Current.Request.QueryString["FromPortal"];
}
if (HttpContext.Current.Request.QueryString["FromProduct"] != null)
{
fromProduct = HttpContext.Current.Request.QueryString["FromProduct"];
}
if (fromProduct == null)
{
return;
}
// When decrypted, the decryptProductParams variable looks like this:
// UserID|100106|Token|479bb3e7-079a-4a97-950f-41da256c6928|PageID|14|currentUTCtime|09/25/2017 19:56:41
decryptedProductParams = CryptHelpers.Decrypt(fromProduct, WebConstants.ENCRYPT_KEY);
using (IEnumerator <string> enumerator = decryptedProductParams.Split('|').AsEnumerable().GetEnumerator()) {
while (enumerator.MoveNext())
{
string first = enumerator.Current;
if (!enumerator.MoveNext())
{
break;
}
ProductParamDictionary.Add(first, enumerator.Current);
}
}
objUser.UserID = Convert.ToInt32(ProductParamDictionary["UserID"]);
objUser.AuthToken = ProductParamDictionary["Token"];
objUser.PageID = Convert.ToInt32(ProductParamDictionary["PageID"]);
objUser.AdminUserID = Convert.ToInt32(ProductParamDictionary["AdminUserID"]);
#region Process currentUTCtime from Querystring. If currentUTCtime not found, log exception & redirect request to login.
if (ProductParamDictionary[ProductQueryStringKey.currentUTCtime.ToString()] != null)
{
var ProductUtCtime = Convert.ToDateTime(ProductParamDictionary[ProductQueryStringKey.currentUTCtime.ToString()]);
var currentUtCtime = DateTime.UtcNow.ToString(CultureInfo.InvariantCulture);
// 5 minute check between servers
if ((DateTime.Parse(currentUtCtime.ToString(CultureInfo.InvariantCulture)))
.Subtract(DateTime.Parse(ProductUtCtime.ToString(CultureInfo.InvariantCulture)))
.Seconds > 300)
{
if (Convert.ToBoolean(ConfigurationManager.AppSettings["PortalRedirect"]))
{
HttpContext.Current.Response.Redirect(string.Format("Transfer.aspx?qs={0}", (int)QueryStringValue.TimeOut), false);
HttpContext.Current.Response.End();
}
}
}
else
{
// =================================================================================================
// If currentUTCtime KVP not found, log error in ExceptionLog and reroute user to login screen.
// =================================================================================================
ExceptionService exceptionService = new ExceptionService();
ExceptionLog exLog = new ExceptionLog();
exLog.ExceptionText = "KVP currentUTCtime missing from ecrypted querystring.";
exLog.PageName = "JCR.Reports.Common.Security.cs";
exLog.MethodName = "SetUpSession";
exLog.UserID = objUser.UserID;
exLog.SiteId = 0;
exLog.TransSQL = string.Format("Unencrypted Querystring: {0}", decryptedProductParams);
exLog.HttpReferrer = null;
exceptionService.LogException(exLog);
HttpContext.Current.Response.Redirect("~/Transfer/LogoutRedirect");
}
#endregion
// Mark Orlando 10/18/2017. When AMP is called from AdminTool, UserOriginalRoleID KVP will contain 5 aka Global Admin.
// If UserOriginalRoleID is 5, then AdminTool will pass AMP the GA's User ID in UserOriginalRoleID KVP.
// Default values of 0 indicate the real user is not GA, but rather a customer.
// When GAdmin logged-in as customer and went from AMP to Reports here's what Querystring looked like:
// UserID|100106|Token|28D07930-AF85-42CE-A80D-17CF51DDAF13|PageID|48|AdminUserID|123316|UserOriginalRoleID|5|currentUTCtime|11/27/2017 20:41:25
if (ProductParamDictionary["UserOriginalRoleID"] != null)
{
objUser.UserOriginalRoleID = Convert.ToInt32(ProductParamDictionary["UserOriginalRoleID"]);
objUser.AdminUserID = Convert.ToInt32(ProductParamDictionary["AdminUserID"]);
}
}
else
{
// Susan Easter has access to 10 sites, each of which has access to AMP & Tracers...except site 4758
// For this site, she has access to AMP, but not Tracers: Michael E. DeBakey VA MC Opioid Treatment Program
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
// objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
//objUser.UserLogonID = "*****@*****.**";
// objUser.UserLogonID = "*****@*****.**";
// objUser.UserLogonID = "*****@*****.**"; // Staff Member
// objUser.UserLogonID = "*****@*****.**"; // Site Manager
// objUser.UserLogonID = "*****@*****.**";
// objUser.UserLogonID = "*****@*****.**";
objUser.UserLogonID = "*****@*****.**";
//objUser.PageID = 14; // PageID 14 is 'Reports Menu|Compliance' aka AMP
objUser.PageID = 48; // PageID 48 is 'Reports Menu|Tracers'
//objUser.PageID = 49; // PageID 49 is 'Reports Menu|ER Tracers'
}
if (objAuthenticationUser != null)
{
objUser = objAuthenticationUser;
}
menuService.Authenticate(objUser);
if (objUser.InError)
{
HttpContext ctx = HttpContext.Current;
ctx.Response.Redirect("~/Transfer/Error");
}
else
{
if (LOCALDEBUG)
{
menuService.CreateStateWhenLocalDebugIsTrue(objUser.UserID);
}
AppSession.CreateSession();
AppSession.UserID = objUser.UserID;
AppSession.AuthToken = objUser.AuthToken;
AppSession.PageID = objUser.PageID;
AppSession.AdminUserID = objUser.AdminUserID;
AppSession.UserOriginalRoleID = objUser.UserOriginalRoleID;
AppSession.WebApiUrl = ConfigurationManager.AppSettings["JCRAPI"].ToString();
var menuState = menuService.GetState(AppSession.UserID.GetValueOrDefault(), AppSession.AuthToken);
AppSession.EmailAddress = menuState.UserLogonID;
AppSession.FirstName = menuState.FirstName;
AppSession.LastName = menuState.LastName;
AppSession.FullName = String.Format("{0} {1}", menuState.FirstName, menuState.LastName);
AppSession.RoleID = menuState.UserRoleID;
AppSession.SelectedSiteId = menuState.SiteID;
AppSession.SelectedSiteName = menuState.SiteName;
AppSession.SelectedProgramId = menuState.ProgramID;
AppSession.SelectedProgramName = menuState.ProgramName;
AppSession.CycleID = menuState.CycleID;
AppSession.IsCorporateSite = menuState.AccessToMockSurvey;
AppSession.ProgramGroupTypeID = menuState.ProgramGroupTypeID;
AppSession.IsCMSProgram = menuState.AccessToCMS;
AppSession.HasTracersAccess = menuState.AccessToTracers;
AppSession.SelectedCertificationItemID = menuState.CertificationItemID;
if (AppSession.SelectedCertificationItemID > 0)
{
var lstPrograms = UserCustom.GetProgramBySites(AppSession.SelectedSiteId);
if (lstPrograms != null && lstPrograms.Count > 0)
{
var queryBaseProgramID = lstPrograms.Where(prg => prg.ProgramID == AppSession.SelectedProgramId && prg.AdvCertListTypeID == AppSession.SelectedCertificationItemID).FirstOrDefault();
if (queryBaseProgramID != null)
{
AppSession.SelectedProgramId = (int)queryBaseProgramID.BaseProgramID;
}
}
}
switch (AppSession.PageID)
{
case 50: // PageID 50 is My Saved Reports ● Tracers
case 15: // PageID 15 is is My Saved Reports ● Compliance
case 51: // PageID 51 is is My Saved Reports ● ER Tracers
AppSession.DirectView = "MyReports";
break;
case 52: // PageID 52 is My Site's Saved Reports ● Tracers
case 16: // PageID 16 is My Site's Saved Reports ● Compliance
case 53: // PageID 53 is My Site's Saved Reports ● ER Tracers
AppSession.DirectView = "SearchReports";
break;
}
var commonService = new CommonService();
SearchInputService searchInputService = new SearchInputService();
AppSession.CycleID = commonService.GetLatestCycleByProgram(AppSession.SelectedProgramId).CycleID;
//if (AppSession.LinkType != 11) {
// AppSession.Sites = searchInputService.SelectTracerSitesByUser(Convert.ToInt32(AppSession.UserID));
// AppSession.CycleID = commonService.GetLatestCycleByProgram(AppSession.SelectedProgramId).CycleID;
//} else {
// var SiteList = CorporateFinding.GetSitesByUser(Convert.ToInt32(AppSession.UserID)).Select(x => new UserSite() { SiteID = x.SiteID, SiteName = x.SiteName, RoleID = x.RoleID, SiteFullName = x.SiteFullName, IsCorporateAccess = x.IsCorporateAccess }).ToList();
// AppSession.Sites = SiteList;
//}
//if (AppSession.Sites.Count == 0) {
// AppSession.Sites = searchInputService.SelectTracerSitesByUser(Convert.ToInt32(AppSession.UserID));
//}
AppSession.Sites = SearchInputService.GetSitesByUser(AppSession.UserID);
foreach (var site in AppSession.Sites.ToList())
{
//site.Programs = new List<ProgramVM>();
//site.Programs.AddRange(new SearchInputService().SelectAllTracerProgramsBySiteAndUser(Convert.ToInt32(AppSession.UserID), site.SiteID, Convert.ToInt32(AppSession.CycleID)));
site.Programs = UserCustom.GetProgramBySites(site.SiteID);
}
commonService.GetHelpLink();
UpdateAppLogin();
}
}
catch (Exception ex) {
throw ex;
}
}
public ActionResult AppRedirect(string pageName)
{
int pageID = (int)Enum.Parse(typeof(ApplicationPage), pageName);
string appurl = string.Empty;
string url = string.Empty;
int eProductID = 0;
var menuService = new Services.MenuService();
menuService.SaveArg(AppSession.UserID.GetValueOrDefault(), "PageID", pageID.ToString());
if (AppSession.HasValidSession)
{
switch (pageName)
{
case "Assignment":
case "BulkReAssign":
case "BulkUpdatePOA":
case "BulkUpdateScore":
case "CMSScoring":
case "CorporateFindingsEdit":
case "DocumentationAnalyzer":
case "EPAttributeFilter":
case "FSA":
case "MockSurveyDashBoard":
case "MockSurveyScoring":
case "RFI":
case "ScoreAnalyzer":
case "ServiceProfile":
case "StandardsAndScoring":
case "SystemSurveySetting":
case "UserSiteMaintenance": {
appurl = ConfigurationManager.AppSettings["AMPUrl"].ToString();
eProductID = 1; // In DBAMP.dbo.EProduct table, AMP has EProductID equal to 1.
break;
}
case "CopyTracertoOtherSites":
case "CreateNewCMSTracer":
case "CreateNewTJCTracer":
case "CreateNewTracer":
case "DeleteTracerfromOtherSites":
case "DepartmentMaintenance":
case "EPsNotReferenced":
case "GlobalAdminTracersHomePage":
case "GuestAccessHomePage":
case "JCRTemplatesAffectedbyCriticalChangesinLatestCycle":
case "StandardEPChangesinAllCycles":
case "StandardEPChangesinLatestCycle":
case "TaskAssignments":
case "TracerHomePage": {
appurl = ConfigurationManager.AppSettings["TracersUrl"].ToString();
eProductID = 2; // In DBAMP.dbo.EProduct table, Tracers has EProductID equal to 2.
break;
}
}
menuService.SaveArg(AppSession.UserID.GetValueOrDefault(), "EProductID", eProductID.ToString());
url = string.Format("{0}?userid={1}&token={2}", appurl, AppSession.UserID, AppSession.AuthToken);
}
else
{
url = ConfigurationManager.AppSettings["JcrPortalUrl"].ToString() + "?qs=1";
}
return(Redirect(url));
}
