private void SendSecurityCodeByMail(CompanySetup objCompanySetup, UserSecurityCode objUserSecurityCode)
{
try
{
objUserSecurityCode.SecurityCode = GetSecurityCode(objCompanySetup, objUserSecurityCode);
if (objUserSecurityCode.SecurityCode != 0)
{
MailServiceSetup objMailServiceSetup = new MailServiceSetup();
objMailServiceSetup.MailBody = "Your security code is: " + objUserSecurityCode.SecurityCode + "";
EmployeeInformationController objEmployeeInformationController = new EmployeeInformationController();
EmployeeSetup objEmployeeSetup = new EmployeeSetup();
objEmployeeSetup.EmployeeID = objUserSecurityCode.UserKnownID;
objEmployeeSetup.CompanyID = objCompanySetup.CompanyID;
objMailServiceSetup.EmailTo = objEmployeeInformationController.GetEmployeeEmail(objEmployeeSetup);
objMailServiceSetup.MailtypeID = "1";
ArrayList attachDocument = new ArrayList();
objMailServiceSetup.AttachItem = attachDocument;
MailServiceController objMailServiceController = new MailServiceController();
objMailServiceController.eMailSendService(objCompanySetup, objMailServiceSetup);
}
}
catch (Exception msgException)
{
throw msgException;
}
}
/// <summary>
/// Sends registration token for the given username
/// </summary>
/// <param name="user">User to send the registration token</param>
public void SendRegistrationToken(User user)
{
UserSecurityCode confirmationToken = null;
do
{
confirmationToken = UserSecurityCode.CreateSecurityCode(user, "Registration");
} while (this.FindUserForRegistrationToken(confirmationToken.Code) != null);
user.RegistrationConfirmationToken = confirmationToken.EncryptedCode;
UserManagerExtensions.Update(this, user);
TextParser parser = new TextParser(this.manager);
TextDefinition td = parser.ParseMessage("RegistrationEmail", new Dictionary <Model.Messages.ReplaceableObjectKeys, object>()
{
{ ReplaceableObjectKeys.User, user },
{ ReplaceableObjectKeys.Code, confirmationToken.Code }
});
IdentityResult result = new IdentityResult();
try
{
SmtpMailClient.SendMail(user.Email, "OPSMC RePLAY Registration", td.Text, td.Html);
}
catch (Exception ex)
{
// TODO add logger audit
throw ex;
}
}
internal void SendSecurityCode(CompanySetup objCompanySetup, UserSecurityCode objUserSecurityCode)
{
try
{
Save(objCompanySetup, objUserSecurityCode);
SendSecurityCodeByMail(objCompanySetup, objUserSecurityCode);
}
catch (Exception msgException)
{
throw msgException;
}
}
private int GetSecurityCode(CompanySetup objCompanySetup, UserSecurityCode objUserSecurityCode)
{
try
{
string sql = "SELECT [SecurityCode] FROM [UserSecurityCode] WHERE DataUsed = 'A' AND SecurityCodeStatus = 0 AND [CompanyID]= " + objCompanySetup.CompanyID + " AND [EmployeeID] = '" + objUserSecurityCode.UserKnownID + "'";
clsDataManipulation objclsDataManipulation = new clsDataManipulation();
objUserSecurityCode.SecurityCode = objclsDataManipulation.GetSingleValue(this.ConnectionString, sql);
return(objUserSecurityCode.SecurityCode);
}
catch (Exception msgException)
{
throw msgException;
}
}
private void Save(CompanySetup objCompanySetup, UserSecurityCode objUserSecurityCode)
{
try
{
var storedProcedureComandText = "exec [spInitiateSecurityCode] " +
objCompanySetup.CompanyID + ",'" +
objUserSecurityCode.UserKnownID + "','" +
objCompanySetup.EntryUserName + "'";
clsDataManipulation.StoredProcedureExecuteNonQuery(this.ConnectionString, storedProcedureComandText);
}
catch (Exception msgException)
{
throw msgException;
}
}
/// <summary>
/// Stores the security code for the user. IF a code of the existing type already exists, it is overwritten instead
/// </summary>
/// <param name="code">The code to store</param>
public void StoreSecurityCode(UserSecurityCode code)
{
UserSecurityCode existing = this.context.UserSecurityCodes.Where(c => code.User.Id == c.User.Id && code.SecurityCodePurpose == c.SecurityCodePurpose).Include(c => c.User).FirstOrDefault();
if (existing != null)
{
existing.Code = code.Code;
}
else
{
code.User = this.context.Users.Where(u => u.Id == code.User.Id).First();
this.context.UserSecurityCodes.Add(code);
this.context.Entry(code.User).State = EntityState.Unchanged;
}
this.context.SaveChanges();
}
/// <summary>
/// Generates the code
/// </summary>
/// <param name="purpose">The purpose to generate it for</param>
/// <param name="user">The user to generate the token for</param>
/// <returns>A token generated for the user</returns>
protected string GenerateCode(string purpose, User user)
{
AccessHandlerManager ahm = new AccessHandlerManager();
UserSecurityCode code = ahm.UserAccessHandler.GetSecurityCode(user.Id, purpose);
if (code == null || code.ExpiresAt < DateTime.Now)
{
code = UserSecurityCode.CreateSecurityCode(user, purpose);
}
else
{
code.ResetExpiry();
}
new AccessHandlerManager().UserAccessHandler.StoreSecurityCode(code);
return(code.Code);
}
protected void GridViewUsers_RowCommand(object sender, GridViewCommandEventArgs e)
{
try
{
int selectedIndex = Convert.ToInt32(e.CommandArgument.ToString());
if (e.CommandName.Equals("Select"))
{
_objUserSecurityCode = new UserSecurityCode();
_objUserSecurityCode.UserKnownID = ((Label)GridViewUsers.Rows[selectedIndex].FindControl("lblEmployeeID")).Text;
_objCompanySetup = new CompanySetup();
_objCompanySetup.CompanyID = LoginUserInformation.CompanyID;
_objCompanySetup.EntryUserName = LoginUserInformation.UserID;
_objUserSecurityCodeController = new UserSecurityCodeController();
_objUserSecurityCodeController.SendSecurityCode(_objCompanySetup, _objUserSecurityCode);
_objUserSecurityCodeController.LoadUserForSecurityCode(_objCompanySetup, GridViewUsers);
}
}
catch (Exception msgException)
{
clsTopMostMessageBox.Show(msgException.Message);
}
}
/// <summary>
/// Creates or updates a patient.
/// If a user with the given Username doesn't exist it will be created, if it does exist, the patient will be added to that user
/// </summary>
/// <param name="externalId">The external ID of the patient</param>
/// <param name="userName">The username of the user</param>
/// <param name="email">The email</param>
/// <param name="title">the title of the patient</param>
/// <param name="firstName">The first name</param>
/// <param name="lastName">The last name</param>
/// <param name="dateOfBirth">The date of birth</param>
/// <param name="mobilePhone">The patients mobile phone</param>
/// <returns>The created or updated Patient</returns>
public Patient CreateOrUpdatePatient(string externalId, string userName, string email, string title, string firstName, string lastName, DateTime dateOfBirth, string mobilePhone)
{
try
{
SecuritySession.Current.VerifyAccess(Actions.CREATE_OR_UPDATE_PATIENT);
if (userName.Length > 450)
{
throw this.manager.MessageHandler.GetError(ErrorCodes.USERNAME_LENGTH_EXCEEDED);
}
if (userName.Contains("\\") || userName.Contains("/"))
{
throw this.manager.MessageHandler.GetError(ErrorCodes.USERNAME_CONTAINS_ILLEGAL_CHARACTERS);
}
}
catch (Exception ex)
{
Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, typeof(Patient), "Email", email, false, ex.Message));
throw ex;
}
IdentityResult result = new IdentityResult(null);
User existing = this.Users.Where(u => u.UserName == userName).SingleOrDefault();
User user = null;
if (existing == null)
{
try
{
result = UserManagerExtensions.Create(this, new User()
{
UserName = userName, Email = email, PhoneNumber = mobilePhone, Title = title, FirstName = firstName, LastName = lastName
});
if (result.Succeeded)
{
user = this.Users.Where(u => u.UserName == userName).SingleOrDefault();
}
else
{
throw new PCHIError(ErrorCodes.GENERAL_IDENTITY_RESULT_ERROR, result.Errors.Aggregate((s1, s2) => { return(s1 + "\n" + s2); }));
}
Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, user));
}
catch (Exception ex)
{
Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, typeof(User), "UserName", userName, false, ex.Message));
throw ex;
}
}
else
{
user = existing;
}
Patient patient = null;
Patient newPatient = null;
if (user != null)
{
patient = !string.IsNullOrWhiteSpace(externalId) ? this.manager.UserAccessHandler.GetPatientByExternalId(externalId) : null;
try
{
if (patient != null)
{
Patient p = patient;
p.Title = title;
p.FirstName = firstName;
p.LastName = lastName;
p.ProxyUserPatientMap.Add(new ProxyUserPatientMap(user, p));
p.DateOfBirth = dateOfBirth;
p.Email = email;
p.PhoneNumber = mobilePhone;
p.ExternalId = externalId;
this.manager.UserAccessHandler.Update(p);
Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.MODIFIED, p));
}
else
{
Patient p = new Patient();
p.Title = title;
p.FirstName = firstName;
p.LastName = lastName;
p.ProxyUserPatientMap.Add(new ProxyUserPatientMap(user, p));
p.DateOfBirth = dateOfBirth;
p.Email = email;
p.PhoneNumber = mobilePhone;
p.ExternalId = externalId;
this.manager.UserAccessHandler.Add(p);
newPatient = p;
Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, p));
}
this.AddToRole(user.Id, "PatientProxy");
}
catch (Exception ex)
{
Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, typeof(Patient), "Email", email, false, ex.Message));
throw ex;
}
}
// Only send the registration mail if the user is created (i.e. existing is null)
if (existing == null && user != null)
{
UserSecurityCode confirmationToken = null;
do
{
confirmationToken = UserSecurityCode.CreateSecurityCode(user, "Registration");
} while (this.FindUserForRegistrationToken(confirmationToken.Code) != null);
user.RegistrationConfirmationToken = confirmationToken.EncryptedCode;
UserManagerExtensions.Update(this, user);
// string confirmationToken = HttpUtility.UrlEncode(MachineKeyEncryption.Encrypt(user.UserName));
TextParser parser = new TextParser(this.manager);
TextDefinition td = parser.ParseMessage("RegistrationEmail", new Dictionary <Model.Messages.ReplaceableObjectKeys, object>()
{
{ ReplaceableObjectKeys.Patient, newPatient },
{ ReplaceableObjectKeys.Code, confirmationToken.Code }
});
SmtpMailClient.SendMail(user.Email, "OPSMC RePLAY Registration", td.Text, td.Html);
}
if (newPatient != null)
{
try
{
QuestionnaireUserResponseGroup group = this.manager.QuestionnaireAccessHandler.CreateQuestionnaireUserResponseGroup(newPatient.Id, BusinessLogic.Properties.Settings.Default.NewRegistrationQuestionnaire, null, null);
Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, group));
}
catch (Exception ex)
{
Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, typeof(QuestionnaireUserResponseGroup), "Id", null, false, ex.Message));
throw ex;
}
}
return(newPatient == null ? patient : newPatient);
}
