private bool HaveCurrentUserAccess(as_mt_metrics m, string[] roles, string username)
{
var res = false;
var mRoles = (m.roles ?? "").Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
var mUsers = (m.users ?? "").Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
res = mUsers.Contains(username) || mRoles.Any(x => roles.Contains(x));
return(res);
}
/*public string[] getRolesForMetric(int metricID)
* {
* List<String> res = new List<String>();
* List<as_mt_metrics> list = db.db.as_mt_metrics.Where(x => x.id == metricID).ToList();
* foreach (as_mt_metrics item in list)
* {
* var r = item.roles;
* res.AddRange(r.Split(','));
* }
* return res.ToArray();
* }*/
public string[] getRolesForMetric(int metricID)
{
List <String> res = new List <String>();
as_mt_metrics m = db.db.as_mt_metrics.FirstOrDefault(x => x.id == metricID);
if (m != null)
{
res.AddRange(m.roles.Split(','));
}
return(res.ToArray());
}
private bool HaveCurrentUserAccess(as_mt_metrics m)
{
var res = false;
var roles = Roles.GetRolesForUser();
var username = HttpContext.Current.User.Identity.Name;
var mRoles = (m.roles ?? "").Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
var mUsers = (m.users ?? "").Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
res = mUsers.Contains(username) || mRoles.Any(x => roles.Contains(x));
return(res);
}
public void SaveMetric(as_mt_metrics item)
{
try
{
db.SaveMt_metric(item);
RDL.CacheManager.PurgeCacheItems("as_mt_metrics");
}
catch (Exception ex)
{
RDL.Debug.LogError(ex);
}
}
public as_mt_metrics GetMetric(int metricID, ArrayList row, out DataTable dt)
{
dt = new DataTable();
var res = new as_mt_metrics();
res = db.db.as_mt_metrics.FirstOrDefault(x => x.id == metricID);
if (!HaveCurrentUserAccess(res))
{
return(res);
}
try
{
using (SqlConnection cn = new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServerSimple"].ConnectionString))
{
SqlCommand cmd = new SqlCommand(res.sql, cn);
cmd.CommandType = res.isSP == true ? CommandType.StoredProcedure : CommandType.Text;
cmd.Parameters.AddWithValue("@username", User.CurrentUser.Identity.Name);
// cmd.Parameters.Add("@FirstName", SqlDbType.VarChar).Value = "dd";
// cmd.Parameters.Add("@LastName", SqlDbType.VarChar).Value = "ddds";
if (row != null)
{
foreach (var par in row)
{
var item = par as Dictionary <string, object>;
cmd.Parameters.AddWithValue("@" + item["colname"].ToString(), item["value"] != null ? item["value"].ToString() : "");
}
}
cn.Open();
SqlDataAdapter da = new SqlDataAdapter(cmd);
// var reader = cmd.ExecuteReader();
da.Fill(dt);
}
}
catch (Exception ex)
{
RDL.Debug.LogError(ex);
}
return(res);
}
