Exemple #1
0
        protected void login(string uid, string password, int databaseId)
        {
            CUSTOMRP.Model.USER myUser = null;

            try
            {
                //v1.1.0 - Cheong - 2016/05/18 - Make hashkey configurable
                CUSTOMRP.Model.DATABASE mydb = WebHelper.bllCompany.GetModel(me.ID, databaseId);
                string salt = (mydb != null) ? mydb.HASHKEY : "com";
                //string hash = Common.Utils.MD5NET(uid + DateTime.Now.ToString("yyyyMMdd") + "com");
                string hash = Common.Utils.MD5NET(uid + DateTime.Now.ToString("yyyyMMdd") + salt);
                if (hash == password)
                {
                    myUser = WebHelper.bllUSER.GetModel(me.ID, uid, databaseId);
                }
            }
            catch
            {
                // on any error, assume it's login failure
            }

            if (myUser != null)
            {
                //store user's information to cookie,

                CUSTOMRP.Model.DATABASE mydb = WebHelper.bllCompany.GetModel(me.ID, databaseId);

                HttpContext.Current.Session[AppNum.str_var_UserCookie_uid]           = uid;
                HttpContext.Current.Session[AppNum.str_var_UserCookie_logintime]     = DateTime.Now.ToString("yyyyMMddhhmm");
                HttpContext.Current.Session[AppNum.str_var_UserCookie_Databaseid]    = mydb.ID;
                HttpContext.Current.Session[AppNum.str_var_UserCookie_DatabaseName]  = mydb.NAME;
                HttpContext.Current.Session[AppNum.str_var_UserCookie_APPLICATIONID] = mydb.APPLICATIONID;

                HttpContext.Current.Session[AppNum.str_var_UserSessionName] = myUser;

                this._me = (new QueryReport.Code.LoginUser()).CurrentUser;   // update v_Security criteria
            }
            else
            {
                //Common.JScript.AlertAndRedirect(AppNum.loginerror, "~/SignIn.aspx");
                Common.JScript.Alert(AppNum.ErrorMsg.loginerror);
            }
        }
Exemple #2
0
 protected void Page_Init(object sender, EventArgs e)
 {
     this._me = (new QueryReport.Code.LoginUser()).CurrentUser;
 }
Exemple #3
0
        public CUSTOMRP.Model.LoginUser Create()
        {
            CUSTOMRP.Model.LoginUser result = null;
            if (isLogin())
            {
                //get baseinfo from cookie
                //LoginID = HttpContext.Current.Request.Cookies[QueryReport.Code.AppNum.str_var_UserCookieName].Values.Get(QueryReport.Code.AppNum.str_var_UserCookie_uid);
                //DatabaseID = HttpContext.Current.Request.Cookies[QueryReport.Code.AppNum.str_var_UserCookieName].Values.Get(QueryReport.Code.AppNum.str_var_UserCookie_Databaseid);
                //DatabaseNAME = HttpContext.Current.Request.Cookies[QueryReport.Code.AppNum.str_var_UserCookieName].Values.Get(QueryReport.Code.AppNum.str_var_UserCookie_DatabaseName);
                //APPLICATIONID = Int32.Parse(HttpContext.Current.Request.Cookies[QueryReport.Code.AppNum.str_var_UserCookieName].Values.Get(QueryReport.Code.AppNum.str_var_UserCookie_APPLICATIONID));

                string LoginID       = (string)HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserCookie_uid];
                int    DatabaseID    = (int)HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserCookie_Databaseid];
                string DatabaseNAME  = (string)HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserCookie_DatabaseName];
                int    APPLICATIONID = (int)HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserCookie_APPLICATIONID];

                //session -user info
                CUSTOMRP.Model.USER myuser = new CUSTOMRP.Model.USER();
                if (HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserSessionName] != null)
                {
                    myuser = (CUSTOMRP.Model.USER)HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserSessionName];
                }
                else
                {
                    CUSTOMRP.BLL.USER blluser = new CUSTOMRP.BLL.USER();
                    myuser = blluser.GetModelForUser(-1, LoginID, DatabaseID);
                    HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserSessionName] = myuser;
                }
                //session -user group right

                CUSTOMRP.Model.GROUPRIGHT gr = null;
                if (HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserSessionGroupRight] != null)
                {
                    gr = (CUSTOMRP.Model.GROUPRIGHT)HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserSessionGroupRight];
                }
                else
                {
                    gr = QueryReport.Code.WebHelper.bllGroupRight.GetModel(myuser.ID, myuser.GID);
                    HttpContext.Current.Session[QueryReport.Code.AppNum.str_var_UserSessionGroupRight] = gr;
                }


                decimal ViewLevel   = myuser.SENSITIVITYLEVEL == null ? 9999 : myuser.SENSITIVITYLEVEL.Value;
                int     ID          = myuser.ID;
                string  ReportGroup = myuser.REPORTGROUPLIST;
                int     REPORTRIGHT = myuser.REPORTRIGHT;

                //string companyid, securitygroupid, contractid;
                //QueryReport.Code.WebHelper.bllUSER.getUserInfo(out companyid, out securitygroupid, out contractid, LoginID, Convert.ToInt32(DatabaseID), DatabaseNAME);

                result = new CUSTOMRP.Model.LoginUser(ID, LoginID, APPLICATIONID, DatabaseID, DatabaseNAME, ViewLevel, ReportGroup, REPORTRIGHT, gr);

                if (result != null)
                {
                    List <CUSTOMRP.Model.ColumnInfo> columns = CUSTOMRP.BLL.AppHelper.GetColumnInfoForTblView(myuser.ID, result.DatabaseNAME, "v_Security")
                                                               .Where(x => (x.ColName != "UserName") && (x.ColName != "ID")).ToList();

                    DataTable dt = CUSTOMRP.BLL.AppHelper.getSecurityForUser(myuser.ID, result.DatabaseNAME, LoginID);

                    result.UserCriteria = new Dictionary <string, string>();

                    Dictionary <string, List <dynamic> > tempStorage = new Dictionary <string, List <dynamic> >();
                    foreach (DataRow dr in dt.Rows)
                    {
                        foreach (CUSTOMRP.Model.ColumnInfo column in columns)
                        {
                            if (!tempStorage.ContainsKey(column.ColName))
                            {
                                tempStorage.Add(column.ColName, new List <dynamic>());
                            }

                            if (!tempStorage[column.ColName].Contains(dr[column.ColName]))
                            {
                                tempStorage[column.ColName].Add(dr[column.ColName]);
                            }
                        }
                    }

                    foreach (CUSTOMRP.Model.ColumnInfo column in columns)
                    {
                        //v1.2.0 - Cheong - 2016/07/05 - Handle case where user is not listed in v_Security
                        if ((tempStorage.ContainsKey(column.ColName)) && (tempStorage[column.ColName].Count > 0))
                        {
                            result.UserCriteria.Add(column.ColName.ToUpper(), String.Join(", ", tempStorage[column.ColName].Select(x => (column.DataType == "String") ?
                                                                                                                                   String.Format("'{0}'", x) :
                                                                                                                                   String.Format("{0}", x)
                                                                                                                                   ).OrderBy(x => x).ToArray()));
                        }
                        else
                        {
                            result.UserCriteria.Add(column.ColName.ToUpper(), "NULL");
                        }
                    }

                    //v1.2.0 Fai 2016.10.28 - Store Login User to Session to prevent retrieve data on every refresh - Begin
                    CurrentUser = result;
                    //v1.2.0 Fai 2016.10.28 - Store Login User to Session to prevent retrieve data on every refresh - End
                }
            }
            return(result);
        }
Exemple #4
0
 /// <summary>
 /// Get Query List for dropdown on rpexcel / rpworddetail
 /// </summary>
 /// <param name="me">Current user, used to determine privilege level</param>
 /// <param name="FormatType">1 = Excel, 2 = Word, 3 = All</param>
 public DataSet GetQueryListForDropdown(CUSTOMRP.Model.LoginUser me, int FormatType = 1)
 {
     return(dal.GetQueryListForDropdown(me, FormatType));
 }