public static void InitializeSecurity(SRPUser u, int TID, string newPassword) {
var MTID = Core.Utilities.Tenant.GetMasterID();
u.TenID = TID;
u.MustResetPassword = true;
u.Insert();
var g = new SRPGroup();
g.GID = 0;
g.GroupName = "Superuser group";
g.GroupDescription = "All permissions enabled.";
g.TenID = TID;
g.Insert();
var PermissionID_LIST = "1000,2000,2100,2200,3000,4000,4100,4200,4300,4400,4500,4600,4700,4800,4900,5000,5100,5200,5300,8000";
SRPGroup.UpdatePermissions(g.GID, PermissionID_LIST, ((SRPUser)HttpContext.Current.Session[SessionData.UserProfile.ToString()]).Username);
SRPGroup.UpdateMemberUsers(g.GID, u.Uid.ToString(), ((SRPUser)HttpContext.Current.Session[SessionData.UserProfile.ToString()]).Username);
var Message = "Summer Reading Program - Your account has been created";
// TODO security - this should not email the password in cleartext
string baseUrl = WebTools.GetBaseUrl(HttpContext.Current.Request);
var EmailBody =
"<h1>Dear " + u.FirstName + ",</h1><br><br>Your account has been created and has full administrative access to your organization's reading rogram. <br>This is your current account information. Please make sure you reset your password as soon as you are able to log back in.<br><br>" +
"Username: "******"<br>Password: "******"<br><br>If you have any questions regarding your account please contact " + SRPSettings.GetSettingValue("ContactName") +
" at " + SRPSettings.GetSettingValue("ContactEmail") + "." +
"<br><br><br><a href='" + baseUrl + "'>" + baseUrl + "</a> <br> ";
new EmailService().SendEmail(u.EmailAddress, Message, EmailBody);
}
protected void DvItemCommand(object sender, DetailsViewCommandEventArgs e)
{
string returnURL = "~/ControlRoom/Modules/Security/GroupsList.aspx";
if (e.CommandName.ToLower() == "back")
{
Response.Redirect(returnURL);
}
if (e.CommandName.ToLower() == "refresh")
{
try
{
odsSRPGroups.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
MasterPage.PageMessage = SRPResources.RefreshOK;
}
catch (Exception ex)
{
MasterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
if (e.CommandName.ToLower() == "add" || e.CommandName.ToLower() == "addandback")
{
try
{
SRPGroup obj = new SRPGroup();
//obj.GID = int.Parse( ((Label)((DetailsView)sender).FindControl(".GID")).Text );
obj.GroupName = ((TextBox)((DetailsView)sender).FindControl("GroupName")).Text;
obj.GroupDescription = ((TextBox)((DetailsView)sender).FindControl("GroupDescription")).Text;
obj.AddedDate = DateTime.Now;
obj.AddedUser = ((SRPUser)Session[SessionData.UserProfile.ToString()]).Username; //"N/A"; // Get from session
obj.LastModDate = obj.AddedDate;
obj.LastModUser = obj.AddedUser;
obj.TenID = (int)CRTenantID;
if (obj.IsValid(BusinessRulesValidationMode.INSERT))
{
obj.Insert();
if (e.CommandName.ToLower() == "addandback")
{
Response.Redirect(returnURL);
}
lblGID.Text = obj.GID.ToString();
odsSRPGroups.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
MasterPage.PageMessage = SRPResources.AddedOK;
}
else
{
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in obj.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
MasterPage.PageError = message;
}
}
catch(Exception ex)
{
MasterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
if (e.CommandName.ToLower() == "save" || e.CommandName.ToLower() == "saveandback")
{
try
{
SRPGroup obj = new SRPGroup();
int pk = int.Parse(((DetailsView)sender).Rows[0].Cells[1].Text);
obj = SRPGroup.Fetch(pk);
obj.GroupName = ((TextBox)((DetailsView)sender).FindControl("GroupName")).Text;
obj.GroupDescription = ((TextBox)((DetailsView)sender).FindControl("GroupDescription")).Text;
obj.LastModDate = DateTime.Now;
obj.LastModUser = ((SRPUser)Session[SessionData.UserProfile.ToString()]).Username; //"N/A"; // Get from session
if (obj.IsValid(BusinessRulesValidationMode.UPDATE))
{
obj.Update();
SaveUsers((DetailsView)sender, obj);
SavePermissions((DetailsView)sender, obj);
if (e.CommandName.ToLower() == "saveandback")
{
Response.Redirect(returnURL);
}
odsSRPGroups.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
MasterPage.PageMessage = SRPResources.SaveOK;
MasterPage.PageMessage = SRPResources.AddedOK;
}
else
{
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in obj.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
MasterPage.PageError = message;
}
}
catch(Exception ex)
{
MasterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
}