Exemple #1
0
        /// <summary>
        /// Stores values for later retrieval
        /// </summary>
        /// <typeparam name="T">type of value</typeparam>
        /// <param name="list">object that stores all possible values for this parameter</param>
        /// <param name="value">item to save</param>
        /// <returns>reference key used to lookup value</returns>
        public static string AddQueryStringOption <T>(this SecuredLookupOptions <T> obj, T value)
        {
            //string key = Guid.NewGuid().ToString();
            string key = GetUniqueKey(MAX_KEY_LENGTH);

            while (obj.Options.ContainsKey(key))
            {
                key = GetUniqueKey(MAX_KEY_LENGTH);
            }

            obj.Options.Add(key, value);
            return(key);
        }
Exemple #2
0
        ///// <summary>
        ///// Will sanitize the ID values of the input object and save the results into and ouput object
        ///// </summary>
        ///// <typeparam name="TInput">Object with a system ID to sanitize</typeparam>
        ///// <typeparam name="TOutput">Object to hold the secured key</typeparam>
        ///// <param name="securableObj">Object containing a list of securable items</param>
        ///// <param name="context">Session to save the mapping into</param>
        ///// <param name="securedObj">Object to contain a list of secured items</param>
        ///// <param name="paramName">Name of querystring parameter that this will come back from the client as</param>
        ///// <param name="isOneTime">Should this item be reomved from session after it's first use</param>
        ///// <returns>The mapping object that was saved into the session</returns>
        //public static SecuredLookupOptions<int> Secure<TInput, TOutput>(HttpContext context, List<TInput> securableList, List<TOutput> securedList, string paramName, bool isOneTime)
        //    where TInput : ISecurableItem<int>
        //    where TOutput : ISecuredItem, new()
        //{
        //    SecuredLookupOptions<int> sessionValues = CreateQueryStringParameter<int>(isOneTime);

        //    foreach (ISecurableItem<int> item in securableList)
        //    {
        //        //provides a random key to the actual value
        //        string securedKey = sessionValues.AddQueryStringOption(item.Id);

        //        //add to public facing list
        //        TOutput securedItem = new TOutput();
        //        securedItem.Load(item, securedKey);
        //        securedList.Add(securedItem);
        //    }

        //    //save values into session
        //    SaveQueryStringOptionsList(context, paramName, sessionValues);

        //    return sessionValues;
        //}

        /// <summary>
        /// Will sanitize the ID values of the input object and save the results into and ouput object
        /// </summary>
        /// <typeparam name="TInput">Type of object with a system ID to sanitize</typeparam>
        /// <typeparam name="TOutput">Object to hold the secured key</typeparam>
        /// <typeparam name="TInputInner">Type of system ID to sanitize</typeparam>
        /// <param name="securableObj">Object containing a list of securable items</param>
        /// <param name="context">Session to save the mapping into</param>
        /// <param name="securedObj">Object to contain a list of secured items</param>
        /// <param name="paramName">Name of querystring parameter that this will come back from the client as</param>
        /// <param name="isOneTime">Should this item be reomved from session after it's first use</param>
        /// <returns>The mapping object that was saved into the session</returns>
        public static SecuredLookupOptions <TInputInner> Secure <TInput, TInputInner, TOutput>(HttpContext context, List <TInput> securableList, List <TOutput> securedList, string paramName, bool isOneTime)
            where TInput : ISecurableItem <TInputInner>
            where TOutput : ISecuredItem, new()
        {
            SecuredLookupOptions <TInputInner> sessionValues = CreateQueryStringParameter <TInputInner>(isOneTime);

            foreach (ISecurableItem <TInputInner> item in securableList)
            {
                //provides a random key to the actual value
                string securedKey = sessionValues.AddQueryStringOption(item.Id);

                //add to public facing list
                TOutput securedItem = new TOutput();
                securedItem.Load(item, securedKey);
                securedList.Add(securedItem);
            }

            //save values into session
            SaveQueryStringOptionsList(context, paramName, sessionValues);

            return(sessionValues);
        }
Exemple #3
0
        /// <summary>
        /// Gets all possible options out of the session and then lookup a particular value
        /// </summary>
        /// <typeparam name="T">type of value saved</typeparam>
        /// <param name="context">user context</param>
        /// <param name="paramName">query string value name. This needs to be unique for your page</param>
        /// <param name="key">reference string used to find value</param>
        /// <param name="allowNull">should null key be an error, if not it counts as a lookup for onetime values</param>
        /// <returns>saved session object</returns>
        public static T GetQueryStringValue <T>(HttpContext context, string paramName, string key, bool allowNull = false)
        {
            if (!allowNull && string.IsNullOrWhiteSpace(key))
            {
                throw new ValidationException("Not allowed Null " + paramName + " lookup");
            }

            SecuredLookupOptions <T> qso = context.Session.GetObject <SecuredLookupOptions <T> >(OPTIONS_NAME_PREFIX + paramName);

            if (qso == null)
            {
                throw new SessionException("Unable to find secured options in the session");
            }

            T value;

            //if the lookup was null return default T
            if (string.IsNullOrWhiteSpace(key))
            {
                value = default(T);
            }
            else
            {
                if (!qso.Options.ContainsKey(key))
                {
                    throw new SessionException("Unable to find key in secured options list");
                }
                value = qso.Options[key];
            }

            // remove if this is only allowed to be used once
            if (qso.IsOneTime)
            {
                RemoveQueryStringOptionsList(context, paramName);
            }

            return(value);
        }
Exemple #4
0
        /// <summary>
        /// Creates a new QueryStringOptions object
        /// </summary>
        /// <typeparam name="T"></typeparam>
        /// <param name="isOneTime">If true object will be disposed after first time retrieving a value</param>
        /// <returns>Options object that has not yet been saved in the session</returns>
        public static SecuredLookupOptions <T> CreateQueryStringParameter <T>(bool isOneTime = false)
        {
            SecuredLookupOptions <T> options = new SecuredLookupOptions <T>(isOneTime);

            return(options);
        }
Exemple #5
0
 /// <summary>
 /// Save an options object into the session once all values have been added
 /// </summary>
 /// <typeparam name="T">type of value</typeparam>
 /// <param name="context">user context</param>
 /// <param name="paramName">query string value name. This needs to be unique for your page</param>
 /// <param name="queryStringOptions">Options object to save into the session</param>
 public static void SaveQueryStringOptionsList <T>(HttpContext context, string paramName, SecuredLookupOptions <T> queryStringOptions)
 {
     context.Session.SetObject(OPTIONS_NAME_PREFIX + paramName, queryStringOptions);
 }
Exemple #6
0
        /// <summary>
        /// retrieve entire options list from session
        /// </summary>
        /// <typeparam name="T">type of value</typeparam>
        /// <param name="context">user context</param>
        /// <param name="paramName">query string value name. This needs to be unique for your page</param>
        /// <returns>options list</returns>
        public static SecuredLookupOptions <T> GetQueryStringOptionsList <T>(HttpContext context, string paramName)
        {
            SecuredLookupOptions <T> qso = context.Session.GetObject <SecuredLookupOptions <T> >(OPTIONS_NAME_PREFIX + paramName);

            return(qso);
        }