public HttpResponse GetTeacherAndGroup(string pincode, string school, string grade)
{
string response;
AccessCodeClient acc = new AccessCodeClient();
AccessCode code = acc.GetBySchoolPinCodeGradeCurrent(school, pincode, grade);
//AssessmentGroupClient agc = new AssessmentGroupClient();
//AssessmentGroup group = agc.GetByPartitionAndRowKey(school, pincode);
if (code != null)
{
if (code.School == school && code.Grade == grade)
{
response = "{\"result\": \"ok\", \"counselor\":\"" + code.Counselor + "\", \"grade\":\"" + code.Grade + "\", \"year\":\"" + code.Year + "\", \"groupname\":\"" + code.GroupName + "\"}";
}
else
{
response = "{\"result\": \"error\"}";
}
}
else
{
response = "{\"result\": \"error\"}";
}
Response.ContentType = "application/json";
Response.Write(response);
Response.End();
return(null);
}
public async Task <IActionResult> RequestForNewAccessCode([FromQuery] AccessCode accessCode)
{
if (string.IsNullOrEmpty(accessCode.EmailOrMobile))
{
return(new BadRequestObjectResult("EmailOrMobile must be needed"));
}
User resultForUser = await GetUserDetailByEmailOrMobile(accessCode.EmailOrMobile, accessCode.IsMobileNumber);
if (resultForUser == null)
{
return(new BadRequestObjectResult("User not exits"));
}
if (resultForUser.Id == Guid.Empty)
{
return(new BadRequestObjectResult("User not exits"));
}
OTP objOTP = await InsertNewOTP(resultForUser.Id, "RA");
if (objOTP.Id == Guid.Empty && string.IsNullOrEmpty(objOTP.Code))
{
return(new NotFoundObjectResult("OTP not insert successfully"));
}
return(new OkObjectResult(objOTP.Code));
}
private void RequestConfirmAccess(int index, AccessCode code)
{
var adb = new IONAlertDialog(this);
adb.SetTitle(Resource.String.portal_access_code_confirm);
adb.SetMessage(Resource.String.portal_access_code_confirm_access);
adb.SetNegativeButton(Resource.String.cancel, (sender, e) => {});
adb.SetPositiveButton(Resource.String.ok, async(sender, e) => {
var pd = new ProgressDialog(this);
pd.SetTitle(Resource.String.portal_access_code_confirming);
pd.SetMessage(GetString(Resource.String.please_wait));
pd.SetCancelable(false);
pd.Show();
var response = await ion.portal.RequestConfirmAccessCodeAsync(code);
if (response.success)
{
Toast.MakeText(this, Resource.String.portal_update_successful, ToastLength.Short).Show();
adapter.RemoveRecord(index);
}
else
{
Toast.MakeText(this, Resource.String.portal_error_update_failed, ToastLength.Long).Show();
}
pd.Dismiss();
});
adb.Show();
}
public async Task <bool> SetAccessCodeAsync(AccessCodeViewModel model)
{
bool success = false;
try
{
// make sure there is only one access code
var accessCode = await _accessCodeRepository.GetAccessCodeAsync();
if (accessCode == null)
{
accessCode = new AccessCode()
{
CreateDate = DateTime.UtcNow
};
}
else
{
accessCode.AuditUtc = DateTime.UtcNow;
}
var encryptionResult = Encryption.Encrypt(model.AccessCode);
accessCode.EncryptedValue = encryptionResult.EncryptedString;
accessCode.UniqueKey = encryptionResult.UniqueKey;
success = await _accessCodeRepository.SaveAccessCodeAsync(accessCode);
}
catch (Exception ex)
{
_logger.LogError("LoginService/SetAccessCodeAsync - exception:{@Ex}", new object[] {
ex
});
}
return(success);
}
//public ActionResult Student(string school, string code)
public ActionResult Student(string id)
{
if (id != null)
{
AccessCodeClient acc = new AccessCodeClient();
AccessCode code = acc.GetByPartitionAndRowKey("accesscode", id);
//AssessmentGroupPinCodeClient agpcc = new AssessmentGroupPinCodeClient();
//AssessmentGroupPinCode groupInfo = agpcc.GetByPartitionAndRowKey("pincodes", id);
if (code != null && code.School != "CareerThesaurus Demo School")
{
SchoolAccountClient sac = new SchoolAccountClient();
SchoolAccount schoolAccount = sac.GetByPartitionAndRowKey("school", code.School);
ViewBag.SignUpSchoolZip = schoolAccount.ZipCode;
ViewBag.SignUpSchool = code.School;
ViewBag.SignUpSchoolName = schoolAccount.SchoolName;
ViewBag.SignUpCode = code.Code;
ViewBag.SignUpGrade = code.Grade;
ViewBag.SignUpCounselor = code.Counselor;
ViewBag.SignUpGroupName = code.GroupName;
}
else
{
ViewBag.InvalidLink = true;
}
}
return(View());
}
public AccessCode RetrieveAccessCode(int user_id, int booking_id)
{
SqlConnection connection = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionStringSQL"].ConnectionString);
SqlCommand command = new SqlCommand("select * from [dbo].[UserVerification] " +
" where user_id = @user_id " +
" AND booking_id = @booking_id" +
";", connection);
command.Parameters.Add("@user_id", System.Data.SqlDbType.Int);
command.Parameters["@user_id"].Value = user_id;
command.Parameters.Add("@booking_id", System.Data.SqlDbType.Int);
command.Parameters["@booking_id"].Value = booking_id;
connection.Open();
SqlDataReader reader = command.ExecuteReader();
AccessCode ac = null;
if (reader.Read())
{
ac = (AccessCode)CreateObject(reader);
}
reader.Close();
connection.Close();
return(ac);
}
private static bool GetAccessCode(ref AccessCode __result)
{
NekoClient.Logging.Log.Info("AimeResult AccessCode");
__result = AccessCode.Zero;
return(false);
}
/// <summary>
/// Updates the state of an access code.
/// </summary>
/// <param name="accountId">The account Id of the requestor. The account Id should own the access code being changed.</param>
/// <param name="accessCodeId">The id of the access code to be changed.</param>
/// <param name="isActive">The required boolean state.</param>
/// <returns>Returns true if the change was successful or false if not.</returns>
internal bool UpdateAccessCodeState(int accountId, int accessCodeId, bool isActive)
{
AccessCode accessCode = this.doctrineShipsRepository.GetAccessCode(accessCodeId);
if (accessCode != null)
{
// If the code being changed is a Site Admin, do not continue.
if (accessCode.Role != Role.SiteAdmin)
{
// If the account Id matches the account Id of the access code being changed, continue.
if (accountId == accessCode.AccountId)
{
// Change the state of the access code and log the event.
accessCode.IsActive = isActive;
this.doctrineShipsRepository.UpdateAccessCode(accessCode);
this.doctrineShipsRepository.Save();
if (isActive == true)
{
logger.LogMessage("Access Code '" + accessCode.Description + "' Successfully Enabled For Account Id: " + accessCode.AccountId, 2, "Message", MethodBase.GetCurrentMethod().Name);
}
else
{
logger.LogMessage("Access Code '" + accessCode.Description + "' Successfully Disabled For Account Id: " + accessCode.AccountId, 2, "Message", MethodBase.GetCurrentMethod().Name);
}
return(true);
}
}
}
return(false);
}
/// <summary>
/// получить пользователей которые имеют доступ на элемент проекта "без ограничений"
/// </summary>
/// <param name="projectElement"></param>
/// <param name="accessCode"></param>
/// <returns></returns>
public List <TFlex.DOCs.Model.References.Users.User> GetUsersHaveAccess(AccessCode accessCode)
{
/// <summary>
/// Guid типа "Доступы"
/// тип "Список объектов"
/// </summary>
Guid TypeAccesses_AccessesList_Guid = new Guid("68989495-719e-4bf3-ba7c-d244194890d5");
Guid Accesses_TypeParameters_Access_Guid = new Guid("aff97f60-58d6-4c69-807b-dd7b6abfd770"); //Доступ Целое число
/// <summary>
/// Guid параметра - "Уникальный идентификатор пользователя"
/// Уникальный идентификатор
/// </summary>
Guid Accesses_TypeParameters_UserGuid_Guid = new Guid("f65f1d07-275e-44cd-9f9e-5492971e7ebf");
List <TFlex.DOCs.Model.References.Users.User> users = new List <TFlex.DOCs.Model.References.Users.User>();
foreach (ReferenceObject access in this.ReferenceObject.GetObjects(TypeAccesses_AccessesList_Guid))//перебор объектов
{
if (access[Accesses_TypeParameters_Access_Guid].GetInt32() == (int)accessCode &&
access[Accesses_TypeParameters_UserGuid_Guid].GetGuid() != Guid.Empty) //Параметры
{
TFlex.DOCs.Model.References.Users.User user = References.UsersReference.Find(access[Accesses_TypeParameters_UserGuid_Guid].GetGuid()) as TFlex.DOCs.Model.References.Users.User;
if (!users.Contains(user))
{
users.Add(user);
}
}
}
return(users);
}
internal IValidationResult AccessCode(AccessCode accessCode)
{
IValidationResult validationResult = new ValidationResult();
// Do not permit site admins to be added.
if (accessCode.Role == Role.SiteAdmin)
{
validationResult.AddError("Role.Type", "A SiteAdmin may not be added.");
}
// Null checks.
if (accessCode.Description == string.Empty || accessCode.Description == null)
{
validationResult.AddError("Description.Null", "Description can not be empty or null.");
}
else
{
// Range checks.
if (accessCode.Description.Length > 30)
{
validationResult.AddError("Description.Length", "Description should be less than 30 characters in length.");
}
}
return(validationResult);
}
public static bool UserIsInRole(ClaimsPrincipal user, AccessCode accessCode)
{
if (!user.IsInRole(AccessCode.FullAccess.ToString()))
{
return(user.IsInRole(accessCode.ToString()));
}
return(true);
}
public async Task <ActionResult <Access> > CheckAccessCode(int reqId, [FromBody] AccessCode code)
{
try
{
Access access = new Access()
{
UserId = 0,
Granted = false
};
Request request = null;
if (code != null || reqId > 0)
{
//logic
if (reqId > 0)
{
request = _context.Request.Where(r => r.Id == reqId).FirstOrDefault <Request>();
if (request.isCompleted)
{
return(access);
}
User user = _context.User.Where(u => u.Id == (_context.Request.Where(r => r.Id == request.Id).FirstOrDefault <Request>().User.Id)).FirstOrDefault <User>();
access.UserId = user.Id;
access.Granted = true;
request.isCompleted = true;
request.Response = "Activattion Successful";
_context.Request.Update(request);
}
else
{
User user = _context.User.Where(u => u.Code.Equals(code.Code)).FirstOrDefault <User>();
if (user != null)
{
access.UserId = user.Id;
access.Granted = true;
request = new Request()
{
User = user,
Type = "Acitvation",
isCompleted = true,
Response = "Activattion successful"
};
_context.Request.Add(request);
}
}
_context.SaveChanges();
return(Ok(access));
}
else
{
return(BadRequest(access));
}
}
catch (Exception e)
{
e.GetBaseException();
return(BadRequest(e.Message));
}
}
/// <summary>
///
/// </summary>
/// <param name="dictionary"></param>
/// <returns></returns>
public static string ToString(AccessCode info)
{
return "{"
+ "AccessCode = " + info.SystemAccessCode
+ ", MediaType = " + info.MediaType
+ ", AccessCodeDesc = " + info.AccessCodeDesc
+ "}";
}
public Boolean ValidateCode(int code)
{
if (AccessCode.Equals(code))
{
Status = AssignmentStatus.Completed;
return(true);
}
return(false);
}
public bool checkCodeExistence(string code, toDoListConestogaContext db)
{
bool checkCode = false;
if (db.AccessCode.Where(acccount => acccount.AccessCode1 == code).FirstOrDefault() != null)
{
checkCode = true;
AccessCode codeTemp = db.AccessCode.Where(acccount => acccount.AccessCode1 == code).FirstOrDefault();
codeTemp.NumberOfUsers = codeTemp.NumberOfUsers - 1;
}
return(checkCode);
}
public string GenerateCodeAndSend(int user_id, int booking_id)
{
User u = (User)UserDA.GetInstance().Recover(user_id);
string code = RandomString(10);
EmailServiceController.SendEmailAccessCode(u.Email, code);
AccessCode accessCode = new AccessCode(booking_id, user_id, code, AccessCode.Status.Sent);
InsertAccessCode(accessCode);
return(code);
}
protected void buttonCheckCode_Click(object sender, EventArgs e)
{
AccessCode valid = AccessCodeController.GetInstance().RetrieveAccessCode(Int16.Parse(HiddenFieldUserId.Value), Int16.Parse(HiddenFieldId.Value));
if (valid != null)
{
valid.status = AccessCode.Status.Validated;
AccessCodeController.GetInstance().UpdateAccessCode(valid);
Session.Remove("BookingId");
Response.Redirect("~/Pages/Bookings/SearchBooking.aspx");
}
}
/// <summary>
/// Add an access key to an account.
/// </summary>
/// <param name="accountId">The id of the account for which an access code should be added.</param>
/// <param name="description">A short description for the new access code.</param>
/// <param name="role">The role for the new access code.</param>
/// <param name="dateExpires">Optional expiry date.</param>
/// <param name="data">Optional data to be associated with the access code.</param>
/// <returns>Returns a randomly generated key.</returns>
internal string AddAccessCode(int accountId, string description, Role role, DateTime?dateExpires = null, string data = null)
{
AccessCode accessCode = null;
string generatedKey = string.Empty;
// Retrieve the account.
var account = this.doctrineShipsRepository.GetAccount(accountId);
// Does the account exist?
if (account != null)
{
accessCode = new AccessCode();
// If this is a user account, use a shorter key.
if (role == Role.User)
{
generatedKey = Security.GenerateRandomString(6);
}
else
{
generatedKey = Security.GenerateRandomString(16);
}
accessCode.AccountId = accountId;
accessCode.Role = role;
accessCode.Description = description;
accessCode.Salt = Security.GenerateSalt(128);
accessCode.Key = Security.GenerateHash(generatedKey, accessCode.Salt);
accessCode.LastLogin = DateTime.UtcNow;
accessCode.DateCreated = DateTime.UtcNow;
accessCode.IsActive = true;
// Optional values.
accessCode.DateExpires = dateExpires ?? DateTime.MaxValue;
accessCode.Data = data ?? string.Empty;
// Validate the new access code.
if (this.doctrineShipsValidation.AccessCode(accessCode).IsValid == true)
{
// Add the new access code and read it back.
accessCode = this.doctrineShipsRepository.CreateAccessCode(accessCode);
this.doctrineShipsRepository.Save();
logger.LogMessage("Access Code (Role: " + accessCode.Role + ") Added For Account Id: " + accessCode.AccountId, 2, "Message", MethodBase.GetCurrentMethod().Name);
}
else
{
generatedKey = string.Empty;
}
}
return(generatedKey);
}
private void End_Access_Click(object sender, System.EventArgs args)
{
string id = ((Button)sender).CommandArgument;
Booking booking = BookingController.GetInstance().Recover(Int16.Parse(id));
AccessCode accessCode = AccessCodeController.GetInstance().RetrieveAccessCode(booking.user_id, booking.booking_id);
if (accessCode != null)
{
accessCode.status = AccessCode.Status.Ended;
AccessCodeController.GetInstance().UpdateAccessCode(accessCode);
}
Response.Redirect("~/Pages/Bookings/SearchBooking.aspx");
}
async public Task <IActionResult> LoginSoc(AccessCode code)
{
ServiceResponse <LoginStudentDto> response = await _accountService.LoginNusUser(code);
if (!response.Success)
{
return(BadRequest(response.Message));
}
else
{
return(Ok(response.Data));
}
}
public ActionResult GenerateCode()
{
var repository = new RepositoryBase <LmPlatformModelsContext, AccessCode>(new LmPlatformModelsContext());
var model = new AccessCode()
{
Date = DateTime.Now,
Number = RandomString(10, false)
};
repository.Save(model);
return(Json(model.Number, JsonRequestBehavior.AllowGet));
}
public async Task <bool> SaveAccessCodeAsync(AccessCode code)
{
if (_context.Entry(code).State == EntityState.Detached)
{
_context.Add(code);
}
// if access code is not modified, consider it as true
if (_context.Entry(code).State == EntityState.Unchanged)
{
return(true);
}
return(await _context.SaveChangesAsync() > 0);
}
private void AccessCode_Enter(object sender, EventArgs e)
/***********************************************************************************************************************
** AccessCode is a NumericUpDown control. This only allows numbers.
** If AccessCode was zero When the form was initialized, the font color was changed to white so it would be invisible.
** But, for this application, the zero just complicates the code entry. So the zero is deleted when this control is entered.
***********************************************************************************************************************/
{
if (AccessCode.ForeColor == Color.White)
{
AccessCode.ForeColor = Color.Black;
AccessCode.Focus();
SendKeys.SendWait("{Delete}");
}
}
/// <summary>
/// Gets the request.
/// </summary>
/// <param name="url">The URL.</param>
/// <param name="iFormConfig">The i form config.</param>
/// <returns></returns>
public static WebResponse GetJSONRequest(string url, AccessCode iFormConfig)
{
try
{
WebRequest webRequest = WebRequest.Create(url);
webRequest.Method = "GET";
webRequest.ContentType = "application/json";
webRequest.Headers.Add(HttpRequestHeader.Authorization, string.Format("Bearer {0}", iFormConfig.access_token));
webRequest.Headers.Add("X-IFORM-API-VERSION", "5.1");
return webRequest.GetResponse();
}
catch (Exception ex)
{
return null;
}
}
public ActionResult AccessCode(string id)
{
Regex reg = new Regex("^[a-zA-Z0-9]*$");
if (id != null && reg.IsMatch(id))
{
AccessCodeClient acc = new AccessCodeClient();
AccessCode accessCode = acc.GetByPartitionAndRowKey("accesscode", id);
if (accessCode != null)
{
ViewBag.AccessCode = id;
return(View());
}
}
return(RedirectToAction("Index", "Home"));
}
// private functions ===============================================================================================================================================
private string getUniquePinCode(string school)
{
string pincode = PinCodeGenerator.NewPin();
AccessCodeClient acc = new AccessCodeClient();
AccessCode code = acc.GetBySchoolAndPinCode(school, pincode);
//AssessmentGroupClient agc = new AssessmentGroupClient();
//AssessmentGroup groupEntry = agc.GetByPartitionAndRowKey(school, pincode);
while (code != null)
{
pincode = PinCodeGenerator.NewPin();
code = acc.GetBySchoolAndPinCode(school, pincode);
}
return(pincode);
}
// GET: AccessCode/Create
public ActionResult Create(int id)
{
var db = new ApplicationDbContext();
var account = db.InvoiceAccounts.Single(InvoiceAccount => InvoiceAccount.InvoiceAccountId == id);
ViewBag.AccountNumber = account.AccountNumber;
var accessCode = new AccessCode
{
BuyerEmail = string.Empty,
InvoiceAccountId = id,
AccessCodeId = 0,
UniqueCode = string.Empty
};
return(View(accessCode));
}
protected IActionResult ErrorCode(AccessCode code)
{
switch (code)
{
case AccessCode.Error:
return(BadRequest());
case AccessCode.NoPremision:
return(Unauthorized());
case AccessCode.NotFound:
return(NotFound());
default:
return(Ok());
}
}
protected IActionResult Redirect(AccessCode code)
{
switch (code)
{
case AccessCode.Error:
return(RedirectToAction("Index", "Error"));
case AccessCode.NoPremision:
return(RedirectToAction("NoPremision", "Error"));
case AccessCode.NotFound:
return(RedirectToAction("NoResult", "Error"));
default:
return(RedirectToAction("Index", "Home"));
}
}
async Task <ServiceResponse <LoginStudentDto> > IAccountService.LoginNusUser(AccessCode code)
{
ServiceResponse <LoginStudentDto> response = new ServiceResponse <LoginStudentDto>();
string uri = "https://vafs.nus.edu.sg/adfs/oauth2/token";
var dict = JsonConvert.DeserializeObject <Dictionary <string, string> >(System.Text.Json.JsonSerializer.Serialize(code));
using (var httpClient = new HttpClient())
{
using (var content = new FormUrlEncodedContent(dict))
{
content.Headers.Clear();
content.Headers.Add("Content-Type", "application/x-www-form-urlencoded");
HttpResponseMessage returned = await httpClient.PostAsync(uri, content);
if (!returned.IsSuccessStatusCode)
{
var error = returned.Headers.ToString();
response.Success = false;
response.Message = error;
return(response);
}
var returnData = await returned.Content.ReadAsStringAsync();
try
{
var dataObj = JObject.Parse(returnData);
var jwt = $"{dataObj["access_token"]}";
var handler = new JwtSecurityTokenHandler();
var token = handler.ReadJwtToken(jwt);
var claims = token.Payload;
LoginStudentDto student = new LoginStudentDto($"{claims["SamAccountName"]}", $"{claims["displayName"]}", "12345678", $"{claims["Windows Domain Name"]}");
response.Data = student;
return(response);
}
catch (Exception e)
{
response.Success = false;
response.Message = returnData;
return(response);
}
}
}
}
public ActionResult Student(FormCollection collection)
{
UserAccountClient uac = new UserAccountClient();
UserAccount account = uac.GetByPartitionAndRowKey(UserAccountClient.GetPartitionKeyForEmail(collection["email"].ToLower()), collection["email"]);
if (account == null)
{
AccessCodeClient aac = new AccessCodeClient();
AccessCode code = aac.GetBySchoolPinCodeCounselorGrade(collection["school"], collection["accesscode"], collection["counselor"], collection["grade"]);
if (code == null || code.School == "7181234567")
{
ViewBag.ErrorMessage = "Invalid fields";
return(RedirectToAction("Index"));
}
uac.AddNewItem(new UserAccount {
PartitionKey = UserAccountClient.GetPartitionKeyForEmail(collection["email"].ToLower()), RowKey = collection["email"].ToLower(), FirstName = collection["firstname"], LastName = collection["lastname"], Email = collection["email"], Password = collection["password"], ProfileType = "student"
});
StudentAccountClient sac = new StudentAccountClient();
sac.AddNewItem(new StudentAccount {
PartitionKey = StudentAccountClient.GetPartitionKeyForEmail(collection["email"].ToLower()), RowKey = collection["email"].ToLower(), Gender = collection["gender"], StudentID = collection["studentid"], School = collection["school"], Counselor = collection["counselor"], Year = code.Year, Grade = collection["grade"], GroupName = code.GroupName
});
//StudentProfileClient spc = new StudentProfileClient();
//spc.AddNewItem(new StudentProfile { PartitionKey = StudentProfileClient.GetPartitionKeyForEmail(collection["email"]), RowKey = collection["email"].ToLower(), Gender = collection["gender"], GradYear = collection["gradyear"], School = school, SchoolZip = collection["zipcode"], Teacher = teacher, Group = group });
}
else
{
ViewBag.ErrorMessage = "There is an account already associated with this email. Please log in instead.";
return(View());
}
SendVerificationEmail(collection["email"].ToLower(), collection["firstname"]);
SchoolAccountClient saclient = new SchoolAccountClient();
SchoolAccount schoolAccount = saclient.GetByPartitionAndRowKey("school", collection["school"]);
UserAccount adminAccount = uac.GetByPartitionAndRowKey(UserAccountClient.GetPartitionKeyForEmail(collection["counselor"]), collection["counselor"]);
EmailManager emailManager = new EmailManager();
string str = "<p>Full name: " + collection["firstname"] + " " + collection["lastname"] + "</p><p>Email: " + collection["email"].ToLower() + "</p><p>School: " + (schoolAccount != null ? schoolAccount.SchoolName : "") + "</p><p>Counselor: " + (adminAccount != null ? adminAccount.FirstName + " " + adminAccount.LastName : "") + "</p><p>Grade: " + collection["grade"] + "</p><p>Year: " + collection["year"] + "</p>";
emailManager.SendMail("*****@*****.**", "Admin", "*****@*****.**", "HS Student", str);
return(RedirectToAction("Complete"));
}
/// <summary>
/// Gets the request.
/// </summary>
/// <param name="url">The URL.</param>
/// <param name="iFormConfig">The i form config.</param>
/// <returns></returns>
public static WebResponse GetRequest(string url, AccessCode iFormConfig)
{
WebRequest wrGETURL;
//Append the Acces Token to the request
url = url + "?ACCESS_TOKEN=" + iFormConfig.access_token + "&VERSION=5.1";
wrGETURL = WebRequest.Create(url);
return wrGETURL.GetResponse();
}
