public void buscarUsuario()
{
miUser1 = new Cls_User(txtPassword.Text, txtGmail.Text);
leerInformacionUsuario();
if (datoUsuario.buscarDatosCompletos(miUser1) != null)
{
MessageBox.Show("Bienvenido Usuario", "Login exitoso", MessageBoxButtons.OK, MessageBoxIcon.Information);
retornaDato = datoUsuario.buscarDatosCompletos(miUser1);
PresentacionContenido verCotenido = new PresentacionContenido(retornaDato);
this.Hide();
verCotenido.Show();
}
else
{
MessageBox.Show("No esta registrado en nuestros registros", "Error al iniciar", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
public void ingresoUsuario()
{
//Ingreso de usuario a mi Lista Doble
miUser1 = new Cls_User(txtUsuario.Text, txtNomap.Text, txtCorreo.Text, txtContraseña.Text, txtTarjeta.Text,
txtTarjetaCodigo.Text, txtDireccion.Text, txtInfo.Text, "");
leeInsertarUsuario();
if (auxDatoUsuario.buscarCorreo(miUser1) == null)
{
datoUsuario.insertarDatoUsuario(miUser1);
//Ingreso de usuario a mi Txt
informacionUsuario.CargarDatos(ref auxTexto);
informacionUsuario.AgregarUsuario(ref auxTexto, txtUsuario.Text, txtNomap.Text, txtCorreo.Text, txtContraseña.Text, txtTarjeta.Text,
txtTarjetaCodigo.Text, txtDireccion.Text, txtInfo.Text);
MessageBox.Show("La cuenta se ha creado exitosamente !!");
cierraFormulario();
}
else
{
MessageBox.Show("Lo sentimos pero este correo o usuario ya estan registrados");
}
}
public void logout()
{
ClaimsPrincipal principal = Request.GetRequestContext().Principal as ClaimsPrincipal;
int idUsuario = Convert.ToInt32(MTDS.ObtieneValorDesdeToken("idUsuario", principal));
Cls_User.Logout(idUsuario);
}
protected override bool IsAuthorized(HttpActionContext actionContext)
{
ClaimsPrincipal principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
Cls_Metodos metodos = new Cls_Metodos();
try
{
Cls_User clsUser = new Cls_User();
string query = actionContext.Request.RequestUri.Query;
var queryStrings = System.Web.HttpUtility.ParseQueryString(query);
int usuario_id = Convert.ToInt32(metodos.ObtieneValorDesdeToken("idUsuario", principal));
string token = metodos.ObtieneValorDesdeToken("token", principal);
//RSA dec = new RSA("<RSAKeyValue><Modulus>t015WR/Q/hmDXmQp+Bf0vMLUsGWg6QOb/zt/RbVb4nvsbQA9bjHzMT1pw0UfFvJrxSnNUqsLRKUyy0UXpEgu1fB5nQUtSYzJk4dnEaOtwQHr7QLEW8+lhvefj35XXxurLUbzDZ79LodTmn2bNVPq4SZXKIDq+vm9iwWuaDWfqqaVRCw8O8dHg9nC4wXDaRTnZfon7GEzEUjpVPFH1xyYEUrqV7XbYkpxI05ruvqyYLEOkTZ7H5jGKjhEikl7CXrj6jYV3A3bsmunfz0eQRXef7xAR1gkkZ71KvnRYnukY4nUTTL8AWvrAl6+dugLduPz8HMX8mAcCSY2Rb5Ihkex9w==</Modulus><Exponent>AQAB</Exponent><P>395jT4DcwdSye1paCo38jvCIiBmuUKT0ziHlOE6/AzqBX5cN6YsIJ7yo0VuAJt/vwFDTJx6FmAXHGhV1MPEhwRfLPELtQNKRNXI/yIm7+2pqIutDFwOC8v/SuO1LTsUhQq0jRf+/O0sKcsrLOKt3i8yESm8IKIt4HxL5auKO98c=</P><Q>0ZyQ8fpevjy5n/8b6Qf4PFlB2c8b7+9unY9m1ioEcxffi67Kzd0mdnqW8WyfTDng+GoxxPhZKciMbMd9D2i/QZDwUotF2GOk25E8JN1SzcB0eNT1Jif+K9+PkN083TyFU0RB1NHQF7NSmlmdt6yqk9xKGKSHhFdNs82kpvBSVFE=</Q><DP>LRRuMRtE2O9IxZgrG4b9/ZaoF6f8NxcQiNXAf7cztaW5WZNkZMvvZ3kREZ94Tdu4PqTH8E+wHS3Eqxb5E1LrNiPhdBASEISWYwnPmEVMClOibcesKd02KFKlj0GRcZo2mWOd/8GBM6JnxzfY9l9o4kjbttVm8isrlC5Q9VoL6g8=</DP><DQ>RVc129anYOdVwMfzw7MPO2eLkTIiW80pGpZFvrNHpYtQODUqgc+W2brUFCmKyPycn5EBxdciJ+BgE9wqUt6j5ly8I5JPGLZd4wS4kLlmmwn/fbl1H5o7Sug55gJKECXlNRZvcKe33x9DRCxBMHG+PAuzt1M2QWFgIwr0XQVDNwE=</DQ><InverseQ>K6jXF/Q7vx3YhvO+6aDZ0ogICS6nkGEJpbf/dtEWlTxScFuSyj/ihai0cgg5yDWPyr54xRtu/FLytIrrt0GTx5YKfbMnQNxzcr3jNfxN7EKb8GNgbIjtly+4axvNIJGj1ANZJZJQi7MTx/ewZSvZiLaramtBwqGl6ZiUKVuyNZk=</InverseQ><D>QfUQuy8lpqlLigWEzI7iM6HvomGPWwk/csHX9B9kJsTst/QkJqi2l3s/uVH/8+PbP6DhDuQZM+Q1uMrtzOFkaPsU55lbSGHujrVkMwawmQi1+hzKxzaam0wzEBEoI0Lzf2FOSBJzi/CJ9sdHuBKwK7/+EMcCxrhiqcmrjjftchvPEzKfefVSGSy34lnrME8XjlTqbZQ9QQ/a+62STQ7Jg8bzT1xBe9fTN7m2tVyLElfayy4eB8fXlbFjRyJiLZmzYjpSqnuTC9rEgVds2qc918HBWBX0z9vgpmaqFdU39hEs+R/F7dD0qkxpoAO4oIKiff0YUCy0Mhzw5wyGYltwQQ==</D></RSAKeyValue>", "");
//string d = dec.Decrypt("mrL+i/7qlZVgX23izK6xgZ7vZkt0WLxAO+g6XpWWIrkANzDNA7vLVHhUz65R/+9Q5M7UZNmDPHijIGwjsz7BaU9j+fiNJihlZGp5v9ah0Q/quK2ZTpiKhNovUzxZJ9GDOvHmT1j8HGzuu3EYJDc2XjFtMQ121suxzooELD0RFB4TsOvXA8c54L5d+jDhvOhyAAqg5WmioMC32rAXWHuM6ZjMgPRxjrSlBjh/69kjcwNbEY3+QtkAza6xA8oSzY8YLgAtp0M2BedzbEZnnw1Fd9qPBPY4a/7R9ytBAQ861jXwKXHZtB2tL4nxmORgNbu9iVMrbzOY8sJi2058QoyvcA==");
int numeroPeticion;
string auth_token_test = ConfigurationManager.AppSettings["auth_token_test"].ToString();
string auth_token = actionContext.Request.Headers.GetValues("auth_token").FirstOrDefault();//"byaGultH3EmlfGhc8bA/Abtb6aFv+QeV9qvRnEGyunUsyRPqJe2EbUrgsYyzFBg16mYTu5B+WjqYoZEDHAktGKOeKpzRwlq7X3CXEE8DLQoXLiaY8avpF66BFcWzWIcqU11JMaROfDp2QM9k6smaymyn5Z25NV0bQMeQ3ltxGvoDVjXurZil99aaO8O81RPaUwWZUb0y9WM82hmRhDaVWuQLXEh5//8kJYvAm84cX3QK/oP1Okx7bG2wpXHuqYD8HmBVmJD1sCpd13rLwHpv2sOwpDLtY45OiqDFRbOOw9Y3lRZqCcoD636NwR6J2aPKFCk3DZNAuET+IjO6RGl48A==";//queryStrings["auth_token"];
if (auth_token_test.Length > 0 && auth_token == auth_token_test)
{
numeroPeticion = 0;
}
else
{
RSA dec = new RSA(clsUser.ObtenerLlavePrimaria(usuario_id), "");
string decrypt = dec.Decrypt(auth_token);
bool result = Int32.TryParse(decrypt, out numeroPeticion);
if (!result)
{
throw new ArgumentException("Problema con RSA");
}
}
Cls_User user = new Cls_User();
DataRow row = user.VerificarToken(usuario_id, token, numeroPeticion);
if (Convert.ToInt32(row["valido"]) == 0)
{
throw new ArgumentException(row["mensaje"].ToString());
}
return(base.IsAuthorized(actionContext));
}
catch (Exception exc)
{
actionContext.Response = new HttpResponseMessage
{
StatusCode = HttpStatusCode.Unauthorized,
Content = new StringContent("{\"exito\":0, \"mensaje\":\"" + exc.Message + "\", \"logout\":1}", System.Text.Encoding.UTF8, "application/json")
};
int usuario_id = Convert.ToInt32(metodos.ObtieneValorDesdeToken("idUsuario", principal));
Cls_User.Logout(usuario_id);
return(false);
}
}
public void leerInformacionUsuario()
{
informacionUsuario.CargarDatos(ref auxTexto);
//MostrarTodo(miUsuarioNuevo2);
Cls_User miUsuario;
for (int index = 0; index < auxTexto.Length; index++)
{
miUsuario = new Cls_User(auxTexto[index].usuarioUser, auxTexto[index].nombreUsuario
, auxTexto[index].correoUsuario, auxTexto[index].contraseñaUsuario, auxTexto[index].tarjetaUsuario
, auxTexto[index].codigoTarUsuario, auxTexto[index].direccionUsuario, auxTexto[index].avarUsuario, auxTexto[index].idPeliculas);
//Se la informacion leida de un txt se inserta denuevo a otra lista
datoUsuario.insertarDatoUsuario(miUsuario);
}
}
public static Cls_User fct_GetByIdUser(SqlDataReader p_DataReader)
{
Cls_User v_ObjUser = new Cls_User();
while (p_DataReader.Read())
{
v_ObjUser.ID_User = Convert.ToInt32(p_DataReader["ID_user"]);
v_ObjUser.Name_User = Convert.ToString(p_DataReader["Name_User"]);
v_ObjUser.Firstname_User = Convert.ToString(p_DataReader["Firstname_User"]);
v_ObjUser.Mail_User = Convert.ToString(p_DataReader["Mail_User"]);
v_ObjUser.Age_User = Convert.ToInt32(p_DataReader["Age_User"]);
v_ObjUser.Adress_User = Convert.ToString(p_DataReader["Adress_User"]);
v_ObjUser.Tel_User = Convert.ToInt32(p_DataReader["Tel_User"]);
v_ObjUser.Pword_User = Convert.ToString(p_DataReader["Pword_User"]);
}
return(v_ObjUser);
}
public static List <Cls_User> fct_getUserList(SqlDataReader p_dataReader)
{
List <Cls_User> v_listUser = new List <Cls_User>();
while (p_dataReader.Read())
{
Cls_User v_User = new Cls_User();
v_User.ID_User = Convert.ToInt32(p_dataReader["ID_User"]);
v_User.Name_User = Convert.ToString(p_dataReader["Name_User"]);
v_User.Firstname_User = Convert.ToString(p_dataReader["Firstname_User"]);
v_User.Mail_User = Convert.ToString(p_dataReader["Mail_User"]);
v_User.Age_User = Convert.ToInt32(p_dataReader["Age_User"]);
v_User.Adress_User = Convert.ToString(p_dataReader["Adress_User"]);
v_User.Tel_User = Convert.ToInt32(p_dataReader["Tel_User"]);
v_User.Pword_User = Convert.ToString(p_dataReader["Pword_User"]);
v_listUser.Add(v_User);
}
return(v_listUser);
}
public HttpResponseMessage cambiarPassword(Sp c)
{
ClaimsPrincipal principal = Request.GetRequestContext().Principal as ClaimsPrincipal;
int idUsuario = Convert.ToInt32(MTDS.ObtieneValorDesdeToken("idUsuario", principal));
DataTable d;
string password = c.parametros.First()["password"].ToString();
string passwordVerifica = c.parametros.Last()["passwordConfirma"].ToString();
if (!password.Equals(passwordVerifica))
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, new { mensaje = "Las contraseñas no coinciden" }, Configuration.Formatters.JsonFormatter));
}
CONN.SetCommand(Settings._cambiarPassword);
CONN.CreateParameter("@Id_Usuario", idUsuario);
CONN.CreateParameter("@Password", password);
d = CONN.getDataTable();
Cls_User.Logout(idUsuario);
return(Request.CreateResponse(HttpStatusCode.OK, d, Configuration.Formatters.JsonFormatter));
}
public static Boolean fct_CheckUser(Cls_User p_ObjUser)
{
Boolean v_CheckOk;
if (p_ObjUser != null)
{
if (p_ObjUser.ID_User > 0)
{
v_CheckOk = true;
//Gestion d'erreur à ajouter
}
else
{
v_CheckOk = false;
}
}
else
{
v_CheckOk = false;
}
return(v_CheckOk);
}
public async Task <ActionResult> loadUser(int id)
{
User user = db.Users.Find(id);
if (user == null)
{
Error.ErrorFullNumber = "AR-Edit-082";
Error.ErrorNumber = "082";
Error.Url = "/Users/Search";
Error.ErrorName = "لا يوجد مستخدم يحمل الرقم " + id;
return(Json(Error, JsonRequestBehavior.AllowGet));
}
List <Cls_View> Cls_Views = db.UserViews.Where(a => a.UserID == id).Select(a =>
new Cls_View {
ClsView = new ClsView {
ID = a.ViewID, Name = a.View.Name
},
Role_Enter = a.Role_Enter,
Role_Save = a.Role_Save,
Role_Edit = a.Role_Edit,
Role_Delete = a.Role_Delete
}
).ToList();
Cls_User Cls_User = new Cls_User {
User = user,
Cls_Views = Cls_Views
};
var list = JsonConvert.SerializeObject(Cls_User,
Formatting.None,
new JsonSerializerSettings()
{
ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore
});
return(Content(list, "application/json"));
}
public static Cls_User fct_CheckConnectionUser(Cls_User p_ObjUser)
{
Cls_User v_ObjUser = new Cls_User();
SqlCommand v_Command = ADO_ConnSQL.fct_CommandAccess();
if (v_Command != null)
{
v_Command.CommandText = Req_User.getCheckUser(v_Command, p_ObjUser);
SqlDataReader v_DataReader = ADO_ConnSQL.fct_GetSqlDataReader(v_Command);
v_ObjUser = ADO_User.fct_GetByIdUser(v_DataReader);
Boolean v_CheckOk = ADO_User.fct_CheckUser(v_ObjUser);
ADO_ConnSQL.prc_DataReaderClose(v_DataReader, v_Command);
if (v_CheckOk)
{
return(v_ObjUser);
}
else
{
return(null);
};
}
return(v_ObjUser);
}
public async Task <ActionResult> Edit(Cls_User Cls_User)
{
if (Session["UserID"] != null)
{
decimal UserID = decimal.Parse(Session["UserID"].ToString());
UserView UserView = db.UserViews.Where(a => a.UserID == UserID && a.View.Name == "إضافة مستخدم جديد").FirstOrDefault();
if (Session["Role"].ToString() == "1" || (UserView != null && UserView.Role_Edit == true))
{
if (Cls_User != null)
{
User User = db.Users.Find(Cls_User.User.ID);
User.Username = Cls_User.User.Username;
User.Password = Cls_User.User.Password;
User.NAME = Cls_User.User.NAME;
User.ROLE = 0;
User.STOPEMP = false;
WindowsIdentity identity = HttpContext.Request.LogonUserIdentity;
List <string> computerDetails = identity.Name.Split('\\').ToList();
User.COMPUTERUSER = computerDetails[1];
User.COMPUTERNAME = computerDetails[0];
User.INDATE = DateTime.Now;
User.PROGRAMUSER = Session["Name"].ToString();
User.PROGRAMUSERID = int.Parse(Session["UserID"].ToString());
db.Entry(User).State = EntityState.Modified;
await db.SaveChangesAsync();
List <UserView> userviewslist = db.UserViews.Where(a => a.UserID == Cls_User.User.ID).ToList();
db.UserViews.RemoveRange(userviewslist);
await db.SaveChangesAsync();
if (Session["RoleName"].ToString() != "BigBoss")
{
UserAction UserAction = new UserAction
{
Userid = int.Parse(Session["UserID"].ToString()),
Viewid = Viewid,
ActionDate = DateTime.Now,
Action = ((_Action)2).ToString(),
Operation = "تعديل بيانات مستخدم يحمل الرقم : " + User.ID.ToString() + "-"
+ " واسم المستخدم : " + User.Username + "-"
+ " واسم الموظف : " + User.NAME + "."
};
db.UserActions.Add(UserAction);
await db.SaveChangesAsync();
}
foreach (Cls_View Cls_View in Cls_User.Cls_Views)
{
UserView UserViewAdd = new UserView
{
UserID = User.ID,
ViewID = Cls_View.ClsView.ID,
Role_Enter = Cls_View.Role_Enter,
Role_Save = Cls_View.Role_Save,
Role_Edit = Cls_View.Role_Edit,
Role_Delete = Cls_View.Role_Delete
};
db.UserViews.Add(UserViewAdd);
}
await db.SaveChangesAsync();
}
else
{
Error.ErrorName = "لا يمكن تعديل مستخدم وحذف كل الصلاحيات";
return(Json(Error, JsonRequestBehavior.AllowGet));
}
}
else
{
Error.ErrorFullNumber = "AR-Edit-082";
Error.ErrorNumber = "082";
Error.Url = "/Home";
Error.ErrorName = "ليس لديك صلاحية تعديل بيانات مستخدم";
return(Json(Error, JsonRequestBehavior.AllowGet));
}
Error.ErrorName = "تم تعديل بيانات المستخدم بنجاح ... جاري إعادة تحميل الصفحة";
return(Json(Error, JsonRequestBehavior.AllowGet));
}
else
{
Error.ErrorFullNumber = "AR-Logout-089";
Error.ErrorNumber = "089";
Error.Url = "/Users/Operation/" + Cls_User.User.ID.ToString();
Error.ErrorName = "تم تسجيل خروجك آلياً لانتهاء المدة المسموح بها";
return(Json(Error, JsonRequestBehavior.AllowGet));
}
}
public static string getCheckUser(SqlCommand p_Command, Cls_User p_ObjUser)
{
p_Command.CommandText = "SELECT * FROM T_User where mail_user ='******' and pword_user = '******'";
return(p_Command.CommandText);
}
