public void ClearUserToken(int userId, int sessionId)
{
using (var scope = new QPConnectionScope())
{
CommonSecurity.ClearUserToken(scope.DbConnection, userId, sessionId);
}
}
private static IEnumerable <ContentListItem> AggregatedContentListItems(Field classifier, string excludeValue, int permissionLevel)
{
var items = QPContext.EFContext.FieldSet
.Where(f => f.Id == classifier.Id)
.SelectMany(f => f.Aggregators)
.Select(a => new ContentListItem {
Id = (int)a.Content.Id, Name = a.Content.Name, SiteId = a.Content.SiteId
})
.Distinct()
.OrderBy(c => c.Name)
.ToArray();
if (!QPContext.IsAdmin && classifier.UseTypeSecurity)
{
var ids = items.Select(n => n.Id).ToArray();
var siteId = items.Select(n => (int)n.SiteId).First();
var excludeId = Converter.ToInt32(excludeValue, 0);
using (var scope = new QPConnectionScope())
{
var result = CommonSecurity.CheckContentSecurity(scope.DbConnection, siteId, ids, QPContext.CurrentUserId, permissionLevel);
items = items.Where(n => result[n.Id] || n.Id == excludeId).ToArray();
}
}
return(items);
}
/// <summary>
/// Добавляет новый сайт
/// </summary>
/// <param name="site">информация о сайте</param>
/// <returns>информация о сайте</returns>
internal static Site Save(Site site)
{
using (var scope = new QPConnectionScope())
{
if (QPContext.DatabaseType == DatabaseType.SqlServer)
{
ChangeInsertAccessTriggerState(false);
ChangeInsertDefaultTriggerState(false);
DefaultRepository.TurnIdentityInsertOn(EntityTypeCode.Site, site);
}
var fieldValues = site.QpPluginFieldValues;
var result = DefaultRepository.Save <Site, SiteDAL>(site);
CommonSecurity.CreateSiteAccess(scope.DbConnection, result.Id);
CreateDefaultStatuses(result);
CreateDefaultNotificationTemplate(result);
CreateDefaultGroup(result);
UpdatePluginValues(fieldValues, result.Id);
if (QPContext.DatabaseType == DatabaseType.SqlServer)
{
DefaultRepository.TurnIdentityInsertOff(EntityTypeCode.Site);
ChangeInsertAccessTriggerState(true);
ChangeInsertDefaultTriggerState(true);
}
return(result);
}
}
internal static bool IsEntityAccessibleForUserGroup(string entityTypeCode, int entityId, string actionTypeCode, int userGroupId)
{
using (new QPConnectionScope())
{
var requiredPermissionLevel = GetRequiredPermissionLevel(actionTypeCode);
var actualLevel = CommonSecurity.GetEntityAccessLevel(QPConnectionScope.Current.DbConnection, QPContext.EFContext, 0, userGroupId, entityTypeCode, entityId);
return(actualLevel >= requiredPermissionLevel);
}
}
internal static Workflow SaveProperties(Workflow workflow)
{
using (new QPConnectionScope())
{
var entities = QPContext.EFContext;
UpdateRuleOrder(workflow);
var forceIds = workflow.ForceRulesIds == null ? null : new Queue <int>(workflow.ForceRulesIds);
workflow.LastModifiedBy = QPContext.CurrentUserId;
workflow.Created = Common.GetSqlDate(QPConnectionScope.Current.DbConnection);
workflow.Modified = workflow.Created;
if (workflow.ForceId > 0)
{
workflow.Id = workflow.ForceId;
}
var dal = MapperFacade.WorkflowMapper.GetDalObject(workflow);
entities.Entry(dal).State = EntityState.Added;
if (QPContext.DatabaseType == DatabaseType.SqlServer)
{
DefaultRepository.TurnIdentityInsertOn(EntityTypeCode.Workflow, workflow);
ChangeInsertAccessTriggerState(false);
}
entities.SaveChanges();
workflow.Id = (int)dal.Id;
CommonSecurity.CreateWorkflowAccess(QPConnectionScope.Current.DbConnection, workflow.Id);
if (QPContext.DatabaseType == DatabaseType.SqlServer)
{
DefaultRepository.TurnIdentityInsertOff(EntityTypeCode.Workflow);
ChangeInsertAccessTriggerState(true);
}
foreach (var rule in workflow.WorkflowRules)
{
rule.WorkflowId = workflow.Id;
if (forceIds != null)
{
rule.Id = forceIds.Dequeue();
}
var dalRule = MapperFacade.WorkFlowRuleMapper.GetDalObject(rule);
entities.Entry(dalRule).State = EntityState.Added;
}
DefaultRepository.TurnIdentityInsertOn(EntityTypeCode.WorkflowRule);
entities.SaveChanges();
DefaultRepository.TurnIdentityInsertOff(EntityTypeCode.WorkflowRule);
return(MapperFacade.WorkflowMapper.GetBizObject(dal));
}
}
/// <summary>
/// Возвращает список статусов действий
/// </summary>
internal static IEnumerable <BackendActionStatus> GetStatusesList(string menuCode, int entityId)
{
using (var scope = new QPConnectionScope())
{
return(MapperFacade.BackendActionStatusMapper.GetBizList(
CommonSecurity.GetMenuStatusList(
scope.DbConnection, QPContext.EFContext, QPContext.CurrentUserId, QPContext.IsAdmin,
menuCode, entityId
).ToList()));
}
}
protected void Login1_LoggingIn(object sender, LoginCancelEventArgs e)
{
string passwordTemp = CommonSecurity.SHA1MD5MD5(Login1.Password);
using (Entity entity = new Entity())
{
User user = entity.User
.Where(o => o.Tel == Login1.UserName && o.PassWord == passwordTemp && (o.Type & 8) > 0 && o.State == 1).FirstOrDefault();
if (user == null)
{
Server.Transfer("default.aspx?login=error");
}
else
{
Session["userID"] = user.UserID;
Server.Transfer("main.aspx");
}
}
}
internal static IEnumerable <BackendActionStatus> GetStatusesList(string actionCode, int entityId)
{
using (var scope = new QPConnectionScope())
{
var userId = QPContext.CurrentUserId;
var action = BackendActionCache.Actions.FirstOrDefault(x => x.Code == actionCode);
if (action == null)
{
throw new ApplicationException(string.Format(CustomActionStrings.ActionNotFoundByCode, actionCode));
}
var actionId = action.Id;
var entityCode = EntityTypeRepository.GetById(action.EntityTypeId)?.Code;
var statusesList = MapperFacade.BackendActionStatusMapper.GetBizList(
CommonSecurity.GetActionStatusList(
QPContext.EFContext,
scope.DbConnection,
userId, actionCode, actionId, entityId, entityCode,
QPContext.IsAdmin
).ToList()
);
return(statusesList);
}
}
protected void DetailsView1_ItemInserting(object sender, DetailsViewInsertEventArgs e)
{
try
{
var user = new User();
var file_url = (HtmlInputHidden)DetailsView1.FindControl("file_url");
if (!string.IsNullOrEmpty(file_url.Value))
{
var img_url = (HtmlImage)DetailsView1.FindControl("img_url");
img_url.Src = ConfigurationManager.AppSettings["UploadUrl"] + file_url.Value;
user.HeadPortrait = file_url.Value;
}
if (e.Values["Tel"] == null)
{
throw new Exception("用户电话不能为空");
}
if (e.Values["PassWord"] == null)
{
throw new Exception("密码不能为空");
}
user.Tel = (e.Values["Tel"]).ToString().Trim();
user.PassWord = CommonSecurity.SHA1MD5MD5((e.Values["PassWord"]).ToString().Trim());
string pattern = @"^(0|86|17951)?(1[234578])[0-9]{9}$";
Regex rgx = new Regex(pattern);
if (!rgx.IsMatch(user.Tel))
{
throw new Exception("电话号不正确");
}
if (user.PassWord.Length < 6)
{
throw new Exception("密码长度不能小于6");
}
if (e.Values["NickName"] == null)
{
user.NickName = "分享玩家";
}
else
{
user.NickName = (e.Values["NickName"]).ToString().Trim();
}
user.Gender = ((RadioButtonList)DetailsView1.FindControl("RadioButtonList_Gender")).SelectedValue;
user.Married = ((RadioButtonList)DetailsView1.FindControl("RadioButtonList_Married")).SelectedValue;
var CheckBoxList_Type = ((CheckBoxList)DetailsView1.FindControl("CheckBoxList_Type"));
if (CheckBoxList_Type.Items[0].Selected)
{
user.Type = user.Type | 1;
}
if (CheckBoxList_Type.Items[1].Selected)
{
user.Type = user.Type | 2;
}
if (CheckBoxList_Type.Items[2].Selected)
{
user.Type = user.Type | 4;
}
if (CheckBoxList_Type.Items[3].Selected)
{
user.Type = user.Type | 8;
}
user.State = Convert.ToInt32(((RadioButtonList)DetailsView1.FindControl("RadioButtonList_State")).SelectedValue);
user.CreatTime = DateTime.Now;
user.UpdateTime = DateTime.Now;
user.UserExtend = new UserExtend();
if (e.Values["UserExtend.ExperienceLevel"] != null)
{
int temp;
if (!int.TryParse(e.Values["UserExtend.ExperienceLevel"].ToString(), out temp))
{
throw new Exception("经验等级必须是整数");
}
if (temp == 0)
{
temp = 1;
}
user.UserExtend.ExperienceLevel = temp;
}
using (Entity entity = new Entity())
{
ExperienceLevel experienceLevel = entity.ExperienceLevel.Where(o => o.ExperienceLevelValue == user.UserExtend.ExperienceLevel).FirstOrDefault();
if (experienceLevel == null)
{
throw new Exception("经验等级和等级不对应");
}
user.UserExtend.ExperienceValue = experienceLevel.ExperienceValueMin;
if (user.Gender == "男")
{
user.UserExtend.ExperienceName = experienceLevel.NameMan;
}
else
{
user.UserExtend.ExperienceName = experienceLevel.NameWoman;
}
user.InitBeforeSave();
user.SetCounterfeit();
entity.User.Add(user);
entity.SaveChanges();
}
Response.Redirect("UserDetail.aspx?userID=" + user.UserID);
}
catch (Exception exception)
{
string error = exception.GetErrorMessage().Replace("'", "\\'").Replace("\"", "\\\"").Replace("\r\n", "\\r\\n");
ClientScript.RegisterStartupScript(ClientScript.GetType(), "myscript", string.Format("<script>alert('{0}')</script>", error));
}
}
