protected void OnSelectedDashboardChanged()
{
Dashboard d = new Dashboard();
d.LoadFromXml(SelectedDashboard);
var message = new DashboardMessage(d, DashboardMessageType.View);
Messenger.Default.Send<DashboardMessage>(message);
}
public void SaveDashboard()
{
// let's tell everyone we want to save this dashboard
var message = new DashboardMessage(Dashboard, DashboardMessageType.Save);
Messenger.Default.Send <DashboardMessage>(message);
}
private void OnDashboardMessage(DashboardMessage message)
{
if (message.MessageType == DashboardMessageType.Refresh)
{
PopulateTree();
}
}
protected void ButtonCreate_Click(object sender, EventArgs e)
{
ParticipantTitle applicantLabel = (ParticipantTitle)(Enum.Parse(typeof(ParticipantTitle), this.DropApplicantLabel.SelectedValue));
ParticipantTitle activistLabel = (ParticipantTitle)(Enum.Parse(typeof(ParticipantTitle), this.DropActivistLabel.SelectedValue));
ParticipantTitle peopleLabel =
(ParticipantTitle)(Enum.Parse(typeof(ParticipantTitle), this.DropPersonLabel.SelectedValue));
string asRoot = this.DropCreateChild.SelectedValue;
string currencyCode = this.DropCurrencies.SelectedValue;
string newOrgName = this.TextOrganizationName.Text;
if (string.IsNullOrEmpty(newOrgName))
{
throw new ArgumentException("Organization name can't be empty");
}
if (activistLabel == ParticipantTitle.Unknown || peopleLabel == ParticipantTitle.Unknown || asRoot == "0" || currencyCode == "0")
{
throw new ArgumentException("Necessary argument was not supplied (did client-side validation run?)");
}
Currency newOrgCurrency = Currency.FromCode(currencyCode);
Organization parent = CurrentOrganization;
if (asRoot == "Root")
{
parent = null;
}
Organization newOrganization = Organization.Create(parent == null ? 0 : parent.Identity, newOrgName,
newOrgName, newOrgName, string.Empty, newOrgName, Geography.RootIdentity, true, true, 0);
newOrganization.EnableEconomy(newOrgCurrency);
newOrganization.ApplicantLabel = applicantLabel;
newOrganization.RegularLabel = peopleLabel;
newOrganization.ActivistLabel = activistLabel;
PositionTitle titleType =
(PositionTitle)(Enum.Parse(typeof(PositionTitle), this.DropPositionLabel.SelectedValue));
Positions.CreateOrganizationDefaultPositions(newOrganization, titleType);
Participation.Create(CurrentUser, newOrganization, Constants.DateTimeHigh);
Positions.ForOrganization(newOrganization).AtLevel(PositionLevel.OrganizationExecutive)[0].Assign(
CurrentUser, null /* assignedby */, null /* assigned by position */, "Initial executive", null
/* expires */);
string successMessage = String.Format(Resources.Pages.Admin.CreateOrganization_Success,
Participant.Localized(peopleLabel, TitleVariant.Ship));
DashboardMessage.Set(successMessage);
// Log in to new organization, then redirect to Edit
Response.Redirect(
"/Pages/v5/Security/SetCurrentOrganization.aspx?OrganizationId=" +
newOrganization.Identity.ToString(CultureInfo.InvariantCulture) +
"&ReturnUrl=/Admin/OrgSettings", true);
}
protected void Page_Load(object sender, EventArgs e)
{
// Check if this is the first run ever. If so, redirect to Init.
if (!SwarmDb.Configuration.IsConfigured())
{
Response.Redirect("/Pages/v5/Init/", true);
return;
}
// If this is the Dev Sandbox, autologin
if (Request.Url.Host == "dev.swarmops.com" &&
PilotInstallationIds.IsPilot(PilotInstallationIds.DevelopmentSandbox))
{
DashboardMessage.Set("<p>You have been logged on as <strong>Sandbox Administrator</strong> to the Swarmops Development Sandbox.</p><br/><p>This machine runs the latest development build, so you may run into diagnostic code and half-finished features. All data here is bogus test data and is reset every night.</p><br/><p><strong>In other words, welcome, and play away!</strong></p><br/><br/>");
FormsAuthentication.RedirectFromLoginPage("1,1", true);
}
// THE DAMN BITID NEEDS TO GO INTO ANDROID WALLET SO WE CAN STREAMLINE AND REWRITE THIS POS
this.LabelLoginFailed.Visible = false;
this.TextLogin.Focus();
// Check for SSL and force it
// Special case for CloudFlare deployments - there is a case where somebody will get their connections de-SSLed at the server
string cloudFlareVisitorScheme = Request.Headers["CF-Visitor"];
bool cloudFlareSsl = false;
if (!string.IsNullOrEmpty(cloudFlareVisitorScheme))
{
if (cloudFlareVisitorScheme.Contains("\"scheme\":\"https\""))
{
cloudFlareSsl = true;
}
}
// TODO: Same thing for Pound deployments
// Rewrite if applicable
if (Request.Url.ToString().StartsWith("http://") && !cloudFlareSsl)
// only check client-side as many server sites de-SSL the connection before reaching the web server
{
if (!Request.Url.ToString().StartsWith("http://dev.swarmops.com/") &&
!Request.Url.ToString().StartsWith("http://localhost:") &&
!Request.Url.ToString().StartsWith("http://swarmops-"))
{
Response.Redirect(Request.Url.ToString().Replace("http:", "https:"));
}
}
}
protected void OnSelectedDashboardChanged()
{
Dashboard d = new Dashboard();
d.LoadFromXml(SelectedDashboard);
var message = new DashboardMessage(d, DashboardMessageType.View);
Messenger.Default.Send <DashboardMessage>(message);
}
void _tree_DoubleClick(object sender, EventArgs e)
{
if (_tree.Selection.Count > 0 && _tree.Selection[0].Tag.ToString().EndsWith(".xml"))
{
var viewModel = ViewModel.ParentViewModel;
viewModel.CurrentDashboard = _tree.Selection[0].Tag.ToString();
Messenger.Default.Send <DashboardMessage>(DashboardMessage.View());
}
}
protected void ButtonRequest_Click(object sender, EventArgs e)
{
// The data has been validated client-side already. We'll throw unfriendly exceptions if invalid data is passed here.
Int64 amountCents = this.TextAmount.Cents;
string description = this.TextPurpose.Text;
FinancialAccount budget = FinancialAccount.FromIdentity(Int32.Parse(Request.Form["DropBudgets"]));
// sanity check
if (budget.Organization.Identity != CurrentOrganization.Identity)
{
throw new InvalidOperationException("Budget-organization mismatch; won't file cash advance");
}
// Store bank details for current user
CurrentUser.BankName = this.TextBank.Text;
CurrentUser.BankClearing = this.TextClearing.Text;
CurrentUser.BankAccount = this.TextAccount.Text;
// Create cash advance
CashAdvance cashAdvance = CashAdvance.Create(CurrentOrganization, CurrentUser, CurrentUser, amountCents,
budget,
description);
// Create success message
string successMessage = string.Format(Resources.Pages.Financial.RequestCashAdvance_SuccessMessagePartOne,
HttpUtility.HtmlEncode(CurrentUser.Name),
HttpUtility.HtmlEncode(description), CurrentOrganization.Currency.Code,
amountCents / 100.0);
if (budget.OwnerPersonId != CurrentUser.Identity)
{
successMessage += "<br/><br/>" + Resources.Pages.Financial.RequestCashAdvance_SuccessMessagePartTwo +
"<br/>";
}
else
{
successMessage += "<br/><br/>" +
Resources.Pages.Financial.RequestCashAdvance_SuccessMessagePartTwoOwnBudget +
"<br/>";
cashAdvance.Attest(CurrentUser);
}
DashboardMessage.Set(successMessage);
// Redirect to dashboard
Response.Redirect("/", true);
}
private void OnDashboardMessage(DashboardMessage message)
{
if (message.MessageType == DashboardMessageType.View)
{
BindDashboard();
}
else if (message.MessageType == DashboardMessageType.Save)
{
ViewModel.Save(message.Dashboard);
}
}
private void OnDashboardMessage(DashboardMessage message)
{
// make sure there is data
if (ViewModel.Orders == null || ViewModel.Orders.Count() == 0)
ViewModel.RefreshData();
switch (message.MessageType)
{
case DashboardMessageType.View:
View(message.Dashboard);
break;
case DashboardMessageType.Save:
Save(message.Dashboard);
break;
case DashboardMessageType.Refresh:
// nothing to do here
break;
}
}
private void OnDashboardMessage(DashboardMessage message)
{
// make sure there is data
if (ViewModel.Orders == null || ViewModel.Orders.Count() == 0)
{
ViewModel.RefreshData();
}
switch (message.MessageType)
{
case DashboardMessageType.View:
View(message.Dashboard);
break;
case DashboardMessageType.Save:
Save(message.Dashboard);
break;
case DashboardMessageType.Refresh:
// nothing to do here
break;
}
}
public static bool PerformReset(string mailAddress, string ticket, string newPassword)
{
People people = People.FromMail(mailAddress.Trim());
if (people.Count != 1)
{
return(false);
}
Person resetPerson = people[0];
string[] resetData = resetPerson.ResetPasswordTicket.Split(',');
if (resetData.Length != 2)
{
return(false); // invalid data or no ticket
}
// This may throw on invalid data, which will give a slightly different error but that's fine too for now.
DateTime ticketExpiresUtc = DateTime.Parse(resetData[0]);
if (DateTime.UtcNow > ticketExpiresUtc)
{
// Ticket expired.
return(false);
}
if (ticket != resetData[1])
{
// Bad ticket.
return(false);
}
// When we get here, all checks to reset the password have completed. Change the password, log the change,
// notify the user that the password was changed, set a new authentication cookie, and have the web page
// redirect to Dashboard (by returning true).
// Clear password reset ticket
resetPerson.ResetPasswordTicket = string.Empty;
// Create lockdown code, notify
string lockdownTicket = SupportFunctions.GenerateSecureRandomKey(16);
OutboundComm.CreateSecurityNotification(resetPerson, null, null, lockdownTicket,
NotificationResource.Password_Changed);
resetPerson.AccountLockdownTicket = DateTime.UtcNow.AddDays(1).ToString(CultureInfo.InvariantCulture) + "," +
lockdownTicket;
// Set new password
resetPerson.SetPassword(newPassword);
// Log the password reset
SwarmopsLog.CreateEntry(resetPerson,
new PasswordResetLogEntry(resetPerson, SupportFunctions.GetRemoteIPAddressChain()));
// Set authentication cookies
int lastOrgId = resetPerson.LastLogonOrganizationId;
if (lastOrgId == 0)
{
lastOrgId = Organization.SandboxIdentity;
}
if (!resetPerson.ParticipatesInOrganizationOrParent(lastOrgId))
{
// If the person doesn't have access to the last organization (anymore), log on to Sandbox
lastOrgId = 1;
}
// Set cookies
FormsAuthentication.SetAuthCookie(Authority.FromLogin(resetPerson).ToEncryptedXml(), true);
DashboardMessage.Set(Resources.Pages.Security.ResetPassword_Success);
return(true); // temp
// do NOT NOT NOT trim password - this is deliberate. Passwords starting/ending in whitespace must be possible
}
protected void ButtonRequest_Click(object sender, EventArgs e)
{
// The data has been validated client-side already. We'll throw unfriendly exceptions if invalid data is passed here.
// People who choose to disable JavaScript and then submit bad input almost deserve to be hurt.
Int64 amountCents = this.CurrencyAmount.Cents;
string description = this.TextPurpose.Text;
FinancialAccount budget = FinancialAccount.FromIdentity(Int32.Parse(Request.Form["DropBudgets"]));
// sanity check
if (budget.Organization.Identity != CurrentOrganization.Identity)
{
throw new InvalidOperationException("Budget-organization mismatch; won't file expense claim");
}
// Store bank details for current user
CurrentUser.BankName = this.TextBank.Text;
CurrentUser.BankClearing = this.TextClearing.Text;
CurrentUser.BankAccount = this.TextAccount.Text;
// Get documents; check that documents have been uploaded
Documents documents = Documents.RecentFromDescription(this.FileUpload.GuidString);
if (documents.Count == 0)
{
throw new InvalidOperationException("No documents uploaded");
}
ExpenseClaim claim = ExpenseClaim.Create(CurrentUser, CurrentOrganization, budget, DateTime.UtcNow,
description, amountCents);
foreach (int tagSetId in this._tagSetIds)
{
string selectedTagString =
Request.Form["DropTags" + tagSetId.ToString(CultureInfo.InvariantCulture)];
if (!String.IsNullOrEmpty(selectedTagString))
{
int selectedTagType = Int32.Parse(selectedTagString);
if (selectedTagType != 0)
{
claim.FinancialTransaction.CreateTag(
FinancialTransactionTagType.FromIdentity(selectedTagType),
CurrentUser);
}
}
}
documents.SetForeignObjectForAll(claim);
string successMessage = string.Format(Resources.Pages.Financial.FileExpenseClaim_SuccessMessagePartOne,
CurrentOrganization.Currency.Code,
amountCents / 100.0,
budget.Name);
if (budget.OwnerPersonId != CurrentUser.Identity)
{
successMessage += "<br/><br/>" + Resources.Pages.Financial.FileExpenseClaim_SuccessMessagePartTwo +
"<br/>";
}
else
{
successMessage += "<br/><br/>" +
Resources.Pages.Financial.FileExpenseClaim_SuccessMessagePartTwoOwnBudget +
"<br/>";
claim.Attest(CurrentUser);
}
DashboardMessage.Set(successMessage);
// Redirect to dashboard
Response.Redirect("/", true);
}
private void OnDashboardMessage(DashboardMessage message)
{
// refresh tree
if (message.MessageType == DashboardMessageType.Refresh)
PopulateTree();
}
private void Save(Dashboard dashboard)
{
ViewModel.Save(dashboard);
View(dashboard);
Messenger.Default.Send <DashboardMessage>(DashboardMessage.Refresh());
}
protected void Page_Load(object sender, EventArgs e)
{
// Check if this is the first run ever. If so, redirect to Init.
if (!SupportFunctions.DatabaseConfigured)
{
// ReSharper disable once Html.PathError <-- this line is required for Resharper to not flag the next line as invalid
Response.Redirect("/Initialize", true);
return;
}
// Persistence.Key["Debug_RawData"] = Request.ToRaw();
// Check for POST data - for BitId via Webform
if (Request.HttpMethod == "POST")
{
// We should ONLY get here if we're getting a BitId by Webform submission.
// Persistence.Key["BitId_RawData"] = Request.ToRaw();
if (Request.Params["address"] != null)
{
// yes, indeed looks like it
BitIdCredentials credentials = new BitIdCredentials
{
address = Request.Params["address"],
uri = Request.Params["uri"],
signature = Request.Params["signature"]
};
ProcessRespondBitId(credentials, Response);
return;
}
if (Request.ContentType == "application/json")
{
BitIdCredentials credentials =
new JavaScriptSerializer().Deserialize <BitIdCredentials> (
new StreamReader(Request.InputStream).ReadToEnd());
// TODO: untested but seems to work. Throws?
ProcessRespondBitId(credentials, Response);
return;
}
}
string requestHost = Request.Url.Host;
// If this is the Dev Sandbox, autologin
if ((requestHost == "sandbox.swarmops.com" || requestHost == "dev.swarmops.com") &&
PilotInstallationIds.IsPilot(PilotInstallationIds.DevelopmentSandbox) &&
Request.QueryString["SuppressAutologin"] != "true")
{
DashboardMessage.Set("<p>You have been logged on as <strong>Sandbox Administrator</strong> to the Swarmops Development Sandbox.</p><br/><p>This machine runs the latest development build, so you may run into diagnostic code and half-finished features. All data here is bogus test data and is reset every night.</p><br/><p><strong>In other words, welcome, and play away!</strong></p>");
FormsAuthentication.SetAuthCookie(Authority.FromLogin(Person.FromIdentity(1), Organization.Sandbox).ToEncryptedXml(), true);
Response.Redirect(HttpContext.Current.Request ["ReturnUrl"]); // Returns to the requested URL with auth cookie set
}
// If we're on an Open Ledgers domain, autologin as Open Ledgers
Organization organizationOpenLedgers = Organization.FromOpenLedgersDomain(requestHost); // returns null if doesn't exist
if (organizationOpenLedgers != null)
{
DashboardMessage.Set(String.Format(Resources.Pages.Security.Login_AsOpenLedgers, organizationOpenLedgers.Name));
FormsAuthentication.SetAuthCookie(Authority.FromLogin(Person.FromIdentity(Person.OpenLedgersIdentity), organizationOpenLedgers).ToEncryptedXml(), true);
if (HttpContext.Current.Request["ReturnUrl"] == "/")
{
Response.Redirect(@"/Ledgers/Balance");
}
else
{
Response.Redirect(HttpContext.Current.Request["ReturnUrl"]); // Returns to the requested URL with auth cookie set
}
}
// Check for SSL and force it
// Special case for CloudFlare deployments - there is a case where somebody will get their connections de-SSLed at the server
string cloudFlareVisitorScheme = Request.Headers["CF-Visitor"];
bool cloudFlareSsl = false;
if (!string.IsNullOrEmpty(cloudFlareVisitorScheme))
{
if (cloudFlareVisitorScheme.Contains("\"scheme\":\"https\""))
{
cloudFlareSsl = true;
}
}
// TODO: Same thing for Pound/HAProxy deployments
// Rewrite if applicable
if (Request.Url.ToString().StartsWith("http://") && !cloudFlareSsl)
// only check client-side as many server sites de-SSL the connection before reaching the web server
{
if (!Request.Url.ToString().StartsWith("http://dev.swarmops.com/") &&
!(Request.Url.ToString().StartsWith("http://*****:*****@"//" + vanityOrganization.VanityDomain + @"/Signup";
// this.LabelSelfSignup.Text = String.Format (Resources.Pages.Security.Login_SelfSignup, vanityOrganization.Name);
// this.LabelSelfSignupHeader.Text = Resources.Pages.Security.Login_SelfSignupHeader;
// this.PanelJoin.Visible = true;
}
// If we're debugging, enable the auto- / impersonation login. This MUST NEVER fire outside of development environment.
if (Debugger.IsAttached && Path.DirectorySeparatorChar == '\\')
// on Windows, with a debugger attached, so this is not a production environment
{
// but check that we're running against Localhost as well
if (Request.Url.ToString().StartsWith("http://localhost:"))
{
this.PanelCheat.Visible = true;
}
}
// this.ImageCultureIndicator.Style[HtmlTextWriterStyle.MarginTop] = "-3px";
// this.ImageCultureIndicator.Style[HtmlTextWriterStyle.MarginRight] = "3px";
// this.ImageCultureIndicator.Style[HtmlTextWriterStyle.Cursor] = "pointer";
_cacheVersionMark = Logic.Support.Formatting.SwarmopsVersion;
if (_cacheVersionMark.StartsWith("Debug"))
{
_cacheVersionMark = DateTime.UtcNow.ToString("yyyy-MM-dd HH:mm:ss.ffff");
}
_cacheVersionMark = SHA1.Hash(_cacheVersionMark).Replace(" ", "").Substring(0, 8);
Localize();
// Generate BitID tokens
Guid guid = Guid.NewGuid();
string guidString = guid.ToString().Replace("-", "");
string nonce = guidString + DateTime.UtcNow.Ticks.ToString("x8");
string hostName = Request.Url.Host;
string bitIdUri = "bitid://" + hostName + "/Security/Login.aspx/BitIdLogin?x=" + nonce;
/* -- commented out: NEVER permit BitId over non-SSL
* if (Request.Url.ToString().StartsWith ("http://") && !cloudFlareSsl)
* {
* bitIdUri += "&u=1";
* }*/
this.LiteralUri.Text = HttpUtility.UrlEncode(bitIdUri);
this.LiteralNonce.Text = nonce;
GuidCache.Set(bitIdUri + "-Logon", "Unauth");
// TODO: need to NOT USE GOOGLE CHARTS for this but bring home a free QR package
this.ImageBitIdQr.ImageUrl =
"https://chart.googleapis.com/chart?cht=qr&chs=400x400&chl=" + HttpUtility.UrlEncode(bitIdUri);
}
protected void Page_Load(object sender, EventArgs e)
{
// Event subscriptions
// Titles and other page elements
Page.Title = @"Swarmops - " + CurrentOrganization.NameShort + @" - " + CurrentPageTitle;
this.ExternalScriptEasyUI.Controls = EasyUIControlsUsed.ToString();
this.IncludedScripts.Controls = IncludedControlsUsed.ToString();
this.LiteralSidebarInfo.Text = CurrentPageInfoBoxLiteral;
// Set logo image. If there is no logo image, use text.
if (CurrentOrganization.Identity == Organization.SandboxIdentity)
{
this.ImageLogo.ImageUrl = "~/Images/Other/swarmops-sandbox-logo--istockphoto.png";
this.ImageLogo.Visible = true;
this.LabelOrganizationName.Visible = false;
}
else
{
Document logoLandscapeDoc = CurrentOrganization.LogoLandscape;
if (logoLandscapeDoc == null)
{
this.ImageLogo.ImageUrl = "~/Images/Other/blank-logo-640x360.png";
}
else
{
this.ImageLogo.ImageUrl = "~/Support/StreamUpload.aspx?DocId=" +
logoLandscapeDoc.Identity.ToString(CultureInfo.InvariantCulture);
}
}
// Check for SSL and force it
// Special case for CloudFlare deployments - there is a case where somebody will get their connections de-SSLed at the server
string cloudFlareVisitorScheme = Request.Headers["CF-Visitor"];
bool cloudFlareSsl = false;
if (!string.IsNullOrEmpty(cloudFlareVisitorScheme))
{
if (cloudFlareVisitorScheme.Contains("\"scheme\":\"https\""))
{
cloudFlareSsl = true;
}
}
// TODO: Same thing for Pound deployments
// Rewrite if applicable
if (Request.Url.ToString().StartsWith("http://") && !cloudFlareSsl && CurrentUser.Identity > 0)
// only check client-side as many server sites de-SSL the connection before reaching the web server
{
if (!Request.Url.ToString().StartsWith("http://dev.swarmops.com/") &&
!Request.Url.ToString().StartsWith("http://sandbox.swarmops.com/") &&
!Request.Url.ToString().StartsWith("http://*****:*****@"$('div#divDashboardTodo').hide();";
}
// Set up main menu
SetupMenuItems();
this.ImageCultureIndicator.Style[HtmlTextWriterStyle.MarginTop] = "-3px";
this.ImageCultureIndicator.Style[HtmlTextWriterStyle.MarginRight] = "3px";
this.ImageCultureIndicator.Style[HtmlTextWriterStyle.Cursor] = "pointer";
this.ImageCultureIndicator.Style[HtmlTextWriterStyle.Height] = "25px";
SetupDropboxes();
// Check for message to display
HttpCookie dashMessage = Request.Cookies["DashboardMessage"];
if (dashMessage != null && dashMessage.Value.Length > 0)
{
this.LiteralDocumentReadyHook.Text +=
string.Format("alertify.alert(SwarmopsJS.unescape('{0}'));", dashMessage.Value);
DashboardMessage.Reset();
}
else
{
this.LiteralDocumentReadyHook.Text = string.Empty;
}
// Enable support for RTL languages
if (Thread.CurrentThread.CurrentCulture.TextInfo.IsRightToLeft)
{
this.LiteralBodyAttributes.Text = @"dir='rtl' class='right-to-left'";
}
// If we're running as an open-something identity, remove the Preferences div
if (CurrentUser.Identity < 0)
{
this.LiteralDocumentReadyHook.Text += @" $('#divUserPreferences').hide();";
}
}
public void SaveDashboard()
{
// let's tell everyone we want to save this dashboard
var message = new DashboardMessage(Dashboard, DashboardMessageType.Save);
Messenger.Default.Send<DashboardMessage>(message);
}
