public bool AccessCheckWithArg(string audit, Operations op,
                                       WindowsIdentity clientIdentity,
                                       string argName, object argValue)
        {
            try {
                // first step is to create an AzMan context for the client
                // this looks at the security identifiers (SIDs) in the user's
                // access token and maps them onto AzMan roles, tasks, and operations
                IAzClientContext ctx = app.InitializeClientContextFromToken(
                    (ulong)clientIdentity.Token.ToInt64(), null);

                // next step is to see if this user is authorized for
                // the requested operation. Note that AccessCheck allows
                // you to check multiple operations at once if you desire
                object[] scopes     = { "" };
                object[] operations = { (int)op };
                object[] argNames   = { argName };
                object[] argValues  = { argValue };
                object[] results    = (object[])ctx.AccessCheck(audit, scopes, operations,
                                                                argNames, argValues,
                                                                null, null, null);
                int result = (int)results[0];
                return(0 == result);
            }
            catch (COMException x) {
                throw new AzManException("AccessCheckWithArg failed", x);
            }
        }
Esempio n. 2
0
        private bool AzManTestCheckAccess()
        {
            WindowsIdentity identity        = WindowsIdentity.GetCurrent();
            string          applicationName = "Application Test";

            string[]                  operations             = new string[] { this.txtOperation.Text };
            HybridDictionary          businessRuleParameters = new HybridDictionary();
            AzAuthorizationStoreClass store = new AzAuthorizationStoreClass();

            store.Initialize(0, AzManStorePath, null);
            IAzApplication   azApp     = store.OpenApplication(applicationName, null);
            IAzClientContext clientCtx = azApp.InitializeClientContextFromToken((UInt64)identity.Token, null);

            // costruisce il vettore dei valori e dei delle regole di business
            Object[] names        = new Object[0];
            Object[] values       = new Object[0];
            Object[] operationIds = new Object[operations.Length];
            for (Int32 index = 0; index < operations.Length; index++)
            {
                operationIds[index] = azApp.OpenOperation(operations[index], null).OperationID;
            }
            Object[] internalScopes = new Object[1];
            Object[] result         = (Object[])clientCtx.AccessCheck("AuditString", internalScopes, operationIds, names, values, null, null, null);
            foreach (Int32 accessAllowed in result)
            {
                if (accessAllowed != 0)
                {
                    return(false);
                }
            }
            return(true);
        }
        /// <devdoc>
        /// Checks access to specified a set of tasks in a specified application in a specified scope.
        /// </devdoc>
        private bool CheckAccessTasks(string auditIdentifier, WindowsIdentity identity, string[] tasks)
        {
            string[] scopes = new string[] { this.scopeName };

            IAzApplication azApp = null;

            try
            {
                IAzClientContext clientCtx    = GetClientContext(identity, this.applicationName, out azApp);
                object[]         operationIds = GetTaskOperations(azApp, tasks);

                object[] internalScopes = null;
                if (scopes != null)
                {
                    internalScopes    = new object[1];
                    internalScopes[0] = scopes[0];
                }

                object[] result = (object[])clientCtx.AccessCheck(auditIdentifier,
                                                                  internalScopes, operationIds, null, null, null, null, null);
                foreach (int accessAllowed in result)
                {
                    if (accessAllowed != 0)
                    {
                        return(false);
                    }
                }
            }
            catch (COMException comEx)
            {
                throw new SecurityException(comEx.Message, comEx);
            }
            return(true);
        }
        /// <devdoc>
        /// Gets the client context for the call based on the identity, system and parameters.
        /// </devdoc>
        private IAzClientContext GetClientContext(WindowsIdentity identity, String applicationName, out IAzApplication azApp)
        {
            lock (contextLock)
            {
                AzAuthorizationStoreClass store = new AzAuthorizationStoreClass();
                store.Initialize(0, this.storeLocation, null);
                azApp = store.OpenApplication(applicationName, null);
            }

            ulong            tokenHandle = (ulong)identity.Token.ToInt64();
            IAzClientContext clientCtx   = azApp.InitializeClientContextFromToken(tokenHandle, null);

            return(clientCtx);
        }
Esempio n. 5
0
        /// <devdoc>
        /// Gets the client context for the call based on the identity, system and parameters.
        /// </devdoc>
        private IAzClientContext GetClientContext(AzManAuthorizationProviderData data, IIdentity identity, String applicationName, out IAzApplication azApp)
        {
            WindowsIdentity winIdentity = identity as WindowsIdentity;

            if (winIdentity == null)
            {
                throw new ArgumentException(SR.WindowsIdentityOnly);
            }

            AzAuthorizationStoreClass store = new AzAuthorizationStoreClass();

            store.Initialize(0, data.StoreLocation, null);
            azApp = store.OpenApplication(applicationName, null);
            Debug.Assert(azApp != null, "could not open the application");

            ulong            tokenHandle = (ulong)winIdentity.Token.ToInt64();
            IAzClientContext clientCtx   = azApp.InitializeClientContextFromToken(tokenHandle, null);

            Debug.Assert(clientCtx != null, "could not get the context");
            return(clientCtx);
        }
Esempio n. 6
0
        /// <devdoc>
        /// Checks access to specified a set of operations in a specified application in a specified scope.
        /// </devdoc>
        private bool CheckAccessOperations(AzManAuthorizationProviderData data, string auditIdentifier, IIdentity identity, string[] operations)
        {
            string[]       scopes = new string[] { data.Scope };
            IAzApplication azApp  = null;

            try
            {
                IAzClientContext clientCtx = GetClientContext(data, identity, data.Application, out azApp);
                Debug.Assert(azApp != null);

                object[] operationIds = new object[operations.Length];
                for (int index = 0; index < operations.Length; index++)
                {
                    operationIds[index] = azApp.OpenOperation(operations[index], null).OperationID;
                }

                object[] internalScopes = null;
                if (scopes != null)
                {
                    internalScopes    = new object[1];
                    internalScopes[0] = scopes[0];
                }

                object[] result = (object[])clientCtx.AccessCheck(auditIdentifier,
                                                                  internalScopes, operationIds, null, null, null, null, null);
                foreach (int accessAllowed in result)
                {
                    if (accessAllowed != 0)
                    {
                        return(false);
                    }
                }
            }
            catch (COMException comEx)
            {
                throw new SecurityException(comEx.Message, comEx);
            }
            return(true);
        }
Esempio n. 7
0
        /// <summary>
        /// Check access permission for user
        /// </summary>
        /// <returns>void</returns>
        public bool CheckAccessPermissions(object[] operationIds)
        {
            bool bCheckAccess = false;

            AzAuthorizationStoreClass AzManStore = new AzAuthorizationStoreClass();

            AzManStore.Initialize(0, ConfigurationManager.ConnectionStrings[AuthorizationManagerConstants.AZMANPOLICYSTORECONNECTIONSTRING].ConnectionString, null);
            IAzApplication azApp = AzManStore.OpenApplication(AuthorizationManagerConstants.AZMANAPPLICATION, null);

            // Get the current user context
            IPrincipal      userPrincipal = HttpContext.Current.User;
            WindowsIdentity userIdentity  = userPrincipal.Identity as WindowsIdentity;

            IAzClientContext clientContext = azApp.InitializeClientContextFromToken((ulong)userIdentity.Token, null);

            // Check if user has access to the operations
            // The first argument, "Auditstring", is a string that is used if you
            // have run-time auditing turned on
            object[] result = (object[])clientContext.AccessCheck("CheckAccessPermission", new object[1], operationIds, null, null, null, null, null);

            // Test the integer array we got back to see which operations are
            // authorized
            int accessAllowed = (int)result[0];

            if (accessAllowed != 0)
            {
                // current user not authorized to perform operation
                bCheckAccess = false;
            }
            else
            {
                // current user authorized to perform operation
                bCheckAccess = true;
            }

            return(bCheckAccess);
        }
Esempio n. 8
0
        private void TestSuAzMan(string azManStorePath, int max)
        {
            WindowsIdentity       id    = WindowsIdentity.GetCurrent();
            IAzAuthorizationStore store = new AzAuthorizationStoreClass();

            store.Initialize(0, azManStorePath, null);
            int              rnd    = 0; // new Random().Next(max);
            IAzApplication   app    = store.OpenApplication("Application" + rnd.ToString(), null);
            IAzClientContext ctx    = app.InitializeClientContextFromToken((ulong)id.Token.ToInt64(), null);
            string           opName = "Operation" + rnd.ToString();
            IAzOperation     op     = app.OpenOperation(opName, null);

            object[] parameterNames = new object[1] {
                "chiave"
            };
            object[] parameterValues = new object[1] {
                "valore"
            };
            object[] oRes = (object[])ctx.AccessCheck("Test", null, new object[] { op.OperationID }, parameterNames, parameterValues, null, null, null);
            foreach (int accessAllowed in oRes)
            {
                if (accessAllowed != 0)
                {
                    break;
                }
            }
            store.CloseApplication("Application" + rnd.ToString(), 0);
            System.Runtime.InteropServices.Marshal.FinalReleaseComObject(op);
            System.Runtime.InteropServices.Marshal.FinalReleaseComObject(app);
            System.Runtime.InteropServices.Marshal.FinalReleaseComObject(store);
            System.Runtime.InteropServices.Marshal.FinalReleaseComObject(ctx);
            op    = null;
            ctx   = null;
            app   = null;
            store = null;
        }
Esempio n. 9
0
        /// <summary>
        /// Logo Image - Displays the logo of the company
        /// </summary>


        /// <summary>
        /// Message Label - Displays messages to the user
        /// </summary>


        /// <summary>
        /// Approve Link - Link to a page which lists all expense
        /// reports which need to be approved
        /// </summary>


        /// <summary>
        /// Submit Link - Link to a page which allows a user
        /// to create a new expense report to submit
        /// </summary>


        /// <summary>
        /// Administration Link - Link to a page which allows an
        /// administrator to change application settings
        /// </summary>


        /// <summary>
        /// Approve Image - Display an icon that links to a page
        /// which lists all expense reports which need to be approved
        /// </summary>


        /// <summary>
        /// Administration Image - Displays an icon that links
        /// to a page which allows an administrator to change
        /// application settings
        /// </summary>


        /// <summary>
        /// Submit Image - Displays an icon that links
        /// to a page which allows a user to create a new expense
        /// report to submit
        /// </summary>


        /// <summary>
        /// Title Label - Displays the application title
        /// </summary>
        #endregion

        /// <summary>
        /// Page Load - This is executed when the page is first requested
        /// by the user and additionally when the user clicks a button on
        /// the form
        /// </summary>
        protected void Page_Load(object sender, System.EventArgs e)
        {
            //
            //	Check for this is the first time the page is being loaded
            //	only fill in the form if this is the first time otherwise
            //	any user changes will be lost
            //
            if (!Page.IsPostBack)
            {
                //
                //	Get the client context
                //
                IAzClientContext AzClient = ExpenseCommon.GetAzClientContext();

                //
                //	Use the client SAM name (\\domain\username)
                //	to display the username
                //
                string AccountName = ExpenseCommon.GetClientSamName();
                AccountName = AccountName.Substring((AccountName.IndexOf(@"\") + 1));
                MSG.Text    = string.Concat("Welcome ", AccountName, ":");


                //
                //	Get the user's role memberships from the
                //	client context
                //
                object[] Roles = (object[])AzClient.GetRoles(null);

                //
                //	Check for the user has no roles
                //
                if (Roles.Length == 0)
                {
                    MSG.Text = string.Concat(MSG.Text, "<P>Sorry ", AccountName, " you have no Roles. <Br> Please contact your manager <Br></P>");
                }
                else
                {
                    //
                    //	Display links to the various actions the user
                    //	can perform depending on the user's role memberships
                    //
                    string Role;
                    foreach (object oRole in Roles)
                    {
                        Role = (string)oRole;

                        switch (Role)
                        {
                        case "Approver":
                            //
                            //	User is an approver
                            //	Show link to the approval page
                            //
                            ApproveLink.Visible = true;
                            break;

                        case "Administrator":
                            //
                            //	User is an administrator
                            //	Show link to the administration page
                            //
                            AdminLink.Visible = true;
                            break;

                        case "Submitter":
                            //
                            //	User is an submitter
                            //	Show link to the expense submission page
                            //
                            SubmitLink.Visible = true;
                            break;
                        }
                    }
                }
            }
        }
Esempio n. 10
0
        /// <summary>
        /// OK Button Click - When a user clicks the OK button
        /// save any changes and rediret them to the main page
        /// </summary>
        protected void OK_Click(object sender, System.EventArgs e)
        {
            //
            //
            //	Get the client context from the session variables
            //
            IAzClientContext AzClient = ExpenseCommon.GetAzClientContext();

            //
            //	Check if the user has access to the administer
            //	operation and then save application settings
            //

            //
            //	Contains the scope of the access check request
            //	which is set to the application level (null)
            //
            object[] scope = new Object[1];
            scope[0] = (object)"";

            //
            //	Contains all the operations associated with
            //	changing the application settings
            //	In this case the administer operation
            //
            object[] operations = new Object[1];
            operations[0] = ExpenseCommon.AzopAdministrater;

            //
            //	Contains all the parameter names associated with
            //	application settings.  These are organized as
            //	name-value pairs and passed to the business rule
            //	if one is defined.
            //
            //	THEY MUST BE IN ALPHABETICAL ORDER (A-Z)
            //
            Object[] BRNames = new Object[3];
            BRNames[0] = (object)ExpenseCommon.ParamAmount;
            BRNames[1] = (object)ExpenseCommon.ParamDate;
            BRNames[2] = (object)ExpenseCommon.ParamUserName;

            //
            //	Contains all the paramenter values associted with
            //	the application settings.
            //
            Object[] BRValues = new Object[3];
            BRValues[0] = (object)0;
            BRValues[1] = (object)DateTime.Now.ToShortDateString();
            BRValues[2] = (object)ExpenseCommon.GetClientSamName();

            //
            //	Run the access check on the administer operation
            //	Passing the audit text, scope, operations and business rule parameters
            //
            object[] results = (object[])AzClient.AccessCheck("Change Application Settings", (object)scope, (object)operations, BRNames, BRValues, null, null, null);

            //
            //	Check for success of the access check
            //
            bool bAuthorized = true;

            foreach (int iResCode in results)
            {
                //
                //	Check for access denied
                //
                if (iResCode == ExpenseCommon.AccessDenied)
                {
                    string errorMessage = AzClient.GetBusinessRuleString();
                    if (errorMessage != "")
                    {
                        Message.Text = "Admin Denied. " + errorMessage;
                    }
                    else
                    {
                        Message.Text = "Access Denied.  You do not have sufficient permissions to perform this operation.";
                    }
                    bAuthorized = false;
                    break;
                }
                //
                //	Check for other error
                //
                else if (iResCode != ExpenseCommon.NoError)
                {
                    Win32Exception ex = new Win32Exception();
                    Message.Text = "There was an error performing the AccessCheck: " + ex.Message;
                }
            }

            if (bAuthorized == true)
            {
                //
                //	Save the Self Approval setting
                //
                ExpenseCommon.SetApproval(self_approval.Checked);

                //
                //	Save the Maximum Number of Tranascitons setting
                //
                ExpenseCommon.SetMaxTransaction(Convert.ToInt32(max_trans.Text));

                //
                //	Redirect the user to the main page
                //
                Response.Redirect("../index.aspx", false);
            }
            else
            {
                //
                //	Display reason for the access check failure
                //
                Message.Text = "Error Access Denied:" + AzClient.GetBusinessRuleString();
            }
        }
Esempio n. 11
0
        /// <summary>
        /// Submit Decision Click - When the user clicks the Submit button,
        /// this submits the descision of the user, approve or reject,
        /// to the application data store.
        /// </summary>
        protected void SubmitDecision_Click(object sender, System.EventArgs e)
        {
            //
            //
            //	Get the client context from the session variables
            //
            IAzClientContext AzClient = ExpenseCommon.GetAzClientContext();

            //
            //	Check if the user has access to the administer
            //	operation and then save application settings
            //

            //
            //	Contains the scope of the access check request
            //	which is set to the application level (null)
            //
            object[] scope = new Object[1];
            scope[0] = (object)"";

            //
            //	Contains all the operations associated with
            //	changing the application settings
            //	In this case the approve operation
            //
            object[] operations = new Object[1];
            operations[0] = ExpenseCommon.AzopApprove;

            //
            //	Contains all the parameter names associated with
            //	approving an expense.  These are organized as
            //	name-value pairs and passed to the business rule
            //	if one is defined
            //
            Object[] BRNames = new Object[3];
            BRNames[0] = (object)ExpenseCommon.ParamAmount;
            BRNames[1] = (object)ExpenseCommon.ParamDate;
            BRNames[2] = (object)ExpenseCommon.ParamUserName;

            //
            //	Contains all the paramenter values associted with
            //	approving an expense.
            //
            Object[] BRValues = new Object[3];
            BRValues[0] = (object)ExpenseData["Amount"];
            BRValues[1] = (object)ExpenseData["Date"];
            BRValues[2] = (object)ExpenseCommon.GetClientSamName();


            //
            //	Run the access check on the administer operation
            //	Passing the audit text, scope, operations and business rule parameters
            //
            object[] results = (object[])AzClient.AccessCheck("Approve Expense Report", (object)scope, (object)operations, BRNames, BRValues, null, null, null);

            //
            //	Check for success of the access check
            //
            bool bAuthorized = true;

            foreach (int iResCode in results)
            {
                if (iResCode != ExpenseCommon.NoError)
                {
                    bAuthorized = false;
                    break;
                }
            }

            if (bAuthorized)
            {
                //
                //	Check for the user has added comments
                //
                if (Comment.Text.Length > 0)
                {
                    //
                    //	Attach the comment to the transaction
                    //
                    ExpenseData["Comment"] = string.Concat(ExpenseData["Comment"],
                                                           "<p><b>Approver Comment: </b></p>", Comment.Text);
                    ExpenseCommon.SaveTransaction(transID, ExpenseData);
                }

                //
                //	Check for the user approved or rejected the expense
                //
                if (Decision.SelectedValue == "approve")
                {
                    //
                    //	Approve the expense
                    //
                    ExpenseCommon.ApproveTransaction(transID);
                }
                else
                {
                    //
                    //	Reject the expense
                    //
                    ExpenseCommon.RejectTransaction(transID);
                }

                //
                //	Redirect the user to pending expenses list
                //
                Response.Redirect("List.aspx", true);
            }
            else
            {
                //
                //	If the access check failed, display an error message to the user
                //
                Message.Text = "Error Access Denied: " + AzClient.GetBusinessRuleString();
                return;
            }
        }
Esempio n. 12
0
        /// <summary>
        /// Page Load - This is executed when the page is first requested
        /// by the user and additionally when the user clicks a button on
        /// the form
        /// </summary>
        protected void Page_Load(object sender, System.EventArgs e)
        {
            //
            //	To prevent users from by-passing the portal page (index.aspx)
            //	and going directly to this page, use URL Authorization
            //	See <url> for details.
            //

            //
            //	Get the transaction ID from the posted variables
            //	if no transaction ID was posted, i.e. the user
            //	went directly to this page and not from the List.aspx page,
            //	show an error message
            //
            try
            {
                transID = Convert.ToInt32(Request.QueryString["transactionId"]);
            }
            catch (System.ArgumentNullException)
            {
                Message.Text = "There was an error retrieving the transaction ID.";
                return;
            }

            //
            //	Get the expense report data from the transaction ID
            //	and check that the transaction exists
            //
            ExpenseData = ExpenseCommon.GetTransData(transID);
            if (ExpenseData == null)
            {
                Message.Text = "There was an error retrieving the transaction data. <br>The specified transaction does not exist.";
                return;
            }

            //
            //	Check for this is the first time the page is being loaded
            //	only fill in the form if this is the first time otherwise
            //	any user changes will be lost
            //
            if (!Page.IsPostBack)
            {
                //
                //	Check if the approver is also the owner of the
                //	expense report and either display the report
                //	or a message depending on the Self Approval setting
                //	of the application
                //

                //
                //	Get the status of the transaction
                //
                string transStatus = string.Concat(ExpenseCommon.GetTransactionStatus(transID), "");

                //
                //	Check for the transaction has not been approved
                //
                if (transStatus == "")
                {
                    //
                    //	Check if the current user is the owner of the expense report
                    //
                    if ((ExpenseCommon.GetClientSamName() == ExpenseData["SamName"]))
                    {
                        //
                        //	Check for Self Approval is allowed
                        //
                        if (ExpenseCommon.GetSelfApproval() == false)
                        {
                            //
                            //	Self approval is not allowed so do not display the
                            //	decision buttons and show an error message
                            //
                            Status.Text           = string.Concat(Status.Text, "PENDING", "<P>You are not authorized to approve your own expense.</p>");
                            DecisionGroup.Visible = false;
                        }
                        else
                        {
                            //
                            //	Self Approval is allowed so display the
                            //	decision buttons and it's status
                            //
                            Status.Text           = string.Concat(Status.Text, "PENDING");
                            DecisionGroup.Visible = true;
                        }
                    }
                    else
                    {
                        //
                        //	The current user is not the owner of the expense report so
                        //	display the decision buttons
                        //
                        Status.Text           = string.Concat(Status.Text, "PENDING");
                        DecisionGroup.Visible = true;
                    }
                }
                else
                {
                    //
                    //	The expense report has been reviewed already
                    //	Display it's status and do not show the decision buttons
                    //
                    Status.Text           = string.Concat(Status.Text, transStatus);
                    DecisionGroup.Visible = false;
                }

                //
                //	Get the client context
                //
                IAzClientContext AzClient = ExpenseCommon.GetAzClientContext();

                //
                //	Check if the user has permission to list expenses
                //

                //
                //	Contains the scope of the access check request
                //	which is set to the application level (null)
                //
                object[] scope = new Object[1];
                scope[0] = (object)"";

                //
                //	Contains all the operations associated with
                //	reading an expense
                //	In this case the readExpense operation
                //
                object[] operations = new Object[1];
                operations[0] = ExpenseCommon.AzopRead;

                //
                //	Contains all the parameter names associated with
                //	approving an expense.  These are organized as
                //	name-value pairs and passed to the business rule
                //	if one is defined
                //
                //	THEY MUST BE IN ALPHABETICAL ORDER (A-Z)
                //
                Object[] BRNames = new Object[3];
                BRNames[0] = (object)ExpenseCommon.ParamAmount;
                BRNames[1] = (object)ExpenseCommon.ParamDate;
                BRNames[2] = (object)ExpenseCommon.ParamUserName;

                //
                //	Contains all the paramenter values associted with
                //	approving an expense.
                //
                Object[] BRValues = new Object[3];
                BRValues[0] = (object)0;
                BRValues[1] = (object)DateTime.Now.ToShortDateString();
                BRValues[2] = (object)ExpenseCommon.GetClientSamName();

                //	Contains the results from AccessCheck
                object[] results;
                try
                {
                    //
                    //	Run the access check on the administer operation
                    //	Passing the audit text, scope, operations and business rule parameters
                    //
                    results = (object[])AzClient.AccessCheck("Read Expense Report", (object)scope, (object)operations, BRNames, BRValues, null, null, null);
                }
                catch (Exception ex)
                {
                    Message.Text = "There was an error running AccessCheck: " + ex.Message;
                    return;
                }

                //
                //	Check for success of the access check
                //
                bool bAuthorized = true;
                foreach (int iResCode in results)
                {
                    //
                    //	Check for access denied
                    //
                    if (iResCode == ExpenseCommon.AccessDenied)
                    {
                        string errorMessage = AzClient.GetBusinessRuleString();
                        if (errorMessage != "")
                        {
                            Message.Text = "Read Denied. " + errorMessage;
                        }
                        else
                        {
                            Message.Text = "Access Denied.  You do not have sufficient permissions to perform this operation.";
                        }
                        bAuthorized = false;
                        break;
                    }
                    //
                    //	Check for other error
                    //
                    else if (iResCode != ExpenseCommon.NoError)
                    {
                        Win32Exception ex = new Win32Exception();
                        Message.Text = "There was an error performing the AccessCheck: " + ex.Message;
                    }
                }

                if (bAuthorized)
                {
                    //
                    //	Display the expense report
                    //
                    DisplayExpense();
                }
                else
                {
                    //
                    //	Access Check failed so display an error message to the user
                    //
                    Message.Text = "Error Access Denied: " + AzClient.GetBusinessRuleString();
                    return;
                }
            }
        }
Esempio n. 13
0
        /// <summary>
        /// Comment TextBox - Allows a user to attach a comment
        /// to the expense report
        /// </summary>

        /// <summary>
        /// Date TextBox - Date the expense was incurred
        /// </summary>

        /// <summary>
        /// Amount TextBox - Amount of the expense
        /// </summary>

        /// <summary>
        /// Description TextBox - Descriptiong of the expense
        /// </summary>

        /// <summary>
        /// Message Label - Displays any messages to the user
        /// </summary>

        /// <summary>
        /// Submit Group Panel - Contains the UI controls to submit
        /// an expense
        /// </summary>

        /// <summary>
        /// Logo Link - Displays the company logo and links back to
        /// the main page of the application
        /// </summary>

        /// <summary>
        /// Title Label - Displays the title of the page
        /// </summary>

        /// <summary>
        /// Description Label - Identifies the description textbox
        /// </summary>

        /// <summary>
        /// Amount Label - Identifies the amount textbox
        /// </summary>

        /// <summary>
        /// Date Label - Identifies the date textbox
        /// </summary>

        /// <summary>
        /// Comment Label - Identifies the comment textbox
        /// </summary>

        /// <summary>
        /// Submit Button - The user clicks this button to submit the expense
        /// </summary>

        /// <summary>
        /// Return Link - Link back to the main page of the application
        /// </summary>

        /// <summary>
        /// Description Validator - Requires that a description is entered
        /// A description cannot be longer than 50 characters
        /// </summary>

        /// <summary>
        /// Date Validator - Checks that the user entered a valid date between
        /// the range of 01/01/1900 and 12/31/2999
        /// </summary>

        /// <summary>
        /// Amount Validator - Checks that the user entered an amount
        /// </summary>

        /// <summary>
        /// Date Validator - Checks that the user entered a date
        /// </summary>

        /// <summary>
        /// Amount Validator - Checks that the user entered a valid amount
        /// The amount must be between 1 and 99999999999
        /// </summary>

        #endregion

        /// <summary>
        /// Submit Button Click - When the user clicks the submit button
        /// this saves the expense report in the application data store
        /// </summary>
        protected void SubmitBtn_Click(object sender, System.EventArgs e)
        {
            //
            //
            //	Get the client context from the session variables
            //
            IAzClientContext AzClient = ExpenseCommon.GetAzClientContext();

            //
            //	Check if the user has access to the administer
            //	operation and then save application settings
            //

            //
            //	Contains the scope of the access check request
            //	which is set to the application level (null)
            //
            object[] scope = new Object[1];
            scope[0] = (object)"";

            //
            //	Contains all the operations associated with
            //	changing the application settings
            //	In this case the administer operation
            //
            object[] operations = new Object[1];
            operations[0] = ExpenseCommon.AzopSubmit;

            //
            //	Contains all the parameter names associated with
            //	submitting an expense.  These are organized as
            //	name-value pairs and passed to the business rule
            //	if one is defined
            //
            //	THEY MUST BE IN ALPHABETICAL ORDER (A-Z)
            //
            Object[] BRNames = new Object[3];
            BRNames[0] = (object)ExpenseCommon.ParamAmount;
            BRNames[1] = (object)ExpenseCommon.ParamDate;
            BRNames[2] = (object)ExpenseCommon.ParamUserName;

            //
            //	Contains all the paramenter values associted with
            //	the submitting an expense.
            //
            Object[] BRValues = new Object[3];
            BRValues[0] = (object)Amount.Text;
            BRValues[1] = (object)Date.Text;
            BRValues[2] = (object)ExpenseCommon.GetClientSamName();

            //	Contains the results from the AccessCheck
            object[] results;

            try
            {
                //
                //	Run the access check on the administer operation
                //	Passing the audit text, scope, operations and business rule parameters
                //
                results = (object[])AzClient.AccessCheck("Change Application Settings", (object)scope, (object)operations, BRNames, BRValues, null, null, null);
            }
            catch (Exception ex)
            {
                MSG.Text = "There was an error running the AccessCheck: " + ex.Message;
                return;
            }

            //
            //	Check for success of the access check
            //
            bool bAuthorized = true;

            foreach (int iResCode in results)
            {
                //
                //	Check for access denied
                //
                if (iResCode == ExpenseCommon.AccessDenied)
                {
                    string errorMessage = AzClient.GetBusinessRuleString();
                    if (errorMessage != "")
                    {
                        MSG.Text = "Submission Denied. " + errorMessage;
                    }
                    else
                    {
                        MSG.Text = "Access Denied.  You do not have sufficient permissions to perform this operation.";
                    }
                    bAuthorized = false;
                    break;
                }
                //
                //	Check for other error
                //
                else if (iResCode != ExpenseCommon.NoError)
                {
                    Win32Exception ex = new Win32Exception();
                    MSG.Text = "There was an error performing the AccessCheck: " + ex.Message;
                }
            }

            if (bAuthorized)
            {
                //
                //	AccessCheck passed so submit the expense report
                //

                //
                //	Store the expense report in a name-value collection
                //
                StringDictionary ExpenseData = new StringDictionary();

                //
                //	Save the user SAM name (\\domain\username)
                //
                string name = ExpenseCommon.GetClientSamName();
                ExpenseData.Add("SamName", name);

                //
                //	Save the user Friendly Name
                //
                name = name.Substring((name.IndexOf(@"\") + 1));
                ExpenseData.Add("User", name);

                //
                //	Save the transaction date
                //
                ExpenseData.Add("Date", Date.Text);

                //
                //	Save the expense description
                //
                ExpenseData.Add("Description", Description.Text);

                //
                //	Save the expense amount
                //
                ExpenseData.Add("Amount", Amount.Text);

                //
                // Attach any comments to the expense report
                //
                ExpenseData.Add("Comment", Comment.Text);

                //
                //	Save the transaction
                //
                ExpenseCommon.SaveTransaction(ExpenseCommon.AssignNextTransaction(), ExpenseData);

                //
                //	Show link to submit a new expense or
                //	to return to the main page
                //
                MSG.Text = "Submission Sucessful.<p><a href='Submit.aspx'>Submit new expense</a> | <a href='../index.aspx'>Return to Main Menu</a></p>";

                //
                //	Clear form for new entry
                //
                Description.Text = "";
                Amount.Text      = "";
                Date.Text        = "";
                Comment.Text     = "";

                SubmitGroup.Visible = false;
            }
        }
Esempio n. 14
0
        /// <summary>
        /// Message Label - Displays any messages for the user
        /// </summary>

        /// <summary>
        /// Transaction List - Displays the transactions
        /// filtered by the ModeSelect drop down listbox
        /// </summary>

        /// <summary>
        /// Mode Select Drop Down ListBox - Filters which
        /// expense transactions are displayed in the transaction list
        /// </summary>

        /// <summary>
        /// Mode Label - Displays the filter on the transaction list
        /// </summary>

        /// <summary>
        /// Logo Link - Displays the company logo and links
        /// back to the main page of the application
        /// </summary>

        /// <summary>
        /// Title Label - Displays the page title
        /// </summary>

        /// <summary>
        /// Return Link - Displays a link back to the main
        /// page of the application
        /// </summary>

        #endregion

        /// <summary>
        /// Page Load - This is executed when the page is first requested
        /// by the user and additionally when the user clicks a button on
        /// the form
        /// </summary>
        protected void Page_Load(object sender, System.EventArgs e)
        {
            //
            //	To prevent users from by-passing the portal page (index.aspx)
            //	and going directly to this page, use URL Authorization
            //	See <url> for details.
            //

            //
            //	Check for this is the first time the page is being loaded
            //	only fill in the form if this is the first time otherwise
            //	any user changes will be lost
            //
            if (!Page.IsPostBack)
            {
                //
                //	Get the client context
                //
                IAzClientContext AzClient = ExpenseCommon.GetAzClientContext();

                //
                //	Check if the user has permission to list expenses
                //

                //
                //	Contains the scope of the access check request
                //	which is set to the application level (null)
                //
                object[] scope = new Object[1];
                scope[0] = (object)"";

                //
                //	Contains all the operations associated with
                //	listing an expense
                //	In this case the list operation
                //
                object[] operations = new Object[1];
                operations[0] = ExpenseCommon.AzopList;

                //
                //	Contains all the parameter names. These are organized as
                //	name-value pairs and passed to the business rule
                //	if one is defined
                //
                //	THEY MUST BE IN ALPHABETICAL ORDER (A-Z)
                //
                Object[] BRNames = new Object[3];
                BRNames[0] = (object)ExpenseCommon.ParamUserName;
                BRNames[1] = (object)ExpenseCommon.ParamDate;
                BRNames[2] = (object)ExpenseCommon.ParamUserName;

                //
                //	Contains all the paramenter values

                //
                Object[] BRValues = new Object[3];
                BRValues[0] = (object)0;
                BRValues[1] = (object)DateTime.Now.ToShortDateString();
                BRValues[2] = (object)ExpenseCommon.GetClientSamName();

                //	Contains the results from AccessCheck
                object[] results;
                try
                {
                    //
                    //	Run the access check on the list operation
                    //	Passing the audit text, scope, operations and business rule parameters
                    //
                    results = (object[])AzClient.AccessCheck("List Expense Reports", (object)scope, (object)operations, BRNames, BRValues, null, null, null);
                }
                catch (Exception ex)
                {
                    MSG.Text = "There was an error running AccessCheck: " + ex.Message;
                    throw(ex);
                }

                //
                //	Check for success of the access check
                //
                bool bAuthorized = true;
                foreach (int iResCode in results)
                {
                    //
                    //	Check for access denied for each operation
                    //
                    if (iResCode == ExpenseCommon.AccessDenied)
                    {
                        string errorMessage = AzClient.GetBusinessRuleString();
                        if (errorMessage != "")
                        {
                            MSG.Text = "List Denied. " + errorMessage;
                        }
                        else
                        {
                            MSG.Text = "Access Denied.  You do not have sufficient permissions to perform this operation.";
                        }
                        bAuthorized = false;
                        break;
                    }
                    //
                    //	Check for other error
                    //
                    else if (iResCode != ExpenseCommon.NoError)
                    {
                        Win32Exception ex = new Win32Exception(iResCode, "There was an error performing the AccessCheck: ");
                    }
                }

                if (bAuthorized)
                {
                    //
                    //	List the expense reports
                    //
                    ListTransactions();
                }
                else
                {
                    //
                    //	Access Check failed so display an error message to the user
                    //
                    MSG.Text = "Error Access Denied: " + AzClient.GetBusinessRuleString();
                    return;
                }
            }
        }