public static List <Links> getLinksFromDB()
        {
            String username = Security.getUsername();

            LinksDao dataLayer = new LinksDao();

            List <Links> userLinks = dataLayer.getUserLinks(username);

            SessionVariableManager.setLinks(userLinks);
            return(userLinks);
        }
    //get nav links from db
    private void getNavLinks()
    {
        String username = Security.getUserName();


        List <UserLink> links = LinksDao.getUserLinks(username);

        foreach (UserLink link in links)
        {
            writeNavLink(link);
        }
    }
Esempio n. 3
0
    //this method checks that a user has access to the current url. If not, redirects to the index.aspx page
    public static void checkUrl()
    {
        String username = Security.getUserName();

        //get the current url
        char[] remove     = { '/' }; //used to remove leading / from path to math values stored in db
        String currentUrl = HttpContext.Current.Request.CurrentExecutionFilePath.TrimStart(remove);

        //get allowed links
        List <UserLink> links = LinksDao.getUserLinks(username);
        //check if this link is in list
        int allowed = links.FindIndex(f => f.getPath() == currentUrl);

        //kick user if trying to access unallowed link
        if (allowed < 0)
        {
            HttpContext.Current.Response.Redirect("~/index.aspx");
        }
    }