public string ActionCheck(string controllerName)
{
SC_USER user = _sessionProvider.Get <SC_USER>(Strings.Authorization.UserSessionKey);
StringBuilder strBuilder = new StringBuilder();
controllerName = controllerName.ToLower();
var lst = _action.GetAll(user.IdUser).Where(k => k.FullPath.ToLower().IndexOf(controllerName) != -1).ToList();
strBuilder.Append("Bu sayfada size özel bazı kısıtlamalar bulunmaktadır : ");
for (int i = 0; i < lst.Count; i++)
{
SC_ACTION obj = lst[i];
strBuilder.Append(obj.ActionDesc);
if (i != lst.Count - 1)
{
strBuilder.Append(", ");
}
}
if (lst.Count == 0)
{
return(string.Empty);
}
throw new NotificationException(strBuilder.ToString());
}
public SC_USER Save(SC_USER obj)
{
var currentUser = _general.Get <SC_USER>(obj.IdUser);
currentUser.Soyadi = obj.Soyadi;
currentUser.Adi = obj.Adi;
currentUser.CepTelefonu = obj.CepTelefonu;
currentUser.Aciklama = obj.Aciklama;
currentUser.ModUser = currentUser.IdUser;
currentUser = _general.Update(currentUser);
_session.Set(Strings.Authorization.UserSessionKey, currentUser);
return(currentUser);
//if (obj.IdUser > 0)
//{
// obj = _general.Update(obj);
// _logger.LogSuccess(new Log()
// {
// ActionName = "Save",
// ControllerName = "ProfileController",
// RequestUrl = "/Profile",
// ShortMessage = Strings.Messages.User.Update(obj)
// });
// _sessionProvider.Set(Strings.Authorization.UserSessionKey, obj);
// return Json(obj);
//}
//else
//{
// return Json(false);
//}
}
public SC_USER SavePassword(SC_USER obj)
{
var currentUser = _general.Get <SC_USER>(obj.IdUser);
currentUser.Password = _encrypter.Encrypt(obj.Password);
currentUser = _general.Update(currentUser);
_session.Set(Strings.Authorization.UserSessionKey, currentUser);
return(currentUser);
}
public bool IsUserAuthentication()
{
SC_USER user = _sessionProvider.Get <SC_USER>(Strings.Authorization.UserSessionKey);
if (user == null)
{
return(false);
}
return(true);
}
public bool IsActionAuthentication(RequestContext context)
{
SC_USER user = _sessionProvider.Get <SC_USER>(Strings.Authorization.UserSessionKey);
//TN_COMPANY company = _sessionProvider.Get<TN_COMPANY>(Strings.Authorization.CompanySessionKey);
if (user == null)
{
return(true);
}
// Cache Key tanımlanır. Her kullanıcı ve firma için farklı olması gerekiyor.
string cacheMenuKey = "SC_ACTION_" + "User" + user.IdUser.ToString();
List <SC_ACTION> _lstAction = _cacheProvider.Get <List <SC_ACTION> >(cacheMenuKey);
if (_lstAction == null)
{
_lstAction = _definitionBusiness.GetAll <SC_ACTION>().ToList();
_cacheProvider.Set(cacheMenuKey, _lstAction);
}
string fullPath = context.HttpContext.Request.FilePath;
SC_ACTION objAction = _lstAction.FirstOrDefault(k => k.FullPath == fullPath);
if (objAction != null)
{
var lstAction = _action.GetAll(user.IdUser);
SC_ACTION objActionResult = null;
if (lstAction != null)
{
objActionResult = lstAction.FirstOrDefault(k => k.IdAction == objAction.IdAction);
}
if (objActionResult != null)
{
throw new NotAuthorizationActionException();
}
}
return(true);
}
public void Save(string tableName, int id, List <DefinitionProperty> lstProp)
{
SC_USER user = _session.Get <SC_USER>(Strings.Authorization.UserSessionKey);
Type customType = TypeHelper.GetCustomTypes(tableName);
dynamic obj = TypeHelper.GetCustomObjects(tableName);
var lstProperty = TypeHelper.GetTypeProperties(customType);
foreach (var prop in lstProperty)
{
if (prop.Name == "CreUser" || prop.Name == "ModUser")
{
prop.SetValue(obj, Convert.ChangeType(user.IdUser, prop.PropertyType), null);
continue;
}
if (prop.Name == "Deleted" || prop.Name == "Client" || prop.Name == "ClientIp" || prop.Name == "CreDate" || prop.Name == "ModDate")
{
continue;
}
for (int i = 0; i < lstProp.Count; i++)
{
if (lstProp[i].Key == prop.Name)
{
prop.SetValue(obj, Convert.ChangeType(lstProp[i].Value, prop.PropertyType), null);
break;
}
}
}
if (id > 0)
{
Update(obj);
}
else
{
Insert(obj);
}
//#region Save Log Record
//var log = new Log()
//{
// ActionName = "Save",
// ControllerName = "DefinitionController",
// RequestUrl = "/Definition"
//};
//if (id > 0)
//{
// log.ShortMessage = Strings.Messages.Definition.Update(tableName, id);
//}
//else
//{
// log.ShortMessage = Strings.Messages.Definition.Insert(tableName, id);
//}
//// Log Save
////_logger.LogSuccess(log);
//#endregion Save Log Record
}
public static string FailedLogin(SC_USER obj)
{
return(string.Format("{0} idli ve {1} adlı kullanıcı hatalı giriş yaptı.", obj.IdUser, obj.UserName));
}
public static string Login(SC_USER obj)
{
return(string.Format("{0} idli ve {1} adlı kullanıcı uygulamaya giriş yaptı.", obj.IdUser, obj.UserName));
}
public static string Delete(SC_USER obj)
{
return(string.Format("{0} idli ve {1} adlı kullanıcı silindi.", obj.IdUser, obj.UserName));
}
public static string Insert(SC_USER obj)
{
return(string.Format("{0} idli ve {1} adlı kullanıcı eklendi.", obj.IdUser, obj.UserName));
}
public static string Update(SC_USER obj)
{
return(string.Format("{0} idli ve {1} adlı kullanıcı güncellendi.", obj.IdUser, obj.UserName));
}
public SC_USER Update(SC_USER obj, IDbTransaction trans = null)
{
_connection.Update(obj, trans);
return(obj);
}
public SC_USER SendUserSession(SC_USER user)
{
SC_USER kullanici = new SC_USER();
var encryptedPassword = _encrypter.Encrypt(user.Password);
var lstUser = _general.GetAll <SC_USER>();
var userModel = lstUser.Where(r => r.UserName == user.UserName && r.Password == encryptedPassword && r.Active && r.Deleted == false && r.FailedLoginCount < 5).FirstOrDefault();
if (userModel != null)
{
userModel.FailedLoginCount = 0;
_general.Update(userModel);
_logger.LogSuccess(new LogModel
{
ActionName = "Login",
ControllerName = "LoginController",
RequestUrl = "/Login",
ShortMessage = Strings.Messages.LoginPage.Login(userModel)
});
}
else
{
var user2 = lstUser.Where(r => r.UserName == user.UserName && r.Deleted == false).FirstOrDefault();
if (user2 != null)
{
_logger.LogInformation(new LogModel
{
ActionName = "Login",
ControllerName = "LoginController",
RequestUrl = "/Login",
ShortMessage = Strings.Messages.LoginPage.FailedLogin(user2)
});
if (user2.FailedLoginCount < 5)
{
user2.FailedLoginCount++;
_general.Update(user2);
throw new NotificationException("Yazdığınız şifre hatalı. " + user2.FailedLoginCount + " kez hatalı girdiniz.");
}
else
{
user2.Active = false;
_general.Update(user2);
throw new NotificationException("Hesabınız bloke olmuştur. Lütfen sistem yöneticiyle iletişime geçiniz.");
}
}
else
{
throw new NotificationException("Kullanıcı bulunamadı.");
}
}
_sessionProvider
.Set(Strings.Authorization.UserSessionKey, userModel);
_sessionProvider
.Set(Strings.Authorization.IsLoginSessionKey, false);
_cookieProvider.SetCookie(Strings.CookieKeys.UserName, userModel.UserName, TimeSpan.FromDays(1));
_cookieProvider.SetCookie(Strings.CookieKeys.IdUser, userModel.IdUser.ToString(), TimeSpan.FromDays(1));
kullanici = userModel;
kullanici.Password = "";
return(kullanici);
}
public void CheckUserAuthentication(RequestContext context)
{
SC_USER user = _sessionProvider.Get <SC_USER>(Strings.Authorization.UserSessionKey);
if (user == null)
{
var idUser = _cookieProvider.GetCookie(Strings.CookieKeys.IdUser);
if (!string.IsNullOrEmpty(idUser) && idUser != "0")
{
user = _definitionBusiness.Get <SC_USER>(Convert.ToInt32(idUser));
_sessionProvider.Set(Strings.Authorization.UserSessionKey, user);
_sessionProvider.Set(Strings.Authorization.IsLoginSessionKey, false);
}
else
{
throw new AuthorizationException("Bu sayfada işlem yapmaya yetkiniz bulunmamaktadır.");
}
}
IEnumerable <SC_MENU> lstMenu = _menuBusiness.GetAll(user.IdUser);
string _controllerName = string.Empty;
string _action = string.Empty;
string _param = string.Empty;
string _fullPath = context.HttpContext.Request.FilePath;
if (context.RouteData.Values.ContainsKey("controller"))
{
object value = context.RouteData.Values["controller"];
_controllerName = value.ToString();
}
if (context.RouteData.Values.ContainsKey("action"))
{
object value = context.RouteData.Values["action"];
_action = value.ToString();
}
if (context.RouteData.Values.ContainsKey("id"))
{
object value = context.RouteData.Values["id"];
_param = value.ToString();
}
for (int i = 0; i < Strings.AuthenticationPages.PageNames().Length; i++)
{
string pageName = Strings.AuthenticationPages.PageNames()[i];
if (_controllerName.ToLower() == pageName.ToLower())
{
return;
}
}
for (int i = 0; i < Strings.AuthenticationPages.ActionPaths().Length; i++)
{
string actionPath = Strings.AuthenticationPages.ActionPaths()[i];
if (_fullPath.ToLower().Contains(actionPath.ToLower()))
{
return;
}
}
SC_MENU objPage = null;
if (_controllerName.ToLower() == "definition" && (_action.ToLower() == "index" || _action.ToLower() == "ındex"))
{
objPage = lstMenu.FirstOrDefault(k => k.Controller.ToLower() == _controllerName.ToLower() && k.Action.ToLower() == _action.ToLower() && k.Parametre.ToLower() == _param.ToLower());
}
else
{
objPage = lstMenu.FirstOrDefault(k => k.Controller.ToLower() == _controllerName.ToLower());
}
if (objPage == null)
{
throw new AuthorizationException("Bu sayfada işlem yapmaya yetkiniz bulunmamaktadır.");
}
}
