/// <summary>
/// Converts data from reader to entity
/// </summary>
protected virtual SecutityEntity GetSecutityFromReader(IDataReader reader)
{
SecutityEntity entity_Secutity = null;
try
{
entity_Secutity = new SecutityEntity();
entity_Secutity.IdSecutity = (int?)(GetFromReader(reader, "IdSecutity"));
entity_Secutity.Module = (String)(GetFromReader(reader, "Module", IsString: true));
entity_Secutity.Action = (String)(GetFromReader(reader, "Action", IsString: true));
entity_Secutity.Permision = (String)(GetFromReader(reader, "Permision", IsString: true));
}
catch (Exception ex)
{
throw new Exception("Error converting Secutity data to entity", ex);
}
return(entity_Secutity);
}
/// <summary>
/// Gets Secutity by
///</summary>
public override SecutityEntity GetSecutityById(int?IdSecutity)
{
using (SqlConnection connection = new SqlConnection(SoftvSettings.Settings.Secutity.ConnectionString))
{
SqlCommand comandoSql = CreateCommand("Softv_SecutityGetById", connection);
SecutityEntity entity_Secutity = null;
AssingParameter(comandoSql, "@IdSecutity", IdSecutity);
IDataReader rd = null;
try
{
if (connection.State == ConnectionState.Closed)
{
connection.Open();
}
rd = ExecuteReader(comandoSql, CommandBehavior.SingleRow);
if (rd.Read())
{
entity_Secutity = GetSecutityFromReader(rd);
}
}
catch (Exception ex)
{
throw new Exception("Error getting data Secutity " + ex.Message, ex);
}
finally
{
if (connection != null)
{
connection.Close();
}
if (rd != null)
{
rd.Close();
}
}
return(entity_Secutity);
}
}
/// <summary>
/// Edits a Secutity
///</summary>
/// <param name="Secutity"> Objeto Secutity a editar </param>
public override int EditSecutity(SecutityEntity entity_Secutity)
{
int result = 0;
using (SqlConnection connection = new SqlConnection(SoftvSettings.Settings.Secutity.ConnectionString))
{
SqlCommand comandoSql = CreateCommand("Softv_SecutityEdit", connection);
AssingParameter(comandoSql, "@IdSecutity", entity_Secutity.IdSecutity);
AssingParameter(comandoSql, "@Module", entity_Secutity.Module);
AssingParameter(comandoSql, "@Action", entity_Secutity.Action);
AssingParameter(comandoSql, "@Permision", entity_Secutity.Permision);
try
{
if (connection.State == ConnectionState.Closed)
{
connection.Open();
}
result = int.Parse(ExecuteNonQuery(comandoSql).ToString());
}
catch (Exception ex)
{
throw new Exception("Error updating Secutity " + ex.Message, ex);
}
finally
{
if (connection != null)
{
connection.Close();
}
}
}
return(result);
}
/// <summary>
///</summary>
/// <param name="Secutity"> Object Secutity added to List</param>
public override int AddSecutity(SecutityEntity entity_Secutity)
{
int result = 0;
using (SqlConnection connection = new SqlConnection(SoftvSettings.Settings.Secutity.ConnectionString))
{
SqlCommand comandoSql = CreateCommand("Softv_SecutityAdd", connection);
AssingParameter(comandoSql, "@IdSecutity", null, pd: ParameterDirection.Output, IsKey: true);
AssingParameter(comandoSql, "@Module", entity_Secutity.Module);
AssingParameter(comandoSql, "@Action", entity_Secutity.Action);
AssingParameter(comandoSql, "@Permision", entity_Secutity.Permision);
try
{
if (connection.State == ConnectionState.Closed)
{
connection.Open();
}
result = ExecuteNonQuery(comandoSql);
}
catch (Exception ex)
{
throw new Exception("Error adding Secutity " + ex.Message, ex);
}
finally
{
connection.Close();
}
result = (int)comandoSql.Parameters["@IdSecutity"].Value;
}
return(result);
}
/// <summary> /// Abstract method to update Secutity /// </summary> public abstract int EditSecutity(SecutityEntity entity_Secutity);
/// <summary> /// Abstract method to add Secutity /// /summary> /// <param name="Secutity"></param> /// <returns></returns> public abstract int AddSecutity(SecutityEntity entity_Secutity);
public int?UpdateSecutity(SecutityEntity objSecutity)
{
return(Secutity.Edit(objSecutity));
}
public int?AddSecutity(SecutityEntity objSecutity)
{
return(Secutity.Add(objSecutity));
}
public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
{
//
List <String> lstUriAction = request.Headers.To.ToString().Split('/').ToList();
String Action = lstUriAction.Last().ToUpper();
String Module = lstUriAction[lstUriAction.Count() - 2].ToUpper();
if (WebOperationContext.Current.IncomingRequest.Method == "OPTIONS")
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.OK;
return(null);
}
else
{
// Check to see if there is an Authorization in the header, otherwise throw a 401
if (WebOperationContext.Current.IncomingRequest.Headers["Authorization"] == null)
{
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
}
else // Decode the header, check password
{
string encodedUnamePwd = "";
if (Module == "USUARIO" && Action == "LOGON")
{
encodedUnamePwd = GetEncodedCredentialsFromHeader();
if (!string.IsNullOrEmpty(encodedUnamePwd))
{
// Decode the credentials
byte[] decodedBytes = null;
try
{
decodedBytes = Convert.FromBase64String(encodedUnamePwd);
}
catch (FormatException)
{
return(false);
}
string credentials = ASCIIEncoding.ASCII.GetString(decodedBytes);
// Validate User and Password
string[] authParts = credentials.Split(':');
Usuario objUsuario = new Usuario();
UsuarioEntity objUsr = Usuario.GetusuarioByUserAndPass(authParts[0], authParts[1]);
if (objUsr == null)
{
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
}
}
}
else
{
encodedUnamePwd = GetTokenFromHeader();
if (!string.IsNullOrEmpty(encodedUnamePwd))
{
List <SessionEntity> objSessionEntity = Session.GetAll();
if (!objSessionEntity.Any(x => x.Token == encodedUnamePwd))
{
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
}
else
{
SessionEntity objSession = objSessionEntity.Where(x => x.Token == encodedUnamePwd).FirstOrDefault();
UsuarioEntity objUsr = Usuario.GetOne(objSession.IdUsuario);
if (!(lstInvaliAction.Where(x => (Action.StartsWith(x) || lstInvaliAction.Contains(Action))).Any()))
{
List <SecutityEntity> lstSecutityEntity = Secutity.GetPagedList(1, 99999, Globals.SerializeTool.Serialize <SecutityEntity>(new SecutityEntity()
{
Module = Module
})).ToList();
if (lstSecutityEntity.Any(x => x.Action == Action))
{
SecutityEntity objSecutity = lstSecutityEntity.Where(x => x.Action == Action).FirstOrDefault();
if (objSecutity != null)
{
List <PermisoEntity> lstPermisos = Permiso.GetXml(Globals.SerializeTool.Serialize <PermisoEntity>(new PermisoEntity()
{
IdRol = objUsr.IdRol
})).ToList();
PermisoEntity objPermisos = lstPermisos.Where(x => x.Module.ModulePath.ToUpper() == Module.ToUpper()).ToList().FirstOrDefault();
if (objPermisos != null)
{
switch (objSecutity.Permision)
{
case "S":
{
return(null);
}
case "A":
{
if (objPermisos.OptAdd == true)
{
return(null);
}
else
{
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
}
}
case "D":
{
if (objPermisos.OptDelete == true)
{
return(null);
}
else
{
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
}
}
case "U":
{
if (objPermisos.OptUpdate == true)
{
return(null);
}
else
{
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
}
}
default:
{
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
}
}
}
else
{
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
}
}
}
else
{
WebOperationContext.Current.OutgoingResponse.Headers.Add("WWW-Authenticate: Basic realm=\"myrealm\"");
throw new WebFaultException <string>("Acceso no autorizado, favor de validar autenticación", HttpStatusCode.Unauthorized);
}
}
}
}
}
}
}
return(null);
}
public static SecutityEntity GetOne(int?IdSecutity)
{
SecutityEntity result = ProviderSoftv.Secutity.GetSecutityById(IdSecutity);
return(result);
}
public static int Edit(SecutityEntity objSecutity)
{
int result = ProviderSoftv.Secutity.EditSecutity(objSecutity);
return(result);
}
public static int Add(SecutityEntity objSecutity)
{
int result = ProviderSoftv.Secutity.AddSecutity(objSecutity);
return(result);
}
