/// <summary>
        /// This method is responsible for getting a specific user from the helpdesk system
        /// </summary>
        /// <param name="id">The UserId of the specific user to be retrieved</param>
        /// <returns>The response that indicates if the operation was a success,
        /// and the details of the retrieved user if it was</returns>
        public GetUserResponse GetUser(int id)
        {
            s_logger.Info("Getting user...");

            GetUserResponse response = new GetUserResponse();

            try
            {
                var dataLayer = new UsersDataLayer();

                UserDTO user = dataLayer.GetUser(id);

                if (user == null)
                {
                    throw new NotFoundException("Unable to find user!");
                }

                response.User   = user;
                response.Status = HttpStatusCode.OK;
            }
            catch (NotFoundException ex)
            {
                s_logger.Error(ex, "Unable to find user!");
                response.Status = HttpStatusCode.NotFound;
                response.StatusMessages.Add(new StatusMessage(HttpStatusCode.NotFound, "Unable to find user!"));
            }
            catch (Exception ex)
            {
                s_logger.Error(ex, "Unable to get user!");
                response.Status = HttpStatusCode.InternalServerError;
                response.StatusMessages.Add(new StatusMessage(HttpStatusCode.InternalServerError, "Unable to get user!"));
            }
            return(response);
        }
        /// <summary>
        /// This method is responsible for retrieving all users from the helpdesk system
        /// </summary>
        /// <returns>The response that indicates if the operation was a success,
        /// and the list of users</returns>
        public GetUsersResponse GetUsers()
        {
            s_logger.Info("Getting users...");

            GetUsersResponse response = new GetUsersResponse();

            try
            {
                var dataLayer = new UsersDataLayer();

                List <UserDTO> users = dataLayer.GetUsers();

                response.Users  = users;
                response.Status = HttpStatusCode.OK;
            }
            catch (NotFoundException ex)
            {
                s_logger.Error(ex, "No users found!");
                response.Status = HttpStatusCode.NotFound;
                response.StatusMessages.Add(new StatusMessage(HttpStatusCode.NotFound, "No users found!"));
            }
            catch (Exception ex)
            {
                s_logger.Error(ex, "Unable to get users!");
                response.Status = HttpStatusCode.InternalServerError;
                response.StatusMessages.Add(new StatusMessage(HttpStatusCode.InternalServerError, "Unable to get users!"));
            }
            return(response);
        }
Esempio n. 3
0
        public int getTotalRecords(UserCriteria conditions)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                return(UsersDataLayer.GetInstance().GetTotalRecords(connection, conditions));
            }
        }
Esempio n. 4
0
        public void TrackUserAction(UserLogInfo userLoginfo)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                UsersDataLayer.GetInstance().TrackingUserBehavior(connection, userLoginfo);
            }
        }
Esempio n. 5
0
        public AuthenticateModelRespone SignIn(string _UserID, string _Password)
        {
            AuthenticateModelRespone ret = new AuthenticateModelRespone();

            ret.isSuccess = false;
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                DataTable dtLogin = UsersDataLayer.GetInstance().Get_UserPassword(connection, _UserID);

                if (dtLogin.Rows.Count > 0)
                {
                    var strPass = dtLogin.Rows[0][1].ToString();

                    //Have a Password
                    if (strPass.Length > 0)
                    {
                        string applicationId   = EncryptionUtils.GetApplicationId();
                        string applicationName = EncryptionUtils.GetApplicationName();

                        strPass = EncryptionUtils.Decrypt(strPass, applicationName, applicationId).Trim();

                        //Corect Password
                        if (strPass.Equals(_Password))
                        {
                            DataTable dtLogin2 = UsersDataLayer.GetInstance().GetUserByUserId(connection, _UserID);
                            ret.isSuccess = true;
                            ret.name      = dtLogin2.Rows[0][1].ToString();
                            ret.userID    = dtLogin2.Rows[0][0].ToString();

                            ret.role = UsersDataLayer.GetInstance().GetRoleByUserId(connection, _UserID);


                            var tokenHandler    = new JwtSecurityTokenHandler();
                            var key             = Encoding.ASCII.GetBytes(SerectContext.Secret);
                            var tokenDescriptor = new SecurityTokenDescriptor
                            {
                                Subject = new ClaimsIdentity(new Claim[]
                                {
                                    new Claim(ClaimTypes.NameIdentifier, _UserID)
                                }),
                                Expires            = DateTime.UtcNow.AddDays(7),
                                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
                            };
                            var token = tokenHandler.CreateToken(tokenDescriptor);
                            ret.token = tokenHandler.WriteToken(token);
                            return(ret);
                        }
                    }
                }
                ret.err.msgCode   = "001";
                ret.err.msgString = "Sai thông tin password và acccount";
                return(ret);
            }
        }
Esempio n. 6
0
        public List <UserInfo> GetList(UserCriteria conditions)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                List <UserInfo> ListUserInfo = UsersDataLayer.GetInstance().Getlist(connection, conditions);
                return(ListUserInfo);
            }
        }
Esempio n. 7
0
        public void DeleteUser(string id)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                UsersDataLayer.GetInstance().DeleteUser(connection, id);
                UserGroupDataLayer.GetInstance().DeleteGroupOfUser(connection, id);
            }
        }
Esempio n. 8
0
        public void UpdateUserGroup(string id, UserGroupInfo _userGroup)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();
            UserInfo             record        = new UserInfo();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                UserInfo data = UsersDataLayer.GetInstance().GetUser(connection, id);
                UserGroupDataLayer.GetInstance().UpdateUserGroup(connection, id, _userGroup);
            }
        }
Esempio n. 9
0
        public UserInfo GetDetail(string id)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();
            UserInfo             record        = new UserInfo();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                record = UsersDataLayer.GetInstance().GetUser(connection, id);

                return(record);
            }
        }
Esempio n. 10
0
        public void ChangePassword(string _user, string pass)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();
            UserInfo             record        = new UserInfo();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                string applicationId   = EncryptionUtils.GetApplicationId();
                string applicationName = EncryptionUtils.GetApplicationName();
                String password        = EncryptionUtils.EncryptData(pass, applicationName, applicationId);
                UsersDataLayer.GetInstance().ChangePass(connection, _user, password);
            }
        }
Esempio n. 11
0
        public void DeleteUsers(string ids)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                string[] IDsarray = ids.Split(',');
                foreach (string id in IDsarray)
                {
                    UsersDataLayer.GetInstance().DeleteUser(connection, id);
                }
            }
        }
Esempio n. 12
0
        public void CreateUser(UserInfo _user)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();
            UserInfo             record        = new UserInfo();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                string applicationId   = EncryptionUtils.GetApplicationId();
                string applicationName = EncryptionUtils.GetApplicationName();
                _user.Password = EncryptionUtils.EncryptData(_user.Password, applicationName, applicationId);
                UsersDataLayer.GetInstance().CreateUser(connection, _user);
            }
        }
        /// <summary>
        /// This method is responsible for updating a specific user's information, such
        /// as their username and password
        /// </summary>
        /// <param name="id">The UserId of the user to be updated</param>
        /// <param name="request">The user's new information</param>
        /// <returns>The response that indicates if the update was successfull</returns>
        public UpdateUserResponse UpdateUser(int id, UpdateUserRequest request)
        {
            s_logger.Info("Updating user...");

            UpdateUserResponse response = new UpdateUserResponse();

            try
            {
                response = (UpdateUserResponse)request.CheckValidation(response);

                if (response.Status == HttpStatusCode.BadRequest)
                {
                    return(response);
                }

                request.Password = HashText(request.Password);

                var dataLayer = new UsersDataLayer();

                if (dataLayer.GetUserByUsername(request.Username) != null && dataLayer.GetUserByUsername(request.Username).UserId != id)
                {
                    throw new Exception("Unable to update user! User with username " + request.Username + "already exists!");
                }

                bool result = dataLayer.UpdateUser(id, request);

                if (result == false)
                {
                    throw new NotFoundException("Unable to find user!");
                }

                response.Result = result;
                response.Status = HttpStatusCode.OK;
            }
            catch (NotFoundException ex)
            {
                s_logger.Error(ex, "Unable to find user!");
                response.Status = HttpStatusCode.NotFound;
                response.StatusMessages.Add(new StatusMessage(HttpStatusCode.NotFound, "Unable to find user!"));
            }
            catch (Exception ex)
            {
                s_logger.Error(ex, "Unable to update user!");
                response.Status = HttpStatusCode.Forbidden;
                response.StatusMessages.Add(new StatusMessage(HttpStatusCode.Forbidden, "Unable to update user!"));
            }
            return(response);
        }
        /// <summary>
        /// This method is responsible for adding a new user.
        /// </summary>
        /// <param name="request"></param>
        /// <returns></returns>
        public AddUserResponse AddUser(AddUserRequest request)
        {
            s_logger.Info("Adding user...");

            AddUserResponse response = new AddUserResponse();

            try
            {
                response = (AddUserResponse)request.CheckValidation(response);
                if (response.Status == HttpStatusCode.BadRequest)
                {
                    return(response);
                }

                if (string.IsNullOrEmpty(request.Password))
                {
                    request.Password = request.Username;
                }

                request.Password = HashText(request.Password);

                var dataLayer = new UsersDataLayer();

                if (dataLayer.GetUserByUsername(request.Username) != null)
                {
                    response.Status = HttpStatusCode.Forbidden;
                    response.StatusMessages.Add(new StatusMessage(HttpStatusCode.Forbidden, "Username already exists"));
                    return(response);
                }

                int?result = dataLayer.AddUser(request);

                if (result == null)
                {
                    throw new Exception("Unable to add user!");
                }

                response.UserId = (int)result;
                response.Status = HttpStatusCode.OK;
            }
            catch (Exception ex)
            {
                s_logger.Error(ex, "Unable to add user!");
                response.Status = HttpStatusCode.InternalServerError;
                response.StatusMessages.Add(new StatusMessage(HttpStatusCode.InternalServerError, "Unable to add user!"));
            }
            return(response);
        }
Esempio n. 15
0
        public void UpdateUser(string id, UserInfo _user)
        {
            SqlConnectionFactory sqlConnection = new SqlConnectionFactory();
            UserInfo             record        = new UserInfo();

            using (SqlConnection connection = sqlConnection.GetConnection())
            {
                UserInfo data = UsersDataLayer.GetInstance().GetUser(connection, id);
                if (data.Password != _user.Password)
                {
                    string applicationId   = EncryptionUtils.GetApplicationId();
                    string applicationName = EncryptionUtils.GetApplicationName();

                    _user.Password = EncryptionUtils.EncryptData(_user.Password, applicationName, applicationId);
                }
                UsersDataLayer.GetInstance().UpdateUser(connection, id, _user);
            }
        }
        /// <summary>
        /// This is used to check that the user that is logged in is actually a valid user in the system
        /// </summary>
        /// <param name="username">The username of the user</param>
        /// <param name="userId">The id of the user</param>
        /// <returns>An indicator of whether or not the user is valid</returns>
        public bool VerifyUser(string username, string userId)
        {
            bool result = false;

            try
            {
                var dataLayer = new UsersDataLayer();
                int userID    = -1;

                if (!int.TryParse(userId, out userID))
                {
                    throw new Exception("Invalid user id received.");
                }

                UserDTO userFromID = dataLayer.GetUser(userID);

                UserDTO userFromUsername = dataLayer.GetUserByUsername(username);

                if (!(userFromID.UserId == userFromUsername.UserId && userFromID.Username == userFromUsername.Username && (!userFromID.FirstTime)))
                {
                    s_logger.Warn("Unable to verify user.");
                    result = false;
                }
                else
                {
                    result = true;
                }
            }
            catch (NotFoundException ex)
            {
                s_logger.Warn(ex, "Unable to find user in system.");
            }
            catch (Exception ex)
            {
                s_logger.Error(ex, "Unable to perform log in attempt.");
            }
            return(result);
        }
        /// <summary>
        /// This method is responsible for handling the deletion of a user from the system
        /// </summary>
        /// <param name="id">The id of the user to be deleted</param>
        /// <returns>A response that indicates whether or not the deletion was successful</returns>
        public DeleteUserResponse DeleteUser(int id, string currentUser)
        {
            var response = new DeleteUserResponse();

            try
            {
                var dataLayer = new UsersDataLayer();

                UserDTO user = dataLayer.GetUser(id);

                if (user.Username == currentUser)
                {
                    response.Status = HttpStatusCode.Forbidden;
                    return(response);
                }

                bool result = dataLayer.DeleteUser(id);

                if (result)
                {
                    response.Status = HttpStatusCode.OK;
                }
            }
            catch (NotFoundException ex)
            {
                s_logger.Warn($"Unable to find the user with id [{id}]");
                response.Status = HttpStatusCode.NotFound;
            }
            catch (Exception ex)
            {
                s_logger.Error(ex, "Unable to delete the user.");
                response.Status = HttpStatusCode.InternalServerError;
            }

            return(response);
        }
        /// <summary>
        /// This method is responsable for handling the validation and verification of the users login attempt
        /// </summary>
        /// <param name="request">the users login information</param>
        /// <returns>The response which indicates if they are sucessful and the bearer token
        /// they will use for authentication on success</returns>
        public LoginResponse LoginUser(LoginRequest request)
        {
            s_logger.Info("Attempting to log in...");

            LoginResponse response = new LoginResponse();

            try
            {
                //Validate input
                response = (LoginResponse)request.CheckValidation(response);

                if (response.Status == HttpStatusCode.BadRequest)
                {
                    return(response);
                }

                var dataLayer = new UsersDataLayer();

                //Verify user exists
                UserDTO user = dataLayer.GetUserByUsername(request.Username);
                if (user == null)
                {
                    response.Token  = string.Empty;
                    response.Status = HttpStatusCode.BadRequest;
                    response.StatusMessages.Add(new StatusMessage(HttpStatusCode.BadRequest, "Unable to login username or password is incorrect"));
                    s_logger.Warn($"Unable to login as a username [ {request.Username} ], username or password is incorrect.");
                    return(response);
                }

                // Ensure that their password is correct
                string hashedPassword = HashText(request.Password);
                if (user.Password != hashedPassword)
                {
                    response.Token  = string.Empty;
                    response.Status = HttpStatusCode.BadRequest;
                    response.StatusMessages.Add(new StatusMessage(HttpStatusCode.BadRequest, "Unable to login username or password is incorrect"));
                    s_logger.Warn($"Unable to login as a username [ {request.Username} ], username or password is incorrect.");
                    return(response);
                }

                // Generate users bearer token
                var tokenHandler = new JwtSecurityTokenHandler();
                var key          = Encoding.ASCII.GetBytes(_appSettings.AppSecret);

                var tokenDescriptior = new SecurityTokenDescriptor()
                {
                    Subject = new ClaimsIdentity(new Claim[] {
                        new Claim(ClaimTypes.Name, user.Username),
                        new Claim(ClaimTypes.Sid, user.UserId.ToString())
                    }),
                    Expires            = DateTime.Now.AddHours(4),
                    SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature)
                };

                var rawToken = tokenHandler.CreateToken(tokenDescriptior);
                var token    = tokenHandler.WriteToken(rawToken);

                response.Token = token;

                if (user.FirstTime)
                {
                    response.Status = HttpStatusCode.Accepted;
                    response.UserId = user.UserId;
                    return(response);
                }

                response.Status = HttpStatusCode.OK;
            }
            catch (Exception ex)
            {
                s_logger.Error(ex, "Unable to perform log in attempt.");
                response = new LoginResponse
                {
                    Token  = string.Empty,
                    Status = HttpStatusCode.InternalServerError
                };
                response.StatusMessages.Add(new StatusMessage(HttpStatusCode.InternalServerError, "Unable to perform log in attempt."));
            }
            return(response);
        }
Esempio n. 19
0
        /// <summary>
        /// Used to get a Zip file of all of the database tables as CSVs
        /// </summary>
        public DatabaseExportResponse ExportDatabase()
        {
            var response = new DatabaseExportResponse();

            try
            {
                FileProccessing proccessing = new FileProccessing();

                DateTime now = DateTime.Now;

                string exportName = $"databaseexport_{now.ToString("yyyyddMM_HHmmss")}";

                string fullZipPath = proccessing.CreateZip(_appSettings.DatabaseBackupDestination, exportName);

                if (string.IsNullOrEmpty(fullZipPath))
                {
                    s_logger.Error("Unable to create empty zip");
                    response.Status = HttpStatusCode.InternalServerError;
                    return(response);
                }
                else
                {
                    var helpdeskDataLayer = new HelpdeskDataLayer();
                    var unitDataLayer     = new UnitsDataLayer();
                    var usersDataLayer    = new UsersDataLayer();
                    var topicsDataLayer   = new TopicsDataLayer();
                    var studentDataLayer  = new StudentDatalayer();
                    var queueDataLayer    = new QueueDataLayer();
                    var checkInDataLayer  = new CheckInDataLayer();

                    DataTable helpdesks = helpdeskDataLayer.GetHelpdesksAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "helpdesks", helpdesks);

                    DataTable timespans = helpdeskDataLayer.GetTimeSpansAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "timespans", timespans);

                    DataTable helpdeskUnits = helpdeskDataLayer.GetHelpdeskUnitsAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "helpdeskunits", helpdeskUnits);

                    DataTable users = usersDataLayer.GetUsersAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "users", users);

                    DataTable units = unitDataLayer.GetUnitsAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "units", units);

                    DataTable topics = topicsDataLayer.GetTopicsAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "topics", topics);

                    DataTable students = studentDataLayer.GetStudentsAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "students", students);

                    DataTable queuesItems = queueDataLayer.GetQueueItemsAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "queueItems", queuesItems);

                    DataTable checkIns = checkInDataLayer.GetCheckInsAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "checkInHistory", checkIns);

                    DataTable checkInQueueItems = checkInDataLayer.GetCheckInQueueItemsAsDataTable();
                    proccessing.SaveToZIPAsCSV(fullZipPath, "checkinqueueitem", checkInQueueItems);

                    response.Path   = fullZipPath;
                    response.Status = HttpStatusCode.OK;
                }
            }
            catch (Exception ex)
            {
                s_logger.Error(ex, "Unable to generate database export");
                response.Status = HttpStatusCode.InternalServerError;
            }
            return(response);
        }