public static string SaveNotifications(object[] oAsset)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
acUI.AppGlobals ag = new acUI.AppGlobals();
string sErr = "";
string sMessengerOnOff = oAsset[0].ToString();
string sPollLoop = oAsset[1].ToString();
string sRetryDelay = oAsset[2].ToString();
string sRetryMaxAttempts = oAsset[3].ToString();
string sSMTPServerAddress = oAsset[4].ToString().Replace("'", "''");
string sSMTPUserAccount = oAsset[5].ToString().Replace("'", "''");
string sSMTPUserPassword = oAsset[6].ToString();
string sSMTPServerPort = oAsset[7].ToString();
string sFromEmail = oAsset[8].ToString().Replace("'", "''");
string sFromName = oAsset[9].ToString().Replace("'", "''");
string sAdminEmail = oAsset[10].ToString().Replace("'", "''");
// get the current settings for the logging
string sOrigMessengerOnOff = "";
string sOrigPollLoop = "";
string sOrigRetryDelay = "";
string sOrigRetryMaxAttempts = "";
string sOrigSMTPServerAddress = "";
string sOrigSMTPUserAccount = "";
string sOrigSMTPServerPort = "";
string sOrigFromEmail = "";
string sOrigFromName = "";
string sOrigAdminEmail = "";
string sSQL = "select mode_off_on, loop_delay_sec, retry_delay_min, retry_max_attempts," +
" smtp_server_addr, smtp_server_user, smtp_server_password, smtp_server_port, from_email, from_name, admin_email" +
" from messenger_settings" +
" where id = 1";
DataTable dt = new DataTable();
if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr))
{
return("Unable to continue. " + sErr);
}
if (dt.Rows.Count > 0)
{
DataRow dr = dt.Rows[0];
sOrigMessengerOnOff = dr["mode_off_on"].ToString();
sOrigPollLoop = dr["loop_delay_sec"].ToString();
sOrigRetryDelay = dr["retry_delay_min"].ToString();
sOrigRetryMaxAttempts = dr["retry_max_attempts"].ToString();
sOrigSMTPServerAddress = dr["smtp_server_addr"].ToString();
sOrigSMTPUserAccount = dr["smtp_server_user"].ToString();
sOrigSMTPServerPort = dr["smtp_server_port"].ToString();
sOrigFromEmail = dr["from_email"].ToString();
sOrigFromName = dr["from_name"].ToString();
sOrigAdminEmail = dr["admin_email"].ToString();
}
sSQL = "update messenger_settings set mode_off_on='{0}', loop_delay_sec={1}, retry_delay_min={2}, retry_max_attempts={3}, smtp_server_addr='{4}', smtp_server_user='******', smtp_server_port={6}, from_email='{7}', from_name='{8}', admin_email='{9}'";
//only update password if it has been changed.
string sPasswordFiller = "($%#d@x!&";
if (sSMTPUserPassword != sPasswordFiller)
{
sSQL += ",smtp_server_password='******'";
}
sSQL = string.Format(sSQL, sMessengerOnOff, sPollLoop, sRetryDelay, sRetryMaxAttempts, sSMTPServerAddress, sSMTPUserAccount, sSMTPServerPort, sFromEmail, sFromName, sAdminEmail, dc.EnCrypt(sSMTPUserPassword));
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
return("Update failed: " + sErr);
}
else
{
//logging
var sLogObject = "Manage Notifications";
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Messenger On / Off", sOrigMessengerOnOff, sMessengerOnOff);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Poll Loop", sOrigPollLoop, sPollLoop);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Delay", sOrigRetryDelay, sRetryDelay);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Max Attempts", sOrigRetryMaxAttempts, sRetryMaxAttempts);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Address", sOrigSMTPServerAddress, sSMTPServerAddress);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP User Account", sOrigSMTPUserAccount, sSMTPUserAccount);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Port", sOrigSMTPServerPort, sSMTPServerPort);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Email", sOrigFromEmail, sFromEmail);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigFromName, sFromName);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigAdminEmail, sAdminEmail);
// send a notification to the user that made the change
if (sMessengerOnOff == "on")
{
// get the users email, if they do not have an email tell them no message was created.
string sUsersEmail = null;
string sUserID = ui.GetSessionUserID();
sSQL = "select email from users where user_id = '" + sUserID + "'";
if (!dc.sqlGetSingleString(ref sUsersEmail, sSQL, ref sErr))
{
return("Unable to create test email: " + sErr);
}
string sUserName = "";
sUserName = ui.GetSessionUserFullName();
if (string.IsNullOrEmpty(sUsersEmail) || sUsersEmail.Length < 5)
{
// all good, no email so notify user
return("Notification settings updated.\n\nNo email on file for user " + sUserName + " - unable to send a test message");
}
else
{
// create a test email
ui.SendEmailMessage(sUsersEmail,
ag.APP_COMPANYNAME + " Account Management",
ag.APP_COMPANYNAME + " Messenger configuration change.",
"<html><head></head><body><p>" + sUserName + ",</p><p>This is a test mail to confirm the smtp server that you have configured.</p><p>Do not reply to this message, and feel free to delete it.</p><p>Regards,\n\n" + ag.APP_COMPANYNAME + " Administration team.</p></body></html>", ref sErr);
if (sErr != "")
{
return("Update completed. Unable to create test message: " + sErr);
}
}
return("Notification settings updated. A test email will be sent to " + sUsersEmail + ".");
}
else
{
return("Notification settings updated.");
}
}
}
public static string ResetPassword(string sUserID)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
acUI.AppGlobals ag = new acUI.AppGlobals();
string sSQL = null;
string sErr = null;
//get the details of this user
sSQL = "select u.username, u.full_name, u.email, u.authentication_type" +
" from users u " +
" where u.user_id = '" + sUserID + "'";
DataRow dr = null;
if (!dc.sqlGetDataRow(ref dr, sSQL, ref sErr))
{
throw new Exception(sErr);
}
if (dr != null)
{
if (!string.IsNullOrEmpty(dr["email"].ToString()))
{
string sEmail = dr["email"].ToString();
string sNewPassword = dc.GenerateNewPassword();
sSQL = "update users set user_password = '******' where user_id = '" + sUserID + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
throw new Exception(sErr);
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.User, sUserID, sUserID, "Password Reset");
//email out the password
string sBody = "";
if (!dc.sqlGetSingleString(ref sBody, "select new_user_email_message from login_security_settings where id = 1", ref sErr))
{
throw new Exception(sErr);
}
//default message if undefined in the table
if (string.IsNullOrEmpty(sBody))
{
sBody = dr["full_name"].ToString() + " - your password has been reset by an Administrator." + Environment.NewLine + Environment.NewLine +
"Your temporary password is: " + sNewPassword + "." + Environment.NewLine;
}
//replace our special tokens with the values
sBody = sBody.Replace("##FULLNAME##", dr["full_name"].ToString()).Replace("##USERNAME##", dr["username"].ToString()).Replace("##PASSWORD##", sNewPassword);
if (!ui.SendEmailMessage(sEmail.Trim(), ag.APP_COMPANYNAME + " Account Management", "Account Action in " + ag.APP_NAME, sBody, ref sErr))
{
throw new Exception(sErr);
}
}
else
{
return("Unable to reset - user does not have an email address defined.");
}
}
return("");
}
public static string SaveNotifications(object[] oAsset)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
acUI.AppGlobals ag = new acUI.AppGlobals();
string sErr = "";
string sMessengerOnOff = oAsset[0].ToString();
string sPollLoop = oAsset[1].ToString();
string sRetryDelay = oAsset[2].ToString();
string sRetryMaxAttempts = oAsset[3].ToString();
string sSMTPServerAddress = oAsset[4].ToString().Replace("'", "''");
string sSMTPUserAccount = oAsset[5].ToString().Replace("'", "''");
string sSMTPUserPassword = oAsset[6].ToString();
string sSMTPServerPort = oAsset[7].ToString();
string sFromEmail = oAsset[8].ToString().Replace("'", "''");
string sFromName = oAsset[9].ToString().Replace("'", "''");
string sAdminEmail = oAsset[10].ToString().Replace("'", "''");
// get the current settings for the logging
string sOrigMessengerOnOff = "";
string sOrigPollLoop = "";
string sOrigRetryDelay = "";
string sOrigRetryMaxAttempts = "";
string sOrigSMTPServerAddress = "";
string sOrigSMTPUserAccount = "";
string sOrigSMTPServerPort = "";
string sOrigFromEmail = "";
string sOrigFromName = "";
string sOrigAdminEmail = "";
string sSQL = "select mode_off_on, loop_delay_sec, retry_delay_min, retry_max_attempts," +
" smtp_server_addr, smtp_server_user, smtp_server_password, smtp_server_port, from_email, from_name, admin_email" +
" from messenger_settings" +
" where id = 1";
DataTable dt = new DataTable();
if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr))
{
return "Unable to continue. " + sErr;
}
if (dt.Rows.Count > 0)
{
DataRow dr = dt.Rows[0];
sOrigMessengerOnOff = dr["mode_off_on"].ToString();
sOrigPollLoop = dr["loop_delay_sec"].ToString();
sOrigRetryDelay = dr["retry_delay_min"].ToString();
sOrigRetryMaxAttempts = dr["retry_max_attempts"].ToString();
sOrigSMTPServerAddress = dr["smtp_server_addr"].ToString();
sOrigSMTPUserAccount = dr["smtp_server_user"].ToString();
sOrigSMTPServerPort = dr["smtp_server_port"].ToString();
sOrigFromEmail = dr["from_email"].ToString();
sOrigFromName = dr["from_name"].ToString();
sOrigAdminEmail = dr["admin_email"].ToString();
}
sSQL = "update messenger_settings set mode_off_on='{0}', loop_delay_sec={1}, retry_delay_min={2}, retry_max_attempts={3}, smtp_server_addr='{4}', smtp_server_user='******', smtp_server_port={6}, from_email='{7}', from_name='{8}', admin_email='{9}'";
//only update password if it has been changed.
string sPasswordFiller = "($%#d@x!&";
if (sSMTPUserPassword != sPasswordFiller)
{
sSQL += ",smtp_server_password='******'";
}
sSQL = string.Format(sSQL, sMessengerOnOff, sPollLoop, sRetryDelay, sRetryMaxAttempts, sSMTPServerAddress, sSMTPUserAccount, sSMTPServerPort, sFromEmail, sFromName, sAdminEmail, dc.EnCrypt(sSMTPUserPassword));
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
return "Update failed: " + sErr;
}
else
{
//logging
var sLogObject = "Manage Notifications";
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Messenger On / Off", sOrigMessengerOnOff, sMessengerOnOff);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Poll Loop", sOrigPollLoop, sPollLoop);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Delay", sOrigRetryDelay, sRetryDelay);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Max Attempts", sOrigRetryMaxAttempts, sRetryMaxAttempts);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Address", sOrigSMTPServerAddress, sSMTPServerAddress);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP User Account", sOrigSMTPUserAccount, sSMTPUserAccount);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Port", sOrigSMTPServerPort, sSMTPServerPort);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Email", sOrigFromEmail, sFromEmail);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigFromName, sFromName);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigAdminEmail, sAdminEmail);
// send a notification to the user that made the change
if (sMessengerOnOff == "on")
{
// get the users email, if they do not have an email tell them no message was created.
string sUsersEmail = null;
string sUserID = ui.GetSessionUserID();
sSQL = "select email from users where user_id = '" + sUserID + "'";
if (!dc.sqlGetSingleString(ref sUsersEmail, sSQL, ref sErr))
{
return "Unable to create test email: " + sErr;
}
string sUserName = "";
sUserName = ui.GetSessionUserFullName();
if (string.IsNullOrEmpty(sUsersEmail) || sUsersEmail.Length < 5)
{
// all good, no email so notify user
return "Notification settings updated.\n\nNo email on file for user " + sUserName + " - unable to send a test message";
}
else
{
// create a test email
ui.SendEmailMessage(sUsersEmail,
ag.APP_COMPANYNAME + " Account Management",
ag.APP_COMPANYNAME + " Messenger configuration change.",
"<html><head></head><body><p>" + sUserName + ",</p><p>This is a test mail to confirm the smtp server that you have configured.</p><p>Do not reply to this message, and feel free to delete it.</p><p>Regards,\n\n" + ag.APP_COMPANYNAME + " Administration team.</p></body></html>", ref sErr);
if (sErr != "")
{
return "Update completed. Unable to create test message: " + sErr;
}
}
return "Notification settings updated. A test email will be sent to " + sUsersEmail + ".";
}
else
{
return "Notification settings updated.";
}
}
}
public static string SaveNewUser(object[] oUser)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
acUI.AppGlobals ag = new acUI.AppGlobals();
string sSql = null;
string sErr = null;
// check the number of properties
if (oUser.Length != 10)
{
return("Incorrect list of user properties");
}
string sLoginID = oUser[0].ToString();
string sFullName = oUser[1].ToString();
string sAuthType = oUser[2].ToString();
string sUserPassword = oUser[3].ToString();
string sGeneratePW = oUser[4].ToString();
string sForcePasswordChange = oUser[5].ToString();
string sUserRole = oUser[6].ToString();
string sEmail = oUser[7].ToString();
string sStatus = oUser[8].ToString();
string sGroupArray = oUser[9].ToString();
// checks that cant be done on the client side
// is the name unique?
string sInuse = "";
if (!dc.sqlGetSingleString(ref sInuse, "select user_id from users where username = '******' limit 1", ref sErr))
{
return("sErr");
}
else
{
if (!string.IsNullOrEmpty(sInuse))
{
return("Login ID '" + sLoginID + "' is unavailable, please choose another.");
}
}
// password
string sPassword = null;
if (sAuthType == "local")
{
if (sGeneratePW == "1") //generate an initial strong password
{
sUserPassword = dc.GenerateNewPassword();
}
sPassword = "******" + dc.EnCrypt(sUserPassword) + "'";
}
else if (sAuthType == "ldap")
{
sPassword = "******";
}
else
{
return("Unknown Authentication Type.");
}
// passed client and server validations, create the user
string sNewUserID = ui.NewGUID();
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// all good, save the new user and redirect to the user edit page.
sSql = "insert users" +
" (user_id,username,full_name,authentication_type,user_password,force_change,email,status,user_role)" +
" values " +
"('" + sNewUserID + "'," +
"'" + sLoginID.Trim().Replace("'", "''") + "'," +
"'" + sFullName.Trim().Replace("'", "''") + "'," +
"'" + sAuthType + "'," + sPassword + "," +
"'" + sForcePasswordChange + "'," +
"'" + sEmail.Trim() + "'," +
"'" + sStatus + "'," +
"'" + sUserRole + "'" +
")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
#region "groups"
// add user groups, if there are any
if (sGroupArray.Length > 0)
{
ArrayList aGroups = new ArrayList(sGroupArray.Split(','));
foreach (string sGroupName in aGroups)
{
sSql = "insert object_tags (object_id, object_type, tag_name)" +
" values ('" + sNewUserID + "', 1, '" + sGroupName + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
#endregion
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.User, sNewUserID, sFullName.Trim().Replace("'", "''"), "");
//email out the password
string sBody = "";
if (!dc.sqlGetSingleString(ref sBody, "select new_user_email_message from login_security_settings where id = 1", ref sErr))
{
throw new Exception(sErr);
}
//default message if undefined in the table
if (string.IsNullOrEmpty(sBody))
{
sBody = sFullName + " - an account has been created for you in " + ag.APP_NAME + "." + Environment.NewLine + Environment.NewLine +
"Your User Name: " + sLoginID + "." + Environment.NewLine +
"Your temporary password: "******"." + Environment.NewLine;
}
//replace our special tokens with the values
sBody = sBody.Replace("##FULLNAME##", sFullName).Replace("##USERNAME##", sLoginID);
if (sGeneratePW == "1")
{
sBody = sBody.Replace("##PASSWORD##", sUserPassword);
}
else
{
sBody = sBody.Replace("##PASSWORD##", "Will be provided by an Administrator.");
}
if (!ui.SendEmailMessage(sEmail.Trim(), ag.APP_COMPANYNAME + " Account Management", "Welcome to " + ag.APP_COMPANYNAME, sBody, ref sErr))
{
throw new Exception(sErr);
}
// no errors to here, so return an empty string
return("");
}
