/// <summary> /// Stores values for later retrieval /// </summary> /// <typeparam name="T">type of value</typeparam> /// <param name="list">object that stores all possible values for this parameter</param> /// <param name="value">item to save</param> /// <returns>reference key used to lookup value</returns> public static string AddQueryStringOption <T>(this SecuredLookupOptions <T> obj, T value) { //string key = Guid.NewGuid().ToString(); string key = GetUniqueKey(MAX_KEY_LENGTH); while (obj.Options.ContainsKey(key)) { key = GetUniqueKey(MAX_KEY_LENGTH); } obj.Options.Add(key, value); return(key); }
///// <summary> ///// Will sanitize the ID values of the input object and save the results into and ouput object ///// </summary> ///// <typeparam name="TInput">Object with a system ID to sanitize</typeparam> ///// <typeparam name="TOutput">Object to hold the secured key</typeparam> ///// <param name="securableObj">Object containing a list of securable items</param> ///// <param name="context">Session to save the mapping into</param> ///// <param name="securedObj">Object to contain a list of secured items</param> ///// <param name="paramName">Name of querystring parameter that this will come back from the client as</param> ///// <param name="isOneTime">Should this item be reomved from session after it's first use</param> ///// <returns>The mapping object that was saved into the session</returns> //public static SecuredLookupOptions<int> Secure<TInput, TOutput>(HttpContext context, List<TInput> securableList, List<TOutput> securedList, string paramName, bool isOneTime) // where TInput : ISecurableItem<int> // where TOutput : ISecuredItem, new() //{ // SecuredLookupOptions<int> sessionValues = CreateQueryStringParameter<int>(isOneTime); // foreach (ISecurableItem<int> item in securableList) // { // //provides a random key to the actual value // string securedKey = sessionValues.AddQueryStringOption(item.Id); // //add to public facing list // TOutput securedItem = new TOutput(); // securedItem.Load(item, securedKey); // securedList.Add(securedItem); // } // //save values into session // SaveQueryStringOptionsList(context, paramName, sessionValues); // return sessionValues; //} /// <summary> /// Will sanitize the ID values of the input object and save the results into and ouput object /// </summary> /// <typeparam name="TInput">Type of object with a system ID to sanitize</typeparam> /// <typeparam name="TOutput">Object to hold the secured key</typeparam> /// <typeparam name="TInputInner">Type of system ID to sanitize</typeparam> /// <param name="securableObj">Object containing a list of securable items</param> /// <param name="context">Session to save the mapping into</param> /// <param name="securedObj">Object to contain a list of secured items</param> /// <param name="paramName">Name of querystring parameter that this will come back from the client as</param> /// <param name="isOneTime">Should this item be reomved from session after it's first use</param> /// <returns>The mapping object that was saved into the session</returns> public static SecuredLookupOptions <TInputInner> Secure <TInput, TInputInner, TOutput>(HttpContext context, List <TInput> securableList, List <TOutput> securedList, string paramName, bool isOneTime) where TInput : ISecurableItem <TInputInner> where TOutput : ISecuredItem, new() { SecuredLookupOptions <TInputInner> sessionValues = CreateQueryStringParameter <TInputInner>(isOneTime); foreach (ISecurableItem <TInputInner> item in securableList) { //provides a random key to the actual value string securedKey = sessionValues.AddQueryStringOption(item.Id); //add to public facing list TOutput securedItem = new TOutput(); securedItem.Load(item, securedKey); securedList.Add(securedItem); } //save values into session SaveQueryStringOptionsList(context, paramName, sessionValues); return(sessionValues); }
/// <summary> /// Gets all possible options out of the session and then lookup a particular value /// </summary> /// <typeparam name="T">type of value saved</typeparam> /// <param name="context">user context</param> /// <param name="paramName">query string value name. This needs to be unique for your page</param> /// <param name="key">reference string used to find value</param> /// <param name="allowNull">should null key be an error, if not it counts as a lookup for onetime values</param> /// <returns>saved session object</returns> public static T GetQueryStringValue <T>(HttpContext context, string paramName, string key, bool allowNull = false) { if (!allowNull && string.IsNullOrWhiteSpace(key)) { throw new ValidationException("Not allowed Null " + paramName + " lookup"); } SecuredLookupOptions <T> qso = context.Session.GetObject <SecuredLookupOptions <T> >(OPTIONS_NAME_PREFIX + paramName); if (qso == null) { throw new SessionException("Unable to find secured options in the session"); } T value; //if the lookup was null return default T if (string.IsNullOrWhiteSpace(key)) { value = default(T); } else { if (!qso.Options.ContainsKey(key)) { throw new SessionException("Unable to find key in secured options list"); } value = qso.Options[key]; } // remove if this is only allowed to be used once if (qso.IsOneTime) { RemoveQueryStringOptionsList(context, paramName); } return(value); }
/// <summary> /// Creates a new QueryStringOptions object /// </summary> /// <typeparam name="T"></typeparam> /// <param name="isOneTime">If true object will be disposed after first time retrieving a value</param> /// <returns>Options object that has not yet been saved in the session</returns> public static SecuredLookupOptions <T> CreateQueryStringParameter <T>(bool isOneTime = false) { SecuredLookupOptions <T> options = new SecuredLookupOptions <T>(isOneTime); return(options); }
/// <summary> /// Save an options object into the session once all values have been added /// </summary> /// <typeparam name="T">type of value</typeparam> /// <param name="context">user context</param> /// <param name="paramName">query string value name. This needs to be unique for your page</param> /// <param name="queryStringOptions">Options object to save into the session</param> public static void SaveQueryStringOptionsList <T>(HttpContext context, string paramName, SecuredLookupOptions <T> queryStringOptions) { context.Session.SetObject(OPTIONS_NAME_PREFIX + paramName, queryStringOptions); }
/// <summary> /// retrieve entire options list from session /// </summary> /// <typeparam name="T">type of value</typeparam> /// <param name="context">user context</param> /// <param name="paramName">query string value name. This needs to be unique for your page</param> /// <returns>options list</returns> public static SecuredLookupOptions <T> GetQueryStringOptionsList <T>(HttpContext context, string paramName) { SecuredLookupOptions <T> qso = context.Session.GetObject <SecuredLookupOptions <T> >(OPTIONS_NAME_PREFIX + paramName); return(qso); }