public static AuthenticationResponse Authentication(AuthenticationRequest request, bool finacleRoleCheck, SecurityConfig settings, ISecurityService securityService, IFinacleRepository finacleRepository)
{
AuthenticationResponse authenticationResponse = new AuthenticationResponse();
try
{
request.UserID = request.UserID.ToUpper();
authenticationResponse = Access.AdCallForNameEmail(request);
if (finacleRoleCheck)
{
if (authenticationResponse.ResponseCode == "0")
{
var result = finacleRepository.GetUserRoleFromFlexcube(request.UserID);
if (result != null)
{
authenticationResponse.BranchCode = result.BranchCode;
authenticationResponse.Role = result.ApplicationName;
}
}
if (authenticationResponse.ResponseCode == "0" && !string.IsNullOrEmpty(authenticationResponse.Role))
{
var result = finacleRepository.GetUserTillAccountFromFinacle(request.UserID);
authenticationResponse.TellerTillAccount = result;
}
}
}
catch (Exception ex)
{
if (request != null)
{
request.Password = "******";
}
authenticationResponse.ResponseCode = "1001";
authenticationResponse.ResponseDescription = "Unable to authenticate the user. Please contact the administrator.";
}
if (authenticationResponse.ResponseCode != "0")
{
var resp = new AuthenticationResponse()
{
ResponseCode = authenticationResponse.ResponseCode, ResponseDescription = authenticationResponse.ResponseDescription
};
authenticationResponse = resp;
}
return(authenticationResponse);
}
public ActionResult CreateUser(User model)
{
ValidationStateDictionary states = new ValidationStateDictionary();
model.UserRole = new Role()
{
RoleId = model.RoleId, RoleName = (from r in _securityService.GetRoleList() where r.RoleId == model.RoleId select r.RoleName).FirstOrDefault()
};
model.InitiatedBy = ControllerContext.RequestContext.HttpContext.User.Identity.Name;
if (model.AccountType == Constants.AccountType.LocalFinacle || model.AccountType == Constants.AccountType.ADLocal)
{
var flexcubeRecord = _flexCubeRepository.GetUserRoleFromFlexcube(model.Username);
if (flexcubeRecord != null)
{
model.BranchID = flexcubeRecord.BranchCode;
}
}
if (model.AccountType == Constants.AccountType.ADLocal && !string.IsNullOrEmpty(model.Username))
{
if (!Access.IsUserInAD(model.Username))
{
var errorMsg = "The user does not exist on AD or AD service could not be reached.";
Danger(errorMsg, true);
SetAuditInfo(errorMsg, string.Empty);
return(View(model));
}
}
_securityService.AddUser(model, ref states);
if (!states.IsValid)
{
model.UserRole = new Role()
{
RoleId = model.RoleId
};
ModelState.AddModelErrors(states);
var errorList = ValidationHelper.BuildModelErrorList(states);
SetAuditInfo(Helper.StripHtml(errorList, true), string.Empty);
return(View(model));
}
else
{
Success(Constants.Messages.AddSuccessful, true);
return(RedirectToAction("EditUser", new { id = model.Username }));
}
}
private static AuthenticationDataDto FinacleAuthorization(string username, ISecurityService authenticationService, IFinacleRepository finacleRepository, AuthenticationDataDto currentUser, AuthenticationResponse result)
{
//get finacle role
FinacleRole finacleRole = finacleRepository.GetUserRoleFromFlexcube(username);
if (finacleRole == null)
{
finacleRole = new FinacleRole()
{
UserID = username, BranchCode = null, ApplicationName = string.Empty
}
}
;
var roleId = authenticationService.GetRoleList().Where(r => r.RoleName.ToLower() == finacleRole.ApplicationName.ToLower()).Select(k => k.RoleId).FirstOrDefault();
if (currentUser == null)
{
//create the user record for session management purpose, only for AD/Finacle users logging in for the first time,
//if role is recognised in this application
var userObject = new User()
{
BadPasswordCount = 0,
CreationDate = Helper.GetLocalDate(),
CurrentSessionId = Helper.GetNextGuid(),
Email = result.Email,
FirstName = result.FirstName,
//ApprovalStatus = true,
IsFirstLogIn = false,
Initial = string.Empty,
LastLogInDate = Helper.GetLocalDate(),
IsLockedOut = false,
IsOnline = true,
LastActivityDate = Helper.GetLocalDate(),
LastName = result.LastName,
InitiatedBy = username,
//ApprovedBy = "NULL",
Username = username,
Telephone = "N/A",
Password = "******",
AccountType = Constants.AccountType.ADFinacle,
ApprovalStatus = Constants.ApprovalStatus.Approved,
BranchID = finacleRole.BranchCode,
IsDeleted = false,
UserRole = new Role()
{
RoleId = roleId
}
};
if (roleId != Guid.Empty)
{
authenticationService.AddUserForSessionMgmt(userObject);
}
currentUser = new AuthenticationDataDto();
{
currentUser.SessionId = userObject.CurrentSessionId.ToString();
currentUser.Username = username;
currentUser.Roles = finacleRole.ApplicationName;
currentUser.IsFirstLogIn = false;
currentUser.FullName = string.Format("{0} {1}", userObject.FirstName, userObject.LastName);
currentUser.IsPasswordSet = false;
currentUser.BranchCode = finacleRole.BranchCode;
}
}
//with finacle authorization, we check whether the locally saved role
//is the same as we got from Finacle, if not we update the local db.
//and we always override local role even if available
//this ensure if the role changed in Finacle it is inherited in the application.
//we also ensure if user branch in finacle has changed, is changed here too
if ((currentUser.Roles.ToLower() != finacleRole.ApplicationName.ToLower() && roleId != Guid.Empty) || (currentUser.BranchCode != finacleRole.BranchCode && !string.IsNullOrEmpty(finacleRole.BranchCode)))
{
authenticationService.UpdateUserRoleUserBranch(currentUser.Username, roleId, finacleRole.BranchCode);
currentUser.Roles = finacleRole.ApplicationName;
currentUser.BranchCode = finacleRole.BranchCode;
}
return(currentUser);
}