public static void SetUpSession(bool fromportal = false, Models.Authentication objAuthenticationUser = null) { try { var ProductParamDictionary = new StringDictionary(); var objUser = new Models.Authentication(); var menuService = new Services.MenuService(); bool LOCALDEBUG = false; string fromProduct = null; string decryptedProductParams = null; LOCALDEBUG = Convert.ToBoolean(ConfigurationManager.AppSettings["LOCALDEBUG"]); if (LOCALDEBUG == false) { if (HttpContext.Current.Request.QueryString["FromPortal"] != null) { fromProduct = HttpContext.Current.Request.QueryString["FromPortal"]; } if (HttpContext.Current.Request.QueryString["FromProduct"] != null) { fromProduct = HttpContext.Current.Request.QueryString["FromProduct"]; } if (fromProduct == null) { return; } // When decrypted, the decryptProductParams variable looks like this: // UserID|100106|Token|479bb3e7-079a-4a97-950f-41da256c6928|PageID|14|currentUTCtime|09/25/2017 19:56:41 decryptedProductParams = CryptHelpers.Decrypt(fromProduct, WebConstants.ENCRYPT_KEY); using (IEnumerator <string> enumerator = decryptedProductParams.Split('|').AsEnumerable().GetEnumerator()) { while (enumerator.MoveNext()) { string first = enumerator.Current; if (!enumerator.MoveNext()) { break; } ProductParamDictionary.Add(first, enumerator.Current); } } objUser.UserID = Convert.ToInt32(ProductParamDictionary["UserID"]); objUser.AuthToken = ProductParamDictionary["Token"]; objUser.PageID = Convert.ToInt32(ProductParamDictionary["PageID"]); objUser.AdminUserID = Convert.ToInt32(ProductParamDictionary["AdminUserID"]); #region Process currentUTCtime from Querystring. If currentUTCtime not found, log exception & redirect request to login. if (ProductParamDictionary[ProductQueryStringKey.currentUTCtime.ToString()] != null) { var ProductUtCtime = Convert.ToDateTime(ProductParamDictionary[ProductQueryStringKey.currentUTCtime.ToString()]); var currentUtCtime = DateTime.UtcNow.ToString(CultureInfo.InvariantCulture); // 5 minute check between servers if ((DateTime.Parse(currentUtCtime.ToString(CultureInfo.InvariantCulture))) .Subtract(DateTime.Parse(ProductUtCtime.ToString(CultureInfo.InvariantCulture))) .Seconds > 300) { if (Convert.ToBoolean(ConfigurationManager.AppSettings["PortalRedirect"])) { HttpContext.Current.Response.Redirect(string.Format("Transfer.aspx?qs={0}", (int)QueryStringValue.TimeOut), false); HttpContext.Current.Response.End(); } } } else { // ================================================================================================= // If currentUTCtime KVP not found, log error in ExceptionLog and reroute user to login screen. // ================================================================================================= ExceptionService exceptionService = new ExceptionService(); ExceptionLog exLog = new ExceptionLog(); exLog.ExceptionText = "KVP currentUTCtime missing from ecrypted querystring."; exLog.PageName = "JCR.Reports.Common.Security.cs"; exLog.MethodName = "SetUpSession"; exLog.UserID = objUser.UserID; exLog.SiteId = 0; exLog.TransSQL = string.Format("Unencrypted Querystring: {0}", decryptedProductParams); exLog.HttpReferrer = null; exceptionService.LogException(exLog); HttpContext.Current.Response.Redirect("~/Transfer/LogoutRedirect"); } #endregion // Mark Orlando 10/18/2017. When AMP is called from AdminTool, UserOriginalRoleID KVP will contain 5 aka Global Admin. // If UserOriginalRoleID is 5, then AdminTool will pass AMP the GA's User ID in UserOriginalRoleID KVP. // Default values of 0 indicate the real user is not GA, but rather a customer. // When GAdmin logged-in as customer and went from AMP to Reports here's what Querystring looked like: // UserID|100106|Token|28D07930-AF85-42CE-A80D-17CF51DDAF13|PageID|48|AdminUserID|123316|UserOriginalRoleID|5|currentUTCtime|11/27/2017 20:41:25 if (ProductParamDictionary["UserOriginalRoleID"] != null) { objUser.UserOriginalRoleID = Convert.ToInt32(ProductParamDictionary["UserOriginalRoleID"]); objUser.AdminUserID = Convert.ToInt32(ProductParamDictionary["AdminUserID"]); } } else { // Susan Easter has access to 10 sites, each of which has access to AMP & Tracers...except site 4758 // For this site, she has access to AMP, but not Tracers: Michael E. DeBakey VA MC Opioid Treatment Program //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; // objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; //objUser.UserLogonID = "*****@*****.**"; // objUser.UserLogonID = "*****@*****.**"; // objUser.UserLogonID = "*****@*****.**"; // Staff Member // objUser.UserLogonID = "*****@*****.**"; // Site Manager // objUser.UserLogonID = "*****@*****.**"; // objUser.UserLogonID = "*****@*****.**"; objUser.UserLogonID = "*****@*****.**"; //objUser.PageID = 14; // PageID 14 is 'Reports Menu|Compliance' aka AMP objUser.PageID = 48; // PageID 48 is 'Reports Menu|Tracers' //objUser.PageID = 49; // PageID 49 is 'Reports Menu|ER Tracers' } if (objAuthenticationUser != null) { objUser = objAuthenticationUser; } menuService.Authenticate(objUser); if (objUser.InError) { HttpContext ctx = HttpContext.Current; ctx.Response.Redirect("~/Transfer/Error"); } else { if (LOCALDEBUG) { menuService.CreateStateWhenLocalDebugIsTrue(objUser.UserID); } AppSession.CreateSession(); AppSession.UserID = objUser.UserID; AppSession.AuthToken = objUser.AuthToken; AppSession.PageID = objUser.PageID; AppSession.AdminUserID = objUser.AdminUserID; AppSession.UserOriginalRoleID = objUser.UserOriginalRoleID; AppSession.WebApiUrl = ConfigurationManager.AppSettings["JCRAPI"].ToString(); var menuState = menuService.GetState(AppSession.UserID.GetValueOrDefault(), AppSession.AuthToken); AppSession.EmailAddress = menuState.UserLogonID; AppSession.FirstName = menuState.FirstName; AppSession.LastName = menuState.LastName; AppSession.FullName = String.Format("{0} {1}", menuState.FirstName, menuState.LastName); AppSession.RoleID = menuState.UserRoleID; AppSession.SelectedSiteId = menuState.SiteID; AppSession.SelectedSiteName = menuState.SiteName; AppSession.SelectedProgramId = menuState.ProgramID; AppSession.SelectedProgramName = menuState.ProgramName; AppSession.CycleID = menuState.CycleID; AppSession.IsCorporateSite = menuState.AccessToMockSurvey; AppSession.ProgramGroupTypeID = menuState.ProgramGroupTypeID; AppSession.IsCMSProgram = menuState.AccessToCMS; AppSession.HasTracersAccess = menuState.AccessToTracers; AppSession.SelectedCertificationItemID = menuState.CertificationItemID; if (AppSession.SelectedCertificationItemID > 0) { var lstPrograms = UserCustom.GetProgramBySites(AppSession.SelectedSiteId); if (lstPrograms != null && lstPrograms.Count > 0) { var queryBaseProgramID = lstPrograms.Where(prg => prg.ProgramID == AppSession.SelectedProgramId && prg.AdvCertListTypeID == AppSession.SelectedCertificationItemID).FirstOrDefault(); if (queryBaseProgramID != null) { AppSession.SelectedProgramId = (int)queryBaseProgramID.BaseProgramID; } } } switch (AppSession.PageID) { case 50: // PageID 50 is My Saved Reports ● Tracers case 15: // PageID 15 is is My Saved Reports ● Compliance case 51: // PageID 51 is is My Saved Reports ● ER Tracers AppSession.DirectView = "MyReports"; break; case 52: // PageID 52 is My Site's Saved Reports ● Tracers case 16: // PageID 16 is My Site's Saved Reports ● Compliance case 53: // PageID 53 is My Site's Saved Reports ● ER Tracers AppSession.DirectView = "SearchReports"; break; } var commonService = new CommonService(); SearchInputService searchInputService = new SearchInputService(); AppSession.CycleID = commonService.GetLatestCycleByProgram(AppSession.SelectedProgramId).CycleID; //if (AppSession.LinkType != 11) { // AppSession.Sites = searchInputService.SelectTracerSitesByUser(Convert.ToInt32(AppSession.UserID)); // AppSession.CycleID = commonService.GetLatestCycleByProgram(AppSession.SelectedProgramId).CycleID; //} else { // var SiteList = CorporateFinding.GetSitesByUser(Convert.ToInt32(AppSession.UserID)).Select(x => new UserSite() { SiteID = x.SiteID, SiteName = x.SiteName, RoleID = x.RoleID, SiteFullName = x.SiteFullName, IsCorporateAccess = x.IsCorporateAccess }).ToList(); // AppSession.Sites = SiteList; //} //if (AppSession.Sites.Count == 0) { // AppSession.Sites = searchInputService.SelectTracerSitesByUser(Convert.ToInt32(AppSession.UserID)); //} AppSession.Sites = SearchInputService.GetSitesByUser(AppSession.UserID); foreach (var site in AppSession.Sites.ToList()) { //site.Programs = new List<ProgramVM>(); //site.Programs.AddRange(new SearchInputService().SelectAllTracerProgramsBySiteAndUser(Convert.ToInt32(AppSession.UserID), site.SiteID, Convert.ToInt32(AppSession.CycleID))); site.Programs = UserCustom.GetProgramBySites(site.SiteID); } commonService.GetHelpLink(); UpdateAppLogin(); } } catch (Exception ex) { throw ex; } }
public ActionResult AppRedirect(string pageName) { int pageID = (int)Enum.Parse(typeof(ApplicationPage), pageName); string appurl = string.Empty; string url = string.Empty; int eProductID = 0; var menuService = new Services.MenuService(); menuService.SaveArg(AppSession.UserID.GetValueOrDefault(), "PageID", pageID.ToString()); if (AppSession.HasValidSession) { switch (pageName) { case "Assignment": case "BulkReAssign": case "BulkUpdatePOA": case "BulkUpdateScore": case "CMSScoring": case "CorporateFindingsEdit": case "DocumentationAnalyzer": case "EPAttributeFilter": case "FSA": case "MockSurveyDashBoard": case "MockSurveyScoring": case "RFI": case "ScoreAnalyzer": case "ServiceProfile": case "StandardsAndScoring": case "SystemSurveySetting": case "UserSiteMaintenance": { appurl = ConfigurationManager.AppSettings["AMPUrl"].ToString(); eProductID = 1; // In DBAMP.dbo.EProduct table, AMP has EProductID equal to 1. break; } case "CopyTracertoOtherSites": case "CreateNewCMSTracer": case "CreateNewTJCTracer": case "CreateNewTracer": case "DeleteTracerfromOtherSites": case "DepartmentMaintenance": case "EPsNotReferenced": case "GlobalAdminTracersHomePage": case "GuestAccessHomePage": case "JCRTemplatesAffectedbyCriticalChangesinLatestCycle": case "StandardEPChangesinAllCycles": case "StandardEPChangesinLatestCycle": case "TaskAssignments": case "TracerHomePage": { appurl = ConfigurationManager.AppSettings["TracersUrl"].ToString(); eProductID = 2; // In DBAMP.dbo.EProduct table, Tracers has EProductID equal to 2. break; } } menuService.SaveArg(AppSession.UserID.GetValueOrDefault(), "EProductID", eProductID.ToString()); url = string.Format("{0}?userid={1}&token={2}", appurl, AppSession.UserID, AppSession.AuthToken); } else { url = ConfigurationManager.AppSettings["JcrPortalUrl"].ToString() + "?qs=1"; } return(Redirect(url)); }