private void SendSecurityCodeByMail(CompanySetup objCompanySetup, UserSecurityCode objUserSecurityCode) { try { objUserSecurityCode.SecurityCode = GetSecurityCode(objCompanySetup, objUserSecurityCode); if (objUserSecurityCode.SecurityCode != 0) { MailServiceSetup objMailServiceSetup = new MailServiceSetup(); objMailServiceSetup.MailBody = "Your security code is: " + objUserSecurityCode.SecurityCode + ""; EmployeeInformationController objEmployeeInformationController = new EmployeeInformationController(); EmployeeSetup objEmployeeSetup = new EmployeeSetup(); objEmployeeSetup.EmployeeID = objUserSecurityCode.UserKnownID; objEmployeeSetup.CompanyID = objCompanySetup.CompanyID; objMailServiceSetup.EmailTo = objEmployeeInformationController.GetEmployeeEmail(objEmployeeSetup); objMailServiceSetup.MailtypeID = "1"; ArrayList attachDocument = new ArrayList(); objMailServiceSetup.AttachItem = attachDocument; MailServiceController objMailServiceController = new MailServiceController(); objMailServiceController.eMailSendService(objCompanySetup, objMailServiceSetup); } } catch (Exception msgException) { throw msgException; } }
/// <summary> /// Sends registration token for the given username /// </summary> /// <param name="user">User to send the registration token</param> public void SendRegistrationToken(User user) { UserSecurityCode confirmationToken = null; do { confirmationToken = UserSecurityCode.CreateSecurityCode(user, "Registration"); } while (this.FindUserForRegistrationToken(confirmationToken.Code) != null); user.RegistrationConfirmationToken = confirmationToken.EncryptedCode; UserManagerExtensions.Update(this, user); TextParser parser = new TextParser(this.manager); TextDefinition td = parser.ParseMessage("RegistrationEmail", new Dictionary <Model.Messages.ReplaceableObjectKeys, object>() { { ReplaceableObjectKeys.User, user }, { ReplaceableObjectKeys.Code, confirmationToken.Code } }); IdentityResult result = new IdentityResult(); try { SmtpMailClient.SendMail(user.Email, "OPSMC RePLAY Registration", td.Text, td.Html); } catch (Exception ex) { // TODO add logger audit throw ex; } }
internal void SendSecurityCode(CompanySetup objCompanySetup, UserSecurityCode objUserSecurityCode) { try { Save(objCompanySetup, objUserSecurityCode); SendSecurityCodeByMail(objCompanySetup, objUserSecurityCode); } catch (Exception msgException) { throw msgException; } }
private int GetSecurityCode(CompanySetup objCompanySetup, UserSecurityCode objUserSecurityCode) { try { string sql = "SELECT [SecurityCode] FROM [UserSecurityCode] WHERE DataUsed = 'A' AND SecurityCodeStatus = 0 AND [CompanyID]= " + objCompanySetup.CompanyID + " AND [EmployeeID] = '" + objUserSecurityCode.UserKnownID + "'"; clsDataManipulation objclsDataManipulation = new clsDataManipulation(); objUserSecurityCode.SecurityCode = objclsDataManipulation.GetSingleValue(this.ConnectionString, sql); return(objUserSecurityCode.SecurityCode); } catch (Exception msgException) { throw msgException; } }
private void Save(CompanySetup objCompanySetup, UserSecurityCode objUserSecurityCode) { try { var storedProcedureComandText = "exec [spInitiateSecurityCode] " + objCompanySetup.CompanyID + ",'" + objUserSecurityCode.UserKnownID + "','" + objCompanySetup.EntryUserName + "'"; clsDataManipulation.StoredProcedureExecuteNonQuery(this.ConnectionString, storedProcedureComandText); } catch (Exception msgException) { throw msgException; } }
/// <summary> /// Stores the security code for the user. IF a code of the existing type already exists, it is overwritten instead /// </summary> /// <param name="code">The code to store</param> public void StoreSecurityCode(UserSecurityCode code) { UserSecurityCode existing = this.context.UserSecurityCodes.Where(c => code.User.Id == c.User.Id && code.SecurityCodePurpose == c.SecurityCodePurpose).Include(c => c.User).FirstOrDefault(); if (existing != null) { existing.Code = code.Code; } else { code.User = this.context.Users.Where(u => u.Id == code.User.Id).First(); this.context.UserSecurityCodes.Add(code); this.context.Entry(code.User).State = EntityState.Unchanged; } this.context.SaveChanges(); }
/// <summary> /// Generates the code /// </summary> /// <param name="purpose">The purpose to generate it for</param> /// <param name="user">The user to generate the token for</param> /// <returns>A token generated for the user</returns> protected string GenerateCode(string purpose, User user) { AccessHandlerManager ahm = new AccessHandlerManager(); UserSecurityCode code = ahm.UserAccessHandler.GetSecurityCode(user.Id, purpose); if (code == null || code.ExpiresAt < DateTime.Now) { code = UserSecurityCode.CreateSecurityCode(user, purpose); } else { code.ResetExpiry(); } new AccessHandlerManager().UserAccessHandler.StoreSecurityCode(code); return(code.Code); }
protected void GridViewUsers_RowCommand(object sender, GridViewCommandEventArgs e) { try { int selectedIndex = Convert.ToInt32(e.CommandArgument.ToString()); if (e.CommandName.Equals("Select")) { _objUserSecurityCode = new UserSecurityCode(); _objUserSecurityCode.UserKnownID = ((Label)GridViewUsers.Rows[selectedIndex].FindControl("lblEmployeeID")).Text; _objCompanySetup = new CompanySetup(); _objCompanySetup.CompanyID = LoginUserInformation.CompanyID; _objCompanySetup.EntryUserName = LoginUserInformation.UserID; _objUserSecurityCodeController = new UserSecurityCodeController(); _objUserSecurityCodeController.SendSecurityCode(_objCompanySetup, _objUserSecurityCode); _objUserSecurityCodeController.LoadUserForSecurityCode(_objCompanySetup, GridViewUsers); } } catch (Exception msgException) { clsTopMostMessageBox.Show(msgException.Message); } }
/// <summary> /// Creates or updates a patient. /// If a user with the given Username doesn't exist it will be created, if it does exist, the patient will be added to that user /// </summary> /// <param name="externalId">The external ID of the patient</param> /// <param name="userName">The username of the user</param> /// <param name="email">The email</param> /// <param name="title">the title of the patient</param> /// <param name="firstName">The first name</param> /// <param name="lastName">The last name</param> /// <param name="dateOfBirth">The date of birth</param> /// <param name="mobilePhone">The patients mobile phone</param> /// <returns>The created or updated Patient</returns> public Patient CreateOrUpdatePatient(string externalId, string userName, string email, string title, string firstName, string lastName, DateTime dateOfBirth, string mobilePhone) { try { SecuritySession.Current.VerifyAccess(Actions.CREATE_OR_UPDATE_PATIENT); if (userName.Length > 450) { throw this.manager.MessageHandler.GetError(ErrorCodes.USERNAME_LENGTH_EXCEEDED); } if (userName.Contains("\\") || userName.Contains("/")) { throw this.manager.MessageHandler.GetError(ErrorCodes.USERNAME_CONTAINS_ILLEGAL_CHARACTERS); } } catch (Exception ex) { Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, typeof(Patient), "Email", email, false, ex.Message)); throw ex; } IdentityResult result = new IdentityResult(null); User existing = this.Users.Where(u => u.UserName == userName).SingleOrDefault(); User user = null; if (existing == null) { try { result = UserManagerExtensions.Create(this, new User() { UserName = userName, Email = email, PhoneNumber = mobilePhone, Title = title, FirstName = firstName, LastName = lastName }); if (result.Succeeded) { user = this.Users.Where(u => u.UserName == userName).SingleOrDefault(); } else { throw new PCHIError(ErrorCodes.GENERAL_IDENTITY_RESULT_ERROR, result.Errors.Aggregate((s1, s2) => { return(s1 + "\n" + s2); })); } Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, user)); } catch (Exception ex) { Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, typeof(User), "UserName", userName, false, ex.Message)); throw ex; } } else { user = existing; } Patient patient = null; Patient newPatient = null; if (user != null) { patient = !string.IsNullOrWhiteSpace(externalId) ? this.manager.UserAccessHandler.GetPatientByExternalId(externalId) : null; try { if (patient != null) { Patient p = patient; p.Title = title; p.FirstName = firstName; p.LastName = lastName; p.ProxyUserPatientMap.Add(new ProxyUserPatientMap(user, p)); p.DateOfBirth = dateOfBirth; p.Email = email; p.PhoneNumber = mobilePhone; p.ExternalId = externalId; this.manager.UserAccessHandler.Update(p); Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.MODIFIED, p)); } else { Patient p = new Patient(); p.Title = title; p.FirstName = firstName; p.LastName = lastName; p.ProxyUserPatientMap.Add(new ProxyUserPatientMap(user, p)); p.DateOfBirth = dateOfBirth; p.Email = email; p.PhoneNumber = mobilePhone; p.ExternalId = externalId; this.manager.UserAccessHandler.Add(p); newPatient = p; Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, p)); } this.AddToRole(user.Id, "PatientProxy"); } catch (Exception ex) { Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, typeof(Patient), "Email", email, false, ex.Message)); throw ex; } } // Only send the registration mail if the user is created (i.e. existing is null) if (existing == null && user != null) { UserSecurityCode confirmationToken = null; do { confirmationToken = UserSecurityCode.CreateSecurityCode(user, "Registration"); } while (this.FindUserForRegistrationToken(confirmationToken.Code) != null); user.RegistrationConfirmationToken = confirmationToken.EncryptedCode; UserManagerExtensions.Update(this, user); // string confirmationToken = HttpUtility.UrlEncode(MachineKeyEncryption.Encrypt(user.UserName)); TextParser parser = new TextParser(this.manager); TextDefinition td = parser.ParseMessage("RegistrationEmail", new Dictionary <Model.Messages.ReplaceableObjectKeys, object>() { { ReplaceableObjectKeys.Patient, newPatient }, { ReplaceableObjectKeys.Code, confirmationToken.Code } }); SmtpMailClient.SendMail(user.Email, "OPSMC RePLAY Registration", td.Text, td.Html); } if (newPatient != null) { try { QuestionnaireUserResponseGroup group = this.manager.QuestionnaireAccessHandler.CreateQuestionnaireUserResponseGroup(newPatient.Id, BusinessLogic.Properties.Settings.Default.NewRegistrationQuestionnaire, null, null); Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, group)); } catch (Exception ex) { Logger.Audit(new Audit(Actions.CREATE_OR_UPDATE_PATIENT, AuditEventType.ADD, typeof(QuestionnaireUserResponseGroup), "Id", null, false, ex.Message)); throw ex; } } return(newPatient == null ? patient : newPatient); }