/// <summary>
/// Opens the connection.
/// </summary>
/// <returns></returns>
protected static IDbConnection openConnection()
{
string root_path = CustomRootPathProvider.rootPath();
var db_provider = Xmlconfig.get("provider", root_path);
IDbConnection connection = null;
if (db_provider.Value == "sql_compact")
{
connection = new SqlCeConnection(
Xmlconfig.get(db_provider.Value, root_path).Value
);
}
else
{
connection = new SqlConnection(
Xmlconfig.get(db_provider.Value, root_path).Value
);
}
connection.Open();
return(connection);
}
public SlideModule(IRootPathProvider pathProvider)
{
User me = null; //add the user as a property to the model :)
Before += ctx =>
{
if (ctx.Request.Cookies.ContainsKey("flex"))
{
var myId = ctx.Request.Cookies["flex"];
var id_user = new EncryptHelper(AppConfig.Provider,
Xmlconfig.get(
"cryptokey",
pathProvider.GetRootPath()).Value).decrypt(myId);
if (!string.IsNullOrEmpty(id_user))
{
me = UsersRepository.getById(Convert.ToInt32(id_user));
return(null); //it means you can carry on!!!!
}
}
var res = new Response();
res.StatusCode = HttpStatusCode.Forbidden;
return(res);
};
Get["/Slides"] = _ =>
{
var model = new
{
title = "Mobile Day 2014",
Slides = SlidesRepository.Slides,
me = me
};
return(View["Slides", model]);
};
Get[@"/Slides/{order}"] = parameters =>
{
//*important
byte order = parameters.order; //I'm forcing the right conversion
dynamic model = null;
if (order == 0)
{
model = new
{
title = "Mobile Day 2014",
Slide = new Slide()
{
Ordine = 0, Contenuto = "", Stato = true
},
me = me
};
}
else
{
model = new
{
title = "Mobile Day 2014",
Slide = SlidesRepository.getByOrder(order),
me = me
};
}
return(View["single_Slide", model]);
};
Post["/Slides/{order}"] = parameters =>
{
short order = parameters.order;
Slide new_slide = null;
new_slide = new Slide
{
Ordine = Request.Form["ordine"],
Contenuto = Request.Form["contenuto"],
Attributi = Request.Form["attributi"],
Stato = Request.Form["stato"]
};
var old_slide = SlidesRepository.getByOrder(order);
dynamic model = null;
Slide slide = null;
if (old_slide == null)
{
if (new_slide.Ordine != 0)
{
slide = SlidesRepository.muovi(new_slide);
}
else
{
slide = SlidesRepository.nuovo(new_slide);
}
}
else
{
slide = SlidesRepository.update(order, new_slide);
}
if (slide != null)
{
model = new
{
title = "Mobile Day 2014",
Slide = slide,
success = true,
messages = new List <string> {
"The Slide has been successfull modified"
},
me = me
};
if (order == 0)
{
return(Response.AsRedirect("/slides/" + slide.Ordine)); //redirects to items
}
}
else
{
model = new
{
title = "Mobile Day 2014",
Slide = new_slide, //I'm going to return back the one given
success = false,
messages = new List <string> {
"The Slide could not be modified"
},
me = me
};
}
return(View["single_Slide", model]);
};
}
public LoginModule(IRootPathProvider pathProvider)
{
Before += ctx =>
{
if (ctx.Request.Cookies.ContainsKey("flex"))
{
var myId = ctx.Request.Cookies["flex"];
var id_user = new EncryptHelper(AppConfig.Provider,
Xmlconfig.get(
"cryptokey",
pathProvider.GetRootPath()).Value).decrypt(myId);
if (!string.IsNullOrEmpty(id_user))
{
return(Response.AsRedirect("/slides")); //redirects to items
}
}
return(null); //it means you can carry on!!!!
};
Get["/login"] = _ =>
{
var model = new
{
title = "Mobile Day 2014 - Reveal.js - The HTML Presentation Framework"
};
return(View["login", model]);
};
Post["/login"] = _ =>
{
dynamic model = null;
var us = new User
{
UserName = Request.Form.username,
Password = Request.Form.password,
};
//first of all validate data
if (string.IsNullOrEmpty(us.UserName) || string.IsNullOrEmpty(us.Password))
{
model = new
{
title = "Mobile Day 2014 - Reveal.js - The HTML Presentation Framework",
user = us,
success = false,
messages = new List <string> {
"Please, provide username and password"
}
};
}
else
{
us.Password = new EncryptHelper(AppConfig.Provider, Xmlconfig.get("cryptokey",
pathProvider.GetRootPath()).Value).encrypt(us.Password); //real_password
var ut_res = UsersRepository.authenticate(us);
if (ut_res != null)
{
var myEncryptedId = new EncryptHelper(AppConfig.Provider, Xmlconfig.get("cryptokey",
pathProvider.GetRootPath()).Value).encrypt(ut_res.Id.ToString()); //encrypt 4 cookie
//create cookie, http only with encrypted id user and add it to the current response
var mc = new NancyCookie("flex", myEncryptedId, true);
var res = Response.AsRedirect("/slides");
res.WithCookie(mc);
return(res);
}
else
{
model = new
{
title = "Mobile Day 2014 - Reveal.js - The HTML Presentation Framework",
user = us,
success = false,
messages = new List <string> {
"Wrong username or password"
}
};
}
}
return(View["login", model]);
};
}
public UserModule(IRootPathProvider pathProvider)
{
User me = null; //add the user as a property to the model :)
Before += ctx =>
{
if (ctx.Request.Cookies.ContainsKey("flex"))
{
var myId = ctx.Request.Cookies["flex"];
var id_u = new EncryptHelper(AppConfig.Provider,
Xmlconfig.get(
"cryptokey",
pathProvider.GetRootPath()).Value).decrypt(myId);
if (!string.IsNullOrEmpty(id_u))
{
me = UsersRepository.getById(Convert.ToInt32(id_u));
if (me != null)
{
return(null); //it means you can carry on!!!!
}
}
}
var res = new Response();
res.StatusCode = HttpStatusCode.Forbidden;
return(res);
};
Get["/users"] = _ =>
{
var model = new
{
title = "Mobile Day 2014",
users = UsersRepository.getOrderedByName(),
me = me
};
if (!me.IsAdmin) //check if I am an admin
{
var res = new Response();
res.StatusCode = HttpStatusCode.Forbidden;
return(res);
}
else
{
return(View["users", model]);
}
};
Get[@"/users/{id:int}"] = parameters =>
{
//*important
int id = parameters.id; //I'm forcing the right conversion
var puser = UsersRepository.getById(id);
if (puser == null) //the user does not exists
{
var res = new Response();
res.StatusCode = HttpStatusCode.NotFound;
return(res);
}
var model = new
{
title = "Mobile Day 2014",
user = puser,
me = me
};
if ((me.Id != id) && !me.IsAdmin) //check if I am not an admin and I'm changing someone's else profile
{
var res = new Response();
res.StatusCode = HttpStatusCode.Forbidden;
return(res);
}
return(View["single_user", model]);
};
Post["/users/{id:int}"] = parameters =>
{
//*important
int id = parameters.id;
dynamic model = null;
//check first if I'm a simple editor, not an Admin and I want to change someone's else profile
if ((me.Id != id) && !me.IsAdmin)
{
var res = new Response();
res.StatusCode = HttpStatusCode.Forbidden;
return(res);
}
var us = new User
{
Id = id,
UserName = Request.Form.username,
Password = Request.Form.password,
SimpleRoles = Request.Form.hr
};
if ((me.Id == id) && me.IsAdmin && !us.SimpleRoles.Contains("0"))
{
model = new
{
title = "Mobile Day 2014",
user = us,
me = me,
success = false,
messages = new List <string> {
"You can't quit being an admin!"
}
};
}
else
{
var rip_password = Request.Form.repeate_password;
//first of all validate data
if ((us.Password != rip_password) && (!string.IsNullOrEmpty(us.Password)))
{
model = new
{
title = "Mobile Day 2014",
user = us,
me = me,
success = false,
messages = new List <string> {
"Please, the passwords must match"
}
};
}
else
{
//first of all validate data
if (string.IsNullOrEmpty(us.UserName) || (string.IsNullOrEmpty(us.SimpleRoles) && me.IsAdmin))
{
model = new
{
title = "Mobile Day 2014",
user = us,
me = me,
success = false,
messages = new List <string> {
"Please, provide username and at least one role."
}
};
}
else
{
var isChangePassword = false;
//Am I trying to change the password?
if (!string.IsNullOrEmpty(us.Password))
{
us.Password = new EncryptHelper(AppConfig.Provider, Xmlconfig.get("cryptokey",
pathProvider.GetRootPath()).Value).encrypt(us.Password); //real_password
isChangePassword = true;
}
if (me.IsAdmin) //only an admin can change the roles
{
us = UsersRepository.insertIfAdmin(us, isChangePassword);
}
else
{
us = UsersRepository.insert(us, isChangePassword);
}
if (us != null)
{
model = new
{
title = "Mobile Day 2014",
user = us,
me = me,
success = true,
messages = new List <string> {
"User modified succesfully"
}
};
}
else
{
model = new
{
title = "Mobile Day 2014",
user = us,
me = me,
success = false,
messages = new List <string> {
"Sorry, we couldn't find the user specified!"
}
};
}
}
}
}
return(View["single_user", model]);
};
}