public GXSearchResponse Post(GXSearchRequest request) { lock (Db) { List <object> target = new List <object>(); IAuthSession s = this.GetSession(false); if ((request.Target & ActionTargets.Device) != 0) { List <GXAmiDevice> list = GXDeviceService.GetDevices(s, Db, 0, 0, 0, 0, false, request.Texts, request.Operator, request.Type); foreach (GXAmiDevice it in list) { GXDeviceService.UpdateContent(Db, it, DeviceContentType.Main); } target.AddRange(list.ToArray()); } if ((request.Target & ActionTargets.DataCollector) != 0) { List <GXAmiDataCollector> list = GXDataCollectorService.GetDataCollectorsByUser(s, Db, 0, 0, false, request.Texts, request.Operator, request.Type); target.AddRange(list.ToArray()); } if ((request.Target & ActionTargets.User) != 0) { List <GXAmiUser> list = GXUserService.GetUsers(s, Db, 0, 0, false, true, request.Texts, request.Operator, request.Type); target.AddRange(list.ToArray()); } if ((request.Target & ActionTargets.UserGroup) != 0) { List <GXAmiUserGroup> list = GXUserGroupService.GetUserGroups(Db, 0, request.Texts, request.Operator, request.Type); target.AddRange(list.ToArray()); } GXSearchResponse res = new GXSearchResponse(target.ToArray()); return(res); } }
/// <summary> /// Add or update new user group. /// </summary> public GXUserGroupUpdateResponse Put(GXUserGroupUpdateRequest request) { IAuthSession s = this.GetSession(false); //Normal user can't change user group name or add new one. if (!GuruxAMI.Server.GXBasicAuthProvider.CanUserEdit(s)) { throw new ArgumentException("Access denied."); } long adderId = Convert.ToInt64(s.Id); List <GXEventsItem> events = new List <GXEventsItem>(); lock (Db) { using (var trans = Db.OpenTransaction(IsolationLevel.ReadCommitted)) { bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s); //Add new user groups foreach (GXAmiUserGroup it in request.UserGroups) { if (string.IsNullOrEmpty(it.Name)) { throw new ArgumentException("Invalid name."); } //If new user group. if (it.Id == 0) { it.Added = DateTime.Now.ToUniversalTime(); Db.Insert(it); #if !SS4 it.Id = Db.GetLastInsertId(); #else it.Id = Db.LastInsertId(); #endif //Add adder to user group if adder is not super admin. if (!superAdmin) { GXAmiUserGroupUser g = new GXAmiUserGroupUser(); g.UserID = Convert.ToInt64(s.Id); g.UserGroupID = it.Id; g.Added = DateTime.Now.ToUniversalTime(); Db.Insert(g); } events.Add(new GXEventsItem(ActionTargets.UserGroup, Actions.Add, it)); } else //Update user group. { if (!superAdmin) { //User can't update user data if he do not have access to the user group. long[] groups1 = GXUserGroupService.GetUserGroups(Db, adderId); long[] groups2 = GXUserGroupService.GetUserGroups(Db, it.Id); bool found = false; foreach (long it1 in groups1) { foreach (long it2 in groups2) { if (it1 == it2) { found = true; break; } } if (found) { break; } } if (!found) { throw new ArgumentException("Access denied."); } } //Get Added time. #if !SS4 GXAmiUserGroup orig = Db.GetById <GXAmiUserGroup>(it.Id); #else GXAmiUserGroup orig = Db.SingleById <GXAmiUserGroup>(it.Id); #endif it.Added = orig.Added.ToUniversalTime(); Db.Update(it); events.Add(new GXEventsItem(ActionTargets.UserGroup, Actions.Edit, it)); } } trans.Commit(); } } AppHost host = this.ResolveService <AppHost>(); host.SetEvents(Db, this.Request, adderId, events); return(new GXUserGroupUpdateResponse(request.UserGroups)); }
public GXRemoveUserFromUserGroupResponse Post(GXRemoveUserFromUserGroupRequest request) { IAuthSession s = this.GetSession(false); //Normal user can't change user group name or add new one. if (!GuruxAMI.Server.GXBasicAuthProvider.CanUserEdit(s)) { throw new ArgumentException("Access denied."); } long adderId = Convert.ToInt64(s.Id); List <GXEventsItem> events = new List <GXEventsItem>(); lock (Db) { using (var trans = Db.OpenTransaction(IsolationLevel.ReadCommitted)) { bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s); foreach (long user in request.Users) { foreach (long group in request.Groups) { if (!superAdmin) { //User can't update user data if he do not have access to the user group. long[] groups1 = GXUserGroupService.GetUserGroups(Db, adderId); long[] groups2 = GXUserGroupService.GetUserGroups(Db, group); bool found = false; foreach (long it1 in groups1) { foreach (long it2 in groups2) { if (it1 == it2) { found = true; break; } } if (found) { break; } } if (!found) { throw new ArgumentException("Access denied."); } } string query = "SELECT * FROM " + GuruxAMI.Server.AppHost.GetTableName <GXAmiUserGroupUser>(Db); query += string.Format("WHERE UserID = {0} AND UserGroupID = {1}", user, group); List <GXAmiUserGroupUser> items = Db.Select <GXAmiUserGroupUser>(query); foreach (GXAmiUserGroupUser it in items) { Db.DeleteById <GXAmiUserGroupUser>(it.Id); events.Add(new GXEventsItem(ActionTargets.UserGroup, Actions.Edit, group)); } } } trans.Commit(); } } AppHost host = this.ResolveService <AppHost>(); host.SetEvents(Db, this.Request, adderId, events); return(new GXRemoveUserFromUserGroupResponse()); }
/// <summary> /// Add users to user groups. /// </summary> /// <param name="request"></param> /// <returns></returns> public GXAddUserToUserGroupResponse Post(GXAddUserToUserGroupRequest request) { IAuthSession s = this.GetSession(false); //Normal user can't change user group name or add new one. if (!GuruxAMI.Server.GXBasicAuthProvider.CanUserEdit(s)) { throw new ArgumentException("Access denied."); } long adderId = Convert.ToInt64(s.Id); List <GXEventsItem> events = new List <GXEventsItem>(); lock (Db) { using (var trans = Db.OpenTransaction(IsolationLevel.ReadCommitted)) { bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s); foreach (long user in request.Users) { foreach (long group in request.Groups) { if (!superAdmin) { //User can't update user data if he do not have access to the user group. long[] groups1 = GXUserGroupService.GetUserGroups(Db, adderId); long[] groups2 = GXUserGroupService.GetUserGroups(Db, group); bool found = false; foreach (long it1 in groups1) { foreach (long it2 in groups2) { if (it1 == it2) { found = true; break; } } if (found) { break; } } if (!found) { throw new ArgumentException("Access denied."); } } GXAmiUserGroupUser it = new GXAmiUserGroupUser(); it.UserGroupID = group; it.UserID = user; it.Added = DateTime.Now.ToUniversalTime(); Db.Insert(it); events.Add(new GXEventsItem(ActionTargets.UserGroup, Actions.Edit, it)); } } trans.Commit(); } } AppHost host = this.ResolveService <AppHost>(); host.SetEvents(Db, this.Request, adderId, events); return(new GXAddUserToUserGroupResponse()); }
/// <summary> /// Add or update new user. /// </summary> public GXUserUpdateResponse Put(GXUserUpdateRequest request) { List <GXEventsItem> events = new List <GXEventsItem>(); IAuthSession s = this.GetSession(false); bool edit = GuruxAMI.Server.GXBasicAuthProvider.CanUserEdit(s); bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s); long adderId = Convert.ToInt64(s.Id); lock (Db) { using (var trans = Db.OpenTransaction(IsolationLevel.ReadCommitted)) { //Add new users foreach (GXAmiUser it in request.Users) { if (string.IsNullOrEmpty(it.Name)) { throw new ArgumentException("Invalid name."); } //If new user if (it.Id == 0) { //User can't add new users. if (!edit) { throw new ArgumentException("Access denied."); } if (!superAdmin && (it.AccessRights & UserAccessRights.SuperAdmin) == UserAccessRights.SuperAdmin) { throw new ArgumentException("Only super admin can add new super admin."); } if (string.IsNullOrEmpty(it.Password)) { throw new ArgumentException("Invalid Password."); } it.Added = DateTime.Now.ToUniversalTime(); Db.Insert(it); #if !SS4 it.Id = Db.GetLastInsertId(); #else it.Id = Db.LastInsertId(); #endif events.Add(new GXEventsItem(ActionTargets.User, Actions.Add, it)); } else //Update user data. { //User can only edit itself. if (!edit && adderId != it.Id) { throw new ArgumentException("Access denied."); } if (!superAdmin) { //User can't update user data if he do not have access to the user group. long[] groups1 = GXUserGroupService.GetUserGroups(Db, adderId); long[] groups2 = GXUserGroupService.GetUserGroups(Db, it.Id); bool found = false; foreach (long it1 in groups1) { foreach (long it2 in groups2) { if (it1 == it2) { found = true; break; } } if (found) { break; } } if (!found) { throw new ArgumentException("Access denied."); } } //Get Added time. #if !SS4 GXAmiUser orig = Db.GetById <GXAmiUser>(it.Id); #else GXAmiUser orig = Db.SingleById <GXAmiUser>(it.Id); #endif it.Added = orig.Added; if (string.IsNullOrEmpty(it.Password)) { it.Password = orig.Password; } Db.Update(it); events.Add(new GXEventsItem(ActionTargets.User, Actions.Edit, it)); } } trans.Commit(); } } AppHost host = this.ResolveService <AppHost>(); host.SetEvents(Db, this.Request, adderId, events); return(new GXUserUpdateResponse(request.Users)); }
/// <summary> /// Delete selected user. /// </summary> /// <param name="request"></param> /// <returns></returns> public GXUserDeleteResponse Post(GXUserDeleteRequest request) { IAuthSession s = this.GetSession(false); int id = Convert.ToInt32(s.Id); if (id == 0) { throw new ArgumentException("Remove failed. Invalid session ID."); } if (!GuruxAMI.Server.GXBasicAuthProvider.CanUserEdit(s)) { throw new ArgumentException("Remove not allowed."); } List <GXEventsItem> events = new List <GXEventsItem>(); bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s); lock (Db) { foreach (int it in request.UserIDs) { if (it == 0) { throw new ArgumentException("ID is required"); } if (!superAdmin && !GXUserGroupService.CanAccess(Db, id, it)) { throw new ArgumentException("Access denied."); } #if !SS4 GXAmiUser user = Db.QueryById <GXAmiUser>(it); #else GXAmiUser user = Db.SingleById <GXAmiUser>(it); #endif //Remove user from the user group. if (request.GroupIDs != null && request.GroupIDs.Length != 0) { foreach (long gid in request.GroupIDs) { if (!superAdmin) { List <GXAmiUser> list = GetUsers(s, Db, 0, gid, false, false, null, SearchOperator.None, SearchType.All); if (list.Count == 1) { throw new ArgumentException("Remove not allowed."); } } string query = string.Format("UserGroupID = {0} AND UserID = {1}", gid, it); GXAmiUserGroupUser item = Db.Select <GXAmiUserGroupUser>(query)[0]; Db.Delete <GXAmiUserGroupUser>(item); #if !SS4 GXAmiUserGroup ug = Db.QueryById <GXAmiUserGroup>(gid); #else GXAmiUserGroup ug = Db.SingleById <GXAmiUserGroup>(gid); #endif events.Add(new GXEventsItem(ActionTargets.User, Actions.Edit, user)); events.Add(new GXEventsItem(ActionTargets.User, Actions.Edit, ug)); } } else //Remove user. { // You can not delete yourself. if (it == id) { throw new ArgumentException("Remove not allowed."); } if (request.Permanently) { Db.DeleteById <GXAmiUser>(it); } else { user.Removed = DateTime.Now.ToUniversalTime(); Db.UpdateOnly(user, p => p.Removed, p => p.Id == it); } events.Add(new GXEventsItem(ActionTargets.User, Actions.Remove, user)); //Remove all user groups of the user. long[] list = GXUserGroupService.GetUserGroups(Db, it); //TODO: Remove only if last user. foreach (long gid in list) { #if !SS4 GXAmiUserGroup ug = Db.QueryById <GXAmiUserGroup>(gid); #else GXAmiUserGroup ug = Db.SingleById <GXAmiUserGroup>(gid); #endif if (request.Permanently) { Db.DeleteById <GXAmiUserGroup>(gid); } else { ug.Removed = DateTime.Now.ToUniversalTime(); Db.UpdateOnly(ug, p => p.Removed, p => p.Id == gid); } events.Add(new GXEventsItem(ActionTargets.User, Actions.Edit, user)); events.Add(new GXEventsItem(ActionTargets.User, Actions.Edit, ug)); } } } } AppHost host = this.ResolveService <AppHost>(); host.SetEvents(Db, this.Request, id, events); return(new GXUserDeleteResponse()); }