/// <summary>
/// returns NULL if no user is logged in.
/// </summary>
/// <returns></returns>
public static WebPortalUser GetCurrentWebPortalUser(PortalApplication portalApp)
{
try
{
// -- we cache the currentWebPortal user so that we don't go to the database
string cacheKey = "WebPortalUser.currentWebPortalUser";
if (PerRequestCache.CacheContains(cacheKey))
{
return(PerRequestCache.GetFromCache(cacheKey, null) as WebPortalUser);
}
if (System.Web.HttpContext.Current != null && System.Web.HttpContext.Current.User != null &&
System.Web.HttpContext.Current.User.Identity != null && System.Web.HttpContext.Current.User.Identity.IsAuthenticated)
{
WebPortalUser u = WebPortalUser.FetchUser(System.Web.HttpContext.Current.User.Identity.Name, portalApp);
PerRequestCache.AddToCache(cacheKey, u);
return(u);
}
else
{
return(null);
}
}
catch
{ }
return(null);
}
public bool EnsurePermissionsInDatabase(PortalApplication portalApp)
{
string appName = portalApp.GetApplicationName();
PortalApplicationPermission[] appPermissionsInDB = FetchAll(appName);
PortalApplicationPermission[] appPermissionsDefined = portalApp.GetAllPermissionsForApplication();
List <PortalApplicationPermission> toInsert = new List <PortalApplicationPermission>();
foreach (PortalApplicationPermission appPermission in appPermissionsDefined)
{
if (!arrayContains(appPermission, appPermissionsInDB))
{
toInsert.Add(appPermission);
}
} // foreach
List <PortalApplicationPermission> toDelete = new List <PortalApplicationPermission>();
foreach (PortalApplicationPermission dbPermission in appPermissionsInDB)
{
if (!arrayContains(dbPermission, appPermissionsDefined))
{
toDelete.Add(dbPermission);
}
} // foreach
return(BulkInsert(toInsert.ToArray()) && BulkDelete(toDelete.ToArray()));
}
public bool hasPermissionTo(string actionRequested, PortalApplication portalApp)
{
portalApp.EnsurePermissionsInDatabase();
string currentAppName = portalApp.GetApplicationName();
return(hasPermissionTo(actionRequested, currentAppName));
}
/// <summary>
/// Checks to see if the username and password match a user in the system.
/// Returns true if the username exists, and the password matches, otherwise returns false.
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns></returns>
public static bool CheckLogin(string username, string password, PortalApplication portalApp)
{
WebPortalUser user = (new WebPortalUserDB()).FetchWebPortalUser(username, portalApp);
if (user != null && String.Compare(user.Password, password) == 0)
{
return(true);
}
return(false);
} // checkLogin
public static bool UsernameExists(string username, PortalApplication portalApp)
{
WebPortalUser user = (new WebPortalUserDB()).FetchWebPortalUser(username, portalApp);
if (user == null || user.uid < 0)
{
return(false);
}
return(true);
}
} // FetchWebPortalUser
/// <summary>
/// gets an active (not deleted) WebPortalUser object from the database, or NULL if one does not exist
/// </summary>
/// <param name="userID">the usedId to get the user data for</param>
/// <returns></returns>
public WebPortalUser FetchWebPortalUser(int userID, PortalApplication portalApp)
{
if (userID > -1)
{
string sql = getStandardUserSQL("appuser.AppUserId = " + userID.ToString() + "", WebPortalUser.SortUsersBy.UserId, portalApp);
DataSet ds = RunSelectQuery(sql);
WebPortalUser[] users = getWebPortalUsersFromStandardDataSet(ds);
if (users.Length == 1)
{
return(users[0] as WebPortalUser);
}
}
return(null);
} // FetchWebPortalUser
} // getStandardUserSQL
/// <summary>
/// gets an active (not deleted) WebPortalUser object from the database,
/// or NULL if one does not exist
/// </summary>
/// <param name="username">the case insensitive username to get the user data for</param>
/// <returns></returns>
public WebPortalUser FetchWebPortalUser(string username, PortalApplication portalApp)
{
username = username.Trim();
string sql = getStandardUserSQL("UserName like '" + dbEncode(username) + "'", WebPortalUser.SortUsersBy.UserFullName, portalApp);
DataSet ds = RunSelectQuery(sql);
WebPortalUser[] users = getWebPortalUsersFromStandardDataSet(ds);
if (users.Length == 1)
{
return(users[0]);
}
return(null);
} // FetchWebPortalUser
private string getStandardUserSQL(string whereClause, WebPortalUser.SortUsersBy sortBy, PortalApplication portalApp)
{
if (whereClause.Trim() != "")
{
whereClause = " AND " + whereClause;
}
string permissionsWhere = "";
string appName = portalApp.GetApplicationName();
if (appName != "" && portalApp.GetAllPermissionsForApplication().Length > 0)
{
permissionsWhere = " AND (" + DBDialect.isNull("p.PermissionsId") + " or p.ApplicationName = '" + dbEncode(appName) + "' ) ";
}
string sql = @"
select appuser.appuserid, appuser.username, appuser.password, appuser.FullName, appuser.EmailAddress, appuser.LastLoginDateTime,
roles.Name as RoleName, roles.roleid, roles.Description as RoleDesc,
x.`key` as exKey, x.`value` as exVal,
p.PermissionsId, p.ApplicationName, p.Action, p.Description
from appuser
LEFT JOIN appuserroles on (appuser.appuserid = appuserroles.appuserid)
LEFT JOIN roles ON (appuserroles.roleid = roles.roleid)
LEFT JOIN appuserextendedinfo x on (x.userId = appuser.AppUserId)
LEFT JOIN appuserpermissions up on (appuser.AppUserId = up.AppUserId)
LEFT JOIN permissions p ON (p.PermissionsId = up.PermissionsId)
WHERE " + DBDialect.isNull("appuser.deleted") + " AND " + DBDialect.isNull("roles.deleted") + " and " + DBDialect.isNull("x.deleted") + " and " + DBDialect.isNull("p.Deleted") + " ";
sql = sql + permissionsWhere;
sql = sql + whereClause;
switch (sortBy)
{
case WebPortalUser.SortUsersBy.UserId:
sql = sql + @" ORDER BY appuserid ";
break;
case WebPortalUser.SortUsersBy.UserName:
sql = sql + @" ORDER BY username ";
break;
case WebPortalUser.SortUsersBy.UserFullName:
sql = sql + @" ORDER BY FullName ";
break;
default:
throw new ArgumentException("Invalid SortBy given");
}
return(sql);
} // getStandardUserSQL
} // getAllWebPortalUsers
/// <summary>
/// gets an ArrayList of all (not deleted) WebPortalUsers that are in a specified role
/// </summary>
/// <param name="role">the (case insensitive) role to find all users for</param>
/// <returns>an ArrayList of Objects</returns>
public WebPortalUser[] FetchAllWebPortalUsers(WebPortalUserRole role, WebPortalUser.SortUsersBy sortBy, PortalApplication portalApp)
{
string sql = getStandardUserSQL("roles.roleId = " + role.RoleID + "", sortBy, portalApp);
DataSet ds = RunSelectQuery(sql);
return(getWebPortalUsersFromStandardDataSet(ds));
} // getAllWebPortalUsers
/// <summary>
/// gets a user from their userID. Returns NULL if user was not found.
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
public static WebPortalUser FetchUser(int userId, PortalApplication portalApp)
{
return((new WebPortalUserDB()).FetchWebPortalUser(userId, portalApp));
}
} // FetchAll
/// <summary>
/// gets a user from their username. Returns NULL if user was not found.
/// </summary>
/// <param name="username"></param>
/// <returns></returns>
public static WebPortalUser FetchUser(string username, PortalApplication portalApp)
{
return((new WebPortalUserDB()).FetchWebPortalUser(username, portalApp));
}
} // FetchAll
/// <summary>
/// gets an Array of all WebPortalUsers that are in a specified role
/// </summary>
/// <param name="role">the (case insensitive) role to find all users for</param>
/// <returns>an ArrayList of WebPortalUser Objects</returns>
public static WebPortalUser[] FetchAll(WebPortalUserRole inRole, SortUsersBy sortBy, PortalApplication portalApp)
{
return((new WebPortalUserDB()).FetchAllWebPortalUsers(inRole, sortBy, portalApp));
} // FetchAll
} // getAllUsers
public static WebPortalUser[] FetchAll(SortUsersBy sortBy, PortalApplication portalApp)
{
return((new WebPortalUserDB()).FetchAllWebPortalUsers(sortBy, portalApp));
} // getAllUsers
/// <summary>
/// gets all the Users in the system, sorted by UserName
/// </summary>
/// <returns>an Array of WebPortalUser objects</returns>
public static WebPortalUser[] FetchAll(PortalApplication portalApp)
{
return((new WebPortalUserDB()).FetchAllWebPortalUsers(SortUsersBy.UserName, portalApp));
} // getAllUsers
} // BulkInsert
/// <summary>
/// ensures that all permissions for the portal app are reflected in the database.
/// Inserts new items into the database, and deletes items that don't.
/// </summary>
/// <param name="items"></param>
/// <returns></returns>
public static bool EnsurePermissionsInDatabase(PortalApplication portalApp)
{
return((new permissionsDB()).EnsurePermissionsInDatabase(portalApp));
}