protected void Page_Load(object sender, EventArgs e) { RunSecurity(CRM.Code.Models.Admin.AllowedSections.AdminUsers); int adminUserID = 0; if (Int32.TryParse(Request.QueryString["id"], out adminUserID) && adminUserID > 0) { Entity = db.Admins.SingleOrDefault(a => a.ID == adminUserID); if (Entity == null) { Response.Redirect("/admin/adminuser/list.aspx"); } } btnSubmitChangesTop.EventHandler = btnSubmitChanges_Click; btnSubmitChangesBottom.EventHandler = btnSubmitChanges_Click; btnSubmit.EventHandler = btnSubmit_Click; if (!Page.IsPostBack) { bool newAdded = false; foreach (CRM_SystemAccess access in db.CRM_SystemAccesses) { CRM_SystemAccessAdmin adminAccess = db.CRM_SystemAccessAdmins.SingleOrDefault(s => s.CRM_SystemAccessID == access.ID && s.AdminID == adminUserID); if (adminAccess == null) { adminAccess = new CRM_SystemAccessAdmin() { AdminID = adminUserID, CRM_SystemAccessID = access.ID, IsAdd = false, IsDelete = false, IsRead = false, IsWrite = false }; db.CRM_SystemAccessAdmins.InsertOnSubmit(adminAccess); db.SubmitChanges(); newAdded = true; } } if (newAdded) { Response.Redirect(Request.RawUrl); } rptItems.DataSource = from saa in db.Admins.SingleOrDefault(a => a.ID == adminUserID).CRM_SystemAccessAdmins where saa.CRM_SystemAccessID == null orderby saa.BespokeName select saa; rptItems.DataBind(); } }
protected void Page_PreInit(object sender, EventArgs e) { AuthAdmin authAdmin = new AuthAdmin(db); AdminUser = authAdmin.Authorise(); if (AdminUser == null) { Session.Remove("IsAuthorized"); Response.Redirect("/admin/login.aspx?redirect=" + Request.RawUrl); } else { string currentURL = GetCurrentURL(); if (currentURL.StartsWith("\\admin")) { int adminLength = "\\admin".Length; currentURL = currentURL.Substring(adminLength, currentURL.Length - adminLength); } AdminPermission = AdminUser.CRM_SystemAccessAdmins.SingleOrDefault(s => s.CRM_SystemAccess != null && s.CRM_SystemAccess.Path.ToLower() == currentURL.ToLower()); bool CanView = true; if (!Request.RawUrl.StartsWith("/admin/default.aspx")) { if (AdminPermission == null || !AdminPermission.IsRead) { CanView = false; AdminPermission = AdminUser.CRM_SystemAccessAdmins.SingleOrDefault(s => s.CRM_SystemAccess == null && ((string)s.BespokeURL).ToLower() == Request.RawUrl); if (AdminPermission == null || !AdminPermission.IsRead) { CanView = false; } else if (AdminPermission != null) { CanView = true; } } } if (!CanView) { NoticeManager.SetMessage("You do not have permission to view this page, please contact a Master Admin", "/admin"); } IsAuthorised = true; Session["IsAuthorized"] = true; } }
protected void btnSubmit_Click(object sender, EventArgs e) { CRM_SystemAccessAdmin accessAdmin = new CRM_SystemAccessAdmin(); accessAdmin.CRM_SystemAccessID = null; accessAdmin.BespokeURL = txtURL.Text; accessAdmin.BespokeName = txtName.Text; accessAdmin.IsAdd = true; accessAdmin.IsDelete = true; accessAdmin.IsRead = true; accessAdmin.IsWrite = true; accessAdmin.AdminID = Entity.ID; db.CRM_SystemAccessAdmins.InsertOnSubmit(accessAdmin); db.SubmitChanges(); NoticeManager.SetMessage("Bespoke Permission Added"); }
protected void btnSubmitChanges_Click(object sender, EventArgs e) { foreach (RepeaterItem item in rptItems.Items) { CheckBox chkRead = (CheckBox)item.FindControl("chkRead"); CheckBox chkAdd = (CheckBox)item.FindControl("chkAdd"); CheckBox chkEdit = (CheckBox)item.FindControl("chkEdit"); CheckBox chkDelete = (CheckBox)item.FindControl("chkDelete"); HtmlInputHidden id = (HtmlInputHidden)item.FindControl("hdnPage"); CRM_SystemAccessAdmin accessAdmin = db.CRM_SystemAccessAdmins.Single(c => c.ID.ToString() == id.Value); accessAdmin.IsAdd = chkAdd.Checked; accessAdmin.IsDelete = chkDelete.Checked; accessAdmin.IsWrite = chkEdit.Checked; accessAdmin.IsRead = chkRead.Checked; db.SubmitChanges(); } NoticeManager.SetMessage("Permissions Saved"); }
protected void Page_Load(object sender, EventArgs e) { if (Page is AdminPage) { CRM_SystemAccessAdmin AdminPermission = ((AdminPage)Page).AdminPermission; if (AdminPermission != null && this.ID != null) { if (this.ID.Contains("btnSubmitChanges")) { this.Visible = AdminPermission.IsWrite; } else if (this.ID.Contains("btnSubmit") && !this.ID.Contains("Changes")) { this.Visible = AdminPermission.IsAdd; } else if (this.ID == "btnDelete") { this.Visible = AdminPermission.IsDelete; } } } if (Page is CRM_CalendarPage <CRM_Calendar> ) { CRM_Calendar entity = ((CRM_CalendarPage <CRM_Calendar>)Page).Entity; if (entity != null) { bool IsOwner = ((CRM_CalendarPage <CRM_Calendar>)Page).AdminUser.ID == entity.CreatedByAdminID; CRM_SystemAccessAdmin AdminPermission = ((AdminPage)Page).AdminPermission; if (AdminPermission != null && this.ID != null) { if (entity.PrivacyStatus == (byte)CRM_Calendar.PrivacyTypes.Editable) { if (!IsOwner) { if (this.ID.Contains("btnSubmitChanges")) { this.Visible = AdminPermission.IsWrite; } else if (this.ID.Contains("btnSubmit") && !this.ID.Contains("Changes")) { this.Visible = AdminPermission.IsAdd; } else if (this.ID == "btnDelete") { this.Visible = AdminPermission.IsDelete; } } } else if (entity.PrivacyStatus == (byte)CRM_Calendar.PrivacyTypes.Private || entity.PrivacyStatus == (byte)CRM_Calendar.PrivacyTypes.Viewable) { if (!IsOwner) { if (this.ID.Contains("btnSubmitChanges")) { this.Visible = false; } else if (this.ID.Contains("btnSubmit") && !this.ID.Contains("Changes")) { this.Visible = false; } else if (this.ID == "btnDelete") { this.Visible = false; } } } } } } btnButton.CssClass = Class; if (!String.IsNullOrEmpty(Style)) { btnButton.Attributes["style"] = Style; } if (!String.IsNullOrEmpty(OnClick)) { pnlLink.Attributes["onclick"] = OnClick; btnButton.Attributes["onclick"] = OnClick; } if (EventHandler != null) { //ButtonText = EventHandler.Method.Name; btnButton.Click += EventHandler; } else { pnlButton.Visible = false; pnlLink.Visible = true; } }