protected void Application_AuthorizeRequest(object sender, EventArgs e)
{
IPrincipal user = Context.User;
if (user != null && user.Identity.IsAuthenticated && user is RolePrincipal)
{
try
{
if (Request.Url.ToString().Contains("myob"))
{
return;
}
MembershipUser membershipUser = Membership.GetUser(user.Identity.Name);
CffUserService cffUserService = CffUserService.Create();
ICffUser cffUser = cffUserService.LoadCffUser(new Guid(membershipUser.ProviderUserKey.ToString()));
if (cffUser != null)
{
CffPrincipal cffPrincipal = new CffPrincipal(user, cffUser);
Context.User = cffPrincipal;
}
}
catch (Exception)
{
return;
}
}
}
// ReSharper disable InconsistentNaming
/// <summary>
/// Load Client and Customer into session when a new session is created
/// </summary>
///
public void Session_OnStart()
// ReSharper restore InconsistentNaming
{
CffPrincipal cffPrincipal = Context.User as CffPrincipal;
if (cffPrincipal != null && Session.IsNewSession)
{
Session.Timeout = 3600;
CffUserService cffUserService = CffUserService.Create();
if (SessionWrapper.Instance.Get != null)
{
SessionWrapper.Instance.Get.ClientFromQueryString = cffUserService.LoadCffClientAssociatedWith(cffPrincipal.CffUser);
SessionWrapper.Instance.Get.CustomerFromQueryString = (ICffCustomer)cffUserService.LoadCffCustomerAssociatedWith(cffPrincipal.CffUser);
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
CffPrincipal cffPrincipal = Context.User as CffPrincipal;
if (cffPrincipal != null)
{
CffUserService cffUserService = CffUserService.Create();
string returnUrl = Request.QueryString["ReturnUrl"];
bool rememberMe = Request.QueryString["RememberMe"] != null && Request.QueryString["RememberMe"].Equals(true.ToString());
string userName = cffPrincipal.Identity.Name;
string viewID = Request.QueryString["ViewID"];
string criteria = Request.QueryString["Criteria"];
// If ReturnUrl is set, redirect to it
// This logic shouldn't have to have been implemented according to MSDN but it doesn't seem to use ReturnUrl
System.Web.Security.FormsAuthentication.SetAuthCookie(userName, rememberMe);
if ((cffPrincipal.CffUser.EmployeeId == QueryString.UserId) && (!string.IsNullOrEmpty(returnUrl)))
{
if (!string.IsNullOrEmpty(viewID))
{
string url1 = returnUrl;
int idx1 = returnUrl.IndexOf("ViewID");
if (idx1 >= 0)
{
url1 = returnUrl.Substring(0, idx1 - 1);
string url2 = returnUrl.Substring(returnUrl.IndexOf("ViewID"));
idx1 = url2.IndexOf("&");
if (idx1 >= 0)
{
url2 = url2.Substring(idx1);
returnUrl = url1 + url2;
}
else
{
returnUrl = url1;
}
}
returnUrl += "&ViewID=" + viewID;
}
if (!string.IsNullOrEmpty(criteria))
{
string url1 = returnUrl;
if (!string.IsNullOrEmpty(returnUrl))
{
int idx1 = returnUrl.IndexOf("Criteria");
if (idx1 >= 0)
{
url1 = returnUrl.Substring(0, idx1 - 1);
string url2 = returnUrl.Substring(returnUrl.IndexOf("Criteria"));
idx1 = url2.IndexOf("&");
if (idx1 >= 0)
{
url2 = url2.Substring(idx1);
returnUrl = url1 + url2;
}
else
{
returnUrl = url1;
}
}
}
returnUrl += "&Criteria=" + criteria.Replace("#", "");
}
Response.Redirect(returnUrl);
}
else
{
returnUrl = "~/Dashboard.aspx";
if (cffUserService.LoadCffCustomerAssociatedWith(cffPrincipal.CffUser) != null)
{
returnUrl = returnUrl + "?Client=" + cffUserService.LoadCffClientAssociatedWith(cffPrincipal.CffUser).Id +
"&Customer=" + cffUserService.LoadCffCustomerAssociatedWith(cffPrincipal.CffUser).Id +
"&User="******"&ViewID=" + viewID;
}
else
{
returnUrl = returnUrl + "?Client=" + cffUserService.LoadCffClientAssociatedWith(cffPrincipal.CffUser).Id +
"&User="******"&ViewID=" + viewID;
}
if (QueryString.Criteria != null)
{
returnUrl += "&Criteria=" + QueryString.CriteriaValue.ToString().Replace("#", "");
}
Response.Redirect(returnUrl);
}
//}
}
}
public void ProcessRequest(HttpContext context)
{
string criteria = context.Request.Params["Criteria"];
CustomerSearchPresenter presenter = CustomerSearchPresenter.Create(this);
CffPrincipal cffPrincipal = HttpContext.Current.User as CffPrincipal;
CffUserService cffUserService = CffUserService.Create();
if (cffPrincipal != null && (cffPrincipal.IsInCustomerRole || cffPrincipal.IsInClientRole))
{
if (SessionWrapper.Instance.Get.IsMultipleAccounts && QueryString.ClientId != -1)
{
string rawURl = context.Request.RawUrl;
rawURl = rawURl.Substring(rawURl.IndexOf("Client"));
rawURl = rawURl.Substring(rawURl.IndexOf("=") + 1);
int eidx = rawURl.IndexOf("&");
if (eidx > 0)
{
rawURl = rawURl.Substring(0, eidx);
}
int clientId = int.Parse(rawURl);
presenter.ShowMatchedNames(context.Request.Params["q"], clientId, System.Convert.ToInt32((criteria == "") ? "0" : criteria));
}
else
{
presenter.ShowMatchedNames(context.Request.Params["q"], (cffUserService.LoadCffClientAssociatedWith(cffPrincipal.CffUser)).Id, System.Convert.ToInt32((criteria == "")?"0":criteria));
}
}
else
{
if (cffPrincipal.IsInClientRole || cffPrincipal.IsInCustomerRole)
{
presenter.ShowMatchedNames(context.Request.Params["q"], SessionWrapper.Instance.Get.ClientFromQueryString.Id, System.Convert.ToInt32((criteria == "")?"0":criteria));
}
else
{
int clientID = -1;
if (context.Request.Params["Client"] != null)
{
string contextPar = context.Request.Params["Client"].Replace("+", " ");
if (contextPar.Contains("All Clients"))
{
clientID = -1;
}
else
{
clientID = System.Convert.ToInt32(context.Request.Params["Client"].ToString());
}
string viewID = QueryString.ViewIDValue;
int? SessionClientID = null;
if (!string.IsNullOrEmpty(viewID))
{
SessionClientID = (SessionWrapper.Instance.GetSession(QueryString.ViewIDValue)).ClientFromQueryString.Id;
}
else if (SessionWrapper.Instance.Get != null)
{
SessionClientID = SessionWrapper.Instance.Get.ClientFromQueryString.Id;
}
if (SessionClientID != null && (viewID != null))
{
if (SessionClientID != clientID &&
(cffPrincipal.CffUser.UserType == UserType.EmployeeAdministratorUser ||
cffPrincipal.CffUser.UserType == UserType.EmployeeManagementUser ||
cffPrincipal.CffUser.UserType == UserType.EmployeeStaffUser))
{ //if not in client role, we must be able to reset session wrapper's querystring details from here
var nameValues = HttpUtility.ParseQueryString(context.Request.QueryString.ToString());
nameValues.Set("Client", SessionClientID.ToString());
string url = context.Request.Url.AbsolutePath;
string updatedQueryString = "?" + nameValues.ToString();
//context.Response.Redirect(url + updatedQueryString);
SessionWrapper.Instance.GetSession(viewID).ClientFromQueryString = RepositoryFactory.CreateClientRepository().GetCffClientByClientId(System.Convert.ToInt32(SessionClientID));
SessionWrapper.Instance.GetSession(viewID).IsDeselectingCustomer = false;
if (SessionWrapper.Instance.GetSession(viewID).CurrentUserID != (System.Web.HttpContext.Current.User as CffPrincipal).CffUser.UserId.ToString())
{
SessionWrapper.Instance.GetSession(viewID).CurrentUserID = (System.Web.HttpContext.Current.User as CffPrincipal).CffUser.UserId.ToString();
}
if (SessionWrapper.Instance.Get != null)
{
SessionWrapper.Instance.Get.ClientFromQueryString = RepositoryFactory.CreateClientRepository().GetCffClientByClientId(System.Convert.ToInt32(SessionClientID));;
SessionWrapper.Instance.Get.IsDeselectingCustomer = false;
SessionWrapper.Instance.Get.CurrentUserID = (System.Web.HttpContext.Current.User as CffPrincipal).CffUser.UserId.ToString();
}
clientID = (int)SessionClientID;
}
}
}
//if (context.Request.Params["Client"] == clientID.ToString())
//{
presenter.ShowMatchedNames(context.Request.Params["q"], clientID, System.Convert.ToInt32((string.IsNullOrEmpty(criteria)) ? "0" : criteria));
//}
}
}
}