/// <summary>
/// Add a new organization.
/// </summary>
/// <param name="context"></param>
/// <param name="cache"></param>
protected override void InternalPOST(HttpContext context, HandlerTimedCache cache)
{
if (context.User.Identity.IsAuthenticated)
{
// We are currently logged in
User user = UserHelper.GetUser(context.User.Identity.Name);
if (user.IsSysAdmin())
{
string name = WebUtil.GetParam(context, "name", true);
Organization.Add(name);
context.Response.Write("ok");
context.Response.StatusCode = (int)HttpStatusCode.Created;
return;
}
else
{
context.Response.Write("not authorized");
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
}
context.Response.Write("not authenticated");
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
/// <summary>
/// Creates a user. Assumes that all user data will be provided.
/// Ie. If you pass in a null name, we will save null as the
/// name. The only exception is password (no need to be passing
/// that around all of the time).
/// </summary>
protected override void InternalPOST(System.Web.HttpContext context, HandlerTimedCache cache)
{
// Grab the params for this user
string userName = WebUtil.GetParam(context, "username", true);
string pass = WebUtil.GetParam(context, "password", true);
string email = WebUtil.GetParam(context, "email", true);
string name = WebUtil.GetParam(context, "name", true);
string roles = WebUtil.GetParam(context, "roles", true);
// If the password is coming through here (we haven't passed it out to
// be able to pass it back in), we assume it's clear text and needs to be hashed.
string hashPass = null;
if (StringHelper.IsNonBlank(pass))
{
hashPass = Hasher.Encrypt(pass);
}
User userInDb = UserHelper.GetUser(userName);
if (userInDb == null)
{
User newUser = UserHelper.CreateUser(userName, hashPass, email, name, roles);
// Send an email to notify that a user has signed up and is requesting new permissions
SendNewUserMail(newUser);
}
else
{
throw new AzaveaWebMessageException("This user name is unavailable.");
}
//If an exception is thrown, then the HTTP response code will
//cause the AJAX call to error out.
}
/// <summary>
/// Deletes a user for a given user name.
/// </summary>
protected override void InternalDELETE(System.Web.HttpContext context, HandlerTimedCache cache)
{
User authUser = UserHelper.GetUser(context.User.Identity.Name);
if (authUser.IsSysAdmin())
{
// Get the user name
string userName = WebUtil.GetParam(context, "username", true);
// Attempt to delete the user
int numDeleted = UserHelper.DeleteUser(userName);
if (numDeleted > 1)
{
_log.Error("More than one user was deleted when attempted to delete user [" + userName + "].");
}
else if (numDeleted == 0)
{
throw new AzaveaWebMessageException("Internal error. User was not deleted.");
}
}
else
{
//User is logged in but is trying to info that does not belong to him.
throw new AzaveaWebNotAuthorizedException("Insuffient privileges.");
}
}
protected override void InternalGET(System.Web.HttpContext context, HandlerTimedCache cache)
{
IList <SecurityRole> roles = UserHelper.GetUserRoles(context.User.Identity.Name);
//Get the paging parameters...
int page = WebUtil.ParseIntParam(context, "page");
int pageSize = WebUtil.ParseIntParam(context, "pageSize");
// Check to see if this is a csv export request. Runs the normal query (with no paging).
bool csv = false;
WebUtil.ParseOptionalBoolParam(context, "csv", ref csv);
// If this is csv, we want all data - override any paging
if (csv)
{
page = -1;
pageSize = -1;
}
// Now get the ordering parameters, if specified.
int sortCol = -1;
WebUtil.ParseOptionalIntParam(context, "sortBy", ref sortCol);
SortType?sortDir = null;
if (sortCol >= 0)
{
// Default is ascending sort, passing false means descending.
bool ascending = true;
WebUtil.ParseOptionalBoolParam(context, "sortasc", ref ascending);
sortDir = ascending ? SortType.Asc : SortType.Desc;
}
string indicatorId = WebUtil.GetParam(context, "indicator", false);
NycResolutionType resolution = WebUtil.ParseEnumParam <NycResolutionType>(context, "resolution");
NycTimeframeType timetype = WebUtil.ParseEnumParam <NycTimeframeType>(context, "timetype");
int minyear = WebUtil.ParseIntParam(context, "minyear");
int maxyear = WebUtil.ParseIntParam(context, "maxyear");
// These two params are for "scope". These should be "ActualId" not "UID".
string borough = WebUtil.GetParam(context, "borough", true);
string subborough = WebUtil.GetParam(context, "subborough", true);
NycResultsWithMetadata list = NychanisHelper.Query(indicatorId, resolution, timetype, minyear, maxyear, borough, subborough, sortCol, sortDir, pageSize, page);
// If this was a csv request, format it and return it instead
if (csv)
{
// Generate actual csv data, determine if this is groupby'd or not
string export = NychanisHelper.ResultsAsCsv(list, indicatorId);
// Setup the response to handle this type of request
context.Response.AddHeader("Content-Disposition", "attachment;filename=Furman_Center_Neighborhood_Info.csv");
context.Response.ContentType = "text/csv";
context.Response.Write(export);
return;
}
// Return the results to the client
context.Response.Write(WebUtil.ObjectToJson(list));
}
/// <summary>
/// Attempt to log the user in
/// </summary>
protected override void InternalPOST(HttpContext context, HandlerTimedCache cache)
{
string username = WebUtil.GetParam(context, "username", false);
string password = WebUtil.GetParam(context, "password", false);
User user = UserHelper.GetUser(username);
if (user == null)
{
context.Response.StatusCode = (int)HttpStatusCode.NotFound;
context.Response.Write("Account was not found.");
return;
}
string hashedPassword = Hasher.Encrypt(password);
string dbPassword = user.Password;
if (!StringHelper.SafeEquals(dbPassword, hashedPassword))
{
context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
context.Response.Write("Login incorrect. Please try again.");
return;
}
SetAuthCookie(context, username, user.Roles);
context.Response.Write(WebUtil.ObjectToJson(new { Name = user.Name, Admin = user.IsSysAdmin(), Limited = user.IsLimited() }));
}
/// <summary>
/// Add a new comment for a property. Expects:
/// id: string, property id
/// level: CommentAccessLevel string
/// text: comment text (optional, must have text or image)
/// form file: image (optional)
/// </summary>
protected override void InternalPUT(HttpContext context, HandlerTimedCache cache)
{
var user = UserHelper.GetUser(context.User.Identity.Name);
if (user == null || !user.CanAddComments())
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.Write("Must be logged in to leave a comment");
return;
}
var id = WebUtil.GetParam(context, "id", false);
var level = WebUtil.ParseEnumParam <CommentAccessLevel>(context, "level");
var text = WebUtil.GetParam(context, "text", true);
byte[] image = InputStreamToByteArray(context);
if (text == null && image == null)
{
context.Response.StatusCode = (int)HttpStatusCode.BadRequest;
context.Response.Write("Must include either text or image comment (or both).");
return;
}
context.Response.Write(JToken.FromObject(
Comment.AddComment(id, user, level, text, image)
));
}
/// <summary>
/// Attempt to determine if any user is currently logged in. If so, return a user object.
/// </summary>
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
if (context.User.Identity.IsAuthenticated)
{
// We are currently logged in
User user = UserHelper.GetUser(context.User.Identity.Name);
if (user.Active)
{
context.Response.StatusCode = (int)HttpStatusCode.OK;
context.Response.Write(
WebUtil.ObjectToJson(
new
{
user.Name,
Admin = user.IsSysAdmin(),
Limited = user.IsLimited(),
Networked = user.IsNetworked(),
user.EmailConfirmed
}));
return;
}
}
// Nobody was logged in
context.Response.StatusCode = (int)HttpStatusCode.NoContent;
}
/// <summary>
/// Get a list of Organizations
/// </summary>
/// <param name="context"></param>
/// <param name="cache"></param>
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
if (context.User.Identity.IsAuthenticated)
{
// We are currently logged in
User user = UserHelper.GetUser(context.User.Identity.Name);
if (user.IsSysAdmin())
{
IList <Organization> orgs = Organization.GetAllActive();
context.Response.StatusCode = (int)HttpStatusCode.OK;
string json = WebUtil.ObjectToJson(orgs);
context.Response.Write(json);
}
else
{
context.Response.Write("not authorized");
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
}
else
{
context.Response.Write("not authenticated");
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
}
/// <summary>
/// Delete an organization
/// </summary>
/// <param name="context"></param>
/// <param name="cache"></param>
protected override void InternalDELETE(HttpContext context, HandlerTimedCache cache)
{
if (context.User.Identity.IsAuthenticated)
{
// We are currently logged in
User user = UserHelper.GetUser(context.User.Identity.Name);
if (user.IsSysAdmin())
{
int id = Int32.Parse(WebUtil.GetParam(context, "id", true));
Organization.Delete(id);
context.Response.Write("\"{'result':'deleted'}\"");
context.Response.StatusCode = (int)HttpStatusCode.OK;
return;
}
else
{
context.Response.Write("not authorized");
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
}
context.Response.Write("not authenticated");
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
/// <summary>
/// Logs a user out of the current authentication, the user will be anonymous.
/// </summary>
protected override void InternalPOST(System.Web.HttpContext context, HandlerTimedCache cache)
{
// Log out from our authentication scheme
FormsAuthentication.SignOut();
// Let the client know that it's going to be ok
context.Response.StatusCode = (int)HttpStatusCode.OK;
}
/// <summary>
/// Delete a comment
/// </summary>
protected override void InternalDELETE(HttpContext context, HandlerTimedCache cache)
{
var user = UserHelper.GetUser(context.User.Identity.Name);
var commentId = WebUtil.ParseIntParam(context, "commentId");
Action doDelete = () => Comment.ById(commentId).Delete(user);
ModifyComment(context, doDelete);
}
protected override string AdditionalCacheKey(HttpContext context, HandlerTimedCache cache)
{
// Override to make sure the user goes into the cache,
return(context.User == null
? null
: (context.User.Identity == null
? null
: context.User.Identity.Name));
}
/// <summary>
/// For a given property id, show returns all comments
/// the logged in user is allowed to see.
/// Expects:
/// id: string, property id
/// </summary>
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
var user = UserHelper.GetUser(context.User.Identity.Name);
var id = WebUtil.GetParam(context, "id", false);
context.Response.Write(JToken.FromObject(
new PropertyCommentInfo(id, user)
));
}
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
IEnumerable <SecurityRole> roles = UserHelper.GetUserRoles(context.User.Identity.Name);
IList <PdbCategory> list = PdbAttributesHelper.GetAttributesForClient(roles);
context.Response.Write(WebUtil.ObjectToJson(new {
TotalResults = list.Count,
List = list
}));
}
/// <summary>
/// Get user details for a single user when a user name is provided.
/// Otherwise, return a list of users.
/// </summary>
protected override void InternalGET(System.Web.HttpContext context, HandlerTimedCache cache)
{
string userName = WebUtil.GetParam(context, "username", true);
User authUser = UserHelper.GetUser(context.User.Identity.Name);
string retVal;
if (StringHelper.IsNonBlank(userName))
{
//Return the details for this user
if (StringHelper.SafeEquals(userName, context.User.Identity.Name) || authUser.IsSysAdmin())
{
retVal = WebUtil.ObjectToJson(UserHelper.MakeClientSafe(UserHelper.GetUser(userName), authUser));
}
else
{
//User is logged in but is trying to info that does not belong to him.
throw new AzaveaWebNotAuthorizedException("Insuffient privileges.");
}
}
else
{
if (authUser.IsSysAdmin())
{
//Get the start and limit params and get the user list
int page = WebUtil.ParseIntParam(context, "page");
int pageSize = WebUtil.ParseIntParam(context, "pageSize");
int sortIndex = -1;
// Now get the ordering parameters, if specified.
WebUtil.ParseOptionalIntParam(context, "sortby", ref sortIndex);
SortOrder sort = null;
if (sortIndex >= 0)
{
// Default is ascending sort, passing false means descending.
bool ascending = true;
WebUtil.ParseOptionalBoolParam(context, "sortasc", ref ascending);
// Get the column name from the metadata for this column index, so we can sort on it
string sortColumnName = UserHelper.GetUserTableMetadata()[sortIndex].UID;
sort = new SortOrder(sortColumnName, ascending ? SortType.Asc : SortType.Desc);
}
// Get users with display metadata
ResultsWithMetadata <UserResultMetadata> results = UserHelper.FormatUsersWithMetadata(UserHelper.GetUsers(page, pageSize, sort), authUser);
retVal = WebUtil.ObjectToJson(results);
}
else
{
//User is logged in but is trying to info that does not belong to him.
throw new AzaveaWebNotAuthorizedException("Insuffient privileges.");
}
}
context.Response.Write(retVal);
}
/// <summary>
/// Partial edits to a comment, if authorized
/// </summary>
/// <param name="context"></param>
/// <param name="cache"></param>
protected override void InternalPOST(HttpContext context, HandlerTimedCache cache)
{
var user = UserHelper.GetUser(context.User.Identity.Name);
var commentId = WebUtil.ParseIntParam(context, "commentId");
var accessLevel = WebUtil.ParseEnumParam <CommentAccessLevel>(context, "level");
var text = WebUtil.GetParam(context, "text", true);
var removeImage = WebUtil.ParseBoolParam(context, "removeImage");
var image = InputStreamToByteArray(context);
Action doEdit = () => Comment.ById(commentId).Update(user, text, image, removeImage, accessLevel);
ModifyComment(context, doEdit);
}
/// <summary>
/// For a given comment id, return the image
/// If there is no image associated, a 404
/// Expects:
/// id: string, comment id
/// thumb: bool, optional render as thumbnail
/// </summary>
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
var user = UserHelper.GetUser(context.User.Identity.Name);
var thumb = false;
WebUtil.ParseOptionalBoolParam(context, "thumb", ref thumb);
// Default to 100x100 if in thumbnail mode, but can override.
var width = THUMB_WIDTH;
WebUtil.ParseOptionalIntParam(context, "w", ref width);
var height = THUMB_HEIGHT;
WebUtil.ParseOptionalIntParam(context, "h", ref height);
var id = WebUtil.ParseIntParam(context, "id");
try
{
var comment = Comment.ById(id);
if (!comment.HasPicture)
{
throw new CommentNotFoundException();
}
if (comment.IsAuthorizedToView(user))
{
var img = comment.Image;
var format = GetImageFormat(img);
context.Response.ContentType = String.Format("image/{0}", format);
if (thumb)
{
var ms = new MemoryStream();
ms.Write(img, 0, img.Length);
var b = new Bitmap(ms);
var thumbnail = b.GetThumbnailImage(width, height, () => false, IntPtr.Zero);
var outStream = new MemoryStream();
thumbnail.Save(outStream, format);
img = outStream.ToArray();
}
context.Response.BinaryWrite(img);
return;
}
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
}
catch (CommentNotFoundException)
{
context.Response.StatusCode = (int)HttpStatusCode.NotFound;
}
}
protected override void InternalGET(System.Web.HttpContext context, HandlerTimedCache cache)
{
var roles = UserHelper.GetUserRoles(context.User.Identity.Name);
var id = WebUtil.GetParam(context, "id", false);
context.Response.Write(WebUtil.ObjectToJson(new
{
Reac = ChildDisplayHelper.GetRows <Reac>(id, roles),
Parcel = ChildDisplayHelper.GetRows <Parcel>(id, roles),
RealProperty = ChildDisplayHelper.GetRows <RealPropertyEvent>(id, roles),
Subsidy = ChildDisplayHelper.GetRows <Subsidy>(id, roles)
}
));
}
/// <summary>
/// Updates a user.
/// </summary>
protected override void InternalPUT(System.Web.HttpContext context, HandlerTimedCache cache)
{
string userName = WebUtil.GetParam(context, "username", true);
User authUser = UserHelper.GetUser(context.User.Identity.Name);
if (StringHelper.IsNonBlank(userName))
{
//Return the details for this user
if (StringHelper.SafeEquals(userName, context.User.Identity.Name) || authUser.IsSysAdmin())
{
// Grab the params for this user
string pass = WebUtil.GetParam(context, "password", true);
string email = WebUtil.GetParam(context, "email", true);
string name = WebUtil.GetParam(context, "name", true);
string roles;
if (authUser.IsSysAdmin())
{
roles = WebUtil.GetParam(context, "roles", true);
}
else
{
roles = authUser.Roles;
}
// If the password is coming through here (we haven't passed it out to
// be able to pass it back in), we assume it's clear text and needs to be hashed.
string hashPass = null;
if (StringHelper.IsNonBlank(pass))
{
hashPass = Hasher.Encrypt(pass);
}
User user = UserHelper.UpdateUser(userName, hashPass, email, name, roles);
if (user != null)
{
context.Response.StatusCode = (int)HttpStatusCode.OK;
context.Response.Write(WebUtil.ObjectToJson(new { Name = user.Name, Admin = user.IsSysAdmin() }));
return;
}
}
else
{
//User is logged in but is trying to info that does not belong to him.
throw new AzaveaWebNotAuthorizedException("Insuffient privileges.");
}
}
}
/// <summary>
/// Checks to see if a report exists for the given propertyId and auth user roles.
/// </summary>
protected override void InternalPOST(HttpContext context, HandlerTimedCache cache)
{
string dir;
string file;
// Get the path and file names
GetPathParts(context, out dir, out file);
if (File.Exists((dir + "\\" + file)))
{
context.Response.Write(WebUtil.ObjectToJson(new { Exists = true }));
return;
}
context.Response.Write(WebUtil.ObjectToJson(new { Exists = false }));
}
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
string indicatorId = WebUtil.GetParam(context, "indicator", false);
NycResolutionType resolution = WebUtil.ParseEnumParam <NycResolutionType>(context, "resolution");
string timeId = WebUtil.GetParam(context, "time", false);
// These two params are for "scope". These should be "ActualId" not "UID".
string borough = WebUtil.GetParam(context, "borough", true);
string subborough = WebUtil.GetParam(context, "subborough", true);
string sld = NychanisHelper.GenerateSld(indicatorId, resolution, timeId, borough, subborough);
context.Response.ContentType = "text/xml";
context.Response.Write(sld);
}
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
if (context.User.Identity.IsAuthenticated)
{
// We are currently logged in
User user = UserHelper.GetUser(context.User.Identity.Name);
context.Response.StatusCode = (int)HttpStatusCode.OK;
context.Response.Write(WebUtil.ObjectToJson(new { EmailConfirmed = user.EmailConfirmed.ToString() }));
}
else
{
context.Response.StatusCode = (int)HttpStatusCode.BadRequest;
return;
}
}
/// <summary>
/// Creates a user. Assumes that all user data will be provided.
/// Ie. If you pass in a null name, we will save null as the
/// name. The only exception is password (no need to be passing
/// that around all of the time).
/// </summary>
protected override void InternalPOST(System.Web.HttpContext context, HandlerTimedCache cache)
{
const int minRequiredPassLength = 8;
// Grab the params for this user
string userName = WebUtil.GetParam(context, "username", true);
string pass = WebUtil.GetParam(context, "password", true);
string email = WebUtil.GetParam(context, "email", true);
string name = WebUtil.GetParam(context, "name", true);
var affiliation = WebUtil.GetParam(context, "affiliation", true);
var networkRequest = WebUtil.ParseBoolParam(context, "network");
// If the password is coming through here (we haven't passed it out to
// be able to pass it back in), we assume it's clear text and needs to be hashed.
string hashPass = null;
if (StringHelper.IsNonBlank(pass))
{
if (pass.Length < minRequiredPassLength)
{
throw new AzaveaWebBadRequestException(
String.Format("Password must be {0} characters long", minRequiredPassLength));
}
hashPass = Hasher.Encrypt(pass);
}
User userInDb = UserHelper.GetUser(userName);
if (userInDb == null)
{
// New registered users are automatically assigned the 'limited' role
// in addition to 'public'
const string roles = "public,limited";
User newUser = UserHelper.CreateUser(userName, hashPass, email, name,
roles, affiliation, networkRequest);
// Send an email to notify that a user has signed up and is requesting new permissions
SendNewUserMailToAdmin(newUser);
SendNewUserMailToUser(newUser);
}
else
{
throw new AzaveaWebMessageException("This user name is unavailable.");
}
//If an exception is thrown, then the HTTP response code will
//cause the AJAX call to error out.
}
protected override void InternalGET(System.Web.HttpContext context, HandlerTimedCache cache)
{
IList <SecurityRole> roles = UserHelper.GetUserRoles(context.User.Identity.Name);
IList <IExpression> expressions = PropertiesHandler.ParseExpressions(context);
PdbTwoTableHelper dataHelper = new PdbTwoTableHelper(Config.GetConfig("PDP.Data"), "Properties", PdbEntityType.Properties);
// x and y are expected in web mercator.
PdbResultLocations list = dataHelper.QueryForLocations(expressions, roles,
WebUtil.ParseDoubleParam(context, "minx"), WebUtil.ParseDoubleParam(context, "maxx"),
WebUtil.ParseDoubleParam(context, "miny"), WebUtil.ParseDoubleParam(context, "maxy"),
WebUtil.ParseDoubleParam(context, "minBx"), WebUtil.ParseDoubleParam(context, "maxBx"),
WebUtil.ParseDoubleParam(context, "minBy"), WebUtil.ParseDoubleParam(context, "maxBy"));
context.Response.Write(WebUtil.ObjectToJson(list));
}
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
var user = UserHelper.GetUser(context.User.Identity.Name);
if (!user.IsSysAdmin())
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.Write(UnauthMessage);
return;
}
var type = WebUtil.GetParam(context, "type", false);
var typeEnum = (UploadTypes)Enum.Parse(typeof(UploadTypes), type);
var uploadRevisions = PdbUploadRevision.GetUploadRevisions(typeEnum);
var json = WebUtil.ObjectToJson(uploadRevisions);
context.Response.StatusCode = (int)HttpStatusCode.OK;
context.Response.Write(json);
}
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
var user = UserHelper.GetUser(context.User.Identity.Name);
if (!user.IsSysAdmin())
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.Write("Not authorized, only Admins can export datasets.");
return;
}
var type = WebUtil.ParseEnumParam <UploadTypes>(context, "type");
context.Response.AddHeader("Content-type", "text/csv");
context.Response.AddHeader("Content-Disposition", "attachment; filename=" +
type + "_export.csv");
var csv = LoadHelper.GetLoader(type).Export();
context.Response.Write(csv);
}
/// <summary>
/// Saves a new, randomized password to the user record. An email will
/// be generated and sent out with the new password. There is no authorization
/// check because, by definition, you won't be logged in to perform this task.
/// </summary>
protected override void InternalPOST(HttpContext context, HandlerTimedCache cache)
{
// Get the user whose password needs to be reset
string userName = WebUtil.GetParam(context, "username", false);
// Make sure this user actually exists
User user = UserHelper.GetUser(userName);
if (user != null)
{
// Also make sure that there is an email on file, or else we cannot proceed
if (StringHelper.IsNonBlank(user.Email))
{
// Create random text for new password
string randPass = RandomString(11);
// Hash and save it
string hashPass = Hasher.Encrypt(randPass);
UserHelper.SavePassword(userName, hashPass);
// Send the email
SendPasswordResetMail(user, randPass);
// Give some success feedback to the client
context.Response.StatusCode = (int)HttpStatusCode.OK;
context.Response.Write("A temporary password has been emailed to you.");
}
else
{
// Give some failure feedback to the client
context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
context.Response.Write("Unable to reset password.");
}
}
else
{
// Give some failure feedback to the client
context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
context.Response.Write("Unable to reset password.");
}
}
/// <summary>
/// Looks for a detailed pdf report to download based on a property id and the
/// authorized user roles
/// </summary>
protected override void InternalGET(HttpContext context, HandlerTimedCache cache)
{
string dir;
string file;
// Get the path and file names
GetPathParts(context, out dir, out file);
if (File.Exists((dir + "\\" + file)))
{
// Tell the client it is a pdf and an attachment, force a save as/open dialog
context.Response.ContentType = "application/pdf";
context.Response.AddHeader("Content-Disposition", "attachment; filename=" + file);
context.Response.WriteFile(dir + "\\" + file);
}
else
{
_log.Error("Detailed Report path not found: [" + dir + "\\" + file + "]");
throw new AzaveaWebMessageException("Could not load a detailed report for this property.");
}
}
protected override void InternalPOST(HttpContext context, HandlerTimedCache cache)
{
var user = UserHelper.GetUser(context.User.Identity.Name);
if (!user.IsSysAdmin())
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.Write(UnauthMessage);
return;
}
var idToRestore = WebUtil.ParseIntParam(context, "id");
PdbUploadRevision.RestoreRevision(idToRestore, user);
context.Response.StatusCode = (int)HttpStatusCode.OK;
context.Response.Write(JObject.FromObject(new
{
status = "OK"
}
));
}
protected override void InternalGET(System.Web.HttpContext context, HandlerTimedCache cache)
{
var roles = UserHelper.GetUserRoles(context.User.Identity.Name);
var dataHelper = new PdbTwoTableHelper(Config.GetConfig("PDP.Data"), "Properties");
var ids = new List <string>();
var id = WebUtil.GetParam(context, "id", true);
if (id != null)
{
ids.Add(id);
}
else
{
var idList = WebUtil.GetParam(context, "ids", false);
ids.AddRange(idList.Split(','));
}
var list = dataHelper.Query(ids, roles);
context.Response.Write(WebUtil.ObjectToJson(list));
}