public void GetPermission(ResourceType resourceType, ref bool canView, ref bool canAdd, ref bool canUpdate, ref bool canDelete) { UserInfo user = UserInfo.GetCurrentUserInfo(); HttpCookie cookie = HttpContext.Current.Request.Cookies.Get("securityToken"); string securityToken = string.Empty; if (cookie == null || string.IsNullOrEmpty(cookie.Value)) { //string[] GroupsArray = user.UserGroupsCommaSeprated.Split(','); //int groupid = Convert.ToInt32(Convert.ToString(GroupsArray[0])); securityToken = RoleManagement.GetSecurityTokenByRoleId(user.RoleId); //StringBuilder sb = new StringBuilder(250); //sb.Append(user.RoleId); //sb.Append("|"); //sb.Append(user.MemberId); //sb.Append("|"); //sb.Append(securityToken); HttpCookie securityCookie = new HttpCookie("securityToken"); //Decoder d= Encoding.UTF8.GetDecoder(); ///securityCookie.Value = Encryption.Encrypt(securityToken); //////securityCookie.Value = Server.UrlEncode(sb.ToString()); securityCookie.Value = Server.UrlEncode(securityToken); HttpContext.Current.Response.Cookies.Add(securityCookie); } else { //securityToken = Encryption.Decrypt(cookie.Value); securityToken = Server.UrlDecode(cookie.Value); //string cookieSecurityToken = string.Empty; //cookieSecurityToken = Server.UrlDecode(cookie.Value); //string[] cookieValue = GetInfoFromCookie(cookieSecurityToken); //if (cookieValue != null) //{ // if (user.MemberId == Convert.ToInt32(cookieValue[0])) // { } // if (user.RoleId == Convert.ToInt32(cookieValue[1])) // { } // securityToken = cookieValue[2].ToString(); //} } PermissionManagement.GetPermission(resourceType, ref canView, ref canAdd, ref canUpdate, ref canDelete, securityToken); }
public void GetPermission(ResourceType resourceType, int memberId, ref bool canView, ref bool canAdd, ref bool canUpdate, ref bool canDelete) { UserInfo user = UserInfo.UserTopRole(memberId); HttpCookie cookie = HttpContext.Current.Request.Cookies.Get("securityToken"); string securityToken = string.Empty; if (user != null) { securityToken = RoleManagement.GetSecurityTokenByRoleId(user.RoleId); PermissionManagement.GetPermission(resourceType, ref canView, ref canAdd, ref canUpdate, ref canDelete, securityToken); } }
protected void btnAdminLogin_Click(object sender, EventArgs e) { // Member_login(txtusername.Text.Trim(), txtpassword.Text.Trim()); Member_login(Utils.CleanHTML(txtusername.Text.Trim()), txtpassword.Text.Trim()); //HttpCookie cookie1 = new HttpCookie("AdminRememberUserCookie", ); //cookie1.Expires = DateTime.Now.AddDays(1); //HttpContext.Current.Response.Cookies.Add(cookie1); string loginTime = ""; if (chkBoxRemember.Checked) { loginTime = System.Configuration.ConfigurationManager.AppSettings["LoginTimeRemember"]; UserInfo user = UserInfo.GetCurrentUserInfo(); HttpCookie cookie = HttpContext.Current.Request.Cookies.Get("securityToken"); string securityToken = string.Empty; securityToken = RoleManagement.GetSecurityTokenByRoleId(user.RoleId); HttpCookie securityCookie = new HttpCookie("securityToken"); securityCookie.Value = Server.UrlEncode(securityToken); securityCookie.Expires = DateTime.Now.AddMinutes(Convert.ToInt16(loginTime)); HttpContext.Current.Response.Cookies.Add(securityCookie); cookie = new HttpCookie("AdminRememberUserCookieTime"); cookie.Value = DateTime.Now.AddMinutes(Convert.ToInt16(loginTime)).ToString(); cookie.Expires = DateTime.Now.AddMinutes(Convert.ToInt16(loginTime)); HttpContext.Current.Response.Cookies.Add(cookie); } else { // new SqlLog().InsertSqlLog(0, "before getting key of logintTime from web.conf", new Exception()); loginTime = System.Configuration.ConfigurationManager.AppSettings["LoginTime"]; // new SqlLog().InsertSqlLog(0, "after getting key of logintTime from web.conf", new Exception()); UserInfo user = UserInfo.GetCurrentUserInfo(); HttpCookie cookie = HttpContext.Current.Request.Cookies.Get("securityToken"); string securityToken = string.Empty; securityToken = RoleManagement.GetSecurityTokenByRoleId(user.RoleId); HttpCookie securityCookie = new HttpCookie("securityToken"); securityCookie.Value = Server.UrlEncode(securityToken); // new SqlLog().InsertSqlLog(0, "after adding security token", new Exception()); securityCookie.Expires = DateTime.Now.AddMinutes(Convert.ToInt16(loginTime)); HttpContext.Current.Response.Cookies.Add(securityCookie); cookie = new HttpCookie("AdminRememberUserCookieTime"); cookie.Value = DateTime.Now.AddMinutes(Convert.ToInt16(loginTime)).ToString(); cookie.Expires = DateTime.Now.AddMinutes(Convert.ToInt16(loginTime)); HttpContext.Current.Response.Cookies.Add(cookie); // new SqlLog().InsertSqlLog(0, "after adding AdminRememberUserCookieTime", new Exception()); } // Response.Redirect("/Dashboard/adminDashboard.aspx",true); }
public void GetPermission(ResourceType resourceType, int memberId, ref bool canView, ref bool canAdd, ref bool canUpdate, ref bool canDelete) { UserInfo user = UserInfo.UserTopRole(memberId); HttpCookie cookie = HttpContext.Current.Request.Cookies.Get("securityToken"); string securityToken = string.Empty; if (user != null) { securityToken = RoleManagement.GetSecurityTokenByRoleId(user.RoleId); //DataSet ds= RoleManagement.GetSecurityTokenByGroupIds(user.UserGroupsCommaSeprated); //if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0) //{ // foreach (DataRow row in ds.Tables[0].Rows) // { //securityToken = Conversion.ParseDBNullString(row["vchSecurityCode"]); PermissionManagement.GetPermission(resourceType, ref canView, ref canAdd, ref canUpdate, ref canDelete, securityToken); // } //} } }
protected void btnAddResources_Click(object sender, EventArgs e) { try { if (ddlGroupName.SelectedIndex != 0) { //GetPermission(TireTraxLib.ResourceType.PagePermissions, ref canView, ref canAdd, ref canUpdate, ref canDelete,ddlGroupName.SelectedValue); //if (!canUpdate) //{ // lblInfo.Text = "Sorry, you dont have right to change the premission"; //} //else //{ int groupId = Convert.ToInt32(ddlGroupName.SelectedValue.ToString()); AccessToken token = new AccessToken(); string accessToken = AccessToken.ReturnEmptyToken(); if (chkAdmin.Checked) { accessToken = token.AdminToken(64, accessToken); } else { accessToken = ReadPermissions(accessToken, token); } RoleManagement.UpdateSecurityToken(groupId, accessToken); //it is used to update the Security token for Roles DataTable dt = RoleManagement.getDistinctRolesByGroupId(groupId); if (dt != null && dt.Rows.Count > 0) { for (int i = 0; i < dt.Rows.Count; i++) { int TempRoleId = Conversion.ParseInt(dt.Rows[i]["RoleId"]); int TempSubRoleId = Conversion.ParseInt(dt.Rows[i]["SubRoleId"]); regenerateSecurityTokens(TempRoleId, TempSubRoleId); } } lblInfo.ForeColor = System.Drawing.Color.Green; lblInfo.Text = "Permission is Successfully Added"; //Update Cookies // UserInfo user = UserInfo.GetCurrentUserInfo(); Response.Cookies["securityToken"].Expires = DateTime.Now.AddMinutes(-1); string securityToken = string.Empty; securityToken = RoleManagement.GetSecurityTokenByRoleId(groupId); //HttpCookie securityCookie = new HttpCookie("securityToken"); //Decoder d= Encoding.UTF8.GetDecoder(); //securityCookie.Value = Server.UrlEncode(securityToken); //HttpContext.Current.Response.Cookies.Add(securityCookie); // } } else { lblInfo.ForeColor = System.Drawing.Color.Red; lblInfo.Text = "Please Select the Group"; } } catch (Exception ex) { new SqlLog().InsertSqlLog(0, "PagePermission.aspx btnAddResources_Click", ex); } }