예제 #1
0
        public static bool CreateUser(string AUsername, string APassword, string AFirstName, string AFamilyName, string AModulePermissions)
        {
            TDBTransaction ReadTransaction = null;
            TDBTransaction SubmitChangesTransaction = null;
            bool UserExists = false;
            bool SubmissionOK = false;

            // TODO: check permissions. is the current user allowed to create other users?
            SUserTable userTable = new SUserTable();
            SUserRow newUser = userTable.NewRowTyped();

            newUser.UserId = AUsername;
            newUser.FirstName = AFirstName;
            newUser.LastName = AFamilyName;

            if (AUsername.Contains("@"))
            {
                newUser.EmailAddress = AUsername;
                newUser.UserId = AUsername.Substring(0, AUsername.IndexOf("@")).
                                 Replace(".", string.Empty).
                                 Replace("_", string.Empty).ToUpper();
            }

            // Check whether the user that we are asked to create already exists
            DBAccess.GDBAccessObj.BeginAutoReadTransaction(IsolationLevel.ReadCommitted, ref ReadTransaction,
                delegate
                {
                    if (SUserAccess.Exists(newUser.UserId, ReadTransaction))
                    {
                        TLogging.Log("Cannot create new user as a user with User Name '" + newUser.UserId + "' already exists!");
                        UserExists = true;
                    }
                });

            if (UserExists)
            {
                return false;
            }

            userTable.Rows.Add(newUser);

            string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);

            if (UserAuthenticationMethod == "OpenPetraDBSUser")
            {
                if (APassword.Length > 0)
                {
                    newUser.PasswordSalt = PasswordHelper.GetNewPasswordSalt();
                    newUser.PasswordHash = PasswordHelper.GetPasswordHash(APassword, newUser.PasswordSalt);
                    newUser.PasswordNeedsChange = true;
                }
            }
            else
            {
                try
                {
                    IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);

                    if (!auth.CreateUser(AUsername, APassword, AFirstName, AFamilyName))
                    {
                        newUser = null;
                    }
                }
                catch (Exception e)
                {
                    TLogging.Log("Problem loading user authentication method " + UserAuthenticationMethod + ": " + e.ToString());
                    return false;
                }
            }

            if (newUser != null)
            {
                DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction, ref SubmissionOK,
                    delegate
                    {
                        SUserAccess.SubmitChanges(userTable, SubmitChangesTransaction);

                        List <string>modules = new List <string>();

                        if (AModulePermissions == DEMOMODULEPERMISSIONS)
                        {
                            modules.Add("PTNRUSER");
                            modules.Add("FINANCE-1");

                            ALedgerTable theLedgers = ALedgerAccess.LoadAll(SubmitChangesTransaction);

                            foreach (ALedgerRow ledger in theLedgers.Rows)
                            {
                                modules.Add("LEDGER" + ledger.LedgerNumber.ToString("0000"));
                            }
                        }
                        else
                        {
                            string[] modulePermissions = AModulePermissions.Split(new char[] { ',' });

                            foreach (string s in modulePermissions)
                            {
                                if (s.Trim().Length > 0)
                                {
                                    modules.Add(s.Trim());
                                }
                            }
                        }

                        SUserModuleAccessPermissionTable moduleAccessPermissionTable = new SUserModuleAccessPermissionTable();

                        foreach (string module in modules)
                        {
                            SUserModuleAccessPermissionRow moduleAccessPermissionRow = moduleAccessPermissionTable.NewRowTyped();
                            moduleAccessPermissionRow.UserId = newUser.UserId;
                            moduleAccessPermissionRow.ModuleId = module;
                            moduleAccessPermissionRow.CanAccess = true;
                            moduleAccessPermissionTable.Rows.Add(moduleAccessPermissionRow);
                        }

                        SUserModuleAccessPermissionAccess.SubmitChanges(moduleAccessPermissionTable, SubmitChangesTransaction);

                        // TODO: table permissions should be set by the module list
                        string[] tables = new string[] {
                            "p_bank", "p_church", "p_family", "p_location",
                            "p_organisation", "p_partner", "p_partner_location",
                            "p_partner_type", "p_person", "p_unit", "p_venue"
                        };

                        SUserTableAccessPermissionTable tableAccessPermissionTable = new SUserTableAccessPermissionTable();

                        foreach (string table in tables)
                        {
                            SUserTableAccessPermissionRow tableAccessPermissionRow = tableAccessPermissionTable.NewRowTyped();
                            tableAccessPermissionRow.UserId = newUser.UserId;
                            tableAccessPermissionRow.TableName = table;
                            tableAccessPermissionTable.Rows.Add(tableAccessPermissionRow);
                        }

                        SUserTableAccessPermissionAccess.SubmitChanges(tableAccessPermissionTable, SubmitChangesTransaction);

                        SubmissionOK = true;
                    });

                return true;
            }

            return false;
        }
예제 #2
0
        private static Boolean SaveUser(String AUserID, SUserTable AUserDataTable)
        {
            TDBTransaction TheTransaction;

            if ((AUserDataTable != null) && (AUserDataTable.Rows.Count > 0))
            {
                TheTransaction = DBAccess.GDBAccessObj.BeginTransaction(IsolationLevel.Serializable);

                try
                {
                    SUserAccess.SubmitChanges(AUserDataTable, TheTransaction);

                    DBAccess.GDBAccessObj.CommitTransaction();
                }
                catch (Exception Exc)
                {
                    TLogging.Log("An Exception occured during the saving of a User:" + Environment.NewLine + Exc.ToString());

                    DBAccess.GDBAccessObj.RollbackTransaction();

                    throw;
                }
            }
            else
            {
                // nothing to save!
                return false;
            }

            return true;
        }
        private DataTable GetFoundationOwnerListTable(TDBTransaction AReadTransaction, string ATableName)
        {
            // Used in Foundation Details screen.
            SUserTable TmpUserTable = new SUserTable();

            TmpUserTable = (SUserTable)DBAccess.GDBAccessObj.SelectDT(TmpUserTable, "SELECT " + SUserTable.GetPartnerKeyDBName() + ',' +
                SUserTable.GetUserIdDBName() + ',' +
                SUserTable.GetFirstNameDBName() + ',' +
                SUserTable.GetLastNameDBName() + ' ' +
                "FROM PUB_" + SUserTable.GetTableDBName() + ' ' +
                "WHERE " + SUserTable.GetPartnerKeyDBName() + " <> 0 " +
                "AND " + SUserTable.GetUserIdDBName() +
                " IN (SELECT " + SUserModuleAccessPermissionTable.GetUserIdDBName() + ' ' +
                "FROM PUB_" + SUserModuleAccessPermissionTable.GetTableDBName() + ' ' +
                "WHERE " + SUserModuleAccessPermissionTable.GetModuleIdDBName() +
                " = 'DEVUSER')" + "AND " + SUserTable.GetRetiredDBName() +
                " = FALSE", AReadTransaction, null, -1, -1);
            SUserRow EmptyDR = TmpUserTable.NewRowTyped(false);
            EmptyDR.PartnerKey = 0;
            EmptyDR.UserId = "";
            TmpUserTable.Rows.InsertAt(EmptyDR, 0);
            return TmpUserTable;
        }