private DataTable GetFoundationOwnerListTable(TDBTransaction AReadTransaction, string ATableName)
        {
            // Used in Foundation Details screen.
            SUserTable TmpUserTable = new SUserTable();

            TmpUserTable = (SUserTable)DBAccess.GetDBAccessObj(AReadTransaction).SelectDT(TmpUserTable, "SELECT " +
                                                                                          SUserTable.GetPartnerKeyDBName() + ',' +
                                                                                          SUserTable.GetUserIdDBName() + ',' +
                                                                                          SUserTable.GetFirstNameDBName() + ',' +
                                                                                          SUserTable.GetLastNameDBName() + ' ' +
                                                                                          "FROM PUB_" + SUserTable.GetTableDBName() + ' ' +
                                                                                          "WHERE " + SUserTable.GetPartnerKeyDBName() + " <> 0 " +
                                                                                          "AND " + SUserTable.GetUserIdDBName() +
                                                                                          " IN (SELECT " + SUserModuleAccessPermissionTable.GetUserIdDBName() + ' ' +
                                                                                          "FROM PUB_" + SUserModuleAccessPermissionTable.GetTableDBName() + ' ' +
                                                                                          "WHERE " + SUserModuleAccessPermissionTable.GetModuleIdDBName() +
                                                                                          " = 'DEVUSER')" + "AND " + SUserTable.GetRetiredDBName() +
                                                                                          " = FALSE", AReadTransaction, null, -1, -1);
            SUserRow EmptyDR = TmpUserTable.NewRowTyped(false);

            EmptyDR.PartnerKey = 0;
            EmptyDR.UserId     = "";
            TmpUserTable.Rows.InsertAt(EmptyDR, 0);
            return(TmpUserTable);
        }
예제 #2
0
        public static bool CreateUser(string AUsername, string APassword, string AFirstName, string AFamilyName, string AModulePermissions)
        {
            TDBTransaction ReadTransaction          = null;
            TDBTransaction SubmitChangesTransaction = null;
            bool           UserExists   = false;
            bool           SubmissionOK = false;

            // TODO: check permissions. is the current user allowed to create other users?
            SUserTable userTable = new SUserTable();
            SUserRow   newUser   = userTable.NewRowTyped();

            newUser.UserId    = AUsername;
            newUser.FirstName = AFirstName;
            newUser.LastName  = AFamilyName;

            if (AUsername.Contains("@"))
            {
                newUser.EmailAddress = AUsername;
                newUser.UserId       = AUsername.Substring(0, AUsername.IndexOf("@")).
                                       Replace(".", string.Empty).
                                       Replace("_", string.Empty).ToUpper();
            }

            // Check whether the user that we are asked to create already exists
            DBAccess.GDBAccessObj.BeginAutoReadTransaction(IsolationLevel.ReadCommitted, ref ReadTransaction,
                                                           delegate
            {
                if (SUserAccess.Exists(newUser.UserId, ReadTransaction))
                {
                    TLogging.Log("Cannot create new user as a user with User Name '" + newUser.UserId + "' already exists!");
                    UserExists = true;
                }
            });

            if (UserExists)
            {
                return(false);
            }

            userTable.Rows.Add(newUser);

            string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);

            if (UserAuthenticationMethod == "OpenPetraDBSUser")
            {
                if (APassword.Length > 0)
                {
                    newUser.PasswordSalt        = PasswordHelper.GetNewPasswordSalt();
                    newUser.PasswordHash        = PasswordHelper.GetPasswordHash(APassword, newUser.PasswordSalt);
                    newUser.PasswordNeedsChange = true;
                }
            }
            else
            {
                try
                {
                    IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);

                    if (!auth.CreateUser(AUsername, APassword, AFirstName, AFamilyName))
                    {
                        newUser = null;
                    }
                }
                catch (Exception e)
                {
                    TLogging.Log("Problem loading user authentication method " + UserAuthenticationMethod + ": " + e.ToString());
                    return(false);
                }
            }

            if (newUser != null)
            {
                DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction, ref SubmissionOK,
                                                           delegate
                {
                    SUserAccess.SubmitChanges(userTable, SubmitChangesTransaction);

                    List <string> modules = new List <string>();

                    if (AModulePermissions == DEMOMODULEPERMISSIONS)
                    {
                        modules.Add("PTNRUSER");
                        modules.Add("FINANCE-1");

                        ALedgerTable theLedgers = ALedgerAccess.LoadAll(SubmitChangesTransaction);

                        foreach (ALedgerRow ledger in theLedgers.Rows)
                        {
                            modules.Add("LEDGER" + ledger.LedgerNumber.ToString("0000"));
                        }
                    }
                    else
                    {
                        string[] modulePermissions = AModulePermissions.Split(new char[] { ',' });

                        foreach (string s in modulePermissions)
                        {
                            if (s.Trim().Length > 0)
                            {
                                modules.Add(s.Trim());
                            }
                        }
                    }

                    SUserModuleAccessPermissionTable moduleAccessPermissionTable = new SUserModuleAccessPermissionTable();

                    foreach (string module in modules)
                    {
                        SUserModuleAccessPermissionRow moduleAccessPermissionRow = moduleAccessPermissionTable.NewRowTyped();
                        moduleAccessPermissionRow.UserId    = newUser.UserId;
                        moduleAccessPermissionRow.ModuleId  = module;
                        moduleAccessPermissionRow.CanAccess = true;
                        moduleAccessPermissionTable.Rows.Add(moduleAccessPermissionRow);
                    }

                    SUserModuleAccessPermissionAccess.SubmitChanges(moduleAccessPermissionTable, SubmitChangesTransaction);

                    // TODO: table permissions should be set by the module list
                    // TODO: add p_data_label... tables here so user can generally have access
                    string[] tables = new string[] {
                        "p_bank", "p_church", "p_family", "p_location",
                        "p_organisation", "p_partner", "p_partner_location",
                        "p_partner_type", "p_person", "p_unit", "p_venue",
                        "p_data_label", "p_data_label_lookup", "p_data_label_lookup_category", "p_data_label_use", "p_data_label_value_partner",
                    };

                    SUserTableAccessPermissionTable tableAccessPermissionTable = new SUserTableAccessPermissionTable();

                    foreach (string table in tables)
                    {
                        SUserTableAccessPermissionRow tableAccessPermissionRow = tableAccessPermissionTable.NewRowTyped();
                        tableAccessPermissionRow.UserId    = newUser.UserId;
                        tableAccessPermissionRow.TableName = table;
                        tableAccessPermissionTable.Rows.Add(tableAccessPermissionRow);
                    }

                    SUserTableAccessPermissionAccess.SubmitChanges(tableAccessPermissionTable, SubmitChangesTransaction);

                    SubmissionOK = true;
                });

                return(true);
            }

            return(false);
        }
예제 #3
0
        public static bool CreateUser(string AUsername, string APassword, string AFirstName, string AFamilyName, string AModulePermissions)
        {
            TDBTransaction ReadTransaction = null;
            TDBTransaction SubmitChangesTransaction = null;
            bool UserExists = false;
            bool SubmissionOK = false;

            // TODO: check permissions. is the current user allowed to create other users?
            SUserTable userTable = new SUserTable();
            SUserRow newUser = userTable.NewRowTyped();

            newUser.UserId = AUsername;
            newUser.FirstName = AFirstName;
            newUser.LastName = AFamilyName;

            if (AUsername.Contains("@"))
            {
                newUser.EmailAddress = AUsername;
                newUser.UserId = AUsername.Substring(0, AUsername.IndexOf("@")).
                                 Replace(".", string.Empty).
                                 Replace("_", string.Empty).ToUpper();
            }

            // Check whether the user that we are asked to create already exists
            DBAccess.GDBAccessObj.BeginAutoReadTransaction(IsolationLevel.ReadCommitted, ref ReadTransaction,
                delegate
                {
                    if (SUserAccess.Exists(newUser.UserId, ReadTransaction))
                    {
                        TLogging.Log("Cannot create new user as a user with User Name '" + newUser.UserId + "' already exists!");
                        UserExists = true;
                    }
                });

            if (UserExists)
            {
                return false;
            }

            userTable.Rows.Add(newUser);

            string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);

            if (UserAuthenticationMethod == "OpenPetraDBSUser")
            {
                if (APassword.Length > 0)
                {
                    newUser.PasswordSalt = PasswordHelper.GetNewPasswordSalt();
                    newUser.PasswordHash = PasswordHelper.GetPasswordHash(APassword, newUser.PasswordSalt);
                    newUser.PasswordNeedsChange = true;
                }
            }
            else
            {
                try
                {
                    IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);

                    if (!auth.CreateUser(AUsername, APassword, AFirstName, AFamilyName))
                    {
                        newUser = null;
                    }
                }
                catch (Exception e)
                {
                    TLogging.Log("Problem loading user authentication method " + UserAuthenticationMethod + ": " + e.ToString());
                    return false;
                }
            }

            if (newUser != null)
            {
                DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction, ref SubmissionOK,
                    delegate
                    {
                        SUserAccess.SubmitChanges(userTable, SubmitChangesTransaction);

                        List <string>modules = new List <string>();

                        if (AModulePermissions == DEMOMODULEPERMISSIONS)
                        {
                            modules.Add("PTNRUSER");
                            modules.Add("FINANCE-1");

                            ALedgerTable theLedgers = ALedgerAccess.LoadAll(SubmitChangesTransaction);

                            foreach (ALedgerRow ledger in theLedgers.Rows)
                            {
                                modules.Add("LEDGER" + ledger.LedgerNumber.ToString("0000"));
                            }
                        }
                        else
                        {
                            string[] modulePermissions = AModulePermissions.Split(new char[] { ',' });

                            foreach (string s in modulePermissions)
                            {
                                if (s.Trim().Length > 0)
                                {
                                    modules.Add(s.Trim());
                                }
                            }
                        }

                        SUserModuleAccessPermissionTable moduleAccessPermissionTable = new SUserModuleAccessPermissionTable();

                        foreach (string module in modules)
                        {
                            SUserModuleAccessPermissionRow moduleAccessPermissionRow = moduleAccessPermissionTable.NewRowTyped();
                            moduleAccessPermissionRow.UserId = newUser.UserId;
                            moduleAccessPermissionRow.ModuleId = module;
                            moduleAccessPermissionRow.CanAccess = true;
                            moduleAccessPermissionTable.Rows.Add(moduleAccessPermissionRow);
                        }

                        SUserModuleAccessPermissionAccess.SubmitChanges(moduleAccessPermissionTable, SubmitChangesTransaction);

                        // TODO: table permissions should be set by the module list
                        string[] tables = new string[] {
                            "p_bank", "p_church", "p_family", "p_location",
                            "p_organisation", "p_partner", "p_partner_location",
                            "p_partner_type", "p_person", "p_unit", "p_venue"
                        };

                        SUserTableAccessPermissionTable tableAccessPermissionTable = new SUserTableAccessPermissionTable();

                        foreach (string table in tables)
                        {
                            SUserTableAccessPermissionRow tableAccessPermissionRow = tableAccessPermissionTable.NewRowTyped();
                            tableAccessPermissionRow.UserId = newUser.UserId;
                            tableAccessPermissionRow.TableName = table;
                            tableAccessPermissionTable.Rows.Add(tableAccessPermissionRow);
                        }

                        SUserTableAccessPermissionAccess.SubmitChanges(tableAccessPermissionTable, SubmitChangesTransaction);

                        SubmissionOK = true;
                    });

                return true;
            }

            return false;
        }
예제 #4
0
        public static bool CreateUser(string AUsername, string APassword, string AFirstName, string AFamilyName,
                                      string AModulePermissions, string AClientComputerName, string AClientIPAddress, TDBTransaction ATransaction = null)
        {
            TDataBase      DBConnectionObj                 = DBAccess.GetDBAccessObj(ATransaction);
            TDBTransaction ReadWriteTransaction            = null;
            bool           SeparateDBConnectionEstablished = false;
            bool           NewTransaction;
            bool           SubmissionOK = false;

            // TODO: check permissions. is the current user allowed to create other users?
            SUserTable userTable = new SUserTable();
            SUserRow   newUser   = userTable.NewRowTyped();

            newUser.UserId    = AUsername;
            newUser.FirstName = AFirstName;
            newUser.LastName  = AFamilyName;

            if (AUsername.Contains("@"))
            {
                newUser.EmailAddress = AUsername;
                newUser.UserId       = AUsername.Substring(0, AUsername.IndexOf("@")).
                                       Replace(".", string.Empty).
                                       Replace("_", string.Empty).ToUpper();
            }

            if (DBConnectionObj == null)
            {
                // ATransaction was null and GDBAccess is also null: we need to establish a DB Connection manually here!
                DBConnectionObj = DBAccess.SimpleEstablishDBConnection("CreateUser");

                SeparateDBConnectionEstablished = true;
            }

            ReadWriteTransaction = DBConnectionObj.GetNewOrExistingTransaction(
                IsolationLevel.Serializable, out NewTransaction, "CreateUser");

            try
            {
                // Check whether the user that we are asked to create already exists
                if (SUserAccess.Exists(newUser.UserId, ReadWriteTransaction))
                {
                    TLogging.Log("Cannot create new user because a user with User Name '" + newUser.UserId + "' already exists!");

                    return(false);
                }

                newUser.PwdSchemeVersion = TPasswordHelper.CurrentPasswordSchemeNumber;

                userTable.Rows.Add(newUser);

                string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);

                if (UserAuthenticationMethod == "OpenPetraDBSUser")
                {
                    if (APassword.Length > 0)
                    {
                        SetNewPasswordHashAndSaltForUser(newUser, APassword, AClientComputerName, AClientIPAddress, ReadWriteTransaction);

                        if (AModulePermissions != TMaintenanceWebConnector.DEMOMODULEPERMISSIONS)
                        {
                            newUser.PasswordNeedsChange = true;
                        }
                    }
                }
                else
                {
                    try
                    {
                        IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);

                        if (!auth.CreateUser(AUsername, APassword, AFirstName, AFamilyName))
                        {
                            newUser = null;
                        }
                    }
                    catch (Exception e)
                    {
                        TLogging.Log("Problem loading user authentication method " + UserAuthenticationMethod + ": " + e.ToString());
                        return(false);
                    }
                }

                if (newUser != null)
                {
                    SUserAccess.SubmitChanges(userTable, ReadWriteTransaction);

                    List <string> modules = new List <string>();

                    if (AModulePermissions == DEMOMODULEPERMISSIONS)
                    {
                        modules.Add("PTNRUSER");
                        modules.Add("FINANCE-1");

                        ALedgerTable theLedgers = ALedgerAccess.LoadAll(ReadWriteTransaction);

                        foreach (ALedgerRow ledger in theLedgers.Rows)
                        {
                            modules.Add("LEDGER" + ledger.LedgerNumber.ToString("0000"));
                        }
                    }
                    else
                    {
                        string[] modulePermissions = AModulePermissions.Split(new char[] { ',' });

                        foreach (string s in modulePermissions)
                        {
                            if (s.Trim().Length > 0)
                            {
                                modules.Add(s.Trim());
                            }
                        }
                    }

                    SUserModuleAccessPermissionTable moduleAccessPermissionTable = new SUserModuleAccessPermissionTable();

                    foreach (string module in modules)
                    {
                        SUserModuleAccessPermissionRow moduleAccessPermissionRow = moduleAccessPermissionTable.NewRowTyped();
                        moduleAccessPermissionRow.UserId    = newUser.UserId;
                        moduleAccessPermissionRow.ModuleId  = module;
                        moduleAccessPermissionRow.CanAccess = true;
                        moduleAccessPermissionTable.Rows.Add(moduleAccessPermissionRow);
                    }

                    SUserModuleAccessPermissionAccess.SubmitChanges(moduleAccessPermissionTable, ReadWriteTransaction);

                    // TODO: table permissions should be set by the module list
                    // TODO: add p_data_label... tables here so user can generally have access
                    string[] tables = new string[] {
                        "p_bank", "p_church", "p_family", "p_location",
                        "p_organisation", "p_partner", "p_partner_location",
                        "p_partner_type", "p_person", "p_unit", "p_venue",
                        "p_data_label", "p_data_label_lookup", "p_data_label_lookup_category", "p_data_label_use", "p_data_label_value_partner",
                    };

                    SUserTableAccessPermissionTable tableAccessPermissionTable = new SUserTableAccessPermissionTable();

                    foreach (string table in tables)
                    {
                        SUserTableAccessPermissionRow tableAccessPermissionRow = tableAccessPermissionTable.NewRowTyped();
                        tableAccessPermissionRow.UserId    = newUser.UserId;
                        tableAccessPermissionRow.TableName = table;
                        tableAccessPermissionTable.Rows.Add(tableAccessPermissionRow);
                    }

                    SUserTableAccessPermissionAccess.SubmitChanges(tableAccessPermissionTable, ReadWriteTransaction);

                    TUserAccountActivityLog.AddUserAccountActivityLogEntry(newUser.UserId,
                                                                           TUserAccountActivityLog.USER_ACTIVITY_USER_RECORD_CREATED,
                                                                           String.Format(Catalog.GetString("The user record for the new user {0} got created by user {1}. "),
                                                                                         newUser.UserId, UserInfo.GUserInfo.UserID) +
                                                                           String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress),
                                                                           ReadWriteTransaction);

                    SubmissionOK = true;

                    return(true);
                }
            }
            finally
            {
                if (NewTransaction)
                {
                    if (SubmissionOK)
                    {
                        ReadWriteTransaction.DataBaseObj.CommitTransaction();
                    }
                    else
                    {
                        ReadWriteTransaction.DataBaseObj.RollbackTransaction();
                    }

                    if (SeparateDBConnectionEstablished)
                    {
                        DBConnectionObj.CloseDBConnection();
                    }
                }
            }

            return(false);
        }
        private DataTable GetFoundationOwnerListTable(TDBTransaction AReadTransaction, string ATableName)
        {
            // Used in Foundation Details screen.
            SUserTable TmpUserTable = new SUserTable();

            TmpUserTable = (SUserTable)DBAccess.GDBAccessObj.SelectDT(TmpUserTable, "SELECT " + SUserTable.GetPartnerKeyDBName() + ',' +
                SUserTable.GetUserIdDBName() + ',' +
                SUserTable.GetFirstNameDBName() + ',' +
                SUserTable.GetLastNameDBName() + ' ' +
                "FROM PUB_" + SUserTable.GetTableDBName() + ' ' +
                "WHERE " + SUserTable.GetPartnerKeyDBName() + " <> 0 " +
                "AND " + SUserTable.GetUserIdDBName() +
                " IN (SELECT " + SUserModuleAccessPermissionTable.GetUserIdDBName() + ' ' +
                "FROM PUB_" + SUserModuleAccessPermissionTable.GetTableDBName() + ' ' +
                "WHERE " + SUserModuleAccessPermissionTable.GetModuleIdDBName() +
                " = 'DEVUSER')" + "AND " + SUserTable.GetRetiredDBName() +
                " = FALSE", AReadTransaction, null, -1, -1);
            SUserRow EmptyDR = TmpUserTable.NewRowTyped(false);
            EmptyDR.PartnerKey = 0;
            EmptyDR.UserId = "";
            TmpUserTable.Rows.InsertAt(EmptyDR, 0);
            return TmpUserTable;
        }