public static string DeleteAccounts(string sDeleteArray) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; if (sDeleteArray.Length < 36) { return(""); } sDeleteArray = ui.QuoteUp(sDeleteArray); DataTable dt = new DataTable(); // get a list of ids that will be deleted for the log sSql = "select account_id, account_name, provider, login_id from cloud_account where account_id in (" + sDeleteArray + ")"; if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr)) { throw new Exception(sErr); } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); sSql = "delete from cloud_account where account_id in (" + sDeleteArray + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } //refresh the cloud account list in the session if (!ui.PutCloudAccountsInSession(ref sErr)) { throw new Exception(sErr); } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // if we made it here, so save the logs foreach (DataRow dr in dt.Rows) { ui.WriteObjectDeleteLog(Globals.acObjectTypes.CloudAccount, dr["account_id"].ToString(), dr["account_name"].ToString(), dr["provider"].ToString() + " Account for LoginID [" + dr["login_id"].ToString() + "] Deleted"); } return(sErr); }
public static string DeleteCredentials(string sDeleteArray) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; if (sDeleteArray.Length < 36) { return(""); } sDeleteArray = ui.QuoteUp(sDeleteArray); DataTable dt = new DataTable(); // get a list of credential_ids that will be deleted for the log sSql = "select credential_name,credential_id from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " + "and credential_id not in (select distinct credential_id from asset where credential_id is not null)"; if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr)) { throw new Exception(sErr); } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //delete asset_credential sSql = "delete from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " + "and credential_id not in (select distinct credential_id from asset where credential_id is not null)"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // if we made it here, so save the logs foreach (DataRow dr in dt.Rows) { ui.WriteObjectDeleteLog(Globals.acObjectTypes.Credential, dr["credential_id"].ToString(), dr["credential_name"].ToString(), "Credential Deleted"); } return(sErr); }
public static string DeleteClouds(string sDeleteArray) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; if (sDeleteArray.Length < 36) return ""; sDeleteArray = ui.QuoteUp(sDeleteArray); DataTable dt = new DataTable(); // get a list of ids that will be deleted for the log sSql = "select cloud_id, cloud_name, provider from clouds where cloud_id in (" + sDeleteArray + ")"; if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr)) throw new Exception(sErr); try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); sSql = "delete from clouds where cloud_id in (" + sDeleteArray + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //refresh the cloud account list in the session if (!ui.PutCloudAccountsInSession(ref sErr)) throw new Exception(sErr); oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } //reget the cloud providers class in the session ui.SetCloudProviders(ref sErr); if (!string.IsNullOrEmpty(sErr)) throw new Exception("Error: Unable to load Cloud Providers XML." + sErr); // if we made it here, so save the logs foreach (DataRow dr in dt.Rows) { ui.WriteObjectDeleteLog(Globals.acObjectTypes.Cloud, dr["cloud_id"].ToString(), dr["cloud_name"].ToString(), dr["provider"].ToString() + " Cloud Deleted."); } return sErr; }
public static string DeleteCredentials(string sDeleteArray) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; if (sDeleteArray.Length < 36) return ""; sDeleteArray = ui.QuoteUp(sDeleteArray); DataTable dt = new DataTable(); // get a list of credential_ids that will be deleted for the log sSql = "select credential_name,credential_id from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " + "and credential_id not in (select distinct credential_id from asset where credential_id is not null)"; if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr)) { throw new Exception(sErr); } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //delete asset_credential sSql = "delete from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " + "and credential_id not in (select distinct credential_id from asset where credential_id is not null)"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // if we made it here, so save the logs foreach (DataRow dr in dt.Rows) { ui.WriteObjectDeleteLog(Globals.acObjectTypes.Credential, dr["credential_id"].ToString(), dr["credential_name"].ToString(), "Credential Deleted"); } return sErr; }
public static string DeleteAccounts(string sDeleteArray) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; if (sDeleteArray.Length < 36) return ""; sDeleteArray = ui.QuoteUp(sDeleteArray); DataTable dt = new DataTable(); // get a list of ids that will be deleted for the log sSql = "select account_id, account_name, provider, login_id from cloud_account where account_id in (" + sDeleteArray + ")"; if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr)) throw new Exception(sErr); try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); sSql = "delete from cloud_account where account_id in (" + sDeleteArray + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //refresh the cloud account list in the session if (!ui.PutCloudAccountsInSession(ref sErr)) throw new Exception(sErr); oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // if we made it here, so save the logs foreach (DataRow dr in dt.Rows) { ui.WriteObjectDeleteLog(Globals.acObjectTypes.CloudAccount, dr["account_id"].ToString(), dr["account_name"].ToString(), dr["provider"].ToString() + " Account for LoginID [" + dr["login_id"].ToString() + "] Deleted"); } return sErr; }
public static string DeleteDomains(string sDeleteArray) { acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; if (sDeleteArray.Length < 36) { return(""); } sDeleteArray = ui.QuoteUp(sDeleteArray); try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //delete domains sSql = "delete from ldap_domain where ldap_domain in (" + sDeleteArray.ToString() + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // if we made it here, so save the logs ui.WriteObjectDeleteLog(Globals.acObjectTypes.Domain, sDeleteArray.ToString(), sDeleteArray.ToString(), "Domain(s) Deleted"); return(sErr); }
public static string DeleteDomains(string sDeleteArray) { acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; if (sDeleteArray.Length < 36) return ""; sDeleteArray = ui.QuoteUp(sDeleteArray); try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //delete domains sSql = "delete from ldap_domain where ldap_domain in (" + sDeleteArray.ToString() + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // if we made it here, so save the logs ui.WriteObjectDeleteLog(Globals.acObjectTypes.Domain, sDeleteArray.ToString(), sDeleteArray.ToString(), "Domain(s) Deleted"); return sErr; }
public static string SaveAsset(object[] oAsset) { // check the # of elements in the array if (oAsset.Length != 19) { return("Incorrect number of Asset Properties:" + oAsset.Length.ToString()); } string sAssetID = oAsset[0].ToString(); string sAssetName = oAsset[1].ToString().Replace("'", "''"); string sDbName = oAsset[2].ToString().Replace("'", "''"); string sPort = oAsset[3].ToString(); string sConnectionType = oAsset[4].ToString(); string sIsConnection = "0"; // oAsset[5].ToString(); string sAddress = oAsset[5].ToString().Replace("'", "''"); // mode is edit or add string sMode = oAsset[6].ToString(); string sCredentialID = oAsset[7].ToString(); string sCredUsername = oAsset[8].ToString().Replace("'", "''"); string sCredPassword = oAsset[9].ToString().Replace("'", "''"); string sShared = oAsset[10].ToString(); string sCredentialName = oAsset[11].ToString().Replace("'", "''"); string sCredentialDescr = oAsset[12].ToString().Replace("'", "''"); string sDomain = oAsset[13].ToString().Replace("'", "''"); string sCredentialType = oAsset[14].ToString(); string sAssetStatus = oAsset[15].ToString(); string sPrivilegedPassword = oAsset[16].ToString(); string sTagArray = oAsset[17].ToString(); string sConnString = oAsset[18].ToString().Replace("'", "''"); // for logging string sOriginalAssetName = ""; string sOriginalPort = ""; string sOriginalDbName = ""; string sOriginalAddress = ""; string sOriginalConnectionType = ""; string sOriginalUserName = ""; string sOriginalConnString = ""; string sOriginalCredentialID = ""; string sOriginalAssetStatus = ""; dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; //if we are editing get the original values //this is getting original values for logging purposes if (sMode == "edit") { DataRow dr = null; sSql = "select a.asset_name, a.asset_status, a.port, a.db_name, a.address, a.db_name, a.connection_type, a.conn_string, ac.username, a.credential_id," + " case when a.is_connection_system = '1' then 'Yes' else 'No' end as is_connection_system " + " from asset a " + " left outer join asset_credential ac on ac.credential_id = a.credential_id " + " where a.asset_id = '" + sAssetID + "'"; if (!dc.sqlGetDataRow(ref dr, sSql, ref sErr)) { throw new Exception(sErr); } else { if (dr != null) { sOriginalAssetName = dr["asset_name"].ToString(); sOriginalPort = (object.ReferenceEquals(dr["port"], DBNull.Value) ? "" : dr["port"].ToString()); sOriginalDbName = (object.ReferenceEquals(dr["db_name"], DBNull.Value) ? "" : dr["db_name"].ToString()); sOriginalAddress = (object.ReferenceEquals(dr["address"], DBNull.Value) ? "" : dr["address"].ToString()); sOriginalConnectionType = (object.ReferenceEquals(dr["connection_type"], DBNull.Value) ? "" : dr["connection_type"].ToString()); sOriginalUserName = (object.ReferenceEquals(dr["username"], DBNull.Value) ? "" : dr["username"].ToString()); sOriginalConnString = (object.ReferenceEquals(dr["conn_string"], DBNull.Value) ? "" : dr["conn_string"].ToString()); sOriginalCredentialID = (object.ReferenceEquals(dr["credential_id"], DBNull.Value) ? "" : dr["credential_id"].ToString()); sOriginalAssetStatus = dr["asset_status"].ToString(); } } } //NOTE NOTE NOTE! //the following is a catch 22. //if we're adding a new asset, we will need to figure out the credential first so we can save the credential id on the asset //but if it's a new local credential, it gets the asset id as it's name. //so......... //if it's a new asset, go ahead and get the new guid for it here so the credential add will work. if (sMode == "add") { sAssetID = ui.NewGUID(); } //and move on... // there are three CredentialType's // 1) 'selected' = user selected a different credential, just save the credential_id // 2) 'new' = user created a new shared or local credential // 3) 'existing' = same credential, just update the username,description ad password string sPriviledgedPasswordUpdate = null; if (sCredentialType == "new") { if (sPrivilegedPassword.Length == 0) { sPriviledgedPasswordUpdate = "NULL"; } else { sPriviledgedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'"; } //if it's a local credential, the credential_name is the asset_id. //if it's shared, there will be a name. if (sShared == "1") { sCredentialName = sAssetID; //whack and add - easiest way to avoid conflicts sSql = "delete from asset_credential where credential_name = '" + sCredentialName + "' and shared_or_local = '1'"; if (!dc.sqlExecuteUpdate(sSql, ref sErr)) { throw new Exception(sErr); } } //now we're clear to add sCredentialID = "'" + ui.NewGUID() + "'"; sSql = "insert into asset_credential " + "(credential_id,credential_name,username,password,domain,shared_or_local,shared_cred_desc,privileged_password) " + "values (" + sCredentialID + ",'" + sCredentialName + "','" + sCredUsername + "','" + dc.EnCrypt(sCredPassword) + "','" + sDomain + "','" + sShared + "','" + sCredentialDescr + "'," + sPriviledgedPasswordUpdate + ")"; if (!dc.sqlExecuteUpdate(sSql, ref sErr)) { if (sErr == "key_violation") { throw new Exception("A Credential with that name already exists. Please select another name."); } else { throw new Exception(sErr); } } // add security log ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sCredentialName, ""); } else if (sCredentialType == "existing") { sCredentialID = "'" + sCredentialID + "'"; // bugzilla 1126 if the password has not changed leave it as is. string sPasswordUpdate = null; if (sCredPassword == "($%#d@x!&") { // password has not been touched sPasswordUpdate = ""; } else { // updated password sPasswordUpdate = ",password = '******'"; } // bugzilla 1260 // same for privileged_password if (sPrivilegedPassword == "($%#d@x!&") { // password has not been touched sPriviledgedPasswordUpdate = ""; } else { // updated password // bugzilla 1352 priviledged password can be blank, so if it is, set it to null if (sPrivilegedPassword.Length == 0) { sPriviledgedPasswordUpdate = ",privileged_password = null"; } else { sPriviledgedPasswordUpdate = ",privileged_password = '******'"; } } sSql = "update asset_credential " + "set username = '******'" + sPasswordUpdate + sPriviledgedPasswordUpdate + ",domain = '" + sDomain + "'," + "shared_or_local = '" + sShared + "',shared_cred_desc = '" + sCredentialDescr + "'" + "where credential_id = " + sCredentialID; if (!dc.sqlExecuteUpdate(sSql, ref sErr)) { throw new Exception(sErr); } // add security log ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + "Changed credential", sOriginalUserName, sCredUsername); } else { // user selected a shared credential // remove the local credential if one exists if (sOriginalCredentialID.Length > 0) { sSql = "delete from asset_credential where credential_id = '" + sOriginalCredentialID + "' and shared_or_local = '1'"; if (!dc.sqlExecuteUpdate(sSql, ref sErr)) { throw new Exception(sErr); } // add security log ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Credential deleted" + sOriginalCredentialID + " " + sOriginalUserName); } sCredentialID = "'" + sCredentialID + "'"; } // checks that cant be done on the client side // is the name unique? string sInuse = ""; if (sMode == "edit") { sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' and asset_id <> '" + sAssetID + "' limit 1"; } else { sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' limit 1"; } if (!dc.sqlGetSingleString(ref sInuse, sSql, ref sErr)) { throw new Exception(sErr); } else if (!string.IsNullOrEmpty(sInuse)) { return("Asset Name '" + sAssetName + "' already in use, choose another." + sAssetID); } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); if (sMode == "edit") { sSql = "update asset set asset_name = '" + sAssetName + "'," + " asset_status = '" + sAssetStatus + "'," + " address = '" + sAddress + "'" + "," + " conn_string = '" + sConnString + "'" + "," + " db_name = '" + sDbName + "'," + " port = " + (sPort == "" ? "NULL" : "'" + sPort + "'") + "," + " connection_type = '" + sConnectionType + "'," + " is_connection_system = '" + (sIsConnection == "Yes" ? 1 : 0) + "'," + " credential_id = " + sCredentialID + " where asset_id = '" + sAssetID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } else { sSql = "insert into asset (asset_id,asset_name,asset_status,address,conn_string,db_name,port,connection_type,is_connection_system,credential_id)" + " values (" + "'" + sAssetID + "'," + "'" + sAssetName + "'," + "'" + sAssetStatus + "'," + "'" + sAddress + "'," + "'" + sConnString + "'," + "'" + sDbName + "'," + (sPort == "" ? "NULL" : "'" + sPort + "'") + "," + "'" + sConnectionType + "'," + "'0'," + sCredentialID + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } #region "tags" // remove the existing tags sSql = "delete from object_tags where object_id = '" + sAssetID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } // add user groups, if there are any if (sTagArray.Length > 0) { ArrayList aTags = new ArrayList(sTagArray.Split(',')); foreach (string sTagName in aTags) { sSql = "insert object_tags (object_id, object_type, tag_name)" + " values ('" + sAssetID + "', 2, '" + sTagName + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } } #endregion oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } //-------------------------------------------------------------------------------------------------- // NOTE! too many if edit... probably need to just make 2 functions, update asset, and create asset //-------------------------------------------------------------------------------------------------- // add security log // since this is not handled as a page postback, theres no "Viewstate" settings // so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the // update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here if (sMode == "edit") { string sOrigCredUsername = GetCredentialNameFromID(sOriginalCredentialID.Replace("'", "")).ToString(); string sCurrentCredUsername = GetCredentialNameFromID(sCredentialID.Replace("'", "")).ToString(); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Name", sOriginalAssetName, sAssetName); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Address", sOriginalAddress, sAddress); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Port", sOriginalPort, sPort); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " DB Name", sOriginalDbName, sDbName); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Connection Type", sOriginalConnectionType, sConnectionType); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Credential", sOrigCredUsername, sCurrentCredUsername); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Status", sOriginalAssetStatus, sAssetStatus); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " ConnString", sOriginalConnString, sConnString); } else { ui.WriteObjectAddLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Asset Created"); } // no errors to here, so return an empty string return(""); }
public static string DeleteAssets(string sDeleteArray) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; ArrayList arrList = new ArrayList(); arrList.AddRange(sDeleteArray.Split(',')); if (sDeleteArray.Length < 36) { return(""); } StringBuilder sbAssetIDString = new StringBuilder(); StringBuilder sbAssetsCantDelete = new StringBuilder(); foreach (string sAssetID in arrList) { if (sAssetID.Length == 36) { // what about the instance tables????? // bugzilla 1290 Assets that have history (task_instance table) can not be deleted // exclude them from the list and return a message noting the asset(s) that could not be deleted // check if this asset has any history rows. sSql = "select count(*) from tv_task_instance where asset_id = '" + sAssetID + "'"; int iHistory = 0; if (!dc.sqlGetSingleInteger(ref iHistory, sSql, ref sErr)) { throw new Exception(sErr); } // if there is no history add this to the delete list, // otherwise add the task id to the non delete list if (iHistory == 0) { sbAssetIDString.Append("'" + sAssetID + "',"); } else { sbAssetsCantDelete.Append("'" + sAssetID + "',"); }; } } // trim the trailing , if (sbAssetsCantDelete.ToString().Length > 2) { sbAssetsCantDelete.Remove(sbAssetsCantDelete.Length - 1, 1); } ; if (sbAssetIDString.ToString().Length > 2) { // delete from these tables: // asset, asset_credential (if the credential is local). // trim the trailing , sbAssetIDString.Remove(sbAssetIDString.Length - 1, 1); try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // delete asset_credential sSql = "delete from asset_credential" + " where shared_or_local = 1" + " and credential_id in (select credential_id from asset where asset_id in (" + sbAssetIDString.ToString() + "))"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } // delete asset sSql = "delete from asset where asset_id in (" + sbAssetIDString.ToString() + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } oTrans.Commit(); // add security log ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sbAssetIDString.ToString(), "Batch Asset Delete", "Deleted Assets in batch mode"); } catch (Exception ex) { throw new Exception(ex.Message); } } ; // if some did not get deleted return a message. if (sbAssetsCantDelete.Length > 2) { string sTaskNames = ""; sSql = "select asset_name from asset where asset_id in (" + sbAssetsCantDelete.ToString() + ")"; if (!dc.csvGetList(ref sTaskNames, sSql, ref sErr, true)) { throw new Exception(sErr); } return("Asset deletion completed. Asset(s) (" + sTaskNames + ") could not be deleted because history rows exist."); } else { return(sErr); } }
public static string SaveCloud(string sMode, string sCloudID, string sCloudName, string sProvider, string sAPIUrl) { // for logging string sOriginalName = null; dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; //if we are editing get the original values if (sMode == "edit") { } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // update the user fields. if (sMode == "edit") { sSql = "select cloud_name from clouds " + "where cloud_id = '" + sCloudID + "'"; if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr)) { throw new Exception("Error getting original cloud name:" + sErr); } sSql = "update clouds set" + " cloud_name = '" + sCloudName + "'," + " provider = '" + sProvider + "'," + " api_url = '" + sAPIUrl + "'" + " where cloud_id = '" + sCloudID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception("Error updating cloud: " + sErr); } ui.WriteObjectChangeLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, sOriginalName, sCloudName); } else { sCloudID = ui.NewGUID(); sSql = "insert into clouds (cloud_id, cloud_name, provider, api_url)" + " values ('" + sCloudID + "'," + "'" + sCloudName + "'," + "'" + sProvider + "'," + "'" + sAPIUrl + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception("Error creating cloud: " + sErr); } ui.WriteObjectAddLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, "Cloud Created"); } oTrans.Commit(); //update the cloud providers class in the session CloudProviders cp = ui.GetCloudProviders(); cp[sProvider].RefreshClouds(); ui.UpdateCloudProviders(cp); } catch (Exception ex) { throw new Exception("Error: General Exception: " + ex.Message); } // no errors to here, so return an empty string return("{'cloud_id':'" + sCloudID + "'}"); }
public string wmCreateTask(object[] oObj) { try { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; // we are passing in 8 elements, if we have 8 go //if (oObj.Length != 8) return "Incorrect list of attributes"; string sTaskName = oObj[0].ToString().Replace("'", "''").Trim(); string sTaskCode = oObj[1].ToString().Replace("'", "''").Trim(); string sTaskDesc = oObj[2].ToString().Replace("'", "''").Trim(); //string sTaskOrder = ""; //if (oObj.Length > 4) // sTaskOrder = oObj[4].ToString().Trim(); // checks that cant be done on the client side // is the name unique? sSql = "select task_id from task " + " where (task_code = '" + sTaskCode + "' or task_name = '" + sTaskName + "')"; string sValueExists = ""; if (!dc.sqlGetSingleString(ref sValueExists, sSql, ref sErr)) { throw new Exception("Unable to check for existing names." + sErr); } if (sValueExists != "") { return "Another Task with that Code or Name exists, please choose another value."; } // passed client and server validations, create the user string sNewID = ui.NewGUID(); try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // all good, save the new user and redirect to the user edit page. sSql = "insert task" + " (task_id, original_task_id, version, default_version," + " task_name, task_code, task_desc, created_dt)" + " values " + "('" + sNewID + "', '" + sNewID + "', 1.0000, 1, '" + sTaskName + "', '" + sTaskCode + "', '" + sTaskDesc + "', now())"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } // every task gets a MAIN codeblock... period. sSql = "insert task_codeblock (task_id, codeblock_name)" + " values ('" + sNewID + "', 'MAIN')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } oTrans.Commit(); } catch (Exception ex) { throw new Exception("Error updating the DB." + ex.Message); } // add security log ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewID, sTaskName, ""); // success, return the new task_id return "task_id=" + sNewID; } catch (Exception ex) { throw new Exception("One or more invalid or missing AJAX arguments." + ex.Message); } }
public void wmToggleStep(string sStepID, string sVisible) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); sVisible = (sVisible == "1" ? "1" : "0"); try { if (ui.IsGUID(sStepID)) { string sErr = ""; dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); string sUserID = ui.GetSessionUserID(); //is there a row? int iRowCount = 0; dc.sqlGetSingleInteger(ref iRowCount, "select count(*) from task_step_user_settings" + " where user_id = '" + sUserID + "'" + " and step_id = '" + sStepID + "'", ref sErr); if (iRowCount == 0) { oTrans.Command.CommandText = "insert into task_step_user_settings" + " (user_id, step_id, visible, breakpoint, skip)" + " values ('" + sUserID + "','" + sStepID + "', " + sVisible + ", 0, 0)"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Unable to toggle step (0) [" + sStepID + "]." + sErr); } else { oTrans.Command.CommandText = " update task_step_user_settings set visible = '" + sVisible + "'" + " where step_id = '" + sStepID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Unable to toggle step (1) [" + sStepID + "]." + sErr); } oTrans.Commit(); return; } else { throw new Exception("Unable to toggle step. Missing or invalid step_id."); } } catch (Exception ex) { throw ex; } }
public string wmRenameCodeblock(string sTaskID, string sOldCodeblockName, string sNewCodeblockName) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); FunctionTemplates.HTMLTemplates ft = new FunctionTemplates.HTMLTemplates(); try { if (ui.IsGUID(sTaskID)) { // first make sure we are not trying to rename it something that already exists. string sErr = ""; string sSQL = "select count(*) from task_codeblock where task_id = '" + sTaskID + "'" + " and codeblock_name = '" + sNewCodeblockName + "'"; int iCount = 0; if (!dc.sqlGetSingleInteger(ref iCount, sSQL, ref sErr)) { throw new Exception("Unable to check codeblock names for task." + sErr); } if (iCount != 0) { return ("Codeblock Name already in use, choose another."); } // do it dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //update the codeblock table sSQL = "update task_codeblock set codeblock_name = '" + sNewCodeblockName + "' where codeblock_name = '" + sOldCodeblockName + "' and task_id = '" + sTaskID + "'"; oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } //and any steps in that codeblock sSQL = "update task_step set codeblock_name = '" + sNewCodeblockName + "' where codeblock_name = '" + sOldCodeblockName + "' and task_id = '" + sTaskID + "'"; oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } //the fun part... rename it where it exists in any steps //but this must be in a loop of only the steps where that codeblock reference exists. sSQL = "select step_id from task_step" + " where task_id = '" + sTaskID + "'" + " and ExtractValue(function_xml, '//codeblock[1]') = '" + sOldCodeblockName + "'"; oTrans.Command.CommandText = sSQL; DataTable dtSteps = new DataTable(); if (!oTrans.ExecGetDataTable(ref dtSteps, ref sErr)) { throw new Exception("Unable to get steps referencing the Codeblock." + sErr); } foreach (DataRow dr in dtSteps.Rows) { ft.SetNodeValueinXMLColumn("task_step", "function_xml", "step_id = '" + dr["step_id"].ToString() + "'", "//codeblock[. = '" + sOldCodeblockName + "']", sNewCodeblockName); } //all done oTrans.Commit(); return sErr; } else { throw new Exception("Unable to get codeblocks for task. Missing or invalid task_id."); } } catch (Exception ex) { throw ex; } }
public static string SaveAsset(object[] oAsset) { // check the # of elements in the array if (oAsset.Length != 19) return "Incorrect number of Asset Properties:" + oAsset.Length.ToString(); string sAssetID = oAsset[0].ToString(); string sAssetName = oAsset[1].ToString().Replace("'", "''"); string sDbName = oAsset[2].ToString().Replace("'", "''"); string sPort = oAsset[3].ToString(); string sConnectionType = oAsset[4].ToString(); string sIsConnection = "0"; // oAsset[5].ToString(); string sAddress = oAsset[5].ToString().Replace("'", "''"); // mode is edit or add string sMode = oAsset[6].ToString(); string sCredentialID = oAsset[7].ToString(); string sCredUsername = oAsset[8].ToString().Replace("'", "''"); string sCredPassword = oAsset[9].ToString().Replace("'", "''"); string sShared = oAsset[10].ToString(); string sCredentialName = oAsset[11].ToString().Replace("'", "''"); string sCredentialDescr = oAsset[12].ToString().Replace("'", "''"); string sDomain = oAsset[13].ToString().Replace("'", "''"); string sCredentialType = oAsset[14].ToString(); string sAssetStatus = oAsset[15].ToString(); string sPrivilegedPassword = oAsset[16].ToString(); string sTagArray = oAsset[17].ToString(); string sConnString = oAsset[18].ToString().Replace("'", "''"); // for logging string sOriginalAssetName = ""; string sOriginalPort = ""; string sOriginalDbName = ""; string sOriginalAddress = ""; string sOriginalConnectionType = ""; string sOriginalUserName = ""; string sOriginalConnString = ""; string sOriginalCredentialID = ""; string sOriginalAssetStatus = ""; dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; //if we are editing get the original values //this is getting original values for logging purposes if (sMode == "edit") { DataRow dr = null; sSql = "select a.asset_name, a.asset_status, a.port, a.db_name, a.address, a.db_name, a.connection_type, a.conn_string, ac.username, a.credential_id," + " case when a.is_connection_system = '1' then 'Yes' else 'No' end as is_connection_system " + " from asset a " + " left outer join asset_credential ac on ac.credential_id = a.credential_id " + " where a.asset_id = '" + sAssetID + "'"; if (!dc.sqlGetDataRow(ref dr, sSql, ref sErr)) throw new Exception(sErr); else { if (dr != null) { sOriginalAssetName = dr["asset_name"].ToString(); sOriginalPort = (object.ReferenceEquals(dr["port"], DBNull.Value) ? "" : dr["port"].ToString()); sOriginalDbName = (object.ReferenceEquals(dr["db_name"], DBNull.Value) ? "" : dr["db_name"].ToString()); sOriginalAddress = (object.ReferenceEquals(dr["address"], DBNull.Value) ? "" : dr["address"].ToString()); sOriginalConnectionType = (object.ReferenceEquals(dr["connection_type"], DBNull.Value) ? "" : dr["connection_type"].ToString()); sOriginalUserName = (object.ReferenceEquals(dr["username"], DBNull.Value) ? "" : dr["username"].ToString()); sOriginalConnString = (object.ReferenceEquals(dr["conn_string"], DBNull.Value) ? "" : dr["conn_string"].ToString()); sOriginalCredentialID = (object.ReferenceEquals(dr["credential_id"], DBNull.Value) ? "" : dr["credential_id"].ToString()); sOriginalAssetStatus = dr["asset_status"].ToString(); } } } //NOTE NOTE NOTE! //the following is a catch 22. //if we're adding a new asset, we will need to figure out the credential first so we can save the credential id on the asset //but if it's a new local credential, it gets the asset id as it's name. //so......... //if it's a new asset, go ahead and get the new guid for it here so the credential add will work. if (sMode == "add") sAssetID = ui.NewGUID(); //and move on... // there are three CredentialType's // 1) 'selected' = user selected a different credential, just save the credential_id // 2) 'new' = user created a new shared or local credential // 3) 'existing' = same credential, just update the username,description ad password string sPriviledgedPasswordUpdate = null; if (sCredentialType == "new") { if (sPrivilegedPassword.Length == 0) sPriviledgedPasswordUpdate = "NULL"; else sPriviledgedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'"; //if it's a local credential, the credential_name is the asset_id. //if it's shared, there will be a name. if (sShared == "1") { sCredentialName = sAssetID; //whack and add - easiest way to avoid conflicts sSql = "delete from asset_credential where credential_name = '" + sCredentialName + "' and shared_or_local = '1'"; if (!dc.sqlExecuteUpdate(sSql, ref sErr)) throw new Exception(sErr); } //now we're clear to add sCredentialID = "'" + ui.NewGUID() + "'"; sSql = "insert into asset_credential " + "(credential_id,credential_name,username,password,domain,shared_or_local,shared_cred_desc,privileged_password) " + "values (" + sCredentialID + ",'" + sCredentialName + "','" + sCredUsername + "','" + dc.EnCrypt(sCredPassword) + "','" + sDomain + "','" + sShared + "','" + sCredentialDescr + "'," + sPriviledgedPasswordUpdate + ")"; if (!dc.sqlExecuteUpdate(sSql, ref sErr)) { if (sErr == "key_violation") throw new Exception("A Credential with that name already exists. Please select another name."); else throw new Exception(sErr); } // add security log ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sCredentialName, ""); } else if (sCredentialType == "existing") { sCredentialID = "'" + sCredentialID + "'"; // bugzilla 1126 if the password has not changed leave it as is. string sPasswordUpdate = null; if (sCredPassword == "($%#d@x!&") // password has not been touched sPasswordUpdate = ""; else // updated password sPasswordUpdate = ",password = '******'"; // bugzilla 1260 // same for privileged_password if (sPrivilegedPassword == "($%#d@x!&") // password has not been touched sPriviledgedPasswordUpdate = ""; else { // updated password // bugzilla 1352 priviledged password can be blank, so if it is, set it to null if (sPrivilegedPassword.Length == 0) sPriviledgedPasswordUpdate = ",privileged_password = null"; else sPriviledgedPasswordUpdate = ",privileged_password = '******'"; } sSql = "update asset_credential " + "set username = '******'" + sPasswordUpdate + sPriviledgedPasswordUpdate + ",domain = '" + sDomain + "'," + "shared_or_local = '" + sShared + "',shared_cred_desc = '" + sCredentialDescr + "'" + "where credential_id = " + sCredentialID; if (!dc.sqlExecuteUpdate(sSql, ref sErr)) throw new Exception(sErr); // add security log ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + "Changed credential", sOriginalUserName, sCredUsername); } else { // user selected a shared credential // remove the local credential if one exists if (sOriginalCredentialID.Length > 0) { sSql = "delete from asset_credential where credential_id = '" + sOriginalCredentialID + "' and shared_or_local = '1'"; if (!dc.sqlExecuteUpdate(sSql, ref sErr)) throw new Exception(sErr); // add security log ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Credential deleted" + sOriginalCredentialID + " " + sOriginalUserName); } sCredentialID = "'" + sCredentialID + "'"; } // checks that cant be done on the client side // is the name unique? string sInuse = ""; if (sMode == "edit") sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' and asset_id <> '" + sAssetID + "' limit 1"; else sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' limit 1"; if (!dc.sqlGetSingleString(ref sInuse, sSql, ref sErr)) throw new Exception(sErr); else if (!string.IsNullOrEmpty(sInuse)) return "Asset Name '" + sAssetName + "' already in use, choose another." + sAssetID; try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); if (sMode == "edit") { sSql = "update asset set asset_name = '" + sAssetName + "'," + " asset_status = '" + sAssetStatus + "'," + " address = '" + sAddress + "'" + "," + " conn_string = '" + sConnString + "'" + "," + " db_name = '" + sDbName + "'," + " port = " + (sPort == "" ? "NULL" : "'" + sPort + "'") + "," + " connection_type = '" + sConnectionType + "'," + " is_connection_system = '" + (sIsConnection == "Yes" ? 1 : 0) + "'," + " credential_id = " + sCredentialID + " where asset_id = '" + sAssetID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); } else { sSql = "insert into asset (asset_id,asset_name,asset_status,address,conn_string,db_name,port,connection_type,is_connection_system,credential_id)" + " values (" + "'" + sAssetID + "'," + "'" + sAssetName + "'," + "'" + sAssetStatus + "'," + "'" + sAddress + "'," + "'" + sConnString + "'," + "'" + sDbName + "'," + (sPort == "" ? "NULL" : "'" + sPort + "'") + "," + "'" + sConnectionType + "'," + "'0'," + sCredentialID + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); } #region "tags" // remove the existing tags sSql = "delete from object_tags where object_id = '" + sAssetID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } // add user groups, if there are any if (sTagArray.Length > 0) { ArrayList aTags = new ArrayList(sTagArray.Split(',')); foreach (string sTagName in aTags) { sSql = "insert object_tags (object_id, object_type, tag_name)" + " values ('" + sAssetID + "', 2, '" + sTagName + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } } #endregion oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } //-------------------------------------------------------------------------------------------------- // NOTE! too many if edit... probably need to just make 2 functions, update asset, and create asset //-------------------------------------------------------------------------------------------------- // add security log // since this is not handled as a page postback, theres no "Viewstate" settings // so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the // update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here if (sMode == "edit") { string sOrigCredUsername = GetCredentialNameFromID(sOriginalCredentialID.Replace("'", "")).ToString(); string sCurrentCredUsername = GetCredentialNameFromID(sCredentialID.Replace("'", "")).ToString(); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Name", sOriginalAssetName, sAssetName); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Address", sOriginalAddress, sAddress); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Port", sOriginalPort, sPort); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " DB Name", sOriginalDbName, sDbName); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Connection Type", sOriginalConnectionType, sConnectionType); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Credential", sOrigCredUsername, sCurrentCredUsername); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Status", sOriginalAssetStatus, sAssetStatus); ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " ConnString", sOriginalConnString, sConnString); } else { ui.WriteObjectAddLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Asset Created"); } // no errors to here, so return an empty string return ""; }
public static string SaveAccount(string sMode, string sAccountID, string sAccountName, string sAccountNumber, string sProvider, string sLoginID, string sLoginPassword, string sLoginPasswordConfirm, string sIsDefault, string sAutoManageSecurity) { // for logging string sOriginalName = ""; dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = ""; string sErr = ""; //if we are editing get the original values if (sMode == "edit") { } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // update the user fields. if (sMode == "edit") { sSql = "select account_name from cloud_account " + "where account_id = '" + sAccountID + "'"; if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr)) { throw new Exception("Error getting original account name:" + sErr); } // only update the passwword if it has changed string sNewPassword = ""; if (sLoginPassword != "($%#d@x!&") { sNewPassword = "******" + dc.EnCrypt(sLoginPassword) + "'"; } sSql = "update cloud_account set" + " account_name = '" + sAccountName + "'," + " account_number = '" + sAccountNumber + "'," + " provider = '" + sProvider + "'," + " is_default = '" + sIsDefault + "'," + " auto_manage_security = '" + sAutoManageSecurity + "'," + " login_id = '" + sLoginID + "'" + sNewPassword + " where account_id = '" + sAccountID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception("Error updating account: " + sErr); } ui.WriteObjectChangeLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, sOriginalName, sAccountName); } else { //now, for some reason we were having issues with the initial startup of apache //not able to perform the very first database hit. //this line serves as an inital db hit, but we aren't trapping it or showing the error dc.TestDBConnection(ref sErr); //if there are no rows yet, make this one the default even if the box isn't checked. if (sIsDefault == "0") { int iExists = -1; sSql = "select count(*) as cnt from cloud_account"; if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr)) { System.Threading.Thread.Sleep(300); if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr)) { System.Threading.Thread.Sleep(300); if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr)) { throw new Exception("Unable to count Cloud Accounts: " + sErr); } } } if (iExists == 0) { sIsDefault = "1"; } } sAccountID = ui.NewGUID(); sSql = "insert into cloud_account (account_id, account_name, account_number, provider, is_default, login_id, login_password, auto_manage_security)" + " values ('" + sAccountID + "'," + "'" + sAccountName + "'," + "'" + sAccountNumber + "'," + "'" + sProvider + "'," + "'" + sIsDefault + "'," + "'" + sLoginID + "'," + "'" + dc.EnCrypt(sLoginPassword) + "'," + "'" + sAutoManageSecurity + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception("Error creating account: " + sErr); } ui.WriteObjectAddLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, "Account Created"); } //if "default" was selected, unset all the others if (dc.IsTrue(sIsDefault)) { oTrans.Command.CommandText = "update cloud_account set is_default = 0 where account_id <> '" + sAccountID + "'"; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception("Error updating defaults: " + sErr); } } oTrans.Commit(); //refresh the cloud account list in the session if (!ui.PutCloudAccountsInSession(ref sErr)) { throw new Exception("Error refreshing accounts in session: " + sErr); } } catch (Exception ex) { throw new Exception("Error: General Exception: " + ex.Message); } // no errors to here, so return an empty string return("{'account_id':'" + sAccountID + "', 'account_name':'" + sAccountName + "', 'provider':'" + sProvider + "'}"); }
public static string SaveCredential(object[] oAsset) { // we are passing in 16 elements, if we have 16 go if (oAsset.Length != 8) { return("Incorrect list of attributes:" + oAsset.Length.ToString()); } string sCredentialID = oAsset[0].ToString(); string sCredentialName = oAsset[1].ToString().Replace("'", "''"); string sUserName = oAsset[2].ToString().Replace("'", "''"); string sCredentialDesc = oAsset[3].ToString().Replace("'", "''"); string sPassword = oAsset[4].ToString(); string sDomain = oAsset[5].ToString(); string sMode = oAsset[6].ToString(); string sPrivilegedPassword = oAsset[7].ToString(); // for logging string sOriginalUserName = null; dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; //if we are editing get the original values if (sMode == "edit") { sSql = "select username from asset_credential " + "where credential_id = '" + sCredentialID + "'"; if (!dc.sqlGetSingleString(ref sOriginalUserName, sSql, ref sErr)) { throw new Exception(sErr); } } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // update the user fields. if (sMode == "edit") { // only update the passwword if it has changed string sNewPassword = ""; if (sPassword != "($%#d@x!&") { sNewPassword = "******" + dc.EnCrypt(sPassword) + "'"; } // bugzilla 1260 // same for privileged_password string sPriviledgedPasswordUpdate = null; if (sPrivilegedPassword == "($%#d@x!&") { // password has not been touched sPriviledgedPasswordUpdate = ""; } else { // updated password sPriviledgedPasswordUpdate = ",privileged_password = '******'"; } sSql = "update asset_credential set" + " credential_name = '" + sCredentialName + "'," + " username = '******'," + " domain = '" + sDomain.Replace("'", "''") + "'," + " shared_cred_desc = '" + sCredentialDesc + "'" + sNewPassword + sPriviledgedPasswordUpdate + " where credential_id = '" + sCredentialID + "'"; } else { // if the priviledged password is empty just set it to null string sPrivilegedPasswordUpdate = "NULL"; if (sPrivilegedPassword.Length != 0) { sPrivilegedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'"; } ; sSql = "insert into asset_credential (credential_id, credential_name, username, password, domain, shared_cred_desc, shared_or_local, privileged_password)" + " values (" + "'" + ui.NewGUID() + "'," + "'" + sCredentialName.Replace("'", "''") + "'," + "'" + sUserName.Replace("'", "''") + "'," + "'" + dc.EnCrypt(sPassword) + "'," + "'" + sDomain.Replace("'", "''") + "'," + "'" + sCredentialDesc.Replace("'", "''") + "'," + "'0'," + sPrivilegedPasswordUpdate + ")"; } oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { if (sErr == "key_violation") { throw new Exception("A Credential with that name already exists. Please select another name."); } else { throw new Exception(sErr); } } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // add security log // since this is not handled as a page postback, theres no "Viewstate" settings // so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the // update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here if (sMode == "edit") { ui.WriteObjectChangeLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), sOriginalUserName, sUserName.Replace("'", "''")); } else { ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), "Credential Created"); } // no errors to here, so return an empty string return(""); }
private void DeleteCodeblock(string sCodeblockID) { try { string sErr = ""; dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //first, delete any steps that are embedded content on steps in this codeblock //(because embedded steps have their parent step_id as the codeblock name.) oTrans.Command.CommandText = "delete em from task_step em" + " join task_step p on em.task_id = p.task_id" + " and em.codeblock_name = p.step_id" + " where p.task_id = '" + sTaskID + "'" + " and p.codeblock_name = '" + sCodeblockID + "'"; if (!oTrans.ExecUpdate(ref sErr)) { ui.RaiseError(Page, "Unable to delete embedded Steps from Codeblock.", true, sErr); return; } oTrans.Command.CommandText = "delete u from task_step_user_settings u" + " join task_step ts on u.step_id = ts.step_id" + " where ts.task_id = '" + sTaskID + "'" + " and ts.codeblock_name = '" + sCodeblockID + "'"; if (!oTrans.ExecUpdate(ref sErr)) { ui.RaiseError(Page, "Unable to delete Steps user settings for Steps in Codeblock.", true, sErr); return; } oTrans.Command.CommandText = "delete from task_step" + " where task_id = '" + sTaskID + "'" + " and codeblock_name = '" + sCodeblockID + "'"; if (!oTrans.ExecUpdate(ref sErr)) { ui.RaiseError(Page, "Unable to delete Steps from Codeblock.", true, sErr); return; } oTrans.Command.CommandText = "delete from task_codeblock" + " where task_id = '" + sTaskID + "'" + " and codeblock_name = '" + sCodeblockID + "'"; if (!oTrans.ExecUpdate(ref sErr)) { ui.RaiseError(Page, "Unable to delete Codeblock.", true, sErr); return; } oTrans.Commit(); if (!GetCodeblocks(ref sErr)) { ui.RaiseError(Page, "Warning. Successfully deleted the Codeblock" + " but there was an error refreshing the page. Please reload the page manually. " + sErr, true, ""); return; } if (!GetSteps("MAIN", ref sErr)) { ui.RaiseError(Page, "Warning. Successfully deleted the Codeblock" + " but there was an error refreshing the page. Please reload the page manually. " + sErr, true, ""); return; } udpSteps.Update(); } catch (Exception ex) { ui.RaiseError(Page, "Exception:", true, ex.Message); } }
public static string SaveDomain(object[] oAsset) { // we are passing in 4 elements, if we have 16 go if (oAsset.Length != 4) return "Incorrect list of attributes:" + oAsset.Length.ToString(); string sEditDomain = oAsset[0].ToString(); string sDomain = oAsset[1].ToString().Replace("'", "''"); string sAddress = oAsset[2].ToString().Replace("'", "''"); string sMode = oAsset[3].ToString(); dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; // before updating or adding make sure the domain name is available if (sEditDomain != sDomain) { try { sSql = "select ldap_domain from ldap_domain where ldap_domain = '" + sDomain + "'"; string sDomainExists = ""; if (!dc.sqlGetSingleString(ref sDomainExists, sSql, ref sErr)) { throw new Exception(sErr); } else { if (!string.IsNullOrEmpty(sDomainExists)) { return "Domain name exists, choose another name."; } } } catch (Exception ex) { throw new Exception(ex.Message); } } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // update the user fields. if (sMode == "edit") { // if the domain name changed update all of the asset_credential's using this domain if (sDomain != sEditDomain){ sSql = "update asset_credential set domain = '" + sDomain + "' where domain = '" + sEditDomain + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } sSql = "update ldap_domain set ldap_domain = '" + sDomain + "'," + "address = '" + sAddress + "' where ldap_domain = '" + sEditDomain + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } else { sSql = "insert into ldap_domain (ldap_domain,address)" + " values ('" + sDomain + "'," + "'" + sAddress + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // add security log if (sMode == "edit") { ui.WriteObjectChangeLog(Globals.acObjectTypes.Domain, sEditDomain, sEditDomain, sEditDomain, sDomain); } else { ui.WriteObjectAddLog(Globals.acObjectTypes.Domain, sDomain, sDomain, "Domain Created"); } // no errors to here, so return an empty string return ""; }
public bool Import(string sUserID, string sTaskIDs, ref string sErr) { string sSQL = ""; dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //we're doing this in a loop //why? because each row may have different import requirements //(overwrite, new version, etc.) //Now we are adding different import types not necessarily tied to task/proc. //for now we're still just doing it all here until there's a good reason to split it out if (sTaskIDs.Length > 0) { sSQL = "select task_id, task_code, task_name, import_mode from import_task" + " where user_id = '" + sUserID + "'" + " and task_id in (" + sTaskIDs + ")"; DataTable dt = new DataTable(); if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr)) { throw new Exception(sErr); } if (dt.Rows.Count > 0) { foreach (DataRow dr in dt.Rows) { string sTaskID = dr["task_id"].ToString(); string sNewTaskID = dr["task_id"].ToString(); string sTaskCode = dr["task_code"].ToString(); string sImportMode = dr["import_mode"].ToString(); string sOTID = ""; int iCount = 0; switch (sImportMode) { case "New": //just jam in the new row, IF there are no GUID conflicts. //~~~ NEW tasks get manipulated. //* MIGHT have their ID changed if there's a collision //* WILL have the original_task_id reset //* WILL have the version reset to 1.000 //* WILL be loaded as 'Development' status //* WILL be the default version //check ID oTrans.Command.CommandText = "select count(*) from task" + " where task_id = '" + sTaskID + "'"; if (!oTrans.ExecGetSingleInteger(ref iCount, ref sErr)) { throw new Exception("Unable to check for GUID conflicts.<br />" + sErr); } //if there's a GUID conflict then just generate a new guid for this task. if (iCount > 0) { sNewTaskID = ui.NewGUID(); } //check the steps to see if there are any GUID conflicts //and repair them if necessary if (!ReIDSteps(ref oTrans, sUserID, sTaskID, ref sErr)) { throw new Exception("Unable to issue new Step GUIDs.<br />" + sErr); } //insert the manipulated TASK oTrans.Command.CommandText = "insert into task" + " (task_id, original_task_id, version," + " task_name, task_code, task_desc, task_status," + " use_connector_system, default_version," + " concurrent_instances, queue_depth, parameter_xml, created_dt)" + " select" + " '" + sNewTaskID + "', '" + sNewTaskID + "', 1.000," + " task_name, task_code, task_desc, 'Development'," + " use_connector_system, 1," + " concurrent_instances, queue_depth, parameter_xml, created_dt" + " from import_task" + " where user_id = '" + sUserID + "'" + " and task_id = '" + sTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "New - Created via Import"); break; case "New Version": //if it's a new version, we need to make sure the "original_task_id" //is correct in the target database. //(no guarantee the original_id in the source db is correct.) //just jam in the new row, IF there are no GUID conflicts. //~~~ NEW VERSION tasks get manipulated. //* MIGHT have their ID changed if there's a collision //* MIGHT have the original_task_id reset (to match the target) //* WILL have the version reset to the user selection //* WILL be loaded as 'Development' status //* WILL NOT be the default version //check ID oTrans.Command.CommandText = "select count(*) from task" + " where task_id = '" + sTaskID + "'"; if (!oTrans.ExecGetSingleInteger(ref iCount, ref sErr)) { throw new Exception("Unable to check for GUID conflicts.<br />" + sErr); } //if there's a GUID conflict then just generate a new guid for this task. //and re-id the steps if (iCount > 0) { sNewTaskID = ui.NewGUID(); } //check the steps to see if there are any GUID conflicts //and repair them if necessary if (!ReIDSteps(ref oTrans, sUserID, sTaskID, ref sErr)) { throw new Exception("Unable to issue new Step GUIDs.<br />" + sErr); } //NOW, we need to make sure this task is connected to it's family //we do this by ensuring the original_task_id matches. //BUT, we got here by assuming the task_code was the key. //so... find the original_task_id for this task_code oTrans.Command.CommandText = "select original_task_id" + " from task where task_code = '" + sTaskCode + "' limit 1"; if (!oTrans.ExecGetSingleString(ref sOTID, ref sErr)) { throw new Exception("Unable to get original task ID for [" + sTaskCode + "].<br />" + sErr); } //insert the manipulated TASK oTrans.Command.CommandText = "insert into task" + " (task_id, original_task_id, version," + " task_name, task_code, task_desc, task_status," + " use_connector_system, default_version," + " concurrent_instances, queue_depth, parameter_xml, created_dt)" + " select" + " '" + sNewTaskID + "', '" + sOTID + "', version," + " task_name, task_code, task_desc, 'Development'," + " use_connector_system, 0," + " concurrent_instances, queue_depth, parameter_xml, created_dt" + " from import_task" + " where user_id = '" + sUserID + "'" + " and task_id = '" + sTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "New Version - Created via Import"); break; /* * Note: I stopped here because I'm not convinced that "Overwrite" is a safe or useful * feature. * * So, we'll come back to it if needed. * * Be aware, this was pseudocode... it never worked, was just placeholder stuff and ideas. */ //case "Overwrite": // //stomp it, but make sure to set the task_id/original_task_id // //to match in the target db. // //just because the code matches doesn't mean the ID's do. // //we can just UPDATE the task row // //DON'T FORGET to DELETE the existing steps and codeblocks // //we need to make sure the "original_task_id" // //is correct in the target database. // //(no guarantee the original_id in the source db is correct.) // //~~~ OVERWRITE tasks get manipulated. // //* MIGHT have their ID changed to match the code/version being imported // //* MIGHT have the original_task_id reset (to match the target) // //* WILL have the version reset to the user selection // //* WILL be loaded as 'Development' status // //* MIGHT be the default version (not gonna update that value) // //NOW, we need to make sure this task is connected to it's family // //we do this by ensuring the original_task_id matches. // //BUT, we got here by assuming the task_code was the key. // //so... find the task AND original_task_id for this task_code // oTrans.Command.CommandText = "select top 1 task_id" + // " from task where task_code = '" + sTaskCode + "'"; // if (!oTrans.ExecGetSingleString(ref sNewTaskID, ref sErr)) // throw new Exception("Unable to get task ID for [" + sTaskCode + "].<br />" + sErr); // oTrans.Command.CommandText = "select top 1 original_task_id" + // " from task where task_code = '" + sTaskCode + "'"; // if (!oTrans.ExecGetSingleString(ref sOTID, ref sErr)) // throw new Exception("Unable to get original task ID for [" + sTaskCode + "].<br />" + sErr); // //get a datareader on the import_task row // sSQL = "select task_desc, manual_or_digital, use_connector_system," + // " concurrent_instances, queue_depth, parameter_xml, created_dt" + // " from import_task" + // " where user_id = '" + sUserID + "'" + // " and task_id = '" + sTaskID + "'"; // OdbcDataReader drTaskRow = null; // if (!dc.sqlGetDataReader(ref drTaskRow, sSQL, ref sErr)) return false; // if (drTaskRow.HasRows) // { // //insert the manipulated TASK // //THIS WAS NEVER TESTED // oTrans.Command.CommandText = "update task" + // " set task_desc = ''," + // " manual_or_digital = ''," + // " use_connector_system = ''," + // " concurrent_instances = ''," + // " queue_depth = ''," + // " parameter_xml = ''," + // " created_dt = ''" + // " select" + // " '" + sNewTaskID + "', '" + sOTID + "', version," + // " task_name, task_code, task_desc, 'Development', manual_or_digital," + // " use_connector_system, 0," + // " concurrent_instances, queue_depth, parameter_xml, created_dt" + // " from import_task" + // " where user_id = '" + sUserID + "'" + // " and task_id = '" + sTaskID + "'"; // if (!oTrans.ExecUpdate(ref sErr)) // throw new Exception(sErr); // } // ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "Overwritten by Import"); // break; default: break; } //CODEBLOCKS AND STEPS can be done here... they are just inserted // (because they were manipulated already if needed) //CODEBLOCKS oTrans.Command.CommandText = "insert into task_codeblock" + " (task_id, codeblock_name)" + " select" + " '" + sNewTaskID + "', codeblock_name" + " from import_task_codeblock" + " where user_id = '" + sUserID + "'" + " and task_id = '" + sTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } //STEPS oTrans.Command.CommandText = "insert into task_step" + " (step_id, task_id, codeblock_name, step_order, commented," + " locked, function_name, function_xml, step_desc, output_parse_type," + " output_row_delimiter, output_column_delimiter, variable_xml)" + " select" + " step_id, '" + sNewTaskID + "', codeblock_name, step_order, commented," + " locked, function_name, function_xml, step_desc, output_parse_type," + " output_row_delimiter, output_column_delimiter, variable_xml" + " from import_task_step" + " where user_id = '" + sUserID + "'" + " and task_id = '" + sTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } } else { sErr = "No Task import items were found."; oTrans.RollBack(); return(false); } //whack those rows from the import table. //why? their disposition has now changed, and we don't wanna accidentally reload them. //or add confusion to the user. oTrans.Command.CommandText = "delete from import_task where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")"; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } oTrans.Command.CommandText = "delete from import_task_codeblock where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")"; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } oTrans.Command.CommandText = "delete from import_task_step where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")"; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } //all done with everything... close it out oTrans.Commit(); return(true); }
public static string SaveCredential(object[] oAsset) { // we are passing in 16 elements, if we have 16 go if (oAsset.Length != 8) return "Incorrect list of attributes:" + oAsset.Length.ToString(); string sCredentialID = oAsset[0].ToString(); string sCredentialName = oAsset[1].ToString().Replace("'", "''"); string sUserName = oAsset[2].ToString().Replace("'", "''"); string sCredentialDesc = oAsset[3].ToString().Replace("'", "''"); string sPassword = oAsset[4].ToString(); string sDomain = oAsset[5].ToString(); string sMode = oAsset[6].ToString(); string sPrivilegedPassword = oAsset[7].ToString(); // for logging string sOriginalUserName = null; dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; //if we are editing get the original values if (sMode == "edit") { sSql = "select username from asset_credential " + "where credential_id = '" + sCredentialID + "'"; if (!dc.sqlGetSingleString(ref sOriginalUserName, sSql, ref sErr)) { throw new Exception(sErr); } } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // update the user fields. if (sMode == "edit") { // only update the passwword if it has changed string sNewPassword = ""; if (sPassword != "($%#d@x!&") { sNewPassword = "******" + dc.EnCrypt(sPassword) + "'"; } // bugzilla 1260 // same for privileged_password string sPriviledgedPasswordUpdate = null; if (sPrivilegedPassword == "($%#d@x!&") { // password has not been touched sPriviledgedPasswordUpdate = ""; } else { // updated password sPriviledgedPasswordUpdate = ",privileged_password = '******'"; } sSql = "update asset_credential set" + " credential_name = '" + sCredentialName + "'," + " username = '******'," + " domain = '" + sDomain.Replace("'", "''") + "'," + " shared_cred_desc = '" + sCredentialDesc + "'" + sNewPassword + sPriviledgedPasswordUpdate + " where credential_id = '" + sCredentialID + "'"; } else { // if the priviledged password is empty just set it to null string sPrivilegedPasswordUpdate = "NULL"; if (sPrivilegedPassword.Length != 0) { sPrivilegedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'"; }; sSql = "insert into asset_credential (credential_id, credential_name, username, password, domain, shared_cred_desc, shared_or_local, privileged_password)" + " values (" + "'" + ui.NewGUID() + "'," + "'" + sCredentialName.Replace("'", "''") + "'," + "'" + sUserName.Replace("'", "''") + "'," + "'" + dc.EnCrypt(sPassword) + "'," + "'" + sDomain.Replace("'", "''") + "'," + "'" + sCredentialDesc.Replace("'", "''") + "'," + "'0'," + sPrivilegedPasswordUpdate + ")"; } oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { if (sErr == "key_violation") throw new Exception("A Credential with that name already exists. Please select another name."); else throw new Exception(sErr); } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // add security log // since this is not handled as a page postback, theres no "Viewstate" settings // so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the // update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here if (sMode == "edit") { ui.WriteObjectChangeLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), sOriginalUserName, sUserName.Replace("'", "''")); } else { ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), "Credential Created"); } // no errors to here, so return an empty string return ""; }
public static string SaveCloud(string sMode, string sCloudID, string sCloudName, string sProvider, string sAPIUrl) { // for logging string sOriginalName = null; dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; //if we are editing get the original values if (sMode == "edit") { } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // update the user fields. if (sMode == "edit") { sSql = "select cloud_name from clouds " + "where cloud_id = '" + sCloudID + "'"; if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr)) throw new Exception("Error getting original cloud name:" + sErr); sSql = "update clouds set" + " cloud_name = '" + sCloudName + "'," + " provider = '" + sProvider + "'," + " api_url = '" + sAPIUrl + "'" + " where cloud_id = '" + sCloudID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Error updating cloud: " + sErr); ui.WriteObjectChangeLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, sOriginalName, sCloudName);} else { sCloudID = ui.NewGUID(); sSql = "insert into clouds (cloud_id, cloud_name, provider, api_url)" + " values ('" + sCloudID + "'," + "'" + sCloudName + "'," + "'" + sProvider + "'," + "'" + sAPIUrl + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Error creating cloud: " + sErr); ui.WriteObjectAddLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, "Cloud Created"); } oTrans.Commit(); //update the cloud providers class in the session CloudProviders cp = ui.GetCloudProviders(); cp[sProvider].RefreshClouds(); ui.UpdateCloudProviders(cp); } catch (Exception ex) { throw new Exception("Error: General Exception: " + ex.Message); } // no errors to here, so return an empty string return "{'cloud_id':'" + sCloudID + "'}"; }
public static string SaveUserEdits(object[] oUser) { string sChangeDetail = "User Details updated."; // verify the right number of properties if (oUser.Length != 10) { return("Incorrect number of User Properties."); } string sEditUserID = oUser[0].ToString(); string sLoginID = oUser[1].ToString(); string sFullName = oUser[2].ToString(); string sAuthType = oUser[3].ToString(); string sUserPassword = oUser[4].ToString(); string sForcePasswordChange = oUser[5].ToString(); string sUserRole = oUser[6].ToString(); string sEmail = oUser[7].ToString(); string sStatus = oUser[8].ToString(); string sGroupArray = oUser[9].ToString(); dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; // checks that cant be done on the client side // is the name unique? string sInuse = ""; if (!dc.sqlGetSingleString(ref sInuse, "select user_id from users where username = '******' and user_id <> '" + sEditUserID + "' limit 1", ref sErr)) { throw new Exception(sErr); } else { if (!string.IsNullOrEmpty(sInuse)) { return("Login ID '" + sLoginID + "' is unavailable, please choose another."); } } // CHANGE Per conference call 5-11-09 we are using a random 9 char mask // if the password has not changed this will be the same 9 chars string sPasswordUpdate = null; bool boolPasswordChanged = false; if (sUserPassword == "($%#d@x!&") { // password has not been touched sPasswordUpdate = ","; boolPasswordChanged = false; } else { // password changed sChangeDetail += " Password changed."; if (sAuthType == "local") { // bugzilla 1347 // check the user password history setting, and make sure the password was not used in the past x passwords if (dc.PasswordInHistory(dc.EnCrypt(sUserPassword.Trim()), sEditUserID, ref sErr)) { return("Passwords can not be reused, please choose another password"); } ; if (sErr != null) { return(sErr); } ; if (!dc.PasswordIsComplex(sUserPassword.Trim(), ref sErr)) { return(sErr); } else { sPasswordUpdate = ",user_password = '******',"; boolPasswordChanged = true; } } else if (sAuthType == "ldap") { sPasswordUpdate = ",user_password = NULL,"; } else { return("Unknown Authentication type."); } } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // update the user fields. sSql = "update users set" + " full_name = '" + sFullName + "'," + " username = '******'" + sPasswordUpdate + " force_change = '" + sForcePasswordChange + "'," + " authentication_type = '" + sAuthType + "'," + " email = '" + sEmail + "'," + " failed_login_attempts = '0'," + " status = '" + sStatus + "'," + " user_role = '" + sUserRole + "'" + " where user_id = '" + sEditUserID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } if (boolPasswordChanged) { // add Password history if it changed sSql = "insert user_password_history (user_id, change_time,password) values ('" + sEditUserID + "',now(),'" + dc.EnCrypt(sUserPassword.Trim()) + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } #region "tags" // remove the existing tags sSql = "delete from object_tags where object_id = '" + sEditUserID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } // add user groups, if there are any if (sGroupArray.Length > 0) { ArrayList aGroups = new ArrayList(sGroupArray.Split(',')); foreach (string sGroupName in aGroups) { sSql = "insert object_tags (object_id, object_type, tag_name)" + " values ('" + sEditUserID + "', 1, '" + sGroupName + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } } #endregion oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // add security log ui.WriteObjectChangeLog(Globals.acObjectTypes.User, sEditUserID, sFullName.Trim().Replace("'", "''"), sChangeDetail); // no errors to here, so return an empty string return(""); }
public string wmDeleteTasks(string sDeleteArray) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; string sTaskNames = ""; if (sDeleteArray.Length < 36) return ""; sDeleteArray = ui.QuoteUp(sDeleteArray); //NOTE: right now this plows ALL versions. There is an enhancement to possibly 'retire' a task, or //only delete certain versions. try { // what about the instance tables????? // bugzilla 1290 Tasks that have history (task_instance table) can not be deleted // exclude them from the list and return a message noting the task(s) that could not be deleted // first we need a list of tasks that will not be deleted sSql = "select task_name from task t " + "where t.original_task_id in (" + sDeleteArray.ToString() + ") " + "and t.task_id in (select ti.task_id from tv_task_instance ti where ti.task_id = t.task_id)"; if (!dc.csvGetList(ref sTaskNames, sSql, ref sErr, true)) throw new Exception(sErr); // list of tasks that will be deleted //we have an array of 'original_task_id'. //we need an array or task_id //build one. sSql = "select t.task_id from task t " + "where t.original_task_id in (" + sDeleteArray.ToString() + ") " + "and t.task_id not in (select ti.task_id from tv_task_instance ti where ti.task_id = t.task_id)"; string sTaskIDs = ""; if (!dc.csvGetList(ref sTaskIDs, sSql, ref sErr, true)) throw new Exception(sErr); // if any tasks can be deleted if (sTaskIDs.Length > 1) { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //oTrans.Command.CommandText = "delete from task_asset_attribute where task_id in (" + sTaskIDs + ")"; //if (!oTrans.ExecUpdate(ref sErr)) // throw new Exception(sErr); oTrans.Command.CommandText = "delete from task_step_user_settings" + " where step_id in" + " (select step_id from task_step where task_id in (" + sTaskIDs + "))"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); oTrans.Command.CommandText = "delete from task_step where task_id in (" + sTaskIDs + ")"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); oTrans.Command.CommandText = "delete from task_codeblock where task_id in (" + sTaskIDs + ")"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); oTrans.Command.CommandText = "delete from task where task_id in (" + sTaskIDs + ")"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); oTrans.Commit(); ui.WriteObjectDeleteLog(Globals.acObjectTypes.Task, "Multiple", "Original Task IDs", sDeleteArray.ToString()); } } catch (Exception ex) { throw new Exception(ex.Message); } // if the sTaskNames contains any names, then send back a message that these were not deleted because of history records. if (sTaskNames.Length > 0) { return "Task(s) (" + sTaskNames + ") have history rows and could not be deleted."; } else { return sErr; } }
public static string DeleteAssets(string sDeleteArray) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; ArrayList arrList = new ArrayList(); arrList.AddRange(sDeleteArray.Split(',')); if (sDeleteArray.Length < 36) return ""; StringBuilder sbAssetIDString = new StringBuilder(); StringBuilder sbAssetsCantDelete = new StringBuilder(); foreach (string sAssetID in arrList) { if (sAssetID.Length == 36) { // what about the instance tables????? // bugzilla 1290 Assets that have history (task_instance table) can not be deleted // exclude them from the list and return a message noting the asset(s) that could not be deleted // check if this asset has any history rows. sSql = "select count(*) from tv_task_instance where asset_id = '" + sAssetID + "'"; int iHistory = 0; if (!dc.sqlGetSingleInteger(ref iHistory, sSql, ref sErr)) throw new Exception(sErr); // if there is no history add this to the delete list, // otherwise add the task id to the non delete list if (iHistory == 0) { sbAssetIDString.Append("'" + sAssetID + "',"); } else { sbAssetsCantDelete.Append("'" + sAssetID + "',"); }; } } // trim the trailing , if (sbAssetsCantDelete.ToString().Length > 2) { sbAssetsCantDelete.Remove(sbAssetsCantDelete.Length - 1, 1); }; if (sbAssetIDString.ToString().Length > 2) { // delete from these tables: // asset, asset_credential (if the credential is local). // trim the trailing , sbAssetIDString.Remove(sbAssetIDString.Length - 1, 1); try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // delete asset_credential sSql = "delete from asset_credential" + " where shared_or_local = 1" + " and credential_id in (select credential_id from asset where asset_id in (" + sbAssetIDString.ToString() + "))"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); // delete asset sSql = "delete from asset where asset_id in (" + sbAssetIDString.ToString() + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); oTrans.Commit(); // add security log ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sbAssetIDString.ToString(), "Batch Asset Delete", "Deleted Assets in batch mode"); } catch (Exception ex) { throw new Exception(ex.Message); } }; // if some did not get deleted return a message. if (sbAssetsCantDelete.Length > 2) { string sTaskNames = ""; sSql = "select asset_name from asset where asset_id in (" + sbAssetsCantDelete.ToString() + ")"; if (!dc.csvGetList(ref sTaskNames, sSql, ref sErr, true)) throw new Exception(sErr); return "Asset deletion completed. Asset(s) (" + sTaskNames + ") could not be deleted because history rows exist."; } else { return sErr; } }
public bool Import(string sUserID, string sTaskIDs, ref string sErr) { string sSQL = ""; dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //we're doing this in a loop //why? because each row may have different import requirements //(overwrite, new version, etc.) //Now we are adding different import types not necessarily tied to task/proc. //for now we're still just doing it all here until there's a good reason to split it out if (sTaskIDs.Length > 0) { sSQL = "select task_id, task_code, task_name, import_mode from import_task" + " where user_id = '" + sUserID + "'" + " and task_id in (" + sTaskIDs + ")"; DataTable dt = new DataTable(); if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr)) throw new Exception(sErr); if (dt.Rows.Count > 0) { foreach (DataRow dr in dt.Rows) { string sTaskID = dr["task_id"].ToString(); string sNewTaskID = dr["task_id"].ToString(); string sTaskCode = dr["task_code"].ToString(); string sImportMode = dr["import_mode"].ToString(); string sOTID = ""; int iCount = 0; switch (sImportMode) { case "New": //just jam in the new row, IF there are no GUID conflicts. //~~~ NEW tasks get manipulated. //* MIGHT have their ID changed if there's a collision //* WILL have the original_task_id reset //* WILL have the version reset to 1.000 //* WILL be loaded as 'Development' status //* WILL be the default version //check ID oTrans.Command.CommandText = "select count(*) from task" + " where task_id = '" + sTaskID + "'"; if (!oTrans.ExecGetSingleInteger(ref iCount, ref sErr)) throw new Exception("Unable to check for GUID conflicts.<br />" + sErr); //if there's a GUID conflict then just generate a new guid for this task. if (iCount > 0) { sNewTaskID = ui.NewGUID(); } //check the steps to see if there are any GUID conflicts //and repair them if necessary if (!ReIDSteps(ref oTrans, sUserID, sTaskID, ref sErr)) throw new Exception("Unable to issue new Step GUIDs.<br />" + sErr); //insert the manipulated TASK oTrans.Command.CommandText = "insert into task" + " (task_id, original_task_id, version," + " task_name, task_code, task_desc, task_status," + " use_connector_system, default_version," + " concurrent_instances, queue_depth, parameter_xml, created_dt)" + " select" + " '" + sNewTaskID + "', '" + sNewTaskID + "', 1.000," + " task_name, task_code, task_desc, 'Development'," + " use_connector_system, 1," + " concurrent_instances, queue_depth, parameter_xml, created_dt" + " from import_task" + " where user_id = '" + sUserID + "'" + " and task_id = '" + sTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "New - Created via Import"); break; case "New Version": //if it's a new version, we need to make sure the "original_task_id" //is correct in the target database. //(no guarantee the original_id in the source db is correct.) //just jam in the new row, IF there are no GUID conflicts. //~~~ NEW VERSION tasks get manipulated. //* MIGHT have their ID changed if there's a collision //* MIGHT have the original_task_id reset (to match the target) //* WILL have the version reset to the user selection //* WILL be loaded as 'Development' status //* WILL NOT be the default version //check ID oTrans.Command.CommandText = "select count(*) from task" + " where task_id = '" + sTaskID + "'"; if (!oTrans.ExecGetSingleInteger(ref iCount, ref sErr)) throw new Exception("Unable to check for GUID conflicts.<br />" + sErr); //if there's a GUID conflict then just generate a new guid for this task. //and re-id the steps if (iCount > 0) sNewTaskID = ui.NewGUID(); //check the steps to see if there are any GUID conflicts //and repair them if necessary if (!ReIDSteps(ref oTrans, sUserID, sTaskID, ref sErr)) throw new Exception("Unable to issue new Step GUIDs.<br />" + sErr); //NOW, we need to make sure this task is connected to it's family //we do this by ensuring the original_task_id matches. //BUT, we got here by assuming the task_code was the key. //so... find the original_task_id for this task_code oTrans.Command.CommandText = "select original_task_id" + " from task where task_code = '" + sTaskCode + "' limit 1"; if (!oTrans.ExecGetSingleString(ref sOTID, ref sErr)) throw new Exception("Unable to get original task ID for [" + sTaskCode + "].<br />" + sErr); //insert the manipulated TASK oTrans.Command.CommandText = "insert into task" + " (task_id, original_task_id, version," + " task_name, task_code, task_desc, task_status," + " use_connector_system, default_version," + " concurrent_instances, queue_depth, parameter_xml, created_dt)" + " select" + " '" + sNewTaskID + "', '" + sOTID + "', version," + " task_name, task_code, task_desc, 'Development'," + " use_connector_system, 0," + " concurrent_instances, queue_depth, parameter_xml, created_dt" + " from import_task" + " where user_id = '" + sUserID + "'" + " and task_id = '" + sTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "New Version - Created via Import"); break; /* Note: I stopped here because I'm not convinced that "Overwrite" is a safe or useful feature. So, we'll come back to it if needed. Be aware, this was pseudocode... it never worked, was just placeholder stuff and ideas. */ //case "Overwrite": // //stomp it, but make sure to set the task_id/original_task_id // //to match in the target db. // //just because the code matches doesn't mean the ID's do. // //we can just UPDATE the task row // //DON'T FORGET to DELETE the existing steps and codeblocks // //we need to make sure the "original_task_id" // //is correct in the target database. // //(no guarantee the original_id in the source db is correct.) // //~~~ OVERWRITE tasks get manipulated. // //* MIGHT have their ID changed to match the code/version being imported // //* MIGHT have the original_task_id reset (to match the target) // //* WILL have the version reset to the user selection // //* WILL be loaded as 'Development' status // //* MIGHT be the default version (not gonna update that value) // //NOW, we need to make sure this task is connected to it's family // //we do this by ensuring the original_task_id matches. // //BUT, we got here by assuming the task_code was the key. // //so... find the task AND original_task_id for this task_code // oTrans.Command.CommandText = "select top 1 task_id" + // " from task where task_code = '" + sTaskCode + "'"; // if (!oTrans.ExecGetSingleString(ref sNewTaskID, ref sErr)) // throw new Exception("Unable to get task ID for [" + sTaskCode + "].<br />" + sErr); // oTrans.Command.CommandText = "select top 1 original_task_id" + // " from task where task_code = '" + sTaskCode + "'"; // if (!oTrans.ExecGetSingleString(ref sOTID, ref sErr)) // throw new Exception("Unable to get original task ID for [" + sTaskCode + "].<br />" + sErr); // //get a datareader on the import_task row // sSQL = "select task_desc, manual_or_digital, use_connector_system," + // " concurrent_instances, queue_depth, parameter_xml, created_dt" + // " from import_task" + // " where user_id = '" + sUserID + "'" + // " and task_id = '" + sTaskID + "'"; // OdbcDataReader drTaskRow = null; // if (!dc.sqlGetDataReader(ref drTaskRow, sSQL, ref sErr)) return false; // if (drTaskRow.HasRows) // { // //insert the manipulated TASK // //THIS WAS NEVER TESTED // oTrans.Command.CommandText = "update task" + // " set task_desc = ''," + // " manual_or_digital = ''," + // " use_connector_system = ''," + // " concurrent_instances = ''," + // " queue_depth = ''," + // " parameter_xml = ''," + // " created_dt = ''" + // " select" + // " '" + sNewTaskID + "', '" + sOTID + "', version," + // " task_name, task_code, task_desc, 'Development', manual_or_digital," + // " use_connector_system, 0," + // " concurrent_instances, queue_depth, parameter_xml, created_dt" + // " from import_task" + // " where user_id = '" + sUserID + "'" + // " and task_id = '" + sTaskID + "'"; // if (!oTrans.ExecUpdate(ref sErr)) // throw new Exception(sErr); // } // ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskID, dr["task_code"].ToString() + " - " + dr["task_name"].ToString(), "Overwritten by Import"); // break; default: break; } //CODEBLOCKS AND STEPS can be done here... they are just inserted // (because they were manipulated already if needed) //CODEBLOCKS oTrans.Command.CommandText = "insert into task_codeblock" + " (task_id, codeblock_name)" + " select" + " '" + sNewTaskID + "', codeblock_name" + " from import_task_codeblock" + " where user_id = '" + sUserID + "'" + " and task_id = '" + sTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //STEPS oTrans.Command.CommandText = "insert into task_step" + " (step_id, task_id, codeblock_name, step_order, commented," + " locked, function_name, function_xml, step_desc, output_parse_type," + " output_row_delimiter, output_column_delimiter, variable_xml)" + " select" + " step_id, '" + sNewTaskID + "', codeblock_name, step_order, commented," + " locked, function_name, function_xml, step_desc, output_parse_type," + " output_row_delimiter, output_column_delimiter, variable_xml" + " from import_task_step" + " where user_id = '" + sUserID + "'" + " and task_id = '" + sTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); } } else { sErr = "No Task import items were found."; oTrans.RollBack(); return false; } //whack those rows from the import table. //why? their disposition has now changed, and we don't wanna accidentally reload them. //or add confusion to the user. oTrans.Command.CommandText = "delete from import_task where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); oTrans.Command.CommandText = "delete from import_task_codeblock where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); oTrans.Command.CommandText = "delete from import_task_step where user_id = '" + sUserID + "' and task_id in (" + sTaskIDs + ")"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); } //all done with everything... close it out oTrans.Commit(); return true; }
public string wmApproveTask(string sTaskID, string sMakeDefault) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); try { string sUserID = ui.GetSessionUserID(); if (ui.IsGUID(sTaskID) && ui.IsGUID(sUserID)) { string sErr = ""; string sSQL = ""; //check to see if this is the first task to be approved. //if it is, we will make it default. sSQL = "select count(*) from task" + " where original_task_id = " + " (select original_task_id from task where task_id = '" + sTaskID + "')" + " and task_status = 'Approved'"; int iCount = 0; if (!dc.sqlGetSingleInteger(ref iCount, sSQL, ref sErr)) { throw new Exception("Unable to count Tasks in this family.." + sErr); } if (iCount == 0) sMakeDefault = "1"; dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //flag all the other tasks as not default if this one is meant to be if (sMakeDefault == "1") { sSQL = "update task set" + " default_version = 0" + " where original_task_id =" + " (select original_task_id from (select original_task_id from task where task_id = '" + sTaskID + "') as x)"; oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception("Unable to update task [" + sTaskID + "]." + sErr); } sSQL = "update task set" + " task_status = 'Approved'," + " default_version = 1" + " where task_id = '" + sTaskID + "';"; } else { sSQL = "update task set" + " task_status = 'Approved'" + " where task_id = '" + sTaskID + "'"; } oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception("Unable to update task [" + sTaskID + "]." + sErr); } oTrans.Commit(); ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, "Status", "Development", "Approved"); if (sMakeDefault == "1") ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, "Default", "Set as Default Version."); } else { throw new Exception("Unable to update task. Missing or invalid task id. [" + sTaskID + "]"); } } catch (Exception ex) { throw ex; } return ""; }
public static string DeleteUsers(string sDeleteArray) { acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; string WhoAmI = ui.GetSessionUserID(); try { ArrayList arrList = new ArrayList(); arrList.AddRange(sDeleteArray.Split(',')); if (sDeleteArray.Length < 36) { return(""); } StringBuilder sbDeleteNow = new StringBuilder(); StringBuilder sbDeleteLater = new StringBuilder(); StringBuilder sbAll = new StringBuilder(); foreach (string sUserID in arrList) { if (sUserID.Length == 36) { //you cannot delete yourself!!! if (sUserID != WhoAmI) { sbAll.Append("'" + sUserID + "',"); //this will flag a user for later deletion by the system //it returns the user_id back if it's safe to delete now if (UserHasHistory(sUserID)) { sbDeleteLater.Append("'" + sUserID + "',"); } else { sbDeleteNow.Append("'" + sUserID + "',"); } } } } dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // stuff to delete no matter what... if (sbAll.Length != 0) { sbAll.Remove(sbAll.Length - 1, 1); ////delete any attributes for these users //sSql = "delete from user_assign_defaults where user_id in (" + sbAll.ToString() + ")"; //oTrans.Command.CommandText = sSql; //if (!oTrans.ExecUpdate(ref sErr)) // throw new Exception(sErr); } // delete some users... if (sbDeleteNow.Length != 0) { sbDeleteNow.Remove(sbDeleteNow.Length - 1, 1); sSql = "delete from users where user_id in (" + sbDeleteNow.ToString() + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } // flag the others... if (sbDeleteLater.Length != 0) { sbDeleteLater.Remove(sbDeleteLater.Length - 1, 1); sSql = "update users set status = 86 where user_id in (" + sbDeleteLater.ToString() + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } return("User(s) deleted."); }
private string CopyTask(int iMode, string sSourceTaskID, string sNewTaskName, string sNewTaskCode) { //iMode 0=new task, 1=new major version, 2=new minor version dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sErr = ""; string sSQL = ""; string sNewTaskID = ui.NewGUID(); int iIsDefault = 0; string sTaskName = ""; double dVersion = 1.000; double dMaxVer = 0.000; string sOTID = ""; //do it all in a transaction dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //figure out the new name and selected version oTrans.Command.CommandText = "select task_name, version, original_task_id from task where task_id = '" + sSourceTaskID + "'"; DataRow dr = null; if (!oTrans.ExecGetDataRow(ref dr, ref sErr)) throw new Exception("Unable to find task for ID [" + sSourceTaskID + "]." + sErr); sTaskName = dr["task_name"].ToString(); dVersion = Convert.ToDouble(dr["version"]); sOTID = dr["original_task_id"].ToString(); //figure out the new version switch (iMode) { case 0: sTaskName = sNewTaskName; iIsDefault = 1; dVersion = 1.000; sOTID = sNewTaskID; break; case 1: //gotta get the highest version sSQL = "select max(version) from task where task_id = '" + sOTID + "'"; dc.sqlGetSingleDouble(ref dMaxVer, sSQL, ref sErr); if (sErr != "") { oTrans.RollBack(); throw new Exception(sErr); } dVersion = dMaxVer + 1; break; case 2: sSQL = "select max(version) from task where task_id = '" + sOTID + "'" + " and cast(version as unsigned) = " + Convert.ToInt32(dVersion); dc.sqlGetSingleDouble(ref dMaxVer, sSQL, ref sErr); if (sErr != "") { oTrans.RollBack(); throw new Exception(sErr); } dVersion = dMaxVer + 0.001; break; default: //a iMode is required throw new Exception("A mode required for this copy operation." + sErr); } //if we are versioning, AND there are not yet any 'Approved' versions, //we set this new version to be the default //(that way it's the one that you get taken to when you pick it from a list) if (iMode > 0) { sSQL = "select case when count(*) = 0 then 1 else 0 end" + " from task where original_task_id = '" + sOTID + "'" + " and task_status = 'Approved'"; dc.sqlGetSingleInteger(ref iIsDefault, sSQL, ref sErr); if (sErr != "") { oTrans.RollBack(); throw new Exception(sErr); } } //start copying oTrans.Command.CommandText = "create temporary table _copy_task" + " select * from task where task_id = '" + sSourceTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //update the task_id oTrans.Command.CommandText = "update _copy_task set" + " task_id = '" + sNewTaskID + "'," + " original_task_id = '" + sOTID + "'," + " version = '" + dVersion + "'," + " task_name = '" + sTaskName + "'," + " default_version = " + iIsDefault.ToString() + "," + " task_status = 'Development'," + " created_dt = now()"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //update the task_code if necessary if (iMode == 0) { oTrans.Command.CommandText = "update _copy_task set task_code = '" + sNewTaskCode + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); } //codeblocks oTrans.Command.CommandText = "create temporary table _copy_task_codeblock" + " select '" + sNewTaskID + "' as task_id, codeblock_name" + " from task_codeblock where task_id = '" + sSourceTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //USING TEMPORARY TABLES... need a place to hold step ids while we manipulate them oTrans.Command.CommandText = "create temporary table _step_ids" + " select distinct step_id, uuid() as newstep_id" + " from task_step where task_id = '" + sSourceTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //steps temp table oTrans.Command.CommandText = "create temporary table _copy_task_step" + " select step_id, '" + sNewTaskID + "' as task_id, codeblock_name, step_order, commented," + " locked, function_name, function_xml, step_desc, output_parse_type, output_row_delimiter," + " output_column_delimiter, variable_xml" + " from task_step where task_id = '" + sSourceTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //update the step id oTrans.Command.CommandText = "update _copy_task_step a, _step_ids b" + " set a.step_id = b.newstep_id" + " where a.step_id = b.step_id"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //update steps with codeblocks that reference a step (embedded steps) oTrans.Command.CommandText = "update _copy_task_step a, _step_ids b" + " set a.codeblock_name = b.newstep_id" + " where b.step_id = a.codeblock_name"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //spin the steps and update any embedded step id's in the commands oTrans.Command.CommandText = "select step_id, newstep_id from _step_ids"; DataTable dtStepIDs = new DataTable(); if (!oTrans.ExecGetDataTable(ref dtStepIDs, ref sErr)) throw new Exception("Unable to get step ids." + sErr); foreach (DataRow drStepIDs in dtStepIDs.Rows) { oTrans.Command.CommandText = "update _copy_task_step" + " set function_xml = replace(lower(function_xml), '" + drStepIDs["step_id"].ToString().ToLower() + "', '" + drStepIDs["newstep_id"].ToString() + "')" + " where function_name in ('if','loop','exists')"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); } //finally, put the temp steps table in the real steps table oTrans.Command.CommandText = "insert into task select * from _copy_task"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); oTrans.Command.CommandText = "insert into task_codeblock select * from _copy_task_codeblock"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); oTrans.Command.CommandText = "insert into task_step select * from _copy_task_step"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); //finally, if we versioned up and we set this one as the new default_version, //we need to unset the other row if (iMode > 0 && iIsDefault == 1) { oTrans.Command.CommandText = "update task" + " set default_version = 0" + " where original_task_id = '" + sOTID + "'" + " and task_id <> '" + sNewTaskID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); } oTrans.Commit(); return sNewTaskID; }
public static string SaveDomain(object[] oAsset) { // we are passing in 4 elements, if we have 16 go if (oAsset.Length != 4) { return("Incorrect list of attributes:" + oAsset.Length.ToString()); } string sEditDomain = oAsset[0].ToString(); string sDomain = oAsset[1].ToString().Replace("'", "''"); string sAddress = oAsset[2].ToString().Replace("'", "''"); string sMode = oAsset[3].ToString(); dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = null; // before updating or adding make sure the domain name is available if (sEditDomain != sDomain) { try { sSql = "select ldap_domain from ldap_domain where ldap_domain = '" + sDomain + "'"; string sDomainExists = ""; if (!dc.sqlGetSingleString(ref sDomainExists, sSql, ref sErr)) { throw new Exception(sErr); } else { if (!string.IsNullOrEmpty(sDomainExists)) { return("Domain name exists, choose another name."); } } } catch (Exception ex) { throw new Exception(ex.Message); } } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // update the user fields. if (sMode == "edit") { // if the domain name changed update all of the asset_credential's using this domain if (sDomain != sEditDomain) { sSql = "update asset_credential set domain = '" + sDomain + "' where domain = '" + sEditDomain + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } sSql = "update ldap_domain set ldap_domain = '" + sDomain + "'," + "address = '" + sAddress + "' where ldap_domain = '" + sEditDomain + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } else { sSql = "insert into ldap_domain (ldap_domain,address)" + " values ('" + sDomain + "'," + "'" + sAddress + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // add security log if (sMode == "edit") { ui.WriteObjectChangeLog(Globals.acObjectTypes.Domain, sEditDomain, sEditDomain, sEditDomain, sDomain); } else { ui.WriteObjectAddLog(Globals.acObjectTypes.Domain, sDomain, sDomain, "Domain Created"); } // no errors to here, so return an empty string return(""); }
public void wmDeleteStep(string sStepID) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); try { string sErr = ""; string sSQL = ""; dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); //you have to know which one we are removing string sDeletedStepOrder = "0"; string sTaskID = ""; string sCodeblock = ""; string sFunction = ""; string sFunctionXML = ""; sSQL = "select task_id, codeblock_name, step_order, function_name, function_xml" + " from task_step where step_id = '" + sStepID + "'"; DataRow dr = null; if (!dc.sqlGetDataRow(ref dr, sSQL, ref sErr)) throw new Exception("Unable to get details for step." + sErr); if (dr != null) { sDeletedStepOrder = dr["step_order"].ToString(); sTaskID = dr["task_id"].ToString(); sCodeblock = dr["codeblock_name"].ToString(); sFunction = dr["function_name"].ToString(); sFunctionXML = dr["function_xml"].ToString(); //for logging, we'll stick the whole command XML into the log //so we have a complete record of the step that was just deleted. ui.WriteObjectDeleteLog(Globals.acObjectTypes.Task, sTaskID, sFunction, "Codeblock:" + sCodeblock + " Step Order:" + sDeletedStepOrder + " Command Type:" + sFunction + " Details:" + sFunctionXML); } //"embedded" steps have a codeblock name referencing their "parent" step. //if we're deleting a parent, whack all the children sSQL = "delete from task_step where codeblock_name = '" + sStepID + "'"; oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Unable to delete step." + sErr); //step might have user_settings sSQL = "delete from task_step_user_settings where step_id = '" + sStepID + "'"; oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Unable to delete step user settings." + sErr); //now whack the parent sSQL = "delete from task_step where step_id = '" + sStepID + "'"; oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Unable to delete step." + sErr); sSQL = "update task_step set step_order = step_order - 1" + " where task_id = '" + sTaskID + "'" + " and codeblock_name = '" + sCodeblock + "'" + " and step_order > " + sDeletedStepOrder; oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Unable to reorder steps after deletion." + sErr); oTrans.Commit(); } catch (Exception ex) { throw ex; } }
public static string DeleteClouds(string sDeleteArray) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = null; string sErr = ""; if (sDeleteArray.Length < 36) { return(""); } sDeleteArray = ui.QuoteUp(sDeleteArray); DataTable dt = new DataTable(); // get a list of ids that will be deleted for the log sSql = "select cloud_id, cloud_name, provider from clouds where cloud_id in (" + sDeleteArray + ")"; if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr)) { throw new Exception(sErr); } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); sSql = "delete from clouds where cloud_id in (" + sDeleteArray + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } //refresh the cloud account list in the session if (!ui.PutCloudAccountsInSession(ref sErr)) { throw new Exception(sErr); } oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } //reget the cloud providers class in the session ui.SetCloudProviders(ref sErr); if (!string.IsNullOrEmpty(sErr)) { throw new Exception("Error: Unable to load Cloud Providers XML." + sErr); } // if we made it here, so save the logs foreach (DataRow dr in dt.Rows) { ui.WriteObjectDeleteLog(Globals.acObjectTypes.Cloud, dr["cloud_id"].ToString(), dr["cloud_name"].ToString(), dr["provider"].ToString() + " Cloud Deleted."); } return(sErr); }
public static string SaveAccount(string sMode, string sAccountID, string sAccountName, string sAccountNumber, string sProvider, string sLoginID, string sLoginPassword, string sLoginPasswordConfirm, string sIsDefault, string sAutoManageSecurity) { // for logging string sOriginalName = ""; dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSql = ""; string sErr = ""; //if we are editing get the original values if (sMode == "edit") { } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // update the user fields. if (sMode == "edit") { sSql = "select account_name from cloud_account " + "where account_id = '" + sAccountID + "'"; if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr)) throw new Exception("Error getting original account name:" + sErr); // only update the passwword if it has changed string sNewPassword = ""; if (sLoginPassword != "($%#d@x!&") { sNewPassword = "******" + dc.EnCrypt(sLoginPassword) + "'"; } sSql = "update cloud_account set" + " account_name = '" + sAccountName + "'," + " account_number = '" + sAccountNumber + "'," + " provider = '" + sProvider + "'," + " is_default = '" + sIsDefault + "'," + " auto_manage_security = '" + sAutoManageSecurity + "'," + " login_id = '" + sLoginID + "'" + sNewPassword + " where account_id = '" + sAccountID + "'"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Error updating account: " + sErr); ui.WriteObjectChangeLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, sOriginalName, sAccountName);} else { //now, for some reason we were having issues with the initial startup of apache //not able to perform the very first database hit. //this line serves as an inital db hit, but we aren't trapping it or showing the error dc.TestDBConnection(ref sErr); //if there are no rows yet, make this one the default even if the box isn't checked. if (sIsDefault == "0") { int iExists = -1; sSql = "select count(*) as cnt from cloud_account"; if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr)) { System.Threading.Thread.Sleep(300); if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr)) { System.Threading.Thread.Sleep(300); if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr)) throw new Exception("Unable to count Cloud Accounts: " + sErr); } } if (iExists == 0) sIsDefault = "1"; } sAccountID = ui.NewGUID(); sSql = "insert into cloud_account (account_id, account_name, account_number, provider, is_default, login_id, login_password, auto_manage_security)" + " values ('" + sAccountID + "'," + "'" + sAccountName + "'," + "'" + sAccountNumber + "'," + "'" + sProvider + "'," + "'" + sIsDefault + "'," + "'" + sLoginID + "'," + "'" + dc.EnCrypt(sLoginPassword) + "'," + "'" + sAutoManageSecurity + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Error creating account: " + sErr); ui.WriteObjectAddLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, "Account Created"); } //if "default" was selected, unset all the others if (dc.IsTrue(sIsDefault)) { oTrans.Command.CommandText = "update cloud_account set is_default = 0 where account_id <> '" + sAccountID + "'"; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception("Error updating defaults: " + sErr); } oTrans.Commit(); //refresh the cloud account list in the session if (!ui.PutCloudAccountsInSession(ref sErr)) throw new Exception("Error refreshing accounts in session: " + sErr); } catch (Exception ex) { throw new Exception("Error: General Exception: " + ex.Message); } // no errors to here, so return an empty string return "{'account_id':'" + sAccountID + "', 'account_name':'" + sAccountName + "', 'provider':'" + sProvider + "'}"; }
public string wmUpdateTag(string sOldTagName, string sNewTagName, string sDescription) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); string sSQL = null; string sErr = null; //do the description no matter what just to be quick sSQL = "update lu_tags set tag_desc = '" + sDescription + "' where tag_name = '" + sNewTagName + "'"; if (!dc.sqlExecuteUpdate(sSQL, ref sErr)) { throw new Exception(sErr); } //don't do this unless the name has changed if (sNewTagName != sOldTagName) { try { sSQL = "select tag_name from lu_tags where tag_name = '" + sNewTagName + "'"; string sTagExists = ""; if (!dc.sqlGetSingleString(ref sTagExists, sSQL, ref sErr)) throw new Exception(sErr); else { if (!string.IsNullOrEmpty(sTagExists)) return "Tag [" + sNewTagName + "] exists - choose another name."; } } catch (Exception ex) { throw new Exception(ex.Message); } try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); sSQL = "update object_tags set tag_name = '" + sNewTagName + "' where tag_name = '" + sOldTagName + "'"; oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) throw new Exception(sErr); sSQL = "update lu_tags set tag_name = '" + sNewTagName + "'" + " where tag_name = '" + sOldTagName + "'"; oTrans.Command.CommandText = sSQL; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } oTrans.Commit(); ui.WriteObjectChangeLog(acObjectTypes.None, sNewTagName, "", "Tag Updated [" + sOldTagName + "-->" + sNewTagName + "]."); } catch (Exception ex) { throw new Exception(ex.Message); } } // no errors to here, so return an empty string return ""; }
public static string SaveNewUser(object[] oUser) { dataAccess dc = new dataAccess(); acUI.acUI ui = new acUI.acUI(); acUI.AppGlobals ag = new acUI.AppGlobals(); string sSql = null; string sErr = null; // check the number of properties if (oUser.Length != 10) { return("Incorrect list of user properties"); } string sLoginID = oUser[0].ToString(); string sFullName = oUser[1].ToString(); string sAuthType = oUser[2].ToString(); string sUserPassword = oUser[3].ToString(); string sGeneratePW = oUser[4].ToString(); string sForcePasswordChange = oUser[5].ToString(); string sUserRole = oUser[6].ToString(); string sEmail = oUser[7].ToString(); string sStatus = oUser[8].ToString(); string sGroupArray = oUser[9].ToString(); // checks that cant be done on the client side // is the name unique? string sInuse = ""; if (!dc.sqlGetSingleString(ref sInuse, "select user_id from users where username = '******' limit 1", ref sErr)) { return("sErr"); } else { if (!string.IsNullOrEmpty(sInuse)) { return("Login ID '" + sLoginID + "' is unavailable, please choose another."); } } // password string sPassword = null; if (sAuthType == "local") { if (sGeneratePW == "1") //generate an initial strong password { sUserPassword = dc.GenerateNewPassword(); } sPassword = "******" + dc.EnCrypt(sUserPassword) + "'"; } else if (sAuthType == "ldap") { sPassword = "******"; } else { return("Unknown Authentication Type."); } // passed client and server validations, create the user string sNewUserID = ui.NewGUID(); try { dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr); // all good, save the new user and redirect to the user edit page. sSql = "insert users" + " (user_id,username,full_name,authentication_type,user_password,force_change,email,status,user_role)" + " values " + "('" + sNewUserID + "'," + "'" + sLoginID.Trim().Replace("'", "''") + "'," + "'" + sFullName.Trim().Replace("'", "''") + "'," + "'" + sAuthType + "'," + sPassword + "," + "'" + sForcePasswordChange + "'," + "'" + sEmail.Trim() + "'," + "'" + sStatus + "'," + "'" + sUserRole + "'" + ")"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } #region "groups" // add user groups, if there are any if (sGroupArray.Length > 0) { ArrayList aGroups = new ArrayList(sGroupArray.Split(',')); foreach (string sGroupName in aGroups) { sSql = "insert object_tags (object_id, object_type, tag_name)" + " values ('" + sNewUserID + "', 1, '" + sGroupName + "')"; oTrans.Command.CommandText = sSql; if (!oTrans.ExecUpdate(ref sErr)) { throw new Exception(sErr); } } } #endregion oTrans.Commit(); } catch (Exception ex) { throw new Exception(ex.Message); } // add security log ui.WriteObjectAddLog(Globals.acObjectTypes.User, sNewUserID, sFullName.Trim().Replace("'", "''"), ""); //email out the password string sBody = ""; if (!dc.sqlGetSingleString(ref sBody, "select new_user_email_message from login_security_settings where id = 1", ref sErr)) { throw new Exception(sErr); } //default message if undefined in the table if (string.IsNullOrEmpty(sBody)) { sBody = sFullName + " - an account has been created for you in " + ag.APP_NAME + "." + Environment.NewLine + Environment.NewLine + "Your User Name: " + sLoginID + "." + Environment.NewLine + "Your temporary password: "******"." + Environment.NewLine; } //replace our special tokens with the values sBody = sBody.Replace("##FULLNAME##", sFullName).Replace("##USERNAME##", sLoginID); if (sGeneratePW == "1") { sBody = sBody.Replace("##PASSWORD##", sUserPassword); } else { sBody = sBody.Replace("##PASSWORD##", "Will be provided by an Administrator."); } if (!ui.SendEmailMessage(sEmail.Trim(), ag.APP_COMPANYNAME + " Account Management", "Welcome to " + ag.APP_COMPANYNAME, sBody, ref sErr)) { throw new Exception(sErr); } // no errors to here, so return an empty string return(""); }