public override baseResponse runAction(System.Web.HttpContext context) { defaultResponse response = new defaultResponse {responseCode = responseCodes.Error}; try { base.runAction(context); string projectId = context.Request["project_id"]; if (string.IsNullOrEmpty(projectId)) throw new Exception("project_id is not specified."); addParameter("@prj_identifier", SqlDbType.VarChar, projectId); string projectName = context.Request["project_name"]; if(string.IsNullOrEmpty(projectName)) throw new Exception("project_name is not specified"); addParameter("@prj_name", SqlDbType.VarChar, projectName); byte isActive; if (!byte.TryParse(context.Request["is_active"], out isActive)) isActive = 0; addParameter("@prj_is_active", SqlDbType.TinyInt, isActive); addParameter("@usr_name", SqlDbType.VarChar, context.Request["username"]); executeProcedure(); response.responseCode = responseCodes.OK; } catch(Exception exc) { response.responseCode = responseCodes.Error; response.responseMessage = exc.ToString(); } return response; }
public override baseResponse runAction(HttpContext context) { defaultResponse response = new defaultResponse {responseCode = responseCodes.Error}; try { //Perform base Actions like Authentication base.runAction(context); string newUsername = context.Request["new_username"]; string newPassword = context.Request["new_password"]; int maxProjects = int.Parse(string.IsNullOrEmpty(context.Request["max_projects"]) ? "0" : context.Request["max_projects"]); byte isAdmin = byte.Parse(string.IsNullOrEmpty(context.Request["is_admin"]) ? "0" : context.Request["is_admin"]); if(string.IsNullOrEmpty(newUsername) || string.IsNullOrEmpty(newPassword)) throw new Exception(); addParameter("@usr_name", SqlDbType.VarChar, newUsername); addParameter("@usr_password", SqlDbType.VarChar, hashPassword(newPassword)); addParameter("@usr_max_projects",SqlDbType.Int, maxProjects); addParameter("@usr_is_admin", SqlDbType.TinyInt, isAdmin); int spResult = executeProcedure(); if(spResult == -1) throw new Exception("This Username is already taken."); if (spResult == 0) response.responseCode = responseCodes.OK; } catch(Exception exc) { response.responseCode = responseCodes.Error; response.responseMessage = exc.Message; } return response; }
public override baseResponse runAction(System.Web.HttpContext context) { var response = new defaultResponse {responseCode = responseCodes.Error}; try { base.runAction(context); string obsoleteUsername = context.Request["obsolete_username"]; if(string.IsNullOrEmpty(obsoleteUsername)) throw new Exception("obsolete_username is a required Parameter."); if(obsoleteUsername.ToLower() == context.Request["username"].ToLower()) throw new Exception("Whoops, you cannot delete yourself. It's like to bite the Hand that feeds you."); addParameter("@usr_name", SqlDbType.VarChar, obsoleteUsername); int result = executeProcedure(); if (result != 0) throw new Exception(string.Format("Deletion failed! You cannot delete Rootuser and it seems {0} is one. Sorry.", obsoleteUsername)); response.responseCode = responseCodes.OK; } catch(Exception exc) { response.responseCode = responseCodes.Error; response.responseMessage = exc.Message; } return response; }
public override baseResponse runAction(System.Web.HttpContext context) { defaultResponse response = new defaultResponse {responseCode = responseCodes.Error}; try { //Perform Basic-Auth base.runAction(context); string projectName = context.Request["project_name"]; string projectId = context.Request["project_id"]; byte isActive; if (!byte.TryParse(context.Request["is_active"], out isActive)) isActive = 0; if (string.IsNullOrEmpty(projectName) || string.IsNullOrEmpty(projectId)) throw new Exception("Not enough Parameter provided."); addParameter("@prj_name", SqlDbType.VarChar, projectName); addParameter("@prj_identifier", SqlDbType.VarChar, projectId); addParameter("@prj_is_active", SqlDbType.TinyInt, isActive); addParameter("@usr_name", SqlDbType.VarChar, context.Request["username"]); int result = executeProcedure(); if (result == -1) throw new Exception("The User could not be found or the User is inactice."); if (result == -2) throw new Exception("The Projectlimit exceeded for this User. You have to delete one or more Projects in order to add a new one."); response.responseCode = responseCodes.OK; } catch (Exception exc) { response.responseCode = responseCodes.Error; response.responseMessage = exc.Message; } return response; }
public override baseResponse runAction(System.Web.HttpContext context) { defaultResponse response = new defaultResponse {responseCode = responseCodes.Error}; try { //Perform base Actions like Authentication base.runAction(context); //Add and validate old Username-Parameter string oldUsername = context.Request["old_username"]; if(string.IsNullOrEmpty(oldUsername)) throw new Exception("old_username not specified."); addParameter("@old_usr_name", SqlDbType.VarChar, oldUsername); //Add and validate new Username-Parameter string editUsername = context.Request["edit_username"]; if(string.IsNullOrEmpty(editUsername)) throw new Exception("You have to specify a Username which you want to edit."); addParameter("@usr_name", SqlDbType.VarChar,editUsername); //Add Password-Parameter if not empty string editPassword = context.Request["edit_password"]; if (!string.IsNullOrEmpty(editPassword)) addParameter("@usr_password", SqlDbType.VarChar, hashPassword(editPassword)); int maxProjects; if (!int.TryParse(context.Request["max_projects"], out maxProjects) || !userIsAdministrator) maxProjects = -1; addParameter("@usr_max_projects", SqlDbType.Int, maxProjects); byte isAdmin; if (!byte.TryParse(context.Request["is_admin"], out isAdmin) || !userIsAdministrator) isAdmin = 2; addParameter("@usr_is_admin", SqlDbType.TinyInt, isAdmin); byte isActive; if (!byte.TryParse(context.Request["is_active"], out isActive) || !userIsAdministrator) isActive = 2; addParameter("@usr_is_active", SqlDbType.TinyInt, isActive); //Check if the Current User is allowed to change the userdetails string currentUsername = context.Request["username"]; if (currentUsername != editUsername && !userIsAdministrator) throw new Exception(string.Format("The User {0} is not authorized to edit User {1}", currentUsername, editUsername)); int result = executeProcedure(); if (result == -1) throw new Exception(string.Format("The Username {0} could not be found", editUsername)); if (result == -2) throw new Exception(string.Format("The Username {0} is already in use.", editUsername)); response.responseCode = responseCodes.OK; } catch (Exception exc) { response.responseCode = responseCodes.Error; response.responseMessage = exc.Message; } return response; }