public Dictionary <string, string> GetFunctionalityDescriptionDictionary()
{
Dictionary <string, string> funcDescs = null;
string sql = null;
Logger.Log("Getting the functionality description dictionary ...");
try
{
sql = GroupQB.GetSelectFunctionDescriptionSql();
List <string[]> data = dbInfo.GetDataList(sql);
if (data == null)
{
Logger.LogError(5, "Error getting functionality description for data sql: " + sql);
return(null);
}
else if (data.Count == 0)
{
Logger.Log("No record was found in the database for sql :" + sql);
return(new Dictionary <string, string>());
}
string functionalityEnumString = null;
SecureRequestContext.FunctionalityType functionalityEnumVal = SecureRequestContext.FunctionalityType.UNKNOWN;
string functionalityDesc = null;
funcDescs = new Dictionary <string, string>();
foreach (string[] row in data)
{
functionalityEnumString = row[0];
functionalityDesc = row[1];
try
{
functionalityEnumVal =
(SecureRequestContext.FunctionalityType)
Enum.Parse(typeof(SecureRequestContext.FunctionalityType),
functionalityEnumString);
}
catch (Exception ex)
{
Logger.LogError(5, "Error parsing Functionality Enum String at " + ex);
functionalityEnumVal = SecureRequestContext.FunctionalityType.UNKNOWN;
}
if (functionalityEnumVal != SecureRequestContext.FunctionalityType.UNKNOWN &&
!funcDescs.ContainsKey(functionalityEnumString) &&
functionalityDesc != null)
{
funcDescs.Add(functionalityEnumString, functionalityDesc);
}
}
}
catch (Exception ex)
{
Logger.LogError(5, "Error Getting Functionality description dictionary at " + ex);
return(null);
}
return(funcDescs);
}
/// <summary>
/// Check if Group Name already exists in the database
/// </summary>
/// <param name="p"></param>
/// <returns></returns>
private bool CheckIfNewGroupNameIsValidInSystem(string groupName)
{
bool isValid = true;
string sql = "";
if (groupName == null)
{
Logger.LogError(5, "Cannot check if a NULL groupname already exists in the system!");
return(false);
}
if (groupName == String.Empty)
{
Logger.LogError(5, "Cannot check if an empty groupname already exists in the system!");
return(false);
}
string groupNameGiven = DatabaseHelper.SQL_INJECTION_CHECK_PARAMETER(true, groupName);
try {
DbInfo = new DatabaseWrapper(Lcf);
DbInfo.Connect();
sql = GroupQB.GetCheckIfAGroupISPresentSql(groupNameGiven);
IDataReader reader = DbInfo.RunSqlReader(sql);
while (reader.Read())
{
string groupNameFromDB = "";
if (reader[GroupQB.GROUP_NAME_COL] != System.DBNull.Value)
{
groupNameFromDB = (string)reader[GroupQB.GROUP_NAME_COL];
}
else
{
Logger.LogError(5, "Got Null Group Name using Sql: " + sql);
return(false);
}
groupNameFromDB = DatabaseHelper.SQL_INJECTION_CHECK_PARAMETER(true, groupNameFromDB);
if (groupNameFromDB.Equals(groupNameGiven, StringComparison.CurrentCultureIgnoreCase))
{
isValid = false;
}
else
{
isValid = true;
}
}
} catch (Exception ex) {
Logger.LogError(5, "Error checking if a group name already exists in the system at: " + ex);
isValid = false;
} finally {
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
return(isValid);
}
private bool DeleteGroupEntryFromXrefTable(int groupID, GroupDeleteTableType groupDeleteTableType)
{
bool isDeleted = false;
int count = -1;
int countDeleted = -1;
string tableName = GetTableNameForGroup(groupDeleteTableType);
string sql = "";
Logger.Log("Start deleting records from table '" + tableName + "' for group id " + groupID);
try {
DbInfo = new DatabaseWrapper(Lcf);
DbInfo.Connect();
Logger.Log("Getting records from table '" + tableName + "' for group id " + groupID);
count = GetRecordsForAGroupFromXref(groupID, tableName);
if (count > 0)
{
Logger.Log("Start deleting records from '" + tableName + "' for group id = " + groupID);
sql = GroupQB.GetDelteGroupSql(groupID, tableName, false);
bool success = false;
countDeleted = DbInfo.ExecuteSQL(sql, ref success);
if (count == countDeleted)
{
Logger.Log("Successfully deleted " + count + " records from " + tableName + " for group id = " + groupID);
isDeleted = true;
}
else
{
Logger.Log("Failed to delte " + count + " records from " + tableName + " for group id = " + groupID);
}
}
else if (count == 0)
{
Logger.Log("No records was found in table '" + tableName + "' for group id " + groupID);
return(true);
}
} catch (Exception ex) {
Logger.Log("Error deleting records from table '" + tableName + "' for group id " + groupID + " at: " + ex);
return(false);
} finally {
if (isDeleted)
{
SecureContentWrapper.SecurityHasBeenModifiedThisSession = true;
}
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
return(isDeleted);
}
//---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
/// <summary>
/// Removes all xref records that link the specified user to any groups.
/// 30-Jan-2015 - added the bool toggle on whether or not to use the session wrapper. This causes an issue with threaded applications as in the
/// worker thread the session wrappers are not available.
/// </summary>
/// <param name="userID">The ID of the user to remove from all groups.</param>
/// <returns>True if successfull, false otherwise.</returns>
public bool UnassignAllGroupsFromUser(int userID, bool recordModificationInSessionWrapper)
{
if (userID < 1)
{
Logger.LogError(5, "Cannot UnassignAllGroupsFromUser where userID is not specified!");
return(false);
}
bool isSuccess = false;
DbInfo = new DatabaseWrapper(Lcf);
string sql = "";
try {
DbInfo.Connect();
sql = GroupQB.GetDeleteUserFromAllGroupsSql(userID);
if (sql == null)
{
Logger.LogError(5, "Failed to get SQL to delete user from all groups! Abandoning UnassignAllGroupsFromUser ...");
return(false);
}
bool success = false;
int numChanged = DbInfo.ExecuteSQL(sql, ref success);
if (numChanged == 0)
{
isSuccess = false;
}
else
{
isSuccess = true;
}
} catch (Exception ex) {
Logger.LogError(5, "Error in changing group association at: " + ex);
return(false);
} finally {
if (isSuccess && recordModificationInSessionWrapper)
{
SecureContentWrapper.SecurityHasBeenModifiedThisSession = true;
}
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
return(isSuccess);
}
public bool ChangeUserToGroupAssociation(MGGroup group, List <int> usersIDs, AssociationTypes associationType)
{
bool ISChanged = true;
DbInfo = new DatabaseWrapper(Lcf);
string sql = "";
string partMSG = "'" + associationType + "ing' (" + usersIDs.Count + ") users to Group '" + group.Name + "'";
try {
Logger.Log("Start " + partMSG);
DbInfo.Connect();
foreach (int userID in usersIDs)
{
if (associationType == AssociationTypes.Assign)
{
sql = GroupQB.GetAssignGroupForUserSql(userID, group.ID);
}
else
{
sql = GroupQB.GetUnAssignGroupForUserSql(userID, group.ID);
}
bool success = false;
int numChanged = DbInfo.ExecuteSQL(sql, ref success);
if (numChanged == 0)
{
ISChanged = false;
}
}
} catch (Exception ex) {
Logger.LogError(5, "Error " + partMSG + " at: " + ex);
return(false);
} finally {
if (ISChanged)
{
SecureContentWrapper.SecurityHasBeenModifiedThisSession = true;
}
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
return(ISChanged);
}
//---------------------------------------------------------------------------------------------------------------------------------------------------
/// <summary>
/// Change the group association for a given user.
/// It can assign the groups to a user and also can un assign groups linked to a user.
/// 30-Jan-2015 - added the bool toggle on whether or not to use the session wrapper. This causes an issue with threaded applications as in the
/// worker thread the session wrappers are not available.
/// </summary>
/// <param name="groupsIDs">Group Ids to Assign or UnAssign</param>
/// <param name="associationType">Assign or UnAssign</param>
/// <returns>True if successfull, false other wise</returns>
public bool ChangeGroupToUserAssociation(int userID, List <int> groupsIDs, AssociationTypes associationType, bool recordModificationInSessionWrapper)
{
bool isChangeSuccess = true;
DbInfo = new DatabaseWrapper(Lcf);
string sql = "";
try {
DbInfo.Connect();
foreach (int groupID in groupsIDs)
{
if (associationType == AssociationTypes.Assign)
{
sql = GroupQB.GetAssignGroupForUserSql(userID, groupID);
}
else
{
sql = GroupQB.GetUnAssignGroupForUserSql(userID, groupID);
}
bool success = false;
int numChanged = DbInfo.ExecuteSQL(sql, ref success);
if (numChanged == 0)
{
isChangeSuccess = false;
}
}
} catch (Exception ex) {
Logger.LogError(5, "Error in changing group association at: " + ex);
isChangeSuccess = false;
} finally {
if (isChangeSuccess && recordModificationInSessionWrapper)
{
SecureContentWrapper.SecurityHasBeenModifiedThisSession = true;
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
}
return(isChangeSuccess);
}
/// <summary>
/// Given a MG Group, Add to database
/// </summary>
/// <param name="group">Group to add</param>
/// <returns>Return true if success, false otherwidr</returns>
public bool AddGroup(MGGroup groupToAdd, out string message)
{
bool isAddSuccess = false;
message = string.Empty;
try {
DbInfo = new DatabaseWrapper(Lcf);
//Check if group can be added
if (CheckIfGroupCanBeAdded(groupToAdd, out message))
{
//Insert
string sql = GroupQB.GetInsertGroupSql(groupToAdd);
DbInfo.Connect();
bool success = false;
if (DbInfo.ExecuteSQL(sql, ref success) == 1)
{
isAddSuccess = true;
message = "Successfully added a group: '" + groupToAdd.Name + "'";
}
else
{
message = "Failed to add a group: '" + groupToAdd.Name + "'";
}
}
} catch (Exception ex) {
Logger.LogError(5, "Error adding a group at " + ex);
message = "Error adding a Group " + groupToAdd.Name + ". Contact MGL.";
isAddSuccess = false;
} finally {
if (isAddSuccess)
{
SecureContentWrapper.SecurityHasBeenModifiedThisSession = true;
}
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
return(isAddSuccess);
}
private bool DeleteGroupFromMain(int groupID)
{
bool isDeleted = false;
string sql = "";
string tableName = "";
try {
Logger.Log("Trying to delete the group entry from main table '" + GroupQB.GROUP_TBLE_NAME + "'");
tableName = GetTableNameForGroup(GroupDeleteTableType.Main);
sql = GroupQB.GetDelteGroupSql(groupID, tableName, true);
DbInfo = new DatabaseWrapper(Lcf);
DbInfo.Connect();
bool success = false;
int numChanged = DbInfo.ExecuteSQL(sql, ref success);
if (numChanged == 0)
{
isDeleted = false;
}
else
{
isDeleted = true;
}
} catch (Exception ex) {
Logger.LogError(5, "Error deleting the group entry from main table '" + GroupQB.GROUP_TBLE_NAME + "' at: " + ex);
return(false);
} finally {
if (isDeleted)
{
SecureContentWrapper.SecurityHasBeenModifiedThisSession = true;
}
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
return(isDeleted);
}
public bool EditGroup(MGGroup newGroup, out string message)
{
bool isAddSuccess = false;
message = string.Empty;
try {
DbInfo = new DatabaseWrapper(Lcf);
if (CheckIfGroupCanBeEdited(newGroup, out message))
{
//Edit
string sql = GroupQB.GetEditGroupSql(newGroup);
DbInfo.Connect();
bool success = false;
if (DbInfo.ExecuteSQL(sql, ref success) == 1)
{
isAddSuccess = true;
message = "Successfully edited group: '" + newGroup.Name + "'";
}
else
{
message = "Failed to edit group: '" + newGroup.Name + "'";
}
}
} catch (Exception ex) {
Logger.LogError(5, "Error editing a group at " + ex);
message = "Error editing a Group " + newGroup.Name + ". Contact MGL.";
isAddSuccess = false;
} finally {
if (isAddSuccess)
{
SecureContentWrapper.SecurityHasBeenModifiedThisSession = true;
}
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
return(isAddSuccess);
}
private List <int> GetDefaultGroupIDs()
{
List <int> defaultGroupIDs = null;
string sql = "";
try {
DbInfo = new DatabaseWrapper(Lcf);
DbInfo.Connect();
if (!DbInfo.ColumnExists(GroupQB.GROUP_TBLE_NAME, GroupQB.GROUP_DEFAULT_COL))
{
Logger.LogError(5, "Column " + GroupQB.GROUP_DEFAULT_COL + " does not exist in table " + GroupQB.GROUP_TBLE_NAME + ". Cannot get default Group IDs!");
return(null);
}
sql = GroupQB.GetSelectDefaultGroupIdsSql();
defaultGroupIDs = DbInfo.GetIntegerList(sql);
if (defaultGroupIDs == null)
{
Logger.LogError(5, "Failed to get default group IDs!");
return(null);
}
if (defaultGroupIDs.Count == 0)
{
Logger.Log("No default group is found in the system when using SQL " + sql);
}
} catch (Exception ex) {
Logger.LogError(5, "Failed to get default group IDs at: " + ex);
defaultGroupIDs = null;
} finally {
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
return(defaultGroupIDs);
}
/// <summary>
/// Getting Group to Display Permission Information
/// </summary>
/// <param name="groupID">Group ID to get permission for.</param>
/// <param name="associationType">Assign, UnAssign, NotAssigned</param>
/// <returns>List of MGSecurityTag</returns>
public List <MGSecurityTag> GetGroupDisplayDictionary(int groupID, GroupAdministration.AssociationTypes associationType)
{
List <MGSecurityTag> groupTags = null;
string sql = null;
bool addIDcol = false;
bool addDescCol = false;
Logger.Log("Start getting the group to display dictionary for group id = " + groupID + " and assiciation type.");
try
{
if (dbInfo.ColumnExists(GroupQB.DISPLAY_TBLE_NAME, "ID"))
{
addIDcol = true;
}
if (dbInfo.ColumnExists(GroupQB.DISPLAY_TBLE_NAME, "Description"))
{
addDescCol = true;
}
sql = GroupQB.GetSelectGroupDisplayPermissionSql(groupID, addIDcol, addDescCol, associationType);
List <string[]> data = dbInfo.GetDataList(sql);
if (data == null)
{
Logger.LogError(5, "Error getting group to display permissions for sql: " + sql);
return(null);
}
else if (data.Count == 0)
{
Logger.Log("No record was found in the database for sql :" + sql);
return(new List <MGSecurityTag>());
}
Logger.Log("Start building the Security Dictionary.");
Dictionary <int, List <MGSecurityTag> > dict = BuildSecurityDictionary(data);
if (dict == null)
{
Logger.LogError(5, "Error, got Null Security Dictionary when getting group to display dictionary . Quitting!");
return(null);
}
else if (dict.Count == 0)
{
Logger.LogError(5, "Error, got Empty Security Dictionary when getting group to display dictionary. Quitting!");
return(null);
}
else if (dict.Count > 1)
{
Logger.LogError(5, "Invalid number of entries forud in the Security Dictionary when getting group to display dictionary");
return(null);
}
else if (!dict.ContainsKey(groupID))
{
Logger.LogError(5, "Error, required group id is not found in the Security Dictionary when getting group to display dictionary. Quitting!");
return(null);
}
Logger.Log("Start Getting Security Tag when Getting group to display dictionary.");
groupTags = dict[groupID];
if (groupTags == null)
{
Logger.LogError(5, "Error, Null Security Tag found when getting group to display dictionary. Quitting!");
return(null);
}
}
catch (Exception ex)
{
Logger.LogError(5, "Error Getting Group to display Permission Information at " + ex);
return(null);
}
return(groupTags);
//// TODO: make this safe
//return BuildSecurityDictionary(data)[groupID];
}
/// <summary>
/// Getting Group to Contenet Permission Information
/// </summary>
/// <param name="groupID">Group ID to get permission for.</param>
/// <param name="associationType">Assign, UnAssign, NotAssigned</param>
/// <returns>List of MGSecurityTag </returns>
public List <MGSecurityTag> GetGroupContentDictionary(int groupID, GroupAdministration.AssociationTypes associationType)
{
List <MGSecurityTag> groupTags = null;
string sql = null;
Logger.Log("Start getting the group to content dictionary given a group id and assiciation type.");
try
{
sql = GroupQB.GetSelectGroupContentPermissionSql(groupID, associationType);
// TODO: make this checking and single list from single entry dictionary retrieval into a method
List <string[]> data = dbInfo.GetDataList(sql);
if (data == null)
{
Logger.LogError(5, "Error getting group to content permissions for sql: " + sql);
return(null);
}
else if (data.Count == 0)
{
Logger.Log("No record was found in the database for sql :" + sql);
return(new List <MGSecurityTag>());
}
Logger.Log("Start building the Security Dictionary.");
bool isCheckForUniqVals = false;
Dictionary <int, List <MGSecurityTag> > dict = BuildSecurityDictionary(data, isCheckForUniqVals);
if (dict == null)
{
Logger.LogError(5, "Error, got Null Security Dictionary. Quitting!");
return(null);
}
else if (dict.Count == 0)
{
Logger.LogError(5, "Error, got Empty Security Dictionary. Quitting!");
return(null);
}
else if (dict.Count > 1)
{
Logger.LogError(5, "TODO: write log");
return(null);
}
else if (!dict.ContainsKey(groupID))
{
Logger.LogError(5, "Error, required group id is not found in the Security Dictionary. Quitting!");
return(null);
}
Logger.Log("Start Getting Security Tag.");
groupTags = dict[groupID];
if (groupTags == null)
{
Logger.LogError(5, "Error, Null Security Tag found. Quitting!");
return(null);
}
}
catch (Exception ex)
{
Logger.LogError(5, "Error Getting Group to Content Permission Information at " + ex);
return(null);
}
return(groupTags);
}
public List <MGSecurityTag> GetUnassignedAnyGroupContentDictionary()
{
// This gets permissions that are NOT assigned to ANY group:
// TODO: generate this query in a method that can be called for all three types of group permission (content, display & functionality)
List <MGSecurityTag> groupTags = null;
string sql = "";
try
{
sql = GroupQB.GetSelectGroupContentPermissionSql(MGGroup.NO_GROUP_GROUP_ID, GroupAdministration.AssociationTypes.NotAssigned);
// TODO: make this checking and single list from single entry dictionary retrieval into a method
List <string[]> data = dbInfo.GetDataList(sql);
if (data == null)
{
Logger.LogError(5, "Failed to get the conents from database which are not linked to any group using SQL = " + sql);
return(null);
}
else if (data.Count == 0)
{
return(new List <MGSecurityTag>());
}
//return BuildSecurityDictionary(data)[MGGroup.NO_GROUP_GROUP_ID];
Dictionary <int, List <MGSecurityTag> > dict = BuildSecurityDictionary(data);
if (dict == null)
{
Logger.LogError(5, "Error converting into Dictionary the contents permission which not linked to any group.");
return(null);
}
else if (dict.Count == 0)
{
Logger.Log("Got zero unassigned to any group content items, returning an empty list of security tags ...");
return(new List <MGSecurityTag>());
}
else if (dict.Count > 1)
{
Logger.LogError(5, "Invalid number of entries are found in the Dictionary for contents permission which not linked to any group.");
Logger.LogError(5, "Every content is set to belong to a dumy Group with ID = 1. Therefore there should be only one entry in the dictionary.");
return(null);
}
else if (!dict.ContainsKey(MGGroup.NO_GROUP_GROUP_ID))
{
Logger.LogError(5, "Dictionary does not containd the contents entries for the dumy group.");
return(null);
}
groupTags = dict[MGGroup.NO_GROUP_GROUP_ID];
if (groupTags == null)
{
Logger.LogError(5, "Could not find the MGSecurityTag for " + MGGroup.NO_GROUP_GROUP_NAME);
return(null);
}
}
catch (Exception ex)
{
Logger.LogError(5, "Error Getting Content Permission Information for Contents which are not linked to any group at " + ex);
return(null);
}
return(groupTags);
}
/// <summary>
/// Get Users for a given Group. It populate only (3) three User Information (UserName, JobTitle, Email)
/// </summary>
/// <param name="group">Group for which to find users.</param>
/// <param name="associationTypes">Assigned and Unassigned user to group.</param>
/// <returns></returns>
public List <MGUser> GetUsersForAGroup(MGGroup group, string searchString, AssociationTypes associationTypes)
{
List <MGUser> result = null;
IDataReader reader = null;
string strUserID = null;
int userID = -1;
string sql = "";
string msgPart = "getting users which are '" + associationTypes + "ed' to Group '" + group.Name + "'";
bool isLockAcquired = Monitor.TryEnter(UserAdministration.USER_ADMIN_LOCK_OBJ, UserAdministration.USER_ADMIN_LOCK_TIMEOUT);
if (isLockAcquired)
{
try {
Logger.Log("Start " + msgPart);
DbInfo = new DatabaseWrapper(Lcf);
DbInfo.Connect();
sql = GroupQB.GetSelectUsersForAGroupSql(group.ID, searchString, associationTypes);
reader = DbInfo.RunSqlReader(sql);
if (reader == null)
{
Logger.LogError(5, "Quitting, failed " + msgPart + " with sql : " + sql);
return(null);
}
result = new List <MGUser>();
while (reader.Read())
{
strUserID = null;
userID = -1;
MGUser user = new MGUser();
//Get USER ID
if (reader[GroupQB.USER_ID_GENERAL_COL] != System.DBNull.Value)
{
strUserID = reader[GroupQB.USER_ID_GENERAL_COL].ToString();
if (!int.TryParse(strUserID, out userID))
{
userID = -1;
Logger.LogError(5, "Error parsing user ID into integer. Quitting");
return(null);
}
}
user.ID = userID;
//Get User Name
if (reader[GroupQB.USER_NAME_COL] != System.DBNull.Value)
{
user.Username = SecureStringWrapper.Encrypt((string)reader[GroupQB.USER_NAME_COL]);
}
else
{
Logger.LogWarning("Null or empty User is found for ID =" + user.ID + ". Please check the database!");
user.Username = SecureStringWrapper.Encrypt("");
}
//Get User EMAIL
if (reader[GroupQB.USER_EMAIL_COL] != System.DBNull.Value)
{
user.Email = SecureStringWrapper.Encrypt((string)reader[GroupQB.USER_EMAIL_COL]);
}
else
{
Logger.LogWarning("Null or empty Email is found for ID =" + user.ID + ". Please check the database!");
user.Email = SecureStringWrapper.Encrypt("");
}
//Get User Job Title
if (reader[GroupQB.USER_JOBTITLE_COL] != System.DBNull.Value)
{
user.JobTitle = SecureStringWrapper.Encrypt((string)reader[GroupQB.USER_JOBTITLE_COL]);
}
else
{
//Logger.LogWarning("Null or empty job title is found for ID =" + user.ID + ". Please check the database!");
user.JobTitle = SecureStringWrapper.Encrypt("");
}
result.Add(user);
}
} catch (Exception ex) {
Logger.LogError(5, "Error " + msgPart + " at: " + ex);
return(null);
} finally {
Monitor.Exit(UserAdministration.USER_ADMIN_LOCK_OBJ);
if (reader != null && !reader.IsClosed)
{
reader.Close();
}
if (DbInfo != null)
{
DbInfo.Disconnect();
}
}
}
else
{
Logger.LogError(5, "Failed to get exclusive lock in GetUsersForAGroup when " + msgPart);
return(null);
}
return(result);
}