///<summary>Pass in the user and all of the userGroups that the user should be attached to.
///Detaches the userCur from any usergroups that are not in the given list.
///Returns a count of how many user group attaches were affected.</summary>
public static long SyncForUser(Userod userCur, List <long> listUserGroupNums)
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
return(Meth.GetLong(MethodBase.GetCurrentMethod(), userCur, listUserGroupNums));
}
long rowsChanged = 0;
foreach (long userGroupNum in listUserGroupNums)
{
if (!userCur.IsInUserGroup(userGroupNum))
{
UserGroupAttach userGroupAttach = new UserGroupAttach();
userGroupAttach.UserGroupNum = userGroupNum;
userGroupAttach.UserNum = userCur.UserNum;
Crud.UserGroupAttachCrud.Insert(userGroupAttach);
rowsChanged++;
}
}
foreach (UserGroupAttach userGroupAttach in UserGroupAttaches.GetForUser(userCur.UserNum))
{
if (!listUserGroupNums.Contains(userGroupAttach.UserGroupNum))
{
Crud.UserGroupAttachCrud.Delete(userGroupAttach.UserGroupAttachNum);
rowsChanged++;
}
}
return(rowsChanged);
}
///<summary>Determines whether an individual user has a specific permission.</summary>
public static bool HasPermission(Userod user, Permissions permType, long fKey)
{
//No need to check RemotingRole; no call to db.
GroupPermission groupPermission = GetFirstOrDefault(x => x.PermType == permType && x.FKey == fKey && user.IsInUserGroup(x.UserGroupNum));
return(groupPermission != null);
}
///<summary>Only used in one place on the server when first attempting to log on. The password will be hashed and checked against the one in the database. Password is required, so empty string will return null. Returns a user object if user and password are valid. Otherwise, returns null. If usingEcw, password will actually be the hash. If usingEcw, then the username is not case sensitive.</summary>
public static Userod CheckUserAndPassword(string username, string password, bool usingEcw)
{
//No need to check RemotingRole; no call to db.
if (password == "")
{
return(null);
}
RefreshCache();
Userod user = GetUserByName(username, usingEcw);
if (user == null)
{
return(null);
}
if (usingEcw)
{
if (user.Password == password)
{
return(user);
}
}
else if (user.Password == EncryptPassword(password))
{
return(user);
}
return(null);
}
///<summary>Will throw an exception if server cannot validate username and password.
///configPath will be empty from a workstation and filled from the server. If Ecw, odpass will actually be the hash.</summary>
public static Userod LogInWeb(string oduser, string odpass, string configPath, string clientVersionStr, bool usingEcw)
{
//Unusual remoting role check designed for first time logging in via middle tier.
if (RemotingClient.RemotingRole == RemotingRole.ServerWeb)
{
Userod user = Userods.CheckUserAndPassword(oduser, odpass, usingEcw);
if (string.IsNullOrEmpty(odpass)) //All middle tier connections must pass in a password.
{
throw new Exception("Invalid username or password.");
}
string command = "SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
string dbVersionStr = Db.GetScalar(command);
string serverVersionStr = Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
#if DEBUG
if (Assembly.GetAssembly(typeof(Db)).GetName().Version.Build == 0)
{
command = "SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'"; //Using this during debug in the head makes it open fast with less fiddling.
dbVersionStr = Db.GetScalar(command);
}
#endif
if (dbVersionStr != serverVersionStr)
{
throw new Exception("Version mismatch. Server:" + serverVersionStr + " Database:" + dbVersionStr);
}
if (!string.IsNullOrEmpty(clientVersionStr))
{
Version clientVersion = new Version(clientVersionStr);
Version serverVersion = new Version(serverVersionStr);
if (clientVersion > serverVersion)
{
throw new Exception("Version mismatch. Client:" + clientVersionStr + " Server:" + serverVersionStr);
}
}
//if clientVersion == serverVersion, than we need do nothing.
//if clientVersion < serverVersion, than an update will later be triggered.
//Security.CurUser=user;//we're on the server, so this is meaningless
return(user);
//return 0;//meaningless
}
else
{
//Because RemotingRole has not been set, and because CurUser has not been set,
//this particular method is more verbose than most and does not use Meth.
//It's not a good example of the standard way of doing things.
DtoGetObject dto = new DtoGetObject();
dto.Credentials = new Credentials();
dto.Credentials.Username = oduser;
dto.Credentials.Password = odpass; //Userods.EncryptPassword(password);
dto.ComputerName = Security.CurComputerName;
dto.MethodName = "OpenDentBusiness.Security.LogInWeb";
dto.ObjectType = typeof(Userod).FullName;
object[] parameters = new object[] { oduser, odpass, configPath, clientVersionStr, usingEcw };
dto.Params = DtoObject.ConstructArray(MethodBase.GetCurrentMethod(), parameters);
//Purposefully throws exceptions.
//If hasConnectionLost was set to true then the user would be stuck in an infinite loop of trying to connect to a potentially invalid Middle Tier URI.
//Therefore, set hasConnectionLost false so that the user gets an error message immediately in the event that Middle Tier cannot be reached.
return(RemotingClient.ProcessGetObject <Userod>(dto, false));
}
}
///<summary>Surround with try/catch because it can throw exceptions. We don't really need to make this public, but it's required in order to follow the RemotingRole pattern.</summary>
public static void Validate(bool isNew, Userod user, bool excludeHiddenUsers)
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
Meth.GetVoid(MethodBase.GetCurrentMethod(), isNew, user, excludeHiddenUsers);
return;
}
//should add a check that employeenum and provnum are not both set.
//make sure username is not already taken
string command;
long excludeUserNum;
if (isNew)
{
excludeUserNum = 0;
}
else
{
excludeUserNum = user.UserNum; //it's ok if the name matches the current username
}
//It doesn't matter if the UserName is already in use if the user being updated is going to be hidden. This check will block them from unhiding duplicate users.
if (!user.IsHidden) //if the user is now not hidden
{
if (!IsUserNameUnique(user.UserName, excludeUserNum, excludeHiddenUsers))
{
throw new Exception(Lans.g("Userods", "UserName already in use."));
}
}
//make sure that there would still be at least one user with security admin permissions
if (!isNew)
{
command = "SELECT COUNT(*) FROM grouppermission "
+ "WHERE PermType='" + POut.Long((int)Permissions.SecurityAdmin) + "' "
+ "AND UserGroupNum=" + POut.Long(user.UserGroupNum);
if (Db.GetCount(command) == "0") //if this user would not have admin
//make sure someone else has admin
{
command = "SELECT COUNT(*) FROM userod,grouppermission "
+ "WHERE grouppermission.PermType='" + POut.Long((int)Permissions.SecurityAdmin) + "'"
+ " AND userod.UserGroupNum=grouppermission.UserGroupNum"
+ " AND userod.IsHidden =0"
+ " AND userod.UserNum != " + POut.Long(user.UserNum);
if (Db.GetCount(command) == "0") //there are no other users with this permission
{
throw new Exception(Lans.g("Users", "At least one user must have Security Admin permission."));
}
}
}
//an admin user can never be hidden
command = "SELECT COUNT(*) FROM grouppermission "
+ "WHERE PermType='" + POut.Long((int)Permissions.SecurityAdmin) + "' "
+ "AND UserGroupNum=" + POut.Long(user.UserGroupNum);
if (Db.GetCount(command) != "0" && //if this user is admin
user.IsHidden) //and hidden
{
throw new Exception(Lans.g("Userods", "Admins cannot be hidden."));
}
}
///<summary></summary>
public FormUserEdit(Userod userCur)
{
//
// Required for Windows Form Designer support
//
InitializeComponent();
Lan.F(this);
UserCur=userCur.Copy();
}
///<summary>Surround with try/catch because it can throw exceptions. Only used from FormOpenDental.menuItemPassword_Click(). Same as Update(), only the Validate call skips checking duplicate names for hidden users.</summary>
public static void UpdatePassword(Userod userod)
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
Meth.GetVoid(MethodBase.GetCurrentMethod(), userod);
return;
}
Validate(false, userod, true);
Crud.UserodCrud.Update(userod);
}
///<summary>Surround with try/catch because it can throw exceptions.</summary>
public static long Insert(Userod userod)
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
userod.UserNum = Meth.GetLong(MethodBase.GetCurrentMethod(), userod);
return(userod.UserNum);
}
Validate(true, userod, false);
return(Crud.UserodCrud.Insert(userod));
}
///<summary>Manually sync the database on the lists passed in. This does not check the PKs of the items in either list.
///Instead, it only cares about info in the UserGroupNum and UserNum columns.
///Returns the number of rows that were changed. Currently only used in the CEMT tool.</summary>
public static long SyncCEMT(List <UserGroupAttach> listNew, List <UserGroupAttach> listOld)
{
//This remoting role check isn't necessary but will save on network traffic
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
return(Meth.GetLong(MethodBase.GetCurrentMethod(), listNew, listOld));
}
//the users and usergroups in listNew correspond to UserNumCEMTs and UserGroupNumCEMTs.
// - If a row with the same UserGroupNum and UserNum exists in ListNew that does not exist in list Old, add it to listAdd.
// - If a row with the same UserGroupNum and UserNum exists in ListOld that does not exist in ListNew, add it to listDel.
List <UserGroupAttach> listAdd = new List <UserGroupAttach>();
List <UserGroupAttach> listDel = new List <UserGroupAttach>();
long rowsChanged = 0;
foreach (UserGroupAttach userGroupAtt in listNew)
{
if (!listOld.Exists(x => x.UserGroupNum == userGroupAtt.UserGroupNum && x.UserNum == userGroupAtt.UserNum))
{
listAdd.Add(userGroupAtt);
}
}
foreach (UserGroupAttach userGroupAtt in listOld)
{
if (!listNew.Exists(x => x.UserGroupNum == userGroupAtt.UserGroupNum && x.UserNum == userGroupAtt.UserNum))
{
listDel.Add(userGroupAtt);
}
}
//make sure that there is only one unique (UserGroup, UserGroupNum) row in the add list. (this is precautionary)
listAdd = listAdd.GroupBy(x => new { x.UserNum, x.UserGroupNum }).Select(x => x.First()).ToList();
//Get users and user groups from remote db to compare against for log entrys
List <Userod> listRemoteUsers = Userods.GetUsersNoCache();
List <UserGroup> listRemoteGroups = UserGroups.GetCEMTGroupsNoCache();
foreach (UserGroupAttach userGroupAdd in listAdd)
{
rowsChanged++;
UserGroupAttaches.Insert(userGroupAdd);
Userod user = listRemoteUsers.FirstOrDefault(x => x.UserNum == userGroupAdd.UserNum);
UserGroup userGroup = listRemoteGroups.FirstOrDefault(x => x.UserGroupNum == userGroupAdd.UserGroupNum);
SecurityLogs.MakeLogEntryNoCache(Permissions.SecurityAdmin, 0, "User: "******" added to user group: "
+ userGroup.Description + " by CEMT user: "******"User: "******" removed from user group: "
+ userGroup.Description + " by CEMT user: " + Security.CurUser.UserName);
}
return(rowsChanged);
}
///<summary></summary>
public Userod Copy()
{
Userod u = new Userod();
u.UserNum = UserNum;
u.UserName = UserName;
u.Password = Password;
u.UserGroupNum = UserGroupNum;
u.EmployeeNum = EmployeeNum;
u.ClinicNum = ClinicNum;
return(u);
}
///<summary>Spawns a child thread, on which it sets a Userod object to the thread's value for Security.CurUser.</summary>
public static Userod GetCurUserFromThread()
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
return(Meth.GetObject <Userod>(MethodBase.GetCurrentMethod()));
}
Userod user = null;
ODThread thread = new ODThread((o) => { user = Security.CurUser; });
thread.Start();
thread.Join(1000); //Give the thread 1 second to finish so this test doesn't hang.
return(user);
}
public static string GetName(int userNum)
{
if (userNum == 0)
{
return("");
}
Userod user = GetUser(userNum);
if (user == null)
{
return("");
}
return(user.UserName);
}
///<summary>Does not add a new usergroupattach if the passed-in userCur is already attached to userGroup.</summary>
public static void AddForUser(Userod userCur, long userGroupNum)
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
Meth.GetVoid(MethodBase.GetCurrentMethod(), userCur, userGroupNum);
return;
}
if (!userCur.IsInUserGroup(userGroupNum))
{
UserGroupAttach userGroupAttach = new UserGroupAttach();
userGroupAttach.UserGroupNum = userGroupNum;
userGroupAttach.UserNum = userCur.UserNum;
Crud.UserGroupAttachCrud.Insert(userGroupAttach);
}
}
public static List <Clinic> GetAllForUserod(Userod curUser)
{
List <Clinic> listClinics = GetDeepCopy();
if (!PrefC.HasClinicsEnabled)
{
return(listClinics);
}
if (curUser.ClinicIsRestricted && curUser.ClinicNum != 0)
{
List <UserClinic> listUserClinics = UserClinics.GetForUser(curUser.UserNum);
return(listClinics.FindAll(x => listUserClinics.Exists(y => y.ClinicNum == x.ClinicNum)).ToList());
}
return(listClinics);
}
///<summary>This handles situations where we have a usernum, but not a user. And it handles usernum of zero.</summary>
public static string GetName(long userNum)
{
//No need to check RemotingRole; no call to db.
if (userNum == 0)
{
return("");
}
Userod user = GetUser(userNum);
if (user == null)
{
return("");
}
return(user.UserName);
}
///<summary>Updates a password for a given Userod account and saves it to the database. Suggested hash type is SHA3-512.
///Throws an exception if a passed in hash type is not implimented.</summary>
public static bool UpdatePasswordUserod(Userod user, string inputPass, HashTypes hashType = HashTypes.SHA3_512)
{
//No need to check RemotingRole; no call to db.
//Calculate the password strength.
bool passStrength = String.IsNullOrEmpty(Userods.IsPasswordStrong(inputPass));
PasswordContainer loginDetails = GenerateLoginDetails(inputPass, hashType);
try {
Userods.UpdatePassword(user, loginDetails, passStrength);
}
catch {
return(false);
}
return(true);
}
private void FormProvStudentEdit_Load(object sender,EventArgs e) {
_existingUser=new Userod();
//Load the Combo Box
for(int i=0;i<SchoolClasses.List.Length;i++) {
comboClass.Items.Add(SchoolClasses.GetDescript(SchoolClasses.List[i]));
}
comboClass.SelectedIndex=0;
//Create a provider object if none has been provided
if(ProvStudent==null) {
ProvStudent=new Provider();
}
//From the add button - Select as much pre-given info as possible
if(ProvStudent.IsNew) {
labelPassDescription.Visible=false;
_autoUserName=Providers.GetNextAvailableProvNum();
textUserName.Text=POut.Long(_autoUserName);//User-names are suggested to be the ProvNum of the provider. This can be changed at will.
for(int i=0;i<SchoolClasses.List.Length-1;i++) {
if(SchoolClasses.List[i].SchoolClassNum!=ProvStudent.SchoolClassNum) {
continue;
}
comboClass.SelectedIndex=i;
break;
}
textFirstName.Text=ProvStudent.FName;
textLastName.Text=ProvStudent.LName;
}
//Double-Clicking an existing student
else {
_isGeneratingAbbr=false;
for(int i=0;i<SchoolClasses.List.Length-1;i++) {
if(SchoolClasses.List[i].SchoolClassNum!=ProvStudent.SchoolClassNum) {
continue;
}
comboClass.SelectedIndex=i;
break;
}
textAbbr.Text=ProvStudent.Abbr;
textFirstName.Text=ProvStudent.FName;
textLastName.Text=ProvStudent.LName;
List<Userod> userList=Providers.GetAttachedUsers(ProvStudent.ProvNum);
if(userList.Count>0) {
textUserName.Text=userList[0].UserName;//Should always happen if they are a student.
_existingUser=userList[0];
}
textProvNum.Text=POut.Long(ProvStudent.ProvNum);
}
}
///<summary>Used to check if user has permission to access the report. Pass in a list of DisplayReports to avoid a call to the db.</summary>
public static bool HasReportPermission(string reportName, Userod user, List <DisplayReport> listReports = null)
{
//No need to check RemotingRole; no call to db.
DisplayReport report = (listReports ?? DisplayReports.GetAll(false)).FirstOrDefault(x => x.InternalName == reportName);
if (report == null) //Report is probably hidden.
{
return(false);
}
List <GroupPermission> listReportPermissions = GroupPermissions.GetPermsForReports();
if (listReportPermissions.Exists(x => x.FKey == report.DisplayReportNum && Userods.IsInUserGroup(user.UserNum, x.UserGroupNum)))
{
return(true);
}
return(false);
}
public static List <MobileAppDevice> GetForUser(Userod user)
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
return(Meth.GetObject <List <MobileAppDevice> >(MethodBase.GetCurrentMethod(), user));
}
string command = $"SELECT * FROM mobileappdevice ";
if (PrefC.HasClinicsEnabled)
{
List <Clinic> listClinicsForUser = Clinics.GetForUserod(user);
if (listClinicsForUser.Count == 0)
{
return(new List <MobileAppDevice>());
}
command += $"WHERE ClinicNum in ({ string.Join(",",listClinicsForUser.Select(x => x.ClinicNum))})";
}
return(Crud.MobileAppDeviceCrud.SelectMany(command));
}
///<summary></summary>
public static Userod GetUser(int userNum)
{
Userod user = null;
for (int i = 0; i < RawData.Rows.Count; i++)
{
if (RawData.Rows[i]["UserNum"].ToString() != userNum.ToString())
{
continue;
}
user = new Userod();
user.UserNum = PIn.PInt(RawData.Rows[i][0].ToString());
user.UserName = PIn.PString(RawData.Rows[i][1].ToString());
user.Password = PIn.PString(RawData.Rows[i][2].ToString());
user.UserGroupNum = PIn.PInt(RawData.Rows[i][3].ToString());
user.EmployeeNum = PIn.PInt(RawData.Rows[i][4].ToString());
}
return(user);
}
///<summary>Returns a list of clinics the curUser has permission to access.
///If the user is not restricted, the list will contain all of the clinics. Does NOT include hidden clinics (and never should anyway).</summary>
///<param name="doIncludeHQ">If true and the user is not restricted, includes HQ as a clinic with a ClinicNum of 0, even if clinics are disabled.</param>
public static List <Clinic> GetForUserod(Userod curUser, bool doIncludeHQ = false, string hqClinicName = null)
{
List <Clinic> listClinics = new List <Clinic>();
//Add HQ clinic if requested, even if clinics are disabled. Counter-intuitive, but required for offices that had clinics enabled and then
//turned them off. If clinics are enabled and the user is restricted this will be filtered out below.
if (doIncludeHQ)
{
listClinics.Add(GetPracticeAsClinicZero(hqClinicName));
}
listClinics.AddRange(GetDeepCopy(true)); //don't include hidden clinics
if (PrefC.HasClinicsEnabled && curUser.ClinicIsRestricted && curUser.ClinicNum != 0)
{
//Clinics are enabled and user is restricted, return clinics the person has permission for.
List <long> listUserClinicNums = UserClinics.GetForUser(curUser.UserNum).Select(x => x.ClinicNum).ToList();
listClinics.RemoveAll(x => !listUserClinicNums.Contains(x.ClinicNum)); //Remove all clinics that are not in the list of UserClinics.
}
return(listClinics);
}
/// <summary>Takes a provNum. Normally returns that provNum. If in Orion mode, returns the user's ProvNum, if that user is a primary provider. Otherwise, in Orion Mode, returns 0.</summary>
public static long GetOrionProvNum(long provNum)
{
if (Programs.UsingOrion)
{
Userod user = Security.CurUser;
if (user != null)
{
Provider prov = Providers.GetProv(user.ProvNum);
if (prov != null)
{
if (!prov.IsSecondary)
{
return(user.ProvNum);
}
}
}
return(0);
}
return(provNum);
}
///<summary>Checks to see if the hash of inputPass matches for a Userod object. If the user password is blank, inputPass must be
///blank as well. When isEcw is true then inputPass should already be hashed.
///If the inputPass is correct, the algorithm used was MD5, and updateIfNeeded is true then the password stored in the database will be updated to SHA3-512</summary>
public static bool CheckPassword(Userod userod, string inputPass, bool isEcw = false)
{
//No need to check RemotingRole; no call to db.
PasswordContainer loginDetails = userod.LoginDetails;
if (loginDetails.HashType == HashTypes.None)
{
return(inputPass == "");
}
if (isEcw)
{
return(ConstantEquals(inputPass, loginDetails.Hash));
}
if (!CheckPassword(inputPass, loginDetails))
{
return(false);
}
//The password passed in was correct.
return(true);
}
///<summary>Returns a list of clinics the curUser has permission to access.
///If the user is not restricted, the list will contain all of the clinics. Does NOT include hidden clinics (and never should anyway).</summary>
///<param name="doIncludeHQ">If true and the user is not restricted, includes HQ as a clinic with a ClinicNum of 0.</param>
public static List <Clinic> GetForUserod(Userod curUser, bool doIncludeHQ = false, string hqClinicName = null)
{
if (!PrefC.HasClinicsEnabled) //clinics not enabled, return all clinics. Counter-intuitive, but required for offices that had clinics enabled and then turned them off.
{
return(GetDeepCopy());
}
List <Clinic> listClinics = GetDeepCopy(true);
if (curUser.ClinicIsRestricted && curUser.ClinicNum != 0) //User is restricted, return clinics the person has permission for.
{
List <UserClinic> listUserClinics = UserClinics.GetForUser(curUser.UserNum);
//Find all clinics that there is a UserClinic entry for.
return(listClinics.FindAll(x => listUserClinics.Exists(y => y.ClinicNum == x.ClinicNum)).ToList());
}
//User is not restricted, return all clinics.
if (doIncludeHQ)
{
listClinics.Insert(0, GetPracticeAsClinicZero(hqClinicName));
}
return(listClinics);
}
private void FormCentralProdInc_Load(object sender,System.EventArgs e) {
_userOld=Security.CurUser;
_passwordTypedOld=Security.PasswordTyped;
textToday.Text=DateTime.Today.ToShortDateString();
switch(DailyMonthlyAnnual) {
case "Daily":
radioDaily.Checked=true;
break;
case "Monthly":
radioMonthly.Checked=true;
break;
case "Annual":
radioAnnual.Checked=true;
break;
}
SetDates();
//The CM tool runs against many databases thus does not care about default preferences.
//If we enhance the CM tool to have default preferences, we will need to make sure that the cache
//has been refreshed with the CM's cache instead of the potentially stale cache from an unknown source.
//if(PrefC.GetBool(PrefName.ReportsPPOwriteoffDefaultToProcDate)) {
// radioWriteoffProc.Checked=true;
//}
if(DateStart.Year>1880) {
textDateFrom.Text=DateStart.ToShortDateString();
textDateTo.Text=DateEnd.ToShortDateString();
switch(DailyMonthlyAnnual) {
case "Daily":
//RunDaily();
break;
case "Monthly":
//RunMonthly();
break;
case "Annual":
RunAnnual();
break;
}
Close();
}
}
public static bool IsUserAnEmployee(Userod user)
{
bool isEmp = false;
if (user.EmployeeNum == 0) //The current user does not have an employee associated.
{
isEmp = false;
}
else if (user.ProvNum == 0) //The current user has an employee associated and no provider associated.
{
isEmp = true;
}
else //Both an employee and provider are associated to the current user.
{
Provider provUser = Providers.GetProv(user.ProvNum);
if (provUser.IsSecondary && provUser.NationalProvID == "")
{
isEmp = true;
}
}
return(isEmp);
}
///<summary>Attempts to fill the list of engineers from the wikilist. Fills with empty if something failed</summary>
private static void FillEngineerList()
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
Meth.GetVoid(MethodBase.GetCurrentMethod());
return;
}
_listEngineers = new List <Engineer>();
try {
string command = "SELECT Title,EmployeeNum FROM wikilist_employees WHERE Title LIKE '%Engineer%'";
DataTable dt = Db.GetTable(command);
foreach (DataRow dr in dt.Rows)
{
Employee emp = Employees.GetEmp(PIn.Long(dr["EmployeeNum"].ToString()));
Userod user = Userods.GetUserByEmployeeNum(emp.EmployeeNum);
Engineer newEngineer = new Engineer(user, emp, PIn.String(dr["Title"].ToString()));
_listEngineers.Add(newEngineer);
}
}
catch (Exception e) {
//Do nothing
}
}
///<summary>Pass in a list of CEMT usergroupattaches, and this will return a list of corresponding local usergroupattaches.</summary>
public static List <UserGroupAttach> TranslateCEMTToLocal(List <UserGroupAttach> listUserGroupAttachCEMT)
{
List <UserGroupAttach> retVal = new List <UserGroupAttach>();
List <Userod> listRemoteUsers = Userods.GetUsersNoCache();
List <UserGroup> listRemoteGroups = UserGroups.GetCEMTGroupsNoCache();
foreach (UserGroupAttach attachCur in listUserGroupAttachCEMT)
{
Userod userCur = listRemoteUsers.FirstOrDefault(x => attachCur.UserNum == x.UserNumCEMT);
UserGroup userGroupCur = listRemoteGroups.FirstOrDefault(x => attachCur.UserGroupNum == x.UserGroupNumCEMT);
if (userCur == null || userGroupCur == null)
{
continue;
}
UserGroupAttach userGroupAttachNew = new UserGroupAttach()
{
UserNum = userCur.UserNum,
UserGroupNum = userGroupCur.UserGroupNum
};
retVal.Add(userGroupAttachNew);
}
return(retVal);
}
///<summary>Used by Server. Throws exception if bad username or passhash or if either are blank. It uses cached user list, refreshing it if null. This is used everywhere except in the log on screen.</summary>
public static void CheckCredentials(Credentials cred)
{
//No need to check RemotingRole; no call to db.
#if DEBUG
return; //skip checking credentials when in debug for faster testing.
#endif
if (cred.Username == "" || cred.Password == "")
{
throw new ApplicationException("Invalid username or password.");
}
Userod userod = null;
for (int i = 0; i < UserodC.Listt.Count; i++)
{
if (UserodC.Listt[i].UserName == cred.Username)
{
userod = UserodC.Listt[i];
break;
}
}
if (userod == null)
{
throw new ApplicationException("Invalid username or password.");
}
bool useEcwAlgorithm = Programs.IsEnabled(ProgramName.eClinicalWorks);
if (useEcwAlgorithm)
{
if (userod.Password != cred.Password)
{
throw new ApplicationException("Invalid username or password.");
}
}
else if (userod.Password != EncryptPassword(cred.Password))
{
throw new ApplicationException("Invalid username or password.");
}
}
///<summary>Inserts the SmsToMobile to the database and creates a commlog if necessary.</summary>
private static void HandleSentSms(List <SmsToMobile> listSmsToMobiles, bool makeCommLog, Userod user)
{
//No need to check RemotingRole; no call to db.
foreach (SmsToMobile smsToMobile in listSmsToMobiles)
{
smsToMobile.SmsStatus = SmsDeliveryStatus.Pending;
smsToMobile.DateTimeSent = DateTime.Now;
if (smsToMobile.PatNum != 0 && makeCommLog) //Patient specified and calling code won't make commlog, make it here.
{
long userNum = 0;
if (user != null)
{
userNum = user.UserNum;
}
Commlogs.Insert(new Commlog()
{
CommDateTime = smsToMobile.DateTimeSent,
Mode_ = CommItemMode.Text,
Note = "Text message sent: " + smsToMobile.MsgText,
PatNum = smsToMobile.PatNum,
CommType = Commlogs.GetTypeAuto(CommItemTypeAuto.TEXT),
SentOrReceived = CommSentOrReceived.Sent,
UserNum = userNum
});
}
}
InsertMany(listSmsToMobiles);
}
///<summary>Surround with try/catch. Returns true if all messages succeded, throws exception if it failed.</summary>
public static bool SendSmsMany(List <SmsToMobile> listMessages, bool makeCommLog = true, Userod user = null, bool canCheckBal = true)
{
//No need to check RemotingRole; no call to db.
if (listMessages == null || listMessages.Count == 0)
{
return(true);
}
if (canCheckBal)
{
foreach (long clinicNum in listMessages.Select(x => x.ClinicNum))
{
double balance = SmsPhones.GetClinicBalance(clinicNum);
if (balance - (CHARGE_PER_MSG * listMessages.Count(x => x.ClinicNum == clinicNum)) < 0)
{
//ODException.ErrorCode 1 will be processed specially by caller.
throw new ODException("To send these messages first increase spending limit for integrated texting from eServices Setup.", 1);
}
}
}
SendSms(listMessages);
HandleSentSms(listMessages, makeCommLog, user);
return(true);
}
///<summary>Surround with Try/Catch. Sent as time sensitive message.</summary>
public static bool SendSmsSingle(long patNum, string wirelessPhone, string message, long clinicNum, SmsMessageSource smsMessageSource, bool makeCommLog = true, Userod user = null, bool canCheckBal = true)
{
//No need to check RemotingRole; no call to db.
if (Plugins.HookMethod(null, "SmsToMobiles.SendSmsSingle_start", patNum, wirelessPhone, message, clinicNum))
{
return(true);
}
double balance = SmsPhones.GetClinicBalance(clinicNum);
if (balance - CHARGE_PER_MSG < 0 && canCheckBal) //ODException.ErrorCode 1 will be processed specially by caller.
{
throw new ODException("To send this message first increase spending limit for integrated texting from eServices Setup.", 1);
}
string countryCodeLocal = CultureInfo.CurrentCulture.Name.Substring(CultureInfo.CurrentCulture.Name.Length - 2); //Example "en-US"="US"
string countryCodePhone = SmsPhones.GetForClinics(new List <long> {
clinicNum
}).FirstOrDefault()?.CountryCode ?? "";
SmsToMobile smsToMobile = new SmsToMobile();
smsToMobile.ClinicNum = clinicNum;
smsToMobile.GuidMessage = Guid.NewGuid().ToString();
smsToMobile.GuidBatch = smsToMobile.GuidMessage;
smsToMobile.IsTimeSensitive = true;
smsToMobile.MobilePhoneNumber = ConvertPhoneToInternational(wirelessPhone, countryCodeLocal, countryCodePhone);
smsToMobile.PatNum = patNum;
smsToMobile.MsgText = message;
smsToMobile.MsgType = smsMessageSource;
SmsToMobiles.SendSms(new List <SmsToMobile>()
{
smsToMobile
}); //Will throw if failed.
HandleSentSms(new List <SmsToMobile>()
{
smsToMobile
}, makeCommLog, user);
return(true);
}
///<summary>Update for CEMT only. Used when updating Remote databases with information from the CEMT. Because of potentially different primary keys we have to update based on UserNumCEMT.</summary>
public static void UpdateCEMT(Userod userod) {
if(RemotingClient.RemotingRole==RemotingRole.ClientWeb){
Meth.GetVoid(MethodBase.GetCurrentMethod(),userod);
return;
}
//Validate(false,userod,false);//Can't use this validate. it's for normal updating only.
string command="UPDATE userod SET "
+"UserName = '******', "
+"Password = '******', "
+"UserGroupNum = "+POut.Long(userod.UserGroupNum)+", "//need to find primary key of remote user group
+"EmployeeNum = "+POut.Long (userod.EmployeeNum)+", "
+"ClinicNum = "+POut.Long (userod.ClinicNum)+", "
+"ProvNum = "+POut.Long (userod.ProvNum)+", "
+"IsHidden = "+POut.Bool (userod.IsHidden)+", "
+"TaskListInBox = "+POut.Long (userod.TaskListInBox)+", "
+"AnesthProvType = "+POut.Int (userod.AnesthProvType)+", "
+"DefaultHidePopups = "+POut.Bool (userod.DefaultHidePopups)+", "
+"PasswordIsStrong = "+POut.Bool (userod.PasswordIsStrong)+", "
+"ClinicIsRestricted= "+POut.Bool (userod.ClinicIsRestricted)+", "
+"InboxHidePopups = "+POut.Bool (userod.InboxHidePopups)+" "
+"WHERE UserNumCEMT = "+POut.Long(userod.UserNumCEMT);
Db.NonQ(command);
}
public FormCentralUserEdit(Userod user) {
InitializeComponent();
_userCur=user.Copy();
}
private void butOK_Click(object sender,EventArgs e) {
if(textFirstName.Text=="") {
MsgBox.Show(this,"Please fill in a first name.");
return;
}
if(textLastName.Text=="") {
MsgBox.Show(this,"Please fill in a last name.");
return;
}
if(textAbbr.Text=="") {
MsgBox.Show(this,"Please fill in an abbreviation.");
return;
}
if(textUserName.Text=="") {
MsgBox.Show(this,"Please fill in a user name.");
return;
}
ProvStudent.FName=textFirstName.Text;
ProvStudent.LName=textLastName.Text;
ProvStudent.Abbr=textAbbr.Text;
ProvStudent.SchoolClassNum=SchoolClasses.List[comboClass.SelectedIndex].SchoolClassNum;
Userod newUser=new Userod();
bool isAutoUserName=true;
if(!ProvStudent.IsNew || _autoUserName.ToString()!=textUserName.Text) {
isAutoUserName=false;
}
if(isAutoUserName && !PrefC.GetBool(PrefName.RandomPrimaryKeys)) {//Is a new student using the default user name given
long provNum=Providers.GetNextAvailableProvNum();
if(_autoUserName!=provNum) {
MsgBox.Show(this,"The default user name was already taken. The next available user name was used.");
_autoUserName=provNum;
}
provNum=Providers.Insert(ProvStudent);
if(provNum!=_autoUserName) {
MsgBox.Show(this,"The default user name is unavailable. Please set a user name manually.");
Providers.Delete(ProvStudent);
return;
}
newUser.UserName=_autoUserName.ToString();
newUser.Password=Userods.EncryptPassword(textPassword.Text);
newUser.ProvNum=provNum;
newUser.UserGroupNum=PrefC.GetLong(PrefName.SecurityGroupForStudents);
Userods.Insert(newUser);
}
else {//Has changed the user name from the default or is editing a pre-existing student
try {
if(ProvStudent.IsNew) {
long provNum=Providers.Insert(ProvStudent);
newUser.UserName=textUserName.Text;
newUser.Password=textPassword.Text;
newUser.ProvNum=provNum;
newUser.UserGroupNum=PrefC.GetLong(PrefName.SecurityGroupForStudents);
Userods.Insert(newUser);//Performs validation
}
else {
Providers.Update(ProvStudent);
_existingUser.UserName=textUserName.Text;
if(textPassword.Text!="") {
_existingUser.Password=Userods.EncryptPassword(textPassword.Text);
}
Userods.Update(_existingUser);//Performs validation
}
}
catch(Exception ex) {
if(ProvStudent.IsNew) {
Providers.Delete(ProvStudent);
}
MessageBox.Show(ex.Message);
return;
}
}
DialogResult=DialogResult.OK;
}
//private void OnPatientCardInserted(object sender, PatientCardInsertedEventArgs e) {
// if (InvokeRequired) {
// Invoke(new PatientCardInsertedEventHandler(OnPatientCardInserted), new object[] { sender, e });
// return;
// }
// if (MessageBox.Show(this, string.Format(Lan.g(this, "A card belonging to {0} has been inserted. Do you wish to search for this patient now?"), e.Patient.GetNameFL()), "Open Dental", MessageBoxButtons.YesNo) != DialogResult.Yes)
// {
// return;
// }
// using (FormPatientSelect formPS = new FormPatientSelect()) {
// formPS.PreselectPatient(e.Patient);
// if(formPS.ShowDialog() == DialogResult.OK) {
// // OnPatientSelected(formPS.SelectedPatNum);
// // ModuleSelected(formPS.SelectedPatNum);
// }
// }
//}
///<summary>separate thread</summary>
//public void Listen() {
// IPAddress ipAddress = Dns.GetHostAddresses("localhost")[0];
// TcpListenerCommandLine=new TcpListener(ipAddress,2123);
// TcpListenerCommandLine.Start();
// while(true) {
// if(!TcpListenerCommandLine.Pending()) {
// //Thread.Sleep(1000);//for 1 second
// continue;
// }
// TcpClient TcpClientRec = TcpListenerCommandLine.AcceptTcpClient();
// NetworkStream ns = TcpClientRec.GetStream();
// XmlSerializer serializer=new XmlSerializer(typeof(string[]));
// string[] args=(string[])serializer.Deserialize(ns);
// Invoke(new ProcessCommandLineDelegate(ProcessCommandLine),new object[] { args });
// ns.Close();
// TcpClientRec.Close();
// }
//}
/////<summary></summary>
//protected delegate void ProcessCommandLineDelegate(string[] args);
///<summary></summary>
public void ProcessCommandLine(string[] args) {
//if(!Programs.UsingEcwTight() && args.Length==0){
if(!Programs.UsingEcwTightOrFullMode() && args.Length==0){//May have to modify to accept from other sw.
return;
}
/*string descript="";
for(int i=0;i<args.Length;i++) {
if(i>0) {
descript+="\r\n";
}
descript+=args[i];
}
MessageBox.Show(descript);*/
/*
PatNum�(the integer primary key)
ChartNumber (alphanumeric)
SSN (exactly nine digits.�If required, we can gracefully handle dashes, but that is not yet implemented)
UserName
Password*/
int patNum=0;
string chartNumber="";
string ssn="";
string userName="";
string passHash="";
string aptNum="";
string ecwConfigPath="";
int userId=0;
string jSessionId = "";
string jSessionIdSSO = "";
string lbSessionId="";
for(int i=0;i<args.Length;i++) {
if(args[i].StartsWith("PatNum=") && args[i].Length>7) {
string patNumStr=args[i].Substring(7).Trim('"');
try {
patNum=Convert.ToInt32(patNumStr);
}
catch { }
}
if(args[i].StartsWith("ChartNumber=") && args[i].Length>12) {
chartNumber=args[i].Substring(12).Trim('"');
}
if(args[i].StartsWith("SSN=") && args[i].Length>4) {
ssn=args[i].Substring(4).Trim('"');
}
if(args[i].StartsWith("UserName="******"');
}
if(args[i].StartsWith("PassHash=") && args[i].Length>9) {
passHash=args[i].Substring(9).Trim('"');
}
if(args[i].StartsWith("AptNum=") && args[i].Length>7) {
aptNum=args[i].Substring(7).Trim('"');
}
if(args[i].StartsWith("EcwConfigPath=") && args[i].Length>14) {
ecwConfigPath=args[i].Substring(14).Trim('"');
}
if(args[i].StartsWith("UserId=") && args[i].Length>7) {
string userIdStr=args[i].Substring(7).Trim('"');
try {
userId=Convert.ToInt32(userIdStr);
}
catch { }
}
if(args[i].StartsWith("JSESSIONID=") && args[i].Length > 11) {
jSessionId=args[i].Substring(11).Trim('"');
}
if(args[i].StartsWith("JSESSIONIDSSO=") && args[i].Length > 14) {
jSessionIdSSO = args[i].Substring(14).Trim('"');
}
if(args[i].StartsWith("LBSESSIOINID=") && args[i].Length>12) {
lbSessionId=args[i].Substring(12).Trim('"');
}
}
if(ProgramProperties.GetPropVal(Programs.GetProgramNum(ProgramName.eClinicalWorks),"IsLBSessionIdExcluded")=="1" //if check box in Program Links is checked
&& lbSessionId=="" //if lbSessionId not previously set
&& args.Length > 0 //there is at least one argument passed in
&& !args[args.Length-1].StartsWith("LBSESSIONID="))//if there is an argument that is the last argument that is not called "LBSESSIONID", then use that argument, including the "name=" part
{
//An example of this is command line includes LBSESSIONID= icookie=ECWAPP3ECFH. The space makes icookie a separate parameter. We want to set lbSessionId="icookie=ECWAPP3ECFH".
//We are not guaranteed that the parameter is always going to be named icookie, in fact it will be different on each load balancer depending on the setup of the LB.
//Therefore, we cannot look for parameter name, but Aislinn from eCW guaranteed that it would be the last parameter every time during our (Cameron and Aislinn's) conversation on 3/5/2014.
//jsalmon - This is very much a hack but the customer is very large and needs this change ASAP. Nathan has suggested that we create a ticket with eCW to complain about this and make them fix it.
lbSessionId=args[args.Length-1].Trim('"');
}
//eCW bridge values-------------------------------------------------------------
Bridges.ECW.AptNum=PIn.Long(aptNum);
Bridges.ECW.EcwConfigPath=ecwConfigPath;
Bridges.ECW.UserId=userId;
Bridges.ECW.JSessionId=jSessionId;
Bridges.ECW.JSessionIdSSO=jSessionIdSSO;
Bridges.ECW.LBSessionId=lbSessionId;
//Username and password-----------------------------------------------------
//users are allowed to use ecw tight integration without command line. They can manually launch Open Dental.
//if((Programs.UsingEcwTight() && Security.CurUser==null)//We always want to trigger login window for eCW tight, even if no username was passed in.
if((Programs.UsingEcwTightOrFullMode() && Security.CurUser==null)//We always want to trigger login window for eCW tight, even if no username was passed in.
|| (userName!=""//if a username was passed in, but not in tight eCW mode
&& (Security.CurUser==null || Security.CurUser.UserName != userName))//and it's different from the current user
) {
//The purpose of this loop is to use the username and password that were passed in to determine which user to log in
//log out------------------------------------
LastModule=myOutlookBar.SelectedIndex;
myOutlookBar.SelectedIndex=-1;
myOutlookBar.Invalidate();
UnselectActive();
allNeutral();
Userod user=Userods.GetUserByName(userName,true);
if(user==null) {
//if(Programs.UsingEcwTight() && userName!="") {
if(Programs.UsingEcwTightOrFullMode() && userName!="") {
user=new Userod();
user.UserName=userName;
user.UserGroupNum=PIn.Long(ProgramProperties.GetPropVal(ProgramName.eClinicalWorks,"DefaultUserGroup"));
if(passHash=="") {
user.Password="";
}
else {
user.Password=passHash;
}
Userods.Insert(user);//This can fail if duplicate username because of capitalization differences.
DataValid.SetInvalid(InvalidType.Security);
}
else {//not using eCW in tight integration mode
//So present logon screen
FormLogOn_=new FormLogOn();
FormLogOn_.ShowDialog(this);
if(FormLogOn_.DialogResult==DialogResult.Cancel) {
Application.Exit();
return;
}
user=Security.CurUser.Copy();
}
}
//Can't use Userods.CheckPassword, because we only have the hashed password.
//if(passHash!=user.Password || !Programs.UsingEcwTight())//password not accepted or not using eCW
if(passHash!=user.Password || !Programs.UsingEcwTightOrFullMode())//password not accepted or not using eCW
{
//So present logon screen
FormLogOn_=new FormLogOn();
FormLogOn_.ShowDialog(this);
if(FormLogOn_.DialogResult==DialogResult.Cancel) {
Application.Exit();
return;
}
}
else {//password accepted and using eCW tight.
//this part usually happens in the logon window
Security.CurUser = user.Copy();
//let's skip tasks for now
//if(PrefC.GetBool(PrefName.TasksCheckOnStartup")){
// int taskcount=Tasks.UserTasksCount(Security.CurUser.UserNum);
// if(taskcount>0){
// MessageBox.Show(Lan.g(this,"There are ")+taskcount+Lan.g(this," unfinished tasks on your tasklists."));
// }
//}
}
myOutlookBar.SelectedIndex=Security.GetModule(LastModule);
myOutlookBar.Invalidate();
SetModuleSelected();
Patient pat=Patients.GetPat(CurPatNum);//pat could be null
Text=PatientL.GetMainTitle(pat,ClinicNum);//handles pat==null by not displaying pat name in title bar
if(userControlTasks1.Visible) {
userControlTasks1.InitializeOnStartup();
}
if(myOutlookBar.SelectedIndex==-1) {
MsgBox.Show(this,"You do not have permission to use any modules.");
}
}
//patient id----------------------------------------------------------------
if(patNum!=0) {
Patient pat=Patients.GetPat(patNum);
if(pat==null) {
CurPatNum=0;
RefreshCurrentModule();
FillPatientButton(null);
}
else {
CurPatNum=patNum;
RefreshCurrentModule();
FillPatientButton(pat);
}
}
else if(chartNumber!="") {
Patient pat=Patients.GetPatByChartNumber(chartNumber);
if(pat==null) {
//todo: decide action
CurPatNum=0;
RefreshCurrentModule();
FillPatientButton(null);
}
else {
CurPatNum=pat.PatNum;
RefreshCurrentModule();
FillPatientButton(pat);
}
}
else if(ssn!="") {
Patient pat=Patients.GetPatBySSN(ssn);
if(pat==null) {
//todo: decide action
CurPatNum=0;
RefreshCurrentModule();
FillPatientButton(null);
}
else {
CurPatNum=pat.PatNum;
RefreshCurrentModule();
FillPatientButton(pat);
}
}
}
///<summary>Surround with try/catch because it can throw exceptions.</summary>
public static long Insert(Userod userod){
if(RemotingClient.RemotingRole==RemotingRole.ClientWeb){
userod.UserNum=Meth.GetLong(MethodBase.GetCurrentMethod(),userod);
return userod.UserNum;
}
Validate(true,userod,false);
return Crud.UserodCrud.Insert(userod);
}
///<summary>Surround with try/catch because it can throw exceptions. We don't really need to make this public, but it's required in order to follow the RemotingRole pattern.</summary>
public static void Validate(bool isNew,Userod user,bool excludeHiddenUsers){
if(RemotingClient.RemotingRole==RemotingRole.ClientWeb) {
Meth.GetVoid(MethodBase.GetCurrentMethod(),isNew,user,excludeHiddenUsers);
return;
}
//should add a check that employeenum and provnum are not both set.
//make sure username is not already taken
string command;
long excludeUserNum;
if(isNew){
excludeUserNum=0;
}
else{
excludeUserNum=user.UserNum;//it's ok if the name matches the current username
}
//It doesn't matter if the UserName is already in use if the user being updated is going to be hidden. This check will block them from unhiding duplicate users.
if(!user.IsHidden) {//if the user is now not hidden
if(!IsUserNameUnique(user.UserName,excludeUserNum,excludeHiddenUsers)) {
throw new Exception(Lans.g("Userods","UserName already in use."));
}
}
//make sure that there would still be at least one user with security admin permissions
if(!isNew){
command="SELECT COUNT(*) FROM grouppermission "
+"WHERE PermType='"+POut.Long((int)Permissions.SecurityAdmin)+"' "
+"AND UserGroupNum="+POut.Long(user.UserGroupNum);
if(Db.GetCount(command)=="0"){//if this user would not have admin
//make sure someone else has admin
command="SELECT COUNT(*) FROM userod,grouppermission "
+"WHERE grouppermission.PermType='"+POut.Long((int)Permissions.SecurityAdmin)+"'"
+" AND userod.UserGroupNum=grouppermission.UserGroupNum"
+" AND userod.IsHidden =0"
+" AND userod.UserNum != "+POut.Long(user.UserNum);
if(Db.GetCount(command)=="0"){//there are no other users with this permission
throw new Exception(Lans.g("Users","At least one user must have Security Admin permission."));
}
}
}
//an admin user can never be hidden
command="SELECT COUNT(*) FROM grouppermission "
+"WHERE PermType='"+POut.Long((int)Permissions.SecurityAdmin)+"' "
+"AND UserGroupNum="+POut.Long(user.UserGroupNum);
if(Db.GetCount(command)!="0"//if this user is admin
&& user.IsHidden)//and hidden
{
throw new Exception(Lans.g("Userods","Admins cannot be hidden."));
}
}
private void butAddUser_Click(object sender,EventArgs e) {
Userod user=new Userod();
user.UserGroupNum=_selectedGroupNum;
user.IsNew=true;
FormCentralUserEdit FormCU=new FormCentralUserEdit(user);
FormCU.ShowDialog();
if(FormCU.DialogResult==DialogResult.Cancel){
return;
}
FillUsers();
FillTreePerm();
}
private void butAddUser_Click(object sender, System.EventArgs e) {
Userod user=new Userod();
user.UserGroupNum=SelectedGroupNum;
FormUserEdit FormU=new FormUserEdit(user);
FormU.IsNew=true;
FormU.ShowDialog();
if(FormU.DialogResult==DialogResult.Cancel){
return;
}
FillUsers();
FillTreePerm();
changed=true;
}
public Engineer(Userod user, Employee employee, string title)
{
User = user;
Employee = employee;
Title = title;
}
///<summary>Returns a list of clinics the curUser has permission to access. If the user is restricted to a clinic, the list will contain a single clinic. If the user is not restricted, the list will contain all of the clinics. In the future, users may be restricted to multiple clinics and this will allow the list returned to contain a subset of all clinics.</summary>
public static List<Clinic> GetForUserod(Userod curUser) {
List<Clinic> listClinics=new List<Clinic>();
//user is restricted to a single clinic, so return a list with only that clinic in it
if(curUser.ClinicIsRestricted && curUser.ClinicNum>0) {//for now a user can only be restricted to a single clinic, but in the future we will likely allow users to be restricted to more than one clinic
listClinics.Add(GetClinic(curUser.ClinicNum));
return listClinics;
}
Clinic[] arrayClinics=GetList();
for(int i=0;i<arrayClinics.Length;i++) {
listClinics.Add(arrayClinics[i].Copy());
}
return listClinics;
}
///<summary>Surround with try/catch because it can throw exceptions. Only used from FormOpenDental.menuItemPassword_Click(). Same as Update(), only the Validate call skips checking duplicate names for hidden users.</summary>
public static void UpdatePassword(Userod userod){
if(RemotingClient.RemotingRole==RemotingRole.ClientWeb){
Meth.GetVoid(MethodBase.GetCurrentMethod(),userod);
return;
}
Validate(false,userod,true);
Crud.UserodCrud.Update(userod);
}
private void butOK_Click(object sender,System.EventArgs e) {
if(textAbbr.Text=="") {
MessageBox.Show(Lan.g(this,"Abbreviation not allowed to be blank."));
return;
}
if(textSSN.Text.Contains("-")) {
MsgBox.Show(this,"SSN/TIN not allowed to have dash.");
return;
}
if(checkIsHidden.Checked) {
if(PrefC.GetLong(PrefName.PracticeDefaultProv)==ProvCur.ProvNum) {
MsgBox.Show(this,"Not allowed to hide practice default provider.");
return;
}
if(PrefC.GetLong(PrefName.InsBillingProv)==ProvCur.ProvNum) {
MsgBox.Show(this,"Not allowed to hide the default ins billing provider.");
return;
}
if(Clinics.IsInsBillingProvider(ProvCur.ProvNum)) {
MsgBox.Show(this,"Not allowed to hide a clinic ins billing provider.");
return;
}
if(Clinics.IsDefaultClinicProvider(ProvCur.ProvNum)) {
MsgBox.Show(this,"Not allowed to hide a clinic default provider.");
return;
}
}
for(int i=0;i<ProviderC.ListLong.Count;i++) {
if(ProviderC.ListLong[i].ProvNum==ProvCur.ProvNum) {
continue;
}
if(ProviderC.ListLong[i].Abbr==textAbbr.Text && PrefC.GetBool(PrefName.EasyHideDentalSchools)) {
if(!MsgBox.Show(this,true,"This abbreviation is already in use by another provider. Continue anyway?")) {
return;
}
}
}
if(CultureInfo.CurrentCulture.Name.EndsWith("CA") && checkIsCDAnet.Checked) {
if(textNationalProvID.Text!=Eclaims.Canadian.TidyAN(textNationalProvID.Text,9,true)) {
MsgBox.Show(this,"CDA number must be 9 characters long and composed of numbers and letters only.");
return;
}
if(textCanadianOfficeNum.Text!=Eclaims.Canadian.TidyAN(textCanadianOfficeNum.Text,4,true)) {
MsgBox.Show(this,"Office number must be 4 characters long and composed of numbers and letters only.");
return;
}
}
if(checkIsNotPerson.Checked) {
if(textFName.Text!="" || textMI.Text!="") {
MsgBox.Show(this,"When the 'Not a Person' box is checked, the provider may not have a First Name or Middle Initial entered.");
return;
}
}
if(checkIsHidden.Checked) {
if(!MsgBox.Show(this,MsgBoxButtons.OKCancel,"Any future schedule for this provider will be deleted. Continue?")) {
return;
}
Providers.RemoveProvFromFutureSchedule(ProvCur.ProvNum);
}
if(!PrefC.GetBool(PrefName.EasyHideDentalSchools) && (ProvCur.IsInstructor || ProvCur.SchoolClassNum!=0)) {//Is an Instructor or a Student
if(textUserName.Text=="") {
MsgBox.Show(this,"User Name is not allowed to be blank.");
return;
}
}
ProvCur.Abbr=textAbbr.Text;
ProvCur.LName=textLName.Text;
ProvCur.FName=textFName.Text;
ProvCur.MI=textMI.Text;
ProvCur.Suffix=textSuffix.Text;
ProvCur.SSN=textSSN.Text;
ProvCur.StateLicense=textStateLicense.Text;
ProvCur.StateWhereLicensed=textStateWhereLicensed.Text;
ProvCur.DEANum=textDEANum.Text;
ProvCur.StateRxID=textStateRxID.Text;
//ProvCur.BlueCrossID=textBlueCrossID.Text;
ProvCur.MedicaidID=textMedicaidID.Text;
ProvCur.NationalProvID=textNationalProvID.Text;
ProvCur.CanadianOfficeNum=textCanadianOfficeNum.Text;
//EhrKey and EhrHasReportAccess set when user uses the ... button
ProvCur.IsSecondary=checkIsSecondary.Checked;
ProvCur.SigOnFile=checkSigOnFile.Checked;
ProvCur.IsHidden=checkIsHidden.Checked;
ProvCur.IsCDAnet=checkIsCDAnet.Checked;
ProvCur.ProvColor=butColor.BackColor;
ProvCur.OutlineColor=butOutlineColor.BackColor;
ProvCur.IsInstructor=checkIsInstructor.Checked;
ProvCur.EhrMuStage=comboEhrMu.SelectedIndex;
if(!PrefC.GetBool(PrefName.EasyHideDentalSchools)) {
if(ProvCur.SchoolClassNum!=0) {
ProvCur.SchoolClassNum=SchoolClasses.List[comboSchoolClass.SelectedIndex].SchoolClassNum;
}
}
if(listFeeSched.SelectedIndex!=-1) {
ProvCur.FeeSched=FeeSchedC.ListShort[listFeeSched.SelectedIndex].FeeSchedNum;
}
ProvCur.Specialty=(DentalSpecialty)listSpecialty.SelectedIndex;
ProvCur.TaxonomyCodeOverride=textTaxonomyOverride.Text;
if(radAnesthSurg.Checked) {
ProvCur.AnesthProvType=1;
}
else if(radAsstCirc.Checked) {
ProvCur.AnesthProvType=2;
}
else {
ProvCur.AnesthProvType=0;
}
ProvCur.IsNotPerson=checkIsNotPerson.Checked;
if(IsNew) {
long provNum=Providers.Insert(ProvCur);
if(ProvCur.IsInstructor) {
Userod user=new Userod();
user.UserName=textUserName.Text;
user.Password=Userods.EncryptPassword(textPassword.Text);
user.ProvNum=provNum;
user.UserGroupNum=PrefC.GetLong(PrefName.SecurityGroupForInstructors);
try {
Userods.Insert(user);
}
catch(Exception ex) {
Providers.Delete(ProvCur);
MessageBox.Show(ex.Message);
return;
}
}
}
else {
try {
if(_existingUser!=null && (ProvCur.IsInstructor || ProvCur.SchoolClassNum!=0)) {
_existingUser.UserName=textUserName.Text;
if(textPassword.Text!="") {
_existingUser.Password=Userods.EncryptPassword(textPassword.Text);
}
Userods.Update(_existingUser);
}
}
catch(Exception ex) {
MessageBox.Show(ex.Message);
return;
}
Providers.Update(ProvCur);
}
DialogResult = DialogResult.OK;
}
///<summary>Not possible if no security admin.</summary>
private void butCreateUsers_Click(object sender,EventArgs e) {
if(gridMain.SelectedIndices.Length==0){
MsgBox.Show(this,"Please select one or more providers first.");
return;
}
for(int i=0;i<gridMain.SelectedIndices.Length;i++){
if(table.Rows[gridMain.SelectedIndices[i]]["UserName"].ToString()!="") {
MsgBox.Show(this,"Not allowed to create users on providers which already have users.");
return;
}
}
if(comboUserGroup.SelectedIndex==-1){
MsgBox.Show(this,"Please select a User Group first.");
return;
}
for(int i=0;i<gridMain.SelectedIndices.Length;i++){
Userod user=new Userod();
user.UserGroupNum=_listUserGroups[comboUserGroup.SelectedIndex].UserGroupNum;
user.ProvNum=PIn.Long(table.Rows[gridMain.SelectedIndices[i]]["ProvNum"].ToString());
user.UserName=GetUniqueUserName(table.Rows[gridMain.SelectedIndices[i]]["LName"].ToString(),
table.Rows[gridMain.SelectedIndices[i]]["FName"].ToString());
user.Password=user.UserName;//this will be enhanced later.
try{
Userods.Insert(user);
}
catch(ApplicationException ex){
MessageBox.Show(ex.Message);
changed=true;
return;
}
}
changed=true;
FillGrid();
}
///<summary></summary>
public void ProcessCommandLine(string[] args)
{
if(!Programs.UsingEcwTight() && args.Length==0){
return;
}
/*string descript="";
for(int i=0;i<args.Length;i++) {
if(i>0) {
descript+="\r\n";
}
descript+=args[i];
}
MessageBox.Show(descript);*/
/*
PatNum�(the integer primary key)
ChartNumber (alphanumeric)
SSN (exactly nine digits.�If required, we can gracefully handle dashes, but that is not yet implemented)
UserName
Password*/
int patNum=0;
string chartNumber="";
string ssn="";
string userName="";
string passHash="";
string aptNum="";
string ecwConfigPath="";
int userId=0;
string jSessionId = "";
string jSessionIdSSO = "";
for(int i=0;i<args.Length;i++) {
if(args[i].StartsWith("PatNum=") && args[i].Length>7) {
string patNumStr=args[i].Substring(7).Trim('"');
try {
patNum=Convert.ToInt32(patNumStr);
}
catch { }
}
if(args[i].StartsWith("ChartNumber=") && args[i].Length>12) {
chartNumber=args[i].Substring(12).Trim('"');
}
if(args[i].StartsWith("SSN=") && args[i].Length>4) {
ssn=args[i].Substring(4).Trim('"');
}
if(args[i].StartsWith("UserName="******"');
}
if(args[i].StartsWith("PassHash=") && args[i].Length>9) {
passHash=args[i].Substring(9).Trim('"');
}
if(args[i].StartsWith("AptNum=") && args[i].Length>7) {
aptNum=args[i].Substring(7).Trim('"');
}
if(args[i].StartsWith("EcwConfigPath=") && args[i].Length>14) {
ecwConfigPath=args[i].Substring(14).Trim('"');
}
if(args[i].StartsWith("UserId=") && args[i].Length>7) {
string userIdStr=args[i].Substring(7).Trim('"');
try {
userId=Convert.ToInt32(userIdStr);
}
catch { }
}
if(args[i].StartsWith("JSESSIONID=") && args[i].Length > 11) {
jSessionId=args[i].Substring(11).Trim('"');
}
if(args[i].StartsWith("JSESSIONIDSSO=") && args[i].Length > 14) {
jSessionIdSSO = args[i].Substring(14).Trim('"');
}
}
//eCW bridge values-------------------------------------------------------------
Bridges.ECW.AptNum=PIn.Long(aptNum);
Bridges.ECW.EcwConfigPath=ecwConfigPath;
Bridges.ECW.UserId=userId;
Bridges.ECW.JSessionId=jSessionId;
Bridges.ECW.JSessionIdSSO=jSessionIdSSO;
//Username and password-----------------------------------------------------
//users are allowed to use ecw tight integration without command line. They can manually launch Open Dental.
if((Programs.UsingEcwTight() && Security.CurUser==null)//We always want to trigger login window for eCW tight, even if no username was passed in.
|| (userName!=""//if a username was passed in, but not in tight eCW mode
&& (Security.CurUser==null || Security.CurUser.UserName != userName))//and it's different from the current user
) {
//The purpose of this loop is to use the username and password that were passed in to determine which user to log in
//log out------------------------------------
LastModule=myOutlookBar.SelectedIndex;
myOutlookBar.SelectedIndex=-1;
myOutlookBar.Invalidate();
UnselectActive();
allNeutral();
Userod user=Userods.GetUserByName(userName,true);
if(user==null) {
if(Programs.UsingEcwTight() && userName!="") {
user=new Userod();
user.UserName=userName;
user.UserGroupNum=PIn.Long(ProgramProperties.GetPropVal(ProgramName.eClinicalWorks,"DefaultUserGroup"));
if(passHash=="") {
user.Password="";
}
else {
user.Password=passHash;
}
Userods.Insert(user);//This can fail if duplicate username because of capitalization differences.
DataValid.SetInvalid(InvalidType.Security);
}
else {//not using eCW in tight integration mode
//So present logon screen
FormLogOn_=new FormLogOn();
FormLogOn_.ShowDialog(this);
if(FormLogOn_.DialogResult==DialogResult.Cancel) {
Application.Exit();
return;
}
user=Security.CurUser.Copy();
}
}
//Can't use Userods.CheckPassword, because we only have the hashed password.
if(passHash!=user.Password || !Programs.UsingEcwTight())//password not accepted or not using eCW
{
//So present logon screen
FormLogOn_=new FormLogOn();
FormLogOn_.ShowDialog(this);
if(FormLogOn_.DialogResult==DialogResult.Cancel) {
Application.Exit();
return;
}
}
else {//password accepted and using eCW tight.
//this part usually happens in the logon window
Security.CurUser = user.Copy();
//let's skip tasks for now
//if(PrefC.GetBool(PrefName.TasksCheckOnStartup")){
// int taskcount=Tasks.UserTasksCount(Security.CurUser.UserNum);
// if(taskcount>0){
// MessageBox.Show(Lan.g(this,"There are ")+taskcount+Lan.g(this," unfinished tasks on your tasklists."));
// }
//}
}
myOutlookBar.SelectedIndex=Security.GetModule(LastModule);
myOutlookBar.Invalidate();
SetModuleSelected();
if(CurPatNum==0) {
Text=PatientL.GetMainTitle("",0,"",0);
}
else {
Patient pat=Patients.GetPat(CurPatNum);
Text=PatientL.GetMainTitle(pat.GetNameLF(),pat.PatNum,pat.ChartNumber,pat.SiteNum);
}
if(userControlTasks1.Visible) {
userControlTasks1.InitializeOnStartup();
}
if(myOutlookBar.SelectedIndex==-1) {
MsgBox.Show(this,"You do not have permission to use any modules.");
}
}
//patient id----------------------------------------------------------------
if(patNum!=0) {
Patient pat=Patients.GetPat(patNum);
if(pat==null) {
CurPatNum=0;
RefreshCurrentModule();
FillPatientButton(0,"",false,"",0);
}
else {
CurPatNum=patNum;
RefreshCurrentModule();
FillPatientButton(CurPatNum,pat.GetNameLF(),pat.Email!="",pat.ChartNumber,pat.SiteNum);
}
}
else if(chartNumber!="") {
Patient pat=Patients.GetPatByChartNumber(chartNumber);
if(pat==null) {
//todo: decide action
CurPatNum=0;
RefreshCurrentModule();
FillPatientButton(0,"",false,"",0);
}
else {
CurPatNum=pat.PatNum;
RefreshCurrentModule();
FillPatientButton(CurPatNum,pat.GetNameLF(),pat.Email!="",pat.ChartNumber,pat.SiteNum);
}
}
else if(ssn!="") {
Patient pat=Patients.GetPatBySSN(ssn);
if(pat==null) {
//todo: decide action
CurPatNum=0;
RefreshCurrentModule();
FillPatientButton(0,"",false,"",0);
}
else {
CurPatNum=pat.PatNum;
RefreshCurrentModule();
FillPatientButton(CurPatNum,pat.GetNameLF(),pat.Email!="",pat.ChartNumber,pat.SiteNum);
}
}
}
private void FormProvEdit_Load(object sender, System.EventArgs e) {
//if(IsNew){
// Providers.Cur.SigOnFile=true;
// Providers.InsertCur();
//one field handled from previous form
//}
comboEhrMu.Items.Add("Use Global");
comboEhrMu.Items.Add("Stage 1");
comboEhrMu.Items.Add("Stage 2");
comboEhrMu.SelectedIndex=ProvCur.EhrMuStage;
if(!PrefC.GetBool(PrefName.ShowFeatureEhr)) {
comboEhrMu.Visible=false;
labelEhrMU.Visible=false;
}
if(!PrefC.GetBool(PrefName.EasyHideDentalSchools) //Dental Schools is turned on
&& (ProvCur.SchoolClassNum!=0 || ProvCur.IsInstructor))//Adding/Editing Students or Instructors
{
groupDentalSchools.Visible=true;
if(!ProvCur.IsNew) {
labelPassDescription.Visible=true;
textProvNum.Text=ProvCur.ProvNum.ToString();
List<Userod> userList=Providers.GetAttachedUsers(ProvCur.ProvNum);
if(userList.Count>0) {
textUserName.Text=userList[0].UserName;//Should always happen if they are a student.
_existingUser=userList[0];
}
}
else {
textUserName.Text=Providers.GetNextAvailableProvNum().ToString();//User-names are suggested to be the ProvNum of the provider. This can be changed at will.
}
for(int i=0;i<SchoolClasses.List.Length;i++) {
comboSchoolClass.Items.Add(SchoolClasses.List[i].GradYear.ToString()+"-"+SchoolClasses.List[i].Descript);
comboSchoolClass.SelectedIndex=0;
if(SchoolClasses.List[i].SchoolClassNum==ProvCur.SchoolClassNum) {
comboSchoolClass.SelectedIndex=i;
}
}
if(ProvCur.SchoolClassNum!=0) {
labelSchoolClass.Visible=true;
comboSchoolClass.Visible=true;
}
}
if(Programs.IsEnabled(ProgramName.eClinicalWorks)) {
textEcwID.Text=ProvCur.EcwID;
}
else{
labelEcwID.Visible=false;
textEcwID.Visible=false;
}
List<EhrProvKey> listProvKey=EhrProvKeys.GetKeysByFLName(ProvCur.LName,ProvCur.FName);
if(listProvKey.Count>0) {
textLName.Enabled=false;
textFName.Enabled=false;
}
else{
textLName.Enabled=true;
textFName.Enabled=true;
}
//We'll just always show the Anesthesia fields since they are part of the standard database.
textAbbr.Text=ProvCur.Abbr;
textLName.Text=ProvCur.LName;
textFName.Text=ProvCur.FName;
textMI.Text=ProvCur.MI;
textSuffix.Text=ProvCur.Suffix;
textSSN.Text=ProvCur.SSN;
if(ProvCur.UsingTIN){
radioTIN.Checked=true;
}
else {
radioSSN.Checked=true;
}
textStateLicense.Text=ProvCur.StateLicense;
textStateWhereLicensed.Text=ProvCur.StateWhereLicensed;
textDEANum.Text=ProvCur.DEANum;
textStateRxID.Text=ProvCur.StateRxID;
//textBlueCrossID.Text=ProvCur.BlueCrossID;
textMedicaidID.Text=ProvCur.MedicaidID;
textNationalProvID.Text=ProvCur.NationalProvID;
textCanadianOfficeNum.Text=ProvCur.CanadianOfficeNum;
checkIsSecondary.Checked=ProvCur.IsSecondary;
checkSigOnFile.Checked=ProvCur.SigOnFile;
checkIsHidden.Checked=ProvCur.IsHidden;
checkIsInstructor.Checked=ProvCur.IsInstructor;
butColor.BackColor=ProvCur.ProvColor;
butOutlineColor.BackColor=ProvCur.OutlineColor;
for(int i=0;i<FeeSchedC.ListShort.Count;i++){
this.listFeeSched.Items.Add(FeeSchedC.ListShort[i].Description);
if(FeeSchedC.ListShort[i].FeeSchedNum==ProvCur.FeeSched){
listFeeSched.SelectedIndex=i;
}
}
if(listFeeSched.SelectedIndex<0){
listFeeSched.SelectedIndex=0;
}
listSpecialty.Items.Clear();
for(int i=0;i<Enum.GetNames(typeof(DentalSpecialty)).Length;i++){
listSpecialty.Items.Add(Lan.g("enumDentalSpecialty",Enum.GetNames(typeof(DentalSpecialty))[i]));
}
listSpecialty.SelectedIndex=(int)ProvCur.Specialty;
textTaxonomyOverride.Text=ProvCur.TaxonomyCodeOverride;
FillProvIdent();
//These radio buttons are used to properly filter the provider dropdowns on FormAnetheticRecord
if (ProvCur.AnesthProvType == 0)
{
radNone.Checked = true;
}
if (ProvCur.AnesthProvType == 1)
{
radAnesthSurg.Checked = true;
}
if (ProvCur.AnesthProvType == 2)
{
radAsstCirc.Checked = true;
}
checkIsCDAnet.Checked=ProvCur.IsCDAnet;
if(CultureInfo.CurrentCulture.Name.EndsWith("CA")) {//Canadian. en-CA or fr-CA
checkIsCDAnet.Visible=true;
}
checkIsNotPerson.Checked=ProvCur.IsNotPerson;
}
