public void ShowUserwindow(User u)
{
StartWindow w = new StartWindow();
w.WindowUser = u;
windowList["StartWindow"] = w;
w.Show();
}
public void AddMessage(User u, string message)
{
StringBuilder messages;
if(!NotificationMail.TryGetValue(u, out messages))
{
NotificationMail.Add(u, new StringBuilder());
}
NotificationMail[u].AppendLine(message);
}
/*
StoredProceduresName Expects Returns
I_User Email, FirstName, LastName, Function, Password @ReturnValue, Identity
D_User UserID
S_User_PasswordHash Email @ReturnValue
S_User Email @ReturnValue
S_User_ControlPermissions UserID @ReturnValue
S_User_Permissions UserID @ReturnValue
*/
public static bool SelectUser(out User user, int userID)
{
user = null;
try
{
int returnvalue;
user = DAL.DAL.ExecuteDataReader("S_User",FillUser, out returnvalue,userID.SetParameter("UserID")).FirstOrDefault();
user.OwnedPermissions = PermissionsBLL.GetPermissionsByUserID(userID);
foreach(UserGroup u in GroupBLL.GetGroupsByUserID(userID))
user.UserGroupPermissions.Add(u);
}
catch (Exception)
{
}
return false;
}
public static void CreateUser(User AddUser)
{
try {
int returnCode;
List<SqlParameter> para = GetUserParameters(AddUser);
para.Add(DAL.DAL.Identity());
//CreateUser
List<object> outputParams =
DAL.DAL.ExecuteNonQuery("I_User", out returnCode, para.ToArray());
int UserID = (int)outputParams[0];
AddUser.UserID = UserID;
//CreatePermissions
PermissionsBLL.AddPermissions(AddUser);
//setgroups
foreach (UserGroup ug in AddUser.UserGroupPermissions)
{
if (ug.GroupID > -1)
{
GroupBLL.CreateUserGroup(ug);
}
else
{
AddUserToGroup(AddUser, ug);
}
}
//Bind
}catch(InvalidCastException ce)
{
throw new Exception("Database heeft geen UserID teruggegeven\r\n" + ce.Message);
}
catch (Exception)
{
throw;
}
}
public void ChangesToPermission(User OldUser, User NewUser)
{
StringBuilder sb = new StringBuilder();
Dictionary<string, HashSet<string>> CombinedAllowPermissions = new Dictionary<string, HashSet<string>>();
Dictionary<string, HashSet<string>> CombinedDenyPermissions = new Dictionary<string, HashSet<string>>();
//deletedKeys
OldUser.OwnedPermissions.AllowPermissions.Where(g => !NewUser.OwnedPermissions.AllowPermissions.ContainsKey(g.Key)).ToList().ForEach(x => CombinedAllowPermissions.Add(ptag(x.Key), ptagAll(x.Value)));
OldUser.OwnedPermissions.DenyPermissions.Where(g => !NewUser.OwnedPermissions.DenyPermissions.ContainsKey(g.Key)).ToList().ForEach(x => CombinedDenyPermissions.Add(ptag(x.Key), ptagAll(x.Value)));
//addedKeys
NewUser.OwnedPermissions.AllowPermissions.Where(g => !OldUser.OwnedPermissions.AllowPermissions.ContainsKey(g.Key)).ToList().ForEach(x => CombinedAllowPermissions.Add(btag(x.Key), btagAll(x.Value)));
NewUser.OwnedPermissions.DenyPermissions.Where(g => !OldUser.OwnedPermissions.DenyPermissions.ContainsKey(g.Key)).ToList().ForEach(x => CombinedDenyPermissions.Add(btag(x.Key), btagAll(x.Value)));
//ModifiedKeys
#region Allow
NewUser.OwnedPermissions.AllowPermissions.ToList().Where(x => OldUser.OwnedPermissions.AllowPermissions.ContainsKey(x.Key)).ToList().ForEach(z =>
{
HashSet<string> value = new HashSet<string>();
//removedPermissions
OldUser.OwnedPermissions.AllowPermissions[z.Key]
.Where(y => NewUser.OwnedPermissions.AllowPermissions[z.Key] == null || (NewUser.OwnedPermissions.AllowPermissions[z.Key] != null && !NewUser.OwnedPermissions.AllowPermissions[z.Key].Contains(y))).ToList().ForEach(perms => value.Add(ptag(perms)));
//AddedPermissions
NewUser.OwnedPermissions.AllowPermissions[z.Key]
.Where(y => OldUser.OwnedPermissions.AllowPermissions[z.Key] == null || (OldUser.OwnedPermissions.AllowPermissions[z.Key] != null && !OldUser.OwnedPermissions.AllowPermissions[z.Key].Contains(y))).ToList().ForEach(perms => value.Add(btag(perms)));
//Unchanged
NewUser.OwnedPermissions.AllowPermissions[z.Key]
.Where(y => OldUser.OwnedPermissions.AllowPermissions[z.Key] != null && OldUser.OwnedPermissions.AllowPermissions[z.Key].Contains(y)).ToList().ForEach(perms => value.Add("<p>"+perms+"</p>"));
//add the list
CombinedAllowPermissions.Add(z.Key, value);
});
#endregion
#region Deny
NewUser.OwnedPermissions.DenyPermissions.ToList().Where(x => OldUser.OwnedPermissions.DenyPermissions.ContainsKey(x.Key)).ToList().ForEach(z =>
{
HashSet<string> value = new HashSet<string>();
//removedPermissions
OldUser.OwnedPermissions.DenyPermissions[z.Key]
.Where(y => NewUser.OwnedPermissions.DenyPermissions[z.Key] == null || (NewUser.OwnedPermissions.DenyPermissions[z.Key] != null && !NewUser.OwnedPermissions.DenyPermissions[z.Key].Contains(y))).ToList().ForEach(perms => value.Add(ptag(perms)));
//AddedPermissions
NewUser.OwnedPermissions.DenyPermissions[z.Key]
.Where(y => OldUser.OwnedPermissions.DenyPermissions[z.Key] == null || (OldUser.OwnedPermissions.DenyPermissions[z.Key] != null && !OldUser.OwnedPermissions.DenyPermissions[z.Key].Contains(y))).ToList().ForEach(perms => value.Add(btag(perms)));
//Unchanged
NewUser.OwnedPermissions.DenyPermissions[z.Key]
.Where(y => OldUser.OwnedPermissions.DenyPermissions[z.Key] != null && OldUser.OwnedPermissions.DenyPermissions[z.Key].Contains(y)).ToList().ForEach(perms => value.Add("<p>" + perms + "</p>"));
//add the list
CombinedDenyPermissions.Add(z.Key, value);
});
#endregion
sb.Append("<p>Veranderingen in AllowPermissies:</p>");
foreach(var v in CombinedAllowPermissions)
{
sb.Append(v.Key);
if (v.Value != null)
{
sb.Append("<ul>");
AddPermissionsToStringBuilder(sb, v.Value);
sb.Append("</ul>");
}
}
sb.Append("<p>Veranderingen in DenyPermissies:</p>");
foreach (var v in CombinedAllowPermissions)
{
sb.Append(v.Key);
if (v.Value != null)
{
sb.Append("<ul>");
AddPermissionsToStringBuilder(sb, v.Value);
sb.Append("</ul>");
}
}
AddMessage(NewUser, sb.ToString());
}
public void ChangesToGroup(User AddUser, UserGroup ug, bool deleted)
{
StringBuilder sb = new StringBuilder();
string del = getDel(deleted);
sb.Append("U bent "+del+" "+(deleted?"van":"aan")+" de groep: ").Append(ug.Name).AppendLine();
AddMessage(AddUser, sb.ToString());
}
private static List<SqlParameter> GetUserParameters(User addUser)
{
List<SqlParameter> parameters = new List<SqlParameter>
{
DAL.DAL.Parameter("Email", addUser.Email),
DAL.DAL.Parameter("FirstName", addUser.FirstName),
DAL.DAL.Parameter("LastName", addUser.LastName),
DAL.DAL.Parameter("Hash", addUser.Password),
DAL.DAL.Parameter("Salt", addUser.Salt),
DAL.DAL.Parameter("IterationCount", 10)
};
return parameters;
}
public DoLogin(User u)
{
_LoginUser = u;
}
public void AddUserToGroup(User u, UserGroup ug)
{
if (!u.UserGroupPermissions.Contains(ug) && !ug.GroupUsers.Contains(u))
{
if(this is UserDetailViewModel)
{
u.Changed = true;
}
else
{
ug.Changed = true;
}
u.UserGroupPermissions.Add(ug);
ug.GroupUsers.Add(u);
dbActions.UserGroupDelayedAction(u, ug, true);
}
}
public override PermissionsBase GetCopy()
{
User u = new User(this.LastName, this.FirstName);
u.InstanceID = InstanceID;
u.Email = Email;
u.Password = Password;
u.UserID = UserID;
u.Salt = Salt;
u.OwnedPermissions = this.OwnedPermissions.GetCopy();
u.UserGroupPermissions = new ObservableCollection<UserGroup>();
foreach (UserGroup group in UserGroupPermissions)
{
u.UserGroupPermissions.Add(group.GetCopy() as UserGroup);
}
return u;
}
/// <summary>
/// Deletes or adds the user "user" from/to UserGroup "group"
/// </summary>
/// <param name="user"></param>
/// <param name="group"></param>
/// <param name="AddDelete">true = AddUser, false = RemoveUser</param>
public void UserGroupDelayedAction(User user, UserGroup group, bool AddDelete)
{
GroupAction ga = new GroupAction((UserGroup)group.GetCopy(), (User)user.GetCopy());
ga.AddOrRemove = AddDelete;
if (AddDelete)
{
//Add
GroupActions.Add(ga);
}
else
{
//delete
GroupActions.Remove(ga);
GroupActions.Add(ga);
}
}
public static User FillUser(IDataReader sq)
{
User u = new User();
u.UserID = sq.GetInt32(0);
u.FirstName = sq.IsDBNull(1) ? "" : sq.GetString(1);
u.LastName = sq.IsDBNull(2) ? "" : sq.GetString(2);
u.Email = sq.IsDBNull(3) ? "" : sq.GetString(3);
u.SetPassword(sq.IsDBNull(4) ? "" : sq.GetString(4));
u.Salt = sq.IsDBNull(5) ? "" : sq.GetString(5);
return u;
}
public static void DeleteUserFromGroup(User u, UserGroup g)
{
DAL.DAL.ExecuteNonQuery("D_GroupMember_ByGroupID_ByUserID", DAL.DAL.Parameter("GroupID", g.GroupID), DAL.DAL.Parameter("UserID", u.UserID));
}
public static void AddUserToGroup(User u, UserGroup g)
{
DAL.DAL.ExecuteNonQuery("I_GroupMember", DAL.DAL.Parameter("GroupID", g.GroupID), DAL.DAL.Parameter("UserID", u.UserID));
}
public static bool ComparePasswords(out User loggedUser, string password, string email)
{
//retrieve hash, salt, count
//DAL.Parameter("Email", email)
int errorCode;
loggedUser = null;
User hash;
try
{
hash = DAL.DAL.ExecuteDataReader("S_User_PasswordHash", FillUser, out errorCode,
DAL.DAL.Parameter("Email", email)).First();
}
catch (IndexOutOfRangeException)
{
return false;
}
catch (Exception)
{
return false;
}
if(PasswordEncryption.PasswordMatch(password, hash.Password, hash.Salt, 10))
{
loggedUser = hash;
return true;
}
return false;
}
public void removeUserGroupAction(User u, UserGroup ug)
{
GroupAction ga = new GroupAction(ug, u);
GroupActions.Remove(ga);
}
public static void DeleteUser(User u)
{
DAL.DAL.ExecuteNonQuery("D_User", DAL.DAL.Parameter("UserID", u.UserID));
}
public GroupAction(UserGroup group, User addUser)
{
Group = group;
AddUser = addUser;
}
public static void UpdateUser(User u)
{
if(u.UserID > -1)
{
DAL.DAL.ExecuteNonQuery("U_User",
DAL.DAL.Parameter("Email", u.Email),
DAL.DAL.Parameter("FirstName", u.FirstName),
DAL.DAL.Parameter("LastName", u.LastName),
DAL.DAL.Parameter("UserID", u.UserID)
);
PermissionsBLL.ReplacePermissions(u);
if (u.PasswordChanged)
{
UpdatePassword(u);
}
}
else
{
CreateUser(u);
}
}
protected void CreateItem(object obj)
{
PermissionsBase pb;
if(this is UserDetailViewModel)
{
pb = new User();
}
else if(this is GroupDetailViewModel)
{
pb = new UserGroup();
}
else
{
pb = null;
}
AllItems.Add(pb);
SelectedItem = pb;
}
public void DeleteUser(User u)
{
//UserBLL.
}
/// <summary>
/// Remove User u from UserGroup ug
/// this will also remove the database action
/// </summary>
/// <param name="u"></param>
/// <param name="ug"></param>
public void RemoveUserFromGroup(User u, UserGroup ug)
{
if (u.UserGroupPermissions.FindFirst(x => x.ID == ug.ID) && ug.GroupUsers.FindFirst(x => x.ID == u.ID))
{
u.UserGroupPermissions.ToList().RemoveAll(x => x.ID == ug.ID);
ug.GroupUsers.ToList().RemoveAll(x => x.ID == u.ID);
//if selectedItem is a new item cancel changes, else queue a remove action to the database
if (SelectedItem.ID == -1)
{
dbActions.removeUserGroupAction(u, ug);
}
else
{
dbActions.UserGroupDelayedAction(u, ug, false);
}
}
}
public void UpdateUser(User u)
{
throw new NotImplementedException();
}
public UserDeleted(User _DeletedUser)
{
this.DeletedUser = _DeletedUser;
}
public static void UpdatePassword(User u)
{
if (u.UserID > -1)
{
DAL.DAL.ExecuteNonQuery("U_User_ChangePasswordHash",
DAL.DAL.Parameter("@UserID", u.ID),
DAL.DAL.Parameter("@Hash", u.Password),
DAL.DAL.Parameter("@Salt", u.Salt),
DAL.DAL.Parameter("@IterationCount", 10));
}
}