public int Merge(ManagedSecurityContext sec, int id)
{
if (!sec.IsAdministrator())
{
throw new ManagedAccount.AccessDeniedException();
}
if (id == mInstance.Id)
{
throw new Exception("Cannot merge neighborhood into self");
}
int count = 0;
Neighborhood merge = Session.Load <Neighborhood>(id);
// update places
if (merge.Places != null)
{
count += merge.Places.Count;
foreach (Place place in merge.Places)
{
place.Neighborhood = mInstance;
place.City = mInstance.City;
Session.Save(place);
}
}
// update accounts - TODO when extended
// update account addresses - TODO when extended
Session.Delete(merge);
return(count);
}
protected override void Check(TransitAccountEmailMessage t_instance, ManagedSecurityContext sec)
{
if (!string.IsNullOrEmpty(t_instance.MailFrom) && sec.IsAdministrator())
{
// administrator can force a MailFrom address to whatever
mInstance.MailFrom = t_instance.MailFrom;
}
else
{
Account user = t_instance.GetOwner(Session, t_instance.AccountId, sec);
ManagedAccount m_user = new ManagedAccount(Session, user);
string mailfrom = string.Empty;
// a user is required to have a valid e-mail address
if (!m_user.TryGetVerifiedEmailAddress(out mailfrom, sec))
{
throw new ManagedAccount.NoVerifiedEmailException();
}
// if the user didn't specify the address, user his verified e-mail
if (string.IsNullOrEmpty(t_instance.MailFrom))
{
mInstance.MailFrom = new MailAddress(mailfrom, m_user.Name).ToString();;
}
// if the user specified a different e-mail address, don't let him send
else if (t_instance.MailFrom != mailfrom)
{
throw new ManagedAccount.AccessDeniedException();
}
}
base.Check(t_instance, sec);
}
public override TransitAccountInvitation GetTransitInstance(ManagedSecurityContext sec)
{
TransitAccountInvitation t_instance = base.GetTransitInstance(sec);
if (sec.IsAdministrator())
{
t_instance.Code = mInstance.Code;
}
return(t_instance);
}
public Account GetOwner(ISession session, int id, ManagedSecurityContext sec)
{
if (id == 0 || sec.Account == null)
{
return(sec.Account); // current security context id
}
if (id != 0 && id == sec.Account.Id)
{
return(sec.Account); // the id requested matches the security context id
}
if (id != 0 && sec.IsAdministrator())
{
return(session.Load <Account>(id)); // the administrator can get any id
}
if (id != 0 && !sec.IsAdministrator())
{
throw new ManagedAccount.AccessDeniedException(); // attempt to change ownership
}
return(sec.Account); // whatever is in the security context
}
public void Send(ManagedSecurityContext sec, TransitAccountEmailMessage t_instance)
{
if (!sec.IsAdministrator())
{
throw new ManagedAccount.AccessDeniedException();
}
SmtpClient smtp = GetSmtpClientInstance(Session);
MailMessage message = GetMessageInstance(Session, t_instance.GetInstance(Session, sec));
smtp.Send(message);
}
public override AccountInvitation GetInstance(ISession session, ManagedSecurityContext sec)
{
AccountInvitation instance = base.GetInstance(session, sec);
if (Id == 0)
{
// invitations cannot be modified post-send
instance.Email = this.Email;
// admin can force a particular code (for unit testing)
instance.Code = (sec.IsAdministrator() && !string.IsNullOrEmpty(this.Code)) ? this.Code : Guid.NewGuid().ToString();
instance.Message = this.Message;
instance.Account = GetOwner(session, AccountId, sec);
instance.Failed = this.Failed;
instance.LastError = this.LastError;
instance.AccountGroup = (this.AccountGroupId != 0)
? session.Get <AccountGroup>(this.AccountGroupId)
: null;
}
return(instance);
}
public void DeleteAccountWithOptions(string ticket, int id, TransitAccountDeleteOptions options)
{
using (SnCore.Data.Hibernate.Session.OpenConnection())
{
ISession session = SnCore.Data.Hibernate.Session.Current;
ManagedSecurityContext sec = new ManagedSecurityContext(session, ticket);
ManagedAccount user = new ManagedAccount(session, id);
if (user.IsAdministrator())
{
throw new Exception(
"You cannot delete an administrative account.");
}
if (sec.Account.Id != user.Id)
{
if (!sec.IsAdministrator())
{
// only admin can delete other people's account
throw new ManagedAccount.AccessDeniedException();
}
}
if (options != null && options.DeleteContent)
{
if (!sec.IsAdministrator())
{
// only admin can delete other people's content
throw new ManagedAccount.AccessDeniedException();
}
user.DeleteContent(sec);
}
}
WebServiceImpl<TransitAccount, ManagedAccount, Account>.Delete(
ticket, id);
}
public void DeleteAllFeatures(string ticket, TransitFeature token)
{
using (SnCore.Data.Hibernate.Session.OpenConnection())
{
ISession session = SnCore.Data.Hibernate.Session.Current;
ManagedSecurityContext sec = new ManagedSecurityContext(session, ticket);
if (!sec.IsAdministrator())
{
throw new ManagedAccount.AccessDeniedException();
}
ManagedFeature.Delete(session, token.DataObjectName, token.DataRowId);
SnCore.Data.Hibernate.Session.Flush();
}
}
public int Merge(ManagedSecurityContext sec, string name, string state, string country)
{
if (!sec.IsAdministrator())
{
throw new ManagedAccount.AccessDeniedException();
}
int count = 0;
// update accounts
ICriteria accounts_criteria = Session.CreateCriteria(typeof(Account)).Add(Expression.Eq("City", name));
if (string.IsNullOrEmpty(state))
{
accounts_criteria.Add(Expression.IsNull("State"));
}
else
{
accounts_criteria.Add(Expression.Eq("State.Id", ManagedState.GetStateId(Session, state, country)));
}
if (string.IsNullOrEmpty(country))
{
accounts_criteria.Add(Expression.IsNull("Country"));
}
else
{
accounts_criteria.Add(Expression.Eq("Country.Id", ManagedCountry.GetCountryId(Session, country)));
}
IList <Account> accounts = accounts_criteria.List <Account>();
count += accounts.Count;
foreach (Account account in accounts)
{
account.City = mInstance.Name;
account.Country = mInstance.Country;
account.State = mInstance.State;
Session.Save(account);
}
// update account addresses
ICriteria accountaddresses_criteria = Session.CreateCriteria(typeof(AccountAddress)).Add(Expression.Eq("City", name));
if (string.IsNullOrEmpty(state))
{
accountaddresses_criteria.Add(Expression.IsNull("State"));
}
else
{
accountaddresses_criteria.Add(Expression.Eq("State.Id", ManagedState.GetStateId(Session, state, country)));
}
if (string.IsNullOrEmpty(country))
{
accountaddresses_criteria.Add(Expression.IsNull("Country"));
}
else
{
accountaddresses_criteria.Add(Expression.Eq("Country.Id", ManagedCountry.GetCountryId(Session, country)));
}
IList <AccountAddress> accountaddresses = accountaddresses_criteria.List <AccountAddress>();
count += accountaddresses.Count;
foreach (AccountAddress accountaddress in accountaddresses)
{
accountaddress.City = mInstance.Name;
accountaddress.Country = mInstance.Country;
accountaddress.State = mInstance.State;
Session.Save(accountaddress);
}
return(count);
}
public int Merge(ManagedSecurityContext sec, int id)
{
if (!sec.IsAdministrator())
{
throw new ManagedAccount.AccessDeniedException();
}
if (id == mInstance.Id)
{
throw new Exception("Cannot merge city into self");
}
int count = 0;
City merge = Session.Load <City>(id);
// update accounts
IList accounts = Session.CreateCriteria(typeof(Account))
.Add(Expression.Eq("City", merge.Name))
.List();
count += accounts.Count;
foreach (Account account in accounts)
{
account.City = mInstance.Name;
Session.Save(account);
}
// update account addresses
IList accountaddresses = Session.CreateCriteria(typeof(AccountAddress))
.Add(Expression.Eq("City", merge.Name))
.List();
count += accountaddresses.Count;
foreach (AccountAddress accountaddress in accountaddresses)
{
accountaddress.City = mInstance.Name;
Session.Save(accountaddress);
}
// merge neighborhoods
foreach (Neighborhood nh in merge.Neighborhoods)
{
Neighborhood t_nh = Session.CreateCriteria(typeof(Neighborhood))
.Add(Expression.Eq("City.Id", mInstance.Id))
.Add(Expression.Eq("Name", nh.Name))
.UniqueResult <Neighborhood>();
if (t_nh != null)
{
ManagedNeighborhood m_nh = new ManagedNeighborhood(Session, t_nh);
count += m_nh.Merge(sec, nh.Id);
}
else
{
nh.City = mInstance;
Session.Save(nh);
}
}
// merge places that don't have a neighborhood
if (merge.Places != null)
{
count += merge.Places.Count;
foreach (Place place in merge.Places)
{
place.City = mInstance;
Session.Save(place);
}
}
if (merge.PlaceChangeRequests != null)
{
count += merge.PlaceChangeRequests.Count;
foreach (PlaceChangeRequest request in merge.PlaceChangeRequests)
{
request.City = mInstance;
Session.Save(request);
}
}
Session.Delete(merge);
return(count);
}
