public override void populateGroups(string query, SortedList arrGTemp, SPWeb curWeb)
{
Guard.ArgumentIsNotNull(curWeb, nameof(curWeb));
Guard.ArgumentIsNotNull(arrGTemp, nameof(arrGTemp));
Guard.ArgumentIsNotNull(query, nameof(query));
var dataSet = new DataSet();
var newTimeSheet = false;
SPSecurity.RunWithElevatedPrivileges(
delegate
{
var requestedUser = Page.Request["duser"];
var resourceName = string.Empty;
if (!string.IsNullOrWhiteSpace(requestedUser))
{
if (SharedFunctions.canUserImpersonate(username, requestedUser, site.RootWeb, out resourceName))
{
username = requestedUser;
}
}
Action <int, string, SqlConnection, DataSet> fillDataSet =
(value, cmdText, sql, dataSet1) =>
{
using (var sqlCommand = new SqlCommand(cmdText, sql)
{
CommandType = CommandType.StoredProcedure
})
{
sqlCommand.Parameters.AddWithValue(IdUserName, username);
sqlCommand.Parameters.AddWithValue(IdSiteGuid, site.ID);
sqlCommand.Parameters.AddWithValue(IdPeriod, value);
using (var dataAdapter = new SqlDataAdapter(sqlCommand))
{
dataAdapter.Fill(dataSet1);
}
}
};
try
{
SqlConnection(curWeb, fillDataSet, ref dataSet, ref newTimeSheet);
}
catch (Exception exception)
{
DiagTrace.WriteLine(exception);
}
ProcessDataRow(arrGTemp, curWeb, dataSet, newTimeSheet);
});
}
public override void getParams(SPWeb curWeb)
{
base.getParams(curWeb);
isTimesheet = true;
string strPeriod = Request["period"];
workType = Request["workType"];
period = int.Parse(strPeriod);
//base.inEditMode = true;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
string requestedUser = Page.Request["duser"];
string resname = "";
if (requestedUser != null && requestedUser != "")
{
if (SharedFunctions.canUserImpersonate(username, requestedUser, site.RootWeb, out resname))
{
username = requestedUser;
}
}
});
gridname = "mywork" + gridname;
if (workType == "1" || (workType == "4" && Request["allowOther"] == "true"))
{
if (inEditMode)
{
filterfield = "IsAssignment";
filtervalue = "False";
}
else
{
filterfield = "IsAssignment";
filtervalue = "0' OR IsAssignment='";
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
string strAction = Request["action"];
string period = Request["period"];
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Expires = -1;
data = "";
string fEmail = SPContext.Current.Web.CurrentUser.Email;
SPSite site = SPContext.Current.Site;
//using ()
{
//using ()
SPWeb web = SPContext.Current.Web;
{
try
{
SqlConnection cn = null;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
cn = new SqlConnection(EPMLiveCore.CoreFunctions.getConnectionString(site.WebApplication.Id));
cn.Open();
string requestedUser = Page.Request["duser"];
if (requestedUser != null && requestedUser != "")
{
if (SharedFunctions.canUserImpersonate(username, requestedUser, SPContext.Current.Site.RootWeb, out resName))
{
username = requestedUser;
}
else
{
impFailed = true;
}
}
bool.TryParse(EPMLiveCore.CoreFunctions.getConfigSetting(SPContext.Current.Site.RootWeb, "EPMLiveTSLiveHours"), out liveHours);
});
if (impFailed)
{
data = "Error: Impersonation Failed";
}
else
{
if (cn != null)
{
SqlCommand cmd;
int iperiod;
SqlDataReader dr;
switch (strAction)
{
case "deleteTS":
if (web.CurrentUser.IsSiteAdmin)
{
string[] tsuids = Request["ts_uids"].Split(',');
foreach (string tsuidData in tsuids)
{
cmd = new SqlCommand("DELETE FROM TSTIMESHEET where ts_uid=@ts_uid", cn);
cmd.Parameters.AddWithValue("@ts_uid", tsuidData);
cmd.ExecuteNonQuery();
}
data = "Success";
}
else
{
data = "Error: Access Denied";
}
break;
case "closePeriod":
cmd = new SqlCommand("update tsperiod set locked=1 where period_id=@periodid and site_id=@siteid", cn);
cmd.Parameters.AddWithValue("@siteid", SPContext.Current.Site.ID);
cmd.Parameters.AddWithValue("@periodid", period);
cmd.ExecuteNonQuery();
data = period;
break;
case "openPeriod":
cmd = new SqlCommand("update tsperiod set locked=0 where period_id=@periodid and site_id=@siteid", cn);
cmd.Parameters.AddWithValue("@siteid", SPContext.Current.Site.ID);
cmd.Parameters.AddWithValue("@periodid", period);
cmd.ExecuteNonQuery();
data = period;
break;
case "submitTime":
cmd = new SqlCommand("update TSTIMESHEET set submitted=1,approval_status=0,lastmodifiedbyu=@u,lastmodifiedbyn=@n where ts_uid=@ts_uid", cn);
cmd.Parameters.AddWithValue("@ts_uid", Request["ts_uid"]);
cmd.Parameters.AddWithValue("@u", SPContext.Current.Web.CurrentUser.LoginName);
cmd.Parameters.AddWithValue("@n", SPContext.Current.Web.CurrentUser.Name);
cmd.ExecuteNonQuery();
SPSecurity.RunWithElevatedPrivileges(delegate()
{
SPWeb tweb = SPContext.Current.Web;
{
SharedFunctions.processResources(cn, Request["ts_uid"], tweb, username);
}
});
if (EPMLiveCore.CoreFunctions.getConfigSetting(SPContext.Current.Site.RootWeb, "EPMLiveTSDisableApprovals").ToLower() == "true")
{
approve(Request["ts_uid"], SPContext.Current.Web, Request["Period"]);
}
else
{
string actualWork = "";
//SPSecurity.RunWithElevatedPrivileges(delegate()
//{
// actualWork = EPMLiveCore.CoreFunctions.getConfigSetting(SPContext.Current.Site.RootWeb, "EPMLiveTSActualWork");
//});
//if (actualWork != "")
//{
if (!liveHours)
{
data = SharedFunctions.processActualWork(cn, Request["ts_uid"], site, false, true);
}
//}
}
if (data == "")
{
data = "Success";
}
cmd = new SqlCommand("select ts_item_uid,web_uid,list_uid,item_id,project from TSITEM where TS_UID=@ts_uid", cn);
cmd.Parameters.AddWithValue("@ts_uid", Request["ts_uid"]);
DataSet ds = new DataSet();
SqlDataAdapter da = new SqlDataAdapter(cmd);
da.Fill(ds);
SPList pList = null;
SPWeb iWeb = null;
SPList iList = null;
Guid webGuid = Guid.Empty;
Guid listGuid = Guid.Empty;
foreach (DataRow dataRow in ds.Tables[0].Rows)
{
try
{
Guid wGuid = new Guid(dataRow["WEB_UID"].ToString());
Guid lGuid = new Guid(dataRow["LIST_UID"].ToString());
if (webGuid != wGuid)
{
if (iWeb != null)
{
iWeb.Close();
iWeb = site.OpenWeb(wGuid);
}
else
{
iWeb = site.OpenWeb(wGuid);
}
webGuid = iWeb.ID;
}
if (listGuid != lGuid)
{
iList = iWeb.Lists[lGuid];
try
{
pList = SharedFunctions.getProjectCenterList(iList);
}
catch { }
listGuid = iList.ID;
}
SPListItem li = iList.GetItemById(int.Parse(dataRow["ITEM_ID"].ToString()));
SharedFunctions.processMeta(iWeb, iList, li, new Guid(dataRow["ts_item_uid"].ToString()), dataRow["project"].ToString(), cn, pList);
}
catch { }
}
break;
case "unsubmitTime":
cmd = new SqlCommand("update TSTIMESHEET set submitted=0,approval_status=0,lastmodifiedbyu=@u,lastmodifiedbyn=@n where ts_uid=@ts_uid", cn);
cmd.Parameters.AddWithValue("@ts_uid", Request["ts_uid"]);
cmd.Parameters.AddWithValue("@u", SPContext.Current.Web.CurrentUser.LoginName);
cmd.Parameters.AddWithValue("@n", SPContext.Current.Web.CurrentUser.Name);
cmd.ExecuteNonQuery();
if (EPMLiveCore.CoreFunctions.getConfigSetting(SPContext.Current.Site.RootWeb, "EPMLiveTSDisableApprovals").ToLower() == "true" && !liveHours)
{
data = SharedFunctions.processActualWork(cn, Request["ts_uid"], site, true, true);
}
if (data == "")
{
data = "Success";
}
break;
case "deletePeriod":
cmd = new SqlCommand("delete from tsperiod where period_id=@periodid and site_id=@siteid", cn);
cmd.Parameters.AddWithValue("@siteid", SPContext.Current.Site.ID);
cmd.Parameters.AddWithValue("@periodid", period);
cmd.ExecuteNonQuery();
data = "Success";
break;
case "addPeriod":
cmd = new SqlCommand("select top 1 period_id from tsperiod where site_id=@siteid order by period_id desc", cn);
cmd.Parameters.AddWithValue("@siteid", SPContext.Current.Site.ID);
dr = cmd.ExecuteReader();
iperiod = 1;
if (dr.Read())
{
iperiod = dr.GetInt32(0) + 1;
}
dr.Close();
cmd = new SqlCommand("insert into tsperiod (period_start,period_end,period_id,site_id) values (@periodstart,@periodend,@period_id,@siteid)", cn);
cmd.Parameters.AddWithValue("@periodstart", Request["start"]);
cmd.Parameters.AddWithValue("@periodend", Request["end"]);
cmd.Parameters.AddWithValue("@period_id", iperiod);
cmd.Parameters.AddWithValue("@siteid", SPContext.Current.Site.ID);
cmd.ExecuteNonQuery();
data = "Success";
break;
case "addPeriods":
var periods = JsonConvert.DeserializeObject <List <Dictionary <string, string> > >(Request[JsonDataParameter]);
var createdIds = CreatePeriods(cn, periods);
data = string.Format("Success,{0},{1}", strAction, string.Join(",", createdIds));
break;
case "addType":
cmd = new SqlCommand("select top 1 tstype_id from tstype where site_uid=@siteid order by tstype_id desc", cn);
cmd.Parameters.AddWithValue("@siteid", SPContext.Current.Site.ID);
dr = cmd.ExecuteReader();
iperiod = 1;
if (dr.Read())
{
iperiod = dr.GetInt32(0) + 1;
}
dr.Close();
cmd = new SqlCommand("insert into tstype (tstype_id,tstype_name,site_uid) values (@tstype_id,@tstype_name,@siteid)", cn);
cmd.Parameters.AddWithValue("@tstype_name", Request["typename"]);
cmd.Parameters.AddWithValue("@tstype_id", iperiod);
cmd.Parameters.AddWithValue("@siteid", SPContext.Current.Site.ID);
cmd.ExecuteNonQuery();
data = "Success";
break;
case "editType":
cmd = new SqlCommand("update tstype set tstype_name = @tstype_name where tstype_id=@tstype_id and site_uid=@siteid", cn);
cmd.Parameters.AddWithValue("@tstype_name", Request["typename"]);
cmd.Parameters.AddWithValue("@tstype_id", Request["typeid"]);
cmd.Parameters.AddWithValue("@siteid", SPContext.Current.Site.ID);
cmd.ExecuteNonQuery();
data = "Success";
break;
case "approveTS":
{
approve(Request["ts_uids"].ToString(), SPContext.Current.Web, Request["Period"]);
if (data == "")
{
data = "Success";
}
}
break;
case "rejectTS":
{
string[] tsuids = Request["ts_uids"].Split(',');
foreach (string tsuidData in tsuids)
{
string[] tsuid = tsuidData.Split('|');
cmd = new SqlCommand("update TSTIMESHEET set approval_status=2,approval_notes=@notes where ts_uid=@ts_uid", cn);
cmd.Parameters.AddWithValue("@ts_uid", tsuid[0]);
cmd.Parameters.AddWithValue("@notes", tsuid[1]);
cmd.ExecuteNonQuery();
data += SharedFunctions.processActualWork(cn, tsuid[0], site, true, true);
}
if (data == "")
{
data = "Success";
}
}
break;
case "unlockTS":
{
string[] tsuids = Request["ts_uids"].Split(',');
foreach (string tsuidData in tsuids)
{
string[] tsuid = tsuidData.Split('|');
cmd = new SqlCommand("update TSTIMESHEET set approval_status=0 where ts_uid=@ts_uid", cn);
cmd.Parameters.AddWithValue("@ts_uid", tsuid[0]);
cmd.ExecuteNonQuery();
}
data = "Success";
}
break;
case "rejectEmail":
{
string[] tsuids = Request["ts_uids"].Split(',');
foreach (string tsuid in tsuids)
{
cmd = new SqlCommand("select username,approval_notes,period_start,period_end from vwTSApprovalNotes where ts_uid=@ts_uid", cn);
cmd.Parameters.AddWithValue("@ts_uid", tsuid);
dr = cmd.ExecuteReader();
if (dr.Read())
{
string username = dr.GetString(0);
string notes = dr.GetString(1);
try
{
SPUser user = web.AllUsers[username];
if (user.Email != "")
{
System.Net.Mail.MailMessage mailMsg = new MailMessage();
mailMsg.From = new MailAddress(fEmail);
mailMsg.To.Add(new MailAddress(user.Email));
mailMsg.Subject = web.Title + " Timesheet approval notice";
mailMsg.Body = "Your timesheet for period (" + dr.GetDateTime(2).ToShortDateString() + " - " + dr.GetDateTime(3).ToShortDateString() + ") has been rejected:<br>" + notes;
mailMsg.IsBodyHtml = true;
mailMsg.BodyEncoding = System.Text.Encoding.UTF8;
mailMsg.Priority = MailPriority.Normal;
// Configure the mail server
SmtpClient smtpClient = new SmtpClient();
SPAdministrationWebApplication spWebAdmin = Microsoft.SharePoint.Administration.SPAdministrationWebApplication.Local;
string sMailSvr = spWebAdmin.OutboundMailServiceInstance.Server.Name;
smtpClient.Host = sMailSvr;
smtpClient.Send(mailMsg);
}
}
catch { }
}
dr.Close();
}
}
data = "Success";
break;
case "autoadd":
//string flagfield = "";
string lists = "";
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite uSite = SPContext.Current.Site)
{
//flagfield = EPMLiveCore.CoreFunctions.getConfigSetting(uSite.RootWeb, "EPMLiveTSFlag");
lists = EPMLiveCore.CoreFunctions.getConfigSetting(uSite.RootWeb, "EPMLiveTSLists");
}
});
autoAdd(cn, Request["ts_uid"], web, lists);
data = "Success";
break;
case "approvePM":
{
string[] tsitemuids = Request["tsitemuids"].Split(',');
foreach (string tsitemuid in tsitemuids)
{
//string[] tsuid = tsuidData.Split('|');
cmd = new SqlCommand("update tsitem set approval_status=1 where ts_item_uid=@tsitemuid", cn);
cmd.Parameters.AddWithValue("@tsitemuid", tsitemuid);
cmd.ExecuteNonQuery();
}
data = "Success";
}
break;
case "rejectPM":
{
string[] tsitemuids = Request["tsitemuids"].Split(',');
foreach (string tsitemuid in tsitemuids)
{
//string[] tsuid = tsuidData.Split('|');
cmd = new SqlCommand("update tsitem set approval_status=2 where ts_item_uid=@tsitemuid", cn);
cmd.Parameters.AddWithValue("@tsitemuid", tsitemuid);
cmd.ExecuteNonQuery();
}
}
data = "Success";
break;
default:
data = "Error: Invalid Command";
break;
}
;
}
}
}
catch (Exception ex)
{
data = "Error: " + ex.Message;
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
Guid webGuid = new Guid();
Guid siteGuid = new Guid();
Guid listGuid = new Guid();
SPWeb iWeb = null;
SPSite iSite = null;
SPList iList = null;
SPList pList = null;
byte[] encodedDataAsBytes = System.Convert.FromBase64String(Request["columns"]);
strFields = System.Text.ASCIIEncoding.ASCII.GetString(encodedDataAsBytes).Split('\n');
if (Request["ids"] != null)
{
Response.ContentType = "text/xml";
Response.ContentEncoding = System.Text.Encoding.UTF8;
string[] ids = Request["ids"].Split(',');
output = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><data>";
SPSecurity.RunWithElevatedPrivileges(delegate()
{
cn = new SqlConnection(EPMLiveCore.CoreFunctions.getConnectionString(SPContext.Current.Site.WebApplication.Id));
cn.Open();
try
{
nonworklist = SPContext.Current.Web.Site.RootWeb.Lists[EPMLiveCore.CoreFunctions.getConfigSetting(SPContext.Current.Web.Site.RootWeb, "EPMLiveTSNonWork")].ID;
}
catch { }
string requestedUser = Page.Request["duser"];
if (requestedUser != null && requestedUser != "")
{
if (SharedFunctions.canUserImpersonate(username, requestedUser, SPContext.Current.Site.RootWeb, out resName))
{
username = requestedUser;
}
else
{
impFailed = true;
}
}
dayDefs = EPMLiveCore.CoreFunctions.getConfigSetting(SPContext.Current.Site.RootWeb, "EPMLiveDaySettings").Split('|');
bool.TryParse(EPMLiveCore.CoreFunctions.getConfigSetting(SPContext.Current.Site.RootWeb, "EPMLiveTSLiveHours"), out liveHours);
});
if (impFailed)
{
output += "<action type='error100'>Unable to impersonate for: " + Request["duser"] + "</action>";
}
else
{
SqlCommand cmd = new SqlCommand("SELECT tstype_id,tstype_name from TSTYPE where site_uid=@site_id", cn);
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@site_id", SPContext.Current.Site.ID);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.HasRows)
{
timeeditor = true;
}
dr.Close();
if (EPMLiveCore.CoreFunctions.getConfigSetting(SPContext.Current.Web.Site.RootWeb, "EPMLiveTSAllowNotes").ToLower() == "true")
{
timeeditor = true;
}
if (cn.State == ConnectionState.Open)
{
foreach (string id in ids)
{
if (id != "")
{
string webId;
string listId;
string siteId;
SaveHelper.ParseSiteFromRequest(Request, id, out webId, out listId, out siteId);
if (!string.IsNullOrWhiteSpace(webId) && !string.IsNullOrWhiteSpace(listId) && !string.IsNullOrWhiteSpace(siteId))
{
try
{
SaveHelper.PopulateGuidData(
webId,
listId,
siteId,
list => pList = SharedFunctions.getProjectCenterList(list),
ref siteGuid,
ref iWeb,
ref iSite,
ref webGuid,
ref listGuid,
ref iList);
}
catch (Exception ex)
{
output += "<action type='error100'>Item: " + Request[id + "_title"].ToString() + " Message: " + ex.Message + "</action>";
}
if (iWeb != null)
{
string status = "";
try
{
status = Request[id + "_!nativeeditor_status"].ToString();
}
catch { }
processItem(id, iWeb, iList, pList);
if (liveHours)
{
processLiveHours(id, listGuid, iList);
}
if (status != "deleted" && bool.Parse(Request["edit"]))
{
processWssItem(id, iWeb, iList);
}
}
}
}
}
}
SqlCommand cmd1 = new SqlCommand("UPDATE TSTIMESHEET set approval_status=0,lastmodifiedbyu=@u,lastmodifiedbyn=@n where ts_uid=@TS_UID", cn);
cmd1.Parameters.AddWithValue("@TS_UID", tsuid);
cmd1.Parameters.AddWithValue("@u", SPContext.Current.Web.CurrentUser.LoginName);
cmd1.Parameters.AddWithValue("@n", SPContext.Current.Web.CurrentUser.Name);
cmd1.ExecuteNonQuery();
SharedFunctions.processResources(cn, tsuid, SPContext.Current.Web, username);
}
cn.Close();
output += "<action type='settsuid' tsuid='" + tsuid + "'/>";
output += "</data>";
}
}
