private static bool _CheckRight(EUserRights requestedRight)
{
Guid sessionKey = _GetSession();
if (sessionKey == Guid.Empty)
{
if (WebOperationContext.Current != null)
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.Forbidden;
WebOperationContext.Current.OutgoingResponse.StatusDescription = "No session";
}
return(false);
}
if (!CSessionControl.RequestRight(sessionKey, requestedRight))
{
if (WebOperationContext.Current != null)
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.Forbidden;
WebOperationContext.Current.OutgoingResponse.StatusDescription = "Not allowed";
}
return(false);
}
return(true);
}
public int GetOwnProfileId()
{
Guid sessionKey = _GetSession();
if (sessionKey == Guid.Empty)
{
if (WebOperationContext.Current != null)
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.Forbidden;
WebOperationContext.Current.OutgoingResponse.StatusDescription = "No session";
}
return(-1);
}
int profileId = CSessionControl.GetUserIdFromSession(sessionKey);
if (profileId < 0)
{
if (WebOperationContext.Current != null)
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.Forbidden;
WebOperationContext.Current.OutgoingResponse.StatusDescription = "No session";
}
return(-1);
}
return(profileId);
}
public Guid Login(string username, string password)
{
Guid sessionId = CSessionControl.OpenSession(username, password);
if (sessionId == Guid.Empty)
{
if (WebOperationContext.Current != null)
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.Forbidden;
WebOperationContext.Current.OutgoingResponse.StatusDescription = "Wrong username or password";
}
}
return(sessionId);
}
public SProfileData GetProfile(int profileId)
{
Guid sessionKey = _GetSession();
if (CSessionControl.GetUserIdFromSession(sessionKey) == profileId || _CheckRight(EUserRights.ViewOtherProfiles))
{
bool isReadonly = (!CSessionControl.RequestRight(sessionKey, EUserRights.EditAllProfiles) &&
CSessionControl.GetUserIdFromSession(sessionKey) != profileId);
return(CVocaluxeServer.DoTask(CVocaluxeServer.GetProfileData, profileId, isReadonly));
}
return(new SProfileData());
}
public void SendProfile(SProfileData profile)
{
Guid sessionKey = _GetSession();
if (profile.ProfileId != -1) //-1 is the id for a new profile
{
if (CSessionControl.GetUserIdFromSession(sessionKey) != profile.ProfileId &&
!(_CheckRight(EUserRights.EditAllProfiles)))
{
return;
}
}
CVocaluxeServer.DoTask(CVocaluxeServer.SendProfileData, profile);
}
private static bool _CheckRightWithNoErrorMessage(EUserRights requestedRight)
{
Guid sessionKey = _GetSession();
if (sessionKey == Guid.Empty)
{
return(false);
}
if (!CSessionControl.RequestRight(sessionKey, requestedRight))
{
return(false);
}
return(true);
}
private static Guid _GetSession()
{
Guid sessionKey = Guid.Empty;
string sessionHeader =
((HttpRequestMessageProperty)OperationContext.Current.IncomingMessageProperties["httpRequest"]).Headers["session"];
if (string.IsNullOrEmpty(sessionHeader))
{
return(sessionKey);
}
try
{
sessionKey = Guid.Parse(sessionHeader);
}
catch (Exception)
{ }
CSessionControl.ResetSessionTimeout(sessionKey);
return(sessionKey);
}
public void Logout()
{
Guid sessionKey = _GetSession();
CSessionControl.InvalidateSessions(sessionKey);
}