public static MvcHtmlString SubmitCr(this HtmlHelper helper, string id, string text, string uniqueNameElement, bool isConfirmButton = false, string name = "", string toolTip = "", string style = "", object htmlAttributes = null) { if (string.IsNullOrEmpty(uniqueNameElement)) { return(SubmitCr(helper, id, name, text, isConfirmButton, toolTip, style, htmlAttributes)); } else { return(Core.Service.AppBase.HasCurrentUserAccess(CustomMembershipProvider.GetUserIdCookie() ?? 0, null, uniqueNameElement) ? SubmitCr(helper, id, name, text, isConfirmButton, toolTip, style, htmlAttributes) : SubmitCr(helper, id, name, text, isConfirmButton, toolTip, style, htmlAttributes, false)); } }
public ActionResult ChangeUserPassword() { var userId = CustomMembershipProvider.GetUserIdCookie(); string userName = ""; if (userId != null) { var user = _userService.GetUserAndUserProfileByUserId(userId ?? 0); userName = user.UserProfile.UserName; } ViewBag.name = userName; return(View()); }
public void PutEntity(ChangeUserPasswordViewModel changeUserPasswordViewModel) { var message = new Message(); var text = string.Empty; if (changeUserPasswordViewModel.NewPassword.Equals(changeUserPasswordViewModel.ConfirmPassword)) { var userId = CustomMembershipProvider.GetUserIdCookie(); if (userId != null) { var user = _userService.GetUserAndUserProfileByUserId(userId ?? 0); var password = _userService.GetMd5Hash(changeUserPasswordViewModel.Password); if (password.Equals(user.UserProfile.Password)) { var newPassword = _userService.GetMd5Hash(changeUserPasswordViewModel.NewPassword); user.UserProfile.Password = newPassword; var updatedUser = _userService.Update(user); CustomMembershipProvider.SetPassCodeCookie(user.UserProfile.UserName, user.UserProfile.Password); message.type = MessageType.success; _constantService.TryGetValue <string>("ChangePasswordWasSuccessFull", out text); message.text = text /*Core.Resources.Messages.ChangePasswordWasSuccessFull*/; } else { message.type = MessageType.error; _constantService.TryGetValue <string>("IncorrectPassword", out text); message.text = text /*Core.Resources.ExceptionMessage.IncorrectPassword*/; } } } else { message.type = MessageType.error; _constantService.TryGetValue <string>("ConfirmPasswordWasNotMatched", out text); message.text = text /*Core.Resources.ExceptionMessage.ConfirmPasswordWasNotMatched*/; } MessageStrore.Add(message); }
public bool GetUserHassAccess() { int?userId = CustomMembershipProvider.GetUserIdCookie(); var isPassCodeValidate = CustomMembershipProvider.IsCurrentUserAuthenticate(); //if (userId != null) //{ // UserProfile foundUserProfile = _userProfileService.Filter(entity => entity.Id.Equals(userId.Value)).FirstOrDefault(); // if (foundUserProfile != null) // { // var encodedUserName = Security.GetMd5Hash(MD5.Create(), foundUserProfile.UserName); // var passCode = Security.GetMd5Hash(MD5.Create(), string.Format("{0}{1}", encodedUserName, foundUserProfile.Password)); // isPassCodeValidate = CustomMembershipProvider.ValidatePassCode(passCode); // } //} bool isOnlineUser = Core.Service.ServiceBase.appBase.OnlineUsers.Exists(user => user.UserName.ToLower().Trim() == User.Identity.Name.ToLower().Trim()); return(isPassCodeValidate && userId.HasValue && isOnlineUser); }
// // GET: /PartialView/ public ActionResult Index(string partialViewFileName) { var viewElementInfo = AppBase.GetMenuItemPathByUniqueName(CustomMembershipProvider.GetUserIdCookie() ?? 0, partialViewFileName); if (viewElementInfo != null) { if (viewElementInfo.ElementType == ElementType.Page) { return(PartialView(string.Format("{0}", viewElementInfo.Url))); } else { var currentUrl = (viewElementInfo.Url.Split('/')); var area = string.Empty; var controller = string.Empty; var action = string.Empty; if (currentUrl.Length == 3) { area = currentUrl[0]; controller = currentUrl[1]; action = currentUrl[2]; } else { controller = currentUrl[0]; action = currentUrl[1]; } //var domain = url.Scheme + Uri.SchemeDelimiter + url.Host + ":" + url.Port + "/"; return(RedirectToAction(action, controller, new { area = area })); } } Core.Cmn.AppBase.LogService.Handle(new NotSupportedException("unauthorize"), $"partialview {partialViewFileName} UnAuthorized"); Response.SuppressFormsAuthenticationRedirect = true; return(new HttpStatusCodeResult(statusCode: System.Net.HttpStatusCode.Unauthorized)); }
public static bool HasCustomActionAuthorized(string customActionName) { var currentUser = CustomMembershipProvider.GetUserIdCookie() ?? 0; return(AppBase.HasCurrentUserAccess(currentUser, null, customActionName)); }
public static void DefineCrudActionAuthority(AccessOperation crudOpt, CrudCr crudInfo) { if (!System.Web.HttpContext.Current.User.Identity.IsAuthenticated) { //object area = null; //var tokens = System.Web.HttpContext.Current.Request.RequestContext.RouteData.DataTokens; //if (tokens.TryGetValue("area", out area) ) //{ var response = System.Web.HttpContext.Current.Response; response.Clear(); response.StatusCode = 403;//forbidden //} //else //{ // FormsAuthentication.RedirectToLoginPage(); //} return; } else { var currentUserId = CustomMembershipProvider.GetUserIdCookie() ?? 0; var readUrl = crudInfo.Read.Url.ToLower(); if (readUrl.StartsWith("api/") || readUrl.StartsWith("/api/")) { var originalUrl = readUrl.Split('/'); var actualUrlName = string.Empty; //has Area Name if (originalUrl.Length == 3) { if (originalUrl[2].ToLower().Equals("getentities")) { actualUrlName = originalUrl[0] + "/" + originalUrl[1]; } else { actualUrlName = originalUrl[1] + "/" + originalUrl[2]; } } else { if (originalUrl.Length == 4) { actualUrlName = originalUrl[1] + "/" + originalUrl[2]; } else { actualUrlName = originalUrl[1]; } } if (crudOpt.Insertable) { var insertUrl = string.IsNullOrEmpty(crudInfo.Insert.Url) ? actualUrlName + "/PostEntity" : crudInfo.Insert.Url; crudOpt.Insertable = AppBase.HasCurrentUserAccess(currentUserId, insertUrl); } if (crudOpt.Updatable) { var updateUrl = string.IsNullOrEmpty(crudInfo.Update.Url) ? actualUrlName + "/PutEntity" : crudInfo.Update.Url; crudOpt.Updatable = AppBase.HasCurrentUserAccess(currentUserId, updateUrl); } if (crudOpt.Removable) { var removeUrl = string.IsNullOrEmpty(crudInfo.Remove.Url) ? actualUrlName + "/DeleteEntity" : crudInfo.Remove.Url; crudOpt.Removable = AppBase.HasCurrentUserAccess(currentUserId, removeUrl); } } else { // Must be implemented for classical controller. throw new NotImplementedException(); } } }
public List <ViewElementDTO> GetAccessibleViewElements() { return(_viewElementService.GetAccessibleViewElements(CustomMembershipProvider.GetUserIdCookie().Value)); }