public static MvcHtmlString SubmitCr(this HtmlHelper helper, string id, string text, string uniqueNameElement, bool isConfirmButton = false, string name = "", string toolTip = "", string style = "", object htmlAttributes = null)
{
if (string.IsNullOrEmpty(uniqueNameElement))
{
return(SubmitCr(helper, id, name, text, isConfirmButton, toolTip, style, htmlAttributes));
}
else
{
return(Core.Service.AppBase.HasCurrentUserAccess(CustomMembershipProvider.GetUserIdCookie() ?? 0, null, uniqueNameElement) ?
SubmitCr(helper, id, name, text, isConfirmButton, toolTip, style, htmlAttributes) : SubmitCr(helper, id, name, text, isConfirmButton, toolTip, style, htmlAttributes, false));
}
}
public ActionResult ChangeUserPassword()
{
var userId = CustomMembershipProvider.GetUserIdCookie();
string userName = "";
if (userId != null)
{
var user = _userService.GetUserAndUserProfileByUserId(userId ?? 0);
userName = user.UserProfile.UserName;
}
ViewBag.name = userName;
return(View());
}
public void PutEntity(ChangeUserPasswordViewModel changeUserPasswordViewModel)
{
var message = new Message();
var text = string.Empty;
if (changeUserPasswordViewModel.NewPassword.Equals(changeUserPasswordViewModel.ConfirmPassword))
{
var userId = CustomMembershipProvider.GetUserIdCookie();
if (userId != null)
{
var user = _userService.GetUserAndUserProfileByUserId(userId ?? 0);
var password = _userService.GetMd5Hash(changeUserPasswordViewModel.Password);
if (password.Equals(user.UserProfile.Password))
{
var newPassword = _userService.GetMd5Hash(changeUserPasswordViewModel.NewPassword);
user.UserProfile.Password = newPassword;
var updatedUser = _userService.Update(user);
CustomMembershipProvider.SetPassCodeCookie(user.UserProfile.UserName, user.UserProfile.Password);
message.type = MessageType.success;
_constantService.TryGetValue <string>("ChangePasswordWasSuccessFull", out text);
message.text = text /*Core.Resources.Messages.ChangePasswordWasSuccessFull*/;
}
else
{
message.type = MessageType.error;
_constantService.TryGetValue <string>("IncorrectPassword", out text);
message.text = text /*Core.Resources.ExceptionMessage.IncorrectPassword*/;
}
}
}
else
{
message.type = MessageType.error;
_constantService.TryGetValue <string>("ConfirmPasswordWasNotMatched", out text);
message.text = text /*Core.Resources.ExceptionMessage.ConfirmPasswordWasNotMatched*/;
}
MessageStrore.Add(message);
}
public bool GetUserHassAccess()
{
int?userId = CustomMembershipProvider.GetUserIdCookie();
var isPassCodeValidate = CustomMembershipProvider.IsCurrentUserAuthenticate();
//if (userId != null)
//{
// UserProfile foundUserProfile = _userProfileService.Filter(entity => entity.Id.Equals(userId.Value)).FirstOrDefault();
// if (foundUserProfile != null)
// {
// var encodedUserName = Security.GetMd5Hash(MD5.Create(), foundUserProfile.UserName);
// var passCode = Security.GetMd5Hash(MD5.Create(), string.Format("{0}{1}", encodedUserName, foundUserProfile.Password));
// isPassCodeValidate = CustomMembershipProvider.ValidatePassCode(passCode);
// }
//}
bool isOnlineUser = Core.Service.ServiceBase.appBase.OnlineUsers.Exists(user => user.UserName.ToLower().Trim() == User.Identity.Name.ToLower().Trim());
return(isPassCodeValidate && userId.HasValue && isOnlineUser);
}
//
// GET: /PartialView/
public ActionResult Index(string partialViewFileName)
{
var viewElementInfo = AppBase.GetMenuItemPathByUniqueName(CustomMembershipProvider.GetUserIdCookie() ?? 0, partialViewFileName);
if (viewElementInfo != null)
{
if (viewElementInfo.ElementType == ElementType.Page)
{
return(PartialView(string.Format("{0}", viewElementInfo.Url)));
}
else
{
var currentUrl = (viewElementInfo.Url.Split('/'));
var area = string.Empty;
var controller = string.Empty;
var action = string.Empty;
if (currentUrl.Length == 3)
{
area = currentUrl[0];
controller = currentUrl[1];
action = currentUrl[2];
}
else
{
controller = currentUrl[0];
action = currentUrl[1];
}
//var domain = url.Scheme + Uri.SchemeDelimiter + url.Host + ":" + url.Port + "/";
return(RedirectToAction(action, controller, new { area = area }));
}
}
Core.Cmn.AppBase.LogService.Handle(new NotSupportedException("unauthorize"), $"partialview {partialViewFileName} UnAuthorized");
Response.SuppressFormsAuthenticationRedirect = true;
return(new HttpStatusCodeResult(statusCode: System.Net.HttpStatusCode.Unauthorized));
}
public static bool HasCustomActionAuthorized(string customActionName)
{
var currentUser = CustomMembershipProvider.GetUserIdCookie() ?? 0;
return(AppBase.HasCurrentUserAccess(currentUser, null, customActionName));
}
public static void DefineCrudActionAuthority(AccessOperation crudOpt, CrudCr crudInfo)
{
if (!System.Web.HttpContext.Current.User.Identity.IsAuthenticated)
{
//object area = null;
//var tokens = System.Web.HttpContext.Current.Request.RequestContext.RouteData.DataTokens;
//if (tokens.TryGetValue("area", out area) )
//{
var response = System.Web.HttpContext.Current.Response;
response.Clear();
response.StatusCode = 403;//forbidden
//}
//else
//{
// FormsAuthentication.RedirectToLoginPage();
//}
return;
}
else
{
var currentUserId = CustomMembershipProvider.GetUserIdCookie() ?? 0;
var readUrl = crudInfo.Read.Url.ToLower();
if (readUrl.StartsWith("api/") || readUrl.StartsWith("/api/"))
{
var originalUrl = readUrl.Split('/');
var actualUrlName = string.Empty;
//has Area Name
if (originalUrl.Length == 3)
{
if (originalUrl[2].ToLower().Equals("getentities"))
{
actualUrlName = originalUrl[0] + "/" + originalUrl[1];
}
else
{
actualUrlName = originalUrl[1] + "/" + originalUrl[2];
}
}
else
{
if (originalUrl.Length == 4)
{
actualUrlName = originalUrl[1] + "/" + originalUrl[2];
}
else
{
actualUrlName = originalUrl[1];
}
}
if (crudOpt.Insertable)
{
var insertUrl = string.IsNullOrEmpty(crudInfo.Insert.Url) ? actualUrlName + "/PostEntity" : crudInfo.Insert.Url;
crudOpt.Insertable = AppBase.HasCurrentUserAccess(currentUserId, insertUrl);
}
if (crudOpt.Updatable)
{
var updateUrl = string.IsNullOrEmpty(crudInfo.Update.Url) ? actualUrlName + "/PutEntity" : crudInfo.Update.Url;
crudOpt.Updatable = AppBase.HasCurrentUserAccess(currentUserId, updateUrl);
}
if (crudOpt.Removable)
{
var removeUrl = string.IsNullOrEmpty(crudInfo.Remove.Url) ? actualUrlName + "/DeleteEntity" : crudInfo.Remove.Url;
crudOpt.Removable = AppBase.HasCurrentUserAccess(currentUserId, removeUrl);
}
}
else
{
// Must be implemented for classical controller.
throw new NotImplementedException();
}
}
}
public List <ViewElementDTO> GetAccessibleViewElements()
{
return(_viewElementService.GetAccessibleViewElements(CustomMembershipProvider.GetUserIdCookie().Value));
}
