Exemplo n.º 1
0
        public static SO_CRD_Permission[] getRecord_all(
            string sessionGuid_in,
            string ip_forLogPurposes_in,

            bool allProfiles_notJustApplication_in,

            int page_orderBy_in,
            long page_in,
            int page_itemsPerPage_in,
            out long page_itemsCount_out,

            out int[] errors_out
            )
        {
            page_itemsCount_out = -1L;
            SO_CRD_Permission[] _output = null;
            List <int>          _errorlist;
            Guid        _sessionguid;
            Sessionuser _sessionuser;

            #region check...
            if (!SBO_CRD_Authentication.isSessionGuid_valid(
                    sessionGuid_in,
                    ip_forLogPurposes_in,
                    out _sessionguid,
                    out _sessionuser,
                    out _errorlist,
                    out errors_out
                    ))
            {
                //// no need!
                //errors_out = _errors.ToArray();

                return(_output);
            }
            #endregion
            #region check Permissions . . .
            if (
                !_sessionuser.hasPermission(PermissionType.Permission__select)
                )
            {
                _errorlist.Add(ErrorType.permission__lack_of_permissions_to_read);
                errors_out = _errorlist.ToArray();
                return(_output);
            }
            #endregion

            _output
                = DO_CRD_Permission.getRecord_all(
                      allProfiles_notJustApplication_in
                                                ? (object)_sessionuser.IDApplication
                                                : null,
                      page_orderBy_in,
                      page_in,
                      page_itemsPerPage_in,
                      out page_itemsCount_out,
                      null
                      );

            errors_out = _errorlist.ToArray();
            return(_output);
        }
Exemplo n.º 2
0
        internal static void login(
            SO_CRD_User user_in,
            Guid sessionGuid_in,

            string login_forLogPurposes_in,
            string ip_forLogPurposes_in,

            bool andCheckPassword_in,
            string password_in,

            out long idUser_out,
            out string login_out,
            out long[] idPermissions_out,
            ref List <int> errorlist_ref
            )
        {
            //// NOTES:
            //// - this method allows login without password (if andCheckPassword_in == false),
            //// hence MUST NEVER be distributed (at least not directly)

            idPermissions_out = null;
            idUser_out        = -1L;
            login_out         = "";

            if (
                (user_in != null)
                &&
                (
                    !andCheckPassword_in
                    ||
                    SimpleHash.VerifyHash(
                        password_in,
                        SimpleHash.HashAlgotithm.SHA256,
                        user_in.Password
                        )
                )
                )
            {
                login_out = user_in.Login;

                #region login...
                #region idPermissions_out = ...;
                long _count;
                SO_CRD_Permission[] _so_permissions
                    = DO_CRD_Permission.getRecord_byUser(
                          user_in.IDUser,
                          -1, -1, -1, out _count,
                          null
                          );

                idPermissions_out = new long[_so_permissions.Length];
                for (int i = 0; i < _so_permissions.Length; i++)
                {
                    idPermissions_out[i] = _so_permissions[i].IDPermission;
                }
                #endregion

                if (UserSession.ContainsKey(sessionGuid_in))
                {
                    Sessionuser _usersession = UserSession[sessionGuid_in];
                    if (_usersession.IDUser == user_in.IDUser)
                    {
                        _usersession.Sessionstart  = DateTime.Now;
                        _usersession.IDUser        = user_in.IDUser;
                        _usersession.IDPermissions = idPermissions_out;
                    }
                    else
                    {
                        errorlist_ref.Add(ErrorType.authentication__guid_not_yours);
                        UserSession.Remove(sessionGuid_in);
                        return;
                    }
                }
                else
                {
                    UserSession.Add(
                        sessionGuid_in,
                        new Sessionuser(
                            user_in.IDUser,
                            idPermissions_out,

                            user_in.IFApplication,
                            DateTime.Now
                            )
                        );
                }

                idUser_out = user_in.IDUser;
                #endregion
            }
            else
            {
                errorlist_ref.Add(ErrorType.authentication__invalid_login);
                #region SBO_LOG_Log.log(...);
                SBO_LOG_Log.log(
                    null,
                    LogType.error,
                    ErrorType.authentication,
                    -1L,
                    (user_in == null) ? -1 : user_in.IFApplication,
                    "login:{0};password[0]:{1};ip:{2};",
                    new string[] {
                    login_forLogPurposes_in,
                    password_in.Length > 0 ? password_in.Substring(0, 1) : "",
                    ip_forLogPurposes_in
                }
                    );
                #endregion
            }
        }