public async Task Invoke(HttpContext context) { IDisposable dbCtx = DbContext.CreateContext(ErpSettings.ConnectionString); IDisposable secCtx = null; ErpUser user = AuthService.GetUser(context.User); if (user != null) { secCtx = SecurityContext.OpenScope(user); } else { if (context.User.Identity.IsAuthenticated) { await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); } } await next(context); await Task.Run(() => { if (dbCtx != null) { dbCtx.Dispose(); } if (secCtx != null) { secCtx.Dispose(); } }); }
public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext) { if (actionContext.Request.Headers.Authorization == null) { actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized); } else { string authToken = actionContext.Request.Headers.Authorization.Parameter; string decodedToken = Encoding.UTF8.GetString(Convert.FromBase64String(authToken)); if (!string.IsNullOrEmpty(decodedToken)) { string[] paramters = decodedToken.Split(':'); if (paramters.Length == 2) { ErpUser obj = new ErpUser() { Username = paramters[0], Token = Guid.Parse(paramters[1]) }; if (ErpUserRepo.IsValidToken(obj)) { return; } } } actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized); } }
public async Task Invoke(HttpContext context) { IDisposable dbCtx = DbContext.CreateContext(ErpSettings.ConnectionString); IDisposable secCtx = null; ErpUser user = AuthService.GetUser(context.User); if (user != null) { secCtx = SecurityContext.OpenScope(user); } await next(context); await Task.Run(() => { if (dbCtx != null) { dbCtx.Dispose(); } if (secCtx != null) { secCtx.Dispose(); } }); }
public IActionResult OnPost([FromServices] AuthService authService) { if (!ModelState.IsValid) { throw new Exception("Antiforgery check failed."); } Init(); var globalHookInstances = HookManager.GetHookedInstances <IPageHook>(HookKey); foreach (IPageHook inst in globalHookInstances) { var result = inst.OnPost(this); if (result != null) { return(result); } } var hookInstances = HookManager.GetHookedInstances <ILoginPageHook>(HookKey); foreach (ILoginPageHook inst in hookInstances) { var result = inst.OnPostPreLogin(this); if (result != null) { return(result); } } ErpUser user = authService.Authenticate(Username, Password); foreach (ILoginPageHook inst in hookInstances) { var result = inst.OnPostAfterLogin(user, this); if (result != null) { return(result); } } if (user == null) { Error = "Invalid username or password"; return(Page()); } if (!string.IsNullOrWhiteSpace(ReturnUrl)) { return(new LocalRedirectResult(ReturnUrl)); } else { return(new LocalRedirectResult("/")); } }
public override Task OnConnectionUpAsync(Circuit circuit, CancellationToken cancellationToken) { IDisposable dbCtx = DbContext.CreateContext(ErpSettings.ConnectionString); ErpUser user = AuthService.GetUser(authStateProvider.GetAuthenticationStateAsync().Result.User); IDisposable secCtx = user != null?WebVella.Erp.Api.SecurityContext.OpenScope(user) : null; contexts.Add(circuit, new Tuple <IDisposable, IDisposable>(dbCtx, secCtx)); return(Task.CompletedTask); }
public IActionResult OnPost() { if (!ModelState.IsValid) { throw new Exception("Antiforgery check failed."); } var initResult = Init(); if (initResult != null) { return(initResult); } InitPage(); var appServ = new AppService(); try { var secMan = new SecurityManager(); var allRoles = secMan.GetAllRoles(); ErpUser newUser = new ErpUser(); newUser.Id = Guid.NewGuid(); newUser.Username = UserName; newUser.FirstName = FirstName; newUser.LastName = LastName; newUser.Email = Email; newUser.Password = Password; newUser.Image = Image; newUser.Enabled = Enabled; newUser.Verified = Verified; newUser.Preferences = new ErpUserPreferences(); foreach (var roleId in Roles) { var role = allRoles.Single(x => x.Id == new Guid(roleId)); newUser.Roles.Add(role); } secMan.SaveUser(newUser); BeforeRender(); return(Redirect(ReturnUrl)); } catch (ValidationException ex) { Validation.Message = ex.Message; Validation.Errors = ex.Errors; BeforeRender(); return(Page()); } catch (Exception ex) { Validation.Message = ex.Message; Validation.Errors.Add(new ValidationError("", ex.Message, isSystem: true)); BeforeRender(); return(Page()); } }
private AuthToken(ErpUser user, DateTime expirationDate) { UserId = user.Id; Email = user.Email; FirstName = user.FirstName; LastName = user.LastName; LastModified = user.ModifiedOn; ExpirationDate = expirationDate; Roles = user.Roles; Image = user.Image; }
public EntityRecord GetPageHookLogic(BaseErpPageModel pageModel, EntityRecord record) { if (record == null) { record = new EntityRecord(); } //Preselect owner ErpUser currentUser = (ErpUser)pageModel.DataModel.GetProperty("CurrentUser"); if (currentUser != null) { record["owner_id"] = currentUser.Id; } //$project_nn_task.id //Preselect project if (pageModel.HttpContext.Request.Query.ContainsKey("projectId")) { var projectQueryId = pageModel.HttpContext.Request.Query["projectId"].ToString(); if (Guid.TryParse(projectQueryId, out Guid outGuid)) { var projectIdList = new List <Guid>(); projectIdList.Add(outGuid); record["$project_nn_task.id"] = projectIdList; } } else { var eqlCommand = "SELECT created_on,type_id,$project_nn_task.id FROM task WHERE created_by = @currentUserId ORDER BY created_on DESC PAGE 1 PAGESIZE 1"; var eqlParams = new List <EqlParameter>() { new EqlParameter("currentUserId", currentUser.Id) }; var eqlResult = new EqlCommand(eqlCommand, eqlParams).Execute(); if (eqlResult != null && eqlResult is EntityRecordList && eqlResult.Count > 0) { var relatedProjects = (List <EntityRecord>)eqlResult[0]["$project_nn_task"]; if (relatedProjects.Count > 0) { var projectIdList = new List <Guid>(); projectIdList.Add((Guid)relatedProjects[0]["id"]); record["$project_nn_task.id"] = projectIdList; } record["type_id"] = (Guid?)eqlResult[0]["type_id"]; } } //Preset start date record["start_time"] = DateTime.Now.Date.ClearKind(); record["end_time"] = DateTime.Now.Date.ClearKind().AddDays(1); return(record); }
static SecurityContext() { systemUser = new ErpUser(); systemUser.Id = SystemIds.SystemUserId; systemUser.FirstName = "Local"; systemUser.LastName = "System"; systemUser.Username = "******"; systemUser.Email = "*****@*****.**"; systemUser.Enabled = true; systemUser.Roles.Add(new ErpRole { Id = SystemIds.AdministratorRoleId, Name = "administrator" }); }
public static bool HasMetaPermission(ErpUser user = null) { if (user == null) { user = CurrentUser; } if (user == null) { return(false); } return(user.Roles.Any(x => x.Id == SystemIds.AdministratorRoleId)); }
internal static ErpIdentity CreateIdentity(Guid?userId) { SecurityManager secMan = new SecurityManager(); ErpUser user = secMan.GetUser(userId.Value); if (user == null || !user.Enabled) { return(null); } return(new ErpIdentity { User = user }); }
public static IDisposable OpenScope(ErpUser user) { if (current == null) { current = new AsyncLocal <SecurityContext>(); current.Value = new SecurityContext(); } if (current.Value == null) { current.Value = new SecurityContext(); } current.Value.userStack.Push(user); return(current.Value); }
public static BaseErpPageModel CreatePageModelSimulation( ErpRequestContext erpRequestContext, ErpUser currentUser ) { var pageModel = new BaseErpPageModel(); pageModel.ErpRequestContext = erpRequestContext; pageModel.currentUser = currentUser; pageModel.AppName = erpRequestContext.App != null ? erpRequestContext.App.Name : ""; pageModel.AreaName = erpRequestContext.SitemapArea != null ? erpRequestContext.SitemapArea.Name : ""; pageModel.NodeName = erpRequestContext.SitemapNode != null ? erpRequestContext.SitemapNode.Name : ""; pageModel.PageName = erpRequestContext.Page != null ? erpRequestContext.Page.Name : ""; pageModel.RecordId = erpRequestContext.RecordId; pageModel.DataModel = new PageDataModel(pageModel); return(pageModel); }
private static async ValueTask <(string, JwtSecurityToken)> BuildTokenAsync(ErpUser user) { var claims = new List <Claim>(); claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())); claims.Add(new Claim(ClaimTypes.Email, user.Email)); user.Roles.ForEach(role => claims.Add(new Claim(ClaimTypes.Role.ToString(), role.Name))); DateTime tokenRefreshAfterDateTime = DateTime.UtcNow.AddMinutes(JWT_TOKEN_FORCE_REFRESH_MINUTES); claims.Add(new Claim(type: "token_refresh_after", value: tokenRefreshAfterDateTime.ToBinary().ToString())); var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ErpSettings.JwtKey)); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature); var tokenDescriptor = new JwtSecurityToken(ErpSettings.JwtIssuer, ErpSettings.JwtAudience, claims, expires: DateTime.Now.AddMinutes(JWT_TOKEN_EXPIRY_DURATION_MINUTES), signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(tokenDescriptor), tokenDescriptor); }
public ErpUser GetUser(string email, string password) { var query = EntityQuery.QueryAND(EntityQuery.QueryEQ("email", email), EntityQuery.QueryEQ("password", password)); var result = new RecordManager(true).Find(new EntityQuery("user", fieldsToQuery, query)); if (!result.Success) { throw new Exception(result.Message); } ErpUser user = null; if (result.Object.Data != null && result.Object.Data.Any()) { user = result.Object.Data[0].DynamicMapTo <ErpUser>(); } return(user); }
public static List <Guid> ProjectsUserCanAccess(ErpUser user) { var result = new List <Guid>(); QueryResponse queryResponse = new RecordManager().Find(new EntityQuery("wv_project", "id,$user_1_n_project_owner.id,$role_n_n_project_team.id,$role_n_n_project_customer.id")); if (!queryResponse.Success) { throw new Exception(queryResponse.Message); } foreach (var record in queryResponse.Object.Data) { var userIsPM = false; var userIsStaff = false; var userIsCustomer = false; foreach (var userRole in user.Roles) { if (!userIsPM) { userIsPM = ((List <EntityRecord>)record["$user_1_n_project_owner"]).Any(z => (Guid)z["id"] == user.Id); } if (!userIsStaff) { userIsStaff = ((List <EntityRecord>)record["$role_n_n_project_team"]).Any(z => (Guid)z["id"] == userRole.Id); } if (!userIsCustomer) { userIsCustomer = ((List <EntityRecord>)record["$role_n_n_project_customer"]).Any(z => (Guid)z["id"] == userRole.Id); } } if (userIsPM || userIsStaff || userIsCustomer) { result.Add((Guid)record["id"]); } } return(result); }
public IActionResult OnGet(BaseErpPageModel pageModel) { var page = (ErpPage)pageModel.DataModel.GetProperty("Page"); if (page != null && page.Id == CREATE_TASK_PAGE_ID) { EntityRecord record = (EntityRecord)pageModel.DataModel.GetProperty("Record"); #region << Init fields >> if (record == null) { record = new EntityRecord(); } //Preselect owner ErpUser currentUser = (ErpUser)pageModel.DataModel.GetProperty("CurrentUser"); if (currentUser != null) { record["owner_id"] = currentUser.Id; } //Preselect project if (pageModel.HttpContext.Request.Query.ContainsKey("projectId")) { var projectQueryId = pageModel.HttpContext.Request.Query["projectId"].ToString(); if (Guid.TryParse(projectQueryId, out Guid outGuid)) { record["project_id"] = outGuid; } } #endregion pageModel.DataModel.SetRecord(record); } return(null); }
public IActionResult MyProjects(string listName = null, string entityName = null, int page = 0) { var response = new ResponseModel(); //var queryString = HttpContext.Request.QueryString; #region << Can user read projects >> //Get current user ErpUser user = SecurityContext.CurrentUser; //Get entity meta var entity = entityManager.ReadEntity(entityName).Object; //Get list meta var list = entityManager.ReadRecordList(entity.Name, listName).Object; //check if user role has permissions var canRead = user.Roles.Any(x => entity.RecordPermissions.CanRead.Any(z => z == x.Id)); var canCreate = user.Roles.Any(x => entity.RecordPermissions.CanCreate.Any(z => z == x.Id)); var canUpdate = user.Roles.Any(x => entity.RecordPermissions.CanUpdate.Any(z => z == x.Id)); var canDelete = user.Roles.Any(x => entity.RecordPermissions.CanDelete.Any(z => z == x.Id)); if (!canRead) { response.Success = false; response.Message = "You do not have permission to read the projects in this system"; response.Timestamp = DateTime.UtcNow; return(Json(response)); //return empty object } #endregion #region << Init fields >> var requestedFields = "id,name,start_date,end_date," + "x_milestones_opened,x_milestones_completed,x_tasks_not_started,x_tasks_in_progress,x_tasks_completed,x_bugs_opened,x_bugs_reopened,x_bugs_closed," + "$user_1_n_project_owner.id,$user_1_n_project_owner.image,$user_1_n_project_owner.username," + "$role_n_n_project_team.id,$role_n_n_project_customer.id"; #endregion #region << Query builder >> //QueryObject filterObj = EntityQuery.QueryEQ("id", recordId); QueryObject filterObj = null; EntityQuery resultQuery = new EntityQuery("wv_project", requestedFields, filterObj, null, null, null, null); #endregion #region << Sort >> #endregion #region << Execute >> QueryResponse result = recMan.Find(resultQuery); var resultRecordsList = new List <EntityRecord>(); if (!result.Success) { response.Success = false; response.Timestamp = DateTime.UtcNow; response.Message = result.Message; response.Object = null; return(Json(response)); } foreach (var record in result.Object.Data) { //Check if user can view the object var userIsPM = false; var userIsStaff = false; var userIsCustomer = false; #region << Check user roles >> foreach (var userRole in user.Roles) { userIsPM = ((List <EntityRecord>)record["$user_1_n_project_owner"]).Any(z => (Guid)z["id"] == user.Id); userIsStaff = ((List <EntityRecord>)record["$role_n_n_project_team"]).Any(z => (Guid)z["id"] == userRole.Id); userIsCustomer = ((List <EntityRecord>)record["$role_n_n_project_customer"]).Any(z => (Guid)z["id"] == userRole.Id); } #endregion if (userIsPM || userIsStaff || userIsCustomer) { var recordObj = new EntityRecord(); recordObj["id"] = record["id"]; recordObj["name"] = record["name"]; recordObj["start_date"] = record["start_date"]; recordObj["end_date"] = record["end_date"]; recordObj["owner_image"] = ((List <EntityRecord>)record["$user_1_n_project_owner"])[0]["image"]; recordObj["owner_username"] = ((List <EntityRecord>)record["$user_1_n_project_owner"])[0]["username"]; #region << milestones Count "opened" vs "completed" >> var milestonesOpened = (decimal)record["x_milestones_opened"]; var milestonesCompleted = (decimal)record["x_milestones_completed"]; recordObj["milestones_opened_count"] = milestonesOpened; recordObj["milestones_completed_count"] = milestonesCompleted; if (milestonesOpened + milestonesCompleted > 0) { recordObj["milestones_opened_percentage"] = Math.Round((decimal)(milestonesOpened * 100) / (milestonesOpened + milestonesCompleted)); recordObj["milestones_completed_percentage"] = 100 - Math.Round((decimal)(milestonesOpened * 100) / (milestonesOpened + milestonesCompleted)); } else { recordObj["milestones_opened_percentage"] = 0; recordObj["milestones_completed_percentage"] = 0; } #endregion #region << tasks Count "not started" vs "in progress" vs "completed" >> var tasksNotStarted = (decimal)record["x_tasks_not_started"]; var tasksInProgress = (decimal)record["x_tasks_in_progress"]; var tasksCompleted = (decimal)record["x_tasks_completed"]; recordObj["tasks_not_started_count"] = tasksNotStarted; recordObj["tasks_in_progress_count"] = tasksInProgress; recordObj["tasks_completed_count"] = tasksCompleted; if (tasksNotStarted + tasksInProgress + tasksCompleted > 0) { recordObj["tasks_not_started_percentage"] = Math.Round((decimal)(tasksNotStarted * 100) / (tasksNotStarted + tasksInProgress + tasksCompleted)); recordObj["tasks_in_progress_percentage"] = Math.Round((decimal)(tasksInProgress * 100) / (tasksNotStarted + tasksInProgress + tasksCompleted)); recordObj["tasks_completed_percentage"] = 100 - Math.Round((decimal)(tasksNotStarted * 100) / (tasksNotStarted + tasksInProgress + tasksCompleted)) - Math.Round((decimal)(tasksInProgress * 100) / (tasksNotStarted + tasksInProgress + tasksCompleted)); } else { recordObj["tasks_not_started_percentage"] = 0; recordObj["tasks_in_progress_percentage"] = 0; recordObj["tasks_completed_percentage"] = 0; } #endregion #region << bugs Count "opened" & "reopened" vs "closed" >> var bugsOpened = (decimal)record["x_bugs_opened"]; var bugsReOpened = (decimal)record["x_bugs_reopened"]; var bugsClosed = (decimal)record["x_bugs_closed"]; recordObj["bugs_opened_count"] = bugsOpened; recordObj["bugs_reopened_count"] = bugsReOpened; recordObj["bugs_closed_count"] = bugsClosed; if (bugsOpened + bugsReOpened + bugsClosed > 0) { recordObj["bugs_opened_percentage"] = Math.Round((decimal)(bugsOpened * 100) / (bugsOpened + bugsReOpened + bugsClosed)); recordObj["bugs_reopened_percentage"] = Math.Round((decimal)(bugsReOpened * 100) / (bugsOpened + bugsReOpened + bugsClosed)); recordObj["bugs_closed_percentage"] = 100 - Math.Round((decimal)(bugsOpened * 100) / (bugsOpened + bugsReOpened + bugsClosed)) - Math.Round((decimal)(bugsReOpened * 100) / (bugsOpened + bugsReOpened + bugsClosed)); } else { recordObj["bugs_opened_percentage"] = 0; recordObj["bugs_reopened_percentage"] = 0; recordObj["bugs_closed_percentage"] = 0; } resultRecordsList.Add(recordObj); #endregion } } #endregion var skipRecords = list.PageSize * (page - 1); if (page != 0) { resultRecordsList = resultRecordsList.Skip(skipRecords).Take(page).ToList(); } response.Success = true; response.Timestamp = DateTime.UtcNow; response.Message = "My projects successfully read"; response.Object = resultRecordsList; return(Json(response)); }
public static AuthToken Create(ErpUser user, bool extendedExpiration) { return(new AuthToken(user, DateTime.UtcNow.AddDays(extendedExpiration ? WebSecurityUtil.AUTH_TOKEN_EXTENDED_EXPIRATION_DAYS : WebSecurityUtil.AUTH_TOKEN_EXPIRATION_DAYS))); }
internal static object GetCurrentUserPermissions(HttpContext context) { if (context == null) { throw new NullReferenceException("context"); } ErpUser user = null; if (context.User != null && context.User is ErpPrincipal) { var identity = (context.User as ErpPrincipal).Identity as ErpIdentity; if (identity != null) { user = identity.User; } } EntityManager entMan = new EntityManager(); var entities = entMan.ReadEntities().Object.Entities; List <object> permissions = new List <object>(); foreach (var entity in entities) { bool canRead = false; bool canCreate = false; bool canUpdate = false; bool canDelete = false; if (user != null) { canRead = user.Roles.Any(x => entity.RecordPermissions.CanRead.Any(z => z == x.Id)); canCreate = user.Roles.Any(x => entity.RecordPermissions.CanCreate.Any(z => z == x.Id)); canUpdate = user.Roles.Any(x => entity.RecordPermissions.CanUpdate.Any(z => z == x.Id)); canDelete = user.Roles.Any(x => entity.RecordPermissions.CanDelete.Any(z => z == x.Id)); } else { canRead = entity.RecordPermissions.CanRead.Any(z => z == SystemIds.GuestRoleId); canCreate = entity.RecordPermissions.CanCreate.Any(z => z == SystemIds.GuestRoleId); canUpdate = entity.RecordPermissions.CanUpdate.Any(z => z == SystemIds.GuestRoleId); canDelete = entity.RecordPermissions.CanDelete.Any(z => z == SystemIds.GuestRoleId); } if (canRead || canCreate || canUpdate || canDelete) { permissions.Add(new { entityId = entity.Id, entityName = entity.Name, canRead = canRead, canCreate = canCreate, canUpdate = canUpdate, canDelete = canDelete }); } } return(permissions); }
public IActionResult ProjectMilestones(string listName = null, string entityName = null, int page = 0) { var response = new ResponseModel(); #region << Can user read projects >> //Get current user ErpUser user = SecurityContext.CurrentUser; //Get entity meta var entity = entityManager.ReadEntity(entityName).Object; //Get list meta var list = entityManager.ReadRecordList(entity.Name, listName).Object; //check if user role has permissions var canRead = user.Roles.Any(x => entity.RecordPermissions.CanRead.Any(z => z == x.Id)); var canCreate = user.Roles.Any(x => entity.RecordPermissions.CanCreate.Any(z => z == x.Id)); var canUpdate = user.Roles.Any(x => entity.RecordPermissions.CanUpdate.Any(z => z == x.Id)); var canDelete = user.Roles.Any(x => entity.RecordPermissions.CanDelete.Any(z => z == x.Id)); if (!canRead) { response.Success = false; response.Message = "You do not have permission to read the projects in this system"; response.Timestamp = DateTime.UtcNow; return(Json(response)); //return empty object } #endregion #region << Get the project id >> var queryString = HttpContext.Request.QueryString.ToString(); var queryKeyValue = QueryHelpers.ParseQuery(queryString); var projectId = new Guid(); if (queryKeyValue.ContainsKey("recordId") && Guid.TryParse(queryKeyValue["recordId"], out projectId)) { } else { response.Success = false; response.Timestamp = DateTime.UtcNow; response.Message = "Project Id either not found or not a GUID"; response.Object = null; } #endregion #region << Get milestone data >> var requestedFields = "id,name,start_date,end_date,x_tasks_not_started,x_tasks_in_progress,x_tasks_completed,x_bugs_opened,x_bugs_reopened,x_bugs_closed"; QueryObject filterObj = EntityQuery.QueryEQ("project_id", projectId); var sortList = new List <QuerySortObject>(); sortList.Add(new QuerySortObject("end_date", QuerySortType.Descending)); EntityQuery resultQuery = new EntityQuery("wv_milestone", requestedFields, filterObj, sortList.ToArray(), null, null, null); QueryResponse result = recMan.Find(resultQuery); if (!result.Success) { response.Success = false; response.Timestamp = DateTime.UtcNow; response.Message = result.Message; response.Object = null; return(Json(response)); } #endregion var resultRecordsList = new List <EntityRecord>(); foreach (var record in result.Object.Data) { var recordObj = new EntityRecord(); recordObj["id"] = record["id"]; recordObj["name"] = record["name"]; recordObj["start_date"] = record["start_date"]; recordObj["end_date"] = record["end_date"]; #region << tasks Count "not started" vs "in progress" vs "completed" >> var tasksNotStarted = (decimal)record["x_tasks_not_started"]; var tasksInProgress = (decimal)record["x_tasks_in_progress"]; var tasksCompleted = (decimal)record["x_tasks_completed"]; recordObj["tasks_not_started_count"] = tasksNotStarted; recordObj["tasks_in_progress_count"] = tasksInProgress; recordObj["tasks_completed_count"] = tasksCompleted; if (tasksNotStarted + tasksInProgress + tasksCompleted > 0) { recordObj["tasks_not_started_percentage"] = Math.Round((decimal)(tasksNotStarted * 100) / (tasksNotStarted + tasksInProgress + tasksCompleted)); recordObj["tasks_in_progress_percentage"] = Math.Round((decimal)(tasksInProgress * 100) / (tasksNotStarted + tasksInProgress + tasksCompleted)); recordObj["tasks_completed_percentage"] = 100 - Math.Round((decimal)(tasksNotStarted * 100) / (tasksNotStarted + tasksInProgress + tasksCompleted)) - Math.Round((decimal)(tasksInProgress * 100) / (tasksNotStarted + tasksInProgress + tasksCompleted)); } else { recordObj["tasks_not_started_percentage"] = 0; recordObj["tasks_in_progress_percentage"] = 0; recordObj["tasks_completed_percentage"] = 0; } #endregion #region << bugs Count "opened" & "reopened" vs "closed" >> var bugsOpened = (decimal)record["x_bugs_opened"]; var bugsReOpened = (decimal)record["x_bugs_reopened"]; var bugsClosed = (decimal)record["x_bugs_closed"]; recordObj["bugs_opened_count"] = bugsOpened; recordObj["bugs_reopened_count"] = bugsReOpened; recordObj["bugs_closed_count"] = bugsClosed; if (bugsOpened + bugsReOpened + bugsClosed > 0) { recordObj["bugs_opened_percentage"] = Math.Round((decimal)(bugsOpened * 100) / (bugsOpened + bugsReOpened + bugsClosed)); recordObj["bugs_reopened_percentage"] = Math.Round((decimal)(bugsReOpened * 100) / (bugsOpened + bugsReOpened + bugsClosed)); recordObj["bugs_closed_percentage"] = 100 - Math.Round((decimal)(bugsOpened * 100) / (bugsOpened + bugsReOpened + bugsClosed)) - Math.Round((decimal)(bugsReOpened * 100) / (bugsOpened + bugsReOpened + bugsClosed)); } else { recordObj["bugs_opened_percentage"] = 0; recordObj["bugs_reopened_percentage"] = 0; recordObj["bugs_closed_percentage"] = 0; } #endregion resultRecordsList.Add(recordObj); } response.Success = true; response.Timestamp = DateTime.UtcNow; response.Message = "My projects successfully read"; response.Object = resultRecordsList; return(Json(response)); }
public void SaveUser(ErpUser user) { if (user == null) { throw new ArgumentNullException(nameof(user)); } RecordManager recMan = new RecordManager(); EntityRelationManager relMan = new EntityRelationManager(); EntityRecord record = new EntityRecord(); ErpUser existingUser = GetUser(user.Id); ValidationException valEx = new ValidationException(); if (existingUser != null) { record["id"] = user.Id; if (existingUser.Username != user.Username) { record["username"] = user.Username; if (string.IsNullOrWhiteSpace(user.Username)) { valEx.AddError("username", "Username is required."); } else if (GetUserByUsername(user.Username) != null) { valEx.AddError("username", "Username is already registered to another user. It must be unique."); } } if (existingUser.Email != user.Email) { record["email"] = user.Email; if (string.IsNullOrWhiteSpace(user.Email)) { valEx.AddError("email", "Email is required."); } else if (GetUser(user.Email) != null) { valEx.AddError("email", "Email is already registered to another user. It must be unique."); } else if (!IsValidEmail(user.Email)) { valEx.AddError("email", "Email is not valid."); } } if (existingUser.Password != user.Password && !string.IsNullOrWhiteSpace(user.Password)) { record["password"] = user.Password; } if (existingUser.Enabled != user.Enabled) { record["enabled"] = user.Enabled; } if (existingUser.Verified != user.Verified) { record["verified"] = user.Verified; } if (existingUser.FirstName != user.FirstName) { record["first_name"] = user.FirstName; } if (existingUser.LastName != user.LastName) { record["last_name"] = user.LastName; } if (existingUser.Image != user.Image) { record["image"] = user.Image; } record["$user_role.id"] = user.Roles.Select(x => x.Id).ToList(); valEx.CheckAndThrow(); var response = recMan.UpdateRecord("user", record); if (!response.Success) { throw new Exception(response.Message); } } else { record["id"] = user.Id; record["email"] = user.Email; record["username"] = user.Username; record["first_name"] = user.FirstName; record["last_name"] = user.LastName; record["enabled"] = user.Enabled; record["verified"] = user.Verified; record["image"] = user.Image; record["preferences"] = JsonConvert.SerializeObject(user.Preferences ?? new ErpUserPreferences()); if (string.IsNullOrWhiteSpace(user.Username)) { valEx.AddError("username", "Username is required."); } else if (GetUserByUsername(user.Username) != null) { valEx.AddError("username", "Username is already registered to another user. It must be unique."); } if (string.IsNullOrWhiteSpace(user.Email)) { valEx.AddError("email", "Email is required."); } else if (GetUser(user.Email) != null) { valEx.AddError("email", "Email is already registered to another user. It must be unique."); } else if (!IsValidEmail(user.Email)) { valEx.AddError("email", "Email is not valid."); } if (string.IsNullOrWhiteSpace(user.Password)) { valEx.AddError("password", "Password is required."); } else { record["password"] = user.Password; } record["$user_role.id"] = user.Roles.Select(x => x.Id).ToList(); valEx.CheckAndThrow(); var response = recMan.CreateRecord("user", record); if (!response.Success) { throw new Exception(response.Message); } } }
public bool isExists(ErpUser erpUser) { return(erpUserRepo.isExists(erpUser)); }
public ErpUser GetByLogin(ErpUser erpUser) { return(erpUserRepo.GetByLogin(erpUser)); }
public IActionResult OnPostAfterLogin(ErpUser user, LoginModel pageModel) { return(null); }
public IActionResult MyMilestones() { var response = new ResponseModel(); var resultProjectIdList = new List <Guid>(); try { #region << Get Project Ids >> #region << Can user read projects >> //Get current user ErpUser user = SecurityContext.CurrentUser; //Get entity meta var entity = entMan.ReadEntity("wv_project").Object; //check if user role has permissions var canRead = user.Roles.Any(x => entity.RecordPermissions.CanRead.Any(z => z == x.Id)); var canCreate = user.Roles.Any(x => entity.RecordPermissions.CanCreate.Any(z => z == x.Id)); var canUpdate = user.Roles.Any(x => entity.RecordPermissions.CanUpdate.Any(z => z == x.Id)); var canDelete = user.Roles.Any(x => entity.RecordPermissions.CanDelete.Any(z => z == x.Id)); if (!canRead) { response.Success = false; response.Message = "You do not have permission to read the projects in this system"; response.Timestamp = DateTime.UtcNow; return(Json(response)); //return empty object } var milestone = entMan.ReadEntity("wv_milestone").Object; //check if user role has permissions var canReadMilestone = user.Roles.Any(x => milestone.RecordPermissions.CanRead.Any(z => z == x.Id)); var canCreateMilestone = user.Roles.Any(x => milestone.RecordPermissions.CanCreate.Any(z => z == x.Id)); var canUpdateMilestone = user.Roles.Any(x => milestone.RecordPermissions.CanUpdate.Any(z => z == x.Id)); var canDeleteMilestone = user.Roles.Any(x => milestone.RecordPermissions.CanDelete.Any(z => z == x.Id)); if (!canReadMilestone) { response.Success = false; response.Message = "You do not have permission to read the milestones in this system"; response.Timestamp = DateTime.UtcNow; return(Json(response)); //return empty object } #endregion var requestedFields = "id," + "$user_1_n_project_owner.id," + "$role_n_n_project_team.id,$role_n_n_project_customer.id"; #region << Query builder >> //QueryObject filterObj = EntityQuery.QueryEQ("id", recordId); QueryObject filterObj = null; EntityQuery resultQuery = new EntityQuery("wv_project", requestedFields, filterObj, null, null, null, null); #endregion #region << Execute >> QueryResponse result = recMan.Find(resultQuery); if (!result.Success) { response.Success = false; response.Timestamp = DateTime.UtcNow; response.Message = result.Message; response.Object = null; return(Json(response)); } foreach (var record in result.Object.Data) { //Check if user can view the object var userIsPM = false; var userIsStaff = false; var userIsCustomer = false; #region << Check user roles >> foreach (var userRole in user.Roles) { userIsPM = ((List <EntityRecord>)record["$user_1_n_project_owner"]).Any(z => (Guid)z["id"] == user.Id); userIsStaff = ((List <EntityRecord>)record["$role_n_n_project_team"]).Any(z => (Guid)z["id"] == userRole.Id); userIsCustomer = ((List <EntityRecord>)record["$role_n_n_project_customer"]).Any(z => (Guid)z["id"] == userRole.Id); } #endregion if (userIsPM || userIsStaff || userIsCustomer) { resultProjectIdList.Add((Guid)record["id"]); } } #endregion #endregion if (resultProjectIdList.Count == 0) { response.Success = true; response.Timestamp = DateTime.UtcNow; response.Message = "You do not have access to any project or there are no projects yet"; response.Object = null; return(Json(response)); } #region << Get Milestones >> var milestoneFields = "*"; QueryObject projectIdFilterSection = null; #region << project id filters >> var projectIdRulesList = new List <QueryObject>(); foreach (var projectId in resultProjectIdList) { var projectIdRule = EntityQuery.QueryEQ("project_id", projectId); projectIdRulesList.Add(projectIdRule); } projectIdFilterSection = EntityQuery.QueryOR(projectIdRulesList.ToArray()); #endregion var sortRulesList = new List <QuerySortObject>(); var defaultSortRule = new QuerySortObject("name", QuerySortType.Ascending); sortRulesList.Add(defaultSortRule); var milestoneQuery = new EntityQuery("wv_milestone", milestoneFields, projectIdFilterSection, sortRulesList.ToArray(), null, null, null); var milestoneQueryResponse = recMan.Find(milestoneQuery); if (!milestoneQueryResponse.Success) { response.Success = false; response.Timestamp = DateTime.UtcNow; response.Message = milestoneQueryResponse.Message; response.Object = null; return(Json(response)); } response.Success = true; response.Timestamp = DateTime.UtcNow; response.Message = "My milestones successfully read"; response.Object = milestoneQueryResponse.Object.Data; return(Json(response)); #endregion } catch (Exception ex) { response.Success = false; response.Timestamp = DateTime.UtcNow; response.Message = "Error: " + ex.Message; response.Object = null; return(Json(response)); } }
public static IDisposable OpenScope(ErpUser user) { Debug.WriteLine("SECURITY: OpenScope -> " + (user != null ? user.Id.ToString() : "none")); GetStack().Push(user); return(new Stopper()); }
public bool SubmitDetail(ErpUser erpUser) { return(erpUserRepo.SubmitDetail(erpUser)); }
public IActionResult AllTaskUserCanSee(string listName = null, string entityName = null, int page = 0) { var response = new ResponseModel(); try { //var queryString = HttpContext.Request.QueryString; #region << Can user read tasks >> //Get current user ErpUser user = SecurityContext.CurrentUser; //Get entity meta var entity = entMan.ReadEntity("wv_task").Object; //Get list meta var list = entMan.ReadRecordList(entity.Name, listName).Object; //check if user role has permissions var canRead = user.Roles.Any(x => entity.RecordPermissions.CanRead.Any(z => z == x.Id)); var canCreate = user.Roles.Any(x => entity.RecordPermissions.CanCreate.Any(z => z == x.Id)); var canUpdate = user.Roles.Any(x => entity.RecordPermissions.CanUpdate.Any(z => z == x.Id)); var canDelete = user.Roles.Any(x => entity.RecordPermissions.CanDelete.Any(z => z == x.Id)); if (!canRead) { response.Success = false; response.Message = "You do not have permission to read the projects in this system"; response.Timestamp = DateTime.UtcNow; return(Json(response)); //return empty object } #endregion var taskQueryResponse = new QueryResponse(); var userCanSeeProjectIds = new List <Guid>(); #region << Generate list of projects user can see >> { var requestedFields = "id,$user_1_n_project_owner.id,$role_n_n_project_team.id,$role_n_n_project_customer.id"; //QueryObject filterObj = EntityQuery.QueryEQ("id", recordId); QueryObject filterObj = null; EntityQuery resultQuery = new EntityQuery("wv_project", requestedFields, filterObj, null, null, null, null); QueryResponse result = recMan.Find(resultQuery); var resultRecordsList = new List <EntityRecord>(); if (!result.Success) { response.Success = false; response.Timestamp = DateTime.UtcNow; response.Message = result.Message; response.Object = null; return(Json(response)); } foreach (var record in result.Object.Data) { //Check if user can view the object var userIsPM = false; var userIsStaff = false; var userIsCustomer = false; #region << Check user roles >> foreach (var userRole in user.Roles) { userIsPM = ((List <EntityRecord>)record["$user_1_n_project_owner"]).Any(z => (Guid)z["id"] == user.Id); userIsStaff = ((List <EntityRecord>)record["$role_n_n_project_team"]).Any(z => (Guid)z["id"] == userRole.Id); userIsCustomer = ((List <EntityRecord>)record["$role_n_n_project_customer"]).Any(z => (Guid)z["id"] == userRole.Id); } #endregion if (userIsPM || userIsStaff || userIsCustomer) { userCanSeeProjectIds.Add((Guid)record["id"]); } } } #endregion #region << Get tasks >> { var fields = "id,number,subject,start_date,end_date,status,priority,$user_1_n_task_owner.id,$user_1_n_task_owner.image"; QueryObject rootFilterSection = null; QueryObject auxFilterSection = null; QueryObject projectIdFilterSection = null; #region << project id filters >> var projectIdRulesList = new List <QueryObject>(); foreach (var projectId in userCanSeeProjectIds) { var projectIdRule = EntityQuery.QueryEQ("project_id", projectId); projectIdRulesList.Add(projectIdRule); } projectIdFilterSection = EntityQuery.QueryOR(projectIdRulesList.ToArray()); #endregion #region << Aux filters & Sort>> var sortRulesList = new List <QuerySortObject>(); var queryString = HttpContext.Request.QueryString.ToString(); var queryKeyValueList = QueryHelpers.ParseQuery(queryString); var auxRulesList = new List <QueryObject>(); var getListObject = entMan.ReadRecordList(entity.Name, listName).Object; //Currently we will hardcode the query generation //auxFilterSection = RecordListQuery.ConvertQuery(getListObject.Query); QueryObject auxRule = new QueryObject(); foreach (var query in queryKeyValueList) { switch (query.Key.ToLowerInvariant()) { case "number": auxRule = new QueryObject(); decimal outDecimal = 0; if (decimal.TryParse((string)query.Value, out outDecimal)) { auxRule = EntityQuery.QueryEQ("number", outDecimal); auxRulesList.Add(auxRule); } break; case "subject": auxRule = new QueryObject(); auxRule = EntityQuery.QueryContains("subject", (string)query.Value); auxRulesList.Add(auxRule); break; case "status": auxRule = new QueryObject(); auxRule = EntityQuery.QueryEQ("status", (string)query.Value); auxRulesList.Add(auxRule); break; case "priority": auxRule = new QueryObject(); auxRule = EntityQuery.QueryEQ("priority", (string)query.Value); auxRulesList.Add(auxRule); break; case "sortby": var sortRule = new QuerySortObject((string)query.Value, QuerySortType.Descending); if (!queryKeyValueList.ContainsKey("sortOrder") || (string)queryKeyValueList["sortOrder"] == "ascending") { sortRule = new QuerySortObject((string)query.Value, QuerySortType.Ascending); } sortRulesList.Add(sortRule); break; } } auxFilterSection = EntityQuery.QueryAND(auxRulesList.ToArray()); //Add default sort by created_on var defaultSortRule = new QuerySortObject("created_on", QuerySortType.Ascending); sortRulesList.Add(defaultSortRule); #endregion rootFilterSection = EntityQuery.QueryAND(projectIdFilterSection, auxFilterSection); //Calculate page var pageSize = getListObject.PageSize; var skipRecords = (page - 1) * pageSize; var taskQuery = new EntityQuery("wv_task", fields, rootFilterSection, sortRulesList.ToArray(), skipRecords, pageSize, null); taskQueryResponse = recMan.Find(taskQuery); if (!taskQueryResponse.Success) { response.Success = false; response.Timestamp = DateTime.UtcNow; response.Message = taskQueryResponse.Message; response.Object = null; return(Json(response)); } } #endregion var taskList = new List <EntityRecord>(); #region << Post-process >> foreach (var task in taskQueryResponse.Object.Data) { var record = new EntityRecord(); record["id"] = (Guid)task["id"]; record["number"] = (decimal)task["number"]; record["subject"] = (string)task["subject"]; record["start_date"] = (DateTime)task["start_date"]; record["end_date"] = (DateTime)task["end_date"]; record["status"] = (string)task["status"]; record["priority"] = (string)task["priority"]; var taskOwnerIdList = new List <Guid>(); var taskOwnerImageList = new List <string>(); var taskOwnerId = (Guid)((List <EntityRecord>)task["$user_1_n_task_owner"])[0]["id"]; var taskOwnerImage = (string)((List <EntityRecord>)task["$user_1_n_task_owner"])[0]["image"]; taskOwnerIdList.Add(taskOwnerId); taskOwnerImageList.Add(taskOwnerImage); record["$field$user_1_n_task_owner$id"] = taskOwnerIdList; record["$field$user_1_n_task_owner$image"] = taskOwnerImageList; taskList.Add(record); } #endregion response.Success = true; response.Timestamp = DateTime.UtcNow; response.Message = "Successful read"; response.Object = taskList; return(Json(response)); } catch (Exception ex) { response.Success = false; response.Timestamp = DateTime.UtcNow; response.Message = ex.Message; response.Object = null; return(Json(response)); } }
public static bool HasEntityPermission(EntityPermission permission, Entity entity, ErpUser user = null) { if (entity == null) { throw new ArgumentNullException("entity"); } if (user == null) { user = CurrentUser; } if (user != null) { //system user has unlimited permissions :) if (user.Id == SystemIds.SystemUserId) { return(true); } switch (permission) { case EntityPermission.Read: return(user.Roles.Any(x => entity.RecordPermissions.CanRead.Any(z => z == x.Id))); case EntityPermission.Create: return(user.Roles.Any(x => entity.RecordPermissions.CanCreate.Any(z => z == x.Id))); case EntityPermission.Update: return(user.Roles.Any(x => entity.RecordPermissions.CanUpdate.Any(z => z == x.Id))); case EntityPermission.Delete: return(user.Roles.Any(x => entity.RecordPermissions.CanDelete.Any(z => z == x.Id))); default: throw new NotSupportedException("Entity permission type is not supported"); } } else { switch (permission) { case EntityPermission.Read: return(entity.RecordPermissions.CanRead.Any(z => z == SystemIds.GuestRoleId)); case EntityPermission.Create: return(entity.RecordPermissions.CanCreate.Any(z => z == SystemIds.GuestRoleId)); case EntityPermission.Update: return(entity.RecordPermissions.CanUpdate.Any(z => z == SystemIds.GuestRoleId)); case EntityPermission.Delete: return(entity.RecordPermissions.CanDelete.Any(z => z == SystemIds.GuestRoleId)); default: throw new NotSupportedException("Entity permission type is not supported"); } } }