Exemplo n.º 1
        public ActionResult AppError(Exception exception, GStoreData.Exceptions.ErrorPage? errorPage, int? httpStatusCode)
            if (exception == null)
                throw new ArgumentNullException("Exception");
            if (!errorPage.HasValue)
                throw new ArgumentNullException("ErrorPage");
            if (!httpStatusCode.HasValue)
                throw new ArgumentNullException("httpStatusCode");

            TryDisplayErrorView(exception, errorPage.Value, httpStatusCode.Value, true);
            return null;
Exemplo n.º 2
        public static bool ValidatePageUrl(this IGstoreDb db, GStoreData.ControllerBase.BaseController controller, string url, int storeFrontId, int clientId, int? currentPageId)
            string urlField = (controller.ModelState.ContainsKey("PageEditViewModel_Url") ? "PageEditViewModel_Url" : "Url");

            if (string.IsNullOrWhiteSpace(url))
                string errorMessage = "Url is required \n Please enter a url starting with /";
                controller.ModelState.AddModelError(urlField, errorMessage);
                return false;

            if (!url.StartsWith("/"))
                string errorMessage = "Invalid Url: '" + url + "'. Url must start with a slash. Example / for home page or /Food";
                controller.ModelState.AddModelError(urlField, errorMessage);
                return false;

            if (url.Contains(" "))
                string errorMessage = "Invalid Url: '" + url + "'. Url Cannot have spaces. Be sure to remove spaces from Url. You may replace spaces with underscore _ ";
                controller.ModelState.AddModelError(urlField, errorMessage);
                return false;

            if (url.Contains("?"))
                string errorMessage = "Invalid Url: '" + url + "'. Url Cannot have a question Mark ? in it. You may might choose to replace it with an underscore _ or dash -";
                controller.ModelState.AddModelError(urlField, errorMessage);
                return false;

            if (url.Contains('~') || url.Contains('|') || url.Contains(':') || url.Contains("*") || url.Contains('\"') || url.Contains('<') || url.Contains('>'))
                string errorMessage = "Invalid Url: '" + url + "'. These characters are not allowed in Urls. ~ | : * \\ < > . You might choose to replace these characters with underscore or dash -";
                controller.ModelState.AddModelError(urlField, errorMessage);
                return false;

            if (!System.Uri.IsWellFormedUriString("http://www.test.com" + url, UriKind.Absolute))
                string errorMessage = "Invalid Url: '" + url + "'. Url is not a valid URL. Example: /food   or /food/page1";
                controller.ModelState.AddModelError(urlField, errorMessage);
                return false;

            string trimUrl = "/" + url.Trim().Trim('~').Trim('/').ToLower();
            string[] blockedUrls = { "Account", "Blog", "BlogAdmin", "Bundles", "Category", "Catalog", "CatalogAdmin", "CatalogContent", "Cart", "Chat", "Checkout", "Content", "Edit", "Fonts", "GStore", "Images", "JS", "Notifications", "Order", "OrderAdmin", "Pages", "Products", "Profile", "Styles", "Scripts", "StoreAdmin", "ShareByEmail", "SubmitForm", "SystemAdmin", "Themes", "UpdatePageAjax", "UpdateSectionAjax", "View" };

            foreach (string blockedUrl in blockedUrls)
                if (trimUrl.StartsWith(blockedUrl.ToLower()))
                    string errorMessage = "Url '" + url + "' is invalid. Url cannot start with '" + blockedUrl + "' because the system already has built-in " + blockedUrl + " pages. \n Please choose a different url";
                    controller.ModelState.AddModelError(urlField, errorMessage);
                    return false;

            if (Settings.AppEnableStoresVirtualFolders)
                if (trimUrl.StartsWith("stores"))
                    string errorMessage = "Url '" + url + "' is invalid. Url cannot start with 'Stores' because the system already has built-in Stores pages. \n Please choose a different url";
                    controller.ModelState.AddModelError(urlField, errorMessage);
                    return false;

            Page conflict = db.Pages.Where(p => p.ClientId == clientId && p.StoreFrontId == storeFrontId && p.Url.ToLower() == trimUrl && (p.PageId != currentPageId)).FirstOrDefault();

            if (conflict == null)
                return true;

            string errorConflictMessage = "Url '" + url + "' is already in use for page '" + conflict.Name + "' [" + conflict.PageId + "] in Store Front '" + conflict.StoreFront.CurrentConfig().Name.ToHtml() + "' [" + conflict.StoreFrontId + "]. \n You must enter a unique Url or change the conflicting page Url.";

            controller.ModelState.AddModelError(urlField, errorConflictMessage);
            return false;
Exemplo n.º 3
        public static void SetBasicFields(this Models.BaseClasses.EventLogBase record, HttpContextBase httpContext, RouteData routeData, string source, string message, bool anonymous, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string siteId = httpContext.ApplicationInstance.Server.MachineName
                + ":" + System.Web.Hosting.HostingEnvironment.SiteName
                + httpContext.Request.ApplicationPath;

            record.StartDateTimeUtc = DateTime.UtcNow;
            record.EndDateTimeUtc = DateTime.UtcNow;

            if (controller != null)
                    record.StoreFrontId = controller.CurrentStoreFrontIdOrNull;
                catch (Exception)
                    record.StoreFrontId = null;
                    record.ClientId = controller.CurrentClientIdOrNull;
                catch (Exception)
                    record.ClientId = null;

            if (routeData != null)
                if (routeData.DataTokens.ContainsKey("area"))
                    record.Area = routeData.DataTokens["area"].ToString();
                record.Controller = routeData.Values["controller"].ToString();
                record.ActionName = routeData.Values["action"].ToString();
                record.ActionParameters = string.Empty;

                bool isFirst = true;
                foreach (var item in routeData.Values)
                    if (!isFirst)
                        record.ActionParameters += ", ";
                    record.ActionParameters += item.Key + " = " + item.Value;
                    isFirst = false;
                record.Controller = string.Empty;
                record.ActionName = string.Empty;
                record.ActionParameters = string.Empty;

            record.ServerName = httpContext.Server.MachineName;
            record.ApplicationPath = httpContext.Request.ApplicationPath;
            record.HostName = httpContext.Request.Url.Host;
            record.HttpMethod = httpContext.Request.HttpMethod;
            record.IsSecureConnection = httpContext.Request.IsSecureConnection;
            record.UserHostAddress = httpContext.Request.UserHostAddress;
            record.UrlReferrer = (httpContext.Request.UrlReferrer == null ? "" : httpContext.Request.UrlReferrer.ToString());
            record.UserAgent = httpContext.Request.UserAgent;
            record.RawUrl = httpContext.Request.RawUrl;
            record.Url = httpContext.Request.Url.ToString();
            record.Querystring = httpContext.Request.QueryString.ToString();
            record.Source = source;
            record.Message = message;
            record.Anonymous = anonymous;
            record.SessionId = httpContext.Session.SessionID;

            if (profile == null)
                record.UserId = null;
                record.UserName = null;
                record.UserProfileId = null;
                record.FullName = null;
                record.UserId = profile.UserId;
                record.UserName = profile.UserName;
                record.UserProfileId = profile.UserProfileId;
                record.FullName = profile.FullName;
Exemplo n.º 4
        public static SystemEvent LogSystemEvent(this IGstoreDb ctx, HttpContextBase httpContext, RouteData routeData, string source, SystemEventLevel level, string message, string exceptionMessage, string baseExceptionMessage, string baseExceptionToString, GStoreData.ControllerBase.BaseController controller)
            IGstoreDb newctx = ctx.NewContext();

            SystemEvent newEvent = newEvent = newctx.SystemEvents.Create();
            newEvent.SetBasicFields(httpContext, routeData, source, message, !httpContext.User.IsRegistered(), ctx.GetCurrentUserProfile(false, false), controller);

            newEvent.Level = (int)level;
            newEvent.LevelText = level.ToString();
            newEvent.ExceptionMessage = exceptionMessage;
            newEvent.BaseExceptionMessage = baseExceptionMessage;
            newEvent.BaseExceptionToString = baseExceptionToString;

            string simpleInfo = newEvent.SimpleInfo();
            System.Diagnostics.Trace.WriteLine("--System Event: " + newEvent.SimpleInfo());

            if (Settings.AppLogSystemEventsToDb)
                catch (Exception ex)
                    //can't save to database, attempt save to file
                    ex.LogToFile(httpContext, routeData);
            if (Settings.AppLogSystemEventsToFile)

            return newEvent;
Exemplo n.º 5
        public static void LogSecurityEvent_VerificationCodeSuccess(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string code, string provider, string returnUrl, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Verification code confirmed: " + code + " Provider: " + provider + " ReturnUrl: " + returnUrl;
            if (profile != null)
                message += " \n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Verification Code Success", SecurityEventLevel.VerificationCodeSuccess, true, true, "(unknown)", profile, message, controller);
Exemplo n.º 6
 public static void LogSecurityEvent_PasswordResetSuccess(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string email, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
     string message = "Password reset successfully for User Email: " + email;
     if (profile != null)
         message += " \n-Email: " + profile.Email
         + " \n-Name: " + profile.FullName
         + " \n-UserId: " + profile.UserId
         + " \n-UserProfileId: " + profile.UserProfileId;
     ctx.LogSecurityEvent(mvcHttpContext, routeData, "Password Reset Success", SecurityEventLevel.PasswordResetSuccess, true, false, email, profile, message, controller);
Exemplo n.º 7
        public static void LogSecurityEvent_PasswordResetFailed(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string email, IEnumerable<string> resultErrors, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Password reset failed for User Email: " + email;
            foreach (string error in resultErrors)
                message += " \n-Error: " + error;

            if (profile != null)
                message += " \n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId;
            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Password Reset Failed", SecurityEventLevel.PasswordResetFailed, false, true, email, profile, message, controller);
Exemplo n.º 8
        public static void LogSecurityEvent_LogOff(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "LogOff for " + mvcHttpContext.User.Identity.Name
                + " \n\n-Email: " + mvcHttpContext.User.Identity.Name
                + " \n-Name: " + mvcHttpContext.User.Identity.Name
                + " \n-UserId: " + mvcHttpContext.User.Identity.Name
                + " \n-UserProfileId: " + mvcHttpContext.User.Identity.Name;

            if (profile != null)
                message = "LogOff for " + profile.UserName
                    + " \n\n-Email: " + profile.Email
                    + " \n-Name: " + profile.FullName
                    + " \n-UserId: " + profile.UserId
                    + " \n-UserProfileId: " + profile.UserProfileId;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "LogOff", SecurityEventLevel.LogOff, true, false, mvcHttpContext.User.Identity.Name, profile, message, controller);
Exemplo n.º 9
        public static void LogSecurityEvent_EmailConfirmFailed(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string userId, string codeAttempted, IEnumerable<string> resultErrors, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Email Confirm Failed for User: "******" Code : " + codeAttempted;
            foreach (string error in resultErrors)
                message += " \n-Error: " + error;

            if (profile != null)
                message += " \n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId;
            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Email Confirmed", SecurityEventLevel.EmailConfirmFailed, false, false, userId, profile, message, controller);
Exemplo n.º 10
        public static SecurityEvent LogSecurityEvent(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string source, SecurityEventLevel level, bool success, bool anonymous, string userName, UserProfile profile, string message, GStoreData.ControllerBase.BaseController controller)
            IGstoreDb newctx = ctx.NewContext(userName);

            SecurityEvent newEvent = newctx.SecurityEvents.Create();

            newEvent.SetBasicFields(mvcHttpContext, routeData, source, message, anonymous, profile, controller);

            newEvent.Level = (int)level;
            newEvent.LevelText = level.ToString();
            newEvent.Success = success;

            string simpleInfo = newEvent.SimpleInfo();
            System.Diagnostics.Trace.WriteLine("--Security Event: " + newEvent.SimpleInfo());

            if (Settings.AppLogSecurityEventsToDb)
                catch (Exception ex)
                    //can't save to database, attempt save to file
                    ex.LogToFile(mvcHttpContext, routeData);
            if (Settings.AppLogSecurityEventsToFile)

            return newEvent;
Exemplo n.º 11
        public static FileNotFoundLog LogFileNotFound(this IGstoreDb ctx, HttpContextBase httpContext, RouteData routeData, GStoreData.ControllerBase.BaseController controller)
            IGstoreDb newctx = ctx.NewContext();

            FileNotFoundLog newLog = newctx.FileNotFoundLogs.Create();
            string message = "404 File Not Found: " + httpContext.Request.RawUrl;
            string source = "App";
            if (routeData != null)
                source = routeData.ToSourceString();

            newLog.SetBasicFields(httpContext, routeData, source, message, !httpContext.User.IsRegistered(), ctx.GetCurrentUserProfile(false, false), controller);

            string simpleInfo = newLog.SimpleInfo();
            System.Diagnostics.Trace.WriteLine("--File Not Found Event: " + newLog.SimpleInfo());

            if (Settings.AppLogFileNotFoundEventsToDb)
                catch (Exception ex)
                    //can't save to database, attempt save to file
                    ex.LogToFile(httpContext, routeData);
            if (Settings.AppLogFileNotFoundEventsToFile)

            return newLog;
Exemplo n.º 12
        public static Page CreateAutoHomePage(this IGstoreDb db, HttpRequestBase request, StoreFrontConfiguration storeFrontConfig, GStoreData.ControllerBase.BaseController baseController)
            if (db == null)
                throw new ArgumentNullException("db");
            if (request == null)
                throw new ArgumentNullException("request");
            if (baseController == null)
                throw new ArgumentNullException("baseController");
            if (storeFrontConfig == null)
                throw new ArgumentNullException("storeFrontConfig");

            UserProfile userProfile = db.SeedAutoMapUserBestGuess();
            db.CachedStoreFront = null;
            db.CachedUserProfile = userProfile;
            db.UserName = userProfile.UserName;

            PageTemplate pageTemplate = null;
            if (!db.PageTemplates.IsEmpty())
                pageTemplate = db.PageTemplates.Where(pt => pt.ClientId == storeFrontConfig.ClientId).ApplyDefaultSort().FirstOrDefault();
                //no page templates in database, create seed one
                pageTemplate = db.CreateSeedPageTemplate(Settings.AppDefaultPageTemplateName, Settings.AppDefaultPageTemplateViewName, storeFrontConfig.Client);

            Page page = db.CreateSeedPage(storeFrontConfig.Name, storeFrontConfig.Name, "/", 1000, storeFrontConfig, pageTemplate, true);

            string message = "--Auto-Created Home Page for StoreFront '" + storeFrontConfig.Name + "' [" + storeFrontConfig.StoreFrontId + "]"
                + " For HostName: " + request.BindingHostName() + " Port: " + request.BindingPort() + " RootPath: " + request.BindingRootPath()
                + " From RawUrl: " + request.RawUrl + " QueryString: " + request.QueryString + " ContentLength: " + request.ContentLength
                + " HTTPMethod: " + request.HttpMethod + " Client IP: " + request.UserHostAddress;


            EventLogExtensions.LogSystemEvent(db, baseController.HttpContext, baseController.RouteData, baseController.RouteData.ToSourceString(), SystemEventLevel.Information, message, string.Empty, string.Empty, string.Empty, baseController);

            return page;
Exemplo n.º 13
        public static StoreBinding CreatAutoMapStoreBindingToCurrentUrl(this IGstoreDb storeDb, GStoreData.ControllerBase.BaseController baseController)
            if (HttpContext.Current == null)
                throw new ApplicationException("Cannot create auto-map binding when HttpContext.Current is null");
            HttpRequestBase request = baseController.Request;

            UserProfile profile = storeDb.SeedAutoMapUserBestGuess();
            StoreFrontConfiguration storeFrontConfig = storeDb.SeedAutoMapStoreFrontConfigBestGuess();

            IGstoreDb systemDb = storeDb.NewContext(profile.UserName, storeFrontConfig.StoreFront, storeFrontConfig, profile);
            StoreBinding binding = systemDb.CreateSeedStoreBindingToCurrentUrl(storeFrontConfig);

            string message = "--Bindings auto-mapped to StoreFront '" + binding.StoreFront.CurrentConfigOrAny().Name + "' [" + binding.StoreFront.StoreFrontId + "]"
                + " For HostName: " + binding.HostName + " Port: " + binding.Port + " RootPath: " + binding.RootPath
                + " UseUrlStoreName: " + binding.UseUrlStoreName.ToString() + " UrlStoreName: " + binding.UrlStoreName.ToString()
                + " From RawUrl: " + request.RawUrl + " QueryString: " + request.QueryString + " ContentLength: " + request.ContentLength
                + " HTTPMethod: " + request.HttpMethod + " Client IP: " + request.UserHostAddress;

            EventLogExtensions.LogSystemEvent(systemDb, baseController.HttpContext, baseController.RouteData, baseController.RouteData.ToSourceString(), SystemEventLevel.Information, message, string.Empty, string.Empty, string.Empty, baseController);

            return binding;
Exemplo n.º 14
        public static bool ValidateWebFormName(this IGstoreDb db, GStoreData.ControllerBase.BaseController controller, string name, int clientId, int? currentWebFormId)
            string nameField = "Name";
            if (string.IsNullOrWhiteSpace(name))
                controller.ModelState.AddModelError(nameField, "Name is required. Please enter a name for this web form.");
                return false;

            WebForm conflict = db.WebForms.Where(wf => wf.ClientId == clientId && wf.Name.ToLower() == name && (wf.WebFormId != currentWebFormId)).FirstOrDefault();

            if (conflict == null)
                return true;

            string errorConflictMessage = "Name '" + name + "' is already in use for Web Form '" + conflict.Name + "' [" + conflict.WebFormId + "] in Client '" + conflict.Client.Name.ToHtml() + "' [" + conflict.ClientId + "]. \n You must enter a unique Name or change the conflicting Web Form name.";

            controller.ModelState.AddModelError(nameField, errorConflictMessage);
            return false;
Exemplo n.º 15
        public static bool ValidateValueListName(this IGstoreDb db, GStoreData.ControllerBase.BaseController controller, string name, int clientId, int? currentValueListId)
            string nameField = "Name";

            if (string.IsNullOrWhiteSpace(name))
                string errorMessage = "Name is required \n Please enter a unique name for this Value List";
                controller.ModelState.AddModelError(nameField, errorMessage);
                return false;

            ValueList conflict = db.ValueLists.Where(p => p.ClientId == clientId && p.Name.ToLower() == name.ToLower() && (p.ValueListId != currentValueListId)).FirstOrDefault();

            if (conflict == null)
                return true;

            string errorConflictMessage = "Name '" + name + "' is already in use for Value List '" + conflict.Name + "' [" + conflict.ValueListId + "] in Client '" + conflict.Client.Name.ToHtml() + "' [" + conflict.ClientId + "]. \n You must enter a unique Name or change the conflicting Value List Name.";

            controller.ModelState.AddModelError(nameField, errorConflictMessage);
            return false;
Exemplo n.º 16
        public static void LogSecurityEvent_LoginNeedsVerification(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string login, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Login needs email or phone verification for account: " + login;
            if (profile != null)
                message += " \n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId
                + " \n-LastLogonDateTimeUtc: " + profile.LastLogonDateTimeUtc
                + " \n-Failed Attempts: " + profile.AspNetIdentityUser().AccessFailedCount
                + " \n-Locked Out: " + profile.AspNetIdentityUser().LockoutEndDateUtc.HasValue.ToString();
                if (profile.AspNetIdentityUser().LockoutEndDateUtc.HasValue)
                    message += " \n-Locked Out Until: " + profile.AspNetIdentityUser().LockoutEndDateUtc;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Login Needs Verification", SecurityEventLevel.LoginNeedsVerification, true, false, login, profile, message, controller);
Exemplo n.º 17
        public static void LogSecurityEvent_LoginSuccess(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Login success for " + profile.UserName
                + " \n\n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Login Success", SecurityEventLevel.LoginSuccess, true, false, profile.UserName, profile, message, controller);
Exemplo n.º 18
 public static void LogSecurityEvent_EmailConfirmFailedUserNotFound(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string userNameAttempted, string codeAttempted, GStoreData.ControllerBase.BaseController controller)
     string message = "Email Confirm Failed. Unknown user: "******" Code: " + codeAttempted;
     ctx.LogSecurityEvent(mvcHttpContext, routeData, "Email Confirmed", SecurityEventLevel.EmailConfirmFailedUnknownUser, false, true, userNameAttempted, null, message, controller);
Exemplo n.º 19
        public static void LogSecurityEvent_NewRegister(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "New user signup: " + profile.UserName;
            if (profile != null)
                message += " \n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "New User Registration", SecurityEventLevel.NewRegister, true, false, profile.UserName, profile, message, controller);
Exemplo n.º 20
 public static void LogSecurityEvent_ForgotPasswordEmailNotFound(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string email, GStoreData.ControllerBase.BaseController controller)
     string message = "Forgot Password Failed. No user with Email: " + email;
     ctx.LogSecurityEvent(mvcHttpContext, routeData, "Forgot Password Failed Unknown User", SecurityEventLevel.ForgotPasswordFailedUnknownUser, false, true, email, null, message, controller);
Exemplo n.º 21
 public static void LogSecurityEvent_PasswordResetFailedUnknownUser(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string email, GStoreData.ControllerBase.BaseController controller)
     string message = "Password reset invalid. No user with Email: " + email;
     ctx.LogSecurityEvent(mvcHttpContext, routeData, "Password Reset Failed Unknown User", SecurityEventLevel.PasswordResetFailedUnknownUser, false, true, email, null, message, controller);
Exemplo n.º 22
 public static void LogSecurityEvent_ForgotPasswordProfileNotFound(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string email, GStoreData.ControllerBase.BaseController controller)
     string message = "Forgot Password Failed. User Profile not found for Email: " + email;
     ctx.LogSecurityEvent(mvcHttpContext, routeData, "Forgot Password Failed Profile Not Found", SecurityEventLevel.ForgotPasswordFailedProfileNotFound, false, true, email, null, message, controller);
Exemplo n.º 23
        public static void LogSecurityEvent_PhoneConfirmed(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string phoneNumber, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Phone Confirmed for user: "******" Phone: " + phoneNumber;
            if (profile != null)
                message += " \n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Phone Confirmed", SecurityEventLevel.PhoneConfirmed, true, false, profile.UserName, profile, message, controller);
Exemplo n.º 24
        public static void LogSecurityEvent_LoginFailed(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string loginAttempted, string passwordAttempted, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Login failed for logon: " + loginAttempted
                + " \n\n-" + (profile == null ? "Unknown user" : "Existing user")
                + " \n-Password attempted: " + passwordAttempted;

            if (profile != null)
                message += " \n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId
                + " \n-LastLogonDateTimeUtc: " + profile.LastLogonDateTimeUtc
                + " \n-Failed Attempts: " + profile.AspNetIdentityUser().AccessFailedCount
                + " \n-Locked Out: " + profile.AspNetIdentityUser().LockoutEndDateUtc.HasValue.ToString();
                if (profile.AspNetIdentityUser().LockoutEndDateUtc.HasValue)
                    message += " \n-Locked Out Until: " + profile.AspNetIdentityUser().LockoutEndDateUtc;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Login Failed", SecurityEventLevel.LoginFailure, false, true, loginAttempted, profile, message, controller);
Exemplo n.º 25
        public static SmsSent LogSmsSent(this IGstoreDb ctx, HttpContextBase httpContext, RouteData routeData, GStoreData.ControllerBase.BaseController controller, string toPhone, string fromPhone, string textBody, string textSignature, bool success, string exceptionString)
            IGstoreDb newctx = ctx.NewContext();

            SmsSent newLog = newctx.SmssSent.Create();
            string message = "Sms sent to '" + toPhone + "' from '" + fromPhone +"'";
            string source = "App";
            if (routeData != null)
                source = routeData.ToSourceString();

            newLog.SetBasicFields(httpContext, routeData, source, message, !httpContext.User.IsRegistered(), ctx.GetCurrentUserProfile(false, false), controller);

            newLog.ToPhone = toPhone.OrDefault("(blank)");
            newLog.FromPhone = fromPhone.OrDefault("(blank)");
            newLog.TextBody = textBody.OrDefault("(blank)");
            newLog.TextSignature = textSignature;
            newLog.Success = success;
            newLog.ExceptionString = exceptionString;

            string simpleInfo = newLog.SimpleInfo();
            System.Diagnostics.Trace.WriteLine("--Sms Sent Event: " + newLog.SimpleInfo());

            if (Settings.AppLogSmsSentToDb)
                catch (Exception ex)
                    //can't save to database, attempt save to file
                    ex.LogToFile(httpContext, routeData);
            if (Settings.AppLogSmsSentToFile)

            return newLog;
Exemplo n.º 26
        public static void LogSecurityEvent_LoginFailedNoStoreFront(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Post Login check failed, No Store Front Found. Logon: " + profile.UserName
                + " \n\n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Login Failed No StoreFront", SecurityEventLevel.LoginFailureNoStoreFront, false, false, profile.UserName, profile, message, controller);
Exemplo n.º 27
        public static UserActionEvent LogUserActionEvent(this IGstoreDb ctx, HttpContextBase httpContext, RouteData routeData, GStoreData.ControllerBase.BaseController controller, UserActionCategoryEnum category, UserActionActionEnum action, string label, bool success, int? cartId = null, string categoryUrlName = null, string discountCode = null, string emailAddress = null, int? notificationId = null, string orderNumber = null, int? orderItemId = null, int? pageId = null, string productUrlName = null, string productBundleUrlName = null, int? blogId = null, int? blogEntryId = null, string smsPhone = null, string uploadFileName = null)
            if (!Settings.AppEnableUserActionLog)
                return null;

            IGstoreDb newctx = ctx.NewContext();

            UserActionEvent newEvent = newctx.UserActionEvents.Create();

            string source = routeData.ToSourceString();

            string message = "User Action Event"
                + " \n-Category: " + category.ToString()
                + " \n-Action: " + action.ToString()
                + " \n-Label: " + label.ToString()
                + " \n-Success: " + success.ToString();

            newEvent.SetBasicFields(httpContext, routeData, source, message, !httpContext.User.IsRegistered(), newctx.GetCurrentUserProfile(false, false), controller);
            newEvent.CartId = cartId;
            newEvent.Category = category;
            newEvent.CategoryUrlName = categoryUrlName;
            newEvent.DiscountCode = discountCode;
            newEvent.EmailAddress = emailAddress;
            newEvent.Label = label;

            newEvent.BlogId = blogId;
            newEvent.BlogEntryId = blogEntryId;

            newEvent.NotificationId = notificationId;
            newEvent.OrderNumber = orderNumber;
            newEvent.OrderItemId = orderItemId;
            newEvent.PageId = pageId;
            newEvent.ProductUrlName = productUrlName;
            newEvent.ProductBundleUrlName = productBundleUrlName;
            newEvent.SmsPhone = smsPhone;
            newEvent.Success = success;
            newEvent.UploadFileName = uploadFileName;
            newEvent.Action = action;
            newEvent.Label = label;

            string simpleInfo = newEvent.SimpleInfo();
            System.Diagnostics.Trace.WriteLine("--User Action Event: " + newEvent.SimpleInfo());

            if (Settings.AppLogUserActionEventsToDb)
                catch (Exception ex)
                    //can't save to database, attempt save to file
                    ex.LogToFile(httpContext, routeData);
            if (Settings.AppLogUserActionEventsToFile)

            return newEvent;
Exemplo n.º 28
        public static void LogSecurityEvent_LoginFailedNoStoreFrontConfig(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, int storeFrontId, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Post Login check failed, No Configuration was found for Store Front Id [" + storeFrontId + "]. Logon: " + profile.UserName
                + " \n\n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Login Failed StoreFrontConfigInactive", SecurityEventLevel.LoginFailureNoStoreFrontConfig, false, false, profile.UserName, profile, message, controller);
Exemplo n.º 29
        public static void LogSecurityEvent_LoginFailedStoreFrontInactive(this IGstoreDb ctx, HttpContextBase mvcHttpContext, RouteData routeData, string storeFrontName, int storeFrontId, UserProfile profile, GStoreData.ControllerBase.BaseController controller)
            string message = "Post Login check failed, Store Front '" + storeFrontName + "' [" + storeFrontId + "] is Inactive. Logon: " + profile.UserName
                + " \n\n-Email: " + profile.Email
                + " \n-Name: " + profile.FullName
                + " \n-UserId: " + profile.UserId
                + " \n-UserProfileId: " + profile.UserProfileId;

            ctx.LogSecurityEvent(mvcHttpContext, routeData, "Login Failed StoreFrontInactive", SecurityEventLevel.LoginFailureStoreFrontInactive, false, false, profile.UserName, profile, message, controller);
Exemplo n.º 30
        public static Page UpdatePage(this IGstoreDb db, ViewModels.PageEditViewModel viewModel, GStoreData.ControllerBase.BaseController controller, StoreFront storeFront, UserProfile userProfile)
            //find existing record, update it

            bool templateChanged = false;
            Page page = storeFront.Pages.SingleOrDefault(p => p.PageId == viewModel.PageId);
            if (page == null)
                throw new ApplicationException("Page not found in storefront pages. PageId: " + viewModel.PageId);

            page.BodyBottomScriptTag = viewModel.BodyBottomScriptTag;
            page.BodyTopScriptTag = viewModel.BodyTopScriptTag;
            page.EndDateTimeUtc = viewModel.EndDateTimeUtc;
            page.ForAnonymousOnly = viewModel.ForAnonymousOnly;
            page.ForRegisteredOnly = viewModel.ForRegisteredOnly;
            page.IsPending = viewModel.IsPending;
            page.MetaDescription = viewModel.MetaDescription;
            page.MetaKeywords = viewModel.MetaKeywords;
            page.MetaApplicationName = viewModel.MetaApplicationName;
            page.MetaApplicationTileColor = viewModel.MetaApplicationTileColor;
            page.Name = viewModel.Name;
            page.Order = viewModel.Order;
            page.PageTitle = viewModel.PageTitle;
            page.StartDateTimeUtc = viewModel.StartDateTimeUtc;
            page.ThemeId = viewModel.ThemeId;
            page.Url = viewModel.Url;
            if (page.PageTemplateId != viewModel.PageTemplateId)
                if (controller != null)
                    controller.AddUserMessage("Page Template Changed", "Page Template has been changed. Be sure to edit the new template sections for template '" + page.PageTemplate.Name.ToHtml() + "' [" + page.PageTemplateId + "].", AppHtmlHelpers.UserMessageType.Info);
                page.PageTemplateId = viewModel.PageTemplateId;
                templateChanged = true;

            page.WebFormId = viewModel.WebFormId;
            page.WebFormSaveToDatabase = viewModel.WebFormSaveToDatabase;
            page.WebFormSaveToFile = viewModel.WebFormSaveToFile;
            page.WebFormSendToEmail = viewModel.WebFormSendToEmail;
            page.WebFormEmailToAddress = viewModel.WebFormEmailToAddress;
            page.WebFormEmailToName = viewModel.WebFormEmailToName;
            page.WebFormSuccessPageId = viewModel.WebFormSuccessPageId;
            page.WebFormThankYouTitle = viewModel.WebFormThankYouTitle;
            page.WebFormThankYouMessage = viewModel.WebFormThankYouMessage;
            page.WebFormSaveToDatabase = viewModel.WebFormSaveToDatabase;


            int variablesUpdated = 0;
            int variablesCreated = 0;
            if (!templateChanged && viewModel.Variables != null && viewModel.Variables.Count != 0)
                foreach (PageVariableEditViewModel variable in viewModel.Variables)
                    if (!variable.PageSectionId.HasValue)
                        PageSection newVariable = db.CreatePageVariable(variable, storeFront, userProfile);
                        PageSection updatedVariable = db.UpdatePageVariable(variable, storeFront, userProfile);

            return page;