/// <summary>
/// Verifies the operation access.
/// </summary>
/// <param name="operatorID">The operator ID.</param>
/// <param name="operation">The operation.</param>
/// <param name="transactionId">The transaction id.</param>
/// <returns>
/// /// True if operator has access, false otherwise.
/// </returns>
private bool VerifyOperationAccess(string operatorID, PosisOperations operation, string transactionId)
{
bool result = true;
IUserAccessSystem userAccess = Application.BusinessLogic.UserAccessSystem;
if (!userAccess.UserHasAccess(operatorID, operation))
{
ManagerAccessConfirmation managerAccessInteraction = new ManagerAccessConfirmation()
{
Operation = (int)operation
};
// If a manager key is already in "Supervisor" position then don't prompt manager access.
if (Application.Services.Peripherals.KeyLock.SupervisorPosition())
{
managerAccessInteraction.Confirmed = true;
}
else
{
InteractionRequestedEventArgs request = new InteractionRequestedEventArgs(managerAccessInteraction, () => { });
Application.Services.Interaction.InteractionRequest(request);
}
if (managerAccessInteraction.Confirmed)
{
string authorizedBy = string.IsNullOrWhiteSpace(managerAccessInteraction.OperatorId) // If no operator ID is found then key was used
? "Keylock"
: managerAccessInteraction.OperatorId;
// Log manager authorizations to audit log
ApplicationLog.WriteAuditEntry("LogOn:VerifyOperationAccess()",
string.Format("Manager '{0}' authorized the operation '{1}' for transaction '{2}'", authorizedBy, operation, transactionId));
}
else
{
ApplicationLog.WriteAuditEntry("LogOn:VerifyOperationAccess()",
string.Format("Manager authorization either failed or was cancelled for operation '{0}'.", operation));
Application.Services.Dialog.ShowMessage(3540, MessageBoxButtons.OK, MessageBoxIcon.Stop);
result = false;
}
}
return(result);
}
/// <summary>
/// Closes the current shift and print it as Z-Report.
/// </summary>
/// <param name="transaction">The current transaction instance.</param>
public void CloseShift(IPosTransaction transaction)
{
if (transaction == null)
{
NetTracer.Warning("transaction parameter is null");
throw new ArgumentNullException("transaction");
}
Batch batch = null;
// Are you sure you want to close the shift ?
if (this.Application.Services.Dialog.ShowMessage(51302, MessageBoxButtons.YesNo, MessageBoxIcon.Question) == DialogResult.Yes)
{
batch = new Batch(transaction.Shift);
// Verify if all offline transacitons has been uploaded.
if (!batch.VerifyOfflineTransactions())
{
batch = null;
this.Application.Services.Dialog.ShowMessage(51341);
}
}
// Calculate and verify amounts.
if (batch != null)
{
// Calculate batch in background
POSFormsManager.ShowPOSMessageWithBackgroundWorker(51303, delegate { batch.Calculate(); });
Action <decimal, int, int> verifyAmount = delegate(decimal amount, int errorMsg, int warningMsg)
{
if (amount == 0)
{
// Warning or error based on configration in HQ.
if ((Functions.RequireAmountDeclaration &&
this.Application.Services.Dialog.ShowMessage(errorMsg, MessageBoxButtons.OK, MessageBoxIcon.Exclamation) == DialogResult.OK) ||
(this.Application.Services.Dialog.ShowMessage(warningMsg, MessageBoxButtons.YesNo, MessageBoxIcon.Exclamation) == DialogResult.No))
{
batch = null;
}
}
};
// Verify starting amounts.
if (batch != null)
{
verifyAmount(batch.StartingAmountTotal, 51344, 51343);
}
// Verify tender delcartion.
if (batch != null)
{
verifyAmount(batch.DeclareTenderAmountTotal, 51346, 51345);
}
}
// Close the batch and Print Z report if everything is ok.
if (batch != null)
{
batch.Status = PosBatchStatus.Closed;
batch.CloseDateTime = DateTime.Now;
batch.ClosedAtTerminal = ApplicationSettings.Terminal.TerminalId;
BatchData batchData = new BatchData(Application.Settings.Database.Connection, Application.Settings.Database.DataAreaID);
batchData.CloseBatch(batch);
transaction.Shift.Status = PosBatchStatus.Closed;
ShiftUsersCache.Remove(transaction.Shift);
// Print Z report if user has permissions.
IUserAccessSystem userAccessSystem = Application.BusinessLogic.UserAccessSystem;
if (userAccessSystem.UserHasAccess(ApplicationSettings.Terminal.TerminalOperator.OperatorId, PosisOperations.PrintZ))
{
POSFormsManager.ShowPOSMessageWithBackgroundWorker(99, delegate { batch.Print(ReportType.ZReport); });
}
this.Application.Services.Dialog.ShowMessage(51342); // Operation complete
}
else
{
NetTracer.Information("Setting status of the transaction to 'cancelled'");
((PosTransaction)transaction).EntryStatus = PosTransaction.TransactionStatus.Cancelled;
}
}
private void ValidateCredentials(string storeId, string userId, string passwordHash)
{
if (string.IsNullOrEmpty(userId))
{
throw new ArgumentNullException("userId");
}
bool isAuthenticated = false;
int? errorId = null;
// First, see if a password is required
if (LogonSystem.UserIdExists(storeId, userId))
{
if (passwordHash != null && IsPasswordRequired(userId))
{
if (LogonSystem.ValidatePasswordHash(storeId, userId, passwordHash))
{
// Password is good, authentication passed
isAuthenticated = true;
}
else
{
// Authentication failed
errorId = 1325; // The password is not valid. Enter a valid password
}
}
else
{
// Password not required, authentication passed
isAuthenticated = true;
}
}
else
{
// Authentication failed
errorId = 3214; // The Operator ID is not valid.
}
// If we're authenticated, check authorization for requested operation
if (isAuthenticated)
{
IUserAccessSystem userAccess = PosApplication.Instance.BusinessLogic.UserAccessSystem;
if (userAccess.UserHasAccess(userId, operationId))
{
this.DialogResult = DialogResult.OK;
this.Close();
return;
}
else
{
// Unauthorized
errorId = 1322;
}
}
// If we get to this point, an error occured
if (errorId.HasValue)
{
// Invalid credentials
using (frmMessage dialog = new frmMessage(errorId.Value, MessageBoxButtons.OK, MessageBoxIcon.Information))
{
POSFormsManager.ShowPOSForm(dialog);
}
}
PromptForOperatorId();
}
