public UserContext Login(string userName, string password)
{
using (SecurityDbContext securityDbContext = new SecurityDbContext())
{
UserInfo user = this.GetUser(userName, new int?());
if (user == null)
{
return((UserContext)null);
}
if (!OperationAccess.PasswordEqual(user.Password, password))
{
if (user.LoginTryTime >= (int)ConfigurationController.LoginTryNo)
{
user.IsActive = false;
}
++user.LoginTryTime;
//user.ObjectState = ObjectState.Modified;
//securityDbContext.SyncObjectState<UserInfo>(user);
securityDbContext.SaveChanges();
return((UserContext)null);
}
if (!user.IsActive)
{
SecurityManager.SaveActivityLogForLoginFailedAction(userName, "کاربر غیر فعال");
throw new LoginException(ConfigurationController.ApplicationLanguage == AppLanguage.English ? "User is not Active." : "کاربر غیر فعال می باشد.");
}
user.LastLoginDate = new DateTime?(DateTime.Now);
user.LoginTryTime = 0;
//user.ObjectState = ObjectState.Modified;
//securityDbContext.SyncObjectState<UserInfo>(user);
securityDbContext.SaveChanges();
return(this.InitiateUserContext(user));
}
}
public virtual async Task <OperationAccess> CreateOperationAccessAsync()
{
if (this.UseForAnonymousUser)
{
return new OperationAccess()
{
CanDelete = true,
CanExport = true,
CanImport = true,
CanInsert = true,
CanPrint = true,
CanUpdate = true,
CanView = true
}
}
;
SecurityManager.ThrowIfUserContextNull();
if (!ConfigurationController.EnableSecurityCheck)
{
return new OperationAccess()
{
CanDelete = true,
CanExport = true,
CanImport = true,
CanInsert = true,
CanPrint = true,
CanUpdate = true,
CanView = true
}
}
;
OperationAccess oprAccess = SessionManager.GetData(this.OprAccessSessionKey) as OperationAccess;
if (oprAccess == null)
{
oprAccess = new OperationAccess();
oprAccess.CanImport = false;
OperationAccess operationAccess1 = oprAccess;
bool flag1 = await this.HasAccessAsync(this.ViewKey);
operationAccess1.CanView = flag1;
operationAccess1 = (OperationAccess)null;
oprAccess.CanInsert = false;
oprAccess.CanDelete = false;
oprAccess.CanUpdate = false;
OperationAccess operationAccess2 = oprAccess;
bool flag2 = await this.HasAccessAsync(this.ExportKey);
operationAccess2.CanExport = flag2;
operationAccess2 = (OperationAccess)null;
OperationAccess operationAccess3 = oprAccess;
bool flag3 = await this.HasAccessAsync(this.PrintKey);
operationAccess3.CanPrint = flag3;
operationAccess3 = (OperationAccess)null;
SessionManager.Add(this.OprAccessSessionKey, (object)oprAccess);
}
return(oprAccess);
}
public static IBusinessRuleBaseAsync <TEntity> GetBusinessRule <TEntity>(
OperationAccess operationAccess,
IUnitOfWorkAsync unitOfWork)
where TEntity : class, IEntity
{
Type type = typeof(BusinessRuleBase <>);
IBusinessRuleBaseAsync <TEntity> instance;
if (unitOfWork == null)
{
instance = Activator.CreateInstance(type.MakeGenericType(typeof(TEntity))) as IBusinessRuleBaseAsync <TEntity>;
}
else
{
instance = Activator.CreateInstance(type.MakeGenericType(typeof(TEntity)), (object)unitOfWork) as IBusinessRuleBaseAsync <TEntity>;
}
if (operationAccess != null)
{
OperationAccess operationAccess1 = new OperationAccess()
{
CanInsert = instance.OperationAccess.CanInsert || operationAccess.CanInsert,
CanView = instance.OperationAccess.CanView || operationAccess.CanView,
CanUpdate = instance.OperationAccess.CanUpdate || operationAccess.CanUpdate,
CanDelete = instance.OperationAccess.CanDelete || operationAccess.CanDelete,
CanExport = instance.OperationAccess.CanExport || operationAccess.CanExport,
CanPrint = instance.OperationAccess.CanPrint || operationAccess.CanPrint,
CanImport = instance.OperationAccess.CanImport || operationAccess.CanImport
};
instance.OperationAccess = operationAccess1;
}
return(instance);
}
public async Task <TEntity> FindAsync(
CancellationToken cancellationToken,
params object[] keyValues)
{
if (!this.UseForAnonymousUser)
{
SecurityManager.ThrowIfUserContextNull();
OperationAccess operationAccessAsync = await this.CreateOperationAccessAsync();
if (!this.OperationAccess.CanView)
{
throw new OperationAccessException(this.ViewKey);
}
}
TEntity entity1 = await this.FindEntityAsync(cancellationToken, keyValues);
TEntity entity2 = entity1;
entity1 = default(TEntity);
if ((object)entity2 is IActivityLoggable)
{
IActivityLoggable entityLog = (IActivityLoggable)(object)entity2;
if (entityLog.ActionsToLog == ActionLog.All || (entityLog.ActionsToLog & ActionLog.Read) == ActionLog.Read)
{
OMF.Common.ActivityLog.ActivityLog actLog = ActivityLogManager.CreateActivityLog(entityLog);
actLog.Action = 1;
ActivityLogManager.Save(actLog);
actLog = (OMF.Common.ActivityLog.ActivityLog)null;
}
entityLog = (IActivityLoggable)null;
}
return(entity2);
}
public async static Task <OperationAccess> GetMoveMessageOperationAccess()
{
OperationAccess operationAccess = new OperationAccess
{
CanUpdate = await SecurityManager.HasAccessAsync(ResourceKeys.Workflow_StepStateInfo_ChangeReceiverUser)
};
return(operationAccess);
}
public async Task <HttpResponseMessage> GetUserRoleOperationAccess()
{
using (var userRoleRule = BusinessContext.GetBusinessRule <UserRole>())
{
OperationAccess oprAccess = await userRoleRule.CreateOperationAccessAsync();
return(Request.CreateResponse(HttpStatusCode.OK, new { resultCode = (int)ResultCode.Successful, data = oprAccess }));
}
}
public async Task <HttpResponseMessage> GetCacheInfoOperationAccess()
{
var oprAccess = new OperationAccess();
oprAccess.CanView = await SecurityManager.HasAccessAsync(ZhivarResourceIds.Zhivar_Security_CacheInfo_View);
oprAccess.CanDelete = await SecurityManager.HasAccessAsync(ZhivarResourceIds.Zhivar_Security_CacheInfo_Delete);
return(Request.CreateResponse(HttpStatusCode.OK, new { resultCode = (int)ResultCode.Successful, data = oprAccess }));
}
//protected async override Task<string> AfterLoginAsync(UserContext userContext)
//{
// if (userContext.AuthenticationType == (int)Enums.VBSUserType.OrganizationPersonnel)
// {
// //TODO حذف کدهای ذیل و انتقال آنها به زیر ساخت
// int personnelId;
// if (string.IsNullOrWhiteSpace(userContext.Tag1) || !Int32.TryParse(userContext.Tag1, out personnelId))
// return await base.AfterLoginAsync(userContext);
// using (UnitOfWork uow = new UnitOfWork())
// {
// // var personnelQuery = uow.RepositoryAsync<Personel>().Queryable().Where(pr => pr.ID == personnelId);
// var organizationQuery = uow.RepositoryAsync<Organization>().Queryable();
// // var shahrQuery = uow.RepositoryAsync<Shahr>().Queryable();
// var positionQuery = uow.RepositoryAsync<Position>().Queryable();
// var joinQuery = from personnel in personnelQuery
// join organShahr in (from organization in organizationQuery
// join shahr in shahrQuery
// on organization.CityId equals shahr.ID
// select new
// {
// OrganizationId = organization.ID,
// OrganizationOnvan = organization.Title,
// ShahrId = shahr.ID
// })
// on personnel.OrganizationId equals organShahr.OrganizationId
// join position in positionQuery
// on personnel.PositionId equals position.ID
// select new
// {
// OrganizationId = organShahr.OrganizationId,
// OrganizationOnvan = organShahr.OrganizationOnvan,
// ShahrId = organShahr.ShahrId,
// PositionId = position.ID,
// PositionOnvan = position.Name,
// PositionCode = position.Code,
// ShakhsId = personnel.ShakhsId
// };
// var result = await joinQuery.FirstOrDefaultAsync();
// if (result == null)
// return await base.AfterLoginAsync(userContext);
// VBSUserContext.Current = new VBSUserContext()
// {
// OrganizationId = result.OrganizationId,
// OrganizationOnvan = result.OrganizationOnvan,
// PersonnelId = personnelId,
// PositionId = result.PositionId,
// PositionOnvan = result.PositionOnvan,
// PositionCode = result.PositionCode,
// ShahrId = result.ShahrId,
// UserId = userContext.UserId,
// ShakhsId = result.ShakhsId
// };
// //SecurityManager.CurrentUserContext.RoleCodes.Add(VBSUserContext.Current.PositionCode);
// userContext.Tag7 = result.PositionOnvan;
// userContext.Tag8 = result.PositionCode;
// userContext.Tag9 = result.OrganizationId.ToString();
// userContext.Tag10 = result.OrganizationOnvan;
// //Must be here.
// VBSUserContext.Current.UserRoles = await new VBSCartableHandler().GetCurrentUserRoles();
// }
// }
// else if (userContext.AuthenticationType == (int)Enums.VBSUserType.DrugStoreUser)
// {
// switch (userContext.Tag8)
// {
// case "0":
// userContext.Tag10 = userContext.Tag5 == null ? "کاربر داروخانه" : "کاربر مؤسس";
// break;
// case "1":
// userContext.Tag10 = "کاربر مسئول فنی";
// break;
// case "2":
// userContext.Tag10 = "کاربر مؤسس و مسئول فنی";
// break;
// }
// if (string.IsNullOrWhiteSpace(userContext.Tag6))
// {
// using (UnitOfWork uow = new UnitOfWork())
// {
// var daroukhaneh = await uow.RepositoryAsync<Daroukhaneh>()
// .Queryable()
// .OrderByDescending(dar => dar.ID)
// .Select(dar => new { dar.ID, dar.ShomarehParvane, dar.CodePosti, dar.TelHamrah, dar.LogData, dar.VazeyatTaeedSabt })
// .FirstOrDefaultAsync(dar => dar.LogData.InsertUserName == userContext.UserName && !dar.VazeyatTaeedSabt);
// if (daroukhaneh != null)
// {
// var userInfoRep = uow.RepositoryAsync<VBSUserInfo>();
// var userInfo = await userInfoRep.Queryable()
// .SingleOrDefaultAsync(user => user.ID == userContext.UserId);
// userInfo.Tag1 = daroukhaneh.ShomarehParvane.ToString();
// userInfo.Tag2 = daroukhaneh.CodePosti.ToString();
// userInfo.Tag6 = daroukhaneh.ID.ToString();
// userInfo.MobileNo = daroukhaneh.TelHamrah;
// userInfoRep.Update(userInfo);
// await uow.SaveChangesAsync();
// userContext.Tag6 = daroukhaneh.ID.ToString();
// }
// }
// }
// }
// else
// {
// return await base.AfterLoginAsync(userContext);
// }
// return null;
//}
public async Task <HttpResponseMessage> GetChangePasswordOperationAccess()
{
var hasAccess = await SecurityManager.HasAccessAsync(ZhivarResourceIds.Zhivar_Security_ChangePassword);
var oprAccess = new OperationAccess()
{
CanView = hasAccess
};
return(Request.CreateResponse(HttpStatusCode.OK, new { resultCode = (int)ResultCode.Successful, data = oprAccess }));
}
public override OperationAccess CreateOperationAccess()
{
if (this.UseForAnonymousUser)
{
return new OperationAccess()
{
CanDelete = true,
CanExport = true,
CanImport = true,
CanInsert = true,
CanPrint = true,
CanUpdate = true,
CanView = true
}
}
;
SecurityManager.ThrowIfUserContextNull();
if (!ConfigurationController.EnableSecurityCheck)
{
return new OperationAccess()
{
CanDelete = true,
CanExport = true,
CanImport = true,
CanInsert = true,
CanPrint = true,
CanUpdate = true,
CanView = true
}
}
;
OperationAccess operationAccess = SessionManager.GetData(this.OprAccessSessionKey) as OperationAccess;
if (operationAccess == null)
{
operationAccess = new OperationAccess();
operationAccess.CanImport = this.HasAccess(this.ImportKey);
operationAccess.CanView = this.HasAccess(this.ViewKey);
operationAccess.CanInsert = this.HasAccess(this.InsertKey);
operationAccess.CanDelete = this.HasAccess(this.DeleteKey);
operationAccess.CanUpdate = this.HasAccess(this.UpdateKey);
operationAccess.CanExport = this.HasAccess(this.ExportKey);
operationAccess.CanPrint = this.HasAccess(this.PrintKey);
SessionManager.Add(this.OprAccessSessionKey, (object)operationAccess);
}
return(operationAccess);
}
public async Task LoadReferenceAsync <TProperty>(
TEntity entity,
Expression <Func <TEntity, TProperty> > navigationProperty,
bool forceToDetach = false)
where TProperty : class, IEntity
{
if (!this.UseForAnonymousUser)
{
SecurityManager.ThrowIfUserContextNull();
OperationAccess operationAccessAsync = await this.CreateOperationAccessAsync();
if (!this.OperationAccess.CanView)
{
throw new OperationAccessException(this.ViewKey);
}
}
await this.LoadReferenceEntityAsync <TProperty>(entity, navigationProperty, forceToDetach);
}
public async Task LoadCollectionAsync <TElement>(
TEntity entity,
Expression <Func <TEntity, ICollection <TElement> > > navigationProperty,
Expression <Func <TElement, bool> > predicate,
bool forceToDetach = false)
where TElement : class, IEntity
{
if (!this.UseForAnonymousUser)
{
SecurityManager.ThrowIfUserContextNull();
OperationAccess operationAccessAsync = await this.CreateOperationAccessAsync();
if (!this.OperationAccess.CanView)
{
throw new OperationAccessException(this.ViewKey);
}
}
await this.LoadCollectionEntityAsync <TElement>(entity, navigationProperty, predicate, forceToDetach);
}
public async Task <HttpResponseMessage> GetAll(
[FromUri] OperationAccess operationAccess)
{
try
{
try
{
Expression <Func <TEntity, bool> > expression = this.CreateDefaultSearchExpression();
if (operationAccess != null)
{
this.BusinessRule.OperationAccess = operationAccess;
}
IQueryable <TEntity> query = this.businessManager.GetByFilter(expression, (List <Expression <Func <TEntity, object> > >)null);
List <TEntity> list = await query.ToListAsync2 <TEntity>();
List <TCustomQueryEntity> customQueryList = list.ConvertAll <TCustomQueryEntity>((Converter <TEntity, TCustomQueryEntity>)(entity => this.TranslateEntityToCustomQueryEntity(entity)));
customQueryList = await this.PostExecuteQueryAsync(customQueryList, (QueryInfo)null);
List <TEntityVM> listVM = customQueryList.ConvertAll <TEntityVM>((Converter <TCustomQueryEntity, TEntityVM>)(entity => this.TranslateCustomQueryEntityToEntityVM(entity)));
return(this.Request.CreateResponse(HttpStatusCode.OK, new
{
resultCode = 0,
data = listVM
}));
}
catch (Exception ex)
{
HttpResponseMessage httpResponseMessage = await this.HandleExceptionAsync(ex);
return(httpResponseMessage);
}
HttpResponseMessage httpResponseMessage1;
return(httpResponseMessage1);
}
finally
{
if (this.businessRule != null)
{
this.businessRule.Dispose();
}
}
}
public async Task <UserContext> LoginAsync(string userName, string password)
{
using (SecurityDbContext context = new SecurityDbContext())
{
UserInfo uInfo = await this.GetUserAsync(userName, new int?());
if (uInfo == null)
{
return((UserContext)null);
}
if (!OperationAccess.PasswordEqual(uInfo.Password, password))
{
if (uInfo.LoginTryTime >= (int)ConfigurationController.LoginTryNo)
{
uInfo.IsActive = false;
}
++uInfo.LoginTryTime;
//uInfo.ObjectState = ObjectState.Modified;
//context.SyncObjectState<UserInfo>(uInfo);
int num = await context.SaveChangesAsync();
return((UserContext)null);
}
if (!uInfo.IsActive)
{
await SecurityManager.SaveActivityLogForLoginFailedActionAsync(userName, "کاربر غیر فعال");
throw new LoginException("کاربر غیر فعال می باشد.");
}
uInfo.LastLoginDate = new DateTime?(DateTime.Now);
uInfo.LoginTryTime = 0;
//uInfo.ObjectState = ObjectState.Modified;
//context.SyncObjectState<UserInfo>(uInfo);
int num1 = await context.SaveChangesAsync();
UserContext userContext = this.InitiateUserContext(uInfo);
return(userContext);
}
}
public async Task <HttpResponseMessage> GetOperationAccess()
{
try
{
OperationAccess oprAccess = await this.BusinessRule.CreateOperationAccessAsync();
return(this.Request.CreateResponse(HttpStatusCode.OK, new
{
resultCode = 0,
data = oprAccess
}));
}
catch (Exception ex)
{
HttpResponseMessage httpResponseMessage = await this.HandleExceptionAsync(ex);
return(httpResponseMessage);
}
HttpResponseMessage httpResponseMessage1;
return(httpResponseMessage1);
}
public static IBusinessRuleBaseAsync <TEntity> GetBusinessRule <TEntity>(
OperationAccess operationAccess)
where TEntity : class, IEntity
{
return(BusinessContext.GetBusinessRule <TEntity>(operationAccess, (IUnitOfWorkAsync)null));
}
public ZhivarUserInfoRule(OperationAccess operationAccess, IUnitOfWorkAsync uow)
: base(uow)
{
OperationAccess = operationAccess;
}
public PersonelRule(OperationAccess operationAccess, IUnitOfWorkAsync uow, bool useForAnonymousUser)
: base(uow)
{
OperationAccess = operationAccess;
UseForAnonymousUser = useForAnonymousUser;
}
public PersonelRule(OperationAccess operationAccess, IUnitOfWorkAsync uow)
: base(uow)
{
OperationAccess = operationAccess;
}
public ZhivarUserInfoRule(OperationAccess operationAccess, IUnitOfWorkAsync uow, bool useForAnonymousUser)
: base(uow)
{
OperationAccess = operationAccess;
UseForAnonymousUser = useForAnonymousUser;
}
public ZhivarUserInfoRule(OperationAccess operationAccess, bool useForAnonymousUser)
: base()
{
OperationAccess = operationAccess;
UseForAnonymousUser = useForAnonymousUser;
}
