protected void Page_Load(object sender, EventArgs e)
    {
        //Set authenticatedToken to resource search control
        ResourceDetailView.AuthenticatedToken = Session[Constants.AuthenticationTokenKey] as AuthenticatedToken;

        if (!IsPostBack)
        {
            DeleteButton.Attributes.Add("OnClick", "javascript: return confirm('" + Resources.Resources.ConfirmDeleteResource + "');");
            ResourceDetailView.ResourceId = ResourceId;

            if (ResourceDetailView.ResourceId != Guid.Empty && ResourceDetailView.AuthenticatedToken != null)
            {
                //Check whether use is authorize to delete the resource. If not then make Delete buttion invisible.
                using (ResourceDataAccess dataAccess = new ResourceDataAccess())
                {
                    if (!dataAccess.AuthorizeUser(ResourceDetailView.AuthenticatedToken, UserResourcePermissions.Delete, ResourceDetailView.ResourceId))
                    {
                        DeleteButton.Visible = false;
                    }
                }
            }
            else
            {
                DeleteButton.Visible = false;
            }
        }
    }
Exemplo n.º 2
0
    private ICollection <ScholarlyWork> FilterResourcesBasedOnPermissions(AuthenticatedToken token, string userPermission,
                                                                          ICollection <ScholarlyWork> resourceList)
    {
        List <ScholarlyWork> filteredResources = new List <ScholarlyWork>();

        if (token != null && resourceList != null && resourceList.Count > 0)
        {
            using (ResourceDataAccess dataAccess = new ResourceDataAccess())
            {
                if (UserResourcePermissions.Create.Equals(userPermission))
                {
                    if (dataAccess.HasCreatePermission(token))
                    {
                        foreach (ScholarlyWork scholWork in resourceList)
                        {
                            bool isAuthorized = true;
                            foreach (Contact contact in scholWork.Authors.Union(scholWork.Editors))
                            {
                                Contact cFound = dataAccess.GetResources <Contact>(ResourceStringComparison.Equals, contact.Title).FirstOrDefault();
                                if (cFound != null && !dataAccess.AuthorizeUser(token, userPermission, cFound.Id))
                                {
                                    isAuthorized = false;
                                    break;
                                }
                            }
                            if (isAuthorized)
                            {
                                filteredResources.Add(scholWork);
                            }
                        }
                    }
                }
                else
                {
                    foreach (ScholarlyWork scholWork in resourceList)
                    {
                        if (dataAccess.AuthorizeUser(token, userPermission, scholWork.Id))
                        {
                            filteredResources.Add(scholWork);
                        }
                    }
                }
            }
        }
        return(filteredResources);
    }
    /// <summary>
    /// Delete given resource from database.
    /// </summary>
    /// <param name="sender">sender</param>
    /// <param name="e">Event Args</param>
    protected void DeleteButton_OnClick(object sender, EventArgs e)
    {
        using (ResourceDataAccess dataAccess = new ResourceDataAccess())
        {
            if (ResourceDetailView.ResourceId != Guid.Empty)
            {
                Resource resource     = dataAccess.GetResource(ResourceDetailView.ResourceId);
                bool     isAuthorized = resource is CategoryNode?
                                        dataAccess.AuthorizeUserForDeletePermissionOnCategory(ResourceDetailView.AuthenticatedToken, resource.Id) :
                                            dataAccess.AuthorizeUser(ResourceDetailView.AuthenticatedToken, UserResourcePermissions.Delete, resource.Id);

                if (isAuthorized)
                {
                    bool isDeleted = resource is CategoryNode?
                                     dataAccess.DeleteCategoryNodeWithHierarchy(ResourceDetailView.ResourceId) :
                                         dataAccess.DeleteResource(ResourceDetailView.ResourceId);

                    //Delete resource
                    if (isDeleted)
                    {
                        DeleteButton.Visible       = false;
                        ResourceDetailView.Visible = false;
                        //Show Delete successful message
                        MessageLabel.ForeColor = System.Drawing.Color.Black;
                        MessageLabel.Text      = Resources.Resources.AlertRecordDelerted;
                        if (OnSuccessfulDelete != null)
                        {
                            OnSuccessfulDelete(this, new EventArgs());
                        }
                    }
                    else
                    {
                        //Show delete failure message
                        MessageLabel.ForeColor = System.Drawing.Color.Red;
                        MessageLabel.Text      = Resources.Resources.AlertResourceDelertedError;
                    }
                }
                else
                {
                    //Show delete failure message
                    MessageLabel.ForeColor = System.Drawing.Color.Red;
                    if (resource is CategoryNode)
                    {
                        MessageLabel.Text = Resources.Resources.MsgUnauthorizeAccessDeleteCategory;
                    }
                    else
                    {
                        MessageLabel.Text = string.Format(CultureInfo.InvariantCulture, Resources.Resources.MsgUnAuthorizeAccess,
                                                          UserResourcePermissions.Delete);
                    }
                }
            }
        }
    }
Exemplo n.º 4
0
        void ResourceListView_OnDeleteButtonClicked(object sender, DeleteEventArgs e)
        {
            if (e.EntityIdList != null && e.EntityIdList.Count > 0)
            {
                using (ResourceDataAccess resourceDAL = new ResourceDataAccess(this.CreateContext()))
                {
                    if (IsSecurityAwareControl)
                    {
                        Collection <Guid> resourceIdsToBeDeleted = new Collection <Guid>();

                        foreach (Guid resId in e.EntityIdList.ToList())
                        {
                            Resource resource = resourceDAL.GetResource(resId);

                            if (resource != null)
                            {
                                resourceIdsToBeDeleted.Add(resource.Id);
                                CategoryNode categoryNodeobject = resource as CategoryNode;

                                bool isCategoryNode = false;
                                if (categoryNodeobject != null)
                                {
                                    isCategoryNode = true;
                                }

                                if (IsSecurityAwareControl && AuthenticatedToken != null)
                                {
                                    bool isAuthorized = isCategoryNode ?
                                                        resourceDAL.AuthorizeUserForDeletePermissionOnCategory(AuthenticatedToken, resId) :
                                                        resourceDAL.AuthorizeUser(AuthenticatedToken, UserResourcePermissions.Delete, resId);

                                    if (!isAuthorized)
                                    {
                                        if (isCategoryNode)
                                        {
                                            throw new UnauthorizedAccessException(GlobalResource.UnauthorizedAccessExceptionCategoryDelete);
                                        }
                                        else
                                        {
                                            throw new UnauthorizedAccessException(string.Format(CultureInfo.InvariantCulture,
                                                                                                GlobalResource.UnauthorizedAccessException, UserResourcePermissions.Delete));
                                        }
                                    }
                                }

                                if (isCategoryNode)
                                {
                                    UpdateEntityListWithCategoryNodes(categoryNodeobject, resourceIdsToBeDeleted);
                                }
                            }
                        }

                        resourceDAL.DeleteResources(resourceIdsToBeDeleted);
                    }
                }

                //Refresh data source for current page.
                Refresh();

                //If page count is changed and Data fetched is empty then try to fetch last page
                IList entityList = ResourceListView.DataSource as IList;
                if ((entityList == null || entityList.Count == 0) && ResourceListView.TotalRecords > 0)
                {
                    ResourceListView.PageIndex = Convert.ToInt32(Math.Ceiling((double)ResourceListView.TotalRecords / ResourceListView.PageSize)) - 1;
                    Refresh();
                }
            }
        }
Exemplo n.º 5
0
    protected void Page_Load(object sender, EventArgs e)
    {
        Control startNavigationTemplate = Wizard1.FindControl(_templateContainerID) as Control;

        if (startNavigationTemplate != null)
        {
            Button stepNextButton = startNavigationTemplate.FindControl(_stepNextButtonId) as Button;
            if (stepNextButton != null)
            {
                stepNextButton.Text = Resources.Resources.BibTexImportStep1NextButtonText;
            }
        }

        // This is required to avoid "PageRequestManagerParserErrorException" exception with update panel
        // because there is rendering problem with update panel.
        Control stepNavigationTemplate = Wizard1.FindControl(_stepNavTemplateContainerID) as Control;

        if (stepNavigationTemplate != null)
        {
            Button step2ImportButton = stepNavigationTemplate.FindControl(_step2ImportButton) as Button;
            if (step2ImportButton != null)
            {
                step2ImportButton.Text = Resources.Resources.BibTexImportStep2ButtonText;
            }
        }

        Guid guid = Guid.Empty;

        this.HideError();

        if (!this.IsPostBack)
        {
            LocalizePage();
        }

        bool isValidGuid = true;

        if (Request.QueryString[_queryStringKey] != null)
        {
            try
            {
                guid = new Guid(Request.QueryString[_queryStringKey]);
            }
            catch (FormatException)
            {
                this.DisplayError(Resources.Resources.InvalidResource);
                isValidGuid = false;
            }
            catch (OverflowException)
            {
                this.DisplayError(Resources.Resources.InvalidResource);
                isValidGuid = false;
            }
        }
        else if (guid == Guid.Empty)
        {
            this.DisplayError(Resources.Resources.BibtexImportMissinfId);
            isValidGuid = false;
        }

        if (isValidGuid)
        {
            using (ResourceDataAccess resourceDAL = new ResourceDataAccess())
            {
                _scholarlyWorkObj = (ScholarlyWork)resourceDAL.GetResource(guid);
                AuthenticatedToken token = Session[Constants.AuthenticationTokenKey] as AuthenticatedToken;

                //if user is not having update permission on the subject resource then throw exception.
                if (!resourceDAL.AuthorizeUser(token, UserResourcePermissions.Update, _scholarlyWorkObj.Id))
                {
                    throw new UnauthorizedAccessException(string.Format(CultureInfo.InstalledUICulture,
                                                                        Resources.Resources.MsgUnAuthorizeAccess, UserResourcePermissions.Update));
                }

                if (_scholarlyWorkObj != null)
                {
                    _scholarlyWorkObj.Cites.Load();
                }
                else
                {
                    // Handle scenario which is "a resource deleted by one user and another user operating on the resource".
                    this.DisplayError(Resources.Resources.ResourceNotFound);
                    this._isResExist = false;
                }
            }
            if (!IsPostBack && this.Wizard1.ActiveStepIndex == 0)
            {
                if (_scholarlyWorkObj == null)
                {
                    this.DisplayError(Resources.Resources.ResourceNotFound);
                }
                else
                {
                    ResourceTitleLabel.InnerText         = Resources.Resources.ResourceLabelTitleText;
                    LabelImportResourceTitle.Text        = FitString(_scholarlyWorkObj.Title, 40);
                    LabelImportResourceTitle.NavigateUrl = _resourceDetailUrl + _scholarlyWorkObj.Id;
                }
            }
        }
    }