public void OnResourceExecuting(ResourceExecutingContext context)
{
if (!AuthContext.IsAuthenticated)
{
return;
}
if (context.ActionDescriptor is ControllerActionDescriptor controllerActionDescriptor)
{
var pid = FindProduct(controllerActionDescriptor);
if (pid != Guid.Empty)
{
if (CallContext.GetData("asc.web.product_id") == null)
{
CallContext.SetData("asc.web.product_id", pid);
}
if (!WebItemSecurity.IsAvailableForMe(pid))
{
context.Result = new StatusCodeResult((int)HttpStatusCode.Forbidden);
log.WarnFormat("Product {0} denied for user {1}", controllerActionDescriptor.ControllerName, AuthContext.CurrentAccount);
}
}
}
}
public async Task Invoke(HttpContext context,
WebItemSecurity webItemSecurity,
CrmSecurity crmSecurity,
Global global,
ImportFromCSV importFromCSV)
{
if (!webItemSecurity.IsAvailableForMe(ProductEntryPoint.ID))
{
throw crmSecurity.CreateSecurityException();
}
var fileUploadResult = new FileUploadResult();
if (context.Request.Form.Files.Count == 0)
{
await context.Response.WriteAsync(JsonSerializer.Serialize(fileUploadResult));
}
var fileName = context.Request.Form.Files[0].FileName;
var contentLength = context.Request.Form.Files[0].Length;
String assignedPath;
global.GetStore().SaveTemp("temp", out assignedPath, context.Request.Form.Files[0].OpenReadStream());
var jObject = importFromCSV.GetInfo(context.Request.Form.Files[0].OpenReadStream(), context.Request.Form["importSettings"]);
var jsonDocumentAsDictionary = JsonSerializer.Deserialize <Dictionary <string, string> >(jObject.ToString());
jsonDocumentAsDictionary.Add("assignedPath", assignedPath);
fileUploadResult.Success = true;
fileUploadResult.Data = Global.EncodeTo64(JsonSerializer.Serialize(jsonDocumentAsDictionary));
await context.Response.WriteAsync(JsonSerializer.Serialize(fileUploadResult));
}
public FileUploadResult ProcessUpload(HttpContext context)
{
if (!WebItemSecurity.IsAvailableForMe(ProductEntryPoint.ID))
{
throw CRMSecurity.CreateSecurityException();
}
var contactId = Convert.ToInt32(context.Request["contactID"]);
Contact contact = null;
if (contactId != 0)
{
using (var scope = DIHelper.Resolve())
{
contact = scope.Resolve <DaoFactory>().ContactDao.GetByID(contactId);
if (!CRMSecurity.CanEdit(contact))
{
throw CRMSecurity.CreateSecurityException();
}
}
}
var fileUploadResult = new FileUploadResult();
if (!FileToUpload.HasFilesToUpload(context))
{
return(fileUploadResult);
}
var file = new FileToUpload(context);
if (String.IsNullOrEmpty(file.FileName) || file.ContentLength == 0)
{
throw new InvalidOperationException(CRMErrorsResource.InvalidFile);
}
if (0 < SetupInfo.MaxImageUploadSize && SetupInfo.MaxImageUploadSize < file.ContentLength)
{
fileUploadResult.Success = false;
fileUploadResult.Message = FileSizeComment.GetFileImageSizeNote(CRMCommonResource.ErrorMessage_UploadFileSize, false).HtmlEncode();
return(fileUploadResult);
}
if (FileUtility.GetFileTypeByFileName(file.FileName) != FileType.Image)
{
fileUploadResult.Success = false;
fileUploadResult.Message = CRMJSResource.ErrorMessage_NotImageSupportFormat.HtmlEncode();
return(fileUploadResult);
}
var uploadOnly = Convert.ToBoolean(context.Request["uploadOnly"]);
var tmpDirName = Convert.ToString(context.Request["tmpDirName"]);
try
{
ContactPhotoManager.PhotoData photoData;
if (contactId != 0)
{
photoData = ContactPhotoManager.UploadPhoto(file.InputStream, contactId, uploadOnly);
}
else
{
if (String.IsNullOrEmpty(tmpDirName) || tmpDirName == "null")
{
tmpDirName = Guid.NewGuid().ToString();
}
photoData = ContactPhotoManager.UploadPhotoToTemp(file.InputStream, tmpDirName);
}
fileUploadResult.Success = true;
fileUploadResult.Data = photoData;
}
catch (Exception e)
{
fileUploadResult.Success = false;
fileUploadResult.Message = e.Message.HtmlEncode();
return(fileUploadResult);
}
if (contact != null)
{
var messageAction = contact is Company ? MessageAction.CompanyUpdatedPhoto : MessageAction.PersonUpdatedPhoto;
MessageService.Send(context.Request, messageAction, MessageTarget.Create(contact.ID), contact.GetTitle());
}
return(fileUploadResult);
}
public static bool IsCalndarAvailable()
{
return(WebItemSecurity.IsAvailableForMe(WebItemManager.CalendarProductID));
}
public static bool IsPeopleAvailable()
{
return(WebItemSecurity.IsAvailableForMe(WebItemManager.PeopleProductID));
}
public static bool IsCrmAvailable()
{
return(WebItemSecurity.IsAvailableForMe(WebItemManager.CRMProductID));
}
public override void PreMethodCall(IApiMethodCall method, ApiContext context, IEnumerable <object> arguments)
{
if (context.RequestContext.RouteData.DataTokens.ContainsKey(DataTokenConstants.CheckPayment) &&
!(bool)context.RequestContext.RouteData.DataTokens[DataTokenConstants.CheckPayment])
{
log.Debug("Payment is not required");
}
else
{
var header = context.RequestContext.HttpContext.Request.Headers["Payment-Info"];
bool flag;
if (string.IsNullOrEmpty(header) || (bool.TryParse(header, out flag) && flag))
{
var tenant = CoreContext.TenantManager.GetCurrentTenant(false);
if (tenant == null)
{
var hostname = string.Empty;
try
{
hostname = HttpContext.Current.Request.GetUrlRewriter().Host;
}
catch
{
}
throw new System.Security.SecurityException(string.Format("Portal {0} not found.", hostname));
}
var tenantStatus = tenant.Status;
if (tenantStatus == TenantStatus.Transfering)
{
context.RequestContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.ServiceUnavailable;
context.RequestContext.HttpContext.Response.StatusDescription = HttpStatusCode.ServiceUnavailable.ToString();
log.WarnFormat("Portal {0} is transfering to another region", context.RequestContext.HttpContext.Request.Url);
}
var tariff = CoreContext.PaymentManager.GetTariff(tenant.TenantId);
if (tenantStatus != TenantStatus.Active || tariff.State >= TariffState.NotPaid)
{
context.RequestContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.PaymentRequired;
context.RequestContext.HttpContext.Response.StatusDescription = HttpStatusCode.PaymentRequired.ToString();
log.WarnFormat("Payment Required {0}.", context.RequestContext.HttpContext.Request.Url);
}
}
}
if (!SecurityContext.IsAuthenticated)
{
return;
}
var pid = FindProduct(method);
if (pid != Guid.Empty)
{
if (CallContext.GetData("asc.web.product_id") == null)
{
CallContext.SetData("asc.web.product_id", pid);
}
if (!WebItemSecurity.IsAvailableForMe(pid))
{
context.RequestContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.RequestContext.HttpContext.Response.StatusDescription = HttpStatusCode.Forbidden.ToString();
log.WarnFormat("Product {0} denied for user {1}", method.Name, SecurityContext.CurrentAccount);
}
}
}
public async System.Threading.Tasks.Task Invoke(HttpContext context,
SetupInfo setupInfo,
CrmSecurity crmSecurity,
FileSizeComment fileSizeComment,
WebItemSecurity webItemSecurity,
MessageTarget messageTarget,
MessageService messageService,
DaoFactory daoFactory,
ContactPhotoManager contactPhotoManager)
{
if (!webItemSecurity.IsAvailableForMe(ProductEntryPoint.ID))
{
throw crmSecurity.CreateSecurityException();
}
context.Request.EnableBuffering();
var contactId = Convert.ToInt32(context.Request.Form["contactID"]);
Contact contact = null;
if (contactId != 0)
{
contact = daoFactory.GetContactDao().GetByID(contactId);
if (!crmSecurity.CanEdit(contact))
{
throw crmSecurity.CreateSecurityException();
}
}
var fileUploadResult = new FileUploadResult();
if (context.Request.Form.Files.Count == 0)
{
await context.Response.WriteAsync(JsonSerializer.Serialize(fileUploadResult));
}
var fileName = context.Request.Form.Files[0].FileName;
var contentLength = context.Request.Form.Files[0].Length;
if (String.IsNullOrEmpty(fileName) || contentLength == 0)
{
throw new InvalidOperationException(CRMErrorsResource.InvalidFile);
}
if (0 < setupInfo.MaxImageUploadSize && setupInfo.MaxImageUploadSize < contentLength)
{
fileUploadResult.Success = false;
fileUploadResult.Message = fileSizeComment.GetFileImageSizeNote(CRMCommonResource.ErrorMessage_UploadFileSize, false).HtmlEncode();
await context.Response.WriteAsync(JsonSerializer.Serialize(fileUploadResult));
}
if (FileUtility.GetFileTypeByFileName(fileName) != FileType.Image)
{
fileUploadResult.Success = false;
fileUploadResult.Message = CRMJSResource.ErrorMessage_NotImageSupportFormat.HtmlEncode();
await context.Response.WriteAsync(JsonSerializer.Serialize(fileUploadResult));
}
var uploadOnly = Convert.ToBoolean(context.Request.Form["uploadOnly"]);
var tmpDirName = Convert.ToString(context.Request.Form["tmpDirName"]);
try
{
ContactPhotoManager.PhotoData photoData;
if (contactId != 0)
{
photoData = contactPhotoManager.UploadPhoto(context.Request.Form.Files[0].OpenReadStream(), contactId, uploadOnly);
}
else
{
if (String.IsNullOrEmpty(tmpDirName) || tmpDirName == "null")
{
tmpDirName = Guid.NewGuid().ToString();
}
photoData = contactPhotoManager.UploadPhotoToTemp(context.Request.Form.Files[0].OpenReadStream(), tmpDirName);
}
fileUploadResult.Success = true;
fileUploadResult.Data = photoData;
}
catch (Exception e)
{
fileUploadResult.Success = false;
fileUploadResult.Message = e.Message.HtmlEncode();
await context.Response.WriteAsync(JsonSerializer.Serialize(fileUploadResult));
}
if (contact != null)
{
var messageAction = contact is Company ? MessageAction.CompanyUpdatedPhoto : MessageAction.PersonUpdatedPhoto;
messageService.Send(messageAction, messageTarget.Create(contact.ID), contact.GetTitle());
}
await context.Response.WriteAsync(JsonSerializer.Serialize(fileUploadResult));
}
/// <summary>
/// Search emails in Accounts, Mail, CRM, Peaople Contact System
/// </summary>
/// <param name="tenant">Tenant id</param>
/// <param name="userName">User id</param>
/// <param name="term">Search word</param>
/// <param name="maxCountPerSystem">limit result per Contact System</param>
/// <param name="timeout">Timeout in milliseconds</param>
/// <param name="httpContextScheme"></param>
/// <returns></returns>
public List <string> SearchEmails(int tenant, string userName, string term, int maxCountPerSystem, string httpContextScheme, int timeout = -1)
{
var equality = new ContactEqualityComparer();
var contacts = new List <string>();
var userGuid = new Guid(userName);
var watch = new Stopwatch();
watch.Start();
var apiHelper = new ApiHelper(httpContextScheme);
var taskList = new List <Task <List <string> > >()
{
Task.Run(() =>
{
CoreContext.TenantManager.SetCurrentTenant(tenant);
SecurityContext.AuthenticateMe(userGuid);
var engine = new EngineFactory(tenant, userName);
var exp = new FullFilterContactsExp(tenant, userName, term, infoType: ContactInfoType.Email, orderAsc: true, limit: maxCountPerSystem);
var contactCards = engine.ContactEngine.GetContactCards(exp);
return((from contactCard in contactCards
from contactItem in contactCard.ContactItems
select
string.IsNullOrEmpty(contactCard.ContactInfo.ContactName)
? contactItem.Data
: MailUtil.CreateFullEmail(contactCard.ContactInfo.ContactName, contactItem.Data))
.ToList());
}),
Task.Run(() =>
{
CoreContext.TenantManager.SetCurrentTenant(tenant);
SecurityContext.AuthenticateMe(userGuid);
var engine = new EngineFactory(tenant, userGuid.ToString());
return(engine.AccountEngine.SearchAccountEmails(term));
}),
Task.Run(() =>
{
CoreContext.TenantManager.SetCurrentTenant(tenant);
SecurityContext.AuthenticateMe(userGuid);
return(WebItemSecurity.IsAvailableForMe(WebItemManager.CRMProductID)
? apiHelper.SearchCrmEmails(term, maxCountPerSystem)
: new List <string>());
}),
Task.Run(() =>
{
CoreContext.TenantManager.SetCurrentTenant(tenant);
SecurityContext.AuthenticateMe(userGuid);
return(WebItemSecurity.IsAvailableForMe(WebItemManager.PeopleProductID)
? apiHelper.SearchPeopleEmails(term, 0, maxCountPerSystem)
: new List <string>());
})
};
try
{
var taskArray = taskList.ToArray <Task>();
Task.WaitAll(taskArray, timeout);
watch.Stop();
}
catch (AggregateException e)
{
watch.Stop();
var errorText =
new StringBuilder("SearchEmails: \nThe following exceptions have been thrown by WaitAll():");
foreach (var t in e.InnerExceptions)
{
errorText
.AppendFormat("\n-------------------------------------------------\n{0}", t);
}
Log.Error(errorText.ToString());
}
contacts =
taskList.Aggregate(contacts,
(current, task) => !task.IsFaulted &&
task.IsCompleted &&
!task.IsCanceled
? current.Concat(task.Result).ToList()
: current)
.Distinct(equality)
.ToList();
Log.DebugFormat("SearchEmails (term = '{0}'): {1} sec / {2} items", term, watch.Elapsed.TotalSeconds, contacts.Count);
return(contacts);
}
protected void Page_Load(object sender, EventArgs e)
{
CurrentUser = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID);
Page.RegisterStyle("~/skins/page_default.less");
var defaultPageSettings = StudioDefaultPageSettings.Load();
if (defaultPageSettings != null && defaultPageSettings.DefaultProductID != Guid.Empty)
{
if (defaultPageSettings.DefaultProductID == defaultPageSettings.FeedModuleID && !CurrentUser.IsOutsider())
{
Response.Redirect("Feed.aspx", true);
}
var webItem = WebItemManager.Instance[defaultPageSettings.DefaultProductID];
if (webItem != null && webItem.Visible)
{
var securityInfo = WebItemSecurity.GetSecurityInfo(defaultPageSettings.DefaultProductID.ToString());
if (securityInfo.Enabled && WebItemSecurity.IsAvailableForMe(defaultPageSettings.DefaultProductID))
{
var url = webItem.StartURL;
if (Request.DesktopApp())
{
url += "?desktop=true";
if (!string.IsNullOrEmpty(Request["first"]))
{
url += "&first=true";
}
}
Response.Redirect(url, true);
}
}
}
Master.DisabledSidePanel = true;
Title = Resource.MainPageTitle;
defaultListProducts = WebItemManager.Instance.GetItems(Web.Core.WebZones.WebZoneType.StartProductList);
_showDocs = (Product)defaultListProducts.Find(r => r.ID == WebItemManager.DocumentsProductID);
if (_showDocs != null)
{
defaultListProducts.RemoveAll(r => r.ID == _showDocs.ProductID);
}
var mailProduct = WebItemManager.Instance[WebItemManager.MailProductID];
if (mailProduct != null && !mailProduct.IsDisabled())
{
defaultListProducts.Add(mailProduct);
}
var calendarProduct = WebItemManager.Instance[WebItemManager.CalendarProductID];
if (calendarProduct != null && !calendarProduct.IsDisabled())
{
defaultListProducts.Add(calendarProduct);
}
var talkProduct = WebItemManager.Instance[WebItemManager.TalkProductID];
if (talkProduct != null && !talkProduct.IsDisabled())
{
defaultListProducts.Add(talkProduct);
}
var priority = GetStartProductsPriority();
defaultListProducts = defaultListProducts
.Where(p => priority.Keys.Contains(p.ID))
.OrderBy(p => priority[p.ID])
.ToList();
CustomNavigationItems = CustomNavigationSettings.Load().Items.Where(x => x.ShowOnHomePage);
ProductsCount = defaultListProducts.Count() + CustomNavigationItems.Count() + (TenantExtra.EnableControlPanel ? 1 : 0);
ResetCacheKey = ConfigurationManagerExtension.AppSettings["web.client.cache.resetkey"] ?? "";
}