public static string DeleteAccounts(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
{
return("");
}
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of ids that will be deleted for the log
sSql = "select account_id, account_name, provider, login_id from cloud_account where account_id in (" + sDeleteArray + ")";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
{
throw new Exception(sErr);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
sSql = "delete from cloud_account where account_id in (" + sDeleteArray + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.CloudAccount, dr["account_id"].ToString(), dr["account_name"].ToString(), dr["provider"].ToString() + " Account for LoginID [" + dr["login_id"].ToString() + "] Deleted");
}
return(sErr);
}
public static string DeleteCredentials(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
{
return("");
}
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of credential_ids that will be deleted for the log
sSql = "select credential_name,credential_id from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " +
"and credential_id not in (select distinct credential_id from asset where credential_id is not null)";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
{
throw new Exception(sErr);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//delete asset_credential
sSql = "delete from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " +
"and credential_id not in (select distinct credential_id from asset where credential_id is not null)";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Credential, dr["credential_id"].ToString(), dr["credential_name"].ToString(), "Credential Deleted");
}
return(sErr);
}
public static string DeleteClouds(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of ids that will be deleted for the log
sSql = "select cloud_id, cloud_name, provider from clouds where cloud_id in (" + sDeleteArray + ")";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
throw new Exception(sErr);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
sSql = "delete from clouds where cloud_id in (" + sDeleteArray + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
throw new Exception(sErr);
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
//reget the cloud providers class in the session
ui.SetCloudProviders(ref sErr);
if (!string.IsNullOrEmpty(sErr))
throw new Exception("Error: Unable to load Cloud Providers XML." + sErr);
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Cloud, dr["cloud_id"].ToString(), dr["cloud_name"].ToString(), dr["provider"].ToString() + " Cloud Deleted.");
}
return sErr;
}
public static string DeleteCredentials(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of credential_ids that will be deleted for the log
sSql = "select credential_name,credential_id from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " +
"and credential_id not in (select distinct credential_id from asset where credential_id is not null)";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
{
throw new Exception(sErr);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//delete asset_credential
sSql = "delete from asset_credential where credential_id in (" + sDeleteArray.ToString() + ") " +
"and credential_id not in (select distinct credential_id from asset where credential_id is not null)";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Credential, dr["credential_id"].ToString(), dr["credential_name"].ToString(), "Credential Deleted");
}
return sErr;
}
public string wmTestCloudConnection(string sAccountID, string sCloudID)
{
acUI.acUI ui = new acUI.acUI();
string sErr = "";
Cloud c = new Cloud(sCloudID);
if (c.ID == null)
{
return("{'result':'fail','error':'Failed to get Cloud details for Cloud ID [" + sCloudID + "].'}");
}
CloudAccount ca = new CloudAccount(sAccountID);
if (ca.ID == null)
{
return("{'result':'fail','error':'Failed to get Cloud Account details for Cloud Account ID [" + sAccountID + "].'}");
}
//get the test cloud object type for this provider
CloudObjectType cot = ui.GetCloudObjectType(c.Provider, c.Provider.TestObject);
if (cot != null)
{
if (string.IsNullOrEmpty(cot.ID))
{
return("{'result':'fail','error':'Cannot find definition for requested object type [" + c.Provider.TestObject + "].'}");
}
}
else
{
return("{'result':'fail','error':'GetCloudObjectType failed for [" + c.Provider.TestObject + "].'}");
}
string sURL = GetURL(ca, c, cot, null, ref sErr);
if (!string.IsNullOrEmpty(sErr))
{
return("{'result':'fail','error':'" + ui.packJSON(sErr) + "'}");
}
string sResult = ui.HTTPGet(sURL, ref sErr);
if (!string.IsNullOrEmpty(sErr))
{
return("{'result':'fail','error':'" + ui.packJSON(sErr) + "'}");
}
return("{'result':'success','response':'" + ui.packJSON(sResult) + "'}");
}
public static string DeleteAccounts(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of ids that will be deleted for the log
sSql = "select account_id, account_name, provider, login_id from cloud_account where account_id in (" + sDeleteArray + ")";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
throw new Exception(sErr);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
sSql = "delete from cloud_account where account_id in (" + sDeleteArray + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
throw new Exception(sErr);
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.CloudAccount, dr["account_id"].ToString(), dr["account_name"].ToString(), dr["provider"].ToString() + " Account for LoginID [" + dr["login_id"].ToString() + "] Deleted");
}
return sErr;
}
public string wmRunTask(string TaskXML, string ParameterXML)
{
acUI.acUI ui = new acUI.acUI();
uiMethods um = new uiMethods();
//we encoded this in javascript before the ajax call.
TaskXML = ui.unpackJSON(TaskXML).Replace("'", "''");
ParameterXML = ui.unpackJSON(ParameterXML).Replace("'", "''");
//we gotta peek into the XML and encrypt any "encrypt" flagged values
um.PrepareAndEncryptParameterXML(ref ParameterXML);
try
{
//should be easy ... convert the XML into a real task
// insert that task into the db
// and launch it
//the reason it goes into the db is for history's sake.
//the "adhoc" tasks remain in the db, possibly hidden from the user
//but at least for a while we retain a full record of what happened.
//and, as a bonus, it's possible to take one of those ad-hoc tasks and "save" it as a regular task so it can be scheduled, etc.
//will return a standard XML error document if there's a problem.
//or a standard result XML if it's successful.
Task t = new Task(TaskXML);
//ok, now we have a task object.
//call it's "create" method to save the whole thing in the db.
t.Status = "adhoc";
//t.Save();
string sInstance = "";
return("<result><task_instance>" + sInstance + "</task_instance></result>");
//return "<result><error>Unable to parse and load TaskXML.</error></result>";
}
catch (Exception ex)
{
throw ex;
}
}
public XDocument GetRegistry(string sObjectID, ref string sErr)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
string sXML = "";
string sSQL = "select registry_xml from object_registry where object_id = '" + sObjectID + "'";
if (!dc.sqlGetSingleString(ref sXML, sSQL, ref sErr))
throw new Exception("Error: Could not look up Registry XML." + sErr);
if (!string.IsNullOrEmpty(sXML))
{
XDocument xd = XDocument.Parse(sXML);
if (xd == null)
{
throw new Exception("Error: Unable to parse XML.");
}
return xd;
}
else
{
//if the object_id is a guid, it's an object registry... add one if it's not there.
if (ui.IsGUID(sObjectID))
{
sSQL = "insert into object_registry values ('" + sObjectID + "', '<registry />')";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Error: Could not create Registry." + sErr);
XDocument xd = XDocument.Parse("<registry />");
return xd;
}
else
throw new Exception("Error: Could not look up Registry XML.");
}
}
catch (Exception ex)
{
throw ex;
}
}
public string wmRunTask(string TaskXML, string ParameterXML)
{
acUI.acUI ui = new acUI.acUI();
uiMethods um = new uiMethods();
//we encoded this in javascript before the ajax call.
TaskXML = ui.unpackJSON(TaskXML).Replace("'", "''");
ParameterXML = ui.unpackJSON(ParameterXML).Replace("'", "''");
//we gotta peek into the XML and encrypt any "encrypt" flagged values
um.PrepareAndEncryptParameterXML(ref ParameterXML);
try
{
//should be easy ... convert the XML into a real task
// insert that task into the db
// and launch it
//the reason it goes into the db is for history's sake.
//the "adhoc" tasks remain in the db, possibly hidden from the user
//but at least for a while we retain a full record of what happened.
//and, as a bonus, it's possible to take one of those ad-hoc tasks and "save" it as a regular task so it can be scheduled, etc.
//will return a standard XML error document if there's a problem.
//or a standard result XML if it's successful.
Task t = new Task(TaskXML);
//ok, now we have a task object.
//call it's "create" method to save the whole thing in the db.
t.Status = "adhoc";
//t.Save();
string sInstance = "";
return "<result><task_instance>" + sInstance + "</task_instance></result>";
//return "<result><error>Unable to parse and load TaskXML.</error></result>";
}
catch (Exception ex)
{
throw ex;
}
}
public static string DeleteDomains(string sDeleteArray)
{
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
{
return("");
}
sDeleteArray = ui.QuoteUp(sDeleteArray);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//delete domains
sSql = "delete from ldap_domain where ldap_domain in (" + sDeleteArray.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Domain, sDeleteArray.ToString(), sDeleteArray.ToString(), "Domain(s) Deleted");
return(sErr);
}
public static string DeleteDomains(string sDeleteArray)
{
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//delete domains
sSql = "delete from ldap_domain where ldap_domain in (" + sDeleteArray.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if we made it here, so save the logs
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Domain, sDeleteArray.ToString(), sDeleteArray.ToString(), "Domain(s) Deleted");
return sErr;
}
public void wmDeleteStep(string sStepID)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
string sErr = "";
string sSQL = "";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//you have to know which one we are removing
string sDeletedStepOrder = "0";
string sTaskID = "";
string sCodeblock = "";
string sFunction = "";
string sFunctionXML = "";
sSQL = "select task_id, codeblock_name, step_order, function_name, function_xml" +
" from task_step where step_id = '" + sStepID + "'";
DataRow dr = null;
if (!dc.sqlGetDataRow(ref dr, sSQL, ref sErr))
throw new Exception("Unable to get details for step." + sErr);
if (dr != null)
{
sDeletedStepOrder = dr["step_order"].ToString();
sTaskID = dr["task_id"].ToString();
sCodeblock = dr["codeblock_name"].ToString();
sFunction = dr["function_name"].ToString();
sFunctionXML = dr["function_xml"].ToString();
//for logging, we'll stick the whole command XML into the log
//so we have a complete record of the step that was just deleted.
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Task, sTaskID, sFunction,
"Codeblock:" + sCodeblock +
" Step Order:" + sDeletedStepOrder +
" Command Type:" + sFunction +
" Details:" + sFunctionXML);
}
//"embedded" steps have a codeblock name referencing their "parent" step.
//if we're deleting a parent, whack all the children
sSQL = "delete from task_step where codeblock_name = '" + sStepID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to delete step." + sErr);
//step might have user_settings
sSQL = "delete from task_step_user_settings where step_id = '" + sStepID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to delete step user settings." + sErr);
//now whack the parent
sSQL = "delete from task_step where step_id = '" + sStepID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to delete step." + sErr);
sSQL = "update task_step set step_order = step_order - 1" +
" where task_id = '" + sTaskID + "'" +
" and codeblock_name = '" + sCodeblock + "'" +
" and step_order > " + sDeletedStepOrder;
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to reorder steps after deletion." + sErr);
oTrans.Commit();
}
catch (Exception ex)
{
throw ex;
}
}
public string wmCreateNewTaskVersion(string sTaskID, string sMinorMajor)
{
acUI.acUI ui = new acUI.acUI();
try
{
string sNewVersionGUID = CopyTask((sMinorMajor == "Major" ? 1 : 2), sTaskID, "", "");
if (!string.IsNullOrEmpty(sNewVersionGUID))
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewVersionGUID, sNewVersionGUID, "");
}
return sNewVersionGUID;
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
public string wmAddStep(string sTaskID, string sCodeblockName, string sItem)
{
dataAccess dc = new dataAccess();
FunctionTemplates.HTMLTemplates ft = new FunctionTemplates.HTMLTemplates();
acUI.acUI ui = new acUI.acUI();
try
{
string sUserID = ui.GetSessionUserID();
string sStepHTML = "";
string sErr = "";
string sSQL = "";
string sNewStepID = "";
if (!ui.IsGUID(sTaskID))
throw new Exception("Unable to add step. Invalid or missing Task ID. [" + sTaskID + "]" + sErr);
//now, the sItem variable may have a function name (if it's a new command)
//or it may have a guid (if it's from the clipboard)
//so, if it's a guid after stripping off the prefix, it's from the clipboard
//the function has a fn_ or clip_ prefix on it from the HTML. Strip it off.
//FIX... test the string to see if it BEGINS with fn_ or clip_
//IF SO... cut off the beginning... NOT a replace operation.
if (sItem.StartsWith("fn_")) sItem = sItem.Remove(0, 3);
if (sItem.StartsWith("clip_")) sItem = sItem.Remove(0, 5);
//NOTE: !! yes we are adding the step with an order of -1
//the update event on the client does not know the index at which it was dropped.
//so, we have to insert it first to get the HTML... but the very next step
//will serialize and update the entire sortable...
//immediately replacing this -1 with the correct position
if (ui.IsGUID(sItem))
{
sNewStepID = sItem;
//copy from the clipboard (using the root_step_id to get ALL associated steps)
sSQL = "insert into task_step (step_id, task_id, codeblock_name, step_order, step_desc," +
" commented, locked, output_parse_type, output_row_delimiter, output_column_delimiter," +
" function_name, function_xml, variable_xml)" +
" select step_id, '" + sTaskID + "'," +
" case when codeblock_name is null then '" + sCodeblockName + "' else codeblock_name end," +
"-1,step_desc," +
"0,0,output_parse_type,output_row_delimiter,output_column_delimiter," +
"function_name,function_xml,variable_xml" +
" from task_step_clipboard" +
" where user_id = '" + sUserID + "'" +
" and root_step_id = '" + sItem + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Unable to add step." + sErr);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, sItem,
"Added Command from Clipboard to Codeblock:" + sCodeblockName);
}
else
{
//add a new command
sNewStepID = ui.NewGUID();
//NOTE: !! yes we are doing some command specific logic here.
//Certain commands have different 'default' values for delimiters, etc.
//sOPM: 0=none, 1=delimited, 2=parsed
string sOPM = "0";
switch (sItem)
{
case "sql_exec":
sOPM = "1";
break;
case "win_cmd":
sOPM = "1";
break;
case "dos_cmd":
sOPM = "2";
break;
case "cmd_line":
sOPM = "2";
break;
case "http":
sOPM = "2";
break;
case "parse_text":
sOPM = "2";
break;
case "read_file":
sOPM = "2";
break;
}
sSQL = "insert into task_step (step_id, task_id, codeblock_name, step_order," +
" commented, locked, output_parse_type, output_row_delimiter, output_column_delimiter," +
" function_name, function_xml)" +
" select '" + sNewStepID + "'," +
"'" + sTaskID + "'," +
(string.IsNullOrEmpty(sCodeblockName) ? "NULL" : "'" + sCodeblockName + "'") + "," +
"-1," +
"0,0," + sOPM + ",0,0," +
"'" + sItem + "'," +
" xml_template" +
" from lu_task_step_function" +
" where function_name = '" + sItem + "' limit 1";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Unable to add step." + sErr);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, sItem,
"Added Command Type:" + sItem + " to Codeblock:" + sCodeblockName);
}
if (!string.IsNullOrEmpty(sNewStepID))
{
//now... get the newly inserted step and draw it's HTML
DataRow dr = ft.GetSingleStep(sNewStepID, sUserID, ref sErr);
if (dr != null && sErr == "")
sStepHTML += ft.DrawFullStep(dr);
else
sStepHTML += "<span class=\"red_text\">" + sErr + "</span>";
//return the html
return sNewStepID + sStepHTML;
}
else
{
throw new Exception("Unable to add step. No new step_id." + sErr);
}
}
catch (Exception ex)
{
throw ex;
}
}
private string CopyTask(int iMode, string sSourceTaskID, string sNewTaskName, string sNewTaskCode)
{
//iMode 0=new task, 1=new major version, 2=new minor version
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sErr = "";
string sSQL = "";
string sNewTaskID = ui.NewGUID();
int iIsDefault = 0;
string sTaskName = "";
double dVersion = 1.000;
double dMaxVer = 0.000;
string sOTID = "";
//do it all in a transaction
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//figure out the new name and selected version
oTrans.Command.CommandText = "select task_name, version, original_task_id from task where task_id = '" + sSourceTaskID + "'";
DataRow dr = null;
if (!oTrans.ExecGetDataRow(ref dr, ref sErr))
throw new Exception("Unable to find task for ID [" + sSourceTaskID + "]." + sErr);
sTaskName = dr["task_name"].ToString();
dVersion = Convert.ToDouble(dr["version"]);
sOTID = dr["original_task_id"].ToString();
//figure out the new version
switch (iMode)
{
case 0:
sTaskName = sNewTaskName;
iIsDefault = 1;
dVersion = 1.000;
sOTID = sNewTaskID;
break;
case 1:
//gotta get the highest version
sSQL = "select max(version) from task where task_id = '" + sOTID + "'";
dc.sqlGetSingleDouble(ref dMaxVer, sSQL, ref sErr);
if (sErr != "")
{
oTrans.RollBack();
throw new Exception(sErr);
}
dVersion = dMaxVer + 1;
break;
case 2:
sSQL = "select max(version) from task where task_id = '" + sOTID + "'" +
" and cast(version as unsigned) = " + Convert.ToInt32(dVersion);
dc.sqlGetSingleDouble(ref dMaxVer, sSQL, ref sErr);
if (sErr != "")
{
oTrans.RollBack();
throw new Exception(sErr);
}
dVersion = dMaxVer + 0.001;
break;
default: //a iMode is required
throw new Exception("A mode required for this copy operation." + sErr);
}
//if we are versioning, AND there are not yet any 'Approved' versions,
//we set this new version to be the default
//(that way it's the one that you get taken to when you pick it from a list)
if (iMode > 0)
{
sSQL = "select case when count(*) = 0 then 1 else 0 end" +
" from task where original_task_id = '" + sOTID + "'" +
" and task_status = 'Approved'";
dc.sqlGetSingleInteger(ref iIsDefault, sSQL, ref sErr);
if (sErr != "")
{
oTrans.RollBack();
throw new Exception(sErr);
}
}
//start copying
oTrans.Command.CommandText = "create temporary table _copy_task" +
" select * from task where task_id = '" + sSourceTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//update the task_id
oTrans.Command.CommandText = "update _copy_task set" +
" task_id = '" + sNewTaskID + "'," +
" original_task_id = '" + sOTID + "'," +
" version = '" + dVersion + "'," +
" task_name = '" + sTaskName + "'," +
" default_version = " + iIsDefault.ToString() + "," +
" task_status = 'Development'," +
" created_dt = now()";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//update the task_code if necessary
if (iMode == 0)
{
oTrans.Command.CommandText = "update _copy_task set task_code = '" + sNewTaskCode + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
//codeblocks
oTrans.Command.CommandText = "create temporary table _copy_task_codeblock" +
" select '" + sNewTaskID + "' as task_id, codeblock_name" +
" from task_codeblock where task_id = '" + sSourceTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//USING TEMPORARY TABLES... need a place to hold step ids while we manipulate them
oTrans.Command.CommandText = "create temporary table _step_ids" +
" select distinct step_id, uuid() as newstep_id" +
" from task_step where task_id = '" + sSourceTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//steps temp table
oTrans.Command.CommandText = "create temporary table _copy_task_step" +
" select step_id, '" + sNewTaskID + "' as task_id, codeblock_name, step_order, commented," +
" locked, function_name, function_xml, step_desc, output_parse_type, output_row_delimiter," +
" output_column_delimiter, variable_xml" +
" from task_step where task_id = '" + sSourceTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//update the step id
oTrans.Command.CommandText = "update _copy_task_step a, _step_ids b" +
" set a.step_id = b.newstep_id" +
" where a.step_id = b.step_id";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//update steps with codeblocks that reference a step (embedded steps)
oTrans.Command.CommandText = "update _copy_task_step a, _step_ids b" +
" set a.codeblock_name = b.newstep_id" +
" where b.step_id = a.codeblock_name";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//spin the steps and update any embedded step id's in the commands
oTrans.Command.CommandText = "select step_id, newstep_id from _step_ids";
DataTable dtStepIDs = new DataTable();
if (!oTrans.ExecGetDataTable(ref dtStepIDs, ref sErr))
throw new Exception("Unable to get step ids." + sErr);
foreach (DataRow drStepIDs in dtStepIDs.Rows)
{
oTrans.Command.CommandText = "update _copy_task_step" +
" set function_xml = replace(lower(function_xml), '" + drStepIDs["step_id"].ToString().ToLower() + "', '" + drStepIDs["newstep_id"].ToString() + "')" +
" where function_name in ('if','loop','exists')";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
//finally, put the temp steps table in the real steps table
oTrans.Command.CommandText = "insert into task select * from _copy_task";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "insert into task_codeblock select * from _copy_task_codeblock";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "insert into task_step select * from _copy_task_step";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
//finally, if we versioned up and we set this one as the new default_version,
//we need to unset the other row
if (iMode > 0 && iIsDefault == 1)
{
oTrans.Command.CommandText = "update task" +
" set default_version = 0" +
" where original_task_id = '" + sOTID + "'" +
" and task_id <> '" + sNewTaskID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
}
oTrans.Commit();
return sNewTaskID;
}
public string wmUpdateTaskParam(string sType, string sID, string sParamID,
string sName, string sDesc,
string sRequired, string sPrompt, string sEncrypt, string sPresentAs, string sValues)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
FunctionTemplates.HTMLTemplates ft = new FunctionTemplates.HTMLTemplates();
if (!ui.IsGUID(sID))
throw new Exception("Invalid or missing ID.");
string sErr = "";
string sSQL = "";
//we encoded this in javascript before the ajax call.
//the safest way to unencode it is to use the same javascript lib.
//(sometimes the javascript and .net libs don't translate exactly, google it.)
sDesc = ui.unpackJSON(sDesc).Trim();
//normalize and clean the values
sRequired = (dc.IsTrue(sRequired) ? "true" : "false");
sPrompt = (dc.IsTrue(sPrompt) ? "true" : "false");
sEncrypt = (dc.IsTrue(sEncrypt) ? "true" : "false");
sName = sName.Trim().Replace("'", "''");
string sTable = "";
string sXML = "";
string sParameterXPath = "//parameter[@id = \"" + sParamID + "\"]"; //using this to keep the code below cleaner.
if (sType == "ecosystem")
sTable = "ecosystem";
else if (sType == "task")
sTable = "task";
bool bParamAdd = false;
//bool bParamUpdate = false;
//if sParamID is empty, we are adding
if (string.IsNullOrEmpty(sParamID))
{
sParamID = "p_" + ui.NewGUID();
sParameterXPath = "//parameter[@id = \"" + sParamID + "\"]"; //reset this if we had to get a new id
//does the task already have parameters?
sSQL = "select parameter_xml from " + sTable + " where " + sType + "_id = '" + sID + "'";
if (!dc.sqlGetSingleString(ref sXML, sSQL, ref sErr))
throw new Exception(sErr);
string sAddXML = "<parameter id=\"" + sParamID + "\" required=\"" + sRequired + "\" prompt=\"" + sPrompt + "\" encrypt=\"" + sEncrypt + "\">" +
"<name>" + sName + "</name>" +
"<desc>" + sDesc + "</desc>" +
"</parameter>";
if (string.IsNullOrEmpty(sXML))
{
//XML doesn't exist at all, add it to the record
sAddXML = "<parameters>" + sAddXML + "</parameters>";
sSQL = "update " + sTable + " set " +
" parameter_xml = '" + sAddXML + "'" +
" where " + sType + "_id = '" + sID + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception(sErr);
bParamAdd = true;
}
else
{
//XML exists, add the node to it
ft.AddNodeToXMLColumn(sTable, "parameter_xml", sType + "_id = '" + sID + "'", "//parameters", sAddXML);
bParamAdd = true;
}
}
else
{
//update the node values
ft.SetNodeValueinXMLColumn(sTable, "parameter_xml", sType + "_id = '" + sID + "'", sParameterXPath + "/name", sName);
ft.SetNodeValueinXMLColumn(sTable, "parameter_xml", sType + "_id = '" + sID + "'", sParameterXPath + "/desc", sDesc);
//and the attributes
ft.SetNodeAttributeinXMLColumn(sTable, "parameter_xml", sType + "_id = '" + sID + "'", sParameterXPath, "required", sRequired);
ft.SetNodeAttributeinXMLColumn(sTable, "parameter_xml", sType + "_id = '" + sID + "'", sParameterXPath, "prompt", sPrompt);
ft.SetNodeAttributeinXMLColumn(sTable, "parameter_xml", sType + "_id = '" + sID + "'", sParameterXPath, "encrypt", sEncrypt);
bParamAdd = false;
}
// not clean at all handling both tasks and ecosystems in the same method, but whatever.
if (bParamAdd)
{
if (sType == "task") { ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sID, "Parameter", "Added Parameter:" + sName ); };
if (sType == "ecosystem") { ui.WriteObjectAddLog(Globals.acObjectTypes.Ecosystem, sID, "Parameter", "Added Parameter:" + sName); };
}
else
{
// would be a lot of trouble to add the from to, why is it needed you have each value in the log, just scroll back
// so just add a changed message to the log
if (sType == "task") { dc.addSecurityLog(ui.GetSessionUserID(), Globals.SecurityLogTypes.Object, Globals.SecurityLogActions.ObjectModify, Globals.acObjectTypes.Task, sID, "Parameter Changed:[" + sName + "]", ref sErr); };
if (sType == "ecosystem") { dc.addSecurityLog(ui.GetSessionUserID(), Globals.SecurityLogTypes.Object, Globals.SecurityLogActions.ObjectModify, Globals.acObjectTypes.Ecosystem, sID, "Parameter Changed:[" + sName + "]", ref sErr); };
}
//update the values
string[] aValues = sValues.Split('|');
string sValueXML = "";
foreach (string sVal in aValues)
{
string sReadyValue = "";
//if encrypt is true we MIGHT want to encrypt this value.
//but it might simply be a resubmit of an existing value in which case we DON'T
//if it has oev: as a prefix, it needs no additional work
if (dc.IsTrue(sEncrypt))
{
if (sVal.IndexOf("oev:") > -1)
sReadyValue = sVal.Replace("oev:", "");
else
sReadyValue = dc.EnCrypt(ui.unpackJSON(sVal));
} else {
sReadyValue = ui.unpackJSON(sVal);
}
sValueXML += "<value id=\"pv_" + ui.NewGUID() + "\">" + sReadyValue + "</value>";
}
sValueXML = "<values present_as=\"" + sPresentAs + "\">" + sValueXML + "</values>";
//whack-n-add
ft.RemoveNodeFromXMLColumn(sTable, "parameter_xml", sType + "_id = '" + sID + "'", sParameterXPath + "/values");
ft.AddNodeToXMLColumn(sTable, "parameter_xml", sType + "_id = '" + sID + "'", sParameterXPath, sValueXML);
return "";
}
public string wmApproveTask(string sTaskID, string sMakeDefault)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
string sUserID = ui.GetSessionUserID();
if (ui.IsGUID(sTaskID) && ui.IsGUID(sUserID))
{
string sErr = "";
string sSQL = "";
//check to see if this is the first task to be approved.
//if it is, we will make it default.
sSQL = "select count(*) from task" +
" where original_task_id = " +
" (select original_task_id from task where task_id = '" + sTaskID + "')" +
" and task_status = 'Approved'";
int iCount = 0;
if (!dc.sqlGetSingleInteger(ref iCount, sSQL, ref sErr))
{
throw new Exception("Unable to count Tasks in this family.." + sErr);
}
if (iCount == 0)
sMakeDefault = "1";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//flag all the other tasks as not default if this one is meant to be
if (sMakeDefault == "1")
{
sSQL = "update task set" +
" default_version = 0" +
" where original_task_id =" +
" (select original_task_id from (select original_task_id from task where task_id = '" + sTaskID + "') as x)";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Unable to update task [" + sTaskID + "]." + sErr);
}
sSQL = "update task set" +
" task_status = 'Approved'," +
" default_version = 1" +
" where task_id = '" + sTaskID + "';";
}
else
{
sSQL = "update task set" +
" task_status = 'Approved'" +
" where task_id = '" + sTaskID + "'";
}
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Unable to update task [" + sTaskID + "]." + sErr);
}
oTrans.Commit();
ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, "Status", "Development", "Approved");
if (sMakeDefault == "1")
ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, "Default", "Set as Default Version.");
}
else
{
throw new Exception("Unable to update task. Missing or invalid task id. [" + sTaskID + "]");
}
}
catch (Exception ex)
{
throw ex;
}
return "";
}
public static string DeleteUsers(string sDeleteArray)
{
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
string WhoAmI = ui.GetSessionUserID();
try
{
ArrayList arrList = new ArrayList();
arrList.AddRange(sDeleteArray.Split(','));
if (sDeleteArray.Length < 36)
{
return("");
}
StringBuilder sbDeleteNow = new StringBuilder();
StringBuilder sbDeleteLater = new StringBuilder();
StringBuilder sbAll = new StringBuilder();
foreach (string sUserID in arrList)
{
if (sUserID.Length == 36)
{
//you cannot delete yourself!!!
if (sUserID != WhoAmI)
{
sbAll.Append("'" + sUserID + "',");
//this will flag a user for later deletion by the system
//it returns the user_id back if it's safe to delete now
if (UserHasHistory(sUserID))
{
sbDeleteLater.Append("'" + sUserID + "',");
}
else
{
sbDeleteNow.Append("'" + sUserID + "',");
}
}
}
}
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// stuff to delete no matter what...
if (sbAll.Length != 0)
{
sbAll.Remove(sbAll.Length - 1, 1);
////delete any attributes for these users
//sSql = "delete from user_assign_defaults where user_id in (" + sbAll.ToString() + ")";
//oTrans.Command.CommandText = sSql;
//if (!oTrans.ExecUpdate(ref sErr))
// throw new Exception(sErr);
}
// delete some users...
if (sbDeleteNow.Length != 0)
{
sbDeleteNow.Remove(sbDeleteNow.Length - 1, 1);
sSql = "delete from users where user_id in (" + sbDeleteNow.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
// flag the others...
if (sbDeleteLater.Length != 0)
{
sbDeleteLater.Remove(sbDeleteLater.Length - 1, 1);
sSql = "update users set status = 86 where user_id in (" + sbDeleteLater.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
return("User(s) deleted.");
}
public string wmRunTask(string sTaskID, string sEcosystemID, string sAccountID, string sAssetID, string sParameterXML, int iDebugLevel)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
uiMethods um = new uiMethods();
//we encoded this in javascript before the ajax call.
//the safest way to unencode it is to use the same javascript lib.
//(sometimes the javascript and .net libs don't translate exactly, google it.)
sParameterXML = ui.unpackJSON(sParameterXML).Replace("'", "''");
//we gotta peek into the XML and encrypt any newly keyed values
um.PrepareAndEncryptParameterXML(ref sParameterXML);
try
{
string sUserID = ui.GetSessionUserID();
if (ui.IsGUID(sTaskID) && ui.IsGUID(sUserID))
{
string sInstance = "";
string sErr = "";
string sSQL = "call addTaskInstance ('" + sTaskID + "','" +
sUserID + "',NULL," +
iDebugLevel + ",NULL,'" +
sParameterXML + "','" +
sEcosystemID + "','" +
sAccountID + "')";
if (!dc.sqlGetSingleString(ref sInstance, sSQL, ref sErr))
{
throw new Exception("Unable to run task [" + sTaskID + "]." + sErr);
}
return sInstance;
}
else
{
throw new Exception("Unable to run task. Missing or invalid task [" + sTaskID + "] or asset [" + sAssetID + "] id.");
}
}
catch (Exception ex)
{
throw ex;
}
}
public static string wmGetCloudObjectList(string sCloudID, string sObjectType)
{
acUI.acUI ui = new acUI.acUI();
awsMethods acAWS = new awsMethods();
string sXML = "";
string sErr = "";
string sHTML = "";
//get the cloud object type from the session
Provider p = ui.GetSelectedCloudProvider();
CloudObjectType cot = ui.GetCloudObjectType(p, sObjectType);
if (cot != null)
{
if (string.IsNullOrEmpty(cot.ID))
{
sErr = "Cannot find definition for requested object type [" + sObjectType + "]"; return(null);
}
}
else
{
sErr = "GetCloudObjectType failed for [" + sObjectType + "]";
return(null);
}
sXML = acAWS.GetCloudObjectsAsXML(sCloudID, cot, ref sErr, null);
if (!string.IsNullOrEmpty(sErr))
{
return("GetCloudObjectsAsXML failed with error: " + sErr);
}
if (string.IsNullOrEmpty(sXML))
{
return("Cloud connection was successful, but the query returned no data.");
}
//try a few debugging things:
//Peek at our object type definition
sHTML += "<div class=\"ui-state-default\">Cloud Object Type Definition</div>";
sHTML += "<div class=\"ui-widget-content\">";
if (cot != null)
{
string sReq = "<span class=\"ui-widget-content ui-state-error\">required</span>";
//product stuff
sHTML += "<span class=\"property\">Product:</span> <span class=\"code\">" + (string.IsNullOrEmpty(cot.ParentProduct.Name) ? sReq : cot.ParentProduct.Name).ToString() + "</span><br />";
sHTML += "<span class=\"property\">APIVersion:</span> <span class=\"code\">" + (string.IsNullOrEmpty(cot.ParentProduct.APIVersion) ? sReq : cot.ParentProduct.APIVersion).ToString() + "</span><br />";
//type stuff
sHTML += "<span class=\"property\">Name:</span> <span class=\"code\">" + (string.IsNullOrEmpty(cot.ID) ? sReq : cot.ID).ToString() + "</span>";
sHTML += "<span class=\"property\">Label:</span> <span class=\"code\">" + cot.Label + "</span><br />";
sHTML += "<span class=\"property\">API:</span> <span class=\"code\">" + cot.APICall + "</span>";
sHTML += "<span class=\"property\">APIUrlPrefix:</span> <span class=\"code\">" + cot.ParentProduct.APIUrlPrefix.ToString() + "</span>";
sHTML += "<span class=\"property\">APICall:</span> <span class=\"code\">" + cot.APICall.ToString() + "</span><br />";
sHTML += "<span class=\"property\">APIRequestGroupFilter:</span> <span class=\"code\">" + (string.IsNullOrEmpty(cot.APIRequestGroupFilter) ? "N/A" : cot.APIRequestGroupFilter) + "</span><br />";
sHTML += "<span class=\"property\">APIRequestRecordFilter:</span> <span class=\"code\">" + (string.IsNullOrEmpty(cot.APIRequestRecordFilter) ? "N/A" : cot.APIRequestRecordFilter) + "</span><br />";
sHTML += "<span class=\"property\">XMLRecordXPath:</span> <span class=\"code\">" + (string.IsNullOrEmpty(cot.XMLRecordXPath) ? sReq : cot.XMLRecordXPath).ToString() + "</span><br />";
sHTML += "<div class=\"properties\">";
if (cot.Properties.Count > 0)
{
foreach (CloudObjectTypeProperty cop in cot.Properties)
{
sHTML += "<div class=\"ui-state-default\">" + cop.Name + "</div>";
sHTML += "<div class=\"ui-widget-content ui-corner-bottom\">";
sHTML += "<span class=\"property\">Label: <span class=\"code\">" + (string.IsNullOrEmpty(cop.Label) ? "N/A" : cop.Label) + "</span></span>";
sHTML += "<span class=\"property\">XPath: <span class=\"code\">" + cop.XPath + "</span></span>";
sHTML += "<span class=\"property\">HasIcon: <span class=\"code\">" + cop.HasIcon + "</span></span>";
sHTML += "<span class=\"property\">IsID: <span class=\"code\">" + cop.IsID + "</span></span>";
sHTML += "<span class=\"property\">ShortList: <span class=\"code\">" + cop.ShortList + "</span></span>";
sHTML += "</div>";
}
}
else
{
sHTML += "<span class=\"ui-widget-content ui-state-error\">At least one Property is required.</span>";
}
sHTML += "</div>";
}
else
{
sHTML = "<span class=\"ui-widget-content ui-state-error\">GetCloudObjectType failed for [" + sObjectType + "].</span>";
}
//end object type definition box
sHTML += "</div>";
sHTML += "<hr />";
//API RESULTS
sHTML += "<div class=\"ui-state-default\">API Results</div>";
sHTML += "<div class=\"ui-widget-content\">";
//this will return false if the object doesn't have enough information to form a call
if (cot.IsValidForCalls())
{
//we have a complete enough object type to make a call.
//can it be parsed?
sXML = ui.RemoveNamespacesFromXML(sXML);
XElement xDoc = XElement.Parse(sXML);
if (xDoc == null)
{
sHTML += "<span class=\"ui-widget-content ui-state-error\">Cloud Response XML document is invalid.</span>.";
}
else
{
sHTML += "Result is valid XML.";
}
//test the record xpath
sHTML += "<div>Checking Record Xpath [" + cot.XMLRecordXPath + "]... ";
if (cot.XMLRecordXPath != "")
{
XElement xe = xDoc.XPathSelectElement(cot.XMLRecordXPath);
if (xe == null)
{
sHTML += "<span class=\"ui-state-info\">Record XPath [" + cot.XMLRecordXPath + "] was not found.</span><br />";
sHTML += "<span class=\"ui-state-info\">(This may be a normal condition if the Cloud doesn't contain any objects of this type.)</span>";
}
else
{
sHTML += "Record XPath matched [" + xe.Nodes().Count() + "] items.";
}
}
else
{
sHTML += "Record XPath is not defined.";
}
sHTML += "</div>";
sHTML += "<div class=\"ui-state-default\"><span id=\"api_results_toggler\" class=\"ui-icon-circle-triangle-e ui-icon floatleft\"></span>Result XML</div>";
sHTML += "<div id=\"api_results_div\" class=\"hidden\">";
sHTML += "<pre><code>";
sHTML += ui.FixBreaks(ui.SafeHTML(sXML));
sHTML += "</code></pre>";
sHTML += "</div>";
}
else
{
sHTML = "<span class=\"ui-widget-content ui-state-error\">Cloud Object Type definition for [" + sObjectType + "] is incomplete.</span>";
}
//end API RESULTS
sHTML += "</div>";
return(sHTML);
}
public static string SaveCloud(string sMode, string sCloudID, string sCloudName, string sProvider, string sAPIUrl)
{
// for logging
string sOriginalName = null;
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
//if we are editing get the original values
if (sMode == "edit")
{
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
sSql = "select cloud_name from clouds " +
"where cloud_id = '" + sCloudID + "'";
if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr))
{
throw new Exception("Error getting original cloud name:" + sErr);
}
sSql = "update clouds set" +
" cloud_name = '" + sCloudName + "'," +
" provider = '" + sProvider + "'," +
" api_url = '" + sAPIUrl + "'" +
" where cloud_id = '" + sCloudID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error updating cloud: " + sErr);
}
ui.WriteObjectChangeLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, sOriginalName, sCloudName);
}
else
{
sCloudID = ui.NewGUID();
sSql = "insert into clouds (cloud_id, cloud_name, provider, api_url)" +
" values ('" + sCloudID + "'," +
"'" + sCloudName + "'," +
"'" + sProvider + "'," +
"'" + sAPIUrl + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error creating cloud: " + sErr);
}
ui.WriteObjectAddLog(Globals.acObjectTypes.Cloud, sCloudID, sCloudName, "Cloud Created");
}
oTrans.Commit();
//update the cloud providers class in the session
CloudProviders cp = ui.GetCloudProviders();
cp[sProvider].RefreshClouds();
ui.UpdateCloudProviders(cp);
}
catch (Exception ex)
{
throw new Exception("Error: General Exception: " + ex.Message);
}
// no errors to here, so return an empty string
return("{'cloud_id':'" + sCloudID + "'}");
}
public static string SaveKeyPair(string sKeypairID, string sAccountID, string sName, string sPK, string sPP)
{
acUI.acUI ui = new acUI.acUI();
if (string.IsNullOrEmpty(sName))
{
return("KeyPair Name is Required.");
}
//we encoded this in javascript before the ajax call.
//the safest way to unencode it is to use the same javascript lib.
//(sometimes the javascript and .net libs don't translate exactly, google it.)
sPK = ui.unpackJSON(sPK);
bool bUpdatePK = false;
if (sPK != "-----BEGIN RSA PRIVATE KEY-----\n**********\n-----END RSA PRIVATE KEY-----")
{
//we want to make sure it's not just the placeholder, but DOES have the wrapper.
//and 61 is the lenght of the wrapper with no content... effectively empty
if (sPK.StartsWith("-----BEGIN RSA PRIVATE KEY-----\n") && sPK.EndsWith("\n-----END RSA PRIVATE KEY-----"))
{
//now, is there truly something in it?
string sContent = sPK.Replace("-----BEGIN RSA PRIVATE KEY-----", "").Replace("-----END RSA PRIVATE KEY-----", "").Replace("\n", "");
if (sContent.Length > 0)
{
bUpdatePK = true;
}
else
{
return("Private Key contained within:<br />-----BEGIN RSA PRIVATE KEY-----<br />and<br />-----END RSA PRIVATE KEY-----<br />cannot be blank.");
}
}
else
{
return("Private Key must be contained within:<br />-----BEGIN RSA PRIVATE KEY-----<br />and<br />-----END RSA PRIVATE KEY-----");
}
}
bool bUpdatePP = false;
if (sPP != "!2E4S6789O")
{
bUpdatePP = true;
}
//all good, keep going
dataAccess dc = new dataAccess();
string sSQL = null;
string sErr = null;
try
{
if (string.IsNullOrEmpty(sKeypairID))
{
//empty id, it's a new one.
string sPKClause = "";
if (bUpdatePK)
{
sPKClause = "'" + dc.EnCrypt(sPK) + "'";
}
string sPPClause = "null";
if (bUpdatePP)
{
sPPClause = "'" + dc.EnCrypt(sPP) + "'";
}
sSQL = "insert into cloud_account_keypair (keypair_id, account_id, keypair_name, private_key, passphrase)" +
" values ('" + ui.NewGUID() + "'," +
"'" + sAccountID + "'," +
"'" + sName.Replace("'", "''") + "'," +
sPKClause + "," +
sPPClause +
")";
}
else
{
string sPKClause = "";
if (bUpdatePK)
{
sPKClause = ", private_key = '" + dc.EnCrypt(sPK) + "'";
}
string sPPClause = "";
if (bUpdatePP)
{
sPPClause = ", passphrase = '" + dc.EnCrypt(sPP) + "'";
}
sSQL = "update cloud_account_keypair set" +
" keypair_name = '" + sName.Replace("'", "''") + "'" +
sPKClause + sPPClause +
" where keypair_id = '" + sKeypairID + "'";
}
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
throw new Exception(sErr);
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
//// add security log
//// since this is not handled as a page postback, theres no "Viewstate" settings
//// so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the
//// update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here
//if (sMode == "edit")
//{
// ui.WriteObjectChangeLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, sOriginalName, sAccountName);
//}
//else
//{
// ui.WriteObjectAddLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, "Account Created");
//}
// no errors to here, so return an empty string
return("");
}
public static string SaveAccount(string sMode, string sAccountID, string sAccountName, string sAccountNumber, string sProvider,
string sLoginID, string sLoginPassword, string sLoginPasswordConfirm, string sIsDefault, string sAutoManageSecurity)
{
// for logging
string sOriginalName = "";
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = "";
string sErr = "";
//if we are editing get the original values
if (sMode == "edit")
{
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
sSql = "select account_name from cloud_account " +
"where account_id = '" + sAccountID + "'";
if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr))
{
throw new Exception("Error getting original account name:" + sErr);
}
// only update the passwword if it has changed
string sNewPassword = "";
if (sLoginPassword != "($%#d@x!&")
{
sNewPassword = "******" + dc.EnCrypt(sLoginPassword) + "'";
}
sSql = "update cloud_account set" +
" account_name = '" + sAccountName + "'," +
" account_number = '" + sAccountNumber + "'," +
" provider = '" + sProvider + "'," +
" is_default = '" + sIsDefault + "'," +
" auto_manage_security = '" + sAutoManageSecurity + "'," +
" login_id = '" + sLoginID + "'" +
sNewPassword +
" where account_id = '" + sAccountID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error updating account: " + sErr);
}
ui.WriteObjectChangeLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, sOriginalName, sAccountName);
}
else
{
//now, for some reason we were having issues with the initial startup of apache
//not able to perform the very first database hit.
//this line serves as an inital db hit, but we aren't trapping it or showing the error
dc.TestDBConnection(ref sErr);
//if there are no rows yet, make this one the default even if the box isn't checked.
if (sIsDefault == "0")
{
int iExists = -1;
sSql = "select count(*) as cnt from cloud_account";
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
System.Threading.Thread.Sleep(300);
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
System.Threading.Thread.Sleep(300);
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
throw new Exception("Unable to count Cloud Accounts: " + sErr);
}
}
}
if (iExists == 0)
{
sIsDefault = "1";
}
}
sAccountID = ui.NewGUID();
sSql = "insert into cloud_account (account_id, account_name, account_number, provider, is_default, login_id, login_password, auto_manage_security)" +
" values ('" + sAccountID + "'," +
"'" + sAccountName + "'," +
"'" + sAccountNumber + "'," +
"'" + sProvider + "'," +
"'" + sIsDefault + "'," +
"'" + sLoginID + "'," +
"'" + dc.EnCrypt(sLoginPassword) + "'," +
"'" + sAutoManageSecurity + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error creating account: " + sErr);
}
ui.WriteObjectAddLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, "Account Created");
}
//if "default" was selected, unset all the others
if (dc.IsTrue(sIsDefault))
{
oTrans.Command.CommandText = "update cloud_account set is_default = 0 where account_id <> '" + sAccountID + "'";
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception("Error updating defaults: " + sErr);
}
}
oTrans.Commit();
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
{
throw new Exception("Error refreshing accounts in session: " + sErr);
}
}
catch (Exception ex)
{
throw new Exception("Error: General Exception: " + ex.Message);
}
// no errors to here, so return an empty string
return("{'account_id':'" + sAccountID + "', 'account_name':'" + sAccountName + "', 'provider':'" + sProvider + "'}");
}
public static string SaveUserEdits(object[] oUser)
{
string sChangeDetail = "User Details updated.";
// verify the right number of properties
if (oUser.Length != 10)
{
return("Incorrect number of User Properties.");
}
string sEditUserID = oUser[0].ToString();
string sLoginID = oUser[1].ToString();
string sFullName = oUser[2].ToString();
string sAuthType = oUser[3].ToString();
string sUserPassword = oUser[4].ToString();
string sForcePasswordChange = oUser[5].ToString();
string sUserRole = oUser[6].ToString();
string sEmail = oUser[7].ToString();
string sStatus = oUser[8].ToString();
string sGroupArray = oUser[9].ToString();
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
// checks that cant be done on the client side
// is the name unique?
string sInuse = "";
if (!dc.sqlGetSingleString(ref sInuse, "select user_id from users where username = '******' and user_id <> '" + sEditUserID + "' limit 1", ref sErr))
{
throw new Exception(sErr);
}
else
{
if (!string.IsNullOrEmpty(sInuse))
{
return("Login ID '" + sLoginID + "' is unavailable, please choose another.");
}
}
// CHANGE Per conference call 5-11-09 we are using a random 9 char mask
// if the password has not changed this will be the same 9 chars
string sPasswordUpdate = null;
bool boolPasswordChanged = false;
if (sUserPassword == "($%#d@x!&")
{
// password has not been touched
sPasswordUpdate = ",";
boolPasswordChanged = false;
}
else
{
// password changed
sChangeDetail += " Password changed.";
if (sAuthType == "local")
{
// bugzilla 1347
// check the user password history setting, and make sure the password was not used in the past x passwords
if (dc.PasswordInHistory(dc.EnCrypt(sUserPassword.Trim()), sEditUserID, ref sErr))
{
return("Passwords can not be reused, please choose another password");
}
;
if (sErr != null)
{
return(sErr);
}
;
if (!dc.PasswordIsComplex(sUserPassword.Trim(), ref sErr))
{
return(sErr);
}
else
{
sPasswordUpdate = ",user_password = '******',";
boolPasswordChanged = true;
}
}
else if (sAuthType == "ldap")
{
sPasswordUpdate = ",user_password = NULL,";
}
else
{
return("Unknown Authentication type.");
}
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
sSql = "update users set" +
" full_name = '" + sFullName + "'," +
" username = '******'" + sPasswordUpdate +
" force_change = '" + sForcePasswordChange + "'," +
" authentication_type = '" + sAuthType + "'," +
" email = '" + sEmail + "'," +
" failed_login_attempts = '0'," +
" status = '" + sStatus + "'," +
" user_role = '" + sUserRole + "'" +
" where user_id = '" + sEditUserID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
if (boolPasswordChanged)
{
// add Password history if it changed
sSql = "insert user_password_history (user_id, change_time,password) values ('" + sEditUserID + "',now(),'" + dc.EnCrypt(sUserPassword.Trim()) + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
#region "tags"
// remove the existing tags
sSql = "delete from object_tags where object_id = '" + sEditUserID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
// add user groups, if there are any
if (sGroupArray.Length > 0)
{
ArrayList aGroups = new ArrayList(sGroupArray.Split(','));
foreach (string sGroupName in aGroups)
{
sSql = "insert object_tags (object_id, object_type, tag_name)" +
" values ('" + sEditUserID + "', 1, '" + sGroupName + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
#endregion
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
ui.WriteObjectChangeLog(Globals.acObjectTypes.User, sEditUserID, sFullName.Trim().Replace("'", "''"), sChangeDetail);
// no errors to here, so return an empty string
return("");
}
public static string DeleteClouds(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
if (sDeleteArray.Length < 36)
{
return("");
}
sDeleteArray = ui.QuoteUp(sDeleteArray);
DataTable dt = new DataTable();
// get a list of ids that will be deleted for the log
sSql = "select cloud_id, cloud_name, provider from clouds where cloud_id in (" + sDeleteArray + ")";
if (!dc.sqlGetDataTable(ref dt, sSql, ref sErr))
{
throw new Exception(sErr);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
sSql = "delete from clouds where cloud_id in (" + sDeleteArray + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
//reget the cloud providers class in the session
ui.SetCloudProviders(ref sErr);
if (!string.IsNullOrEmpty(sErr))
{
throw new Exception("Error: Unable to load Cloud Providers XML." + sErr);
}
// if we made it here, so save the logs
foreach (DataRow dr in dt.Rows)
{
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Cloud, dr["cloud_id"].ToString(), dr["cloud_name"].ToString(), dr["provider"].ToString() + " Cloud Deleted.");
}
return(sErr);
}
public void wmToggleStep(string sStepID, string sVisible)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
sVisible = (sVisible == "1" ? "1" : "0");
try
{
if (ui.IsGUID(sStepID))
{
string sErr = "";
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
string sUserID = ui.GetSessionUserID();
//is there a row?
int iRowCount = 0;
dc.sqlGetSingleInteger(ref iRowCount, "select count(*) from task_step_user_settings" +
" where user_id = '" + sUserID + "'" +
" and step_id = '" + sStepID + "'", ref sErr);
if (iRowCount == 0)
{
oTrans.Command.CommandText = "insert into task_step_user_settings" +
" (user_id, step_id, visible, breakpoint, skip)" +
" values ('" + sUserID + "','" + sStepID + "', " + sVisible + ", 0, 0)";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to toggle step (0) [" + sStepID + "]." + sErr);
}
else
{
oTrans.Command.CommandText = " update task_step_user_settings set visible = '" + sVisible + "'" +
" where step_id = '" + sStepID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Unable to toggle step (1) [" + sStepID + "]." + sErr);
}
oTrans.Commit();
return;
}
else
{
throw new Exception("Unable to toggle step. Missing or invalid step_id.");
}
}
catch (Exception ex)
{
throw ex;
}
}
public static string ResetPassword(string sUserID)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
acUI.AppGlobals ag = new acUI.AppGlobals();
string sSQL = null;
string sErr = null;
//get the details of this user
sSQL = "select u.username, u.full_name, u.email, u.authentication_type" +
" from users u " +
" where u.user_id = '" + sUserID + "'";
DataRow dr = null;
if (!dc.sqlGetDataRow(ref dr, sSQL, ref sErr))
{
throw new Exception(sErr);
}
if (dr != null)
{
if (!string.IsNullOrEmpty(dr["email"].ToString()))
{
string sEmail = dr["email"].ToString();
string sNewPassword = dc.GenerateNewPassword();
sSQL = "update users set user_password = '******' where user_id = '" + sUserID + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
throw new Exception(sErr);
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.User, sUserID, sUserID, "Password Reset");
//email out the password
string sBody = "";
if (!dc.sqlGetSingleString(ref sBody, "select new_user_email_message from login_security_settings where id = 1", ref sErr))
{
throw new Exception(sErr);
}
//default message if undefined in the table
if (string.IsNullOrEmpty(sBody))
{
sBody = dr["full_name"].ToString() + " - your password has been reset by an Administrator." + Environment.NewLine + Environment.NewLine +
"Your temporary password is: " + sNewPassword + "." + Environment.NewLine;
}
//replace our special tokens with the values
sBody = sBody.Replace("##FULLNAME##", dr["full_name"].ToString()).Replace("##USERNAME##", dr["username"].ToString()).Replace("##PASSWORD##", sNewPassword);
if (!ui.SendEmailMessage(sEmail.Trim(), ag.APP_COMPANYNAME + " Account Management", "Account Action in " + ag.APP_NAME, sBody, ref sErr))
{
throw new Exception(sErr);
}
}
else
{
return("Unable to reset - user does not have an email address defined.");
}
}
return("");
}
public string wmUpdateStep(string sStepID, string sFunction, string sXPath, string sValue)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sErr = "";
string sSQL = "";
//we encoded this in javascript before the ajax call.
//the safest way to unencode it is to use the same javascript lib.
//(sometimes the javascript and .net libs don't translate exactly, google it.)
sValue = ui.unpackJSON(sValue);
//if the function type is "_common" that means this is a literal column on the step table.
if (sFunction == "_common")
{
sValue = sValue.Replace("'", "''"); //escape single quotes for the SQL insert
sSQL = "update task_step set " +
sXPath + " = '" + sValue + "'" +
" where step_id = '" + sStepID + "';";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
throw new Exception(sErr);
}
}
else
{
//XML processing
//get the xml from the step table and update it
string sXMLTemplate = "";
sSQL = "select function_xml from task_step where step_id = '" + sStepID + "'";
if (!dc.sqlGetSingleString(ref sXMLTemplate, sSQL, ref sErr))
{
throw new Exception("Unable to get XML data for step [" + sStepID + "].");
}
XDocument xDoc = XDocument.Parse(sXMLTemplate);
if (xDoc == null)
throw new Exception("XML data for step [" + sStepID + "] is invalid.");
XElement xRoot = xDoc.Element("function");
if (xRoot == null)
throw new Exception("XML data for step [" + sStepID + "] does not contain 'function' root node.");
try
{
XElement xNode = xRoot.XPathSelectElement(sXPath);
if (xNode == null)
throw new Exception("XML data for step [" + sStepID + "] does not contain '" + sXPath + "' node.");
xNode.SetValue(sValue);
}
catch (Exception)
{
try
{
//here's the deal... given an XPath statement, we simply cannot add a new node if it doesn't exist.
//why? because xpath is a query language. It doesnt' describe exactly what to add due to wildcards and //foo syntax.
//but, what we can do is make an ssumption in our specific case...
//that we are only wanting to add because we changed an underlying command XML template, and there are existing commands.
//so... we will split the xpath into segments, and traverse upward until we find an actual node.
//once we have it, we will need to add elements back down.
//string[] nodes = sXPath.Split('/');
//foreach (string node in nodes)
//{
// //try to select THIS one, and stick it on the backwards stack
// XElement xNode = xRoot.XPathSelectElement("//" + node);
// if (xNode == null)
// throw new Exception("XML data for step [" + sStepID + "] does not contain '" + sXPath + "' node.");
//}
XElement xFoundNode = null;
ArrayList aMissingNodes = new ArrayList();
//of course this skips the full path, but we've already determined it's no good.
string sWorkXPath = sXPath;
while (sWorkXPath.LastIndexOf("/") > -1)
{
aMissingNodes.Add(sWorkXPath.Substring(sWorkXPath.LastIndexOf("/") + 1));
sWorkXPath = sWorkXPath.Substring(0, sWorkXPath.LastIndexOf("/"));
xFoundNode = xRoot.XPathSelectElement(sWorkXPath);
if (xFoundNode != null)
{
//Found it! stop looping
break;
}
}
//now that we know where to start (xFoundNode), we can use that as a basis for adding
foreach (string sNode in aMissingNodes)
{
xFoundNode.Add(new XElement(sNode));
}
//now we should be good to stick the value on the final node.
XElement xNode = xRoot.XPathSelectElement(sXPath);
if (xNode == null)
throw new Exception("XML data for step [" + sStepID + "] does not contain '" + sXPath + "' node.");
xNode.SetValue(sValue);
//xRoot.Add(new XElement(sXPath, sValue));
//xRoot.SetElementValue(sXPath, sValue);
}
catch (Exception)
{
throw new Exception("Error Saving Step [" + sStepID + "]. Could not find and cannot create the [" + sXPath + "] property in the XML.");
}
}
sSQL = "update task_step set " +
" function_xml = '" + xDoc.ToString(SaveOptions.DisableFormatting).Replace("'", "''") + "'" +
" where step_id = '" + sStepID + "';";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
throw new Exception(sErr);
}
}
sSQL = "select task_id, codeblock_name, step_order from task_step where step_id = '" + sStepID + "'";
DataRow dr = null;
if (!dc.sqlGetDataRow(ref dr, sSQL, ref sErr))
throw new Exception(sErr);
if (dr != null)
{
ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, dr["task_id"].ToString(), sFunction,
"Codeblock:" + dr["codeblock_name"].ToString() +
" Step Order:" + dr["step_order"].ToString() +
" Command Type:" + sFunction +
" Property:" + sXPath +
" New Value: " + sValue);
}
return "";
}
public string wmRerunTask(int iInstanceID, string sClearLog)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
string sUserID = ui.GetSessionUserID();
if (iInstanceID > 0 && ui.IsGUID(sUserID))
{
string sInstance = "";
string sErr = "";
string sSQL = "";
if (dc.IsTrue(sClearLog))
{
sSQL = "delete from task_instance_log" +
" where task_instance = '" + iInstanceID.ToString() + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
throw new Exception("Unable to clear task instance log for [" + iInstanceID.ToString() + "]." + sErr);
}
}
sSQL = "update task_instance set task_status = 'Submitted'," +
" submitted_by = '" + sUserID + "'" +
" where task_instance = '" + iInstanceID.ToString() + "'";
if (!dc.sqlGetSingleString(ref sInstance, sSQL, ref sErr))
{
throw new Exception("Unable to rerun task instance [" + iInstanceID.ToString() + "]." + sErr);
}
return sInstance;
}
else
{
throw new Exception("Unable to run task. Missing or invalid task instance [" + iInstanceID.ToString() + "]");
}
}
catch (Exception ex)
{
throw ex;
}
}
public static string SaveNotifications(object[] oAsset)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
acUI.AppGlobals ag = new acUI.AppGlobals();
string sErr = "";
string sMessengerOnOff = oAsset[0].ToString();
string sPollLoop = oAsset[1].ToString();
string sRetryDelay = oAsset[2].ToString();
string sRetryMaxAttempts = oAsset[3].ToString();
string sSMTPServerAddress = oAsset[4].ToString().Replace("'", "''");
string sSMTPUserAccount = oAsset[5].ToString().Replace("'", "''");
string sSMTPUserPassword = oAsset[6].ToString();
string sSMTPServerPort = oAsset[7].ToString();
string sFromEmail = oAsset[8].ToString().Replace("'", "''");
string sFromName = oAsset[9].ToString().Replace("'", "''");
string sAdminEmail = oAsset[10].ToString().Replace("'", "''");
// get the current settings for the logging
string sOrigMessengerOnOff = "";
string sOrigPollLoop = "";
string sOrigRetryDelay = "";
string sOrigRetryMaxAttempts = "";
string sOrigSMTPServerAddress = "";
string sOrigSMTPUserAccount = "";
string sOrigSMTPServerPort = "";
string sOrigFromEmail = "";
string sOrigFromName = "";
string sOrigAdminEmail = "";
string sSQL = "select mode_off_on, loop_delay_sec, retry_delay_min, retry_max_attempts," +
" smtp_server_addr, smtp_server_user, smtp_server_password, smtp_server_port, from_email, from_name, admin_email" +
" from messenger_settings" +
" where id = 1";
DataTable dt = new DataTable();
if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr))
{
return("Unable to continue. " + sErr);
}
if (dt.Rows.Count > 0)
{
DataRow dr = dt.Rows[0];
sOrigMessengerOnOff = dr["mode_off_on"].ToString();
sOrigPollLoop = dr["loop_delay_sec"].ToString();
sOrigRetryDelay = dr["retry_delay_min"].ToString();
sOrigRetryMaxAttempts = dr["retry_max_attempts"].ToString();
sOrigSMTPServerAddress = dr["smtp_server_addr"].ToString();
sOrigSMTPUserAccount = dr["smtp_server_user"].ToString();
sOrigSMTPServerPort = dr["smtp_server_port"].ToString();
sOrigFromEmail = dr["from_email"].ToString();
sOrigFromName = dr["from_name"].ToString();
sOrigAdminEmail = dr["admin_email"].ToString();
}
sSQL = "update messenger_settings set mode_off_on='{0}', loop_delay_sec={1}, retry_delay_min={2}, retry_max_attempts={3}, smtp_server_addr='{4}', smtp_server_user='******', smtp_server_port={6}, from_email='{7}', from_name='{8}', admin_email='{9}'";
//only update password if it has been changed.
string sPasswordFiller = "($%#d@x!&";
if (sSMTPUserPassword != sPasswordFiller)
{
sSQL += ",smtp_server_password='******'";
}
sSQL = string.Format(sSQL, sMessengerOnOff, sPollLoop, sRetryDelay, sRetryMaxAttempts, sSMTPServerAddress, sSMTPUserAccount, sSMTPServerPort, sFromEmail, sFromName, sAdminEmail, dc.EnCrypt(sSMTPUserPassword));
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
return("Update failed: " + sErr);
}
else
{
//logging
var sLogObject = "Manage Notifications";
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Messenger On / Off", sOrigMessengerOnOff, sMessengerOnOff);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Poll Loop", sOrigPollLoop, sPollLoop);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Delay", sOrigRetryDelay, sRetryDelay);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "Retry Max Attempts", sOrigRetryMaxAttempts, sRetryMaxAttempts);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Address", sOrigSMTPServerAddress, sSMTPServerAddress);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP User Account", sOrigSMTPUserAccount, sSMTPUserAccount);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "SMTP Server Port", sOrigSMTPServerPort, sSMTPServerPort);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Email", sOrigFromEmail, sFromEmail);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigFromName, sFromName);
ui.WriteObjectChangeLog(acObjectTypes.None, sLogObject, "From Name", sOrigAdminEmail, sAdminEmail);
// send a notification to the user that made the change
if (sMessengerOnOff == "on")
{
// get the users email, if they do not have an email tell them no message was created.
string sUsersEmail = null;
string sUserID = ui.GetSessionUserID();
sSQL = "select email from users where user_id = '" + sUserID + "'";
if (!dc.sqlGetSingleString(ref sUsersEmail, sSQL, ref sErr))
{
return("Unable to create test email: " + sErr);
}
string sUserName = "";
sUserName = ui.GetSessionUserFullName();
if (string.IsNullOrEmpty(sUsersEmail) || sUsersEmail.Length < 5)
{
// all good, no email so notify user
return("Notification settings updated.\n\nNo email on file for user " + sUserName + " - unable to send a test message");
}
else
{
// create a test email
ui.SendEmailMessage(sUsersEmail,
ag.APP_COMPANYNAME + " Account Management",
ag.APP_COMPANYNAME + " Messenger configuration change.",
"<html><head></head><body><p>" + sUserName + ",</p><p>This is a test mail to confirm the smtp server that you have configured.</p><p>Do not reply to this message, and feel free to delete it.</p><p>Regards,\n\n" + ag.APP_COMPANYNAME + " Administration team.</p></body></html>", ref sErr);
if (sErr != "")
{
return("Update completed. Unable to create test message: " + sErr);
}
}
return("Notification settings updated. A test email will be sent to " + sUsersEmail + ".");
}
else
{
return("Notification settings updated.");
}
}
}
public void wmSaveTaskUserSetting(string sTaskID, string sSettingKey, string sSettingValue)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
string sUserID = ui.GetSessionUserID();
if (ui.IsGUID(sTaskID) && ui.IsGUID(sUserID))
{
//1) get the settings
//2) update/add the appropriate value
//3) update the settings to the db
string sSettingXML = "";
string sErr = "";
string sSQL = "select settings_xml from users where user_id = '" + sUserID + "'";
if (!dc.sqlGetSingleString(ref sSettingXML, sSQL, ref sErr))
{
throw new Exception("Unable to get settings for user." + sErr);
}
if (sSettingXML == "")
sSettingXML = "<settings><debug><tasks></tasks></debug></settings>";
XDocument xDoc = XDocument.Parse(sSettingXML);
if (xDoc == null) throw new Exception("XML settings data for user is invalid.");
//we have to analyze the doc and see if the appropriate section exists.
//if not, we need to construct it
if (xDoc.Element("settings").Descendants("debug").Count() == 0)
xDoc.Element("settings").Add(new XElement("debug"));
if (xDoc.Element("settings").Element("debug").Descendants("tasks").Count() == 0)
xDoc.Element("settings").Element("debug").Add(new XElement("tasks"));
XElement xTasks = xDoc.Element("settings").Element("debug").Element("tasks");
//to search by attribute we must get back an array and we shouldn't have an array anyway
//so to be safe and clean, delete all matches and just add back the one we want
xTasks.Descendants("task").Where(
x => (string)x.Attribute("task_id") == sTaskID).Remove();
//add it
XElement xTask = new XElement("task");
xTask.Add(new XAttribute("task_id", sTaskID));
xTask.Add(new XAttribute(sSettingKey, sSettingValue));
xTasks.Add(xTask);
sSQL = "update users set settings_xml = '" + xDoc.ToString(SaveOptions.DisableFormatting) + "'" +
" where user_id = '" + sUserID + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
throw new Exception("Unable to save Task User Setting." + sErr);
}
return;
}
else
{
throw new Exception("Unable to run task. Missing or invalid task [" + sTaskID + "] or unable to get current user.");
}
}
catch (Exception ex)
{
throw ex;
}
}
public static string SaveDomain(object[] oAsset)
{
// we are passing in 4 elements, if we have 16 go
if (oAsset.Length != 4)
{
return("Incorrect list of attributes:" + oAsset.Length.ToString());
}
string sEditDomain = oAsset[0].ToString();
string sDomain = oAsset[1].ToString().Replace("'", "''");
string sAddress = oAsset[2].ToString().Replace("'", "''");
string sMode = oAsset[3].ToString();
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
// before updating or adding make sure the domain name is available
if (sEditDomain != sDomain)
{
try
{
sSql = "select ldap_domain from ldap_domain where ldap_domain = '" + sDomain + "'";
string sDomainExists = "";
if (!dc.sqlGetSingleString(ref sDomainExists, sSql, ref sErr))
{
throw new Exception(sErr);
}
else
{
if (!string.IsNullOrEmpty(sDomainExists))
{
return("Domain name exists, choose another name.");
}
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
// if the domain name changed update all of the asset_credential's using this domain
if (sDomain != sEditDomain)
{
sSql = "update asset_credential set domain = '" + sDomain + "' where domain = '" + sEditDomain + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
sSql = "update ldap_domain set ldap_domain = '" + sDomain + "'," + "address = '" + sAddress + "' where ldap_domain = '" + sEditDomain + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
else
{
sSql = "insert into ldap_domain (ldap_domain,address)" +
" values ('" + sDomain + "'," +
"'" + sAddress + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
if (sMode == "edit")
{
ui.WriteObjectChangeLog(Globals.acObjectTypes.Domain, sEditDomain, sEditDomain, sEditDomain, sDomain);
}
else
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Domain, sDomain, sDomain, "Domain Created");
}
// no errors to here, so return an empty string
return("");
}
public void wmToggleStepCommonSection(string sStepID, string sButton)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
if (ui.IsGUID(sStepID))
{
string sUserID = ui.GetSessionUserID();
sButton = (sButton == "" ? "null" : "'" + sButton + "'");
string sErr = "";
//is there a row?
int iRowCount = 0;
dc.sqlGetSingleInteger(ref iRowCount, "select count(*) from task_step_user_settings" +
" where user_id = '" + sUserID + "'" +
" and step_id = '" + sStepID + "'", ref sErr);
if (iRowCount == 0)
{
string sSQL = "insert into task_step_user_settings" +
" (user_id, step_id, visible, breakpoint, skip, button)" +
" values ('" + sUserID + "','" + sStepID + "', 1, 0, 0, " + sButton + ")";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Unable to toggle step button (0) [" + sStepID + "]." + sErr);
}
else
{
string sSQL = " update task_step_user_settings set button = " + sButton +
" where step_id = '" + sStepID + "';";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Unable to toggle step button (1) [" + sStepID + "]." + sErr);
}
return;
}
else
{
throw new Exception("Unable to toggle step button. Missing or invalid step_id or button.");
}
}
catch (Exception ex)
{
throw ex;
}
}
private static void GetAssociatedEcosystems(ref DataTable dt, string sObjectType)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sErr = "";
if (dt.Rows.Count > 0)
{
//we'll add a column to the output data table
dt.Columns.Add("Ecosystems");
//ok, we have some results from AWS. Let's see if any of them are tied to a ecosystem and if so... note it...
//spin the AWS results
//what's in the ecosystem_object table already?
//get all the ecosystem objects into a table so we can merge it as needed...
//get the actual rows
//but only from the selected cloud account
DataTable dtEcosystemObjects = new DataTable();
string sSQL = "select do.ecosystem_object_id, d.ecosystem_id, d.ecosystem_name" +
" from ecosystem_object do" +
" join ecosystem d on do.ecosystem_id = d.ecosystem_id" +
" where d.account_id = '" + ui.GetSelectedCloudAccountID() + "'" +
" and do.ecosystem_object_type = '" + sObjectType + "'" +
" order by do.ecosystem_object_id";
if (!dc.sqlGetDataTable(ref dtEcosystemObjects, sSQL, ref sErr))
{
throw new Exception(sErr);
}
foreach (DataRow dr in dt.Rows)
{
if (!string.IsNullOrEmpty(dr[0].ToString()))
{
string sResultList = "";
//aggregate all the id column values into one string
string sObjectID = ""; //Possibly a composite of several properties.
foreach (DataColumn col in dt.Columns)
{
if (col.ExtendedProperties["IsID"] != null)
{
sObjectID += dr[col.ColumnName].ToString();
}
}
//are there any ecosystem objects?
if (dtEcosystemObjects != null)
{
if (dtEcosystemObjects.Rows.Count > 0)
{
//make an array of any that match
DataRow[] drMatches;
drMatches = dtEcosystemObjects.Select("ecosystem_object_id = '" + sObjectID + "'");
//spin that array and add the names to a string
foreach (DataRow drMatch in drMatches)
{
string sLink = " <span class=\"ecosystem_link pointer\" ecosystem_id=\"" + drMatch["ecosystem_id"].ToString() + "\">" + drMatch["ecosystem_name"].ToString() + "</span>";
sResultList += (sResultList == "" ? sLink : "," + sLink);
}
}
}
//HARDCODED RULE ALERT! we expect the list of ecosystems to go in the column called "Ecosystems"!
dr["Ecosystems"] = sResultList;
}
}
}
}
public string wmUpdateTaskDetail(string sTaskID, string sColumn, string sValue)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
string sUserID = ui.GetSessionUserID();
if (ui.IsGUID(sTaskID) && ui.IsGUID(sUserID))
{
string sErr = "";
string sSQL = "";
//we encoded this in javascript before the ajax call.
//the safest way to unencode it is to use the same javascript lib.
//(sometimes the javascript and .net libs don't translate exactly, google it.)
sValue = ui.unpackJSON(sValue);
string sOriginalTaskID = "";
sSQL = "select original_task_id from task where task_id = '" + sTaskID + "'";
if (!dc.sqlGetSingleString(ref sOriginalTaskID, sSQL, ref sErr))
throw new Exception("Unable to get original_task_id for [" + sTaskID + "]." + sErr);
if (sOriginalTaskID == "")
return "Unable to get original_task_id for [" + sTaskID + "].";
// bugzilla 1074, check for existing task_code and task_name
if (sColumn == "task_code" || sColumn == "task_name")
{
sSQL = "select task_id from task where " +
sColumn.Replace("'", "''") + "='" + sValue.Replace("'", "''") + "'" +
" and original_task_id <> '" + sOriginalTaskID + "'";
string sValueExists = "";
if (!dc.sqlGetSingleString(ref sValueExists, sSQL, ref sErr))
throw new Exception("Unable to check for existing names [" + sTaskID + "]." + sErr);
if (!string.IsNullOrEmpty(sValueExists))
return sValue + " exists, please choose another value.";
}
if (sColumn == "task_code" || sColumn == "task_name")
{
//changing the name or code updates ALL VERSIONS
string sSetClause = sColumn + "='" + sValue.Replace("'", "''") + "'";
sSQL = "update task set " + sSetClause + " where original_task_id = '" + sOriginalTaskID + "'";
}
else
{
string sSetClause = sColumn + "='" + sValue.Replace("'", "''") + "'";
//some columns on this table allow nulls... in their case an empty sValue is a null
if (sColumn == "concurrent_instances" || sColumn == "queue_depth")
{
if (sValue.Replace(" ", "").Length == 0)
sSetClause = sColumn + " = null";
else
sSetClause = sColumn + "='" + sValue.Replace("'", "''") + "'";
}
//some columns are checkboxes, so make sure it is a db appropriate value (1 or 0)
//some columns on this table allow nulls... in their case an empty sValue is a null
if (sColumn == "concurrent_by_asset")
{
if (dc.IsTrue(sValue))
sSetClause = sColumn + " = 1";
else
sSetClause = sColumn + " = 0";
}
sSQL = "update task set " + sSetClause + " where task_id = '" + sTaskID + "'";
}
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Unable to update task [" + sTaskID + "]." + sErr);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, sColumn, sValue);
}
else
{
throw new Exception("Unable to update task. Missing or invalid task [" + sTaskID + "] id.");
}
}
catch (Exception ex)
{
throw ex;
}
return "";
}
public static string DeleteAssets(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
ArrayList arrList = new ArrayList();
arrList.AddRange(sDeleteArray.Split(','));
if (sDeleteArray.Length < 36)
{
return("");
}
StringBuilder sbAssetIDString = new StringBuilder();
StringBuilder sbAssetsCantDelete = new StringBuilder();
foreach (string sAssetID in arrList)
{
if (sAssetID.Length == 36)
{
// what about the instance tables?????
// bugzilla 1290 Assets that have history (task_instance table) can not be deleted
// exclude them from the list and return a message noting the asset(s) that could not be deleted
// check if this asset has any history rows.
sSql = "select count(*) from tv_task_instance where asset_id = '" + sAssetID + "'";
int iHistory = 0;
if (!dc.sqlGetSingleInteger(ref iHistory, sSql, ref sErr))
{
throw new Exception(sErr);
}
// if there is no history add this to the delete list,
// otherwise add the task id to the non delete list
if (iHistory == 0)
{
sbAssetIDString.Append("'" + sAssetID + "',");
}
else
{
sbAssetsCantDelete.Append("'" + sAssetID + "',");
};
}
}
// trim the trailing ,
if (sbAssetsCantDelete.ToString().Length > 2)
{
sbAssetsCantDelete.Remove(sbAssetsCantDelete.Length - 1, 1);
}
;
if (sbAssetIDString.ToString().Length > 2)
{
// delete from these tables:
// asset, asset_credential (if the credential is local).
// trim the trailing ,
sbAssetIDString.Remove(sbAssetIDString.Length - 1, 1);
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// delete asset_credential
sSql = "delete from asset_credential" +
" where shared_or_local = 1" +
" and credential_id in (select credential_id from asset where asset_id in (" + sbAssetIDString.ToString() + "))";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
// delete asset
sSql = "delete from asset where asset_id in (" + sbAssetIDString.ToString() + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
// add security log
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sbAssetIDString.ToString(), "Batch Asset Delete", "Deleted Assets in batch mode");
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
;
// if some did not get deleted return a message.
if (sbAssetsCantDelete.Length > 2)
{
string sTaskNames = "";
sSql = "select asset_name from asset where asset_id in (" + sbAssetsCantDelete.ToString() + ")";
if (!dc.csvGetList(ref sTaskNames, sSql, ref sErr, true))
{
throw new Exception(sErr);
}
return("Asset deletion completed. Asset(s) (" + sTaskNames + ") could not be deleted because history rows exist.");
}
else
{
return(sErr);
}
}
private void AlsoCopyEmbeddedStepsToClipboard(string sUserID, string sSourceStepID, string sRootStepID, string sNewParentStepID, ref string sErr)
{
dataAccess dc = new dataAccess();
FunctionTemplates.HTMLTemplates ft = new FunctionTemplates.HTMLTemplates();
acUI.acUI ui = new acUI.acUI();
//get all the steps that have the calling stepid as a parent (codeblock)
string sSQL = "select step_id" +
" from task_step" +
" where codeblock_name = '" + sSourceStepID + "'";
DataTable dt = new DataTable();
if (!dc.sqlGetDataTable(ref dt, sSQL, ref sErr))
throw new Exception(sErr);
foreach (DataRow dr in dt.Rows)
{
string sThisStepID = dr["step_id"].ToString();
string sThisNewID = ui.NewGUID();
//put them in the table
sSQL = "delete from task_step_clipboard" +
" where user_id = '" + sUserID + "'" +
" and src_step_id = '" + sThisStepID + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Unable to clean embedded steps of [" + sSourceStepID + "]." + sErr);
sSQL = " insert into task_step_clipboard" +
" (user_id, clip_dt, src_step_id, root_step_id, step_id, function_name, function_xml, step_desc," +
" output_parse_type, output_row_delimiter, output_column_delimiter, variable_xml, codeblock_name)" +
" select '" + sUserID + "', now(), step_id, '" + sRootStepID + "', '" + sThisNewID + "'," +
" function_name, function_xml, step_desc," +
" output_parse_type, output_row_delimiter, output_column_delimiter, variable_xml, '" + sNewParentStepID + "'" +
" from task_step" +
" where step_id = '" + sThisStepID + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Unable to copy embedded steps of [" + sSourceStepID + "]." + sErr);
//we need to update the "action" XML of the parent too...
/*OK here's the deal..I'm out of time
This should not be hardcoded, it should be smart enough to find an XML node with a specific
value and update that node.
I just don't know enought about xpath to figure it out, and don't have time to do it before
I gotta start chilling at tmo.
So, I've hardcoded it to the known cases so it will work.
Add a new dynamic command type that has embedded steps, and this will probably no longer work.
*/
ft.SetNodeValueinXMLColumn("task_step_clipboard", "function_xml", "user_id = '" + sUserID + "'" +
" and step_id = '" + sNewParentStepID + "'", "//action[text() = '" + sThisStepID + "']", sThisNewID);
ft.SetNodeValueinXMLColumn("task_step_clipboard", "function_xml", "user_id = '" + sUserID + "'" +
" and step_id = '" + sNewParentStepID + "'", "//else[text() = '" + sThisStepID + "']", sThisNewID);
ft.SetNodeValueinXMLColumn("task_step_clipboard", "function_xml", "user_id = '" + sUserID + "'" +
" and step_id = '" + sNewParentStepID + "'", "//positive_action[text() = '" + sThisStepID + "']", sThisNewID);
ft.SetNodeValueinXMLColumn("task_step_clipboard", "function_xml", "user_id = '" + sUserID + "'" +
" and step_id = '" + sNewParentStepID + "'", "//negative_action[text() = '" + sThisStepID + "']", sThisNewID);
//END OF HARDCODED HACK
// and check this one for children too
AlsoCopyEmbeddedStepsToClipboard(sUserID, sThisStepID, sRootStepID, sThisNewID, ref sErr);
}
}
public static string SaveAsset(object[] oAsset)
{
// check the # of elements in the array
if (oAsset.Length != 19)
{
return("Incorrect number of Asset Properties:" + oAsset.Length.ToString());
}
string sAssetID = oAsset[0].ToString();
string sAssetName = oAsset[1].ToString().Replace("'", "''");
string sDbName = oAsset[2].ToString().Replace("'", "''");
string sPort = oAsset[3].ToString();
string sConnectionType = oAsset[4].ToString();
string sIsConnection = "0"; // oAsset[5].ToString();
string sAddress = oAsset[5].ToString().Replace("'", "''");
// mode is edit or add
string sMode = oAsset[6].ToString();
string sCredentialID = oAsset[7].ToString();
string sCredUsername = oAsset[8].ToString().Replace("'", "''");
string sCredPassword = oAsset[9].ToString().Replace("'", "''");
string sShared = oAsset[10].ToString();
string sCredentialName = oAsset[11].ToString().Replace("'", "''");
string sCredentialDescr = oAsset[12].ToString().Replace("'", "''");
string sDomain = oAsset[13].ToString().Replace("'", "''");
string sCredentialType = oAsset[14].ToString();
string sAssetStatus = oAsset[15].ToString();
string sPrivilegedPassword = oAsset[16].ToString();
string sTagArray = oAsset[17].ToString();
string sConnString = oAsset[18].ToString().Replace("'", "''");
// for logging
string sOriginalAssetName = "";
string sOriginalPort = "";
string sOriginalDbName = "";
string sOriginalAddress = "";
string sOriginalConnectionType = "";
string sOriginalUserName = "";
string sOriginalConnString = "";
string sOriginalCredentialID = "";
string sOriginalAssetStatus = "";
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
//if we are editing get the original values
//this is getting original values for logging purposes
if (sMode == "edit")
{
DataRow dr = null;
sSql = "select a.asset_name, a.asset_status, a.port, a.db_name, a.address, a.db_name, a.connection_type, a.conn_string, ac.username, a.credential_id," +
" case when a.is_connection_system = '1' then 'Yes' else 'No' end as is_connection_system " +
" from asset a " +
" left outer join asset_credential ac on ac.credential_id = a.credential_id " +
" where a.asset_id = '" + sAssetID + "'";
if (!dc.sqlGetDataRow(ref dr, sSql, ref sErr))
{
throw new Exception(sErr);
}
else
{
if (dr != null)
{
sOriginalAssetName = dr["asset_name"].ToString();
sOriginalPort = (object.ReferenceEquals(dr["port"], DBNull.Value) ? "" : dr["port"].ToString());
sOriginalDbName = (object.ReferenceEquals(dr["db_name"], DBNull.Value) ? "" : dr["db_name"].ToString());
sOriginalAddress = (object.ReferenceEquals(dr["address"], DBNull.Value) ? "" : dr["address"].ToString());
sOriginalConnectionType = (object.ReferenceEquals(dr["connection_type"], DBNull.Value) ? "" : dr["connection_type"].ToString());
sOriginalUserName = (object.ReferenceEquals(dr["username"], DBNull.Value) ? "" : dr["username"].ToString());
sOriginalConnString = (object.ReferenceEquals(dr["conn_string"], DBNull.Value) ? "" : dr["conn_string"].ToString());
sOriginalCredentialID = (object.ReferenceEquals(dr["credential_id"], DBNull.Value) ? "" : dr["credential_id"].ToString());
sOriginalAssetStatus = dr["asset_status"].ToString();
}
}
}
//NOTE NOTE NOTE!
//the following is a catch 22.
//if we're adding a new asset, we will need to figure out the credential first so we can save the credential id on the asset
//but if it's a new local credential, it gets the asset id as it's name.
//so.........
//if it's a new asset, go ahead and get the new guid for it here so the credential add will work.
if (sMode == "add")
{
sAssetID = ui.NewGUID();
}
//and move on...
// there are three CredentialType's
// 1) 'selected' = user selected a different credential, just save the credential_id
// 2) 'new' = user created a new shared or local credential
// 3) 'existing' = same credential, just update the username,description ad password
string sPriviledgedPasswordUpdate = null;
if (sCredentialType == "new")
{
if (sPrivilegedPassword.Length == 0)
{
sPriviledgedPasswordUpdate = "NULL";
}
else
{
sPriviledgedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'";
}
//if it's a local credential, the credential_name is the asset_id.
//if it's shared, there will be a name.
if (sShared == "1")
{
sCredentialName = sAssetID;
//whack and add - easiest way to avoid conflicts
sSql = "delete from asset_credential where credential_name = '" + sCredentialName + "' and shared_or_local = '1'";
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
{
throw new Exception(sErr);
}
}
//now we're clear to add
sCredentialID = "'" + ui.NewGUID() + "'";
sSql = "insert into asset_credential " +
"(credential_id,credential_name,username,password,domain,shared_or_local,shared_cred_desc,privileged_password) " +
"values (" + sCredentialID + ",'" + sCredentialName + "','" + sCredUsername + "','" + dc.EnCrypt(sCredPassword) + "','" + sDomain + "','" + sShared + "','" + sCredentialDescr + "'," + sPriviledgedPasswordUpdate + ")";
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
{
if (sErr == "key_violation")
{
throw new Exception("A Credential with that name already exists. Please select another name.");
}
else
{
throw new Exception(sErr);
}
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sCredentialName, "");
}
else if (sCredentialType == "existing")
{
sCredentialID = "'" + sCredentialID + "'";
// bugzilla 1126 if the password has not changed leave it as is.
string sPasswordUpdate = null;
if (sCredPassword == "($%#d@x!&")
{
// password has not been touched
sPasswordUpdate = "";
}
else
{
// updated password
sPasswordUpdate = ",password = '******'";
}
// bugzilla 1260
// same for privileged_password
if (sPrivilegedPassword == "($%#d@x!&")
{
// password has not been touched
sPriviledgedPasswordUpdate = "";
}
else
{
// updated password
// bugzilla 1352 priviledged password can be blank, so if it is, set it to null
if (sPrivilegedPassword.Length == 0)
{
sPriviledgedPasswordUpdate = ",privileged_password = null";
}
else
{
sPriviledgedPasswordUpdate = ",privileged_password = '******'";
}
}
sSql = "update asset_credential " +
"set username = '******'" + sPasswordUpdate + sPriviledgedPasswordUpdate + ",domain = '" + sDomain + "'," +
"shared_or_local = '" + sShared + "',shared_cred_desc = '" + sCredentialDescr + "'" +
"where credential_id = " + sCredentialID;
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
{
throw new Exception(sErr);
}
// add security log
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + "Changed credential", sOriginalUserName, sCredUsername);
}
else
{
// user selected a shared credential
// remove the local credential if one exists
if (sOriginalCredentialID.Length > 0)
{
sSql = "delete from asset_credential where credential_id = '" + sOriginalCredentialID + "' and shared_or_local = '1'";
if (!dc.sqlExecuteUpdate(sSql, ref sErr))
{
throw new Exception(sErr);
}
// add security log
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Credential deleted" + sOriginalCredentialID + " " + sOriginalUserName);
}
sCredentialID = "'" + sCredentialID + "'";
}
// checks that cant be done on the client side
// is the name unique?
string sInuse = "";
if (sMode == "edit")
{
sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' and asset_id <> '" + sAssetID + "' limit 1";
}
else
{
sSql = "select asset_id from asset where asset_name = '" + sAssetName.Trim() + "' limit 1";
}
if (!dc.sqlGetSingleString(ref sInuse, sSql, ref sErr))
{
throw new Exception(sErr);
}
else
if (!string.IsNullOrEmpty(sInuse))
{
return("Asset Name '" + sAssetName + "' already in use, choose another." + sAssetID);
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
if (sMode == "edit")
{
sSql = "update asset set asset_name = '" + sAssetName + "'," +
" asset_status = '" + sAssetStatus + "'," +
" address = '" + sAddress + "'" + "," +
" conn_string = '" + sConnString + "'" + "," +
" db_name = '" + sDbName + "'," +
" port = " + (sPort == "" ? "NULL" : "'" + sPort + "'") + "," +
" connection_type = '" + sConnectionType + "'," +
" is_connection_system = '" + (sIsConnection == "Yes" ? 1 : 0) + "'," +
" credential_id = " + sCredentialID +
" where asset_id = '" + sAssetID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
else
{
sSql = "insert into asset (asset_id,asset_name,asset_status,address,conn_string,db_name,port,connection_type,is_connection_system,credential_id)" +
" values (" +
"'" + sAssetID + "'," +
"'" + sAssetName + "'," +
"'" + sAssetStatus + "'," +
"'" + sAddress + "'," +
"'" + sConnString + "'," +
"'" + sDbName + "'," +
(sPort == "" ? "NULL" : "'" + sPort + "'") + "," +
"'" + sConnectionType + "'," +
"'0'," +
sCredentialID + ")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
#region "tags"
// remove the existing tags
sSql = "delete from object_tags where object_id = '" + sAssetID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
// add user groups, if there are any
if (sTagArray.Length > 0)
{
ArrayList aTags = new ArrayList(sTagArray.Split(','));
foreach (string sTagName in aTags)
{
sSql = "insert object_tags (object_id, object_type, tag_name)" +
" values ('" + sAssetID + "', 2, '" + sTagName + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
#endregion
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
//--------------------------------------------------------------------------------------------------
// NOTE! too many if edit... probably need to just make 2 functions, update asset, and create asset
//--------------------------------------------------------------------------------------------------
// add security log
// since this is not handled as a page postback, theres no "Viewstate" settings
// so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the
// update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here
if (sMode == "edit")
{
string sOrigCredUsername = GetCredentialNameFromID(sOriginalCredentialID.Replace("'", "")).ToString();
string sCurrentCredUsername = GetCredentialNameFromID(sCredentialID.Replace("'", "")).ToString();
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Name", sOriginalAssetName, sAssetName);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Address", sOriginalAddress, sAddress);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Port", sOriginalPort, sPort);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " DB Name", sOriginalDbName, sDbName);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Connection Type", sOriginalConnectionType, sConnectionType);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Credential", sOrigCredUsername, sCurrentCredUsername);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " Status", sOriginalAssetStatus, sAssetStatus);
ui.WriteObjectChangeLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''") + " ConnString", sOriginalConnString, sConnString);
}
else
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Asset, sAssetID, sAssetName.Trim().Replace("'", "''"), "Asset Created");
}
// no errors to here, so return an empty string
return("");
}
public void wmCopyStepToClipboard(string sStepID)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
try
{
if (ui.IsGUID(sStepID))
{
// should also do this whole thing in a transaction.
string sUserID = ui.GetSessionUserID();
string sErr = "";
//stuff gets new ids when copied into the clpboard.
//what way when adding, we don't have to loop
//(yes, I know we have to loop here, but adding is already a long process
//... so we can better afford to do it here than there.)
string sNewStepID = ui.NewGUID();
//it's a bit hokey, but if a step already exists in the clipboard,
//and we are copying that step again,
//ALWAYS remove the old one.
//we don't want to end up with lots of confusing copies
string sSQL = "delete from task_step_clipboard" +
" where user_id = '" + sUserID + "'" +
" and src_step_id = '" + sStepID + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Unable to clean clipboard." + sErr);
sSQL = " insert into task_step_clipboard" +
" (user_id, clip_dt, src_step_id, root_step_id, step_id, function_name, function_xml, step_desc," +
" output_parse_type, output_row_delimiter, output_column_delimiter, variable_xml)" +
" select '" + sUserID + "', now(), step_id, '" + sNewStepID + "', '" + sNewStepID + "'," +
" function_name, function_xml, step_desc," +
" output_parse_type, output_row_delimiter, output_column_delimiter, variable_xml" +
" from task_step" +
" where step_id = '" + sStepID + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception("Unable to copy step [" + sStepID + "]." + sErr);
//now, if the step we just copied has embedded steps,
//we need to get them too, but stick them in the clipboard table
//in a hidden fashion. (So they are preserved there, but not visible in the list.)
//we are doing it in a recursive call since the nested steps may themselves have nested steps.
AlsoCopyEmbeddedStepsToClipboard(sUserID, sStepID, sNewStepID, sNewStepID, ref sErr);
return;
}
else
{
throw new Exception("Unable to copy step. Missing or invalid step_id.");
}
}
catch (Exception ex)
{
throw ex;
}
}
public static string LoadAssetData(string sAssetID)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
string sAssetName = null;
string sPort = null;
string sDbName = null;
string sAddress = null;
string sConnectionType = null;
string sUserName = null;
string sSharedOrLocal = null;
string sCredentialID = null;
string sPassword = null;
string sDomain = null;
string sAssetStatus = null;
string sPrivilegedPassword = null;
string sSharedCredName = null;
string sSharedCredDesc = null;
string sConnString = null;
DataRow dr = null;
sSql = "select a.asset_name, a.asset_status, a.port, a.db_name, a.conn_string," +
" a.address, a.connection_type, ac.username, ac.password, ac.privileged_password, ac.domain, ac.shared_cred_desc, ac.credential_name, a.credential_id," +
" case when ac.shared_or_local = '0' then 'Shared' else 'Local' end as shared_or_local" +
" from asset a " +
" left outer join asset_credential ac on ac.credential_id = a.credential_id " +
" where a.asset_id = '" + sAssetID + "'";
if (!dc.sqlGetDataRow(ref dr, sSql, ref sErr))
{
throw new Exception(sErr);
}
else
{
if (dr != null)
{
sAssetName = dr["asset_name"].ToString();
sPort = (object.ReferenceEquals(dr["port"], DBNull.Value) ? "" : dr["port"].ToString());
sDbName = (object.ReferenceEquals(dr["db_name"], DBNull.Value) ? "" : dr["db_name"].ToString());
sAddress = (object.ReferenceEquals(dr["address"], DBNull.Value) ? "" : dr["address"].ToString().Replace("\\\\", "||"));
sAddress = sAddress.Replace("\\", "|");
sConnectionType = (object.ReferenceEquals(dr["connection_type"], DBNull.Value) ? "" : dr["connection_type"].ToString());
sUserName = (object.ReferenceEquals(dr["username"], DBNull.Value) ? "" : dr["username"].ToString());
sConnString = (object.ReferenceEquals(dr["conn_string"], DBNull.Value) ? "" : dr["conn_string"].ToString());
sSharedOrLocal = (object.ReferenceEquals(dr["shared_or_local"], DBNull.Value) ? "" : dr["shared_or_local"].ToString());
sCredentialID = (object.ReferenceEquals(dr["credential_id"], DBNull.Value) ? "" : dr["credential_id"].ToString());
sPassword = (object.ReferenceEquals(dr["password"], DBNull.Value) ? "" : "($%#d@x!&");
sDomain = (object.ReferenceEquals(dr["domain"], DBNull.Value) ? "" : dr["domain"].ToString());
sAssetStatus = dr["asset_status"].ToString();
sPrivilegedPassword = (object.ReferenceEquals(dr["privileged_password"], DBNull.Value) ? "" : "($%#d@x!&");
sSharedCredName = (object.ReferenceEquals(dr["credential_name"], DBNull.Value) ? "" : dr["credential_name"].ToString());
sSharedCredDesc = (object.ReferenceEquals(dr["shared_cred_desc"], DBNull.Value) ? "" : dr["shared_cred_desc"].ToString());
}
}
// Return the asset object as a JSON
StringBuilder sbAssetValues = new StringBuilder();
sbAssetValues.Append("{");
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sAssetName", ui.packJSON(sAssetName));
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sPort", sPort);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sDbName", sDbName);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sAddress", sAddress);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sConnectionType", sConnectionType);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sUserName", sUserName);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sConnString", ui.packJSON(sConnString));
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sSharedOrLocal", sSharedOrLocal);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sCredentialID", sCredentialID);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sPassword", sPassword);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sDomain", sDomain);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sPriviledgedPassword", sPrivilegedPassword);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sSharedCredName", sSharedCredName);
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\",", "sSharedCredDesc", ui.packJSON(sSharedCredDesc));
//last value, no comma on the end
sbAssetValues.AppendFormat("\"{0}\" : \"{1}\"", "sAssetStatus", sAssetStatus);
sbAssetValues.Append("}");
return(sbAssetValues.ToString());
}
public string wmCopyTask(string sCopyTaskID, string sTaskCode, string sTaskName)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sErr = null;
// checks that cant be done on the client side
// is the name unique?
string sTaskNameInUse = "";
if (!dc.sqlGetSingleString(ref sTaskNameInUse, "select task_id from task where task_name = '" + sTaskName.Replace("'", "''") + "' limit 1", ref sErr))
{
throw new Exception(sErr);
}
else
{
if (!string.IsNullOrEmpty(sTaskNameInUse))
{
return "Task Name [" + sTaskName + "] already in use. Please choose another name.";
}
}
// checks that cant be done on the client side
// is the name unique?
string sTaskCodeInUse = "";
if (!dc.sqlGetSingleString(ref sTaskCodeInUse, "select task_id from task where task_code = '" + sTaskCode.Replace("'", "''") + "' limit 1", ref sErr))
{
throw new Exception(sErr);
}
else
{
if (!string.IsNullOrEmpty(sTaskCodeInUse))
{
return "Task Code [" + sTaskCode + "] already in use. Please choose another code.";
}
}
string sNewTaskGUID = CopyTask(0, sCopyTaskID, sTaskName.Replace("'", "''"), sTaskCode.Replace("'", "''"));
if (!string.IsNullOrEmpty(sNewTaskGUID))
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewTaskGUID, sTaskName, "Copied from " + sCopyTaskID);
}
// success, return the new task_id
return sNewTaskGUID;
}
public string wmDeleteTasks(string sDeleteArray)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = "";
string sTaskNames = "";
if (sDeleteArray.Length < 36)
return "";
sDeleteArray = ui.QuoteUp(sDeleteArray);
//NOTE: right now this plows ALL versions. There is an enhancement to possibly 'retire' a task, or
//only delete certain versions.
try
{
// what about the instance tables?????
// bugzilla 1290 Tasks that have history (task_instance table) can not be deleted
// exclude them from the list and return a message noting the task(s) that could not be deleted
// first we need a list of tasks that will not be deleted
sSql = "select task_name from task t " +
"where t.original_task_id in (" + sDeleteArray.ToString() + ") " +
"and t.task_id in (select ti.task_id from tv_task_instance ti where ti.task_id = t.task_id)";
if (!dc.csvGetList(ref sTaskNames, sSql, ref sErr, true))
throw new Exception(sErr);
// list of tasks that will be deleted
//we have an array of 'original_task_id'.
//we need an array or task_id
//build one.
sSql = "select t.task_id from task t " +
"where t.original_task_id in (" + sDeleteArray.ToString() + ") " +
"and t.task_id not in (select ti.task_id from tv_task_instance ti where ti.task_id = t.task_id)";
string sTaskIDs = "";
if (!dc.csvGetList(ref sTaskIDs, sSql, ref sErr, true))
throw new Exception(sErr);
// if any tasks can be deleted
if (sTaskIDs.Length > 1)
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//oTrans.Command.CommandText = "delete from task_asset_attribute where task_id in (" + sTaskIDs + ")";
//if (!oTrans.ExecUpdate(ref sErr))
// throw new Exception(sErr);
oTrans.Command.CommandText = "delete from task_step_user_settings" +
" where step_id in" +
" (select step_id from task_step where task_id in (" + sTaskIDs + "))";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "delete from task_step where task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "delete from task_codeblock where task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Command.CommandText = "delete from task where task_id in (" + sTaskIDs + ")";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception(sErr);
oTrans.Commit();
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Task, "Multiple", "Original Task IDs", sDeleteArray.ToString());
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// if the sTaskNames contains any names, then send back a message that these were not deleted because of history records.
if (sTaskNames.Length > 0)
{
return "Task(s) (" + sTaskNames + ") have history rows and could not be deleted.";
}
else
{
return sErr;
}
}
public string wmCreateTask(object[] oObj)
{
try
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
// we are passing in 8 elements, if we have 8 go
//if (oObj.Length != 8) return "Incorrect list of attributes";
string sTaskName = oObj[0].ToString().Replace("'", "''").Trim();
string sTaskCode = oObj[1].ToString().Replace("'", "''").Trim();
string sTaskDesc = oObj[2].ToString().Replace("'", "''").Trim();
//string sTaskOrder = "";
//if (oObj.Length > 4)
// sTaskOrder = oObj[4].ToString().Trim();
// checks that cant be done on the client side
// is the name unique?
sSql = "select task_id from task " +
" where (task_code = '" + sTaskCode + "' or task_name = '" + sTaskName + "')";
string sValueExists = "";
if (!dc.sqlGetSingleString(ref sValueExists, sSql, ref sErr))
{
throw new Exception("Unable to check for existing names." + sErr);
}
if (sValueExists != "")
{
return "Another Task with that Code or Name exists, please choose another value.";
}
// passed client and server validations, create the user
string sNewID = ui.NewGUID();
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// all good, save the new user and redirect to the user edit page.
sSql = "insert task" +
" (task_id, original_task_id, version, default_version," +
" task_name, task_code, task_desc, created_dt)" +
" values " +
"('" + sNewID + "', '" + sNewID + "', 1.0000, 1, '" +
sTaskName + "', '" + sTaskCode + "', '" + sTaskDesc + "', now())";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
// every task gets a MAIN codeblock... period.
sSql = "insert task_codeblock (task_id, codeblock_name)" +
" values ('" + sNewID + "', 'MAIN')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception("Error updating the DB." + ex.Message);
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.Task, sNewID, sTaskName, "");
// success, return the new task_id
return "task_id=" + sNewID;
}
catch (Exception ex)
{
throw new Exception("One or more invalid or missing AJAX arguments." + ex.Message);
}
}
public static string SaveAccount(string sMode, string sAccountID, string sAccountName, string sAccountNumber, string sProvider,
string sLoginID, string sLoginPassword, string sLoginPasswordConfirm, string sIsDefault, string sAutoManageSecurity)
{
// for logging
string sOriginalName = "";
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = "";
string sErr = "";
//if we are editing get the original values
if (sMode == "edit")
{
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
sSql = "select account_name from cloud_account " +
"where account_id = '" + sAccountID + "'";
if (!dc.sqlGetSingleString(ref sOriginalName, sSql, ref sErr))
throw new Exception("Error getting original account name:" + sErr);
// only update the passwword if it has changed
string sNewPassword = "";
if (sLoginPassword != "($%#d@x!&")
{
sNewPassword = "******" + dc.EnCrypt(sLoginPassword) + "'";
}
sSql = "update cloud_account set" +
" account_name = '" + sAccountName + "'," +
" account_number = '" + sAccountNumber + "'," +
" provider = '" + sProvider + "'," +
" is_default = '" + sIsDefault + "'," +
" auto_manage_security = '" + sAutoManageSecurity + "'," +
" login_id = '" + sLoginID + "'" +
sNewPassword +
" where account_id = '" + sAccountID + "'";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Error updating account: " + sErr);
ui.WriteObjectChangeLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, sOriginalName, sAccountName);}
else
{
//now, for some reason we were having issues with the initial startup of apache
//not able to perform the very first database hit.
//this line serves as an inital db hit, but we aren't trapping it or showing the error
dc.TestDBConnection(ref sErr);
//if there are no rows yet, make this one the default even if the box isn't checked.
if (sIsDefault == "0")
{
int iExists = -1;
sSql = "select count(*) as cnt from cloud_account";
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
System.Threading.Thread.Sleep(300);
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
{
System.Threading.Thread.Sleep(300);
if (!dc.sqlGetSingleInteger(ref iExists, sSql, ref sErr))
throw new Exception("Unable to count Cloud Accounts: " + sErr);
}
}
if (iExists == 0)
sIsDefault = "1";
}
sAccountID = ui.NewGUID();
sSql = "insert into cloud_account (account_id, account_name, account_number, provider, is_default, login_id, login_password, auto_manage_security)" +
" values ('" + sAccountID + "'," +
"'" + sAccountName + "'," +
"'" + sAccountNumber + "'," +
"'" + sProvider + "'," +
"'" + sIsDefault + "'," +
"'" + sLoginID + "'," +
"'" + dc.EnCrypt(sLoginPassword) + "'," +
"'" + sAutoManageSecurity + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Error creating account: " + sErr);
ui.WriteObjectAddLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, "Account Created");
}
//if "default" was selected, unset all the others
if (dc.IsTrue(sIsDefault))
{
oTrans.Command.CommandText = "update cloud_account set is_default = 0 where account_id <> '" + sAccountID + "'";
if (!oTrans.ExecUpdate(ref sErr))
throw new Exception("Error updating defaults: " + sErr);
}
oTrans.Commit();
//refresh the cloud account list in the session
if (!ui.PutCloudAccountsInSession(ref sErr))
throw new Exception("Error refreshing accounts in session: " + sErr);
}
catch (Exception ex)
{
throw new Exception("Error: General Exception: " + ex.Message);
}
// no errors to here, so return an empty string
return "{'account_id':'" + sAccountID + "', 'account_name':'" + sAccountName + "', 'provider':'" + sProvider + "'}";
}
public string wmDeleteTaskParam(string sType, string sID, string sParamID)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
FunctionTemplates.HTMLTemplates ft = new FunctionTemplates.HTMLTemplates();
string sErr = "";
string sSQL = "";
string sTable = "";
if (sType == "ecosystem")
sTable = "ecosystem";
else if (sType == "task")
sTable = "task";
if (!string.IsNullOrEmpty(sParamID) && ui.IsGUID(sID))
{
// need the name and values for logging
string sXML = "";
sSQL = "select parameter_xml" +
" from " + sTable +
" where " + sType + "_id = '" + sID + "'";
if (!dc.sqlGetSingleString(ref sXML, sSQL, ref sErr))
throw new Exception("Unable to get parameter_xml. " + sErr);
if (sXML != "")
{
XDocument xd = XDocument.Parse(sXML);
if (xd == null) throw new Exception("XML parameter data is invalid.");
XElement xName = xd.XPathSelectElement("//parameter[@id = \"" + sParamID + "\"]/name");
string sName = (xName == null ? "" : xName.Value);
XElement xValues = xd.XPathSelectElement("//parameter[@id = \"" + sParamID + "\"]/values");
string sValues = (xValues == null ? "" : xValues.ToString());
// add security log
ui.WriteObjectDeleteLog(Globals.acObjectTypes.Parameter, "", sID, "");
if (sType == "task") { ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sID, "Deleted Parameter:[" + sName + "]", sValues); };
if (sType == "ecosystem") { ui.WriteObjectChangeLog(Globals.acObjectTypes.Ecosystem, sID, "Deleted Parameter:[" + sName + "]", sValues); };
}
//do the whack
ft.RemoveNodeFromXMLColumn(sTable, "parameter_xml", sType + "_id = '" + sID + "'", "//parameter[@id = \"" + sParamID + "\"]");
return "";
}
else
{
throw new Exception("Invalid or missing Task or Parameter ID.");
}
}
public static string SaveCredential(object[] oAsset)
{
// we are passing in 16 elements, if we have 16 go
if (oAsset.Length != 8)
{
return("Incorrect list of attributes:" + oAsset.Length.ToString());
}
string sCredentialID = oAsset[0].ToString();
string sCredentialName = oAsset[1].ToString().Replace("'", "''");
string sUserName = oAsset[2].ToString().Replace("'", "''");
string sCredentialDesc = oAsset[3].ToString().Replace("'", "''");
string sPassword = oAsset[4].ToString();
string sDomain = oAsset[5].ToString();
string sMode = oAsset[6].ToString();
string sPrivilegedPassword = oAsset[7].ToString();
// for logging
string sOriginalUserName = null;
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sSql = null;
string sErr = null;
//if we are editing get the original values
if (sMode == "edit")
{
sSql = "select username from asset_credential " +
"where credential_id = '" + sCredentialID + "'";
if (!dc.sqlGetSingleString(ref sOriginalUserName, sSql, ref sErr))
{
throw new Exception(sErr);
}
}
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// update the user fields.
if (sMode == "edit")
{
// only update the passwword if it has changed
string sNewPassword = "";
if (sPassword != "($%#d@x!&")
{
sNewPassword = "******" + dc.EnCrypt(sPassword) + "'";
}
// bugzilla 1260
// same for privileged_password
string sPriviledgedPasswordUpdate = null;
if (sPrivilegedPassword == "($%#d@x!&")
{
// password has not been touched
sPriviledgedPasswordUpdate = "";
}
else
{
// updated password
sPriviledgedPasswordUpdate = ",privileged_password = '******'";
}
sSql = "update asset_credential set" +
" credential_name = '" + sCredentialName + "'," +
" username = '******'," +
" domain = '" + sDomain.Replace("'", "''") + "'," +
" shared_cred_desc = '" + sCredentialDesc + "'" +
sNewPassword +
sPriviledgedPasswordUpdate +
" where credential_id = '" + sCredentialID + "'";
}
else
{
// if the priviledged password is empty just set it to null
string sPrivilegedPasswordUpdate = "NULL";
if (sPrivilegedPassword.Length != 0)
{
sPrivilegedPasswordUpdate = "'" + dc.EnCrypt(sPrivilegedPassword) + "'";
}
;
sSql = "insert into asset_credential (credential_id, credential_name, username, password, domain, shared_cred_desc, shared_or_local, privileged_password)" +
" values (" + "'" + ui.NewGUID() + "'," +
"'" + sCredentialName.Replace("'", "''") + "'," +
"'" + sUserName.Replace("'", "''") + "'," +
"'" + dc.EnCrypt(sPassword) + "'," +
"'" + sDomain.Replace("'", "''") + "'," +
"'" + sCredentialDesc.Replace("'", "''") + "'," +
"'0'," + sPrivilegedPasswordUpdate + ")";
}
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
if (sErr == "key_violation")
{
throw new Exception("A Credential with that name already exists. Please select another name.");
}
else
{
throw new Exception(sErr);
}
}
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
// since this is not handled as a page postback, theres no "Viewstate" settings
// so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the
// update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here
if (sMode == "edit")
{
ui.WriteObjectChangeLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), sOriginalUserName, sUserName.Replace("'", "''"));
}
else
{
ui.WriteObjectAddLog(Globals.acObjectTypes.Credential, sCredentialID, sUserName.Replace("'", "''"), "Credential Created");
}
// no errors to here, so return an empty string
return("");
}
public string wmExportTasks(string sTaskArray)
{
acUI.acUI ui = new acUI.acUI();
ImportExport.ImportExportClass ie = new ImportExport.ImportExportClass();
string sErr = "";
//pretty much just call the ImportExport function
try
{
//what are we gonna call the final file?
string sUserID = ui.GetSessionUserID();
string sFileName = sUserID + "_backup";
string sPath = Server.MapPath("~/temp/");
if (sTaskArray.Length < 36)
return "";
sTaskArray = ui.QuoteUp(sTaskArray);
if (!ie.doBatchTaskExport(sPath, sTaskArray, sFileName, ref sErr))
{
throw new Exception("Unable to export Tasks." + sErr);
}
if (sErr == "")
return sFileName + ".zip";
else
return sErr;
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
public string GetCloudObjectsAsXML(string sCloudID, CloudObjectType cot, ref string sErr, Dictionary <string, string> AdditionalArguments)
{
acUI.acUI ui = new acUI.acUI();
string sXML = "";
string sAccountID = ui.GetSelectedCloudAccountID();
CloudAccount ca = new CloudAccount(sAccountID);
if (ca.ID == null)
{
sErr = "Failed to get Cloud Account details for Cloud Account ID [" + sAccountID + "].";
return(null);
}
if (cot != null)
{
//many reasons why we'd bail here. Rather than a bunch of testing below, let's just crash
//if a key field is missing.
if (string.IsNullOrEmpty(cot.ID))
{
sErr = "Cannot find definition for requested object type [" + cot.ID + "]"; return(null);
}
// if (string.IsNullOrEmpty(prod.APIUrlPrefix))
// { sErr = "APIUrlPrefix not defined for requested object type [" + cot.ID + "]"; return null; }
// if (string.IsNullOrEmpty(cot.APICall))
// { sErr = "APICall not defined for requested object type [" + cot.ID + "]"; return null; }
}
else
{
sErr = "GetCloudObjectType failed for [" + cot.ID + "]";
return(null);
}
//get the cloud object
Cloud c = new Cloud(sCloudID);
if (c.ID == null)
{
sErr = "Failed to get Cloud details for Cloud ID [" + sCloudID + "].";
return(null);
}
// //HOST URL
// //we have to use the provided cloud and object type to construct an endpoint
// //if either of these values is missing, we will attempt to use the other one standalone.
// string sHostName = "";
//
// //if both are there, concatenate them
// if (!string.IsNullOrEmpty(prod.APIUrlPrefix) && !string.IsNullOrEmpty(c.APIUrl))
// sHostName = prod.APIUrlPrefix + "." + c.APIUrl;
// else if (string.IsNullOrEmpty(prod.APIUrlPrefix) && !string.IsNullOrEmpty(c.APIUrl))
// sHostName = c.APIUrl;
// else if (!string.IsNullOrEmpty(prod.APIUrlPrefix) && string.IsNullOrEmpty(c.APIUrl))
// sHostName = prod.APIUrlPrefix;
//
// if (string.IsNullOrEmpty(sHostName)) {
// sErr = "Unable to reconcile an endpoint from the Cloud [" + c.Name + "] or Cloud Object [" + cot.ID + "] definitions." + sErr;
// return null;
// }
//
//
// //HOST URI
// //what's the URI... (if any)
// string sResourceURI = "";
// if (!string.IsNullOrEmpty(prod.APIUri))
// sResourceURI = prod.APIUri;
//
//
//
// //PARAMETERS
// //first, this is an explicit list of parameters in a dictionary.
// //in the real world, we'll probably pull these params from a table
// //or have to parse a querystring
// ParamComparer pc = new ParamComparer();
// SortedDictionary<string, string> sortedRequestParams = new SortedDictionary<string, string>(pc);
//
// //call specific parameters (this is AWS specific!!!)
// sortedRequestParams.Add("Action", cot.APICall);
//
// //do we need to apply a group filter? If it's defined on the table then YES!
// if (!string.IsNullOrEmpty(cot.APIRequestGroupFilter))
// {
// string[] sTmp = cot.APIRequestGroupFilter.Split('=');
// sortedRequestParams.Add(sTmp[0], sTmp[1]);
// }
//
// //ADDITIONAL ARGUMENTS
// if (AdditionalArguments != null)
// {
// //we have custom arguments... use them
// //for each... add to sortedRequestParams
// //if the same key from the group filter is defined as sAdditionalArguments it overrides the table!
// }
//
//
// //AWS auth parameters
// string sDate = DateTime.UtcNow.ToString("yyyy'-'MM'-'dd'T'HH':'mm':'ss", DateTimeFormatInfo.InvariantInfo);
//
// sortedRequestParams.Add("AWSAccessKeyId", sAccessKeyID);
// sortedRequestParams.Add("Version", prod.APIVersion);
//
// //some products use the older Expires method
// if (prod.Name == "s3")
// sortedRequestParams.Add("Expires", "2020202020"); // a point waaaay in the distant future.
// else
// sortedRequestParams.Add("Timestamp", sDate);
//
// sortedRequestParams.Add("SignatureMethod", "HmacSHA256");
// sortedRequestParams.Add("SignatureVersion", "2");
//
//
//
// //now we have all the parameters in a list, build a sorted, encoded querystring string
// string sQueryString = GetSortedParamsAsString(sortedRequestParams, true);
//
//
// //use the URL/URI plus the querystring to build the full request to be signed
// string sStringToSign = awsComposeStringToSign("GET", sHostName, sResourceURI, sQueryString);
//
// //and sign it
// //string sSignature = GetAWS3_SHA1AuthorizationValue(sSecretAccessKeyID, sStringToSign);
// string sSignature = awsGetSHA256AuthorizationValue(sSecretAccessKeyID, sStringToSign);
//
// //finally, urlencode the signature
// sSignature = PercentEncodeRfc3986(sSignature);
//
//
// string sHostURL = prod.APIProtocol.ToLower() + "://" + sHostName + sResourceURI;
// string sURL = sHostURL + "?" + sQueryString + "&Signature=" + sSignature;
string sURL = GetURL(ca, c, cot, AdditionalArguments, ref sErr);
if (!string.IsNullOrEmpty(sErr))
{
return(null);
}
sXML = ui.HTTPGet(sURL, ref sErr);
if (!string.IsNullOrEmpty(sErr))
{
return(null);
}
return(sXML);
}
public static string SaveKeyPair(string sKeypairID, string sAccountID, string sName, string sPK, string sPP)
{
acUI.acUI ui = new acUI.acUI();
if (string.IsNullOrEmpty(sName))
return "KeyPair Name is Required.";
//we encoded this in javascript before the ajax call.
//the safest way to unencode it is to use the same javascript lib.
//(sometimes the javascript and .net libs don't translate exactly, google it.)
sPK = ui.unpackJSON(sPK);
bool bUpdatePK = false;
if (sPK != "-----BEGIN RSA PRIVATE KEY-----\n**********\n-----END RSA PRIVATE KEY-----")
{
//we want to make sure it's not just the placeholder, but DOES have the wrapper.
//and 61 is the lenght of the wrapper with no content... effectively empty
if (sPK.StartsWith("-----BEGIN RSA PRIVATE KEY-----\n") && sPK.EndsWith("\n-----END RSA PRIVATE KEY-----"))
{
//now, is there truly something in it?
string sContent = sPK.Replace("-----BEGIN RSA PRIVATE KEY-----", "").Replace("-----END RSA PRIVATE KEY-----", "").Replace("\n", "");
if (sContent.Length > 0)
bUpdatePK = true;
else
return "Private Key contained within:<br />-----BEGIN RSA PRIVATE KEY-----<br />and<br />-----END RSA PRIVATE KEY-----<br />cannot be blank.";
}
else
{
return "Private Key must be contained within:<br />-----BEGIN RSA PRIVATE KEY-----<br />and<br />-----END RSA PRIVATE KEY-----";
}
}
bool bUpdatePP = false;
if (sPP != "!2E4S6789O")
bUpdatePP = true;
//all good, keep going
dataAccess dc = new dataAccess();
string sSQL = null;
string sErr = null;
try
{
if (string.IsNullOrEmpty(sKeypairID))
{
//empty id, it's a new one.
string sPKClause = "";
if (bUpdatePK)
sPKClause = "'" + dc.EnCrypt(sPK) + "'";
string sPPClause = "null";
if (bUpdatePP)
sPPClause = "'" + dc.EnCrypt(sPP) + "'";
sSQL = "insert into cloud_account_keypair (keypair_id, account_id, keypair_name, private_key, passphrase)" +
" values ('" + ui.NewGUID() + "'," +
"'" + sAccountID + "'," +
"'" + sName.Replace("'", "''") + "'," +
sPKClause + "," +
sPPClause +
")";
}
else
{
string sPKClause = "";
if (bUpdatePK)
sPKClause = ", private_key = '" + dc.EnCrypt(sPK) + "'";
string sPPClause = "";
if (bUpdatePP)
sPPClause = ", passphrase = '" + dc.EnCrypt(sPP) + "'";
sSQL = "update cloud_account_keypair set" +
" keypair_name = '" + sName.Replace("'", "''") + "'" +
sPKClause + sPPClause +
" where keypair_id = '" + sKeypairID + "'";
}
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
throw new Exception(sErr);
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
//// add security log
//// since this is not handled as a page postback, theres no "Viewstate" settings
//// so 2 options either we keep an original setting for each value in hid values, or just get them from the db as part of the
//// update above, since we are already passing in 15 or so fields, lets just get the values at the start and reference them here
//if (sMode == "edit")
//{
// ui.WriteObjectChangeLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, sOriginalName, sAccountName);
//}
//else
//{
// ui.WriteObjectAddLog(Globals.acObjectTypes.CloudAccount, sAccountID, sAccountName, "Account Created");
//}
// no errors to here, so return an empty string
return "";
}
public static string SaveNewUser(object[] oUser)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
acUI.AppGlobals ag = new acUI.AppGlobals();
string sSql = null;
string sErr = null;
// check the number of properties
if (oUser.Length != 10)
{
return("Incorrect list of user properties");
}
string sLoginID = oUser[0].ToString();
string sFullName = oUser[1].ToString();
string sAuthType = oUser[2].ToString();
string sUserPassword = oUser[3].ToString();
string sGeneratePW = oUser[4].ToString();
string sForcePasswordChange = oUser[5].ToString();
string sUserRole = oUser[6].ToString();
string sEmail = oUser[7].ToString();
string sStatus = oUser[8].ToString();
string sGroupArray = oUser[9].ToString();
// checks that cant be done on the client side
// is the name unique?
string sInuse = "";
if (!dc.sqlGetSingleString(ref sInuse, "select user_id from users where username = '******' limit 1", ref sErr))
{
return("sErr");
}
else
{
if (!string.IsNullOrEmpty(sInuse))
{
return("Login ID '" + sLoginID + "' is unavailable, please choose another.");
}
}
// password
string sPassword = null;
if (sAuthType == "local")
{
if (sGeneratePW == "1") //generate an initial strong password
{
sUserPassword = dc.GenerateNewPassword();
}
sPassword = "******" + dc.EnCrypt(sUserPassword) + "'";
}
else if (sAuthType == "ldap")
{
sPassword = "******";
}
else
{
return("Unknown Authentication Type.");
}
// passed client and server validations, create the user
string sNewUserID = ui.NewGUID();
try
{
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
// all good, save the new user and redirect to the user edit page.
sSql = "insert users" +
" (user_id,username,full_name,authentication_type,user_password,force_change,email,status,user_role)" +
" values " +
"('" + sNewUserID + "'," +
"'" + sLoginID.Trim().Replace("'", "''") + "'," +
"'" + sFullName.Trim().Replace("'", "''") + "'," +
"'" + sAuthType + "'," + sPassword + "," +
"'" + sForcePasswordChange + "'," +
"'" + sEmail.Trim() + "'," +
"'" + sStatus + "'," +
"'" + sUserRole + "'" +
")";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
#region "groups"
// add user groups, if there are any
if (sGroupArray.Length > 0)
{
ArrayList aGroups = new ArrayList(sGroupArray.Split(','));
foreach (string sGroupName in aGroups)
{
sSql = "insert object_tags (object_id, object_type, tag_name)" +
" values ('" + sNewUserID + "', 1, '" + sGroupName + "')";
oTrans.Command.CommandText = sSql;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
}
}
#endregion
oTrans.Commit();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
// add security log
ui.WriteObjectAddLog(Globals.acObjectTypes.User, sNewUserID, sFullName.Trim().Replace("'", "''"), "");
//email out the password
string sBody = "";
if (!dc.sqlGetSingleString(ref sBody, "select new_user_email_message from login_security_settings where id = 1", ref sErr))
{
throw new Exception(sErr);
}
//default message if undefined in the table
if (string.IsNullOrEmpty(sBody))
{
sBody = sFullName + " - an account has been created for you in " + ag.APP_NAME + "." + Environment.NewLine + Environment.NewLine +
"Your User Name: " + sLoginID + "." + Environment.NewLine +
"Your temporary password: "******"." + Environment.NewLine;
}
//replace our special tokens with the values
sBody = sBody.Replace("##FULLNAME##", sFullName).Replace("##USERNAME##", sLoginID);
if (sGeneratePW == "1")
{
sBody = sBody.Replace("##PASSWORD##", sUserPassword);
}
else
{
sBody = sBody.Replace("##PASSWORD##", "Will be provided by an Administrator.");
}
if (!ui.SendEmailMessage(sEmail.Trim(), ag.APP_COMPANYNAME + " Account Management", "Welcome to " + ag.APP_COMPANYNAME, sBody, ref sErr))
{
throw new Exception(sErr);
}
// no errors to here, so return an empty string
return("");
}
//this method looks up a cloud object in our database, and executes a call based on CloudObjectType parameters.
//the columns created as part of the object are defined as CloudObjectTypeProperty.
public DataTable GetCloudObjectsAsDataTable(string sCloudID, string sObjectType, ref string sErr)
{
acUI.acUI ui = new acUI.acUI();
try
{
//build the DataTable
DataTable dt = new DataTable();
//get the cloud object type from the session
Provider p = ui.GetSelectedCloudProvider();
CloudObjectType cot = ui.GetCloudObjectType(p, sObjectType);
if (cot != null)
{
if (string.IsNullOrEmpty(cot.ID))
{
sErr = "Cannot find definition for requested object type [" + sObjectType + "]"; return(null);
}
}
else
{
sErr = "GetCloudObjectType failed for [" + sObjectType + "]";
return(null);
}
string sXML = GetCloudObjectsAsXML(sCloudID, cot, ref sErr, null);
if (sErr != "")
{
return(null);
}
if (string.IsNullOrEmpty(sXML))
{
sErr = "GetCloudObjectsAsXML returned an empty document.";
return(null);
}
//OK look, all this namespace nonsense is annoying. Every AWS result I've witnessed HAS a namespace
// (which messes up all our xpaths)
// but I've yet to see a result that actually has two namespaces
// which is the only scenario I know of where you'd need them at all.
//So... to eliminate all namespace madness
//brute force... parse this text and remove anything that looks like [ xmlns="<crud>"] and it's contents.
sXML = ui.RemoveNamespacesFromXML(sXML);
XElement xDoc = XElement.Parse(sXML);
if (xDoc == null)
{
sErr = "API Response XML document is invalid."; return(null);
}
//what columns go in the DataTable?
if (cot.Properties.Count > 0)
{
foreach (CloudObjectTypeProperty prop in cot.Properties)
{
//the column on the data table *becomes* the property.
//we'll load it up with all the goodness we need anywhere else
DataColumn dc = new DataColumn();
dc.ColumnName = prop.Name;
//This is important! Places in the GUI expect the first column to be the ID column.
//hoping to stop doing that in favor of this property.
if (prop.IsID)
{
dc.ExtendedProperties.Add("IsID", true);
}
//will we try to draw an icon?
if (prop.HasIcon)
{
dc.ExtendedProperties.Add("HasIcon", true);
}
//what was the xpath for this property?
dc.ExtendedProperties.Add("XPath", prop.XPath);
//a "short list" property is one that will always show up... it's a shortcut in some places.
dc.ExtendedProperties.Add("ShortList", prop.ShortList);
//it might have a custom caption
if (!string.IsNullOrEmpty(prop.Label))
{
dc.Caption = prop.Label;
}
//add the column
dt.Columns.Add(dc);
}
}
else
{
sErr = "No properties defined for type [" + sObjectType + "]";
//if this is a power user, write out the XML of the response as a debugging aid.
if (ui.UserIsInRole("Developer") || ui.UserIsInRole("Administrator"))
{
sErr += "<br />RESPONSE:<br /><pre>" + ui.SafeHTML(sXML) + "</pre>";
}
return(null);
}
//ok, columns are added. Parse the XML and add rows.
foreach (XElement xeRecord in xDoc.XPathSelectElements(cot.XMLRecordXPath))
{
DataRow drNewRow = dt.NewRow();
//we could just loop the Cloud Type Properties again, but doing the DataColumn collection
//ensures all the info we need got added
foreach (DataColumn dc in dt.Columns)
{
XElement xeProp = xeRecord.XPathSelectElement(dc.ExtendedProperties["XPath"].ToString());
if (xeProp != null)
{
drNewRow[dc.ColumnName] = xeProp.Value;
}
}
//build the row
dt.Rows.Add(drNewRow);
}
//all done
return(dt);
}
catch (Exception ex)
{
sErr = ex.Message;
return(null);
}
}
public string wmRemoveTaskAttributeGroup(string sTaskID, string sGroupID)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
string sErr = "";
string sSQL = "";
sSQL = "select laa.attribute_name from task_asset_attribute taa " +
"join lu_asset_attribute_value laav " +
"on taa.attribute_value_id = laav.attribute_value_id " +
"join lu_asset_attribute laa " +
"on laa.attribute_id = laav.attribute_id " +
"where attribute_group_id = '" + sGroupID + "'";
string sAttributeGroupName = "";
if (!dc.sqlGetSingleString(ref sAttributeGroupName, sSQL, ref sErr))
{
throw new Exception(sErr);
}
sSQL += "delete from task_asset_attribute" +
" where task_id = '" + sTaskID + "'" +
" and attribute_group_id = '" + sGroupID + "'";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
throw new Exception(sErr);
}
//From bugzilla 917 - not a huge fan of doing this on every change...
sSQL = "exec refresh_asset_task 'task','" + sTaskID + "';";
if (!dc.sqlExecuteUpdate(sSQL, ref sErr))
{
throw new Exception(sErr);
}
ui.WriteObjectChangeLog(Globals.acObjectTypes.Task, sTaskID, "", "Attribute Group " + sAttributeGroupName + " Removed");
return "";
}
public string wmRenameCodeblock(string sTaskID, string sOldCodeblockName, string sNewCodeblockName)
{
dataAccess dc = new dataAccess();
acUI.acUI ui = new acUI.acUI();
FunctionTemplates.HTMLTemplates ft = new FunctionTemplates.HTMLTemplates();
try
{
if (ui.IsGUID(sTaskID))
{
// first make sure we are not trying to rename it something that already exists.
string sErr = "";
string sSQL = "select count(*) from task_codeblock where task_id = '" + sTaskID + "'" +
" and codeblock_name = '" + sNewCodeblockName + "'";
int iCount = 0;
if (!dc.sqlGetSingleInteger(ref iCount, sSQL, ref sErr))
{
throw new Exception("Unable to check codeblock names for task." + sErr);
}
if (iCount != 0)
{
return ("Codeblock Name already in use, choose another.");
}
// do it
dataAccess.acTransaction oTrans = new dataAccess.acTransaction(ref sErr);
//update the codeblock table
sSQL = "update task_codeblock set codeblock_name = '" + sNewCodeblockName +
"' where codeblock_name = '" + sOldCodeblockName +
"' and task_id = '" + sTaskID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//and any steps in that codeblock
sSQL = "update task_step set codeblock_name = '" + sNewCodeblockName +
"' where codeblock_name = '" + sOldCodeblockName +
"' and task_id = '" + sTaskID + "'";
oTrans.Command.CommandText = sSQL;
if (!oTrans.ExecUpdate(ref sErr))
{
throw new Exception(sErr);
}
//the fun part... rename it where it exists in any steps
//but this must be in a loop of only the steps where that codeblock reference exists.
sSQL = "select step_id from task_step" +
" where task_id = '" + sTaskID + "'" +
" and ExtractValue(function_xml, '//codeblock[1]') = '" + sOldCodeblockName + "'";
oTrans.Command.CommandText = sSQL;
DataTable dtSteps = new DataTable();
if (!oTrans.ExecGetDataTable(ref dtSteps, ref sErr))
{
throw new Exception("Unable to get steps referencing the Codeblock." + sErr);
}
foreach (DataRow dr in dtSteps.Rows)
{
ft.SetNodeValueinXMLColumn("task_step", "function_xml", "step_id = '" + dr["step_id"].ToString() + "'", "//codeblock[. = '" + sOldCodeblockName + "']", sNewCodeblockName);
}
//all done
oTrans.Commit();
return sErr;
}
else
{
throw new Exception("Unable to get codeblocks for task. Missing or invalid task_id.");
}
}
catch (Exception ex)
{
throw ex;
}
}
public static string wmGetEcosystemObjectByType(string sEcosystemID, string sType)
{
dataAccess dc = new dataAccess();
awsMethods acAWS = new awsMethods();
acUI.acUI ui = new acUI.acUI();
try
{
string sHTML = "";
string sErr = "";
//So, we'll first get a distinct list of all clouds represented in this set
//then for each cloud we'll get the objects.
string sSQL = "select distinct cloud_id" +
" from ecosystem_object" +
" where ecosystem_id ='" + sEcosystemID + "'" +
" and ecosystem_object_type = '" + sType + "'";
DataTable dtClouds = new DataTable();
if (!dc.sqlGetDataTable(ref dtClouds, sSQL, ref sErr))
{
return(sErr);
}
if (dtClouds.Rows.Count > 0)
{
foreach (DataRow drCloud in dtClouds.Rows)
{
string sCloudID = drCloud["cloud_id"].ToString();
//get the cloud object rows
sSQL = "select eo.ecosystem_object_id, eo.ecosystem_object_type" +
" from ecosystem_object eo" +
" where eo.ecosystem_id ='" + sEcosystemID + "'" +
" and eo.ecosystem_object_type = '" + sType + "'" +
" and eo.cloud_id = '" + sCloudID + "'" +
" order by eo.ecosystem_object_type";
DataTable dtObjects = new DataTable();
if (!dc.sqlGetDataTable(ref dtObjects, sSQL, ref sErr))
{
return(sErr);
}
if (dtObjects.Rows.Count > 0)
{
//we only need to hit the API once... this result will contain all the objects
//and our DrawProperties will filter the DataTable on the ID.
DataTable dtAPIResults = acAWS.GetCloudObjectsAsDataTable(sCloudID, sType, ref sErr);
foreach (DataRow drObject in dtObjects.Rows)
{
//look up the cloud and get the name
Cloud c = new Cloud(sCloudID);
if (c.ID != null)
{
//giving each section a guid so we can delete it on the client side after the ajax call.
//not 100% the ecosystem_object_id will always be suitable as a javascript ID.
string sGroupID = ui.NewGUID();
sHTML += "<div class=\"ui-widget-content ui-corner-all ecosystem_item\" id=\"" + sGroupID + "\">";
string sObjectID = drObject["ecosystem_object_id"].ToString();
string sLabel = "Cloud: " + c.Name + " - " + sObjectID;
sHTML += "<div class=\"ui-widget-header ecosystem_item_header\">";
sHTML += "<div class=\"ecosystem_item_header_title\"><span>" + sLabel + "</span></div>";
sHTML += "<div class=\"ecosystem_item_header_icons\">";
sHTML += "<span class=\"ui-icon ui-icon-close ecosystem_item_remove_btn pointer\"" +
" id_to_delete=\"" + drObject["ecosystem_object_id"].ToString() + "\"" +
" id_to_remove=\"" + sGroupID + "\">";
sHTML += "</span>";
sHTML += "</div>";
sHTML += "</div>";
//the details section
sHTML += "<div class=\"ecosystem_item_detail\">";
if (dtAPIResults != null)
{
if (dtAPIResults.Rows.Count > 0)
{
sHTML += DrawAllProperties(dtAPIResults, sObjectID);
}
}
//end detail section
sHTML += "</div>";
//end block
sHTML += "</div>";
}
}
}
else
{
sHTML += "<span>This ecosystem does not contain any Cloud Objects.</span>";
}
}
}
return(sHTML);
}
catch (Exception ex)
{
return(ex.Message);
}
}