////-------------------------------------------------------------------------------------------------------------------------------------------------------------
///// <summary>
///// If deleteExisting groups is true the entered group type will overwrite
///// any existing groups assigned to this user. (This is require where
///// a user can only belong to one group)
///// </summary>
///// <param name="updatedUser"></param>
///// <param name="groupType"></param>
///// <param name="deleteExistingGroups"></param>
///// <returns></returns>
//public bool EditUserPassword(int userID, SecureString Password, MGGroupType groupType, bool p) {
// bool result = false;
// try {
// result = SecurityOperations.UpdateUserPassword(userID, Password, Authorisation.UseMGLRatherThanMySQLPasswordEncryption);
// if (result) {
// DateTime pWordChangeTimeStamp = DateTime.Now;
// SecurityOperations.UpdatePasswordChangeDate(userID, pWordChangeTimeStamp);
// // 13-Jul-2015 - lets email the user to confirm that their password has changed!
// MGUser u = null;
// Authorisation.GetUser(userID, out u);
// SecurityOperations.PasswordChangedEmailUser(u, pWordChangeTimeStamp);
// }
// } catch (Exception ex) {
// Logger.Log("Error in UserAdministration.AddUser." + ex.Message);
// } finally {
// SecurityOperations.Finish();
// }
// return result;
//}
//-------------------------------------------------------------------------------------------------------------------------------------------------------------
/// <summary>
/// If deleteExisting groups is true the entered group type will overwrite
/// any existing groups assigned to this user. (This is require where
/// a user can only belong to one group)
/// </summary>
/// <param name="updatedUser"></param>
/// <param name="groupType"></param>
/// <param name="deleteExistingGroups"></param>
/// <returns></returns>
public bool EditUserDetails(MGUser updatedUser, MGGroupType groupType, bool p)
{
bool result = false;
try {
result = SecurityOperations.UpdateUserDetails(updatedUser.ID, updatedUser.Username, updatedUser.Email, updatedUser.JobTitle,
updatedUser.Organisation, updatedUser.OrganisationID, updatedUser.Telephone);
//need to add the user to the user_groups xref's
result = result && SecurityOperations.DeleteUsersGroupXrefs(updatedUser.ID);
result = result && SecurityOperations.UpdateUserToGroupXref(updatedUser.Username, groupType);
//need to update the applications user to group to xref's
if (result)
{
UserOperations userOps = new UserOperations(MGLApplicationSecurityInterface.Instance().DatabaseConfig);
Dictionary <int, List <int> > userGroupDict = userOps.UserGroupDictionary();
userOps.Finish();
MGLApplicationSecurityInterface.Instance().UserGroupXref = userGroupDict;
}
} catch (Exception ex) {
Logger.LogError(8, "Error in UserAdministration.AddUser." + ex.Message);
} finally {
SecurityOperations.Finish();
}
return(result);
}
//-------------------------------------------------------------------------------------------------------------------------------------------------------------
public List <MGUser> GetUsers(string filterByType, string filterByValue, string sortColumn, List <string> PreviousSortColumnNames, System.Web.UI.WebControls.SortDirection sortDirection)
{
List <MGUser> result = new List <MGUser>();
UserOperations userOps = null;
bool isLockAcquired = Monitor.TryEnter(USER_ADMIN_LOCK_OBJ, USER_ADMIN_LOCK_TIMEOUT);
if (isLockAcquired)
{
try {
userOps = new UserOperations(MGLApplicationSecurityInterface.Instance().DatabaseConfig);
result = userOps.GetAllUsers(filterByType, filterByValue, sortColumn, PreviousSortColumnNames, sortDirection);
} catch (Exception ex) {
Logger.LogError(8, "Error in UserAdministration.GetUsers." + ex.Message);
} finally {
Monitor.Exit(USER_ADMIN_LOCK_OBJ);
if (userOps != null)
{
userOps.Finish();
}
}
}
return(result);
}
//-------------------------------------------------------------------------------------------------------------------------------------------------------------
public List <MGUser> GetUsers(List <string> fieldsToSearch, string valueToSearch, string sortColumnName, System.Web.UI.WebControls.SortDirection sortDirection)
{
List <MGUser> result = new List <MGUser>();
UserOperations userOps = null;
bool isLockAcquired = Monitor.TryEnter(USER_ADMIN_LOCK_OBJ, USER_ADMIN_LOCK_TIMEOUT);
if (isLockAcquired)
{
try {
userOps = new UserOperations(MGLApplicationSecurityInterface.Instance().DatabaseConfig);
result = userOps.GetAllUsers(fieldsToSearch, valueToSearch, sortColumnName, sortDirection);
} catch (Exception ex) {
Logger.LogError(8, "Error in UserAdministration.GetUsers (Without PreviousSortColumnNames)." + ex.Message);
} finally {
Monitor.Exit(USER_ADMIN_LOCK_OBJ);
if (userOps != null)
{
userOps.Finish();
}
}
}
else
{
Logger.LogError(8, "Failed to get exclusive lock in GetUsers to read the Users table!");
return(result);
}
return(result);
}
//---------------------------------------------------------------------------------------------------------------------------------------------------------------
public static List <MGUser> AllUsers()
{
// Get all the Users
List <MGUser> allUsers = null;
UserOperations userOps = null;
try
{
userOps = new UserOperations(MGLApplicationSecurityInterface.Instance().DatabaseConfig);
allUsers = userOps.GetAllUsers();
}
catch (Exception ex)
{
Logger.LogError(9, "Problem getting all users at " + ex);
return(null);
}
finally
{
if (userOps != null)
{
userOps.Finish();
}
}
return(allUsers);
}
//-------------------------------------------------------------------------------------------------------------------------------------------------------------
public MGUser GetUserByEmail(SecureString email)
{
MGUser result = new MGUser();
UserOperations userOps = new UserOperations(MGLApplicationSecurityInterface.Instance().DatabaseConfig);
try {
result = userOps.GetUserByEmail(email);
} catch (Exception ex) {
Logger.LogError(8, "Error in UserAdministration.GetUserByEmail b at " + ex);
} finally {
userOps.Finish();
}
return(result);
}
//-------------------------------------------------------------------------------------------------------------------------------------------------------------
public MGUser GetUser(int selectedUserID)
{
MGUser result = new MGUser();
UserOperations userOps = new UserOperations(MGLApplicationSecurityInterface.Instance().DatabaseConfig);
try {
result = userOps.GetUser(selectedUserID);
} catch (Exception ex) {
Logger.LogError(8, "Error in UserAdministration.GetUser by id." + ex.Message);
} finally {
userOps.Finish();
}
return(result);
}
//--------------------------------------------------------------------------------------------------------------------------------------------------------------
public bool DeleteUser(int userID)
{
bool result = false;
UserOperations userOps = new UserOperations(MGLApplicationSecurityInterface.Instance().DatabaseConfig);
try {
result = userOps.DeleteUser(userID);
result = result && userOps.DeleteUsersGroupXrefs(userID);
} catch (Exception ex) {
Logger.LogError(8, "Error in UserAdministration.DeleteUser." + ex.Message);
} finally {
userOps.Finish();
}
return(result);
}
//---------------------------------------------------------------------------------------------------------------------------------------------------------------
/// <summary>
/// Called from an authorisation web service
/// </summary>
//public MGUser LoginWS(SecureString userName, SecureString password) {
// //@@
// //Logger.LogError("AuthorisationOperations.LoginWS - attempting ...");
// MGUser loggedInUser = new MGUser();
// bool loggedIn = false;
// string loginError = "Invalid username or password.";
// UserOperations userOps = null;
// try {
// if (userName != null) {
// userOps = new UserOperations(lcf);
// MGUser user = userOps.GetUser(userName);
// // check the number of logins has not been exceeded
// if (user != null) {
// if (user.IsLockedOut == true) {
// loginError = "The maximum number of incorrect login attempts has been exceeded - Contact the website administrator to unlock your account.";
// } else {
// // Check the password
// if (MGLApplicationSecurityInterface.Instance().AppLoginConfig.EnableAutomatedLogin == false && password != null) {
// // check the user name and the encrypted password in the database
// bool userLoginDetailsCorrect = userOps.UserLoginDetailsCorrect(user.Username, password);
// // if incorrect, increment the incorrect logins
// // if correct, increment the total logins
// // The IP address wont be correct here, but the login time will be ...
// userOps.LogLogin(user.ID, userLoginDetailsCorrect);
// if (userLoginDetailsCorrect) {
// loggedIn = true;
// // Set the current user object in the session
// loginError = null;
// }
// } else {
// loggedIn = true;
// // Set the current user object in the session
// loginError = null;
// }
// }
// if (loggedIn) {
// loggedInUser = user;
// //@@Logger.LogError("AuthorisationOperations.LoginWS - success!!! ...");
// } else {
// //@@Logger.LogError("AuthorisationOperations.LoginWS - login unsuccess ful ...");
// }
// }
// }
// } catch (Exception ex) {
// Logger.LogError(8, "Problem logging in (in WS) at " + ex);
// } finally {
// if (userOps != null)
// userOps.Finish();
// }
// //MGLSessionSecurityInterface.Instance().SecurityError = loginError;
// if (loggedIn == false) {
// Logger.LogError(8, "AuthorisationOperations LoginExternal: " + loginError);
// }
// return loggedInUser;
//}
////---------------------------------------------------------------------------------------------------------------------------------------------------------------
///// <summary>
///// Called from an authorisation web service
///// </summary>
//public bool IsLoggedInWS(SecureString emailHash, string ipAddress) {
// bool loggedIn = false;
// //string loginError = "Invalid email or ip address";
// if (emailHash != null && ipAddress != null) {
// MGUser user = GetUserCredentials(emailHash, ipAddress);
// // check the number of logins has not been exceeded
// if (user != null && user.ID != int.MaxValue) {
// if (user.IsLockedOut == true) {
// //loginError = "The maximum number of incorrect login attempts has been exceeded - Contact the website administrator to unlock your account.";
// } else {
// loggedIn = true;
// }
// }
// }
// return loggedIn;
//}
//---------------------------------------------------------------------------------------------------------------------------------------------------------------
/// <summary>
/// Called from an authorisation web service
/// </summary>
public MGUser GetUserCredentials(SecureString emailHash, string ipAddress)
{
MGUser user = new MGUser();
try {
if (emailHash != null && ipAddress != null)
{
UserOperations userOps = null;
try
{
userOps = new UserOperations(lcf);
user = userOps.GetUser(emailHash, ipAddress);
//@@Logger.LogError("AuthorisationOperations.GetUserCredentials - User ..." + user.Username);
// One final check - check that the time of login is not less than a certain period of time ...
// WHy?????
//if (user != null && user.LastLogin != null)
//{
// if (TimeSpan.Compare(lcf.__WebsiteAbsoluteTimeOut, DateTime.Now.Subtract(user.LastLogin)) < 1)
// {
// user = new MGUser();
// }
//}
}
catch (Exception ex)
{
Logger.LogError(9, "Problem getting user credentials at " + ex);
}
finally
{
if (userOps != null)
{
userOps.Finish();
}
}
//@@Logger.LogError("AuthorisationOperations.GetUserCredentials - User after time check ..." + user.Username);
}
} catch (Exception ex) {
Logger.LogError(9, "AuthorisationOperations.GetUserCredentials - Error processing ..." + ex.ToString());
}
return(user);
}
//---------------------------------------------------------------------------------------------------------------------------------------------------------------
// public bool Login( User user, string password) {
public bool Login(SecureString userName, SecureString password)
{
bool loggedIn = false;
string loginError = "Username or password not recognised.";
UserOperations userOps = null;
try {
if (userName != null)
{
userOps = new UserOperations(lcf);
MGUser user = userOps.GetUser(userName);
// check the number of logins has not been exceeded
if (user != null)
{
if (user.IsLockedOut == true)
{
loginError = "Too many incorrect attempts. Please contact the web team."; // to unlock your account.";
}
else
{
// 30-Nov-2015 - Strip the password out of the user information as this is applied to the session
user.Password = null;
// Check the password
if (MGLApplicationSecurityInterface.Instance().AppLoginConfig.EnableAutomatedLogin == false && password != null)
{
// check the user name and the encrypted password in the database
bool userLoginDetailsCorrect = userOps.UserLoginDetailsCorrect(user.Username, password);
// if incorrect, increment the incorrect logins
// if correct, increment the total logins
userOps.LogLogin(user.ID, userLoginDetailsCorrect);
// reextract the user as the LastIP and login date will have changed - better to keep this consistent, if its used for validation in the future ...
user = userOps.GetUser(user.ID);
if (userLoginDetailsCorrect)
{
loggedIn = true;
// Set the current user object in the session
loginError = null;
MGLSessionSecurityInterface.Instance().CurrentUser = user;
}
}
else
{
loggedIn = true;
// Set the current user object in the session
loginError = null;
MGLSessionSecurityInterface.Instance().CurrentUser = user;
}
}
if (loggedIn)
{
SecureContentWrapper.LiveDbContextInstance = new SecureContentWrapper(AppSecurityContext.MainDbLcf);
// SecureContentWrapper.StagingDbContextInstance = new SecureContentWrapper(AppSecurityContext.StagingDbLcf);
}
}
}
} catch (Exception ex) {
Logger.LogError(7, "Problem logging in at " + ex);
} finally {
if (userOps != null)
{
userOps.Finish();
}
}
MGLSessionSecurityInterface.Instance().SecurityError = loginError;
return(loggedIn);
}
public List <MGGroup> GetUserGroups(MGUser user, bool isFilterOutSuperGroup)
{
if (user == null)
{
Logger.LogError(5, "Cannot GetUserGroups for NULL user!");
return(null);
}
else if (user.ID < 1)
{
Logger.LogError(5, "Cannot GetUserGroups for invalid user.ID (" + user.ID + ")!");
return(null);
}
List <MGGroup> userGroups = null;
UserOperations userHelper = null;
GroupOperations groupHelper = null;
try
{
userHelper = new UserOperations(Lcf);
List <int> userGroupIDs = userHelper.GetUserGroupsIDs(user.ID);
if (userGroupIDs == null)
{
Logger.LogError(5, "Cannot GetUserGroups as retrieved NULL list of userGroupIDs for user.ID (" + user.ID + ")!");
return(null);
}
userGroups = new List <MGGroup>(userGroupIDs.Count);
groupHelper = new GroupOperations(Lcf);
MGGroup group;
foreach (int groupID in userGroupIDs)
{
if (groupID < 1)
{
Logger.LogError(5, "Invalid groupID detected, skipping it ...");
continue;
}
group = groupHelper.GetGroup(groupID);
if (group == null)
{
Logger.LogError(5, "NULL MGGroup detected, skipping it ...");
continue;
}
if (isFilterOutSuperGroup)
{
if (group.Name != null && group.Name.Equals(GroupAdministration.SUPER_USER_GROUP_NAME, StringComparison.CurrentCultureIgnoreCase))
{
continue;
}
}
userGroups.Add(group);
}
}
catch (Exception ex)
{
Logger.LogError(5, "Failure getting UserGroups for user.ID (" + user.ID + ") at " + ex.StackTrace);
return(null);
}
finally
{
if (userHelper != null)
{
userHelper.Finish();
}
if (groupHelper != null)
{
groupHelper.Finish();
}
}
return(userGroups);
}
