Exemplo n.º 1
0
 ///<summary></summary>
 public static DataTable GetTable(MethodBase methodBase, params object[] parameters)
 {
     if (RemotingClient.RemotingRole != RemotingRole.ClientWeb)
     {
         throw new ApplicationException("Meth.GetTable may only be used when RemotingRole is ClientWeb.");
     }
                 #if DEBUG
     //Verify that it returns a DataTable
     MethodInfo methodInfo = methodBase.ReflectedType.GetMethod(methodBase.Name);
     if (methodInfo.ReturnType != typeof(DataTable))
     {
         throw new ApplicationException("Meth.GetTable calling class must return DataTable.");
     }
                 #endif
     DtoGetTable dto = new DtoGetTable();
     dto.MethodName           = methodBase.DeclaringType.Name + "." + methodBase.Name;
     dto.Params               = DtoObject.ConstructArray(parameters, GetParamTypes(methodBase));
     dto.Credentials          = new Credentials();
     dto.Credentials.Username = Security.CurUser.UserName;
     dto.Credentials.Password = Security.PasswordTyped;          //.CurUser.Password;
     return(RemotingClient.ProcessGetTable(dto));
 }
Exemplo n.º 2
0
        //<summary>Obsolete</summary>
        //public static void ResetPassword(){
        //FIXME:UPDATE-MULTIPLE-TABLES

        /*string command="UPDATE userod,grouppermissions SET userod.Password='' "
         +"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
         +"AND grouppermissions.PermType=24";
         * Db.NonQ(command);
         */
        //Code updated to be compatible with Oracle as well as MySQL.

        /*
         * string command="SELECT userod.UserNum FROM userod,grouppermissions "
         +"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
         +"AND grouppermissions.PermType=24";
         * DataTable table=Db.GetTable(command);
         * if(table.Rows.Count==0){
         *      throw new ApplicationException("No admin exists.");
         * }
         * command="UPDATE userod SET Password='' WHERE UserNum="+POut.PString(table.Rows[0][0].ToString());
         * Db.NonQ(command);
         * }*/

        ///<summary>RemotingRole has not yet been set to ClientWeb, but it will if this succeeds.  Will throw an exception if server cannot validate username and password.  configPath will be empty from a workstation and filled from the server.  If Ecw, odpass will actually be the hash.</summary>
        public static Userod LogInWeb(string oduser, string odpass, string configPath, string clientVersionStr, bool usingEcw)
        {
            //Very unusual method.  Remoting role can't be checked, but is implied by the presence of a value in configPath.
            if (configPath != "")             //RemotingRole.ServerWeb
            {
                Userods.LoadDatabaseInfoFromFile(ODFileUtils.CombinePaths(configPath, "OpenDentalServerConfig.xml"));
                //ODFileUtils.CombinePaths(
                //  ,"OpenDentalServerConfig.xml"));
                //Path.GetDirectoryName(Application.ExecutablePath),"OpenDentalServerConfig.xml"));
                //Application.StartupPath,"OpenDentalServerConfig.xml"));
                //Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),"OpenDentalServerConfig.xml"));
                //Environment.CurrentDirectory,"OpenDentalServerConfig.xml"));
                //Then, check username and password
                Userod user = Userods.CheckUserAndPassword(oduser, odpass, usingEcw);
                                #if DEBUG
                //if(oduser=="Admin"){
                //	user=Userods.GetUserByName("Admin",usingEcw);//without checking password.  Makes debugging faster.
                //}
                                #endif
                if (user == null)
                {
                    throw new Exception("Invalid username or password.");
                }
                string command          = "SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
                string dbVersionStr     = Db.GetScalar(command);
                string serverVersionStr = Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
                                #if DEBUG
                if (Assembly.GetAssembly(typeof(Db)).GetName().Version.Build == 0)
                {
                    command      = "SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'";                     //Using this during debug in the head makes it open fast with less fiddling.
                    dbVersionStr = Db.GetScalar(command);
                }
                                #endif
                if (dbVersionStr != serverVersionStr)
                {
                    throw new Exception("Version mismatch.  Server:" + serverVersionStr + "  Database:" + dbVersionStr);
                }
                Version clientVersion = new Version(clientVersionStr);
                Version serverVersion = new Version(serverVersionStr);
                if (clientVersion > serverVersion)
                {
                    throw new Exception("Version mismatch.  Client:" + clientVersionStr + "  Server:" + serverVersionStr);
                }
                //if clientVersion == serverVersion, than we need do nothing.
                //if clientVersion < serverVersion, than an update will later be triggered.
                //Security.CurUser=user;//we're on the server, so this is meaningless
                return(user);
                //return 0;//meaningless
            }
            else
            {
                //Because RemotingRole has not been set, and because CurUser has not been set,
                //this particular method is more verbose than most and does not use Meth.
                //It's not a good example of the standard way of doing things.
                DtoGetObject dto = new DtoGetObject();
                dto.Credentials          = new Credentials();
                dto.Credentials.Username = oduser;
                dto.Credentials.Password = odpass;              //Userods.EncryptPassword(password);
                dto.MethodName           = "Security.LogInWeb";
                dto.ObjectType           = typeof(Userod).FullName;
                object[] parameters = new object[] { oduser, odpass, configPath, clientVersionStr, usingEcw };
                Type[]   objTypes   = new Type[] { typeof(string), typeof(string), typeof(string), typeof(string), typeof(bool) };
                dto.Params = DtoObject.ConstructArray(parameters, objTypes);
                return(RemotingClient.ProcessGetObject <Userod>(dto));              //can throw exception
            }
        }