public SessionObjects AddProfilePic(IConnectToDB _Connect, SessionObjects SO, FormCollection _formCollection)
{
try
{
if (_formCollection.Keys.Count > 1)
{
SecurityHelper securityHelper = new SecurityHelper();
IdentityHelper identityHelper = new IdentityHelper();
ER_DML er_dml = new ER_DML();
add addHelp = new add();
long? identitiesId = ER_Tools.ConvertToInt64(identityHelper.GetIdentityID(_Connect, _formCollection["identitiesUUID"].ToString()));
string fileName = _formCollection["fileName"].ToString();
string fileType = _formCollection["fileType"].ToString();
long? fileSize = ER_Tools.ConvertToInt64(_formCollection["fileSize"].ToString());
byte[] fileContent = Encoding.UTF8.GetBytes(_formCollection["profileImage"].ToString());
Guid? ProfilesUUID = ER_Tools.ConvertToGuid(_formCollection["profilesUUID"].ToString());
long? Profiles_ID = GetProfileId(_Connect, ProfilesUUID.ToString());
long? profileImagesId = 0;
var profileImagesDT = GetImageIdByProfile(_Connect, Profiles_ID);
DataColumnCollection _dccColumnID = profileImagesDT.Columns;
if (_dccColumnID.Contains("PROFILE_IMAGES_ID") && profileImagesDT.Rows.Count > 0)
{
Values.UpdateProfileImages ProfileImagesModel = null;
ProfileImagesModel = addHelp.UPDATE_ENTRY_Profile_Images(_Connect, new Values.UpdateProfileImages
{
I_PROFILE_IMAGES_ID = profileImagesDT.Rows[0].Field <long?>("PROFILE_IMAGES_ID"),
I_PROFILES_ID = Profiles_ID,
I_FILE_NAME = fileName,
I_FILE_SIZE = fileSize,
I_CONTENT_TYPE = fileType,
I_VALUE = fileContent
});
profileImagesId = ProfileImagesModel.O_PROFILE_IMAGES_ID;
//Enable Profile Image
er_dml.TOGGLE_OBJECT(_Connect, "PROFILE_IMAGES", profileImagesId, "Y");
}
else
{
//Values.AddProfilesSecPriv ProfilesSecPrivModel = null;
//ProfilesSecPrivModel = addHelp.ADD_ENTRY_Profiles_Sec_Priv(_Connect, new Values.AddProfilesSecPriv
//{
// I_OBJECT_TYPE = "Permission",
// I_PROFILES_ID = Profiles_ID,
// I_PRIVILEGES_ID = ER_Tools.ConvertToInt64(securityHelper.GetPrivID(_Connect, "CREATE OBJECT")),
// I_ENABLED = 'Y',
// I_IDENTITIES_ID = identitiesId
//});
Values.AddProfileImages ProfileImagesModel = null;
ProfileImagesModel = addHelp.ADD_ENTRY_Profile_Images(_Connect, new Values.AddProfileImages
{
I_IDENTITIES_ID = identitiesId,
I_PROFILES_UUID = ProfilesUUID,
I_ENABLED = 'Y',
I_FILE_NAME = fileName,
I_FILE_SIZE = fileSize,
I_CONTENT_TYPE = fileType,
I_VALUE = fileContent
});
}
//Set Profile Image
_session.SetString("ProfileImage", GetProfileImage(_Connect, identitiesId));
}
}
catch
{
}
return(SO);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
ConnectToDB _Connect = new ConnectToDB {
Platform = RevampCoreSettings.Platform,
DBConnString = RevampCoreSettings.DbConnect,
SourceDBOwner = RevampCoreSettings.SystemDBName
};
IConnectToDB IConnect = _Connect;
SecurityHelper securityHelper = new SecurityHelper();
AppHelper appHelper = new AppHelper();
SessionObjects SO = null;
try
{
byte[] tempSession = null;
bool sessionPresent = filterContext.HttpContext.Session.TryGetValue("SO", out tempSession);
SO = sessionPresent ? Tools.Box.FromByteArray <SessionObjects>(tempSession) : new SessionObjects();
}
catch
{
filterContext.Result = new RedirectResult("~/login");
}
if (SO != null && SO.SessionIdentity != null)
{
bool hasthesePrivs = false;
bool PrivsCheck = false;
if (CheckForThesePrivileges != null && CheckForThesePrivileges.Length > 0)
{
PrivsCheck = true;
hasthesePrivs = securityHelper.DoesIdentityHavePrivileges(IConnect, SO.SessionIdentity.Identity.identities_id, CheckForThesePrivileges);
}
bool hasthesePrivsOnCore = false;
bool PrivsOnCoreCheck = false;
if (CheckForThesePrivilegesOnCore != null && CheckForThesePrivilegesOnCore.Length > 0)
{
var formCollection = filterContext.HttpContext.Request.Form;
Guid?coreUUID = null;
//Cores
if (!string.IsNullOrEmpty(CoreUUID))
{
if (formCollection.ContainsKey(CoreUUID))
{
coreUUID = ER_Tools.ConvertToGuid(formCollection[CoreUUID].ToString());
}
else if (filterContext.HttpContext.Request.Query.ContainsKey(CoreUUID))
{
coreUUID = ER_Tools.ConvertToGuid(filterContext.HttpContext.Request.Query[CoreUUID].ToString());
}
}
//Applications
if (!string.IsNullOrEmpty(ApplicationUUID))
{
Guid?appUUID = null;
if (formCollection.ContainsKey(ApplicationUUID))
{
appUUID = ER_Tools.ConvertToGuid(formCollection[ApplicationUUID].ToString());
}
else if (filterContext.HttpContext.Request.Query.ContainsKey(ApplicationUUID))
{
appUUID = ER_Tools.ConvertToGuid(filterContext.HttpContext.Request.Query[ApplicationUUID].ToString());
}
coreUUID = appHelper.GetAppCoreUUID(_Connect, appUUID);
}
//Roles
if (!string.IsNullOrEmpty(RoleUUID))
{
Guid?roleUUID = null;
if (formCollection.ContainsKey(RoleUUID))
{
roleUUID = ER_Tools.ConvertToGuid(formCollection[RoleUUID].ToString());
}
else if (filterContext.HttpContext.Request.Query.ContainsKey(RoleUUID))
{
roleUUID = ER_Tools.ConvertToGuid(filterContext.HttpContext.Request.Query[RoleUUID].ToString());
}
coreUUID = securityHelper.GetRoleCoreUUID(_Connect, roleUUID);
}
//Groups
if (!string.IsNullOrEmpty(GroupUUID))
{
Guid?groupUUID = null;
if (formCollection.ContainsKey(GroupUUID))
{
groupUUID = ER_Tools.ConvertToGuid(formCollection[GroupUUID].ToString());
}
else if (filterContext.HttpContext.Request.Query.ContainsKey(GroupUUID))
{
groupUUID = ER_Tools.ConvertToGuid(filterContext.HttpContext.Request.Query[GroupUUID].ToString());
}
coreUUID = securityHelper.GetGroupCoreUUID(_Connect, groupUUID);
}
//Check for privileges on core
if (coreUUID != null)
{
PrivsOnCoreCheck = true;
hasthesePrivsOnCore = securityHelper.DoesIdentityHavePrivilegeOnCore(IConnect, SO.SessionIdentity.Identity.identities_id, CheckForThesePrivilegesOnCore, coreUUID);
}
}
bool hastheseRoles = false;
bool RolesCheck = false;
if (CheckForTheseRoles != null && CheckForTheseRoles.Length > 0)
{
RolesCheck = true;
hastheseRoles = securityHelper.DoesIdentityHaveRoles(IConnect, CheckForTheseRoles, SO.SessionIdentity.Identity.identities_id);
}
if (PrivsCheck || RolesCheck || PrivsOnCoreCheck)
{
//if((PrivsOnCoreCheck && !hasthesePrivsOnCore))
//{
// hasthesePrivs = false;
// hastheseRoles = false;
//}
if (hasthesePrivs == false && hastheseRoles == false && hasthesePrivsOnCore == false)
{
if (isActionResult)
{
filterContext.HttpContext.Response.StatusCode = 403;
filterContext.Result = new RedirectResult("/error/error404");
}
else
{
filterContext.HttpContext.Response.StatusCode = 403;
var result = new JsonResult(new
{
Data = new { Success = false, Data = "Access Denied" },
ContentEncoding = System.Text.Encoding.UTF8,
ContentType = "application/json"
//JsonRequestBehavior = JsonRequestBehavior.AllowGet
});
filterContext.Result = result;
}
}
}
}
base.OnActionExecuting(filterContext);
}