protected Organisation GetOrganisationFromApiKey(string apiKey)
{
var token = Encryptor.Decrypt(Encoding.UTF8.GetString(Convert.FromBase64String(apiKey)));
Auditor.Trace(GetType(), "Token decrypted to:={0}", token);
string[] tokenParts = token.Split('|');
if (tokenParts.Length != 2)
{
Auditor.Trace(GetType(), "apiKey {0} decrypts to {1} which does not have 2 separated parts.", apiKey, token);
return(null);
}
var organisation = GetOrganisation.Invoke(new GetOrganisationRequest
{
OrganisationId = Organisation.GetId(tokenParts[0])
}).Organisation;
//make sure we have the organisation and the salt matches
if (organisation == null || organisation.ApiKeySalt != tokenParts[1])
{
return(null);
}
Session.SetOrganisation(organisation);
return(organisation);
}
//TODO: do this with an action filter maybe
protected void SetOrganisation(string orgId)
{
var organisation = GetOrganisation.Invoke(new GetOrganisationRequest
{
OrganisationId = orgId
}).Organisation;
Session.SetOrganisation(organisation);
}
private int getBranchID()
{
sw.UserDetails organisation = new sw.UserDetails();
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.getUserDetail(user);
if (organisation == null)
{
return(0);
}
return(organisation.BranchID ?? 1);
}
//
// GET: /Admin/Organisations/Delete/5
//public ActionResult Delete(int id = 0)
//{
// Organisation organisation = db.Organisation.Single(o => o.Id == id);
// if (organisation == null)
// {
// return HttpNotFound();
// }
// return View(organisation);
//}
////
//// POST: /Admin/Organisations/Delete/5
//[HttpPost, ActionName("Delete")]
//public ActionResult DeleteConfirmed(int id)
//{
// Organisation organisation = db.Organisation.Single(o => o.Id == id);
// db.Organisation.DeleteObject(organisation);
// db.SaveChanges();
// return RedirectToAction("Index");
//}
private int getOrgID()
{
sw.Organisation organisation = new sw.Organisation();
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
return(0);
}
return(organisation.Id);
}
public ActionResult EditProfile(string UserId)
{
try
{
ProfileEditModel model = new ProfileEditModel();
model.userDetails = new sw.UserDetails();
// model.ncsUserDetails = new sw.NCSUserDetails();
Guid guidUserId;
if (string.IsNullOrEmpty(UserId))
{
user = Membership.GetUser(User.Identity.Name, false);
guidUserId = (Guid)user.ProviderUserKey;
}
else
{
if (!System.Web.Security.Roles.IsUserInRole("ADMINISTRATOR") && !System.Web.Security.Roles.IsUserInRole("Organisation Admin"))
{
throw new Exception("You Do not have the privilege to perform this action");
}
guidUserId = Guid.Parse(UserId);
user = Membership.GetUser(guidUserId, false);
}
var userDetails = (from x in swdb.UserDetails where x.UserId == guidUserId select x).ToList();
if (userDetails.Count > 0)
{
model.userDetails = userDetails.FirstOrDefault();
}
else
{
model.userDetails.UserId = guidUserId;
}
GetOrganisation obj = new GetOrganisation();
sw.Organisation organisation = new sw.Organisation();
organisation = obj.byUser(user);
model.organisation = organisation;
// model.BranchList = new SelectList(db.OfficeBranch.OrderBy(x => x.BranchName), "ID", "BranchName");
return(View(model));
}
catch (Exception ex)
{
//ToDo: Log with Elmah
TempData["message"] = Settings.Default.GenericExceptionMessage;
return(RedirectToAction("Index", "Home", new { area = "Admin" }));
}
}
public virtual ActionResult Index([DefaultValue(0)] int Id)
{
try
{
sw.Organisation organisation;
ManageRolesViewModel model = new ManageRolesViewModel();
if (System.Web.Security.Roles.IsUserInRole(Settings.Default.OrganisationAdminRole) && !System.Web.Security.Roles.IsUserInRole("ADMINISTRATOR"))
{
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
Id = organisation.Id;
}
if (Id != 0)
{
organisation = (swdb.Organisation.Where(x => x.Id == Id)).FirstOrDefault();
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
var roles = (organisation.Roles.Select(x => x.RoleName)).ToArray();
model.Roles = new SelectList(roles);
model.RoleList = roles;
model.objOrganisation = organisation;
model.AvailableRoles = new SelectList(roleService.GetAllRoles().Except(roles));
//model.Id = Id;
}
else
{
model.Roles = new SelectList(roleService.GetAllRoles());
model.RoleList = roleService.GetAllRoles();
}
return(View(model));
}
catch (Exception ex)
{
// Log with Elmah
TempData["message"] = Settings.Default.GenericExceptionMessage;
return(RedirectToAction("Index", "Home", new { area = "Admin" }));
}
}
/// <summary>
/// This is an Ajax method.
/// </summary>
/// <param name="roleName"></param>
/// <returns></returns>
//[HttpPost]
//public virtual ActionResult DeleteRole(string roleName)
//{
// JsonResponse response = new JsonResponse();
// if (string.IsNullOrEmpty(roleName))
// {
// response.Success = false;
// response.Message = "You must select a Role Name to delete.";
// response.CssClass = "red";
// return Json(response);
// }
// roleService.DeleteRole(roleName);
// response.Success = true;
// response.Message = roleName + " was deleted successfully!";
// response.CssClass = "green";
// return Json(response);
//}
//[HttpPost]
//public ActionResult DeleteRoles(string roles, bool throwOnPopulatedRole)
//{
// JsonResponse response = new JsonResponse();
// response.Messages = new List<ResponseItem>();
// if (string.IsNullOrEmpty(roles))
// {
// response.Success = false;
// response.Message = "You must select at least one role.";
// return Json(response);
// }
// string[] roleNames = roles.Split(',');
// StringBuilder sb = new StringBuilder();
// ResponseItem item = null;
// foreach (var role in roleNames)
// {
// if (!string.IsNullOrEmpty(role))
// {
// try
// {
// roleService.DeleteRole(role, throwOnPopulatedRole);
// item = new ResponseItem();
// item.Success = true;
// item.Message = "Deleted this role successfully - " + role;
// item.CssClass = "green";
// response.Messages.Add(item);
// //sb.AppendLine("Deleted this role successfully - " + role + "<br />");
// }
// catch (System.Configuration.Provider.ProviderException ex)
// {
// //sb.AppendLine(role + " - " + ex.Message + "<br />");
// item = new ResponseItem();
// item.Success = false;
// item.Message = ex.Message;
// item.CssClass = "yellow";
// response.Messages.Add(item);
// }
// }
// }
// response.Success = true;
// response.Message = sb.ToString();
// return Json(response);
//}
#endregion
#region Get Users In Role methods
/// <summary>
/// This is an Ajax method that populates the
/// Roles drop down list.
/// </summary>
/// <returns></returns>
public ActionResult GetAllRoles([DefaultValue(0)] int Id)
{
try
{
sw.Organisation organisation;
string[] list;
if (Roles.IsUserInRole(Settings.Default.OrganisationAdminRole) && !System.Web.Security.Roles.IsUserInRole("ADMINISTRATOR"))
{
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
Id = organisation.Id;
}
if (Id != 0)
{
organisation = (swdb.Organisation.Where(x => x.Id == Id)).FirstOrDefault();
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
list = (organisation.Roles.Select(x => x.RoleName)).ToArray();
}
else
{
list = roleService.GetAllRoles();
}
List <SelectObject> selectList = new List <SelectObject>();
foreach (var item in list)
{
selectList.Add(new SelectObject()
{
caption = item, value = item
});
}
return(Json(selectList, JsonRequestBehavior.AllowGet));
}catch (Exception ex) {
return(null);
}
}
public virtual ActionResult GrantRolesToUser(string username, [DefaultValue(0)] int Id)
{
try
{
sw.Organisation organisation = new sw.Organisation();
if (System.Web.Security.Roles.IsUserInRole(Settings.Default.OrganisationAdminRole) && !System.Web.Security.Roles.IsUserInRole("Administrator"))
{
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
Id = organisation.Id;
}
if (string.IsNullOrEmpty(username))
{
return(RedirectToAction("Index", new { Id = Id }));
}
GrantRolesToUserViewModel model = new GrantRolesToUserViewModel();
model.UserName = username;
model.AvailableRoles = (string.IsNullOrEmpty(username) ? new SelectList(roleService.GetAllRoles()) : new SelectList(roleService.AvailableRolesForUser(username)));
model.GrantedRoles = (string.IsNullOrEmpty(username) ? new SelectList(new string[] { }) : new SelectList(roleService.GetRolesForUser(username)));
if (Id != 0)
{
organisation = (from o in swdb.Organisation where o.Id == Id select o).FirstOrDefault();
var roles = organisation.Roles.Select(x => x.RoleName).ToList();
model.AvailableRoles = (string.IsNullOrEmpty(username) ? new SelectList(new string[] { }) : new SelectList(roles.Except(roleService.GetRolesForUser(username))));
}
model.objOrganisation = organisation;
//model.Id = Id;
return(View(model));
}
catch (Exception ex)
{
//Elmah.ErrorSignal.FromCurrentContext().Raise(ex);
TempData["message"] = Settings.Default.GenericExceptionMessage;
return(RedirectToAction("Index", "Home", new { area = "Admin" }));
}
}
public ActionResult Update(string userName, [DefaultValue(0)] int Id)
{
try
{
sw.Organisation organisation = new sw.Organisation();
if (System.Web.Security.Roles.IsUserInRole(Settings.Default.OrganisationAdminRole) && !System.Web.Security.Roles.IsUserInRole("Administrator"))
{
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
Id = organisation.Id;
}
if (Id != 0)
{
organisation = (from o in swdb.Organisation where o.Id == Id select o).FirstOrDefault();
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
}
MembershipUser updateuser = membershipService.GetUser(userName);
UserViewModel viewModel = new UserViewModel();
viewModel.User = updateuser;
viewModel.RequiresSecretQuestionAndAnswer = membershipService.RequiresQuestionAndAnswer;
viewModel.Roles = roleService.GetRolesForUser(userName);
viewModel.objOrganisation = organisation;
return(View(viewModel));
}
catch (Exception ex)
{
//Elmah.ErrorSignal.FromCurrentContext().Raise(ex);
TempData["message"] = Settings.Default.GenericExceptionMessage;
return(RedirectToAction("Index", "Home", new { area = "Admin" }));
}
}
public ActionResult GetUsersInRole(string roleName, [DefaultValue(0)] int Id)
{
try
{
sw.Organisation organisation;
string[] list;
if (System.Web.Security.Roles.IsUserInRole(Settings.Default.OrganisationAdminRole) && !System.Web.Security.Roles.IsUserInRole("ADMINISTRATOR"))
{
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
Id = organisation.Id;
}
if (Id != 0)
{
swdb.Configuration.LazyLoadingEnabled = false;
organisation = (swdb.Organisation.Include("Users").Where(x => x.Id == Id)).FirstOrDefault();
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
list = (organisation.Users.Select(x => x.UserName)).ToArray();
}
else
{
list = roleService.GetUsersInRole(roleName);
}
return(Json(list, JsonRequestBehavior.AllowGet));
}
catch (Exception ex) {
return(null);
}
}
public virtual ActionResult CreateUser([DefaultValue(0)] int Id)
{
try
{
sw.Organisation organisation = new sw.Organisation();
var model = new RegisterViewModel();
model.RequireSecretQuestionAndAnswer = membershipService.RequiresQuestionAndAnswer;
if (System.Web.Security.Roles.IsUserInRole(Settings.Default.OrganisationAdminRole) && !System.Web.Security.Roles.IsUserInRole("Administrator"))
{
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
Id = organisation.Id;
}
if (Id != 0)
{
organisation = (from o in swdb.Organisation where o.Id == Id select o).FirstOrDefault();
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
//model.OrganizationId = OrganizationId.ToString();
}
model.objOrganisation = organisation;
return(View(model));
}
catch (Exception ex)
{
//ToDo: Log with Elmah
TempData["message"] = Settings.Default.GenericExceptionMessage;
return(RedirectToAction("Index", "Home", new { area = "Admin" }));
}
}
public virtual ActionResult CreateRole(string roleName, [DefaultValue(0)] int Id)
{
JsonResponse response = new JsonResponse();
if (string.IsNullOrEmpty(roleName))
{
response.Success = false;
response.Message = "You must enter a role name.";
response.CssClass = "red";
return(Json(response));
}
try
{
sw.Organisation organisation;
roleService.CreateRole(roleName);
if (System.Web.Security.Roles.IsUserInRole(Settings.Default.OrganisationAdminRole) && !System.Web.Security.Roles.IsUserInRole("ADMINISTRATOR"))
{
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
Id = organisation.Id;
}
if (Request.IsAjaxRequest())
{
if (Id != 0)
{
//db.ContextOptions.LazyLoadingEnabled = false;
swdb.Configuration.LazyLoadingEnabled = false;
organisation = (swdb.Organisation.Include("Roles").Where(x => x.Id == Id)).FirstOrDefault();
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
var role = (from r in swdb.Roles where r.RoleName == roleName select r).FirstOrDefault();
//organisation.Roles.Remove(role);
organisation.Roles.Add(role);
swdb.SaveChanges();
}
response.Success = true;
response.Message = "Role created successfully!";
response.CssClass = "green";
return(Json(response));
}
return(RedirectToAction("Index"));
}
catch (Exception ex)
{
if (Request.IsAjaxRequest())
{
response.Success = false;
response.Message = ex.Message;
response.CssClass = "red";
return(Json(response));
}
ModelState.AddModelError("", ex.Message);
}
return(RedirectToAction("Index"));
}
public virtual ActionResult Index(string filterby, string searchterm, [DefaultValue(1)] int page, [DefaultValue(12)] int pgsize, [DefaultValue(0)] int Id)
{
try
{
sw.Organisation organisation = new sw.Organisation();
ManageUsersViewModel viewModel = new ManageUsersViewModel();
viewModel.Users = null;
viewModel.FilterBy = filterby;
viewModel.SearchTerm = searchterm;
if (!string.IsNullOrEmpty(filterby))
{
if (filterby == "all")
{
rows = swdb.Users.ToList();
}
else if (!string.IsNullOrEmpty(searchterm))
{
string query = searchterm.Trim().ToUpper();
if (filterby == "email")
{
rows = (from u in swdb.Users where u.Memberships.Email.ToUpper().Contains(query) select u).ToList();
}
else if (filterby == "username")
{
rows = (from u in swdb.Users where u.UserName.ToUpper().Contains(query) select u).ToList();
}
}
else
{
rows = swdb.Users.ToList();
}
if (System.Web.Security.Roles.IsUserInRole(Settings.Default.OrganisationAdminRole) && !System.Web.Security.Roles.IsUserInRole("Administrator"))
{
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
Id = organisation.Id;
//viewModel.OrganizationId = organization.Id;
//Id = organization.Id;
//TempData["messageType"] = "alert-warning";
//TempData["message"] = "You are not Authorize to access all Users Account in the System";
//return RedirectToAction("IndexOrgAdmin", "Organization", new { area = "Setup" });
}
if (Id != 0)
{
organisation = (from o in swdb.Organisation where o.Id == Id select o).FirstOrDefault();
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
//viewModel.OrganizationId = OrganizationId;
if (!string.IsNullOrEmpty(filterby))
{
if (filterby == "all")
{
rows = organisation.Users.ToList();
}
else if (!string.IsNullOrEmpty(searchterm))
{
string query = searchterm.Trim().ToUpper();
if (filterby == "email")
{
rows = organisation.Users.Where(x => x.Memberships.Email.ToUpper().Contains(query)).ToList();
}
else if (filterby == "username")
{
rows = organisation.Users.Where(x => x.UserName.ToUpper().Contains(query)).ToList();
}
}
else
{
rows = organisation.Users.ToList();
}
}
}
//foreach (var username in usernames)
//{
// rows.Add(membershipService.GetUser(username, false));
//}
viewModel.Rows = rows.Skip((page - 1) * pgsize).Take(pgsize).ToList();
}
viewModel.PagingInfo = new PagingInfo
{
FirstItem = ((page - 1) * pgsize) + 1,
LastItem = page * pgsize,
CurrentPage = page,
ItemsPerPage = pgsize,
TotalItems = rows.Count()
};
viewModel.PageSize = pgsize;
viewModel.objOrganisation = organisation;
return(View(viewModel));
}
catch (Exception ex)
{
//ToDo: Log with Elmah
TempData["message"] = Settings.Default.GenericExceptionMessage;
return(RedirectToAction("Index", "Home", new { area = "Admin" }));
}
}
public virtual ActionResult CreateUser(RegisterViewModel model)
{
try
{
if (ModelState.IsValid)
{
sw.Organisation organisation = new sw.Organisation();
//var password = Membership.GeneratePassword(8, 0);
// model.Password = password;
//model.ConfirmPassword = password;
string message = "Welcome <br><br>Find below your account details<br><br>Username: "******" <br>Password: "******"New Account Details";
MembershipUser newUser;
MembershipCreateStatus status;
newUser = membershipService.CreateUser(model.UserName, model.Password, model.Email, model.SecretQuestion, model.SecretAnswer, model.Approve, out status);
if (newUser == null)
{
var msg = GetErrorMessage(status);
TempData["message"] = "alert-danger";
TempData["message"] = msg;
return(RedirectToAction("Index"));
}
else
{
if (System.Web.Security.Roles.IsUserInRole(Settings.Default.OrganisationAdminRole) && !System.Web.Security.Roles.IsUserInRole("Administrator"))
{
GetOrganisation objGetOrganisation = new GetOrganisation();
MembershipUser user = Membership.GetUser(User.Identity.Name);
organisation = objGetOrganisation.byUser(user);
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
model.Id = organisation.Id;
}
if (model.Id != 0)
{
organisation = (from o in swdb.Organisation where o.Id == model.Id select o).FirstOrDefault();
if (organisation == null)
{
throw new Exception("Could not find Organisation");
}
model.objOrganisation = organisation;
sw.Users user = swdb.Users.Where(x => x.UserId == (Guid)newUser.ProviderUserKey).FirstOrDefault();
organisation.Users.Add(user);
swdb.SaveChanges();
///Send Email to New User Account////
// @utility.SendEmailToPerson(Settings.Default.EmailReplyTo, newUser.Email, subject, message, DateTime.Now, null, null, null);
return(RedirectToAction("GrantRolesToUser", new { username = newUser.UserName, Id = model.Id }));
}
///Send Email to New User Account////
// @utility.SendEmailToPerson(Settings.Default.EmailReplyTo, newUser.Email, subject, message, DateTime.Now, null, null, null);
return(routeHelpers.Actions.GrantRolesToUser(newUser.UserName));
//RedirectToAction("GrantRolesToUser",new{UserName = '', Id = ''})
}
}
}
catch (Exception ex)
{
//Elmah.ErrorSignal.FromCurrentContext().Raise(ex);
TempData["message"] = Settings.Default.GenericExceptionMessage;
return(RedirectToAction("Index", "Home", new { area = "Admin" }));
}
return(View());
}
