protected void GvRowCommand(object sender, GridViewCommandEventArgs e)
{
string editpage = "~/ControlRoom/Modules/Tenant/TenantUserAddEdit.aspx";
if (e.CommandName.ToLower() == "addrecord")
{
Session["UID"] = string.Empty;
Response.Redirect(editpage);
}
if (e.CommandName.ToLower() == "editrecord")
{
int key = Convert.ToInt32(e.CommandArgument);
Session["UID"] = key;
Response.Redirect(editpage);
//Response.Redirect(String.Format("{0}?PK={1}", editpage, key));
}
if (e.CommandName.ToLower() == "deleterecord")
{
int key = Convert.ToInt32(e.CommandArgument);
try
{
var obj = new SRPUser(key);
if (obj.IsValid(BusinessRulesValidationMode.DELETE))
{
SRPUser.Delete(key);
LoadData();
var masterPage = (IControlRoomMaster)Master;
if (masterPage != null)
{
masterPage.PageMessage = SRPResources.DeleteOK;
}
}
else
{
var masterPage = (IControlRoomMaster)Master;
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in obj.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
if (masterPage != null)
{
masterPage.PageError = message;
}
}
}
catch (Exception ex)
{
var masterPage = (IControlRoomMaster)Master;
if (masterPage != null)
{
masterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
}
}
void Application_End(object sender, EventArgs e)
{
// Code that runs on application shutdown
try {
SRPUser.LogoffAll();
} catch {
}
}
protected void Button1_Click(object sender, EventArgs e)
{
object tokenObject = this.ViewState["token"];
if (tokenObject == null)
{
passwordUpdate.Visible = false;
invalidToken.Visible = true;
return;
}
var user = SRPUser.UpdatePasswordByToken(tokenObject.ToString(),
Password.Text);
if (user == null)
{
passwordUpdate.Visible = false;
invalidToken.Visible = true;
return;
}
// user requested a password for an email address that is not in the database
// if account doesn't exist, send an email saying so
var values = new {
SystemName = SRPSettings.GetSettingValue("SysName", user.TenID),
ContactName = SRPSettings.GetSettingValue("ContactName", user.TenID),
ContactEmail = SRPSettings.GetSettingValue("ContactEmail", user.TenID),
RemoteAddress = new Tools.WebTools().RemoteUserAddress(Request),
UserEmail = user.EmailAddress,
ControlRoomLink = string.Format("{0}{1}",
BaseUrl,
"/ControlRoom/"),
PasswordResetSuccessSubject = SRPResources.PasswordEmailSuccessSubject
};
this.Log().Info("Password reset process for {0} complete from {1}",
values.UserEmail,
values.RemoteAddress);
// TODO email - move this template out to the database
StringBuilder body = new StringBuilder();
body.Append("<p>The password reset for your {SystemName} account is now complete.</p>");
body.Append("<p>You may now <a href=\"{ControlRoomLink}\">log in</a> using your new ");
body.Append("password.</p>");
body.Append("<p>If you have any comments or questions, please contact ");
body.Append("{ContactName} at <a href=\"mailto:{ContactEmail}\">{ContactEmail}");
body.Append("</a>.</p>");
body.Append("<p style=\"font-size: smaller;\"><em>This password request was ");
body.Append("completed from: {RemoteAddress}.</em></p>");
new EmailService().SendEmail(user.EmailAddress,
"{SystemName} - {PasswordResetSuccessSubject}".FormatWith(values),
body.ToString().FormatWith(values));
Response.Redirect("Login.aspx");
}
void Application_Start(object sender, EventArgs e)
{
// Code that runs on application startup
try {
SRPUser.LogoffAll();
} catch {
}
LoggingExtensions.Logging.Log.InitializeWith <LoggingExtensions.NLog.NLogLog>();
}
void Session_End(object sender, EventArgs e)
{
// Code that runs when a session ends.
// Note: The Session_End event is raised only when the sessionstate mode
// is set to InProc in the Web.config file. If session mode is set to StateServer
// or SQLServer, the event is not raised.
if (Session[SessionData.UserProfile.ToString()] != null)
{
SRPUser.Logoff(((SRPUser)Session[SessionData.UserProfile.ToString()]).Uid);
}
}
protected void Button1_Click(object sender, EventArgs e)
{
SRPUser user = (SRPUser)Session[SessionData.UserProfile.ToString()];
user.NewPassword = uxNewPasswordField.Text;
user.MustResetPassword = false;
user.LastPasswordReset = DateTime.Now;
user.Update();
Session[SessionData.UserProfile.ToString()] = user;
FormsAuthentication.RedirectFromLoginPage(user.Username, false);
}
protected void Page_Load(object sender, EventArgs e)
{
MasterPage.IsSecure = true;
MasterPage.PageTitle = "User Login History";
lblUID.Text = Session["UID"] == null ? "" : Session["UID"].ToString(); //Session["UID"] = "";
if (lblUID.Text == "")
{
Response.Redirect("~/ControlRoom/");
}
if (!IsPostBack)
{
//lblUID.Text = Request["UID"].ToString();
var user = new SRPUser(int.Parse(lblUID.Text));
lblUsername.Text = user.Username;
lblName.Text = user.FirstName + " " + user.LastName;
lblUsername.Visible = lblName.Visible = true;
}
ControlRoomAccessPermission.CheckControlRoomAccessPermission(1000); // User Security;
if (!IsPostBack)
{
List <RibbonPanel> moduleRibbonPanels = StandardModuleRibbons.SecurityRibbon();
foreach (var moduleRibbonPanel in moduleRibbonPanels)
{
MasterPage.PageRibbon.Add(moduleRibbonPanel);
}
MasterPage.PageRibbon.DataBind();
}
_mStrSortExp = String.Empty;
if (!IsPostBack)
{
_mStrSortExp = String.Empty;
}
else
{
if (null != ViewState["_SortExp_"])
{
_mStrSortExp = ViewState["_SortExp_"] as String;
}
if (null != ViewState["_Direction_"])
{
_mSortDirection = (SortDirection)ViewState["_Direction_"];
}
}
if (!IsPostBack)
{
LoadData();
}
}
private SRPUser GetUser(string userIdString)
{
if (!string.IsNullOrWhiteSpace(userIdString))
{
int userId = 0;
if (int.TryParse(userIdString, out userId))
{
return(SRPUser.Fetch(userId));
}
}
return(null);
}
protected override void OnPreLoad(EventArgs e)
{
MasterPage = (IControlRoomMaster)Master;
if (MasterPage != null)
{
MasterPage.IsSecure = true;
}
SRPUser = (SRPUser)Session[SessionData.UserProfile.ToString()];
//UserPermissions = (List<SRPPermission>)Session[SessionData.PermissionList.ToString()];
UserPermissionList = (string)Session[SessionData.StringPermissionList.ToString()];
base.OnPreLoad(e);
}
public static void Logout(Page page)
{
try {
SRPUser u = (SRPUser)HttpContext.Current.Session[SessionData.UserProfile.ToString()];
if (u != null)
{
u.Logoff();
}
} finally {
page.Session.Abandon();
page.Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
page.Response.Redirect("~/ControlRoom/Login.aspx", true);
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
SRPUser u = (SRPUser)HttpContext.Current.Session[SessionData.UserProfile.ToString()];
if (u != null)
{
u.Logoff();
}
}
finally
{
Response.Redirect("~/ControlRoom/Login.aspx");
}
}
private void LoadData()
{
var ds = new DataSet();
var dt = SRPUser.FetchAllAsDataTable();
ds.Tables.Add(dt);
if (_mStrSortExp != "")
{
dt.DefaultView.Sort = _mStrSortExp + (_mSortDirection == SortDirection.Descending ? " DESC" : "");
var ds2 = new DataSet();
ds2.Tables.Add(dt.DefaultView.ToTable());
ds = ds2;
}
gv.DataSource = ds;
gv.DataBind();
}
private void LoadData()
{
var ds = new DataSet();
var dt = SRPUser.GetLoginHistory(int.Parse(lblUID.Text));
ds.Tables.Add(dt);
if (_mStrSortExp != "")
{
dt.DefaultView.Sort = _mStrSortExp + (_mSortDirection == SortDirection.Descending ? " DESC" : "");
var ds2 = new DataSet();
ds2.Tables.Add(dt.DefaultView.ToTable());
ds = ds2;
}
gv.DataSource = ds;
gv.DataBind();
}
protected void LinkButton1_Click(object sender, EventArgs e)
{
uxLogin.PasswordRequiredErrorMessage = string.Empty;
Page.Validate("uxLogin");
if (Page.IsValid || (uxLogin.UserName.Length > 0 && !Page.IsValid))
{
SRPUser u = SRPUser.FetchByUsername(uxLogin.UserName);
if (u != null)
{
// send email
}
uxMessageBox.Visible = true;
FailureText.Text = SRPResources.PasswordEmailed;
}
}
public void ShouldAuthenticateTheSameUserOnTheServer()
{
var username = "******";
var password = "******";
var hash = new HMACSHA256();
var parameter = new Bit2048();
var srp = new SecureRemoteProtocol(hash, parameter);
var privateKey = SecureRemoteProtocol.GetRandomNumber().ToBytes();
var serverKey = SecureRemoteProtocol.GetRandomNumber().ToBytes();
var verificationKey1 = srp.CreateVerificationKey(username, password);
var user1 = new SRPUser(username, password, hash, parameter);
var a = user1.GetEphemeralSecret();
var authentication1 = user1.StartAuthentication();
var user2 = new SRPUser(username, password, hash, parameter);
var user2Ephemeral = user2.GetEphemeralSecret();
var authentication2 = user2.StartAuthentication();
Assert.IsTrue(authentication1.PublicKey.CheckEquals(authentication2.PublicKey));
var svr1 = new SRPVerifier(hash, parameter, verificationKey1,
authentication1.PublicKey);
var b = svr1.GetEphemeralSecret();
var challenge1 = svr1.GetChallenge();
var session1 = user1.ProcessChallenge(challenge1);
var session2 = user2.ProcessChallenge(challenge1);
Assert.IsTrue(session1.Key.CheckEquals(session2.Key));
var hamk = svr1.VerifiySession(session1);
var svr2 = new SRPVerifier(hash, parameter, verificationKey1,
authentication1.PublicKey);
Assert.IsTrue(b.CheckEquals(svr2.GetEphemeralSecret()));
var hamk2 = svr2.VerifiySession(session1);
Assert.IsTrue(hamk.Key.CheckEquals(hamk2.Key));
}
public BaseControlRoomPage()
{
this.Load += (s, e) =>
{
var tenantIdSession = Session["TenantID"];
int?tenantId = tenantIdSession as int?;
int?crTenantId = CRTenantID;
if (crTenantId != null && tenantId != crTenantId)
{
// tenant mismatch between user's TenantID and CR login tenant id
// log out user
try
{
SRPUser user = Session[SessionData.UserProfile.ToString()] as SRPUser;
string who = "Unknown user";
if (user != null)
{
who = user.Username;
}
this.Log().Debug("{0} has mismatched tenants ({1} public and {2} CR) - performing logout",
who,
tenantId,
crTenantId);
}
catch (Exception ex)
{
this.Log()
.Debug("Unknown user has mismatched tenants ({0} public and {1} CR) - error occurred: {2} - performing logout",
tenantId,
crTenantId,
ex.Message);
}
GRA.SRP.ControlRoom.CRLogout.Logout(this);
return;
}
if (crTenantId != null)
{
this.ViewState["TenantID"] = crTenantId;
}
};
}
protected void SaveGroups(DetailsView dv, SRPUser obj)
{
GridView gv = (GridView)dv.FindControl("gvUserGroups");
string memberGroups = string.Empty;
foreach (GridViewRow row in gv.Rows)
{
if (((CheckBox)row.FindControl("isMember")).Checked)
{
memberGroups = string.Format("{0},{1}", memberGroups, ((Label)row.FindControl("GID")).Text);
}
}
if (memberGroups.Length > 0)
{
memberGroups = memberGroups.Substring(1, memberGroups.Length - 1);
}
SRPUser.UpdateMemberGroups((int)obj.Uid, memberGroups, ((SRPUser)Session[SessionData.UserProfile.ToString()]).Username);
}
protected void SavePermissions(DetailsView dv, SRPUser obj)
{
GridView gv = (GridView)dv.FindControl("gvUserPermissions");
string groupPermissions = string.Empty;
foreach (GridViewRow row in gv.Rows)
{
if (((CheckBox)row.FindControl("isChecked")).Checked)
{
groupPermissions = string.Format("{0},{1}", groupPermissions, ((Label)row.FindControl("PermissionID")).Text);
}
}
if (groupPermissions.Length > 0)
{
groupPermissions = groupPermissions.Substring(1, groupPermissions.Length - 1);
}
SRPUser.UpdatePermissions((int)obj.Uid, groupPermissions, ((SRPUser)Session[SessionData.UserProfile.ToString()]).Username);
}
protected void uvButton_Click(object sender, EventArgs e)
{
SRPUser user = new SRPUser((int)((SRPUser)Session[SessionData.UserProfile.ToString()]).Uid);
if (uxCPass.Text != user.Password)
{
MasterPage.PageError = String.Format(SRPResources.ApplicationError1, "Your current password is invalid.");
return;
}
string oPass = user.Password;
user.Password = uxPassword.Text;
user.LastPasswordReset = DateTime.Now;
user.MustResetPassword = false;
try
{
user.ClearErrorCodes();
if (SRPUser.Update(user))
{
Session[SessionData.UserProfile.ToString()] = user;
MasterPage.PageMessage = String.Format("Password has been changed.");
}
else
{
user.Password = oPass;
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in user.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
MasterPage.PageError = message;
}
}
catch (Exception ex)
{
user.Password = oPass;
MasterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
protected void Button1_Click(object sender, EventArgs e)
{
lblMessage.Text =
"Your password has been emailed to the address associated with the account and should arrive shortly.";
SRPUser user = SRPUser.FetchByUsername(uxUsername.Text);
if (user != null)
{
//Send Email;.....
string baseUrl = Request.Url.Scheme + "://" + Request.Url.Authority + Request.ApplicationPath.TrimEnd('/');
var EmailBody =
"<h1>Dear " + user.FirstName + ",</h1><br><br>This is your current account information. Please make sure you reset your password as soon as you are able to log back in.<br><br>" +
"Username: "******"<br>Password: "******"<br><br>If you have any questions regarding your account please contact " + SRPSettings.GetSettingValue("ContactName") +
" at " + SRPSettings.GetSettingValue("ContactEmail") + "." +
"<br><br><br><a href='" + baseUrl + "'>" + baseUrl + "</a> <br> <a href='" + baseUrl + "/ControlRoom'>" + baseUrl + "/ControlRoom</a>";
EmailService.SendEmail(user.EmailAddress, "Summer Reading Program - Control Room Password recovery", EmailBody);
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
string token = Request.QueryString["token"];
this.ViewState["token"] = token;
if (string.IsNullOrEmpty(token))
{
Response.Redirect("~/ControlRoom/PasswordReset.aspx");
}
else
{
if (SRPUser.GetUserByToken(token) == null)
{
passwordUpdate.Visible = false;
invalidToken.Visible = true;
}
}
}
}
public void ShouldAuthenticateSameUserTwice()
{
var username = "******";
var password = "******";
var hash = new HMACSHA256();
var parameter = new Bit2048();
var user1 = new SRPUser(username, password, hash, parameter);
var a = user1.GetEphemeralSecret();
var authentication1 = user1.StartAuthentication();
var user2 = new SRPUser(username, password, hash, parameter);
var user2Ephemeral = user2.GetEphemeralSecret();
Assert.IsTrue(a.CheckEquals(user2Ephemeral));
var authentication2 = user2.StartAuthentication();
Assert.AreEqual(authentication1.Username, authentication2.Username);
Assert.IsTrue(authentication1.PublicKey.CheckEquals(authentication2.PublicKey));
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session[CRSessionKey.TenantID] != null)
{
SRPUser currentUser = Session[SessionData.UserProfile.ToString()] as SRPUser;
string loggedInAs = string.Empty;
if (currentUser != null)
{
loggedInAs = string.Format(" as {0}", currentUser.Username);
}
Session[CRSessionKey.CRMessage] = string.Format("You are already logged in{0}. If you wish to log in as another user, please select Logoff first.",
loggedInAs);
Response.Redirect("~/ControlRoom/Default.aspx", true);
return;
}
uxLogin.Focus();
if (Page.IsPostBack)
{
uxLogin.PasswordRequiredErrorMessage = GRA.SRP.ControlRoom.SRPResources.PasswordRequired;
Page.Validate("uxLogin");
if (!Page.IsValid)
{
uxMessageBox.Visible = true;
}
}
else
{
if (Request.Cookies["ControlRoomUsername"] != null)
{
var cookie = Request.Cookies["ControlRoomUsername"];
if (!string.IsNullOrEmpty(cookie.Value))
{
this.uxLogin.UserName = cookie.Value;
this.uxLogin.RememberMeSet = true;
}
}
this.SystemName.Text = StringResources.getString("system-name");
}
}
public BaseControlRoomPage()
{
this.Load += (s, e) => {
var tenantIdSession = Session["TenantID"];
int?tenantId = tenantIdSession as int?;
int?crTenantId = CRTenantID;
if (tenantIdSession == null ||
tenantId == null ||
crTenantId == null ||
tenantId != crTenantId)
{
// tenant mismatch between user's TenantID and CR login tenant id
// log out user
try {
SRPUser user = Session[SessionData.UserProfile.ToString()] as SRPUser;
if (user == null)
{
this.Log()
.Debug("Unknown user has mismatched tenants, clearing any login");
}
else
{
this.Log()
.Debug("User {0} has mismatched tenants, clearing any login",
user.Username);
}
} catch (Exception ex) {
this.Log()
.Debug("Unknown user, mismatched tenants, error occurred, clearing: {0}",
ex.Message);
}
GRA.SRP.ControlRoom.CRLogout.Logout(this);
return;
}
this.ViewState["TenantID"] = crTenantId;
};
}
protected void ResetPassword_Click(object sender, EventArgs e)
{
Error.Text = string.Empty;
object userIdObject = Session["UID"];
int userId = 0;
if (userIdObject == null ||
!int.TryParse(userIdObject.ToString(), out userId) ||
userId == 0)
{
Response.Redirect("Default.aspx");
}
SRPUser user = SRPUser.Fetch(userId);
user.NewPassword = uxPassword.Text;
try {
user.Update();
SRPUser currentUser = Session[SessionData.UserProfile.ToString()] as SRPUser;
var changeInfo = new {
Changer = currentUser == null
? "unknown"
: currentUser.Username,
User = user.Username
};
this.Log().Info("Admin user {0} changed password for user {1}",
changeInfo.Changer,
changeInfo.User);
} catch (Exception ex) {
this.Log().Error("Admin user unable to change password for user {0}: {1}",
userId,
ex.Message);
Error.Text = string.Format("An error occurred: {0}", ex.Message);
}
Response.Redirect("UserAddEdit.aspx");
}
protected void DvItemCommand(object sender, DetailsViewCommandEventArgs e)
{
string returnURL = "~/ControlRoom/Modules/Tenant/TenantList.aspx";
if (e.CommandName.ToLower() == "back")
{
Response.Redirect(returnURL);
}
if (e.CommandName.ToLower() == "refresh")
{
try
{
odsData.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
var masterPage = (IControlRoomMaster)Master;
if (masterPage != null)
{
masterPage.PageMessage = SRPResources.RefreshOK;
}
}
catch (Exception ex)
{
var masterPage = (IControlRoomMaster)Master;
masterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
if (e.CommandName.ToLower() == "add" || e.CommandName.ToLower() == "addandback")
{
try
{
var obj = new Core.Utilities.Tenant();
obj.Name = ((TextBox)((DetailsView)sender).FindControl("Name")).Text;
obj.LandingName = ((TextBox)((DetailsView)sender).FindControl("LandingName")).Text;
obj.AdminName = ((TextBox)((DetailsView)sender).FindControl("AdminName")).Text;
obj.isActiveFlag = ((CheckBox)((DetailsView)sender).FindControl("isActiveFlag")).Checked;
obj.isMasterFlag = ((CheckBox)((DetailsView)sender).FindControl("isMasterFlag")).Checked;
obj.Description = ((CKEditor.NET.CKEditorControl)((DetailsView)sender).FindControl("Description")).Text;
obj.DomainName = ((TextBox)((DetailsView)sender).FindControl("DomainName")).Text;
try
{
obj.showNotifications = ((CheckBox)((DetailsView)sender).FindControl("showNotifications")).Checked;
obj.showOffers = ((CheckBox)((DetailsView)sender).FindControl("showOffers")).Checked;
obj.showBadges = ((CheckBox)((DetailsView)sender).FindControl("showBadges")).Checked;
obj.showEvents = ((CheckBox)((DetailsView)sender).FindControl("showEvents")).Checked;
obj.NotificationsMenuText = ((TextBox)((DetailsView)sender).FindControl("NotificationsMenuText")).Text;
obj.OffersMenuText = ((TextBox)((DetailsView)sender).FindControl("OffersMenuText")).Text;
obj.BadgesMenuText = ((TextBox)((DetailsView)sender).FindControl("BadgesMenuText")).Text;
obj.EventsMenuText = ((TextBox)((DetailsView)sender).FindControl("EventsMenuText")).Text;
obj.FldInt1 = ((TextBox)((DetailsView)sender).FindControl("FldInt1")).Text.SafeToInt();
}
catch (Exception exc) {
this.Log().Error("Error parsing new tenant information: {0}", exc.Message);
}
/*
*
* obj.FldInt2 = ((TextBox)((DetailsView)sender).FindControl("FldInt2")).Text.SafeToInt();
* obj.FldInt3 = ((TextBox)((DetailsView)sender).FindControl("FldInt3")).Text.SafeToInt();
* obj.FldBit1 = ((CheckBox)((DetailsView)sender).FindControl("FldBit1")).Checked;
* obj.FldBit2 = ((CheckBox)((DetailsView)sender).FindControl("FldBit2")).Checked;
* obj.FldBit3 = ((CheckBox)((DetailsView)sender).FindControl("FldBit3")).Checked;
* obj.FldText1 = ((CKEditor.NET.CKEditorControl)((DetailsView)sender).FindControl("FldText1")).Text;
* obj.FldText2 = ((CKEditor.NET.CKEditorControl)((DetailsView)sender).FindControl("FldText2")).Text;
* obj.FldText3 = ((CKEditor.NET.CKEditorControl)((DetailsView)sender).FindControl("FldText3")).Text;
*/
// TODO security - don't give all new tenants the same password
string newPassword = "******";
obj.AddedDate = DateTime.Now;
obj.AddedUser = ((SRPUser)Session[SessionData.UserProfile.ToString()]).Username; //"N/A"; // Get from session
obj.LastModDate = obj.AddedDate;
obj.LastModUser = obj.AddedUser;
var sysadmin = new SRPUser();
sysadmin.Username = ((TextBox)((DetailsView)sender).FindControl("sysadmin")).Text;
sysadmin.NewPassword = newPassword;
sysadmin.FirstName = ((TextBox)((DetailsView)sender).FindControl("fname")).Text;
sysadmin.LastName = ((TextBox)((DetailsView)sender).FindControl("lname")).Text;
sysadmin.EmailAddress = ((TextBox)((DetailsView)sender).FindControl("email")).Text;
sysadmin.Division = ((TextBox)((DetailsView)sender).FindControl("Name")).Text;
sysadmin.Department = sysadmin.Title = "";
sysadmin.AddedDate = DateTime.Now;
sysadmin.AddedUser = ((SRPUser)Session[SessionData.UserProfile.ToString()]).Username; //"N/A"; // Get from session
sysadmin.LastModDate = sysadmin.AddedDate;
sysadmin.LastModUser = sysadmin.AddedUser;
sysadmin.IsActive = true;
if (sysadmin.IsValid(BusinessRulesValidationMode.INSERT))
{
if (obj.IsValid(BusinessRulesValidationMode.INSERT))
{
obj.Insert();
var TID = obj.TenID;
TenantInitialize.InitializeSecurity(sysadmin, TID, newPassword);
TenantInitialize.InitializeData(TID);
if (e.CommandName.ToLower() == "addandback")
{
Response.Redirect(returnURL);
}
lblPK.Text = obj.TenID.ToString();
odsData.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
var masterPage = (IControlRoomMaster)Master;
masterPage.PageMessage = SRPResources.AddedOK;
}
else
{
var masterPage = (IControlRoomMaster)Master;
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in obj.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
masterPage.PageError = message;
}
}
else
{
var masterPage = (IControlRoomMaster)Master;
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in sysadmin.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
masterPage.PageError = message;
}
}
catch (Exception ex)
{
var masterPage = (IControlRoomMaster)Master;
masterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
this.Log().Error("Error adding tenant: {0}", ex.Message);
}
}
if (e.CommandName.ToLower() == "save" || e.CommandName.ToLower() == "saveandback")
{
try
{
var obj = new GRA.SRP.Core.Utilities.Tenant();
int pk = int.Parse(lblPK.Text);
obj.Fetch(pk);
obj.Name = ((TextBox)((DetailsView)sender).FindControl("Name")).Text;
obj.LandingName = ((TextBox)((DetailsView)sender).FindControl("LandingName")).Text;
obj.AdminName = ((TextBox)((DetailsView)sender).FindControl("AdminName")).Text;
obj.isActiveFlag = ((CheckBox)((DetailsView)sender).FindControl("isActiveFlag")).Checked;
obj.isMasterFlag = ((CheckBox)((DetailsView)sender).FindControl("isMasterFlag")).Checked;
obj.Description = ((CKEditor.NET.CKEditorControl)((DetailsView)sender).FindControl("Description")).Text;
obj.DomainName = ((TextBox)((DetailsView)sender).FindControl("DomainName")).Text;
try
{
obj.showNotifications = ((CheckBox)((DetailsView)sender).FindControl("showNotifications")).Checked;
obj.showOffers = ((CheckBox)((DetailsView)sender).FindControl("showOffers")).Checked;
obj.showBadges = ((CheckBox)((DetailsView)sender).FindControl("showBadges")).Checked;
obj.showEvents = ((CheckBox)((DetailsView)sender).FindControl("showEvents")).Checked;
obj.NotificationsMenuText = ((TextBox)((DetailsView)sender).FindControl("NotificationsMenuText")).Text;
obj.OffersMenuText = ((TextBox)((DetailsView)sender).FindControl("OffersMenuText")).Text;
obj.BadgesMenuText = ((TextBox)((DetailsView)sender).FindControl("BadgesMenuText")).Text;
obj.EventsMenuText = ((TextBox)((DetailsView)sender).FindControl("EventsMenuText")).Text;
obj.FldInt1 = ((TextBox)((DetailsView)sender).FindControl("FldInt1")).Text.SafeToInt();
}
catch (Exception exc) { }
/*
*
* obj.FldInt2 = ((TextBox)((DetailsView)sender).FindControl("FldInt2")).Text.SafeToInt();
* obj.FldInt3 = ((TextBox)((DetailsView)sender).FindControl("FldInt3")).Text.SafeToInt();
* obj.FldBit1 = ((CheckBox)((DetailsView)sender).FindControl("FldBit1")).Checked;
* obj.FldBit2 = ((CheckBox)((DetailsView)sender).FindControl("FldBit2")).Checked;
* obj.FldBit3 = ((CheckBox)((DetailsView)sender).FindControl("FldBit3")).Checked;
* obj.FldText1 = ((CKEditor.NET.CKEditorControl)((DetailsView)sender).FindControl("FldText1")).Text;
* obj.FldText2 = ((CKEditor.NET.CKEditorControl)((DetailsView)sender).FindControl("FldText2")).Text;
* obj.FldText3 = ((CKEditor.NET.CKEditorControl)((DetailsView)sender).FindControl("FldText3")).Text;
*/
obj.LastModDate = DateTime.Now;
obj.LastModUser = ((SRPUser)Session[SessionData.UserProfile.ToString()]).Username; //"N/A"; // Get from session
if (obj.IsValid(BusinessRulesValidationMode.UPDATE))
{
obj.Update();
if (e.CommandName.ToLower() == "saveandback")
{
Response.Redirect(returnURL);
}
odsData.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
var masterPage = (IControlRoomMaster)Master;
masterPage.PageMessage = SRPResources.SaveOK;
}
else
{
var masterPage = (IControlRoomMaster)Master;
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in obj.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
masterPage.PageError = message;
}
}
catch (Exception ex)
{
var masterPage = (IControlRoomMaster)Master;
masterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
}
protected void Button1_Click(object sender, EventArgs e)
{
string userId = new SRPUser().GetUsernameByEmail(uxEmailaddress.Text);
string remoteAddress = new Tools.WebTools().RemoteUserAddress(Request);
if (string.IsNullOrEmpty(userId))
{
// user requested a password for an email address that is not in the database
// if account doesn't exist, send an email saying so
var values = new {
SystemName = SRPSettings.GetSettingValue("SysName", 1),
ControlRoomLink = string.Format("{0}{1}",
BaseUrl,
"/ControlRoom/LoginRecovery.aspx"),
ContactName = SRPSettings.GetSettingValue("ContactName", 1),
ContactEmail = SRPSettings.GetSettingValue("ContactEmail", 1),
RemoteAddress = remoteAddress,
UserEmail = uxEmailaddress.Text,
PasswordResetSubject = SRPResources.PasswordEmailSubject
};
this.Log().Info("User at {0} requested password reset for nonexistent email {1}",
values.RemoteAddress,
values.UserEmail);
// TODO email - move this template out to the database
StringBuilder body = new StringBuilder();
body.Append("<p>A password reset request was received by {SystemName} for your ");
body.Append("address. Unfortunately no account could be found associated with ");
body.Append("this email address.</p>");
body.Append("<p>If you initiated this request, feel free to ");
body.Append("<a href=\"{ControlRoomLink}\">try requesting the password</a> ");
body.Append("for any other email address you might have used.</p>");
body.Append("<p>If you have any comments or questions, please contact ");
body.Append("{ContactName} at <a href=\"mailto:{ContactEmail}\">{ContactEmail}");
body.Append("</a>.</p>");
body.Append("<p style=\"font-size: smaller;\"><em>This password request was ");
body.Append("submitted from: {RemoteAddress}.</em></p>");
new EmailService().SendEmail(uxEmailaddress.Text,
"{SystemName} - {PasswordResetSubject}".FormatWith(values),
body.ToString().FormatWith(values));
}
else
{
SRPUser lookupUser = SRPUser.FetchByUsername(userId);
string passwordResetToken = lookupUser.GeneratePasswordResetToken();
if (string.IsNullOrEmpty(passwordResetToken))
{
lblMessage.Text = "Unable to initiate password reset process.";
return;
}
var values = new {
SystemName = SRPSettings.GetSettingValue("SysName", lookupUser.TenID),
PasswordResetLink = string.Format("{0}{1}?token={2}",
BaseUrl,
"/ControlRoom/PasswordRecovery.aspx",
passwordResetToken),
ContactName = SRPSettings.GetSettingValue("ContactName", lookupUser.TenID),
ContactEmail = SRPSettings.GetSettingValue("ContactEmail", lookupUser.TenID),
RemoteAddress = remoteAddress,
UserEmail = uxEmailaddress.Text,
PasswordResetSubject = SRPResources.PasswordEmailSubject,
};
this.Log().Info("User at {0} requested password reset for email {1}",
values.RemoteAddress,
values.UserEmail);
// TODO email - move this template out to the database
StringBuilder body = new StringBuilder();
body.Append("<p>A password reset request was received by {SystemName} for your ");
body.Append("address.</p>");
body.Append("<p>Please <a href=\"{PasswordResetLink}\">click here</a> ");
body.Append("to create a new password for your account.</p>");
body.Append("<p>If you did not initiate this request, take no action and your ");
body.Append("password will not be changed.</p>");
body.Append("<p>If you have any comments or questions, please contact ");
body.Append("{ContactName} at <a href=\"mailto:{ContactEmail}\">{ContactEmail}");
body.Append("</a>.</p>");
body.Append("<p style=\"font-size: smaller;\"><em>This password request was ");
body.Append("submitted from: {RemoteAddress}.</em></p>");
new EmailService().SendEmail(uxEmailaddress.Text,
"{SystemName} - {PasswordResetSubject}".FormatWith(values),
body.ToString().FormatWith(values));
}
lblMessage.Text = "Processing your password reset request, you should receive an email soon.";
}
public void OnAuthenticate(object sender, AuthenticateEventArgs e)
{
if (Page.IsValid)
{
SRPUser user = new SRPUser();
bool auth = SRPUser.Login(uxLogin.UserName,
uxLogin.Password, Session.SessionID,
Request.UserHostAddress == "::1" ? "127.0.0.1" : Request.UserHostAddress,
Request.UserHostName == "::1" ? "localhost" : Request.UserHostName,
Request.Browser.Browser + " - v" + Request.Browser.MajorVersion + Request.Browser.MinorVersionString);
if (!auth)
{
uxMessageBox.Visible = true;
FailureText.Text = SRPResources.BadUserPass;
//Account Inactive
//
e.Authenticated = false;
}
else
{
e.Authenticated = true;
}
if (e.Authenticated)
{
// handle remember me
if (uxLogin.RememberMeSet == true)
{
var rememberMe = new HttpCookie("ControlRoomUsername", uxLogin.UserName);
rememberMe.Expires = DateTime.Now.AddDays(14);
Response.Cookies.Set(rememberMe);
}
else
{
var rememberMe = new HttpCookie("ControlRoomUsername", string.Empty);
rememberMe.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Set(rememberMe);
}
// Put User Profile into Session.
// Put Security roles into session
// = ConfigurationManager.AppSettings["ApplicationName"];
user = SRPUser.FetchByUsername(uxLogin.UserName);
Session[SessionData.IsLoggedIn.ToString()] = true;
Session[SessionData.UserProfile.ToString()] = user;
List <SRPPermission> perms = user.EffectiveUserPermissions();
//Session[SessionData.PermissionList.ToString()] = perms;
string permList = string.Empty;
foreach (SRPPermission perm in perms)
{
permList += String.Format("#{0}", perm.Permission);
}
Session[SessionData.StringPermissionList.ToString()] = permList;
Session["TenantID"] = user.TenID;
Session[CRSessionKey.TenantID] = user.TenID;
var tenant = Tenant.FetchObject(user.TenID);
Session[CRSessionKey.IsMaster] = tenant.isMasterFlag;
if (user.MustResetPassword)
{
this.Log().Info("Redirecting {0} to mandatory password reset.",
user.Username);
Response.Redirect("~/ControlRoom/PasswordReset.aspx");
}
//List<CMSFolder> folders = user.EffectiveUserFolders();
//Session[SessionData.FoldersList.ToString()] = folders;
//string foldersList= string.Empty;
//foreach (CMSFolder folder in folders)
// foldersList += string.Format("#{0}", folder.Folder);
//Session[SessionData.StringFoldersList.ToString()] = foldersList;
////// to do - make sure these are in the settings module/ complete the settings module
////string[] HideFolders = new string[] { ".svn", "CVS", "app_data", "properties", "bin", "obj", "controls", "core", "controlroom", "app_themes" };
////CMSSettings.SetSetting("HideFolders", HideFolders, ",");
////string[] HideFiles = new string[] { ".*" };
////CMSSettings.SetSetting("HideFiles", HideFiles, ",");
////string[] AllowedExtensions = new string[] { };
////CMSSettings.SetSetting("AllowedExtensions", AllowedExtensions, ",");
////string[] DeniedExtensions = new string[] { };
////CMSSettings.SetSetting("DeniedExtensions", DeniedExtensions, ",");
////// end to do
FormsAuthentication.RedirectFromLoginPage(uxLogin.UserName, false);
}
}
else
{
uxMessageBox.Visible = true;
}
}
protected void DvItemCommand(object sender, DetailsViewCommandEventArgs e)
{
string returnURL = "~/ControlRoom/Modules/Tenant/TenantUserList.aspx";
if (e.CommandName.ToLower() == "back")
{
Response.Redirect(returnURL);
}
if (e.CommandName.ToLower() == "refresh")
{
try {
odsSRPUser.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
MasterPage.PageMessage = SRPResources.RefreshOK;
} catch (Exception ex) {
MasterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
if (e.CommandName.ToLower() == "add" || e.CommandName.ToLower() == "addandback")
{
try {
SRPUser obj = new SRPUser();
obj.Username = ((TextBox)((DetailsView)sender).FindControl("Username")).Text;
obj.NewPassword = ((TextBox)((DetailsView)sender).FindControl("Password")).Text;
obj.FirstName = ((TextBox)((DetailsView)sender).FindControl("FirstName")).Text;
obj.LastName = ((TextBox)((DetailsView)sender).FindControl("LastName")).Text;
obj.EmailAddress = ((TextBox)((DetailsView)sender).FindControl("EmailAddress")).Text;
obj.Division = ((TextBox)((DetailsView)sender).FindControl("Division")).Text;
obj.Department = ((TextBox)((DetailsView)sender).FindControl("Department")).Text;
obj.Title = ((TextBox)((DetailsView)sender).FindControl("Title")).Text;
//((TextBox)((DetailsView)sender).FindControl("Password")).Attributes["value"] = obj.Password;
obj.IsActive = true;
obj.MustResetPassword = true;
obj.IsDeleted = false;
obj.AddedDate = DateTime.Now;
obj.AddedUser = ((SRPUser)Session[SessionData.UserProfile.ToString()]).Username; //"N/A"; // Get from session
obj.LastModDate = obj.AddedDate;
obj.LastModUser = obj.AddedUser;
obj.TenID = int.Parse(Session["ATENID"].ToString());
if (obj.IsValid(BusinessRulesValidationMode.INSERT))
{
obj.Insert();
if (e.CommandName.ToLower() == "addandback")
{
Response.Redirect(returnURL);
}
lblUID.Text = obj.Uid.ToString();
odsSRPUser.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
MasterPage.PageMessage = SRPResources.AddedOK;
}
else
{
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in obj.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
MasterPage.PageError = message;
}
} catch (Exception ex) {
MasterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
if (e.CommandName.ToLower() == "save" || e.CommandName.ToLower() == "saveandback")
{
try {
int pk = int.Parse(((DetailsView)sender).Rows[0].Cells[1].Text);
SRPUser obj = new SRPUser(pk);
obj.Username = ((TextBox)((DetailsView)sender).FindControl("Username")).Text;
obj.NewPassword = ((TextBox)((DetailsView)sender).FindControl("Password")).Text;
obj.FirstName = ((TextBox)((DetailsView)sender).FindControl("FirstName")).Text;
obj.LastName = ((TextBox)((DetailsView)sender).FindControl("LastName")).Text;
obj.EmailAddress = ((TextBox)((DetailsView)sender).FindControl("EmailAddress")).Text;
obj.Division = ((TextBox)((DetailsView)sender).FindControl("Division")).Text;
obj.Department = ((TextBox)((DetailsView)sender).FindControl("Department")).Text;
obj.Title = ((TextBox)((DetailsView)sender).FindControl("Title")).Text;
obj.IsActive = ((CheckBox)((DetailsView)sender).FindControl("IsActive")).Checked;
obj.MustResetPassword = ((CheckBox)((DetailsView)sender).FindControl("MustResetPassword")).Checked;
//((TextBox)((DetailsView)sender).FindControl("Password")).Attributes.Add("value", obj.Password);
//obj.IsDeleted = ((TextBox)((DetailsView)sender).FindControl("IsDeleted")).Text;
//obj.LastPasswordReset = ((TextBox)((DetailsView)sender).FindControl("LastPasswordReset")).Text;
//obj.DeletedDate = ((TextBox)((DetailsView)sender).FindControl("DeletedDate")).Text;
//obj.LastModDate = ((TextBox)((DetailsView)sender).FindControl("LastModDate")).Text;
//obj.LastModUser = ((TextBox)((DetailsView)sender).FindControl("LastModUser")).Text;
//obj.AddedDate = ((TextBox)((DetailsView)sender).FindControl("AddedDate")).Text;
//obj.AddedUser = ((TextBox)((DetailsView)sender).FindControl("AddedUser")).Text;
obj.LastModDate = DateTime.Now;
obj.LastModUser = ((SRPUser)Session[SessionData.UserProfile.ToString()]).Username; //"N/A"; // Get from session
if (obj.IsValid(BusinessRulesValidationMode.UPDATE))
{
obj.Update();
SaveGroups((DetailsView)sender, obj);
//SavePermissions((DetailsView)sender, obj);
//SaveFolders((DetailsView)sender, obj);
if (e.CommandName.ToLower() == "saveandback")
{
Response.Redirect(returnURL);
}
odsSRPUser.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
MasterPage.PageMessage = SRPResources.SaveOK;
}
else
{
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in obj.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
MasterPage.PageError = message;
}
} catch (Exception ex) {
MasterPage.PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
}
protected void DvItemCommand(object sender, DetailsViewCommandEventArgs e)
{
string returnURL = "~/ControlRoom/";
if (e.CommandName.ToLower() == "back")
{
Response.Redirect(returnURL);
}
if (e.CommandName.ToLower() == "password")
{
Response.Redirect("~/ControlRoom/Modules/PortalUser/PasswordReset.aspx");
}
if (e.CommandName.ToLower() == "refresh")
{
try
{
odsCMSUser.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
//ICMSMasterPage masterPage = (ICMSMasterPage)Master;
//masterPage.
PageMessage = SRPResources.RefreshOK;
}
catch (Exception ex)
{
//ICMSMasterPage masterPage = (ICMSMasterPage)Master;
//masterPage.
PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
if (e.CommandName.ToLower() == "save" || e.CommandName.ToLower() == "saveandback")
{
try
{
SRPUser obj = new SRPUser();
int pk = (int)SRPUser.Uid;
obj = SRPUser.Fetch(pk);
obj.FirstName = ((TextBox)((DetailsView)sender).FindControl("FirstName")).Text;
obj.LastName = ((TextBox)((DetailsView)sender).FindControl("Lastname")).Text;
obj.LastName = ((TextBox)((DetailsView)sender).FindControl("Lastname")).Text;
obj.EmailAddress = ((TextBox)((DetailsView)sender).FindControl("Emailaddress")).Text;
obj.Title = ((TextBox)((DetailsView)sender).FindControl("Title")).Text;
obj.Department = ((TextBox)((DetailsView)sender).FindControl("Department")).Text;
obj.Division = ((TextBox)((DetailsView)sender).FindControl("Division")).Text;
obj.LastModDate = DateTime.Now;
obj.LastModUser = "******"; // Get from session
if (obj.IsValid(BusinessRulesValidationMode.UPDATE))
{
obj.Update();
SRPUser = obj;
Session[SessionData.UserProfile.ToString()] = obj;
if (e.CommandName.ToLower() == "saveandback")
{
Response.Redirect(returnURL);
}
odsCMSUser.DataBind();
dv.DataBind();
dv.ChangeMode(DetailsViewMode.Edit);
//ICMSMasterPage masterPage = (ICMSMasterPage)Master;
//masterPage.
PageMessage = SRPResources.SaveOK;
}
else
{
//ICMSMasterPage masterPage = (ICMSMasterPage)Master;
string message = String.Format(SRPResources.ApplicationError1, "<ul>");
foreach (BusinessRulesValidationMessage m in obj.ErrorCodes)
{
message = string.Format(String.Format("{0}<li>{{0}}</li>", message), m.ErrorMessage);
}
message = string.Format("{0}</ul>", message);
//masterPage.
PageError = message;
}
}
catch (Exception ex)
{
//ICMSMasterPage masterPage = (ICMSMasterPage)Master;
//masterPage.
PageError = String.Format(SRPResources.ApplicationError1, ex.Message);
}
}
}
