public byte[] Execute(out CommandError error)
{
var client = ClientManager.GetClient(requestData.UserToken);
var loginData = LoginData.FromJson(SequrityUtils.DecryptString(requestData.Data, client.SecretDFKey));
var passwordHash = SequrityUtils.GetHash(loginData.Password);
var result = DBConnection.PrepareExecProcedureCommand("CheckLoginInfo", loginData.Login, passwordHash).ExecuteReader();
if (result.Read())
{
client.UserId = result.GetInt32(0);
client.Role = (UserRoles)(result.GetInt32(4) - 1);
var info = new AccountInfo(client.UserId, result.GetString(1), result.GetString(2), client.Role.Value, result.IsDBNull(5) ? null : result.GetString(5));
client.UpdateExpiredTime();
result.Close();
error = CommandError.None;
return(SequrityUtils.Encrypt(info.ToJson(), client.SecretDFKey));
}
else
{
result.Close();
error = CommandError.BadLoginOrPassword;
return(null);
}
}
public byte[] Execute(out CommandError error)
{
var client = ClientManager.GetClient(requestData.UserToken);
if (client.Role != UserRoles.Admin)
{
error = CommandError.NoPermissions;
return(null);
}
var editData = EditUserData.FromJson(SequrityUtils.DecryptString(requestData.Data, client.SecretDFKey));
string password = "";
bool changePassword = false;
if (editData.Password != null)
{
password = SequrityUtils.GetHash(editData.Password);
changePassword = true;
}
UserRoles role;
var DBReader = DBConnection.PrepareExecProcedureCommand("GetUserRole", editData.id.ToString()).ExecuteReader();
if (DBReader.Read())
{
role = (UserRoles)DBReader.GetInt32(0) - 1;
}
else
{
error = CommandError.ClientNotFound;
return(null);
}
DBReader.Close();
int studentGroup = -1;
bool changeGroup = false;
if (role == UserRoles.Student)
{
changeGroup = true;
DBReader = DBConnection.PrepareExecProcedureCommand("GetStudentGroup", editData.Group).ExecuteReader();
if (DBReader.Read())
{
studentGroup = DBReader.GetInt32(0);
DBReader.Close();
}
else
{
DBReader.Close();
error = CommandError.BadStudentGroup;
return(null);
}
}
DBConnection.PrepareExecProcedureCommand("EditUser", editData.id.ToString(), editData.Firstname, editData.Lastname, password, studentGroup.ToString(), Convert.ToInt32(changePassword).ToString(), Convert.ToInt32(changeGroup).ToString()).ExecuteNonQuery();
error = CommandError.None;
return(SequrityUtils.Encrypt("OK", client.SecretDFKey));
}
public byte[] Execute(out CommandError error)
{
var client = ClientManager.GetClient(requestData.UserToken);
var newPassword = SequrityUtils.DecryptString(requestData.Data, client.SecretDFKey);
var passwordHash = SequrityUtils.GetHash(newPassword);
DBConnection.PrepareExecProcedureCommand("ChangePassword", client.UserId.ToString(), passwordHash).ExecuteNonQuery();
error = CommandError.None;
return(SequrityUtils.Encrypt("OK", client.SecretDFKey));
}
public byte[] Execute(out CommandError error)
{
var client = ClientManager.GetClient(requestData.UserToken);
var config = ConfigContainer.GetConfig();
if (client.Role == null && !config.AllowRegistrationRequests)
{
error = CommandError.SelfRegistrationNotAllowed;
return(null);
}
if (client.Role == UserRoles.Teacher && !config.AllowStudentsRegistration)
{
error = CommandError.StudentRegistrationNotAllowed;
return(null);
}
var registerData = RegisterData.FromJson(SequrityUtils.DecryptString(requestData.Data, client.SecretDFKey));
var passwordHash = SequrityUtils.GetHash(registerData.Password);
var DBReader = DBConnection.PrepareExecProcedureCommand("GetStudentGroup", registerData.Group).ExecuteReader();
if (DBReader.Read())
{
var studentGroup = DBReader.GetInt32(0);
DBReader.Close();
DBReader = DBConnection.PrepareExecProcedureCommand("CheckUserLogin", registerData.Login).ExecuteReader();
if (DBReader.Read())
{
if (DBReader.GetInt32(0) > 0)
{
DBReader.Close();
error = CommandError.LoginExists;
return(null);
}
}
DBReader.Close();
DBConnection.PrepareExecProcedureCommand("RegisterStudent", registerData.Firstname, registerData.Lastname, registerData.Login, passwordHash, studentGroup.ToString()).ExecuteNonQuery();
error = CommandError.None;
return(SequrityUtils.Encrypt("OK", client.SecretDFKey));
}
else
{
DBReader.Close();
error = CommandError.BadStudentGroup;
return(null);
}
}