public void SignIn(BusinessPartner user, bool createPersistentCookie)
        {
            var now = DateTime.UtcNow.ToLocalTime();

            var ticket = new FormsAuthenticationTicket(
                1 /*version*/,
                //_userSettings.UsernamesEnabled ? user.Username : user.Email,
                user.ContactFirstName,
                now,
                now.Add(_expirationTimeSpan),
                createPersistentCookie,
                _userSettings.UsernamesEnabled ? user.WebsiteLogin : user.EmailAddress,
                FormsAuthentication.FormsCookiePath);

            var encryptedTicket = FormsAuthentication.Encrypt(ticket);

            var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
            cookie.HttpOnly = true;
            if (ticket.IsPersistent)
            {
                cookie.Expires = ticket.Expiration;
            }
            cookie.Secure = FormsAuthentication.RequireSSL;
            cookie.Path = FormsAuthentication.FormsCookiePath;
            if (FormsAuthentication.CookieDomain != null)
            {
                cookie.Domain = FormsAuthentication.CookieDomain;
            }

            _httpContext.Response.Cookies.Add(cookie);
            _cachedUser = user;
        }
Пример #2
0
        private static void FilteredLog(ILogger logger, LogLevel level, string message, Exception exception = null, BusinessPartner user = null)
        {
            //don't log thread abort exception
            if (exception is System.Threading.ThreadAbortException)
                return;

            if (logger.IsEnabled(level))
            {
                string fullMessage = exception == null ? string.Empty : exception.ToString();
                logger.InsertLog(level, message, fullMessage, user);
            }
        }
Пример #3
0
        /// <summary>
        /// Authorize permission
        /// </summary>
        /// <param name="permission">Permission record</param>
        /// <param name="customer">Customer</param>
        /// <returns>true - authorized; otherwise, false</returns>
        public virtual bool Authorize(PermissionRecord permission, BusinessPartner user)
        {
            if (permission == null)
                return false;

            if (user == null)
                return false;

            //old implementation of Authorize method
            //var customerRoles = customer.CustomerRoles.Where(cr => cr.Active);
            //foreach (var role in customerRoles)
            //    foreach (var permission1 in role.PermissionRecords)
            //        if (permission1.SystemName.Equals(permission.SystemName, StringComparison.InvariantCultureIgnoreCase))
            //            return true;

            //return false;

            return Authorize(permission.SystemName, user);
        }
        public BusinessPartner GetAuthenticatedUser()
        {
            if (_cachedUser != null)
                return _cachedUser;

            if (_httpContext == null ||
                _httpContext.Request == null ||
                !_httpContext.Request.IsAuthenticated ||
                !(_httpContext.User.Identity is FormsIdentity))
            {
                return null;
            }

            var formsIdentity = (FormsIdentity)_httpContext.User.Identity;
            var user = GetAuthenticatedCustomerFromTicket(formsIdentity.Ticket);
            if (user != null && user.ActiveBPYN == "Y")
                _cachedUser = user;
            return _cachedUser;
        }
Пример #5
0
 public static void Warning(this ILogger logger, string message, Exception exception = null, BusinessPartner user = null)
 {
     FilteredLog(logger, LogLevel.Warning, message, exception, user);
 }
Пример #6
0
        /// <summary>
        /// Authorize permission
        /// </summary>
        /// <param name="permissionRecordSystemName">Permission record system name</param>
        /// <param name="customer">Customer</param>
        /// <returns>true - authorized; otherwise, false</returns>
        public virtual bool Authorize(string permissionRecordSystemName, BusinessPartner user)
        {
            //if (String.IsNullOrEmpty(permissionRecordSystemName))
            //    return false;

            //var userRoles = user.UserRoles.Where(cr => cr.Active);
            //foreach (var role in userRoles)
            //    if (Authorize(permissionRecordSystemName, role))
            //        //yes, we have such permission
            //        return true;

            ////no permission found
            //return false;

            return true;
        }
        private decimal? RTBCalculation(Models.SolutionItemModel solItemModel, BusinessPartner currentUser, decimal loanAmount, decimal lvr, decimal trail, JToken selectedCalculation, IList<SolutionFeatureConfig> solFeaConfigs)
        {
            if (!(lvr <= solItemModel.MaxLVR && lvr >= solItemModel.MinLVR))
            {
                return -1;
            }

            if (!(loanAmount <= solItemModel.MaxAmnt && loanAmount >= solItemModel.MinAmnt))
            {
                return -1;
            }

            var bpSum = ((decimal)selectedCalculation["CommLoading"]) + trail
                + (currentUser.StandardBPAdjToRate ?? 0)
                + (currentUser.StandardNoClawback ?? 0);

            var featurePremiums = solFeaConfigs != null ? solFeaConfigs.Sum(sfc => sfc.Premium) : 0;

            var RTB = bpSum + (featurePremiums ?? 0) + (solItemModel.WSR ?? 0);

            return RTB;
        }
Пример #8
0
 /// <summary>
 /// Inserts a log item
 /// </summary>
 /// <param name="logLevel">Log level</param>
 /// <param name="shortMessage">The short message</param>
 /// <param name="fullMessage">The full message</param>
 /// <param name="customer">The customer to associate log record with</param>
 /// <returns>A log item</returns>
 public virtual Log InsertLog(LogLevel logLevel, string shortMessage, string fullMessage = "", BusinessPartner user = null)
 {
     return null;
 }
Пример #9
0
        /// <summary>
        /// Gets a customer time zone
        /// </summary>
        /// <param name="user">Customer</param>
        /// <returns>Customer time zone; if customer is null, then default store time zone</returns>
        public virtual TimeZoneInfo GetCustomerTimeZone(BusinessPartner user)
        {
            //registered user
            TimeZoneInfo timeZoneInfo = null;
            if (_dateTimeSettings.AllowCustomersToSetTimeZone)
            {
                string timeZoneId = string.Empty;
                //if (user != null)
                //    timeZoneId = user.GetAttribute<string>(SystemCustomerAttributeNames.TimeZoneId, _genericAttributeService);

                //try
                //{
                //    if (!String.IsNullOrEmpty(timeZoneId))
                //        timeZoneInfo = FindTimeZoneById(timeZoneId);
                //}
                //catch (Exception exc)
                //{
                //    Debug.Write(exc.ToString());
                //}
            }

            //default timezone
            if (timeZoneInfo == null)
                timeZoneInfo = this.DefaultStoreTimeZone;

            return timeZoneInfo;
        }
 public void SignOut()
 {
     _cachedUser = null;
     FormsAuthentication.SignOut();
 }
Пример #11
0
        /// <summary>
        /// Inserts a log item
        /// </summary>
        /// <param name="logLevel">Log level</param>
        /// <param name="shortMessage">The short message</param>
        /// <param name="fullMessage">The full message</param>
        /// <param name="customer">The customer to associate log record with</param>
        /// <returns>A log item</returns>
        public virtual Log InsertLog(LogLevel logLevel, string shortMessage, string fullMessage = "", BusinessPartner user = null)
        {
            //check ignore word/phrase list?
            if (IgnoreLog(shortMessage) || IgnoreLog(fullMessage))
                return null;

            var log = new Log
            {
                LogLevel = logLevel,
                ShortMessage = shortMessage,
                FullMessage = fullMessage,
                IpAddress = _webHelper.GetCurrentIpAddress(),
                User = user,
                PageUrl = _webHelper.GetThisPageUrl(true),
                ReferrerUrl = _webHelper.GetUrlReferrer(),
                CreatedOnUtc = DateTime.UtcNow
            };

            _logRepository.Insert(log);

            return log;
        }