public void SignIn(BusinessPartner user, bool createPersistentCookie)
{
var now = DateTime.UtcNow.ToLocalTime();
var ticket = new FormsAuthenticationTicket(
1 /*version*/,
//_userSettings.UsernamesEnabled ? user.Username : user.Email,
user.ContactFirstName,
now,
now.Add(_expirationTimeSpan),
createPersistentCookie,
_userSettings.UsernamesEnabled ? user.WebsiteLogin : user.EmailAddress,
FormsAuthentication.FormsCookiePath);
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
cookie.HttpOnly = true;
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
cookie.Secure = FormsAuthentication.RequireSSL;
cookie.Path = FormsAuthentication.FormsCookiePath;
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
_httpContext.Response.Cookies.Add(cookie);
_cachedUser = user;
}
private static void FilteredLog(ILogger logger, LogLevel level, string message, Exception exception = null, BusinessPartner user = null)
{
//don't log thread abort exception
if (exception is System.Threading.ThreadAbortException)
return;
if (logger.IsEnabled(level))
{
string fullMessage = exception == null ? string.Empty : exception.ToString();
logger.InsertLog(level, message, fullMessage, user);
}
}
/// <summary>
/// Authorize permission
/// </summary>
/// <param name="permission">Permission record</param>
/// <param name="customer">Customer</param>
/// <returns>true - authorized; otherwise, false</returns>
public virtual bool Authorize(PermissionRecord permission, BusinessPartner user)
{
if (permission == null)
return false;
if (user == null)
return false;
//old implementation of Authorize method
//var customerRoles = customer.CustomerRoles.Where(cr => cr.Active);
//foreach (var role in customerRoles)
// foreach (var permission1 in role.PermissionRecords)
// if (permission1.SystemName.Equals(permission.SystemName, StringComparison.InvariantCultureIgnoreCase))
// return true;
//return false;
return Authorize(permission.SystemName, user);
}
public BusinessPartner GetAuthenticatedUser()
{
if (_cachedUser != null)
return _cachedUser;
if (_httpContext == null ||
_httpContext.Request == null ||
!_httpContext.Request.IsAuthenticated ||
!(_httpContext.User.Identity is FormsIdentity))
{
return null;
}
var formsIdentity = (FormsIdentity)_httpContext.User.Identity;
var user = GetAuthenticatedCustomerFromTicket(formsIdentity.Ticket);
if (user != null && user.ActiveBPYN == "Y")
_cachedUser = user;
return _cachedUser;
}
public static void Warning(this ILogger logger, string message, Exception exception = null, BusinessPartner user = null)
{
FilteredLog(logger, LogLevel.Warning, message, exception, user);
}
/// <summary>
/// Authorize permission
/// </summary>
/// <param name="permissionRecordSystemName">Permission record system name</param>
/// <param name="customer">Customer</param>
/// <returns>true - authorized; otherwise, false</returns>
public virtual bool Authorize(string permissionRecordSystemName, BusinessPartner user)
{
//if (String.IsNullOrEmpty(permissionRecordSystemName))
// return false;
//var userRoles = user.UserRoles.Where(cr => cr.Active);
//foreach (var role in userRoles)
// if (Authorize(permissionRecordSystemName, role))
// //yes, we have such permission
// return true;
////no permission found
//return false;
return true;
}
private decimal? RTBCalculation(Models.SolutionItemModel solItemModel, BusinessPartner currentUser, decimal loanAmount, decimal lvr, decimal trail, JToken selectedCalculation, IList<SolutionFeatureConfig> solFeaConfigs)
{
if (!(lvr <= solItemModel.MaxLVR && lvr >= solItemModel.MinLVR))
{
return -1;
}
if (!(loanAmount <= solItemModel.MaxAmnt && loanAmount >= solItemModel.MinAmnt))
{
return -1;
}
var bpSum = ((decimal)selectedCalculation["CommLoading"]) + trail
+ (currentUser.StandardBPAdjToRate ?? 0)
+ (currentUser.StandardNoClawback ?? 0);
var featurePremiums = solFeaConfigs != null ? solFeaConfigs.Sum(sfc => sfc.Premium) : 0;
var RTB = bpSum + (featurePremiums ?? 0) + (solItemModel.WSR ?? 0);
return RTB;
}
/// <summary>
/// Inserts a log item
/// </summary>
/// <param name="logLevel">Log level</param>
/// <param name="shortMessage">The short message</param>
/// <param name="fullMessage">The full message</param>
/// <param name="customer">The customer to associate log record with</param>
/// <returns>A log item</returns>
public virtual Log InsertLog(LogLevel logLevel, string shortMessage, string fullMessage = "", BusinessPartner user = null)
{
return null;
}
/// <summary>
/// Gets a customer time zone
/// </summary>
/// <param name="user">Customer</param>
/// <returns>Customer time zone; if customer is null, then default store time zone</returns>
public virtual TimeZoneInfo GetCustomerTimeZone(BusinessPartner user)
{
//registered user
TimeZoneInfo timeZoneInfo = null;
if (_dateTimeSettings.AllowCustomersToSetTimeZone)
{
string timeZoneId = string.Empty;
//if (user != null)
// timeZoneId = user.GetAttribute<string>(SystemCustomerAttributeNames.TimeZoneId, _genericAttributeService);
//try
//{
// if (!String.IsNullOrEmpty(timeZoneId))
// timeZoneInfo = FindTimeZoneById(timeZoneId);
//}
//catch (Exception exc)
//{
// Debug.Write(exc.ToString());
//}
}
//default timezone
if (timeZoneInfo == null)
timeZoneInfo = this.DefaultStoreTimeZone;
return timeZoneInfo;
}
public void SignOut()
{
_cachedUser = null;
FormsAuthentication.SignOut();
}
/// <summary>
/// Inserts a log item
/// </summary>
/// <param name="logLevel">Log level</param>
/// <param name="shortMessage">The short message</param>
/// <param name="fullMessage">The full message</param>
/// <param name="customer">The customer to associate log record with</param>
/// <returns>A log item</returns>
public virtual Log InsertLog(LogLevel logLevel, string shortMessage, string fullMessage = "", BusinessPartner user = null)
{
//check ignore word/phrase list?
if (IgnoreLog(shortMessage) || IgnoreLog(fullMessage))
return null;
var log = new Log
{
LogLevel = logLevel,
ShortMessage = shortMessage,
FullMessage = fullMessage,
IpAddress = _webHelper.GetCurrentIpAddress(),
User = user,
PageUrl = _webHelper.GetThisPageUrl(true),
ReferrerUrl = _webHelper.GetUrlReferrer(),
CreatedOnUtc = DateTime.UtcNow
};
_logRepository.Insert(log);
return log;
}