/// <summary>
/// For User Authentication
/// </summary>
/// <param name="user"></param>
/// <param name="session"></param>
public bool UserLogin(ref User user)
{
bool loginsuccess = false;
try
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlParameter[] param = new SqlParameter[4];
dbconnection.Open();
param[0] = new SqlParameter("@UserName", user.UserName);
param[1] = new SqlParameter("@Password", user.Password);
param[2] = new SqlParameter("@UserID", null);
param[2].DbType = DbType.Int32;
param[2].Direction = ParameterDirection.Output;
param[3] = new SqlParameter("@PersonID", null);
param[3].DbType = DbType.Int32;
param[3].Direction = ParameterDirection.Output;
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));
dbconnection.Close();
try
{
user.UserID = Convert.ToInt32(param[2].Value.ToString());
if (param[3].Value != DBNull.Value)
user.PersonID = Convert.ToInt32(param[3].Value.ToString());
}
catch { }
if (user.UserID != 0)
{
loginsuccess = true;
sm.Session().UserID = user.UserID;
sm.Session().PersonID = user.PersonID;
sm.Session().LoginDate = DateTime.Now;
Session session = sm.Session();
SessionUpdate(ref session);
ActivityLog(user.PersonID, null, null);
}
}
catch (Exception ex)
{
throw ex;
}
return loginsuccess;
}
//***************************************************************************************************************************************
/// <summary>
///
/// Starts a Profiles instance of Profiles Session Management and Session State Information used for
/// security/data filters, tracking, auditing.
///
/// </summary>
/// <param name="sender"> .Net context object</param>
/// <param name="e"> .Net Event Arguments</param>
protected void Session_Start(object sender, EventArgs e)
{
SessionManagement session = new SessionManagement();
session.SessionCreate();
if (session.Session() != null)
Framework.Utilities.DebugLogging.Log("SESSION CREATED for: " + session.Session().SessionID);
session = null;
}
public void InsertProxy(string userid)
{
SessionManagement sm = new SessionManagement();
try
{
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
dbconnection.Open();
SqlCommand dbcommand = new SqlCommand();
dbcommand.CommandType = CommandType.StoredProcedure;
dbcommand.CommandText = "[User.Account].[Proxy.AddDesignatedProxy]";
dbcommand.CommandTimeout = base.GetCommandTimeout();
dbcommand.Parameters.Add(new SqlParameter("@SessionID", sm.Session().SessionID));
dbcommand.Parameters.Add(new SqlParameter("@UserID", userid));
dbcommand.Connection = dbconnection;
dbcommand.ExecuteNonQuery();
}
catch (Exception e)
{
throw new Exception(e.Message);
}
}
/*
public SqlDataReader GetPublications(RDFTriple request)
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlCommand dbcommand = new SqlCommand("[Profile.Module].[CustomViewAuthorInAuthorshipForORCID.GetList]");
SqlDataReader dbreader;
dbconnection.Open();
dbcommand.CommandType = CommandType.StoredProcedure;
dbcommand.CommandTimeout = base.GetCommandTimeout();
dbcommand.Parameters.Add(new SqlParameter("@nodeid", request.Subject));
dbcommand.Parameters.Add(new SqlParameter("@sessionid", sm.Session().SessionID));
dbcommand.Connection = dbconnection;
dbreader = dbcommand.ExecuteReader(CommandBehavior.CloseConnection);
return dbreader;
}
*/
public string GetInternalUserID()
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlCommand dbcommand = new SqlCommand("SELECT UserID, InternalUserName FROM [User.Account].[User] WHERE (UserID = @userid)");
SqlDataReader dbreader;
dbconnection.Open();
dbcommand.CommandType = CommandType.Text;
dbcommand.CommandTimeout = GetCommandTimeout();
dbcommand.Parameters.Add(new SqlParameter("@userid", sm.Session().UserID));
dbcommand.Connection = dbconnection;
dbreader = dbcommand.ExecuteReader(CommandBehavior.CloseConnection);
while (dbreader.Read())
{
ORCIDPublication pub = new ORCIDPublication();
if (dbreader["InternalUserName"] != null)
{
return dbreader["InternalUserName"].ToString();
}
}
throw new Exception("Unable to find Internal Username");
}
public SqlDataReader GetActiveNetwork(Int64 subject, bool details)
{
SqlDataReader dbreader = null;
SessionManagement sm = new SessionManagement();
XmlDocument data = new XmlDocument();
try
{
SqlParameter[] param = new SqlParameter[3];
param[0] = new SqlParameter("@SessionID", sm.Session().SessionID);
param[1] = new SqlParameter("@Details", details);
if (subject == 0)
{
param[2] = new SqlParameter("@Subject", DBNull.Value);
}
else
{
param[2] = new SqlParameter("@Subject", subject);
}
dbreader = GetSQLDataReader(GetDBCommand("", "[user.account].[relationship.getrelationship]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));
}
catch (Exception ex)
{
Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace);
}
return(dbreader);
}
public void SetActiveNetwork(Int64 subject, string relationshiptype, bool settoexists)
{
SessionManagement sm = new SessionManagement();
try
{
SqlParameter[] param = new SqlParameter[4];
param[0] = new SqlParameter("@SessionID", sm.Session().SessionID);
param[1] = new SqlParameter("@Subject", subject);
if (relationshiptype == null)
{
param[2] = new SqlParameter("@RelationshipType", DBNull.Value);
}
else
{
param[2] = new SqlParameter("@RelationshipType", relationshiptype);
}
param[3] = new SqlParameter("@SetToExists", settoexists);
GetDBCommand("", "[user.account].[relationship.setrelationship]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param).ExecuteNonQuery();
}
catch (Exception ex)
{
Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace);
}
}
public void DrawProfilesModule()
{
Profiles.Profile.Utilities.DataIO data = new Profiles.Profile.Utilities.DataIO();
if (Request.QueryString["Subject"] == null)
return;
base.RDFTriple = new RDFTriple(Convert.ToInt64(Request.QueryString["Subject"]));
dlGoogleMapLinks.DataSource = data.GetGoogleMapZoomLinks();
dlGoogleMapLinks.DataBind();
SqlDataReader reader = null;
SqlDataReader reader2 = null;
Profiles.Framework.Utilities.SessionManagement session = new SessionManagement();
GoogleMapHelper gmh = new GoogleMapHelper();
try
{
if (base.GetModuleParamString("MapType") == "CoAuthor")
{
reader = data.GetGMapUserCoAuthors(base.RDFTriple.Subject, 0, session.Session().SessionID);
reader2 = data.GetGMapUserCoAuthors(base.RDFTriple.Subject, 1, session.Session().SessionID);
}
if (base.GetModuleParamString("MapType") == "SimilarTo")
{
reader = data.GetGMapUserSimilarPeople(base.RDFTriple.Subject, false, session.Session().SessionID);
reader2 = data.GetGMapUserSimilarPeople(base.RDFTriple.Subject, true, session.Session().SessionID);
}
litGoogleCode.Text = gmh.MapPlotPeople(base.RDFTriple.Subject, reader, reader2);
}
finally
{
if (!reader.IsClosed)
reader.Close();
if (!reader2.IsClosed)
reader2.Close();
}
}
public EditObjectTypeProperty(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces)
: base(pagedata, moduleparams, pagenamespaces)
{
Edit.Utilities.DataIO data;
SessionManagement sm = new SessionManagement();
Profiles.Profile.Utilities.DataIO propdata = new Profiles.Profile.Utilities.DataIO();
data = new Profiles.Edit.Utilities.DataIO();
if (Request.QueryString["subject"] != null)
this.SubjectID = Convert.ToInt64(Request.QueryString["subject"]);
else if (base.GetRawQueryStringItem("subject") != null)
this.SubjectID = Convert.ToInt64(base.GetRawQueryStringItem("subject"));
else
Response.Redirect("~/search");
this.PredicateURI = Request.QueryString["predicateuri"].Replace("!", "#");
GetSubjectProfile();
this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, PredicateURI, false, true, false);
this.PropertyLabel = PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value;
litBackLink.Text = "<a href='" + Root.Domain + "/edit/" + this.SubjectID.ToString() + "'>Edit Menu</a> > <b>" + this.PropertyLabel + "</b>";
//Quick add for adding a note on the format of grant info when adding manually
if (PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/@Label").Value == "Research")
{
litGrantNote1.Text = "Please use the following format when adding the grant information: ";
litGrantNote2.Text = "Funding Agency: Agency Name - Title: Grant Title - Award Number: Grant ID Number - Total direct costs: $amount - Start Date: yyyy-mm-dd - End Date: yyyy-mm-dd <br /> Or for subaward:<br /> Subaward: Name of Pass-Through Institution - Funding Agency: Agency Name - Title: Grant Title - Award Number: Grant ID Number - Total direct costs: $amount - Start Date: yyyy-mm-dd - End Date: yyyy-mm-dd";
}
//Quick fix to allow only Admin and Curators to edit Visibility privacy
securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID);
if (securityOptions.userRole == -40 || securityOptions.userRole == -50)
{
securityOptions.FindControl("imbSecurityOptions").Visible = true;
securityOptions.FindControl("lbSecurityOptions").Visible = true;
}
else
{
securityOptions.FindControl("imbSecurityOptions").Visible = false;
securityOptions.FindControl("lbSecurityOptions").Visible = false;
}
securityOptions.Subject = this.SubjectID;
securityOptions.PredicateURI = PredicateURI;
this.PredicateID = data.GetStoreNode(this.PredicateURI);
securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value);
securityOptions.SecurityGroups = new XmlDataDocument();
securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml);
this._subject = Convert.ToInt64(Request.QueryString["subject"]);
this._personId = data.GetPersonID(_subject);
}
public EditDataTypeProperty(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces)
: base(pagedata, moduleparams, pagenamespaces)
{
SessionManagement sm = new SessionManagement();
propdata = new Profiles.Profile.Utilities.DataIO();
data = new Profiles.Edit.Utilities.DataIO();
string predicateuri = Request.QueryString["predicateuri"].Replace("!", "#");
this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, predicateuri, false, true, false);
PropertyLabel = this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value;
if (Request.QueryString["subject"] != null)
this.SubjectID = Convert.ToInt64(Request.QueryString["subject"]);
else if (base.GetRawQueryStringItem("subject") != null)
this.SubjectID = Convert.ToInt64(base.GetRawQueryStringItem("subject"));
else
Response.Redirect("~/search");
litBackLink.Text = "<a href='" + Root.Domain + "/edit/" + this.SubjectID + "'>Edit Menu</a> > <b>" + PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value + "</b>";
btnEditProperty.Text = "Add " + PropertyLabel;
this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, predicateuri, false, true, false);
// Put hack to not insert null MaxCardinality Value
if (this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@MaxCardinality") == null)
{
this.MaxCardinality = "1";
}
else
{
this.MaxCardinality = this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@MaxCardinality").Value;
}
this.MinCardinality = this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@MinCardinality").Value;
//Quick fix to allow only Admin and Curators to edit Visibility privacy
securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID);
if (securityOptions.userRole == -40 || securityOptions.userRole == -50)
{
securityOptions.FindControl("imbSecurityOptions").Visible = true;
securityOptions.FindControl("lbSecurityOptions").Visible = true;
}
else
{
securityOptions.FindControl("imbSecurityOptions").Visible = false;
securityOptions.FindControl("lbSecurityOptions").Visible = false;
}
securityOptions.Subject = this.SubjectID;
securityOptions.PredicateURI = predicateuri;
securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value);
securityOptions.SecurityGroups = new XmlDataDocument();
securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml);
}
public CustomEditAuthorInAuthorship(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces)
: base(pagedata, moduleparams, pagenamespaces)
{
SessionManagement sm = new SessionManagement();
Utilities.DataIO data = new Profiles.Edit.Utilities.DataIO();
propdata = new Profiles.Profile.Utilities.DataIO();
this._subject = Convert.ToInt64(Request.QueryString["subject"]);
this._predicateuri = Request.QueryString["predicateuri"].Replace("!", "#");
this._personId = data.GetPersonID(_subject);
Session["NodeID"] = this._subject;
Session["SessionID"] = sm.Session().SessionID;
this.PropertyListXML = propdata.GetPropertyList(pagedata, base.PresentationXML, this._predicateuri, false, true, false);
//Quick fix to allow only Admin and Curators to edit Visibility privacy
securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID);
if (securityOptions.userRole == -40 || securityOptions.userRole == -50)
{
securityOptions.FindControl("imbSecurityOptions").Visible = true;
securityOptions.FindControl("lbSecurityOptions").Visible = true;
}
else
{
securityOptions.FindControl("imbSecurityOptions").Visible = false;
securityOptions.FindControl("lbSecurityOptions").Visible = false;
}
securityOptions.Subject = this._subject;
securityOptions.PredicateURI = this._predicateuri;
securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value);
securityOptions.SecurityGroups = new XmlDataDocument();
securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml);
securityOptions.BubbleClick += SecurityDisplayed;
}
public CustomEditEmail(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces)
: base(pagedata, moduleparams, pagenamespaces)
{
SessionManagement sm = new SessionManagement();
base.BaseData = pagedata;
data = new Profiles.Edit.Utilities.DataIO();
this.Email = base.BaseData.SelectSingleNode("rdf:RDF/rdf:Description/vivo:email", base.Namespaces).InnerText;
Profiles.Profile.Utilities.DataIO propdata = new Profiles.Profile.Utilities.DataIO();
if (Request.QueryString["subject"] != null)
this.SubjectID = Convert.ToInt64(Request.QueryString["subject"]);
else if (base.GetRawQueryStringItem("subject") != null)
this.SubjectID = Convert.ToInt64(base.GetRawQueryStringItem("subject"));
else
Response.Redirect("~/search");
this.PredicateURI = Request.QueryString["predicateuri"].Replace("!", "#");
this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, this.PredicateURI, false, true, false);
litBackLink.Text = "<a href='" + Root.Domain + "/edit/" + this.SubjectID.ToString() + "'>Edit Menu</a> > <b>" + PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value + "</b>";
//create a new network triple request.
base.RDFTriple = new RDFTriple(this.SubjectID, data.GetStoreNode(this.PredicateURI));
base.RDFTriple.Expand = true;
base.RDFTriple.ShowDetails = true;
base.GetDataByURI();//This will reset the data to a Network.
//Quick fix to allow only Admin and Curators to edit Visibility privacy
securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID);
if (securityOptions.userRole == -40 || securityOptions.userRole == -50)
{
securityOptions.FindControl("imbSecurityOptions").Visible = true;
securityOptions.FindControl("lbSecurityOptions").Visible = true;
}
else
{
securityOptions.FindControl("imbSecurityOptions").Visible = false;
securityOptions.FindControl("lbSecurityOptions").Visible = false;
}
securityOptions.Subject = this.SubjectID;
securityOptions.PredicateURI = this.PredicateURI;
securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value);
securityOptions.SecurityGroups = new XmlDataDocument();
securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml);
}
public Int64 GetSessionSecurityGroup()
{
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SessionManagement sm = new SessionManagement();
SqlConnection dbconnection = new SqlConnection(connstr);
Int64 accesscode = 0;
SqlParameter[] param;
param = new SqlParameter[4];
SqlCommand dbcommand = new SqlCommand();
dbconnection.Open();
dbcommand.CommandTimeout = this.GetCommandTimeout();
param[0] = new SqlParameter("@SessionID", sm.Session().SessionID);
param[1] = new SqlParameter("@securitygroupid", 0);
param[1].Direction = ParameterDirection.Output;
param[2] = new SqlParameter("@hasspecialviewaccess", 0);
param[2].Direction = ParameterDirection.Output;
param[3] = new SqlParameter("@hasspecialeditaccess", 0);
param[3].Direction = ParameterDirection.Output;
dbcommand.Connection = dbconnection;
try
{
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[RDF.Security].[GetSessionSecurityGroup]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));
}
catch (Exception ex)
{
Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace);
}
dbcommand.Connection.Close();
if (param[1] != null)
{
accesscode = Convert.ToInt64(param[1].Value);
}
return(accesscode);
}
public CustomEditAuthorInAuthorship(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces)
: base(pagedata, moduleparams, pagenamespaces)
{
SessionManagement sm = new SessionManagement();
Utilities.DataIO data = new Profiles.Edit.Utilities.DataIO();
this._subject = Convert.ToInt64(Request.QueryString["subject"]);
this._predicateuri = Request.QueryString["predicateuri"].Replace("!", "#");
this._personId = data.GetPersonID(_subject);
Session["NodeID"] = this._subject;
Session["SessionID"] = sm.Session().SessionID;
this.PropertyListXML = data.GetPropertyList(pagedata, base.PresentationXML, this._predicateuri, false, true, false);
securityOptions.Subject = this._subject;
securityOptions.PredicateURI = this._predicateuri;
securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value);
securityOptions.SecurityGroups = new XmlDataDocument();
securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml);
}
public CustomEditMainImage(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces)
: base(pagedata, moduleparams, pagenamespaces)
{
Edit.Utilities.DataIO data = new Profiles.Edit.Utilities.DataIO();
SessionManagement sm = new SessionManagement();
this.XMLData = pagedata;
propdata = new Profiles.Profile.Utilities.DataIO();
if (Request.QueryString["subject"] != null)
this.SubjectID = Convert.ToInt64(Request.QueryString["subject"]);
else if (base.GetRawQueryStringItem("subject") != null)
this.SubjectID = Convert.ToInt64(base.GetRawQueryStringItem("subject"));
else
Response.Redirect("~/search");
this.PredicateURI = Request.QueryString["predicateuri"].Replace("!", "#");
this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, PredicateURI, false, true, false);
litBackLink.Text = "<a href='" + Root.Domain + "/edit/" + this.SubjectID.ToString() + "'>Edit Menu</a> > <b>" + PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value + "</b>";
//Quick fix to allow only Admin and Curators to edit Visibility privacy
securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID);
if (securityOptions.userRole == -40 || securityOptions.userRole == -50)
{
securityOptions.FindControl("imbSecurityOptions").Visible = true;
securityOptions.FindControl("lbSecurityOptions").Visible = true;
}
else
{
securityOptions.FindControl("imbSecurityOptions").Visible = false;
securityOptions.FindControl("lbSecurityOptions").Visible = false;
}
securityOptions.Subject = this.SubjectID;
securityOptions.PredicateURI = PredicateURI;
securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value);
securityOptions.SecurityGroups = new XmlDataDocument();
securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml);
securityOptions.BubbleClick += SecurityDisplayed;
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["method"].ToString() == "logout")
{
sm.SessionLogout();
sm.SessionDestroy();
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else if (Request.QueryString["method"].ToString() == "shibboleth")
{
// added by Eric
// If they specify an Idp, then check that they logged in from the configured IDP
bool authenticated = false;
if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null ||
ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase))
{
String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078";
if (userName != null && userName.Trim().Length > 0)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = userName;
if (data.UserLoginExternal(ref user))
{
authenticated = true;
RedirectAuthenticatedUser();
}
}
}
if (!authenticated)
{
// try and just put their name in the session.
//sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName");
RedirectAuthenticatedUser();
}
}
else if (Request.QueryString["method"].ToString() == "login")
{
// see if they already have a login session, if so don't send them to shibboleth
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
String viewerId = sm.Session().PersonURI;
if (viewerId != null && viewerId.Trim().Length > 0)
{
RedirectAuthenticatedUser();
}
else
{
string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
{
redirect += "&edit=true";
}
else
{
redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();
}
Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
HttpUtility.UrlEncode(redirect));
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["method"].ToString() == "logout")
{
sm.SessionLogout();
sm.SessionDistroy();
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else if (Request.QueryString["method"].ToString() == "shibboleth")
{
// added by Eric
String employeeID = Request.Headers.Get("employeeNumber"); //"025693078";
// new IDP
if (employeeID == null || employeeID.Trim().Length == 0)
{
employeeID = Request.Headers.Get("uid"); //"025693078";
if (employeeID != null && employeeID.Trim().Length > 9)
{
employeeID = employeeID.Substring(0, 9);
}
}
if (employeeID != null && employeeID.Trim().Length > 0)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = employeeID;
user.Password = employeeID;
if (data.UserLogin(ref user))
{
RedirectAuthenticatedUser();
}
}
}
else if (Request.QueryString["method"].ToString() == "login")
{
// see if they already have a login session, if so don't send them to shibboleth
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
String viewerId = sm.Session().PersonURI;
if (viewerId != null && viewerId.Trim().Length > 0)
{
RedirectAuthenticatedUser();
}
else
{
string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
redirect += "&edit=true";
else
redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();
Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
HttpUtility.UrlEncode(redirect));
}
}
}
}
public SqlDataReader ManageProxies(string operation)
{
SqlDataReader dbreader = null;
SessionManagement sm = new SessionManagement();
try
{
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
dbconnection.Open();
SqlCommand dbcommand = new SqlCommand();
dbcommand.CommandType = CommandType.StoredProcedure;
dbcommand.CommandText = "[User.Account].[Proxy.GetProxies]";
dbcommand.CommandTimeout = base.GetCommandTimeout();
dbcommand.Parameters.Add(new SqlParameter("@SessionID", sm.Session().SessionID));
dbcommand.Parameters.Add(new SqlParameter("@Operation", operation));
dbcommand.Connection = dbconnection;
dbreader = dbcommand.ExecuteReader(CommandBehavior.CloseConnection);
}
catch (Exception e)
{
throw new Exception(e.Message);
}
return dbreader;
}
private OpenSocialManager(string ownerUri, Page page, bool editMode)
{
this.guid = Guid.NewGuid();
this.isDebug = page.Session != null && page.Session[ORNG_DEBUG] != null && (bool)page.Session[ORNG_DEBUG];
this.noCache = page.Session != null && page.Session[ORNG_NOCACHE] != null && (bool)page.Session[ORNG_NOCACHE];
this.page = page;
this.pageName = page.AppRelativeVirtualPath.Substring(2).ToLower();
DebugLogging.Log("Creating OpenSocialManager for " + ownerUri + ", " + pageName);
if (shindigURL == null)
{
// do nothing
return;
}
this.ownerUri = ownerUri;
// in editMode we need to set the viewer to be the same as the owner
// otherwise, the gadget will not be able to save appData correctly
if (editMode)
{
viewerUri = ownerUri;
}
else
{
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
// if they have a Profile, use the Profile URI otherwise use the User URI. This allows admins and other folks without profile pages to use gadgets
if (sm.Session().PersonURI != null && sm.Session().PersonURI.Trim().Length > 0)
{
viewerUri = sm.Session().PersonURI;
}
else
{
viewerUri = sm.Session().UserURI;
}
if (viewerUri != null && viewerUri.Trim().Length == 0)
{
viewerUri = null;
}
}
string requestAppId = page.Request.QueryString["appId"];
foreach (GadgetSpec gadgetSpec in GetGadgetSpecifications())
{
// only add ones that are visible in this context!
if (((requestAppId == null && gadgetSpec.IsEnabled()) || gadgetSpec.GetAppId() == Convert.ToInt32(requestAppId)) && gadgetSpec.Show(viewerUri, ownerUri, GetPageName()))
{
gadgets.Add(new PreparedGadget(gadgetSpec, this));
}
}
// if we are in edit mode, clear the cache
if (editMode)
{
ClearOwnerCache();
}
// sort the gadgets
DebugLogging.Log("Visible Gadget Count : " + gadgets.Count);
gadgets.Sort();
}
/// <summary>
/// For User Authentication
/// </summary>
/// <param name="user"></param>
/// <param name="session"></param>
public bool UserLogin(ref User user)
{
bool loginsuccess = false;
string adPath = "LDAP://uams0.ad.uams.edu:389/DC=ad,DC=uams,DC=edu";
LdapAuthentication ldap = new LdapAuthentication(adPath);
bool ldapLoginSuccess = false;
string username;
try
{
ldapLoginSuccess = ldap.IsAuthenticated("UAMS", user.UserName, user.Password); //HMHULL-TODO: Do I need to have Domain be an box in the logon form?
}
catch (Exception e)
{
return false;
}
if (ldapLoginSuccess)
{
// Get the email from LDAP here and use it as the username
username = ldap.getEmail();
try
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlParameter[] param = new SqlParameter[3];
dbconnection.Open();
param[0] = new SqlParameter("@UserName", username);
param[1] = new SqlParameter("@UserID", null);
param[1].DbType = DbType.Int32;
param[1].Direction = ParameterDirection.Output;
param[2] = new SqlParameter("@PersonID", null);
param[2].DbType = DbType.Int32;
param[2].Direction = ParameterDirection.Output;
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));
dbconnection.Close();
try
{
user.UserID = Convert.ToInt32(param[1].Value.ToString());
if (param[2].Value != DBNull.Value)
user.PersonID = Convert.ToInt32(param[2].Value.ToString());
}
catch { }
if (user.UserID != 0)
{
loginsuccess = true;
sm.Session().UserID = user.UserID;
sm.Session().PersonID = user.PersonID;
sm.Session().LoginDate = DateTime.Now;
Session session = sm.Session();
SessionUpdate(ref session);
}
}
catch (Exception ex)
{
throw ex;
}
}
return loginsuccess && ldapLoginSuccess;
}
private void DrawProfilesModule()
{
Proxy.Utilities.DataIO data = new Proxy.Utilities.DataIO();
SessionManagement sm = new SessionManagement();
string subject = sm.Session().SessionID.ToString();
if (sm.Session().UserID == 0)
Response.Redirect(Root.Domain + "/search");
litBackLink.Text = "<b>Search Proxies</b>";
if (Request.QueryString["fname"] != null)
{
txtFirstName.Text = Request.QueryString["fname"];
this.Fname = Request.QueryString["fname"];
}
if (Request.QueryString["lname"] != null)
{
txtLastName.Text = Request.QueryString["lname"];
this.Lname = Request.QueryString["lname"];
}
drpInstitution.DataSource = data.GetInstitutions();
drpInstitution.DataTextField = "Text";
drpInstitution.DataValueField = "Value";
drpInstitution.DataBind();
drpInstitution.Items.Insert(0, new ListItem("--Select--"));
if (Request.QueryString["institution"] != null)
{
drpInstitution.SelectedIndex = drpInstitution.Items.IndexOf(drpInstitution.Items.FindByText(Request.QueryString["institution"]));
this.Institution = Request.QueryString["institution"];
}
drpDepartment.DataSource = data.GetDepartments();
drpDepartment.DataTextField = "Text";
drpDepartment.DataValueField = "Value";
drpDepartment.DataBind();
drpDepartment.Items.Insert(0, new ListItem("--Select--"));
if (Request.QueryString["department"] != null)
{
drpDepartment.SelectedIndex = drpDepartment.Items.IndexOf(drpDepartment.Items.FindByText(Request.QueryString["department"]));
this.Department = Request.QueryString["department"];
}
drpInstitutionPermissions.DataSource = data.GetInstitutions();
drpInstitutionPermissions.DataTextField = "Text";
drpInstitutionPermissions.DataValueField = "Value";
drpInstitutionPermissions.DataBind();
drpInstitutionPermissions.Items.Insert(0, new ListItem("All"));
drpDepartmentPermissions.DataSource = data.GetDepartments();
drpDepartmentPermissions.DataTextField = "Text";
drpDepartmentPermissions.DataValueField = "Value";
drpDepartmentPermissions.DataBind();
drpDepartmentPermissions.Items.Insert(0, new ListItem("All"));
this.Subject = Convert.ToInt64(Request.QueryString["subject"]);
if (Request.QueryString["offset"] != null && Request.QueryString["totalrows"] != null)
{
this.ExecuteSearch(false);
}
}
private OpenSocialManager(string ownerUri, Page page, bool editMode)
{
this.guid = Guid.NewGuid();
this.isDebug = page.Session != null && page.Session[OPENSOCIAL_DEBUG] != null && (bool)page.Session[OPENSOCIAL_DEBUG];
this.noCache = page.Session != null && page.Session[OPENSOCIAL_NOCACHE] != null && (bool)page.Session[OPENSOCIAL_NOCACHE];
this.page = page;
this.pageName = page.AppRelativeVirtualPath.Substring(2).ToLower();
DebugLogging.Log("Creating OpenSocialManager for " + ownerUri + ", " + pageName);
if (shindigURL == null)
{
// do nothing
return;
}
this.ownerUri = ownerUri;
// in editMode we need to set the viewer to be the same as the owner
// otherwise, the gadget will not be able to save appData correctly
if (editMode)
{
viewerUri = ownerUri;
}
else
{
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
viewerUri = sm.Session().PersonURI;
if (viewerUri != null && viewerUri.Trim().Length == 0)
{
viewerUri = null;
}
}
string requestAppId = page.Request.QueryString["appId"];
DebugLogging.Log("OpenSocialManager GetAllDBGadgets " + !noCache);
Dictionary <string, GadgetSpec> allDBGadgets = GetAllDBGadgets(!noCache);
// if someone used the sandbox to log in, grab those gadgets refreshed from the DB
if (page.Session != null && (string)page.Session[OPENSOCIAL_GADGETS] != null)
{
gadgets = GetSandboxGadgets(allDBGadgets, requestAppId);
}
else
{
DebugLogging.Log("OpenSocialManager GetSecurityToken " + !noCache);
foreach (GadgetSpec gadgetSpec in allDBGadgets.Values)
{
// only add ones that are visible in this context!
int moduleId = 0;
if (((requestAppId == null && gadgetSpec.IsEnabled()) || gadgetSpec.GetAppId() == Convert.ToInt32(requestAppId)) && gadgetSpec.Show(viewerUri, ownerUri, GetPageName()))
{
String securityToken = SocketSendReceive(viewerUri, ownerUri, gadgetSpec.GetGadgetURL());
gadgets.Add(new PreparedGadget(gadgetSpec, this, moduleId++, securityToken));
}
}
}
// if we are in edit mode, clear the cache
if (editMode)
{
ClearOwnerCache();
}
// sort the gadgets
DebugLogging.Log("Visible Gadget Count : " + gadgets.Count);
gadgets.Sort();
}
public Int64 AddNewEntity(string label, string classuri)
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlParameter[] param = new SqlParameter[5];
string error = string.Empty;
dbconnection.Open();
param[0] = new SqlParameter("@label", label);
param[1] = new SqlParameter("@EntityClassURI", classuri);
param[2] = new SqlParameter("@ForceNewEntity", 1);
param[3] = new SqlParameter("@SessionID", sm.Session().SessionID);
param[4] = new SqlParameter("@NodeID", null);
param[4].DbType = DbType.Int64;
param[4].Direction = ParameterDirection.Output;
SqlCommand comm = GetDBCommand(ref dbconnection, "[RDF.].GetStoreNode", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param);
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(comm);
comm.Connection.Close();
if (dbconnection.State == ConnectionState.Open)
dbconnection.Close();
return Convert.ToInt64(param[4].Value.ToString());
}
private bool StoreAwardReceipt(StoreAwardReceiptRequest sarr)
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlParameter[] param = new SqlParameter[sarr.Length];
bool error = false;
try
{
dbconnection.Open();
if (sarr.ExistingAwardReceiptURI != null)
param[sarr.ExistingAwardReceiptURI.ParamOrdinal] = new SqlParameter("@ExistingAwardReceiptURI", sarr.ExistingAwardReceiptURI.Value);
if (sarr.AwardOrHonorForID != null)
param[sarr.AwardOrHonorForID.ParamOrdinal] = new SqlParameter("@awardOrHonorForID", Convert.ToInt64(sarr.AwardOrHonorForID.Value));
if (sarr.Label != null)
param[sarr.Label.ParamOrdinal] = new SqlParameter("@Label", sarr.Label.Value.ToString());
if (sarr.AwardConferedBy != null)
param[sarr.AwardConferedBy.ParamOrdinal] = new SqlParameter("@awardConferredBy", sarr.AwardConferedBy.Value.ToString());
if (sarr.StartDate != null)
param[sarr.StartDate.ParamOrdinal] = new SqlParameter("@startDate", sarr.StartDate.Value.ToString());
if (sarr.EndDate != null)
param[sarr.EndDate.ParamOrdinal] = new SqlParameter("@endDate", sarr.EndDate.Value.ToString());
param[sarr.Length - 3] = new SqlParameter("@sessionID", sm.Session().SessionID);
param[sarr.Length - 2] = new SqlParameter("@error", null);
param[sarr.Length - 2].DbType = DbType.Boolean;
param[sarr.Length - 2].Direction = ParameterDirection.Output;
param[sarr.Length - 1] = new SqlParameter("@nodeid", null);
param[sarr.Length - 1].DbType = DbType.Int64;
param[sarr.Length - 1].Direction = ParameterDirection.Output;
SqlCommand comm = GetDBCommand(ref dbconnection, "[Edit.Module].[CustomEditAwardOrHonor.StoreItem]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param);
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(comm);
comm.Connection.Close();
if (dbconnection.State != ConnectionState.Closed)
dbconnection.Close();
error = Convert.ToBoolean(param[sarr.Length - 2].Value);
}
catch (Exception e)
{
Framework.Utilities.DebugLogging.Log(e.Message + e.StackTrace);
throw new Exception(e.Message);
}
return error;
}
private OpenSocialManager(string ownerUri, Page page, bool editMode)
{
this.guid = Guid.NewGuid();
this.isDebug = page.Session != null && page.Session[ORNG_DEBUG] != null && (bool)page.Session[ORNG_DEBUG];
this.noCache = page.Session != null && page.Session[ORNG_NOCACHE] != null && (bool)page.Session[ORNG_NOCACHE];
this.page = page;
this.pageName = page.AppRelativeVirtualPath.Substring(2).ToLower();
DebugLogging.Log("Creating OpenSocialManager for " + ownerUri + ", " + pageName);
if (shindigURL == null)
{
// do nothing
return;
}
this.ownerUri = ownerUri;
// in editMode we need to set the viewer to be the same as the owner
// otherwise, the gadget will not be able to save appData correctly
if (editMode)
{
viewerUri = ownerUri;
}
else
{
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
// if they have a Profile, use the Profile URI otherwise use the User URI. This allows admins and other folks without profile pages to use gadgets
if (sm.Session().PersonURI != null && sm.Session().PersonURI.Trim().Length > 0)
{
viewerUri = sm.Session().PersonURI;
}
else
{
viewerUri = sm.Session().UserURI;
}
if (viewerUri != null && viewerUri.Trim().Length == 0)
{
viewerUri = null;
}
}
string requestAppId = page.Request.QueryString["appId"];
foreach (GadgetSpec gadgetSpec in GetGadgetSpecifications())
{
// only add ones that are visible in this context!
if (((requestAppId == null && gadgetSpec.IsEnabled()) || gadgetSpec.GetAppId() == Convert.ToInt32(requestAppId)) && gadgetSpec.Show(viewerUri, ownerUri, GetPageName()))
{
gadgets.Add(new PreparedGadget(gadgetSpec, this));
}
}
// if we are in edit mode, clear the cache
if (editMode)
{
ClearOwnerCache();
}
// sort the gadgets
DebugLogging.Log("Visible Gadget Count : " + gadgets.Count);
gadgets.Sort();
}
private Int64 GetNodeId(StoreNodeRequest snr)
{
System.Web.HttpBrowserCapabilities browser = HttpContext.Current.Request.Browser;
if (snr.Value.Value.ToString().Contains(Environment.NewLine) && browser.Browser == "IE")
{
snr.Value.Value = snr.Value.Value.ToString().Replace(Environment.NewLine, ("\n"));
}
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlParameter[] param = new SqlParameter[snr.Length];
string error = string.Empty;
dbconnection.Open();
if (snr.Value != null)
param[snr.Value.ParamOrdinal] = new SqlParameter("@value", snr.Value.Value);
if (snr.Langauge != null)
param[snr.Langauge.ParamOrdinal] = new SqlParameter("@language", null);
if (snr.DataType != null)
param[snr.DataType.ParamOrdinal] = new SqlParameter("@DataType", null);
param[snr.Length - 3] = new SqlParameter("@SessionID", sm.Session().SessionID);
param[snr.Length - 2] = new SqlParameter("@Error", null);
param[snr.Length - 2].Size = 1;
param[snr.Length - 2].DbType = DbType.String;
param[snr.Length - 2].Direction = ParameterDirection.Output;
param[snr.Length - 1] = new SqlParameter("@NodeID", null);
param[snr.Length - 1].DbType = DbType.Int64;
param[snr.Length - 1].Direction = ParameterDirection.Output;
using (var cmd = GetDBCommand(dbconnection, "[RDF.].GetStoreNode", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param))
{
try
{
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(cmd);
}
finally
{
SqlConnection.ClearPool(dbconnection);
cmd.Connection.Close();
cmd.Dispose();
}
}
return Convert.ToInt64(param[snr.Length - 1].Value.ToString());
}
private OpenSocialManager(string ownerId, Page page, bool editMode)
{
this.guid = Guid.NewGuid();
managers.Add(new WeakReference(this));
this.isDebug = page.Session != null && page.Session[OPENSOCIAL_DEBUG] != null && (bool)page.Session[OPENSOCIAL_DEBUG];
this.noCache = page.Session != null && page.Session[OPENSOCIAL_NOCACHE] != null && (bool)page.Session[OPENSOCIAL_NOCACHE];
this.page = page;
this.pageName = page.AppRelativeVirtualPath.Substring(2).ToLower();
DebugLogging.Log("Creating OpenSocialManager for " + ownerId + ", " + pageName);
if (ConfigurationManager.AppSettings["OpenSocial.ShindigURL"] == null)
{
// do nothing
return;
}
this.ownerId = ownerId;
// in editMode we need to set the viewer to be the same as the owner
// otherwise, the gadget will not be able to save appData correctly
if (editMode)
{
viewerId = ownerId;
}
else
{
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
viewerId = sm.Session().PersonURI;
if (viewerId != null && viewerId.Trim().Length == 0)
{
viewerId = null;
}
}
string requestAppId = page.Request.QueryString["appId"];
DebugLogging.Log("OpenSocialManager GetAllDBGadgets " + !noCache);
Dictionary<string, GadgetSpec> allDBGadgets = GetAllDBGadgets(!noCache);
// if someone used the sandbox to log in, grab those gadgets refreshed from the DB
if (page.Session != null && (string)page.Session[OPENSOCIAL_GADGETS] != null)
{
gadgets = GetSandboxGadgets(allDBGadgets, requestAppId);
}
else
{
DebugLogging.Log("OpenSocialManager GetSecurityToken " + !noCache);
foreach (GadgetSpec gadgetSpec in allDBGadgets.Values)
{
// only add ones that are visible in this context!
int moduleId = 0;
if (((requestAppId == null && gadgetSpec.IsEnabled()) || gadgetSpec.GetAppId() == Convert.ToInt32(requestAppId)) && gadgetSpec.Show(viewerId, ownerId, GetPageName()))
{
String securityToken = SocketSendReceive(viewerId, ownerId, gadgetSpec.GetGadgetURL());
gadgets.Add(new PreparedGadget(gadgetSpec, this, moduleId++, securityToken));
}
}
}
// sort the gadgets
DebugLogging.Log("Visible Gadget Count : " + gadgets.Count);
gadgets.Sort();
}
private bool GetStoreTriple(StoreTripleRequest str)
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlParameter[] param = new SqlParameter[str.Length];
bool error = false;
try
{
dbconnection.Open();
if (str.Subject != null)
param[str.Subject.ParamOrdinal] = new SqlParameter("@subjectid", Convert.ToInt64(str.Subject.Value));
if (str.Predicate != null)
param[str.Predicate.ParamOrdinal] = new SqlParameter("@predicateid", Convert.ToInt64(str.Predicate.Value));
if (str.Object != null)
param[str.Object.ParamOrdinal] = new SqlParameter("@objectid", Convert.ToInt64(str.Object.Value));
if (str.OldObject != null)
param[str.OldObject.ParamOrdinal] = new SqlParameter("@oldobjectid", Convert.ToInt64(str.OldObject.Value));
if (str.MoveUpOne != null)
param[str.MoveUpOne.ParamOrdinal] = new SqlParameter("@MoveUpOne", Convert.ToInt16(str.MoveUpOne.Value));
if (str.MoveDownOne != null)
param[str.MoveDownOne.ParamOrdinal] = new SqlParameter("@MoveDownOne", Convert.ToInt16(str.MoveDownOne.Value));
if (str.StoreInverse != null)
param[str.StoreInverse.ParamOrdinal] = new SqlParameter("@StoreInverse", Convert.ToInt16(str.StoreInverse.Value));
param[str.Length - 2] = new SqlParameter("@sessionID", sm.Session().SessionID);
param[str.Length - 1] = new SqlParameter("@error", null);
param[str.Length - 1].DbType = DbType.Boolean;
param[str.Length - 1].Direction = ParameterDirection.Output;
using (var cmd = GetDBCommand("", "[RDF.].GetStoreTriple", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param))
{
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(cmd);
cmd.Connection.Close();
}
error = Convert.ToBoolean(param[str.Length - 1].Value);
Framework.Utilities.Cache.AlterDependency(str.Subject.Value.ToString());
}
catch (Exception e)
{
Framework.Utilities.DebugLogging.Log(e.Message + e.StackTrace);
throw new Exception(e.Message);
}
return error;
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["method"].ToString() == "logout")
{
sm.SessionLogout();
sm.SessionDestroy();
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else if (Request.QueryString["method"].ToString() == "shibboleth")
{
// added by Eric
// If they specify an Idp, then check that they logged in from the configured IDP
bool authenticated = false;
if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null ||
ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase))
{
String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078";
if (userName != null && userName.Trim().Length > 0)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = userName;
if (data.UserLoginExternal(ref user))
{
authenticated = true;
RedirectAuthenticatedUser();
}
}
}
if (!authenticated)
{
// try and just put their name in the session.
sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName");
RedirectAuthenticatedUser();
}
}
else if (Request.QueryString["method"].ToString() == "login")
{
// see if they already have a login session, if so don't send them to shibboleth
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
String viewerId = sm.Session().PersonURI;
if (viewerId != null && viewerId.Trim().Length > 0)
{
RedirectAuthenticatedUser();
}
else
{
string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
redirect += "&edit=true";
else
redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();
Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
HttpUtility.UrlEncode(redirect));
}
}
}
}
private bool StoreEducationalTrainingReceipt(EducationalTrainingRequest eatr)
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlParameter[] param = new SqlParameter[eatr.Length];
bool error = false;
try
{
dbconnection.Open();
if (eatr.ExistingEducationalTrainingURI != null)
param[eatr.ExistingEducationalTrainingURI.ParamOrdinal] = new SqlParameter("@ExistingEducationalTrainingURI", eatr.ExistingEducationalTrainingURI.Value);
if (eatr.EducationalTrainingForID != null)
param[eatr.EducationalTrainingForID.ParamOrdinal] = new SqlParameter("@educationalTrainingForID", Convert.ToInt64(eatr.EducationalTrainingForID.Value));
if (eatr.Institution != null)
param[eatr.Institution.ParamOrdinal] = new SqlParameter("@institution", eatr.Institution.Value.ToString());
if (eatr.Location != null)
param[eatr.Location.ParamOrdinal] = new SqlParameter("@location", eatr.Location.Value.ToString());
if (eatr.Degree != null)
param[eatr.Degree.ParamOrdinal] = new SqlParameter("@degree", eatr.Degree.Value.ToString());
if (eatr.EndDate != null)
param[eatr.EndDate.ParamOrdinal] = new SqlParameter("@endDate", eatr.EndDate.Value.ToString());
if (eatr.FieldOfStudy != null)
param[eatr.FieldOfStudy.ParamOrdinal] = new SqlParameter("@fieldOfStudy", eatr.FieldOfStudy.Value.ToString());
param[eatr.Length - 3] = new SqlParameter("@sessionID", sm.Session().SessionID);
param[eatr.Length - 2] = new SqlParameter("@error", null);
param[eatr.Length - 2].DbType = DbType.Boolean;
param[eatr.Length - 2].Direction = ParameterDirection.Output;
param[eatr.Length - 1] = new SqlParameter("@nodeid", null);
param[eatr.Length - 1].DbType = DbType.Int64;
param[eatr.Length - 1].Direction = ParameterDirection.Output;
// TODO
SqlCommand comm = GetDBCommand(ref dbconnection, "[Edit.Module].[CustomEditEducationalTraining.StoreItem]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param);
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(comm);
comm.Connection.Close();
if (dbconnection.State != ConnectionState.Closed)
dbconnection.Close();
error = Convert.ToBoolean(param[eatr.Length - 2].Value);
Framework.Utilities.Cache.AlterDependency(eatr.EducationalTrainingForID.Value.ToString());
}
catch (Exception e)
{
Framework.Utilities.DebugLogging.Log(e.Message + e.StackTrace);
throw new Exception(e.Message);
}
return error;
}
public SqlDataReader GetActiveNetwork(Int64 subject, bool details)
{
SqlDataReader dbreader = null;
SessionManagement sm = new SessionManagement();
XmlDocument data = new XmlDocument();
try
{
SqlParameter[] param = new SqlParameter[3];
param[0] = new SqlParameter("@SessionID", sm.Session().SessionID);
param[1] = new SqlParameter("@Details", details);
if (subject == 0)
param[2] = new SqlParameter("@Subject", DBNull.Value);
else
param[2] = new SqlParameter("@Subject", subject);
dbreader = GetSQLDataReader(GetDBCommand("", "[user.account].[relationship.getrelationship]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));
}
catch (Exception ex)
{
Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace);
}
return dbreader;
}
public bool DeleteTriple(Int64 subjectid, Int64 predicateid, Int64 objectid)
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlCommand dbcommand = new SqlCommand();
SqlParameter[] param = new SqlParameter[6];
bool error = false;
try
{
param[0] = new SqlParameter("@SubjectID", subjectid);
param[1] = new SqlParameter("@PredicateID", predicateid);
param[2] = new SqlParameter("@ObjectID", objectid);
param[3] = new SqlParameter("@SessionID", sm.Session().SessionID);
param[4] = new SqlParameter("@DeleteInverse", 1);
param[5] = new SqlParameter("@Error", "");
param[5].DbType = DbType.Boolean;
param[5].Direction = ParameterDirection.Output;
SqlCommand comm = GetDBCommand(ref dbconnection, "[RDF.].DeleteTriple", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param);
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(comm);
comm.Connection.Close();
if (dbconnection.State == ConnectionState.Open)
dbconnection.Close();
error = Convert.ToBoolean(param[5].Value);
Framework.Utilities.Cache.AlterDependency(subjectid.ToString());
if (error)
Framework.Utilities.DebugLogging.Log("Delete Triple blew up with the following values -- {[RDF.].DeleteTriple} DeleteInverse: 1 SubjectID:" + subjectid.ToString() + " PredicateID:" + predicateid.ToString() + " ObjectID:" + objectid.ToString() + " SessionID:" + sm.Session().SessionID);
}
catch (Exception e)
{
Framework.Utilities.DebugLogging.Log(e.Message + e.StackTrace);
throw new Exception(e.Message);
}
return error;
}
public Int64 GetSessionSecurityGroup()
{
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SessionManagement sm = new SessionManagement();
SqlConnection dbconnection = new SqlConnection(connstr);
Int64 accesscode = 0;
SqlParameter[] param;
param = new SqlParameter[6];
SqlCommand dbcommand = new SqlCommand();
dbconnection.Open();
dbcommand.CommandTimeout = this.GetCommandTimeout();
param[0] = new SqlParameter("@SessionID", sm.Session().SessionID);
param[1] = new SqlParameter("@securitygroupid", 0);
param[1].Direction = ParameterDirection.Output;
param[2] = new SqlParameter("@hasspecialviewaccess", 0);
param[2].Direction = ParameterDirection.Output;
param[3] = new SqlParameter("@hasspecialeditaccess", 0);
param[3].Direction = ParameterDirection.Output;
dbcommand.Connection = dbconnection;
try
{
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[RDF.Security].[GetSessionSecurityGroup]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));
}
catch (Exception ex) { }
dbcommand.Connection.Close();
if (param[1] != null)
accesscode = Convert.ToInt64(param[1].Value);
return accesscode;
}
protected void Page_Load(object sender, EventArgs e)
{
sm = new SessionManagement();
if (sm.Session().UserID == 0)
Response.Redirect(Root.Domain + "/search");
// UCSF DrawProfilesModule();
}
public void SetActiveNetwork(Int64 subject, string relationshiptype, bool settoexists)
{
SessionManagement sm = new SessionManagement();
try
{
SqlParameter[] param = new SqlParameter[4];
param[0] = new SqlParameter("@SessionID", sm.Session().SessionID);
param[1] = new SqlParameter("@Subject", subject);
if (relationshiptype == null)
param[2] = new SqlParameter("@RelationshipType", DBNull.Value);
else
param[2] = new SqlParameter("@RelationshipType", relationshiptype);
param[3] = new SqlParameter("@SetToExists", settoexists);
GetDBCommand("", "[user.account].[relationship.setrelationship]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param).ExecuteNonQuery();
}
catch (Exception ex)
{
Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace);
}
}
//***************************************************************************************************************************************
private void ProcessRequest()
{
Framework.Utilities.DebugLogging.Log("{REST.aspx.cs} ProcessRequest() start ");
string param0 = string.Empty; //Application Name {default for this install is profile}
string param1 = string.Empty;
string param2 = string.Empty;
string param3 = string.Empty;
string param4 = string.Empty;
string param5 = string.Empty;
string param6 = string.Empty;
string param7 = string.Empty;
string param8 = string.Empty;
string param9 = string.Empty;
XmlDocument frameworkurl = new XmlDocument();
if (HttpContext.Current.Items["Param0"] != null)
{
param0 = HttpContext.Current.Items["Param0"].ToString();
}
else { }
if (HttpContext.Current.Items["Param1"] != null)
{
param1 = HttpContext.Current.Items["Param1"].ToString();
}
else { }
if (HttpContext.Current.Items["Param2"] != null)
{
param2 = HttpContext.Current.Items["Param2"].ToString();
}
else { }
if (HttpContext.Current.Items["Param3"] != null)
{
param3 = HttpContext.Current.Items["Param3"].ToString();
}
else { }
if (HttpContext.Current.Items["Param4"] != null)
{
param4 = HttpContext.Current.Items["Param4"].ToString();
}
else { }
if (HttpContext.Current.Items["Param5"] != null)
{
param5 = HttpContext.Current.Items["Param5"].ToString();
}
else { }
if (HttpContext.Current.Items["Param6"] != null)
{
param6 = HttpContext.Current.Items["Param6"].ToString();
}
else { }
if (HttpContext.Current.Items["Param7"] != null)
{
param7 = HttpContext.Current.Items["Param7"].ToString();
}
else { }
if (HttpContext.Current.Items["Param8"] != null)
{
param8 = HttpContext.Current.Items["Param8"].ToString();
}
else { }
if (HttpContext.Current.Items["Param9"] != null)
{
param9 = HttpContext.Current.Items["Param9"].ToString();
}
else { }
DataIO data = new DataIO();
//Alias.aspx is the hub for maintaining session state. With the exception of a log in Function.
//the Framework.Session is created and loaded into memory at the point a user session is created in the Global.asax file.
//When a session has expired the Framework.Session.SessionLogout() method is called.
SessionManagement sessionmanagement = new SessionManagement();
Session session = sessionmanagement.Session();
URLResolve resolve = data.GetResolvedURL(param0,
param1,
param2,
param3,
param4,
param5,
param6,
param7,
param8,
param9,
session.SessionID,
Root.Domain + Root.AbsolutePath,
session.UserAgent,
getBestAcceptType(HttpContext.Current.Request.AcceptTypes));
Framework.Utilities.DebugLogging.Log("{REST.aspx.cs} ProcessRequest() redirect=" + resolve.Redirect.ToString() + " to=>" + resolve.ResponseURL);
if (resolve.Resolved && !resolve.Redirect)
{
string URL = resolve.ResponseURL;
Server.Execute(HttpUtility.HtmlDecode(URL));
}
else if (resolve.Resolved && resolve.Redirect)
{
Response.Redirect(resolve.ResponseURL, true);
}
else
{
Response.Redirect(Root.Domain + "/search", true);
//Response.Write("<b>Debug 404-- Your URL does not match a known Profiles RESTful pattern ---</b><br/><br/> ");
//Response.Write("<br/>0: ");
//Response.Write(param0);
//Response.Write("<br/>1: ");
//Response.Write(param1);
//Response.Write("<br/>2: ");
//Response.Write(param2);
//Response.Write("<br/>3: ");
//Response.Write(param3);
//Response.Write("<br/>4: ");
//Response.Write(param4);
//Response.Write("<br/>5: ");
//Response.Write(param5);
//Response.Write("<br/>6: ");
//Response.Write(param6);
//Response.Write("<br/>7: ");
//Response.Write(param7);
//Response.Write("<br/>8: ");
//Response.Write(param8);
//Response.Write("<br/>9: ");
//Response.Write(param9);
//Response.Write("<br/><br/>Domain: ");
//Response.Write(Root.Domain);
//throw new Exception("custom 404 needed here");
}
Framework.Utilities.DebugLogging.Log("{REST.aspx.cs} ProcessRequest() end ");
}
public SqlDataReader GetPublications(RDFTriple request)
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlCommand dbcommand = new SqlCommand("[Profile.Module].[CustomViewAuthorInAuthorship.GetList]");
SqlDataReader dbreader;
dbconnection.Open();
dbcommand.CommandType = CommandType.StoredProcedure;
dbcommand.CommandTimeout = base.GetCommandTimeout();
dbcommand.Parameters.Add(new SqlParameter("@nodeid", request.Subject));
dbcommand.Parameters.Add(new SqlParameter("@sessionid", sm.Session().SessionID));
dbcommand.Connection = dbconnection;
dbreader = dbcommand.ExecuteReader(CommandBehavior.CloseConnection);
return dbreader;
}