private LoginStatus LoginVentureLogic(LoginInfo loginInfo) { LoginStatus loginStatus = null; Debug.WriteLine("AccountController.Venture LoginVentureLogic Authenticate User: "******"@")) //{ // string before = loginInfo.LoginID.Substring(0, loginInfo.LoginID.IndexOf("@")); // string mid = loginInfo.LoginID.Substring(loginInfo.LoginID.IndexOf("@") + 1); // if (mid.Contains(".")) // { // mid = mid.Substring(0, mid.IndexOf(".")); // } // loginInfo.LoginID = before; // loginInfo.Domain = mid; //} //string passkey = UtilityFunction.EncryptPassKey(loginInfo.LoginID); string passkey = UtilityFunction.EncryptPassKey(loginInfo.LoginID); string pwd = UtilityFunction.EncryptPassword(loginInfo.Password); // Debug.WriteLine("Authenticate User webclient.AuthenticateUser"); PackingFunction(); string validation = String.Empty; try { validation = UAS.Business.LocalClient.AuthenticateLocalUser(passkey, loginInfo.Domain, loginInfo.LoginID, loginInfo.Password); } catch (Exception excptn) { validation = "<record><errormessage>" + excptn.Message + "</errormessage></record>"; Debug.WriteLine("Authenticate User Venture exception: " + excptn.Message); } Debug.WriteLine("Authenticate User Venture validation: " + validation); if (!string.IsNullOrEmpty(validation)) { XmlDocument xDoc = new XmlDocument(); loginStatus = new LoginStatus(); try { xDoc.LoadXml(validation); loginStatus.UserID = Convert.ToInt32(xDoc.GetElementsByTagName("userid")[0].InnerText); loginStatus.EnterpriseID = Convert.ToInt32(xDoc.GetElementsByTagName("enterprise_id")[0].InnerText); /* Copied over by LAK, 1/28/2015 * Deleted by RRB 12/20/14 - Group is part of the groupPermissionSets * string groupId = xDoc.GetElementsByTagName("enterprise_id")[0].InnerText; * if ( !String.IsNullOrEmpty(groupId) ) * { * loginStatus.GroupID = Convert.ToInt32(groupId); * } */ // Fill with dummy for now - should probably be deleted from the structure. loginStatus.GroupID = 0; loginStatus.appGroupPermissions = new List <AppGroupPermissions>(); AppGroupPermissions agp = new AppGroupPermissions(); agp.groupPermissionSets = new List <GroupPermissionSet>(); string appId = xDoc.GetElementsByTagName("applicationid")[0].InnerText; if (!String.IsNullOrEmpty(appId)) { agp.ApplicationID = Convert.ToInt32(appId); } loginStatus.appGroupPermissions.Add(agp); // Get the Group Security Sets XmlNode nodeAppPerms = xDoc.SelectSingleNode("record/application_permissions"); XmlNodeList xnlGrpPrmList = nodeAppPerms.SelectNodes("group_permission"); bool enterpriseWideGroup = false; foreach (XmlNode xnGrpPrm in xnlGrpPrmList) { GroupPermissionSet gps = new GroupPermissionSet(); gps.GroupID = Convert.ToInt32(xnGrpPrm.Attributes.GetNamedItem("id").Value); if (gps.GroupID == 0) { enterpriseWideGroup = true; } gps.PermissionSet = xnGrpPrm.InnerText; loginStatus.appGroupPermissions[0].groupPermissionSets.Add(gps); } XmlNode nodeAuthGroups = nodeAppPerms.SelectSingleNode("authorizedGroups"); XmlNodeList xnlAuthGroupList = nodeAuthGroups.SelectNodes("groupId"); if (enterpriseWideGroup == false) { List <int> authGroups = new List <int>(); foreach (XmlNode xnAuthGroup in xnlAuthGroupList) { int grp = Convert.ToInt32(xnAuthGroup.InnerText); authGroups.Add(grp); } loginStatus.appGroupPermissions[0].authorizedGroups = authGroups;//.ToArray(); } else { loginStatus.appGroupPermissions[0].authorizedGroups = new int[] { 0 }.ToList(); } // loginStatus.PermissionSet = xDoc.GetElementsByTagName("permissions")[0].InnerText; if (loginStatus.appGroupPermissions.Count == 0 || loginStatus.appGroupPermissions[0].groupPermissionSets.Count == 0) { Exception e = new Exception(@"User not authorized for this application."); e.Data["noAuth"] = true; throw e; } loginStatus.Status = Convert.ToChar(xDoc.GetElementsByTagName("statusflag")[0].InnerText.Substring(0, 1)); loginStatus.UserKey = xDoc.GetElementsByTagName("userkey")[0].InnerText; loginStatus.EmailAddress = xDoc.GetElementsByTagName("useremail")[0].InnerText; loginStatus.FirstName = xDoc.GetElementsByTagName("userfirstname")[0].InnerText; loginStatus.LastName = xDoc.GetElementsByTagName("userlastname")[0].InnerText; Debug.WriteLine("AuthenticateUser FirstName LastName: " + loginStatus.FirstName + " " + loginStatus.LastName); loginStatus.SecureDomain = Convert.ToBoolean(xDoc.GetElementsByTagName("securedomain")[0].InnerText); loginStatus.IsAdmin = xDoc.GetElementsByTagName("role")[0].InnerText.ToLower().Contains("admin") ? true : false; loginStatus.ErrorMessage = xDoc.GetElementsByTagName("errormessage")[0].InnerText; Debug.WriteLine("AuthenticateUser ls.ErrorMessage: " + loginStatus.ErrorMessage); } catch (Exception excptn) { if (excptn.Data.Contains("noAuth")) { loginStatus.ErrorMessage = excptn.Message; Debug.WriteLine("Not authorized: " + excptn.Message); } else { string msg = "AuthenticateUser XML conversion exception: " + excptn.Message; Debug.WriteLine(msg); loginStatus.ErrorMessage = "Invalid username or password: "******"UserIsAdm"] = loginStatus.IsAdmin.ToString(); } } return(loginStatus); }
public SearchModel() { reviewAll = ReviewStatus.ReviewAll(); permConst = new UAS.Business.PermissionConstants(); VentureMode = SessionHelper.IsVentureMode; timeout = SessionHelper.SessionTotalTimeoutMinutes; try { if (SessionHelper.LoginStatus.appGroupPermissions[0].groupPermissionSets.Count() > 0) { string permSet = SessionHelper.LoginStatus.appGroupPermissions[0].groupPermissionSets[0].PermissionSet; edit = UAS_Business_Functions.hasPermission(permSet, UAS.Business.PermissionConstants.EDIT, UAS.Business.PermissionConstants.ASSMNTS); create = UAS_Business_Functions.hasPermission(permSet, UAS.Business.PermissionConstants.CREATE, UAS.Business.PermissionConstants.ASSMNTS); unlock = UAS_Business_Functions.hasPermission(permSet, UAS.Business.PermissionConstants.UNLOCK, UAS.Business.PermissionConstants.ASSMNTS); delete = UAS_Business_Functions.hasPermission(permSet, UAS.Business.PermissionConstants.DELETE, UAS.Business.PermissionConstants.ASSMNTS); archive = UAS_Business_Functions.hasPermission(permSet, UAS.Business.PermissionConstants.ARCHIVE, UAS.Business.PermissionConstants.ASSMNTS); undelete = UAS_Business_Functions.hasPermission(permSet, UAS.Business.PermissionConstants.UNDELETE, UAS.Business.PermissionConstants.ASSMNTS); editLocked = UAS_Business_Functions.hasPermission(permSet, UAS.Business.PermissionConstants.EDIT_LOCKED, UAS.Business.PermissionConstants.ASSMNTS); move = UAS_Business_Functions.hasPermission(permSet, UAS.Business.PermissionConstants.MOVE, UAS.Business.PermissionConstants.ASSMNTS); } } catch (Exception ex) { Debug.WriteLine("Missing permissoin: " + ex.Message); } searchPref = false; profilePref = false; passPref = false; showSearch = true; UASEntities UASContext = DataContext.getUasDbContext(); numAssmnts = getNumAssmnts(UASContext); EntAppConfig patternsForEnterprise = null; if (!SessionHelper.IsVentureMode) { AuthenticationClient webclient = new AuthenticationClient(); var entConfig = webclient.GetEntAppConfigByEnumAndEnt("PATTERN_CHECK", SessionHelper.LoginStatus.EnterpriseID); if (entConfig != null && entConfig.ConfigValue == bool.TrueString) { if ( UAS_Business_Functions.hasPermission( SessionHelper.LoginStatus.appGroupPermissions[0].groupPermissionSets[0].PermissionSet, PermissionConstants.PATT_CHECK, PermissionConstants.ASSMNTS)) { ShowPatternCheck = true; } } patternsForEnterprise = webclient.GetEntAppConfigByEnumAndEnt("PATTERNS_FOR_ENTERPRISE", SessionHelper.LoginStatus.EnterpriseID); if (patternsForEnterprise == null) { patternsForEnterprise = webclient.GetEntAppConfigByEnumAndEnt("PATTERNS_FOR_ENTERPRISE", 0); } } //int grpPerm0Id = Assmnts.Infrastructure.SessionHelper.LoginStatus.appGroupPermissions[0].groupPermissionSets[0].GroupID; //int grpPerm1Id; //if (Assmnts.Infrastructure.SessionHelper.LoginStatus.appGroupPermissions[0].groupPermissionSets.Count() > 1) //{ // grpPerm1Id = Assmnts.Infrastructure.SessionHelper.LoginStatus.appGroupPermissions[0].groupPermissionSets[1].GroupID; //} //else //{ // grpPerm1Id = grpPerm0Id; //} /* ************************************************************** * The statements below need to be replaced with pulling a variable * from the web.config file. * 'VentureMode'. * * Done 2/13/15 LK * Move up in function so can use to get timeout value if neccessary * 5/15/15 LK #12554 * * ************************************************************** */ //if (!String.IsNullOrEmpty(strVentureMode)) //{ // OfflineMode = Convert.ToBoolean(strVentureMode); //} /* string currentPath = System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().GetName().CodeBase); * OfflineMode = (currentPath.ToLower().Contains("venture")) ? true : false; */ ShowAllAssessmentsForRecipient = false; // Do not show all assessments for Recipient by default. DetailSearchCriteria = new SearchCriteria(); DetailSearchCriteria.InterviewerList = new List <SelectListItem>(); DetailSearchCriteria.EnterpriseList = new List <SelectListItem>(); DetailSearchCriteria.GroupList = new List <SelectListItem>(); DetailSearchCriteria.PatternList = new List <SelectListItem>(); DetailSearchCriteria.SelectedInterviewers = new List <string>(); DetailSearchCriteria.SelectedEnts = new List <int>(); DetailSearchCriteria.SelectedGroups = new List <int>(); List <string> interviewers = new List <string>(); List <uas_Group> groups = new List <uas_Group>(); List <uas_Enterprise> ents = new List <uas_Enterprise>(); int entId = Assmnts.Infrastructure.SessionHelper.LoginStatus.EnterpriseID; if (entId == 0) { interviewers = (from i in UASContext.uas_User select i.LoginID).ToList(); groups = (from g in UASContext.uas_Group select g).ToList(); ents = (from e in UASContext.uas_Enterprise select e).ToList(); } else { interviewers = (from i in UASContext.uas_User where i.EnterpriseID == entId select i.LoginID).ToList(); ents = (from e in UASContext.uas_Enterprise where e.EnterpriseID == entId select e).ToList(); //if (grpPerm0Id == 0) //{ // using (var UASContext = new SISEntities()) // { // groups = (from g in UASContext.uas_Group // where g.EnterpriseID == entId // select g).ToList(); // } //} //else //{ try { if (SessionHelper.LoginStatus.appGroupPermissions[0].authorizedGroups[0] == 0) { groups = UASContext.uas_Group.Where(g => g.EnterpriseID == entId).ToList(); //auth.GetGroupsByEnterprise(auth.GetEnterprise(entId)).Select(h => UASContext.uas_Group.FirstOrDefault(g => g.GroupID == h.GroupID)).ToList(); } else { AppGroupPermissions agp = SessionHelper.LoginStatus.appGroupPermissions[0]; groups = UASContext.uas_Group.Where(g => agp.authorizedGroups.Contains(g.GroupID)).ToList(); //auth.GetChildGroups(entId, SessionHelper.LoginStatus.appGroupPermissions[0].authorizedGroups[0]) //.Where(id => id > -1) //.Select(groupId => UASContext.uas_Group.FirstOrDefault(g => g.GroupID == groupId)).ToList(); //groups = (from g in UASContext.uas_Group // where g.EnterpriseID == entId // && (g.GroupID == grpPerm0Id // || g.GroupID == grpPerm1Id) // select g).ToList(); } } //} catch (Exception ex) { Debug.WriteLine(ex.Message); } } foreach (string interviewer in interviewers) { SelectListItem interviewerListItem = new SelectListItem() { Text = interviewer, Value = interviewer }; DetailSearchCriteria.InterviewerList.Add(interviewerListItem); } foreach (uas_Group group in groups) { SelectListItem groupListItem = new SelectListItem() { Text = group.GroupName, Value = group.GroupID.ToString() }; DetailSearchCriteria.GroupList.Add(groupListItem); } bool admin = false; foreach (int grp in SessionHelper.LoginStatus.appGroupPermissions[0].authorizedGroups) { if (grp == 0) { admin = true; break; } } foreach (uas_Enterprise ent in ents) { SelectListItem entListItem = new SelectListItem() { Text = ent.EnterpriseName, Value = ent.EnterpriseID.ToString() }; // if user is enterprise admin, show enterprise if (SessionHelper.LoginStatus.appGroupPermissions[0].authorizedGroups[0] == 0 || admin) { DetailSearchCriteria.EnterpriseList.Add(entListItem); } } // add patterns if (!SessionHelper.IsVentureMode && patternsForEnterprise.ConfigValue.Contains("1")) { DetailSearchCriteria.PatternList.Add(new SelectListItem() { Value = "1", Text = "1. Important To, Important For Utilization Check" }); } if (!SessionHelper.IsVentureMode && patternsForEnterprise.ConfigValue.Contains("2")) { DetailSearchCriteria.PatternList.Add(new SelectListItem() { Value = "2", Text = "2. Learning Job Skills Typical Person Standard Check" }); } if (!SessionHelper.IsVentureMode && patternsForEnterprise.ConfigValue.Contains("3")) { DetailSearchCriteria.PatternList.Add(new SelectListItem() { Value = "3", Text = "3. Transportation Consistency Check" }); } if (!SessionHelper.IsVentureMode && patternsForEnterprise.ConfigValue.Contains("4")) { DetailSearchCriteria.PatternList.Add(new SelectListItem() { Value = "4", Text = "4. Relationship \"Typical Person Standard\" Check" }); } if (!SessionHelper.IsVentureMode && patternsForEnterprise.ConfigValue.Contains("5")) { DetailSearchCriteria.PatternList.Add(new SelectListItem() { Value = "5", Text = "5. Sexual Aggression Community Safety Consistency Check" }); } if (!SessionHelper.IsVentureMode && patternsForEnterprise.ConfigValue.Contains("6")) { DetailSearchCriteria.PatternList.Add(new SelectListItem() { Value = "6", Text = "6. Ambulation Consistency Check" }); } }
/// <summary> /// Takes validation XML and creates a login status. /// </summary> /// <param name="authResult"></param> /// <returns></returns> private LoginStatus ProcessSsoAuth(string authResult) { LoginStatus loginStatus = new LoginStatus(); if (!string.IsNullOrEmpty(authResult)) { XmlDocument xDoc = new XmlDocument(); try { xDoc.LoadXml(authResult); loginStatus.UserID = Convert.ToInt32(xDoc.GetElementsByTagName("userid")[0].InnerText); loginStatus.EnterpriseID = Convert.ToInt32(xDoc.GetElementsByTagName("enterprise_id")[0].InnerText); // Fill with dummy for now - should probably be deleted from the structure. loginStatus.GroupID = 0; loginStatus.appGroupPermissions = new List <AppGroupPermissions>(); AppGroupPermissions agp = new AppGroupPermissions(); agp.groupPermissionSets = new List <GroupPermissionSet>(); string appId = xDoc.GetElementsByTagName("applicationid")[0].InnerText; if (!String.IsNullOrEmpty(appId)) { agp.ApplicationID = Convert.ToInt32(appId); } loginStatus.appGroupPermissions.Add(agp); // Get the Group Security Sets XmlNode nodeAppPerms = xDoc.SelectSingleNode("record/application_permissions"); XmlNodeList xnlGrpPrmList = nodeAppPerms.SelectNodes("group_permission"); bool enterpriseWideGroup = false; foreach (XmlNode xnGrpPrm in xnlGrpPrmList) { GroupPermissionSet gps = new GroupPermissionSet(); gps.GroupID = Convert.ToInt32(xnGrpPrm.Attributes.GetNamedItem("id").Value); if (gps.GroupID == 0) { enterpriseWideGroup = true; } gps.PermissionSet = xnGrpPrm.InnerText; loginStatus.appGroupPermissions[0].groupPermissionSets.Add(gps); } if (loginStatus.appGroupPermissions.Count == 0 || loginStatus.appGroupPermissions[0].groupPermissionSets.Count == 0) { Exception e = new Exception(@"User not authorized for this application."); e.Data["noAuth"] = true; throw e; } XmlNode nodeAuthGroups = nodeAppPerms.SelectSingleNode("authorizedGroups"); XmlNodeList xnlAuthGroupList = nodeAuthGroups.SelectNodes("groupId"); if (enterpriseWideGroup == false) { List <int> authGroups = new List <int>(); foreach (XmlNode xnAuthGroup in xnlAuthGroupList) { int grp = Convert.ToInt32(xnAuthGroup.InnerText); authGroups.Add(grp); } loginStatus.appGroupPermissions[0].authorizedGroups = authGroups; //.ToArray(); } else { loginStatus.appGroupPermissions[0].authorizedGroups = new int[1] { 0 }.ToList(); } // loginStatus.PermissionSet = xDoc.GetElementsByTagName("permissions")[0].InnerText; loginStatus.Status = Convert.ToChar(xDoc.GetElementsByTagName("statusflag")[0].InnerText.Substring(0, 1)); loginStatus.UserKey = xDoc.GetElementsByTagName("userkey")[0].InnerText; loginStatus.EmailAddress = xDoc.GetElementsByTagName("useremail")[0].InnerText; loginStatus.FirstName = xDoc.GetElementsByTagName("userfirstname")[0].InnerText; loginStatus.LastName = xDoc.GetElementsByTagName("userlastname")[0].InnerText; Debug.WriteLine("AuthenticateUser FirstName LastName: " + loginStatus.FirstName + " " + loginStatus.LastName); loginStatus.SecureDomain = Convert.ToBoolean(xDoc.GetElementsByTagName("securedomain")[0].InnerText); loginStatus.IsAdmin = xDoc.GetElementsByTagName("role")[0].InnerText.ToLower().Contains("admin") ? true : false; loginStatus.ErrorMessage = xDoc.GetElementsByTagName("errormessage")[0].InnerText; Debug.WriteLine("AuthenticateUser ls.ErrorMessage: " + loginStatus.ErrorMessage); } catch (Exception excptn) { if (excptn.Data.Contains("noAuth")) { loginStatus.ErrorMessage = excptn.Message; Debug.WriteLine("Not authorized: " + excptn.Message); } else { string msg = "ProcessSsoAuth XML conversion exception: " + excptn.Message; Debug.WriteLine(msg); loginStatus.ErrorMessage = excptn.Message; } } Session["UserIsAdm"] = loginStatus.IsAdmin.ToString(); } return(loginStatus); }