/// <summary>
/// Gets all audit actions.
/// </summary>
/// <returns></returns>
public static AuditActionCollection GetAllAuditActions()
{
AuditActionCollection toReturn = new AuditActionCollection();
toReturn.GetMulti(null, 0, new SortExpression(AuditActionFields.AuditActionDescription.Ascending()));
return(toReturn);
}
/// <summary>
/// Loads the user and his rights and audits to the session object.
/// </summary>
/// <param name="user">The user to be added to the session.</param>
public static void LoadUserSessionData(UserEntity user)
{
// Adds the user object to session
AddUserObject(user);
ActionRightCollection systemActionRights = SecurityGuiHelper.GetSystemActionRightsForUser(user.UserID);
// add user system rights to the session object
AddSystemActionRights(systemActionRights);
AuditActionCollection auditActions = SecurityGuiHelper.GetAuditActionsForUser(user.UserID);
// add user audit actions to the session object
AddAuditActions(auditActions);
ForumRoleForumActionRightCollection forumActionRights = SecurityGuiHelper.GetForumsActionRightsForUser(user.UserID);
// add user forums rights to the session object
AddForumsActionRights(forumActionRights);
// set the last visit date.
if ((user.UserID > 0) && (user.LastVisitedDate.HasValue))
{
SessionAdapter.AddLastVisitDate(user.LastVisitedDate.Value, true);
}
else
{
SessionAdapter.AddLastVisitDate(DateTime.Now, true);
}
}
private void Page_Load(object sender, System.EventArgs e)
{
// If the user doesn't have any access rights to management stuff, the user should
// be redirected to the default of the global system.
if (!SessionAdapter.HasSystemActionRights())
{
// doesn't have system rights. redirect.
Response.Redirect("../Default.aspx", true);
}
// Check if the user has the right systemright
if (!SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement))
{
// no, redirect to admin default page, since the user HAS access to the admin menu.
Response.Redirect("Default.aspx", true);
}
_roleID = 0;
if (!Page.IsPostBack)
{
// Get all roles
RoleCollection roles = SecurityGuiHelper.GetAllRoles();
cbxRoles.DataSource = roles;
cbxRoles.DataTextField = "RoleDescription";
cbxRoles.DataValueField = "RoleID";
cbxRoles.DataBind();
if (cbxRoles.Items.Count > 0)
{
cbxRoles.Items[0].Selected = true;
_roleID = HnDGeneralUtils.TryConvertToInt(cbxRoles.SelectedItem.Value);
}
// get the audit actions
AuditActionCollection auditActions = SecurityGuiHelper.GetAllAuditActions();
cblAuditActions.DataSource = auditActions;
cblAuditActions.DataTextField = "AuditActionDescription";
cblAuditActions.DataValueField = "AuditActionID";
cblAuditActions.DataBind();
// Reflect action rights for current selected forum for this role
ReflectCurrentAuditActions();
}
else
{
_roleID = HnDGeneralUtils.TryConvertToInt(cbxRoles.SelectedItem.Value);
}
}
/// <summary>
/// Checks if the current user needs auditing for the action specified
/// </summary>
/// <param name="action">Action.</param>
/// <returns>true if the user needs auditing, otherwise false</returns>
public static bool CheckIfNeedsAuditing(AuditActions auditActionID)
{
AuditActionCollection auditActions = GetAuditActions();
if (auditActions != null && auditActions.Count > 0)
{
// create an ActionRight entity, and forcing the PK value, to avoid fetching it from the database.
AuditActionEntity auditAction = new AuditActionEntity();
auditAction.Fields[(int)AuditActionFieldIndex.AuditActionID].ForcedCurrentValueWrite((int)auditActionID);
auditAction.IsNew = false;
return(auditActions.Contains(auditAction));
}
return(false);
}
/// <summary>
/// Gets the audit actions for user.
/// </summary>
/// <param name="userID">The user ID.</param>
/// <returns>fetched collection</returns>
public static AuditActionCollection GetAuditActionsForUser(int userID)
{
var qf = new QueryFactory();
var q = qf.AuditAction
.Where(AuditActionFields.AuditActionID
.In(qf.Create()
.Select(RoleAuditActionFields.AuditActionID)
.From(qf.RoleAuditAction
.InnerJoin(qf.Role).On(RoleAuditActionFields.RoleID == RoleFields.RoleID)
.InnerJoin(qf.RoleUser).On(RoleFields.RoleID == RoleUserFields.RoleID))
.Where(RoleUserFields.UserID == userID)));
AuditActionCollection auditActions = new AuditActionCollection();
auditActions.GetMulti(q);
return(auditActions);
}
/// <summary>
/// Adds the audit actions collection to the session.
/// If the object already exists, it is overwritten with the new value.
/// </summary>
/// <param name="actionRights">The action rights.</param>
private static void AddAuditActions(AuditActionCollection auditActions)
{
//Adds a new item to the session-state collection.
//If the name parameter refers to an existing session state item, the existing item is overwritten with the specified value.
HttpContext.Current.Session.Add("auditActions", auditActions);
}
