示例#1
0
        void Update(string statusMessage)
        {
            // temp stop timer
            _heartbeatTimer.Change(System.Threading.Timeout.Infinite, System.Threading.Timeout.Infinite);

            DbTableDmlMgr dmlUpdateMgr = _daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                        , Constants.AppSessions);

            dmlUpdateMgr.SetWhereCondition((j) => j.Column(Constants.AppCode)
                                           == j.Parameter(dmlUpdateMgr.MainTable.SchemaName
                                                          , dmlUpdateMgr.MainTable.TableName
                                                          , Constants.AppCode
                                                          , _daMgr.BuildParamName(Constants.AppCode)) &&
                                           j.Column(Constants.MultipleSessionCode)
                                           == j.Parameter(dmlUpdateMgr.MainTable.SchemaName
                                                          , dmlUpdateMgr.MainTable.TableName
                                                          , Constants.MultipleSessionCode
                                                          , _daMgr.BuildParamName(Constants.MultipleSessionCode)));

            dmlUpdateMgr.AddColumn(Constants.StatusMessage, _daMgr.BuildParamName(Constants.StatusMessage));
            dmlUpdateMgr.AddColumn(Constants.StatusDateTime, Core.EnumDateTimeLocale.UTC);
            DbCommand dbCmdUpdate = _daMgr.BuildUpdateDbCommand(dmlUpdateMgr);

            dbCmdUpdate.Parameters[_daMgr.BuildParamName(Constants.AppCode)].Value             = _appCode;
            dbCmdUpdate.Parameters[_daMgr.BuildParamName(Constants.MultipleSessionCode)].Value = _appSessionCode;
            dbCmdUpdate.Parameters[_daMgr.BuildParamName(Constants.StatusMessage)].Value       = statusMessage;

            DbCommandMgr dbCmdMgr = new DbCommandMgr(_daMgr);

            dbCmdMgr.AddDbCommand(dbCmdUpdate);

            // refresh signon control
            List <string> tableNames   = new List <string>();
            DbTableDmlMgr dmlSelectMgr = _daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                        , Constants.SignonControl);
            DbCommand dbCmdSelect = _daMgr.BuildSelectDbCommand(dmlSelectMgr, null);

            dbCmdMgr.AddDbCommand(dbCmdSelect);
            tableNames.Add(Constants.SignonControl);

            // refresh app sessions
            dmlSelectMgr = _daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                          , Constants.AppSessions);
            dbCmdSelect = _daMgr.BuildSelectDbCommand(dmlSelectMgr, null);
            dbCmdMgr.AddDbCommand(dbCmdSelect);
            tableNames.Add(Constants.AppSessions);

            DataSet controldata = dbCmdMgr.ExecuteDataSet(tableNames);

            _signonControl.Refresh(controldata.Tables[Constants.SignonControl]);
            _appSessions = controldata.Tables[Constants.AppSessions];

            // temp start timer
            _heartbeatTimer.Change(_signonControl.SignonControlData.StatusSeconds * 1000
                                   , _signonControl.SignonControlData.StatusSeconds * 1000);
        }
示例#2
0
        static DbCommand BuildCmdGetUpdateUserSession(DataAccessMgr daMgr)
        {
            DbTableDmlMgr dmlUpdateMgr = daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                       , Constants.UserSessions);

            dmlUpdateMgr.AddColumn(Constants.SessionDateTime, EnumDateTimeLocale.UTC);
            dmlUpdateMgr.SetWhereCondition(j => j.Column(Constants.SessionCode) ==
                                           j.Parameter(Constants.UserSessions, Constants.SessionCode
                                                       , daMgr.BuildParamName(Constants.SessionCode)));
            return(daMgr.BuildUpdateDbCommand(dmlUpdateMgr));
        }
        /// <summary>
        /// Adds a record to the session database table
        /// </summary>
        /// <param name="daMgr">DataAccessMgr object</param>
        /// <param name="userId">Unique user identifier</param>
        /// <param name="userCode">Unique numeric user identifier</param>
        /// <param name="userEnv">MetaData about the user's environment</param>
        /// <returns>A unique session code</returns>
        static Int64 AddSession(DataAccessMgr daMgr, string userId, Int32 userCode, UserEnvironmentStructure userEnv)
        {
            Int64         sessionCode = daMgr.GetNextSequenceNumber(Constants.SessionCode);
            DbTableDmlMgr dmlInsert   = daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                      , Constants.UserSessions);

            dmlInsert.AddColumn(Constants.SessionCode, daMgr.BuildParamName(Constants.SessionCode));
            dmlInsert.AddColumn(Constants.UserCode, daMgr.BuildParamName(Constants.UserCode));
            dmlInsert.AddColumn(Constants.UserId, daMgr.BuildParamName(Constants.UserId));
            dmlInsert.AddColumn(Constants.AppCode, daMgr.BuildParamName(Constants.AppCode));
            dmlInsert.AddColumn(Constants.AppId, daMgr.BuildParamName(Constants.AppId));
            dmlInsert.AddColumn(Constants.AppMachine, daMgr.BuildParamName(Constants.AppMachine));
            dmlInsert.AddColumn(Constants.AppVersion, daMgr.BuildParamName(Constants.AppVersion));
            dmlInsert.AddColumn(Constants.RemoteAddress, daMgr.BuildParamName(Constants.RemoteAddress));

            DbCommand cmdInsert = daMgr.BuildInsertDbCommand(dmlInsert);

            cmdInsert.Parameters[daMgr.BuildParamName(Constants.SessionCode)].Value   = sessionCode;
            cmdInsert.Parameters[daMgr.BuildParamName(Constants.UserId)].Value        = userId;
            cmdInsert.Parameters[daMgr.BuildParamName(Constants.UserCode)].Value      = userCode;
            cmdInsert.Parameters[daMgr.BuildParamName(Constants.AppId)].Value         = userEnv.AppId;
            cmdInsert.Parameters[daMgr.BuildParamName(Constants.AppCode)].Value       = userEnv.AppCode;
            cmdInsert.Parameters[daMgr.BuildParamName(Constants.AppVersion)].Value    = userEnv.AppVersion;
            cmdInsert.Parameters[daMgr.BuildParamName(Constants.RemoteAddress)].Value = userEnv.RemoteAddress;
            cmdInsert.Parameters[daMgr.BuildParamName(Constants.AppMachine)].Value    = Environment.MachineName;

            DbTableDmlMgr dmlUpdate = daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                    , Constants.UserMaster);

            dmlUpdate.AddColumn(Constants.FailedSignonAttempts
                                , daMgr.BuildParamName(Constants.FailedSignonAttempts));
            dmlUpdate.AddColumn(Constants.LastSignonDateTime
                                , EnumDateTimeLocale.Default);

            dmlUpdate.SetWhereCondition((j) => j.Column(Constants.UserId)
                                        == j.Parameter(dmlUpdate.MainTable.SchemaName
                                                       , dmlUpdate.MainTable.TableName
                                                       , Constants.UserId
                                                       , daMgr.BuildParamName(Constants.UserId)));

            DbCommand cmdUpdate = daMgr.BuildUpdateDbCommand(dmlUpdate);

            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.UserId)].Value
                = userId;
            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.FailedSignonAttempts)].Value
                = 0;
            DbCommandMgr cmdMgr = new DbCommandMgr(daMgr);

            cmdMgr.AddDbCommand(cmdInsert);
            cmdMgr.AddDbCommand(cmdUpdate);
            cmdMgr.ExecuteNonQuery();
            return(sessionCode);
        }
示例#4
0
        /// <summary>
        /// Changes the given user's password to the new password and resets any account restrictions
        /// depending on given parameter.
        /// <para>The method assumes the caller has verified the spelling of the new password.</para>
        /// <para>The method also assumes the caller has verified the existing password if applicable.</para>
        /// </summary>
        /// <param name="daMgr">DataAccessMgr object</param>
        /// <param name="userId">Unique user identifier</param>
        /// <param name="newPassword">The new password (unhashed) plain text</param>
        /// <param name="resetSignonRestrictions">Indicates whether the accounts restrictions will be reset</param>
        public static void ChangePassword(DataAccessMgr daMgr
                                          , string userId
                                          , string newPassword
                                          , bool resetSignonRestrictions)
        {
            string salt = Cryptography.HashOperation.CreateRandomSalt(Cryptography.HashAlgorithmTypeEnum.SHA512HashAlgorithm);
            string hash = Cryptography.HashOperation.ComputeHash(Cryptography.HashAlgorithmTypeEnum.SHA512HashAlgorithm
                                                                 , newPassword
                                                                 , salt);
            DbTableDmlMgr dmlUpdate = daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                    , Constants.UserMaster);

            dmlUpdate.AddColumn(Constants.UserPassword
                                , daMgr.BuildParamName(Constants.UserPassword));
            dmlUpdate.AddColumn(Constants.PasswordSalt
                                , daMgr.BuildParamName(Constants.PasswordSalt));
            dmlUpdate.AddColumn(Constants.FailedSignonAttempts
                                , daMgr.BuildParamName(Constants.FailedSignonAttempts));
            dmlUpdate.AddColumn(Constants.ForcePasswordChange
                                , daMgr.BuildParamName(Constants.ForcePasswordChange));

            if (resetSignonRestrictions)
            {
                dmlUpdate.AddColumn(Constants.SignonRestricted
                                    , daMgr.BuildParamName(Constants.SignonRestricted));
            }

            dmlUpdate.SetWhereCondition((j) => j.Column(Constants.UserId)
                                        == j.Parameter(dmlUpdate.MainTable.SchemaName
                                                       , dmlUpdate.MainTable.TableName
                                                       , Constants.UserId
                                                       , daMgr.BuildParamName(Constants.UserId)));

            DbCommand cmdUpdate = daMgr.BuildUpdateDbCommand(dmlUpdate);

            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.UserId)].Value
                = userId;
            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.UserPassword)].Value
                = hash;
            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.PasswordSalt)].Value
                = salt;
            if (resetSignonRestrictions)
            {
                cmdUpdate.Parameters[daMgr.BuildParamName(Constants.SignonRestricted)].Value
                    = 0;
            }
            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.FailedSignonAttempts)].Value
                = 0;
            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.ForcePasswordChange)].Value
                = 0;
            daMgr.ExecuteNonQuery(cmdUpdate, null, null);
        }
        public ActionResult EditProfile(EditProfileModel editProfile)
        {
            if (ModelState.IsValid)
            {
                if (!string.IsNullOrEmpty(editProfile.ChangedFields))
                {
                    DataAccessMgr daMgr = Global.GetDataAccessMgr(this.HttpContext);

                    DbTableDmlMgr dmlUpdate = daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                            , DataManagement.Constants.Table_UserMaster);
                    foreach (string column in dmlUpdate.MainTable.Columns.Keys)
                    {
                        if (editProfile.ChangedFields.Contains(column))
                        {
                            dmlUpdate.AddColumn(column);
                        }
                    }

                    dmlUpdate.AddColumn(SessionManagement.Constants.LastModifiedUserCode);
                    dmlUpdate.AddColumn(SessionManagement.Constants.LastModifiedDateTime
                                        , Core.EnumDateTimeLocale.Default);

                    dmlUpdate.SetWhereCondition(j => j.Column(DataManagement.Constants.UserId)
                                                == j.Parameter(dmlUpdate.MainTable.SchemaName
                                                               , dmlUpdate.MainTable.TableName
                                                               , DataManagement.Constants.UserId
                                                               , daMgr.BuildParamName(DataManagement.Constants.UserId)));

                    DbCommand   cmdUpdate      = daMgr.BuildUpdateDbCommand(dmlUpdate);
                    UserSession userSessionMgr = (UserSession)Session[SessionManagement.Constants.UserSessionMgr];
                    cmdUpdate.Parameters[daMgr.BuildParamName(DataManagement.Constants.UserId)].Value = userSessionMgr.UserId;
                    cmdUpdate.Parameters[daMgr.BuildParamName(SessionManagement.Constants.LastModifiedUserCode)].Value = userSessionMgr.UserCode;

                    foreach (DbParameter param in cmdUpdate.Parameters)
                    {
                        if (param.Value == DBNull.Value)
                        {
                            param.Value = GetValueFromModelState(ModelState, param.ParameterName.Substring(1));
                        }
                    }
                    daMgr.ExecuteNonQuery(cmdUpdate, null, null);
                }
                else
                {
                    ViewBag.NoDataChanged = true;
                }
            }
            return(View(editProfile));
        }
        /// <summary>
        /// Increases the signon failure account for the given user identifier and returns the latest count
        /// </summary>
        /// <param name="daMgr">DataAccessMgr object</param>
        /// <param name="userId">Unique user identifier</param>
        /// <returns>The icremented count of failed attempts</returns>
        static Int16 IncreaseFailedAttemptCount(DataAccessMgr daMgr, string userId)
        {
            DbTableDmlMgr dmlUpdate = daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                    , Constants.UserMaster);

            DbFunctionStructure addOne = new DbFunctionStructure();

            addOne.FunctionBody = string.Format("{0} + 1", Constants.FailedSignonAttempts);
            dmlUpdate.AddColumn(Constants.FailedSignonAttempts
                                , addOne);

            dmlUpdate.SetWhereCondition((j) => j.Column(Constants.UserId)
                                        == j.Parameter(dmlUpdate.MainTable.SchemaName
                                                       , dmlUpdate.MainTable.TableName
                                                       , Constants.UserId
                                                       , daMgr.BuildParamName(Constants.UserId)));

            DbCommand cmdUpdate = daMgr.BuildUpdateDbCommand(dmlUpdate);

            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.UserId)].Value
                = userId;

            DbTableDmlMgr dmlSelectMgr = daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                       , Constants.UserMaster
                                                                       , Constants.FailedSignonAttempts);

            dmlSelectMgr.SetWhereCondition((j) => j.Column(Constants.UserId)
                                           == j.Parameter(dmlSelectMgr.MainTable.SchemaName
                                                          , dmlSelectMgr.MainTable.TableName
                                                          , Constants.UserId
                                                          , daMgr.BuildParamName(Constants.UserId)));
            DbCommand cmdSelectUserMaster = daMgr.BuildSelectDbCommand(dmlSelectMgr, null);

            cmdSelectUserMaster.Parameters[daMgr.BuildParamName(Constants.UserId)].Value = userId;
            DbCommandMgr cmdMgr = new DbCommandMgr(daMgr);

            cmdMgr.AddDbCommand(cmdUpdate);
            cmdMgr.AddDbCommand(cmdSelectUserMaster);
            DataTable userMaster = cmdMgr.ExecuteDataTable();

            return(Convert.ToInt16(userMaster.Rows[0][Constants.FailedSignonAttempts]));
        }
        /// <summary>
        /// Sets or resets an account restriction for the given user identifier
        /// </summary>
        /// <param name="daMgr">DataAccessMgr object</param>
        /// <param name="userId">Unique user identifier</param>
        /// <param name="removeRestriction">Indicates whether to set or reset the restriction</param>
        static void Restriction(DataAccessMgr daMgr, string userId, bool removeRestriction)
        {
            DbTableDmlMgr dmlUpdate = daMgr.DbCatalogGetTableDmlMgr(DataAccess.Constants.SCHEMA_CORE
                                                                    , Constants.UserMaster);

            dmlUpdate.AddColumn(Constants.SignonRestricted
                                , daMgr.BuildParamName(Constants.SignonRestricted));

            dmlUpdate.SetWhereCondition((j) => j.Column(Constants.UserId)
                                        == j.Parameter(dmlUpdate.MainTable.SchemaName
                                                       , dmlUpdate.MainTable.TableName
                                                       , Constants.UserId
                                                       , daMgr.BuildParamName(Constants.UserId)));

            DbCommand cmdUpdate = daMgr.BuildUpdateDbCommand(dmlUpdate);

            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.UserId)].Value
                = userId;
            cmdUpdate.Parameters[daMgr.BuildParamName(Constants.SignonRestricted)].Value
                = removeRestriction ? 0 : 1;
            daMgr.ExecuteNonQuery(cmdUpdate, null, null);
        }