protected void FetchWhere(string where, int batchsize, string fldList)
{
NLogLoggerP.Trace("Fetchwhere - Swapetproxy - Before Call");
StopwatchUtil.Time(
() =>
{
this.SetAndFetch(where, batchsize == 0 ? DefaultFetchWhereRowCount : batchsize, fldList);
using (var poSwapetproxy = this.proxyAppObject.CreatePO_swapetproxy())
{
var cErrorMessage = string.Empty;
this.SetRequiredContextParameters();
poSwapetproxy.FetchWhere(ref this.pdsContext, out this.dataSet, out cErrorMessage);
ErrorReportingHelper.ReportErrors(cErrorMessage);
this.ReportErrors(this.pdsContext);
this.ReportErrors(this.dataSet);
}
});
NLogLoggerP.Info("Fetchwhere - Swapetproxy - After Call");
}
public void TestException(int type)
{
switch (type)
{
case 401:
ErrorReportingHelper.ReportErrors("SESSION ID NOT FOUND IN CORE_SESSION");
break;
case 420:
ErrorReportingHelper.ReportErrors("420 Error");
break;
case 421:
ErrorReportingHelper.ReportErrors("421 Error", 421);
break;
case 500:
throw new DivideByZeroException();
default:
ErrorReportingHelper.ReportProgramErrors("Invalid exception");
break;
}
}
public CenPosModel BuildCenPosUrl(
string operation,
int mediacd,
decimal custno,
string shipTo,
string whse,
string tokenId,
string invoiceNo,
string oneTimeType,
decimal amountdecimal,
bool runArsocPrecall,
string ipaddress = "",
decimal taxAmount = 0)
{
operation = operation.ToLower(CultureInfo.InvariantCulture);
oneTimeType = oneTimeType.ToLower(CultureInfo.InvariantCulture);
if ((operation != "sale") && (operation != "auth") && (operation != "add") && (operation != "modify") &&
(operation != "delete") && (operation != "signature"))
{
ErrorReportingHelper.ReportErrors("error.credit.card.invalidoperation", 421);
}
string myhost;
var tokenObject = ApplicationCookieUtilities.Principal(HttpContext.Current.User, out myhost);
switch (operation)
{
case "add":
if (runArsocPrecall)
{
var asarsetupARSOCCreditCardAddValidateRequestAPI =
new AsarsetupARSOCCreditCardAddValidateRequestAPI
{
dCustno = custno,
cShipTo = shipTo,
cMediaCd = mediacd.ToString()
};
this.asarsetupRepository.ARSOCCreditCardAddValidate(asarsetupARSOCCreditCardAddValidateRequestAPI);
}
break;
}
var merchantOveeride = false;
var merchantId = string.Empty;
var merchantUserId = string.Empty;
var merchantUserPw = string.Empty;
if (operation.Equals("auth") ||
operation.Equals("sale"))
{
var merchantResult = this.asoeheaderRepository.LoadOETenderingMerchant(whse, mediacd);
if (!string.IsNullOrEmpty(merchantResult?.cMerchantID) && !string.IsNullOrEmpty(merchantResult.cMerchantUserID) && !string.IsNullOrEmpty(merchantResult.cMerchantUserPW))
{
merchantOveeride = true;
merchantId = merchantResult.cMerchantID;
merchantUserId = merchantResult.cMerchantUserID;
merchantUserPw = merchantResult.cMerchantUserPW;
}
}
var sastn = this.sastnRepository.Get(tokenObject.Cono, "p", mediacd, 1, "processor,addtaxfl,chkauth,ccaddontype,ccaddon");
if (sastn == null)
{
ErrorReportingHelper.ReportErrors("error.credit.card.nosastn", 421);
return(null);
}
if (string.IsNullOrEmpty(sastn.processor))
{
ErrorReportingHelper.ReportErrors("error.credit.card.sastpempty", 421);
}
var sastplookupcriteria = new Sastplookupcriteria()
{
processno = Convert.ToInt32(sastn.processor)
};
var sastp = this.assainquiryRepository.SASTPlookup(sastplookupcriteria);
if (string.IsNullOrEmpty(sastp?.callingURLH5))
{
ErrorReportingHelper.ReportErrors("error.credit.card.nosastp", 421);
}
var sb = new StringBuilder();
sb.Append(sastp.callingURLH5);
var cenPosModel = new CenPosModel();
switch (operation)
{
case "signature":
cenPosModel.PopTitleType = "cenpos.popup.signature";
sb.Append("?type=signature");
break;
case "sale":
if (sastn.addtaxfl)
{
if (string.Equals(oneTimeType, "sale") || string.Equals(oneTimeType, "roa"))
{
sb.Append("?type=SALE");
cenPosModel.PopTitleType = "global.cenpos.one.time.sale";
}
else if (string.Equals(oneTimeType, "credit"))
{
sb.Append("?type=Credit");
cenPosModel.PopTitleType = "global.cenpos.one.time.credit";
}
}
if (sastn.chkauth)
{
if (string.Equals(oneTimeType, "achdebit") || string.Equals(oneTimeType, "roa"))
{
sb.Append("?type=ACHDebit");
cenPosModel.PopTitleType = "global.cenpos.one.time.ach";
}
else if (string.Equals(oneTimeType, "achcredit"))
{
sb.Append("?type=ACHCredit");
cenPosModel.PopTitleType = "global.cenpos.one.time.ach.credit";
}
}
sb.Append("&amount=" + Math.Abs(amountdecimal));
sb.Append("&taxamount=" + (taxAmount));
sb.Append("&receipts=false");
break;
case "auth":
sb.Append("?type=Auth");
sb.Append("&taxamount=" + (taxAmount));
cenPosModel.PopTitleType = "global.cenpos.one.time.auth";
if (sastn.ccaddontype)
{
var newAmount = amountdecimal + sastn.ccaddon;
sb.Append("&amount=" + newAmount);
}
else
{
var addonPercentage = sastn.ccaddon / 100;
var addonAmount = amountdecimal * addonPercentage;
var newAmount = amountdecimal + addonAmount;
sb.Append("&amount=" + newAmount);
}
sb.Append("&receipts=false");
break;
case "add":
case "delete":
case "modify":
sb.Append(sastn.chkauth ? "?type=TokenCheck" : "?type=CreateToken");
if (operation == "add")
{
var taxableFlag = false;
if (string.IsNullOrEmpty(shipTo))
{
var arss = this.arssRepository.Get(tokenObject.Cono, custno, shipTo, 1, "taxablety");
if (arss != null)
{
taxableFlag = arss.taxablety.Equals("Y", StringComparison.InvariantCultureIgnoreCase) ||
arss.taxablety.Equals("V", StringComparison.InvariantCultureIgnoreCase);
}
}
else
{
var arsc = this.arscRepository.Get(tokenObject.Cono, custno, false, 1, "taxablety");
if (arsc != null)
{
taxableFlag = arsc.taxablety.Equals("Y", StringComparison.InvariantCultureIgnoreCase) ||
arsc.taxablety.Equals("V", StringComparison.InvariantCultureIgnoreCase);
}
}
sb.Append("&taxamount=" + (taxableFlag ? "1" : "0"));
}
if (sastn.chkauth && operation == "modify")
{
ErrorReportingHelper.ReportErrors("message.ach.tokens.cannot.be.modified", 421);
}
switch (operation)
{
case "add":
cenPosModel.PopTitleType = "cenpos.popup.onetimecardadd";
break;
case "modify":
cenPosModel.PopTitleType = "cenpos.popup.onetimecardmodify";
sb.Append("&operation=modify");
sb.Append("&token=" + tokenId);
sb.Append("&modifyavs=true");
break;
case "delete":
cenPosModel.PopTitleType = "cenpos.popup.onetimecarddelete";
sb.Append("&operation=delete");
sb.Append("&token=" + tokenId);
sb.Append("&modifyavs=true");
break;
}
break;
}
sb.Append("&merchantid=" + (merchantOveeride ? merchantId : sastp.processorvendorid));
sb.Append("&customercode=" + custno + (string.IsNullOrEmpty(shipTo) ? string.Empty : "|" + HttpUtility.UrlEncode(shipTo)));
sb.Append("&invoice=" + invoiceNo);
sb.Append("&userid=" + (merchantOveeride ? merchantUserId : sastp.processoruserid));
var encodedPassword = Encoding.UTF8.GetBytes(merchantOveeride ? merchantUserPw : sastp.processoruserpw);
var basePassword = Convert.ToBase64String(encodedPassword);
var httpPassword = HttpUtility.UrlEncode(basePassword);
sb.Append("&password="******"&sessionID=" + tokenObject.Cono.ToString("D4") + tokenObject.Oper.StripOffDomain());
// For the signature operation we tell cenpos to respond via a window message instead of a url redirect because of url size constraints
string responseType;
if (operation == "signature")
{
responseType = "message";
}
else
{
responseType = sastp.responseURLH5.StartsWith("https", StringComparison.CurrentCultureIgnoreCase) ? "Restful" : "get";
}
sb.Append("&ResponseType=" + responseType);
sb.Append("&RedirectType=self");
if (!string.IsNullOrEmpty(ipaddress))
{
sb.Append("&ip=" + ipaddress);
}
// PMC 02/09/2018 - IBM AppScan - Reviewed, this code is coded as it should be. The date time manipulation is to design.
var externalToken = DateTime.UtcNow.ToString("yyyy-MM-ddHH:mm:ss.fff", CultureInfo.InvariantCulture);
var addToResponse =
$"?cono={tokenObject.Cono}&oper={tokenObject.Oper.StripOffDomain()}&sessionidprogress={tokenObject.Sessionid}&tokenpostgres={externalToken}";
var request = AwsElbUtils.ReturnUrlRequired(HttpContext.Current.Request);;
// SAS 07/26/2016 - harcoding the repsonse URL for CenPOS
var responseUrl = request + "ui/app/modules/shared/cen-pos/cen-pos-response.html";
var encodedUrlResponse = Encoding.UTF8.GetBytes(responseUrl + addToResponse);
var baseUrlResponse = Convert.ToBase64String(encodedUrlResponse);
var httpUrlResponse = HttpUtility.UrlEncode(baseUrlResponse);
sb.Append("&urlresponse=" + httpUrlResponse);
cenPosModel.CenPosUri = sb.ToString();
this.assharedinquiryRepository.CenPOSLogURL(cenPosModel.CenPosUri);
return(cenPosModel);
}
protected void ReportErrors(string errorMessage)
{
ErrorReportingHelper.ReportErrors(errorMessage);
}
public IEnumerable <Webmodrecord> ImportWebModificationsPartOne(byte[] zipFile)
{
var user = this._pvUserRepository.Get(this._tokenObject.Cono, this._tokenObject.Oper.StripOffDomain(), 1, "webmodificationaccesslevel");
var allowCompany = user.webmodificationaccesslevel.ToLower() == "c";
var allowProfile = allowCompany || user.webmodificationaccesslevel.ToLower() == "p";
var allowUser = allowCompany || allowProfile || user.webmodificationaccesslevel.ToLower() == "u";
if (!allowUser)
{
ErrorReportingHelper.ReportErrors("special.saapa.import.denied");
}
var importObjectString = ZipClass.Decompress(zipFile);
var webmodRecords = JsonConvert.DeserializeObject <IEnumerable <Webmodrecord> >(importObjectString);
var importWebMods = webmodRecords as Webmodrecord[] ?? webmodRecords.ToArray();
foreach (var webmodrecord in importWebMods)
{
webmodrecord.cono = this._tokenObject.Cono;
if (allowCompany && string.IsNullOrEmpty(webmodrecord.profile) &&
string.IsNullOrEmpty(webmodrecord.@operator))
{
continue;
}
if (allowProfile)
{
if (string.IsNullOrEmpty(webmodrecord.profile) && string.IsNullOrEmpty(webmodrecord.@operator))
{
webmodrecord.@operator = this.CheckUser(webmodrecord.@operator);
webmodrecord.errorMessage = "special.saapa.import.defaultoperatorset";
continue;
}
if (!string.IsNullOrEmpty(webmodrecord.profile))
{
var profile = this.CheckProfle(webmodrecord.profile);
if (profile == Noprofile)
{
webmodrecord.errorMessage = "special.saapa.import.noprofile";
webmodrecord.profile = string.Empty;
webmodrecord.profile = this.CheckUser(webmodrecord.@operator);
}
if (profile != webmodrecord.profile)
{
webmodrecord.errorMessage = "special.saapa.import.profileset";
}
webmodrecord.profile = this.CheckProfle(webmodrecord.profile);
continue;
}
var oper = this.CheckUser(webmodrecord.@operator);
if (oper != webmodrecord.@operator)
{
webmodrecord.errorMessage = "special.saapa.import.defaultoperatorset";
}
webmodrecord.@operator = oper;
continue;
}
webmodrecord.profile = string.Empty;
var operAlllowUser = this.CheckUser(webmodrecord.@operator);
if (operAlllowUser != webmodrecord.@operator)
{
webmodrecord.errorMessage = "special.saapa.import.defaultoperatorset";
}
webmodrecord.@operator = operAlllowUser;
}
foreach (var webmodrecord in importWebMods)
{
var criteria = new Webmodlistcriteria()
{
screenname = webmodrecord.screenname, functionname = webmodrecord.functionname, recordcountlimit = 1
};
if (string.IsNullOrEmpty(webmodrecord.profile) && string.IsNullOrEmpty(webmodrecord.@operator))
{
criteria.level = "c";
}
if (!string.IsNullOrEmpty(webmodrecord.profile))
{
criteria.level = "p";
criteria.profile = webmodrecord.profile;
}
if (!string.IsNullOrEmpty(webmodrecord.@operator))
{
criteria.level = "o";
criteria.@operator = webmodrecord.@operator;
}
webmodrecord.willOverwrite = this._assharedentryRepository.GetWebModificationList(criteria).webmodlistresults.Any();
}
return(importWebMods);
}
private static void RejectLogin(ILogger nLogger, string errorMessage, LoginErrorEnums errorCode)
{
nLogger.Error(errorMessage);
ErrorReportingHelper.ReportErrors($"Unauthorized - Error Code {errorCode}", 401);
}
public LoginResponseModel Login(LoginRequestModel loginRequest, string host)
{
var loginResponseModel = new LoginResponseModel();
var claimsAndLoginObject = new ClaimsAndLoginObject(new ProgressConfiguration());
var nLogger = this.ReturnTenantAndUser(claimsAndLoginObject, loginRequest, out var logTenant, out var logUser, "Login", host);
ReportErrors(nLogger, claimsAndLoginObject.LoggingEMessages, claimsAndLoginObject.LoggingIMessages, claimsAndLoginObject.LoggingWMessages);
nLogger.Trace("Start", "Login Service");
if (claimsAndLoginObject.InvalidLogin)
{
var errorCode = LoginErrorEnums.Unknown;
if (claimsAndLoginObject.LoggingEMessages.Any())
{
errorCode = claimsAndLoginObject.LoggingEMessages.First().Value;
}
RejectLogin(nLogger, "Unauthorized", errorCode);
return(new LoginResponseModel {
Success = false
});
}
var logPassword = claimsAndLoginObject.SsoEnabled || !string.IsNullOrEmpty(claimsAndLoginObject.DeveloperLogin) ? this._ssoSecond : loginRequest.Password;
nLogger.Trace("Before Login", "Login Service");
var loginInternalResult = this._loginRepository.Login(logUser, logPassword, loginRequest.Cono, loginRequest.Locale, false, !claimsAndLoginObject.MultiTenant);
nLogger.Trace("After Login", "Login Service");
if (loginInternalResult.ErrorMessage == "This Account (Operator) Is Disabled")
{
ErrorReportingHelper.ReportErrors("global.account.disabled", 403);
}
loginResponseModel.Oper = loginInternalResult.userID;
loginResponseModel.Cono = loginInternalResult.cono;
loginResponseModel.Success = loginInternalResult.Success;
loginResponseModel.ChangePassword = loginInternalResult.ChangePassword;
loginResponseModel.UserRequiresClearing = loginInternalResult.UserRequiresClearing;
loginResponseModel.NumberOfMinutesBearer = new ProgressConfiguration().SSoEnabled
? new ProgressConfiguration().InforIonBearerTokenLasts
: 0;
loginResponseModel.NumberOfMinutes = loginInternalResult.NumberOfMinutes;
loginResponseModel.SessionID = loginInternalResult.SessionID;
loginResponseModel.Tenant = logTenant;
loginResponseModel.Guid = claimsAndLoginObject.Identity;
if (loginResponseModel.ChangePassword)
{
return(loginResponseModel);
}
if (loginResponseModel.UserRequiresClearing)
{
return(loginResponseModel);
}
if (!loginInternalResult.Success && (claimsAndLoginObject.SsoEnabled || !string.IsNullOrEmpty(claimsAndLoginObject.DeveloperLogin)))
{
RejectLogin(nLogger, $"Login Failed {loginInternalResult.ErrorMessage}", LoginErrorEnums.Unknown);
return(new LoginResponseModel {
Success = false
});
}
if (!loginInternalResult.Success)
{
return(loginResponseModel);
}
var tokenObject = new TokenObject
{
Cono = loginResponseModel.Cono,
Sessionid = loginResponseModel.SessionID.ToString("D"),
Oper = loginResponseModel.Oper,
Tenant = logTenant,
CurrentUiCulture = loginRequest.Locale,
OffsetTime = loginRequest.OffsetTime
};
PopulateUserPrincipal(tokenObject);
nLogger.Trace("End", "Login Service");
return(loginResponseModel);
}