private void ProcessEditForm(int id, FormCollection collection)
{
var allowUpload = Settings.GetValueAsBool("S2", "S2Import.PersonExport");
var jsonGridData = collection["gridData"];
var gridData = JsonConvert.DeserializeObject <List <GridDataRow> >(jsonGridData);
var dataAccess = new People(DbContext);
var results = dataAccess.Get(id);
if (results.Failed)
{
EventLogger.LogSystemActivity(OwnedSystem,
Severity.Error,
string.Format("Error getting person with id of {0} from R1SM", id),
results.Message);
RedirectToAction("Index", "People");
}
var person = results.Entity;
if (AllowRuleAdministration)
{
UpdateRoles(person, gridData);
}
// If an admin edited this we need to see if any of the RSM specific stuff has changed.
if (User.IsInRole("admin"))
{
person.IsAdmin = collection.GetValueAsBool("IsAdmin");
person.LockedOut = collection.GetValueAsBool("Person.LockedOut");
person.username = collection["Person.username"];
var newPass = collection["Person.password"];
if ((newPass.Length > 0) && (newPass != person.password))
{
// Get encryption and decryption key information from the configuration.
var cfg = WebConfigurationManager.OpenWebConfiguration(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath);
var machineKey = (MachineKeySection)cfg.GetSection("system.web/machineKey");
var hash = new HMACSHA512 {
Key = Utilities.HexToByte(machineKey.ValidationKey)
};
var hash1 = Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(collection["Person.password"] + ".rSmSa1t" + newPass.Length.ToString())));
var hash2 = Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(hash1 + "an0tH3r5alt!" + newPass.Length.ToString())));
person.password =
Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(hash2)));
}
EventLogger.LogUserActivity(Severity.Informational,
User.Identity.Name + " modified access for " + person.DisplayName, "");
}
// Saving the person implies acceptance of the levels as assigned.
person.NeedsApproval = false;
person.Credentials = collection["Person.Credentials"];
person.NickFirst = collection["Person.NickFirst"];
DbContext.SubmitChanges();
try
{
if (allowUpload)
{
// Now update the S2 box with the new employee record.
this.API.SavePerson(person);
}
else
{
person.NeedsUpload = true;
DbContext.SubmitChanges();
}
}
catch
{
// If the update fails (likely due to a network issue)
// queue up the person to be uploaded by the service later.
person.NeedsUpload = true;
DbContext.SubmitChanges();
}
}