protected void UserGridView_SelectedIndexChanged(object sender, EventArgs e) { string[] RolesForUser = null; try { MembershipUser theUser; EmployeeRolePanel.Visible = true; RolesForUser = Roles.GetRolesForUser(UserGridView.SelectedValue.ToString()); FillCheckBoxesForRoles(RolesForUser); theUser = Membership.GetUser(UserGridView.SelectedValue.ToString()); UserLabel.Text = theUser.UserName.ToString(); UserEmailLabel.Text = theUser.Email.ToString(); if (theUser.UserName.Equals(HttpContext.Current.User.Identity.Name)) { foreach (ListItem item in UserRoleCheckBoxList.Items) { item.Enabled = false; } SaveRolesButton.Visible = false; ResetRolesButton.Visible = false; } else { SaveRolesButton.Visible = true; ResetRolesButton.Visible = (!LoginSecurity.IsUserAuthorizedPermission("RESET_USER_ACCOUNT")); } } catch (Exception exc) { log.Error("Function InRoleListBox_SelectedIndexChanged from AssingRolesByUser page", exc); SystemMessages.DisplaySystemMessage(Resources.SecurityData.MessageErrorGetRoles); } }
protected void OutRoleListBox_SelectedIndexChanged(object sender, EventArgs e) { try { InRoleListBox.ClearSelection(); if (VerifyIfIsOnlyOneUserSelected(OutRoleListBox)) { MembershipUser theUser; EmployeeRolePanel.Visible = true; gRolesForUser = Roles.GetRolesForUser(OutRoleListBox.SelectedValue); FillCheckBoxesForRoles(gRolesForUser); theUser = Membership.GetUser(OutRoleListBox.SelectedValue.ToString()); UserLabel.Text = theUser.UserName.ToString(); UserEmailLabel.Text = theUser.Email.ToString(); if (theUser.UserName.Equals(HttpContext.Current.User.Identity.Name)) { foreach (ListItem item in UserRoleCheckBoxList.Items) { item.Enabled = false; } SaveRolesButton.Visible = false; ResetRolesButton.Visible = false; AddInImageButton.Enabled = false; AddOutImageButton.Enabled = false; } else { SaveRolesButton.Visible = true; ResetRolesButton.Visible = (!LoginSecurity.IsUserAuthorizedPermission("RESET_USER_ACCOUNT")); AddInImageButton.Enabled = true; AddOutImageButton.Enabled = true; } } else { EmployeeRolePanel.Visible = false; } } catch (Exception q) { log.Error("Function OutRoleListBox_SelectedIndexChanged from AssigRole page", q); SystemMessages.DisplaySystemMessage(Resources.SecurityData.MessageErrorGetRoles); } }
private void ConstructMenu() { List <Artexacta.App.Menu.Menu> theMenu; List <Artexacta.App.Menu.Menu> theVisibleMenu; theMenu = Artexacta.App.Menu.MenuBLL.MenuBLL.ReadMenuFromXMLConfiguration(); List <string> theClases = new List <string>(); // We have to construct the set of "menu classes" for the user. These will determine what // menus the user has access to. if (!LoginSecurity.IsUserAuthenticated()) { Response.Redirect("~/Authentication/Login.aspx"); } theClases.Add("CHANGEPASS"); if (LoginSecurity.IsUserAuthorizedPermission("MANAGE_SECURITY")) { theClases.Add("SECURITY"); } if (LoginSecurity.IsUserAuthorizedPermission("ADMIN_CLASIFICADORES")) { theClases.Add("CLASIFICADORES"); } if (LoginSecurity.IsUserAuthorizedPermission("ADMIN_TESTS")) { theClases.Add("TESTS"); } if (LoginSecurity.IsUserAuthorizedPermission("MANAGE_CATEGORIES")) { theClases.Add("CATEGORY"); } theVisibleMenu = Artexacta.App.Menu.MenuBLL.MenuBLL.RecursiveConstructionOfVisibleMenus(theMenu, theClases); string visibleXML = Artexacta.App.Menu.MenuBLL.MenuBLL.GetMenuXML(theVisibleMenu, 0); sideMenu.Text = visibleXML; //MainRadMenu.LoadXml(visibleXML); }
private bool IsUserAuthorizedPage() { string currentPage = Page.Request.AppRelativeCurrentExecutionFilePath; // The following is a list of all the pages that are open to // authenticated users. These users do not need specific permissions // to access the page. string[] openPages = { "~/MainPage.aspx", "~/Security/EditUser.aspx", "~/Test/TestUserControlForTest.aspx", "~/About/VersionInformation.aspx", "~/About/Credits.aspx", "~/Security/ChangePassword.aspx", "~/UserConfiguration/UserConfiguration.aspx", "~/Authentication/UserIsLocked.aspx", "~/Authentication/UserIsUnlocked.aspx", "~/Authentication/UserNotApproved.aspx", "~/Test/TestTooltip.aspx", "~/ResetSystem.aspx", "~/Test/TestAddData.aspx", "~/Test/TestVisitKpi.aspx", "~/HelpManager/Default.aspx", "~/Test/TestDatePicker.aspx", "~/Organization/ListOrganizations.aspx", "~/Organization/EditOrganization.aspx", "~/Organization/OrganizationDetails.aspx", "~/Organization/ShareOrganization.aspx", "~/Project/ProjectForm.aspx", "~/Project/ProjectDetails.aspx", "~/Project/ProjectList.aspx", "~/Project/ShareProject.aspx", "~/Activity/AddActivity.aspx", "~/Activity/ActivityDetails.aspx", "~/Activity/ActivitiesList.aspx", "~/Activity/ShareActivity.aspx", "~/People/SharePerson.aspx", "~/People/PersonDetails.aspx", "~/Personas/ListaPersonas.aspx", "~/Personas/PeopleForm.aspx", "~/Kpi/KpiForm.aspx", "~/Kpis/KpiDetails.aspx", "~/Kpis/KpiDashboard.aspx", "~/Kpi/KpiList.aspx", "~/Kpi/KpiDataEntry.aspx", "~/Kpi/ShareKpi.aspx", "~/Kpi/ImportData.aspx", "~/Trash/TrashList.aspx" }; for (int i = 0; i < openPages.Length; i++) { if (currentPage.Equals(openPages[i])) { return(true); } } // SECURITY pages string[] securityPages = new string[] { "~/Security/AssignRoles.aspx", "~/Security/AssignRolesByUser.aspx", "~/Security/DefinePermissionsByRol.aspx", "~/Security/DefinePermissionsByUser.aspx", "~/Security/NewRole.aspx", "~/Security/UserList.aspx", "~/Security/CreateUser.aspx", "~/Security/UserIsLocked.aspx", "~/Security/UserIsUnlocked.aspx", "~/Bitacora/ListaEventosBitacora.aspx" }; for (int i = 0; i < securityPages.Length; i++) { if (currentPage.Equals(securityPages[i]) && LoginSecurity.IsUserAuthorizedPermission("MANAGE_SECURITY")) { return(true); } } //CATEGORIES pages string[] categoriesPages = new string[] { "~/Category/CategoriesList.aspx", "~/Category/CategoryDetails.aspx" }; for (int i = 0; i < categoriesPages.Length; i++) { if (currentPage.Equals(categoriesPages[i]) && LoginSecurity.IsUserAuthorizedPermission("MANAGE_CATEGORIES")) { return(true); } } // PERSONAS pages string[] personasPages = new string[] { "~/Seguimiento/SeguimientoCampana.aspx" }; for (int i = 0; i < personasPages.Length; i++) { if (currentPage.Equals(personasPages[i]) && LoginSecurity.IsUserAuthorizedPermission("ADMIN_TESTS")) { return(true); } } // Nothing else worked. The user should not be allowed to access the page. return(false); }