public UserContext Login(string userName, string password) { using (SecurityDbContext securityDbContext = new SecurityDbContext()) { UserInfo user = this.GetUser(userName, new int?()); if (user == null) { return((UserContext)null); } if (!OperationAccess.PasswordEqual(user.Password, password)) { if (user.LoginTryTime >= (int)ConfigurationController.LoginTryNo) { user.IsActive = false; } ++user.LoginTryTime; //user.ObjectState = ObjectState.Modified; //securityDbContext.SyncObjectState<UserInfo>(user); securityDbContext.SaveChanges(); return((UserContext)null); } if (!user.IsActive) { SecurityManager.SaveActivityLogForLoginFailedAction(userName, "کاربر غیر فعال"); throw new LoginException(ConfigurationController.ApplicationLanguage == AppLanguage.English ? "User is not Active." : "کاربر غیر فعال می باشد."); } user.LastLoginDate = new DateTime?(DateTime.Now); user.LoginTryTime = 0; //user.ObjectState = ObjectState.Modified; //securityDbContext.SyncObjectState<UserInfo>(user); securityDbContext.SaveChanges(); return(this.InitiateUserContext(user)); } }
public virtual async Task <OperationAccess> CreateOperationAccessAsync() { if (this.UseForAnonymousUser) { return new OperationAccess() { CanDelete = true, CanExport = true, CanImport = true, CanInsert = true, CanPrint = true, CanUpdate = true, CanView = true } } ; SecurityManager.ThrowIfUserContextNull(); if (!ConfigurationController.EnableSecurityCheck) { return new OperationAccess() { CanDelete = true, CanExport = true, CanImport = true, CanInsert = true, CanPrint = true, CanUpdate = true, CanView = true } } ; OperationAccess oprAccess = SessionManager.GetData(this.OprAccessSessionKey) as OperationAccess; if (oprAccess == null) { oprAccess = new OperationAccess(); oprAccess.CanImport = false; OperationAccess operationAccess1 = oprAccess; bool flag1 = await this.HasAccessAsync(this.ViewKey); operationAccess1.CanView = flag1; operationAccess1 = (OperationAccess)null; oprAccess.CanInsert = false; oprAccess.CanDelete = false; oprAccess.CanUpdate = false; OperationAccess operationAccess2 = oprAccess; bool flag2 = await this.HasAccessAsync(this.ExportKey); operationAccess2.CanExport = flag2; operationAccess2 = (OperationAccess)null; OperationAccess operationAccess3 = oprAccess; bool flag3 = await this.HasAccessAsync(this.PrintKey); operationAccess3.CanPrint = flag3; operationAccess3 = (OperationAccess)null; SessionManager.Add(this.OprAccessSessionKey, (object)oprAccess); } return(oprAccess); }
public static IBusinessRuleBaseAsync <TEntity> GetBusinessRule <TEntity>( OperationAccess operationAccess, IUnitOfWorkAsync unitOfWork) where TEntity : class, IEntity { Type type = typeof(BusinessRuleBase <>); IBusinessRuleBaseAsync <TEntity> instance; if (unitOfWork == null) { instance = Activator.CreateInstance(type.MakeGenericType(typeof(TEntity))) as IBusinessRuleBaseAsync <TEntity>; } else { instance = Activator.CreateInstance(type.MakeGenericType(typeof(TEntity)), (object)unitOfWork) as IBusinessRuleBaseAsync <TEntity>; } if (operationAccess != null) { OperationAccess operationAccess1 = new OperationAccess() { CanInsert = instance.OperationAccess.CanInsert || operationAccess.CanInsert, CanView = instance.OperationAccess.CanView || operationAccess.CanView, CanUpdate = instance.OperationAccess.CanUpdate || operationAccess.CanUpdate, CanDelete = instance.OperationAccess.CanDelete || operationAccess.CanDelete, CanExport = instance.OperationAccess.CanExport || operationAccess.CanExport, CanPrint = instance.OperationAccess.CanPrint || operationAccess.CanPrint, CanImport = instance.OperationAccess.CanImport || operationAccess.CanImport }; instance.OperationAccess = operationAccess1; } return(instance); }
public async Task <TEntity> FindAsync( CancellationToken cancellationToken, params object[] keyValues) { if (!this.UseForAnonymousUser) { SecurityManager.ThrowIfUserContextNull(); OperationAccess operationAccessAsync = await this.CreateOperationAccessAsync(); if (!this.OperationAccess.CanView) { throw new OperationAccessException(this.ViewKey); } } TEntity entity1 = await this.FindEntityAsync(cancellationToken, keyValues); TEntity entity2 = entity1; entity1 = default(TEntity); if ((object)entity2 is IActivityLoggable) { IActivityLoggable entityLog = (IActivityLoggable)(object)entity2; if (entityLog.ActionsToLog == ActionLog.All || (entityLog.ActionsToLog & ActionLog.Read) == ActionLog.Read) { OMF.Common.ActivityLog.ActivityLog actLog = ActivityLogManager.CreateActivityLog(entityLog); actLog.Action = 1; ActivityLogManager.Save(actLog); actLog = (OMF.Common.ActivityLog.ActivityLog)null; } entityLog = (IActivityLoggable)null; } return(entity2); }
public async static Task <OperationAccess> GetMoveMessageOperationAccess() { OperationAccess operationAccess = new OperationAccess { CanUpdate = await SecurityManager.HasAccessAsync(ResourceKeys.Workflow_StepStateInfo_ChangeReceiverUser) }; return(operationAccess); }
public async Task <HttpResponseMessage> GetUserRoleOperationAccess() { using (var userRoleRule = BusinessContext.GetBusinessRule <UserRole>()) { OperationAccess oprAccess = await userRoleRule.CreateOperationAccessAsync(); return(Request.CreateResponse(HttpStatusCode.OK, new { resultCode = (int)ResultCode.Successful, data = oprAccess })); } }
public async Task <HttpResponseMessage> GetCacheInfoOperationAccess() { var oprAccess = new OperationAccess(); oprAccess.CanView = await SecurityManager.HasAccessAsync(ZhivarResourceIds.Zhivar_Security_CacheInfo_View); oprAccess.CanDelete = await SecurityManager.HasAccessAsync(ZhivarResourceIds.Zhivar_Security_CacheInfo_Delete); return(Request.CreateResponse(HttpStatusCode.OK, new { resultCode = (int)ResultCode.Successful, data = oprAccess })); }
//protected async override Task<string> AfterLoginAsync(UserContext userContext) //{ // if (userContext.AuthenticationType == (int)Enums.VBSUserType.OrganizationPersonnel) // { // //TODO حذف کدهای ذیل و انتقال آنها به زیر ساخت // int personnelId; // if (string.IsNullOrWhiteSpace(userContext.Tag1) || !Int32.TryParse(userContext.Tag1, out personnelId)) // return await base.AfterLoginAsync(userContext); // using (UnitOfWork uow = new UnitOfWork()) // { // // var personnelQuery = uow.RepositoryAsync<Personel>().Queryable().Where(pr => pr.ID == personnelId); // var organizationQuery = uow.RepositoryAsync<Organization>().Queryable(); // // var shahrQuery = uow.RepositoryAsync<Shahr>().Queryable(); // var positionQuery = uow.RepositoryAsync<Position>().Queryable(); // var joinQuery = from personnel in personnelQuery // join organShahr in (from organization in organizationQuery // join shahr in shahrQuery // on organization.CityId equals shahr.ID // select new // { // OrganizationId = organization.ID, // OrganizationOnvan = organization.Title, // ShahrId = shahr.ID // }) // on personnel.OrganizationId equals organShahr.OrganizationId // join position in positionQuery // on personnel.PositionId equals position.ID // select new // { // OrganizationId = organShahr.OrganizationId, // OrganizationOnvan = organShahr.OrganizationOnvan, // ShahrId = organShahr.ShahrId, // PositionId = position.ID, // PositionOnvan = position.Name, // PositionCode = position.Code, // ShakhsId = personnel.ShakhsId // }; // var result = await joinQuery.FirstOrDefaultAsync(); // if (result == null) // return await base.AfterLoginAsync(userContext); // VBSUserContext.Current = new VBSUserContext() // { // OrganizationId = result.OrganizationId, // OrganizationOnvan = result.OrganizationOnvan, // PersonnelId = personnelId, // PositionId = result.PositionId, // PositionOnvan = result.PositionOnvan, // PositionCode = result.PositionCode, // ShahrId = result.ShahrId, // UserId = userContext.UserId, // ShakhsId = result.ShakhsId // }; // //SecurityManager.CurrentUserContext.RoleCodes.Add(VBSUserContext.Current.PositionCode); // userContext.Tag7 = result.PositionOnvan; // userContext.Tag8 = result.PositionCode; // userContext.Tag9 = result.OrganizationId.ToString(); // userContext.Tag10 = result.OrganizationOnvan; // //Must be here. // VBSUserContext.Current.UserRoles = await new VBSCartableHandler().GetCurrentUserRoles(); // } // } // else if (userContext.AuthenticationType == (int)Enums.VBSUserType.DrugStoreUser) // { // switch (userContext.Tag8) // { // case "0": // userContext.Tag10 = userContext.Tag5 == null ? "کاربر داروخانه" : "کاربر مؤسس"; // break; // case "1": // userContext.Tag10 = "کاربر مسئول فنی"; // break; // case "2": // userContext.Tag10 = "کاربر مؤسس و مسئول فنی"; // break; // } // if (string.IsNullOrWhiteSpace(userContext.Tag6)) // { // using (UnitOfWork uow = new UnitOfWork()) // { // var daroukhaneh = await uow.RepositoryAsync<Daroukhaneh>() // .Queryable() // .OrderByDescending(dar => dar.ID) // .Select(dar => new { dar.ID, dar.ShomarehParvane, dar.CodePosti, dar.TelHamrah, dar.LogData, dar.VazeyatTaeedSabt }) // .FirstOrDefaultAsync(dar => dar.LogData.InsertUserName == userContext.UserName && !dar.VazeyatTaeedSabt); // if (daroukhaneh != null) // { // var userInfoRep = uow.RepositoryAsync<VBSUserInfo>(); // var userInfo = await userInfoRep.Queryable() // .SingleOrDefaultAsync(user => user.ID == userContext.UserId); // userInfo.Tag1 = daroukhaneh.ShomarehParvane.ToString(); // userInfo.Tag2 = daroukhaneh.CodePosti.ToString(); // userInfo.Tag6 = daroukhaneh.ID.ToString(); // userInfo.MobileNo = daroukhaneh.TelHamrah; // userInfoRep.Update(userInfo); // await uow.SaveChangesAsync(); // userContext.Tag6 = daroukhaneh.ID.ToString(); // } // } // } // } // else // { // return await base.AfterLoginAsync(userContext); // } // return null; //} public async Task <HttpResponseMessage> GetChangePasswordOperationAccess() { var hasAccess = await SecurityManager.HasAccessAsync(ZhivarResourceIds.Zhivar_Security_ChangePassword); var oprAccess = new OperationAccess() { CanView = hasAccess }; return(Request.CreateResponse(HttpStatusCode.OK, new { resultCode = (int)ResultCode.Successful, data = oprAccess })); }
public override OperationAccess CreateOperationAccess() { if (this.UseForAnonymousUser) { return new OperationAccess() { CanDelete = true, CanExport = true, CanImport = true, CanInsert = true, CanPrint = true, CanUpdate = true, CanView = true } } ; SecurityManager.ThrowIfUserContextNull(); if (!ConfigurationController.EnableSecurityCheck) { return new OperationAccess() { CanDelete = true, CanExport = true, CanImport = true, CanInsert = true, CanPrint = true, CanUpdate = true, CanView = true } } ; OperationAccess operationAccess = SessionManager.GetData(this.OprAccessSessionKey) as OperationAccess; if (operationAccess == null) { operationAccess = new OperationAccess(); operationAccess.CanImport = this.HasAccess(this.ImportKey); operationAccess.CanView = this.HasAccess(this.ViewKey); operationAccess.CanInsert = this.HasAccess(this.InsertKey); operationAccess.CanDelete = this.HasAccess(this.DeleteKey); operationAccess.CanUpdate = this.HasAccess(this.UpdateKey); operationAccess.CanExport = this.HasAccess(this.ExportKey); operationAccess.CanPrint = this.HasAccess(this.PrintKey); SessionManager.Add(this.OprAccessSessionKey, (object)operationAccess); } return(operationAccess); }
public async Task LoadReferenceAsync <TProperty>( TEntity entity, Expression <Func <TEntity, TProperty> > navigationProperty, bool forceToDetach = false) where TProperty : class, IEntity { if (!this.UseForAnonymousUser) { SecurityManager.ThrowIfUserContextNull(); OperationAccess operationAccessAsync = await this.CreateOperationAccessAsync(); if (!this.OperationAccess.CanView) { throw new OperationAccessException(this.ViewKey); } } await this.LoadReferenceEntityAsync <TProperty>(entity, navigationProperty, forceToDetach); }
public async Task LoadCollectionAsync <TElement>( TEntity entity, Expression <Func <TEntity, ICollection <TElement> > > navigationProperty, Expression <Func <TElement, bool> > predicate, bool forceToDetach = false) where TElement : class, IEntity { if (!this.UseForAnonymousUser) { SecurityManager.ThrowIfUserContextNull(); OperationAccess operationAccessAsync = await this.CreateOperationAccessAsync(); if (!this.OperationAccess.CanView) { throw new OperationAccessException(this.ViewKey); } } await this.LoadCollectionEntityAsync <TElement>(entity, navigationProperty, predicate, forceToDetach); }
public async Task <HttpResponseMessage> GetAll( [FromUri] OperationAccess operationAccess) { try { try { Expression <Func <TEntity, bool> > expression = this.CreateDefaultSearchExpression(); if (operationAccess != null) { this.BusinessRule.OperationAccess = operationAccess; } IQueryable <TEntity> query = this.businessManager.GetByFilter(expression, (List <Expression <Func <TEntity, object> > >)null); List <TEntity> list = await query.ToListAsync2 <TEntity>(); List <TCustomQueryEntity> customQueryList = list.ConvertAll <TCustomQueryEntity>((Converter <TEntity, TCustomQueryEntity>)(entity => this.TranslateEntityToCustomQueryEntity(entity))); customQueryList = await this.PostExecuteQueryAsync(customQueryList, (QueryInfo)null); List <TEntityVM> listVM = customQueryList.ConvertAll <TEntityVM>((Converter <TCustomQueryEntity, TEntityVM>)(entity => this.TranslateCustomQueryEntityToEntityVM(entity))); return(this.Request.CreateResponse(HttpStatusCode.OK, new { resultCode = 0, data = listVM })); } catch (Exception ex) { HttpResponseMessage httpResponseMessage = await this.HandleExceptionAsync(ex); return(httpResponseMessage); } HttpResponseMessage httpResponseMessage1; return(httpResponseMessage1); } finally { if (this.businessRule != null) { this.businessRule.Dispose(); } } }
public async Task <UserContext> LoginAsync(string userName, string password) { using (SecurityDbContext context = new SecurityDbContext()) { UserInfo uInfo = await this.GetUserAsync(userName, new int?()); if (uInfo == null) { return((UserContext)null); } if (!OperationAccess.PasswordEqual(uInfo.Password, password)) { if (uInfo.LoginTryTime >= (int)ConfigurationController.LoginTryNo) { uInfo.IsActive = false; } ++uInfo.LoginTryTime; //uInfo.ObjectState = ObjectState.Modified; //context.SyncObjectState<UserInfo>(uInfo); int num = await context.SaveChangesAsync(); return((UserContext)null); } if (!uInfo.IsActive) { await SecurityManager.SaveActivityLogForLoginFailedActionAsync(userName, "کاربر غیر فعال"); throw new LoginException("کاربر غیر فعال می باشد."); } uInfo.LastLoginDate = new DateTime?(DateTime.Now); uInfo.LoginTryTime = 0; //uInfo.ObjectState = ObjectState.Modified; //context.SyncObjectState<UserInfo>(uInfo); int num1 = await context.SaveChangesAsync(); UserContext userContext = this.InitiateUserContext(uInfo); return(userContext); } }
public async Task <HttpResponseMessage> GetOperationAccess() { try { OperationAccess oprAccess = await this.BusinessRule.CreateOperationAccessAsync(); return(this.Request.CreateResponse(HttpStatusCode.OK, new { resultCode = 0, data = oprAccess })); } catch (Exception ex) { HttpResponseMessage httpResponseMessage = await this.HandleExceptionAsync(ex); return(httpResponseMessage); } HttpResponseMessage httpResponseMessage1; return(httpResponseMessage1); }
public static IBusinessRuleBaseAsync <TEntity> GetBusinessRule <TEntity>( OperationAccess operationAccess) where TEntity : class, IEntity { return(BusinessContext.GetBusinessRule <TEntity>(operationAccess, (IUnitOfWorkAsync)null)); }
public ZhivarUserInfoRule(OperationAccess operationAccess, IUnitOfWorkAsync uow) : base(uow) { OperationAccess = operationAccess; }
public PersonelRule(OperationAccess operationAccess, IUnitOfWorkAsync uow, bool useForAnonymousUser) : base(uow) { OperationAccess = operationAccess; UseForAnonymousUser = useForAnonymousUser; }
public PersonelRule(OperationAccess operationAccess, IUnitOfWorkAsync uow) : base(uow) { OperationAccess = operationAccess; }
public ZhivarUserInfoRule(OperationAccess operationAccess, IUnitOfWorkAsync uow, bool useForAnonymousUser) : base(uow) { OperationAccess = operationAccess; UseForAnonymousUser = useForAnonymousUser; }
public ZhivarUserInfoRule(OperationAccess operationAccess, bool useForAnonymousUser) : base() { OperationAccess = operationAccess; UseForAnonymousUser = useForAnonymousUser; }