}// end loadData() private void prepareLavagnaDynamicPortion() { int loggedUsrLevel = RoleChecker.TryRoleChecker( this.Session, this.Request.UserHostAddress ); /* * 0 unlogged * 1 admin * 2 writer * 3 reader * */ if ( 1 == loggedUsrLevel || 2 == loggedUsrLevel ) { this.grdDatiPaginati.Columns[4].Visible = true; // disable column "add-Doc", for ALL rows. this.grdDatiPaginati.Columns[6].Visible = true; // disable column "update-Abstract", for ALL rows. } else { this.grdDatiPaginati.Columns[4].Visible = false; // disable column "add-Doc", for ALL rows. this.grdDatiPaginati.Columns[6].Visible = false; // disable column "update-Abstract", for ALL rows. } }// end prepareLavagnaDynamicPortion()
protected override async Task <ResultWithMetrologyProperties <ResultModel> > DoRunAsync(Request request) { var users = DbContext.Users.AsNoTracking().Where(user => EF.Functions.Like(user.UserName, $"%{request.Filter}%")).OrderBy(user => user.UserName); var totalCount = users.Count(); var pageCount = (int)Math.Ceiling((double)totalCount / request.PageSize); var pageEntries = await users.Skip((request.PageNo - 1) *request.PageSize).Take(request.PageSize).ToListAsync(); var resultUsers = new List <ResultUserModel>(); foreach (var user in pageEntries) { var roles = await RoleChecker.GetRolesAsync(user); resultUsers.Add(new ResultUserModel(user.UserName, user.Id, string.Join(',', roles), user.Email, user.MinimumCountOfDaysBetweenNotifs, user.LastNotificationUtcDate)); } var result = new ResultModel(totalCount, pageCount, resultUsers); return(new ResultWithMetrologyProperties <ResultModel>(result, ("LoggedUser", request.UserId.ToString()), ("PageSize", request.PageSize.ToString()), ("PageNo", request.PageNo.ToString()), ("FilterLength", request.Filter.Length.ToString()), ("TotalCount", result.TotalCount.ToString()), ("PageCount", result.PageCount.ToString()), ("ResultCount", result.Users.Count().ToString()))); }
public bool Showdrop(string group) { var u = HttpContext.Current.User; return((u.IsInRole("Edit") || RoleChecker.HasSetting(SettingName.OrgMembersDropAdd, true)) && (MultiSelect ? "" : GroupSelect) == group); }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { NoCheckRole = NoCheckRole || (filterContext.RouteData.Values["Controller"].ToString() == "Email" && CurrentDatabase.Setting("UX-AllowMyDataUserEmails")) || (filterContext.RouteData.Values["Controller"].ToString() == "OrgMemberDialog" && filterContext.RouteData.Values["Action"].ToString() == "Drop" && CurrentDatabase.Setting("UX-AllowMyDataUserLeaveOrg") && Util.UserPeopleId.ToString() == filterContext.RequestContext?.HttpContext?.Request?.Params["PeopleId"]); if (!User.Identity.IsAuthenticated) { var s = "/Logon?ReturnUrl=" + HttpUtility.UrlEncode(Request.RawUrl); if (Request.QueryString.Count > 0) { s += "&" + Request.QueryString.ToString(); } filterContext.Result = Redirect(s); } else if (!NoCheckRole) { var r = AccountModel.CheckAccessRole(Util.UserName); if (r.HasValue()) { filterContext.Result = Redirect(r); } } var disableHomePageForOrgLeaders = CurrentDatabase.Setting("UX-DisableHomePageForOrgLeaders"); if (!disableHomePageForOrgLeaders) { disableHomePageForOrgLeaders = RoleChecker.HasSetting(SettingName.DisableHomePage, false); } var contr = filterContext.RouteData.Values["Controller"].ToString(); var act = filterContext.RouteData.Values["Action"].ToString(); var orgleaderonly = User.IsInRole("OrgLeadersOnly"); if (contr == "Home" && act == "Index" && disableHomePageForOrgLeaders && orgleaderonly) { Util2.OrgLeadersOnly = true; CurrentDatabase.SetOrgLeadersOnly(); filterContext.Result = Redirect($"/Person2/{Util.UserPeopleId}"); } else if (orgleaderonly && Util2.OrgLeadersOnly == false) { Util2.OrgLeadersOnly = true; CurrentDatabase.SetOrgLeadersOnly(); } base.OnActionExecuting(filterContext); Util.Helpfile = $"_{filterContext.ActionDescriptor.ControllerDescriptor.ControllerName}_{filterContext.ActionDescriptor.ActionName}"; CurrentDatabase.UpdateLastActivity(Util.UserId); HttpContext.Response.Headers.Add("X-Robots-Tag", "noindex"); HttpContext.Response.Headers.Add("X-Robots-Tag", "unavailable after: 1 Jan 2017 01:00:00 CST"); }
protected override async Task <ResultWithMetrologyProperties <ResultModel> > DoRunAsync(Request request) { var users = await DbContext.Users.AsNoTracking().ToListAsync(); var admins = users.Where(u => RoleChecker.UserIsAdminAsync(u).Result).Select(u => new ResultUserModel(u.UserName, u.Email)); var result = new ResultModel(admins); return(new ResultWithMetrologyProperties <ResultModel>(result, ("LoggedUser", request.UserId.ToString()), ("ResultCount", result.Users.Count().ToString()))); }
public bool Showdrop(string group) { if ((MultiSelect ? "" : GroupSelect) != group) { return(false); } return(User.InRole("Edit") || RoleChecker.HasSetting(SettingName.OrgMembersDropAdd, false)); }
public bool Showdrop(string group) { if ((MultiSelect ? "" : GroupSelect) != group) { return(false); } var u = HttpContext.Current.User; return(u.IsInRole("Edit") || RoleChecker.HasSetting(SettingName.OrgMembersDropAdd, false)); }
private async Task ExecuteCommand(CommandContext command, DiscordUser targetUser) { if (!await Utils.VerifySelfOtherPermission(command, targetUser, "unlink")) { return; } if (!Database.TryGetSponsor(targetUser.Id, out Database.SponsorEntry _)) { await command.RespondAsync(new DiscordEmbedBuilder { Color = DiscordColor.Red, Description = "This account is not linked." }); return; } if (Database.TryRemoveSponsor(targetUser.Id)) { await command.RespondAsync(new DiscordEmbedBuilder { Color = DiscordColor.Green, Description = "Link removed." }); } else { await command.RespondAsync(new DiscordEmbedBuilder { Color = DiscordColor.Red, Description = "Error occured when attempting to remove sponsor from database." }); } DiscordMember member; try { member = await command.Guild.GetMemberAsync(targetUser.Id); } catch (Exception) { return; } await RoleChecker.SyncRoles(member, 0); }
private void StartScan() { string pageData = ""; HttpStatusCode status = AppUtil.GetPageData(m_startUrl, false, out pageData); if (status == HttpStatusCode.OK) { frmCenterMain.lstList.Items.Add(m_startUrl); CHtmlDocument doc = new CHtmlDocument(pageData); doc.HRef = m_startUrl; RoleChecker.getInstance().Start(doc); } PrintReport(); }
public async Task OnExecute(CommandContext command) { if (!await Utils.VerifyPermission(command, "recheck")) { return; } await command.RespondAsync(new DiscordEmbedBuilder { Color = DiscordColor.Green, Description = "Running recheck on all sponsors." }); Logger.Log(LogID.Discord, "Started manually triggered check of sponsors..."); await RoleChecker.RunSponsorCheck(); Logger.Log(LogID.Discord, "Manually triggered sponsor check finished."); }
public bool UserCanEdit() { if (Type == "Attr") { return(false); } var user = HttpContext.Current?.User; if (user == null) { return(false); } var path = HttpContext.Current?.Request.Path; if (path != null && path.Contains("CommunityGroup")) { if (user.IsInRole("Edit")) { return(true); } if (RoleChecker.HasSetting(SettingName.CanEditCGInfoEVs, false)) { if (string.IsNullOrEmpty(EditableRoles)) { return(true); } var editableRoles = EditableRoles.SplitStr(","); return(editableRoles.Any(role => user.IsInRole(role.Trim()))); } return(false); } return(user.IsInRole("Edit")); }
private void PerformLogin() { var username = tbUserName.Text; var user = getPortalUserByUserName(username); if (user != null) { var roleCheck = new RoleChecker().RoleCheck(user, _portletTemplate); if (roleCheck.Success) { if (LogAction(tbReason.Text, user.ID)) { var currentUser = PortalUser.Current.Username; HttpContext.Current.Session.Clear(); PortalGlobal.Login(user.Username, String.Empty); HttpContext.Current.Session["file_access"] = new StringDictionary(); // UploadFile doesn't check to see if there is a valid StringDictionary here, and does a cast. This causes a unhandled exception that bubbles up to a YSOD HttpContext.Current.Session["ProxyLoginOriginalUser"] = currentUser; HttpContext.Current.Session["ProxyLoginDontRedirect"] = true; } } else { divmessage.InnerHtml = roleCheck.Reason; divmessage.Visible = true; if (_logFailures) { LogAction(roleCheck.Reason, user.ID); } } } else { divmessage.InnerHtml = Globalizer.GetGlobalizedString("CUS_BC_PL_USER_NOT_FOUND"); divmessage.Visible = true; } }
private void PerformLogin() { var username = tbUserName.Text; var user = getPortalUserByUserName(username); if (user != null) { var roleCheck = new RoleChecker().RoleCheck(user, ParentPortlet.Portlet.PortletTemplate); if (roleCheck.Success) { if (LogAction(tbReason.Text, user.ID)) { var currentUser = PortalUser.Current.Username; HttpContext.Current.Session.Clear(); HttpContext.Current.Session["file_access"] = new StringDictionary();// UploadFile doesn't check to see if there is a valid StringDictionary here, and does a cast. This causes a unhandled exception that bubbles up to a YSOD PortalGlobal.Login(user.Username, String.Empty); HttpContext.Current.Session["ProxyLoginOriginalUser"] = currentUser; BCProxyLogin.RedirectUrl(Response); } } else { ParentPortlet.ShowFeedback(FeedbackType.Message, roleCheck.Reason); if (_logFailures) { LogAction(roleCheck.Reason, user.ID); } } } else { ParentPortlet.ShowFeedback(FeedbackType.Message, Globalizer.GetGlobalizedString("CUS_BC_PL_USER_NOT_FOUND")); } }
public async Task OnExecute(CommandContext command, DiscordMember member) { if (!await Utils.VerifyPermission(command, "recheck")) { return; } if (!Database.TryGetSponsor(member.Id, out Database.SponsorEntry sponsorEntry)) { await command.RespondAsync(new DiscordEmbedBuilder { Color = DiscordColor.Red, Description = "That user isn't linked to a Github account." }); return; } await command.RespondAsync(new DiscordEmbedBuilder { Color = DiscordColor.Green, Description = "Running recheck on " + member.Mention + "." }); List <Github.Sponsor> sponsors = await Github.GetSponsors(); ulong sponsorTierRoleID = 0; Github.Sponsor sponsor = sponsors.FirstOrDefault(x => x.sponsor.id == sponsorEntry.githubID); if (sponsor != null) { sponsorTierRoleID = Config.tierRoles.GetValueOrDefault(sponsor.dollarAmount); } await RoleChecker.SyncRoles(member, sponsorTierRoleID); }
public List <Location> SettingsForRole(Role r) { var xdoc = RoleSettingDefaults; var locations = new List <Location>(); foreach (var e in xdoc.XPathSelectElements("/DefaultSettings").Elements()) { var location = e.Attribute("name")?.Value; var settings = new List <Setting>(); var loc = new Location() { Name = location }; foreach (var s in e.Elements()) { bool defValue = s.Attribute("value")?.Value == "true"; string settingName = s.Attribute("name")?.Value; var setting = new Setting() { Name = s.Attribute("friendly")?.Value, XMLName = settingName, Location = location, FalseLabel = s.Attribute("false")?.Value, TrueLabel = s.Attribute("true")?.Value, Default = defValue, Active = RoleChecker.RoleHasSetting(settingName, r.RoleName, defValue), ToolTip = s.Attribute("tooltip")?.Value, Reverse = s.Attribute("reverse")?.Value == "true" }; settings.Add(setting); } loc.Settings = settings; locations.Add(loc); } return(locations); }
private async Task ExecuteCommand(CommandContext command, DiscordMember targetMember, string githubUsername = null) { if (!await Utils.VerifySelfOtherPermission(command, targetMember, "link")) { return; } if (Database.TryGetSponsor(targetMember.Id, out Database.SponsorEntry _)) { DiscordEmbed error = new DiscordEmbedBuilder { Color = DiscordColor.Red, Description = "The Discord account <@" + targetMember.Id + "> is already linked to a Github account." }; await command.RespondAsync(error); return; } Github.Account githubAccount = null; if (githubUsername != null) // The username has been provided as a command argument { githubAccount = await Github.GetUserByUsername(githubUsername); if (githubAccount == null) { DiscordEmbed notfound = new DiscordEmbedBuilder { Color = DiscordColor.Red, Description = "Could not find Github user '" + githubUsername + "'." }; await command.RespondAsync(notfound); return; } } else // Perform standard two-factor authentication as username has not been provided { List <Github.Issue> issues = await Github.GetIssues(); foreach (Github.Issue issue in issues) { if (issue.description.Contains(command.Member.Id.ToString())) { githubAccount = issue.author; break; } } if (githubAccount == null) { DiscordEmbed notfound = new DiscordEmbedBuilder { Color = DiscordColor.Red, Description = "Could not find a recent Github issue containing your Discord ID.\n" + "You must create an issue containing your Discord ID here:\n" + Config.issueURL }; await command.RespondAsync(notfound); return; } } if (Database.TryGetSponsor(githubAccount.id, out Database.SponsorEntry existingSponsor)) { await command.RespondAsync(new DiscordEmbedBuilder { Color = DiscordColor.Red, Description = "The Github account '" + githubAccount.name + "' is already linked to <@" + existingSponsor.discordID + ">" }); return; } if (!Database.TryAddSponsor(new Database.SponsorEntry { discordID = targetMember.Id, githubID = githubAccount.id })) { DiscordEmbed error = new DiscordEmbedBuilder { Color = DiscordColor.Red, Description = "Error occured when writing sponsor to database." }; await command.RespondAsync(error); return; } DiscordEmbed message = new DiscordEmbedBuilder { Color = DiscordColor.Green, Description = "The Github account '" + githubAccount.name + "' is now linked to <@" + targetMember.Id + ">" }; await command.RespondAsync(message); List <Github.Sponsor> sponsors = await Github.GetSponsors(); ulong sponsorTierRoleID = 0; Github.Sponsor sponsor = sponsors.FirstOrDefault(x => x.sponsor.id == githubAccount.id); if (sponsor != null) { sponsorTierRoleID = Config.tierRoles.GetValueOrDefault(sponsor.dollarAmount); } await RoleChecker.SyncRoles(targetMember, sponsorTierRoleID); }
public ActionResult CheckCredentials(User currentUser, string username, string password, string reason) { var returnContent = Globalizer.GetGlobalizedString("MSG_LOGINPORTLET_INVALID"); if (currentUser.Username == "Guest") { return(Content("User Not Loged In")); } var currentPortalUser = _portalUserFacade.FindByUsername(currentUser.Username); if (Request.IsAjaxRequest()) { try { if (_loginService.IsLoginValid(currentUser.Username, password) || !_requirePassword) { if (System.Web.HttpContext.Current.Session["ProxyLoginOriginalUser"] != null) { return(Content(Globalizer.GetGlobalizedString("CUS_BC_PL_ALREADY_PROXIED"))); } var user = _portalUserFacade.FindByUsername(username); if (user != null) { var roleCheck = new RoleChecker().RoleCheck(user, _portletTemplateFacade.FindByName("[CUS] BCProxyLogin"), currentPortalUser); if (roleCheck.Success) { LogAction(reason, user.ID, currentPortalUser.ID); System.Web.HttpContext.Current.Session.Clear(); System.Web.HttpContext.Current.Session["file_access"] = new StringDictionary();// UploadFile doesn't check to see if there is a valid StringDictionary here, and does a cast. This causes a unhandled exception that bubbles up to a YSOD _formsAuthenticationService.SignIn(username, false); System.Web.HttpContext.Current.Session["ProxyLoginOriginalUser"] = currentUser; returnContent = "OK"; } else { if (_logFailures) { LogAction(roleCheck.Reason, user.ID, currentPortalUser.ID); } returnContent = roleCheck.Reason; } } else { returnContent = Globalizer.GetGlobalizedString("CUS_BC_PL_USER_NOT_FOUND"); } } } catch (Exception ex) { returnContent = ex.GetBaseException().Message; } } return(Content(returnContent)); }
protected void Page_Load(object sender, EventArgs e) { // in test //string lang = ClientLanguageChecker.ClientLanguageGet( this.Request); //if ("it" == lang.ToLower().Trim()) //{ // // TODO this.hplCandidatoLoad.Text = "test:_label_italiana_"; //} //else //{ // // TODO //} // // tasto di chiusura-browser. Inutilizzato in questa implementazione. //this.btnTerminateSession.Attributes["onclick"] = "ChiusuraSessione()"; // if ( null == this.Session["lasciapassare"] ) { this.lblStato.Text = "unbekannter Benutzer / L'utente non e' ancora stato riconosciuto. Procedere alla Login per fare accesso all'applicazione."; this.tblTimbro.Enabled = false; //----- start admin privileges--- this.pnlAdminLinks.Enabled = false; this.pnlAdminLinks.Visible = false; // this.pnlInsert.Enabled = false; this.pnlInsert.Visible = false; //-----end admin privileges----- } else// user logged, differentiate by level. { this.lblStato.Text = "Benutzer: / L'utente collegato e': " + ((Entity.BusinessEntities.Permesso.Patente)(this.Session["lasciapassare"])).username; this.tblTimbro.Enabled = true; // int loggedUsrLevel = RoleChecker.TryRoleChecker( this.Session, this.Request.UserHostAddress ); ////----- start differentiate by level--- /* * 0 unlogged * 1 admin * 2 writer * 3 reader * */ if ( 1 == loggedUsrLevel // admin ) { this.pnlAdminLinks.Enabled = true; this.pnlAdminLinks.Visible = true; // this.pnlInsert.Enabled = true; this.pnlInsert.Visible = true; this.hplCategoriaInsert.Enabled = true; this.hplCategoriaInsert.Visible = true; } else if ( 2 == loggedUsrLevel // writer ) { this.pnlAdminLinks.Enabled = false; this.pnlAdminLinks.Visible = false; // this.pnlInsert.Enabled = true; this.pnlInsert.Visible = true; this.hplCategoriaInsert.Enabled = true; this.hplCategoriaInsert.Visible = true; } else // reader { this.pnlAdminLinks.Enabled = false; this.pnlAdminLinks.Visible = false; // this.pnlInsert.Enabled = false; this.pnlInsert.Visible = false; this.hplCategoriaInsert.Enabled = false; this.hplCategoriaInsert.Visible = false; } ////----- end differentiate by level--- // string relativeUrl = this.Request.AppRelativeCurrentExecutionFilePath; string pageName = relativeUrl.Substring( relativeUrl.LastIndexOf("/") + 1 ); pageName = pageName.Substring(0, pageName.Length - 5);// 5==(4 of .ext + 1 for zero-based -str) // // NB. ReEntrantChecker not here, since it is executed AFTER the container_Page Page_Load(). // each container page Page_Load already called ReEntrantChecker. if (// going to a NOT_View_enabled_Page -> Dtor(View). "candidatoLoad" != pageName && "cvMultiRead" != pageName && "PrimeDataGrid" != pageName && "queryCandidato" != pageName // add here: ||"otherName" != pageName ) { //----NB.-------------- this.View_DROP_SERVICE(); // } // NB. the following code destructs the View, even when it must NOT be done. DON'T DO THAT. //else // going to a View_enabled_Page -> check if I have to preserve the existing view, or build a new one. Don't: the Cacher::Ctor does it. //{ // if ( false==((bool)(this.Session["IsReEntrant"]) ) )// NOT IsReEntrant: change between pages, both ViewEnabled, but with DIFFERENT Views. // { // }// else navigating back on the same view-anabled page -> preserve existing view. //} // switch (pageName) { default: // stands for phase* (ex writeSingleProc) case "Default": case "home": case "errore": { if ( null == this.Session["lasciapassare"] ) { this.hplCandidatoLoad.Enabled = false; this.hplCandidatoInsert.Enabled = false; this.hplLogViewerWeb.Enabled = false; this.hplChangePwd.Enabled = false; this.hplCategoriaInsert.Enabled = false; this.hplPrimes.Enabled = false; } else { this.hplCandidatoLoad.Enabled = true; this.hplCandidatoInsert.Enabled = true; this.hplLogViewerWeb.Enabled = true; this.hplChangePwd.Enabled = true; this.hplCategoriaInsert.Enabled = true; this.hplPrimes.Enabled = true; } break; } case "candidatoLoad": { this.hplCandidatoLoad.Enabled = false; this.hplCandidatoInsert.Enabled = true; this.hplLogViewerWeb.Enabled = true; this.hplChangePwd.Enabled = true; this.hplCategoriaInsert.Enabled = true; this.hplPrimes.Enabled = true; break; } case "candidatoInsert": { this.hplCandidatoLoad.Enabled = true; this.hplCandidatoInsert.Enabled = false; this.hplLogViewerWeb.Enabled = true; this.hplChangePwd.Enabled = true; this.hplCategoriaInsert.Enabled = true; this.hplPrimes.Enabled = true; break; } case "categoriaInsert": { this.hplCandidatoLoad.Enabled = true; this.hplCandidatoInsert.Enabled = true; this.hplLogViewerWeb.Enabled = true; this.hplChangePwd.Enabled = true; this.hplCategoriaInsert.Enabled = false; this.hplPrimes.Enabled = true; break; } case "queryCandidato": { this.hplQueryCandidato.Enabled = false; // this.hplCandidatoLoad.Enabled = true; this.hplCandidatoInsert.Enabled = true; this.hplLogViewerWeb.Enabled = true; this.hplChangePwd.Enabled = true; this.hplCategoriaInsert.Enabled = true; this.hplPrimes.Enabled = true; break; } case "cvMultiRead": // NB. dalle pagine docMulti si deve poter navigare su quelle generali( i.e. di tutti i candidati). case "cvMultiInsert": { this.hplCandidatoLoad.Enabled = true; this.hplCandidatoInsert.Enabled = true; this.hplLogViewerWeb.Enabled = true; this.hplChangePwd.Enabled = true; this.hplCategoriaInsert.Enabled = true; this.hplPrimes.Enabled = true; break; } case "changePwd": { this.hplCandidatoLoad.Enabled = true; this.hplCandidatoInsert.Enabled = true; this.hplLogViewerWeb.Enabled = true; this.hplChangePwd.Enabled = false; this.hplCategoriaInsert.Enabled = true; this.hplPrimes.Enabled = true; break; } case "PrimeDataGrid": { this.hplCandidatoLoad.Enabled = true; this.hplCandidatoInsert.Enabled = true; this.hplLogViewerWeb.Enabled = true; this.hplChangePwd.Enabled = true; this.hplCategoriaInsert.Enabled = true; this.hplPrimes.Enabled = false; break; } case "LogViewerWeb": { this.hplCandidatoLoad.Enabled = true; this.hplCandidatoInsert.Enabled = true; this.hplLogViewerWeb.Enabled = false; this.hplChangePwd.Enabled = true; this.hplCategoriaInsert.Enabled = true; this.hplPrimes.Enabled = true; break; } } // end switch } // end "user-logged". // // ready }// end Page_Load