public int DeleteUser(string ID)
        {
            int userID = -1;

            try
            {
                int currentUser;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
                User activeUser = User.GetUserByID(currentUser);
                if (activeUser.IsAcountAdmin != true)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can delete users");
                }
                User user = new User()
                {
                    UserID = int.Parse(ID)
                };
                userID = user.UserOperations(SqlOperation.Delete);
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
            }
            return(userID);
        }
        public List <Permission> GetTreeOfAllPermissionType()
        {
            List <Permission> returnObject = new List <Permission>();

            try
            {
                Stack <Permission> stackPermission = new Stack <Permission>();

                int currentUser;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);

                User user = User.GetUserByID(currentUser);
                if (user.IsAcountAdmin != true)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can get user that is diffrent then current user!");
                }
                returnObject = Permission.GetAllPermissionTypeTree();
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
            }

            return(returnObject);
        }
        public List <User> GetGroupAssociateUsers(string ID)
        {
            List <User> users = null;

            try
            {
                int currentUser;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
                User user = User.GetUserByID(currentUser);
                if (user.IsAcountAdmin != true)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can get the list of Associate groups");
                }
                users = Group.GetUserAssociateUsers(int.Parse(ID));
            }
            catch (Exception ex)
            {
                if (ex.Message != "Forbidden")
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
                }
            }

            return(users);
        }
        public int UpdateUser(string ID, User user)
        {
            int userID = -1;

            try
            {
                if (ID.Trim() != user.UserID.ToString())
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Updated userId is different from ID");
                }

                int currentUser;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
                User activeUser = User.GetUserByID(currentUser);
                if (activeUser.IsAcountAdmin != true)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can updated users");
                }

                userID = user.UserOperations(SqlOperation.Update);
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
            }
            return(userID);
        }
        public Group GetGroupByID(string ID)
        {
            int   groupID;
            Group group = null;

            try
            {
                int currentUser;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
                groupID     = int.Parse(ID);

                User user = User.GetUserByID(currentUser);
                if (user.IsAcountAdmin != true)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can get user that is diffrent then current user!");
                }
                group = Group.GetGroupByID(groupID);
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
            }

            return(group);
        }
        public SessionResponseData LogIn(SessionRequestData sessionData)
        {
            SqlCommand          sqlCommand;
            SessionResponseData returnsessionData = null;
            int session;

            try
            {
                using (DataManager.Current.OpenConnection())
                {
                    Encryptor encryptor = new Encryptor(KeyEncrypt);
                    sqlCommand = DataManager.CreateCommand("User_Login(@OperationType:Int,@Email:NVarchar,@Password:NVarchar,@UserID:Int,@SessionID:Int)", CommandType.StoredProcedure);


                    sqlCommand.Parameters["@OperationType"].Value = sessionData.OperationType;
                    if (sessionData.OperationType == OperationTypeEnum.New)
                    {
                        sqlCommand.Parameters["@Email"].Value    = sessionData.Email;
                        sqlCommand.Parameters["@Password"].Value = sessionData.Password;
                    }
                    else
                    {
                        sqlCommand.Parameters["@UserID"].Value = sessionData.UserID;

                        try
                        {
                            sqlCommand.Parameters["@SessionID"].Value = encryptor.Decrypt(sessionData.Session);
                        }
                        catch (Exception ex)
                        {
                            ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Invalid Session,session could no be parse!");
                        }
                    }
                    SqlDataReader sqlReader = sqlCommand.ExecuteReader();
                    if (sqlReader.Read())
                    {
                        session = Convert.ToInt32(sqlReader[0]);
                        if (session > 0)
                        {
                            returnsessionData         = new SessionResponseData();
                            returnsessionData.UserID  = sqlReader.GetInt32(1);
                            returnsessionData.Session = encryptor.Encrypt(session.ToString());
                        }
                    }
                }
                if (returnsessionData == null)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "User Name/Password is wrong!");
                }
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
            }

            return(returnsessionData);
        }
 [WebInvoke(Method = "POST", UriTemplate = "deleterefund")]         //tempurl
 public void DeleteRefund(Refund refund)
 {
     try
     {
         refund.DeleteRefund();
     }
     catch (Exception ex)
     {
         ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, ex.Message);
     }
 }
 public void ScheduleCampaigns(List <CampaignStatusSchedule> campaignStatusSchedules, string accountID, string campaignGK)
 {
     try
     {
         CampaignStatusSchedule.Update(campaignStatusSchedules);
     }
     catch (Exception ex)
     {
         ErrorMessageInterceptor.ThrowError(System.Net.HttpStatusCode.Forbidden, ex);
     }
 }
        public List <Campaign> GetCampaignsByAccountIdAndChannel(string accountID, string channelID)
        {
            List <Campaign> campaigns = new List <Campaign>();

            try
            {
                campaigns = Campaign.GetCampaignsByAccountIdAndChannel(int.Parse(accountID), int.Parse(channelID));
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(System.Net.HttpStatusCode.Forbidden, ex);
            }
            return(campaigns);
        }
        public List <CampaignStatusSchedule> GetCampaignStatusSchedulesBYcampaignGK(string accountID, string campaignGK)
        {
            List <CampaignStatusSchedule> campaignStatusSchedules = new List <CampaignStatusSchedule>();

            try
            {
                return(CampaignStatusSchedule.GetCampaignStatusSchedules(int.Parse(campaignGK)));
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(System.Net.HttpStatusCode.Forbidden, ex);
            }
            return(campaignStatusSchedules);
        }
        public bool GetSpecificPermissionValue(PermissionRequest permissionRequest)
        {
            bool hasPermission = false;

            try
            {
                int currentUser;
                ThingReader <CalculatedPermission> calculatedPermissionReader;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
                List <CalculatedPermission> calculatedPermissionList = new List <CalculatedPermission>();
                using (DataManager.Current.OpenConnection())
                {
                    SqlCommand sqlCommand = DataManager.CreateCommand("User_CalculatePermissions(@UserID:Int)", CommandType.StoredProcedure);
                    sqlCommand.Parameters["@UserID"].Value = currentUser;
                    calculatedPermissionReader             = new ThingReader <CalculatedPermission>(sqlCommand.ExecuteReader(), null);
                    while (calculatedPermissionReader.Read())
                    {
                        calculatedPermissionList.Add(calculatedPermissionReader.Current);
                    }
                    calculatedPermissionReader.Dispose();
                }
                if (calculatedPermissionList != null && calculatedPermissionList.Count > 0)
                {
                    if (string.IsNullOrEmpty(permissionRequest.Path))
                    {
                        if (calculatedPermissionList.Count > 0)
                        {
                            CalculatedPermission calculatedPermissions = calculatedPermissionList.Find(calculatedPermission => calculatedPermission.AccountID == permissionRequest.AccountID);
                            if (calculatedPermissions != null)
                            {
                                hasPermission = true;
                            }
                        }
                    }
                    else
                    {
                        CalculatedPermission calculatedPermissions = calculatedPermissionList.Find(calculatedPermission => calculatedPermission.AccountID == permissionRequest.AccountID && calculatedPermission.Path.Trim().ToUpper() == permissionRequest.Path.Trim().ToUpper());
                        if (calculatedPermissions != null)
                        {
                            hasPermission = true;
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
            }
            return(hasPermission);
        }
示例#12
0
        public override void ProcessRequest(ref System.ServiceModel.Channels.Message request)
        {
            try
            {
                HttpRequestMessage httpRequestMessage = request.ToHttpRequestMessage();

                if (CheckSession)
                {
                    UriTemplateMatch uriTemplateMatch = (UriTemplateMatch)httpRequestMessage.Properties.Where(prop => prop.GetType() == typeof(UriTemplateMatch)).First();

                    if (uriTemplateMatch.Data.ToString().ToUpper() != LogIn.ToUpper())
                    {
                        if (httpRequestMessage.Headers.ContainsKey(SessionHeader))
                        {
                            int    userCode;
                            string session = httpRequestMessage.Headers[SessionHeader];
                            if (String.IsNullOrEmpty(session) || !IsSessionValid(session, out userCode))
                            {
                                ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Invalid session information.");
                                throw new InvalidOperationException();
                            }
                            else
                            {
                                OperationContext.Current.IncomingMessageProperties.Add("edge-user-id", userCode);
                            }
                        }
                        else
                        {
                            ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Invalid session information.");
                            throw new InvalidOperationException();
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                if (ex.Message != "Invalid session information.")
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, ex.Message);
                }
                else
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, ex.Message);
                }
                throw;
            }
        }
 public void InsertUpdateRemovePermissionForUser(string userID, AssignedPermissionData assignedPermissions)
 {
     try
     {
         int currentUser;
         currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
         User user = User.GetUserByID(currentUser);
         if (user.IsAcountAdmin != true)
         {
             ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can edit permissions");
         }
         AssignedPermissionData.PermissionOperations(int.Parse(userID), assignedPermissions.accountsPermissionsData, false, assignedPermissions.permissionOperation);
     }
     catch (Exception ex)
     {
         ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
     }
 }
        public List <Account> GetAccount()
        {
            List <Account> acc = null;

            try
            {
                int currentUser;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
                acc         = Account.GetAccount(null, true, currentUser);
                if (acc.Count == 0)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.NotFound, String.Format("No account with permission found for user {0}", currentUser));
                }
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
            }
            return(acc);
        }
        public List <Menu> GetMenu()
        {
            List <Menu> m = null;

            try
            {
                int currentUser;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);

                m = Menu.GetMenu(currentUser);
                if (m == null || m.Count == 0)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.NotFound, string.Format("No menu found for userId {0} ", currentUser));
                }
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
            }
            return(m);
        }
        public int AddNewGroup(Group group)
        {
            int groupID = 1;

            //todo: dont forget on production to change the userID field to auto increment
            try
            {
                int currentUser;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
                User activeUser = User.GetUserByID(currentUser);
                if (activeUser.IsAcountAdmin != true)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can add group ");
                }
                groupID = group.GroupOperations(SqlOperation.Insert);
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.NotFound, ex.Message);
            }
            return(groupID);
        }
        public List <Group> GetAllGroups()
        {
            List <Group> groups = null;

            try
            {
                int currentUser;
                currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
                User user = User.GetUserByID(currentUser);
                if (user.IsAcountAdmin != true)
                {
                    ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can get the list of all groups");
                }
                groups = Group.GetAllGroups();
            }
            catch (Exception ex)
            {
                ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
            }

            return(groups);
        }