public int DeleteUser(string ID)
{
int userID = -1;
try
{
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
User activeUser = User.GetUserByID(currentUser);
if (activeUser.IsAcountAdmin != true)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can delete users");
}
User user = new User()
{
UserID = int.Parse(ID)
};
userID = user.UserOperations(SqlOperation.Delete);
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
return(userID);
}
public List <Permission> GetTreeOfAllPermissionType()
{
List <Permission> returnObject = new List <Permission>();
try
{
Stack <Permission> stackPermission = new Stack <Permission>();
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
User user = User.GetUserByID(currentUser);
if (user.IsAcountAdmin != true)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can get user that is diffrent then current user!");
}
returnObject = Permission.GetAllPermissionTypeTree();
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
return(returnObject);
}
public List <User> GetGroupAssociateUsers(string ID)
{
List <User> users = null;
try
{
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
User user = User.GetUserByID(currentUser);
if (user.IsAcountAdmin != true)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can get the list of Associate groups");
}
users = Group.GetUserAssociateUsers(int.Parse(ID));
}
catch (Exception ex)
{
if (ex.Message != "Forbidden")
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
}
return(users);
}
public int UpdateUser(string ID, User user)
{
int userID = -1;
try
{
if (ID.Trim() != user.UserID.ToString())
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Updated userId is different from ID");
}
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
User activeUser = User.GetUserByID(currentUser);
if (activeUser.IsAcountAdmin != true)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can updated users");
}
userID = user.UserOperations(SqlOperation.Update);
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
return(userID);
}
public Group GetGroupByID(string ID)
{
int groupID;
Group group = null;
try
{
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
groupID = int.Parse(ID);
User user = User.GetUserByID(currentUser);
if (user.IsAcountAdmin != true)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can get user that is diffrent then current user!");
}
group = Group.GetGroupByID(groupID);
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
return(group);
}
public SessionResponseData LogIn(SessionRequestData sessionData)
{
SqlCommand sqlCommand;
SessionResponseData returnsessionData = null;
int session;
try
{
using (DataManager.Current.OpenConnection())
{
Encryptor encryptor = new Encryptor(KeyEncrypt);
sqlCommand = DataManager.CreateCommand("User_Login(@OperationType:Int,@Email:NVarchar,@Password:NVarchar,@UserID:Int,@SessionID:Int)", CommandType.StoredProcedure);
sqlCommand.Parameters["@OperationType"].Value = sessionData.OperationType;
if (sessionData.OperationType == OperationTypeEnum.New)
{
sqlCommand.Parameters["@Email"].Value = sessionData.Email;
sqlCommand.Parameters["@Password"].Value = sessionData.Password;
}
else
{
sqlCommand.Parameters["@UserID"].Value = sessionData.UserID;
try
{
sqlCommand.Parameters["@SessionID"].Value = encryptor.Decrypt(sessionData.Session);
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Invalid Session,session could no be parse!");
}
}
SqlDataReader sqlReader = sqlCommand.ExecuteReader();
if (sqlReader.Read())
{
session = Convert.ToInt32(sqlReader[0]);
if (session > 0)
{
returnsessionData = new SessionResponseData();
returnsessionData.UserID = sqlReader.GetInt32(1);
returnsessionData.Session = encryptor.Encrypt(session.ToString());
}
}
}
if (returnsessionData == null)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "User Name/Password is wrong!");
}
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
return(returnsessionData);
}
[WebInvoke(Method = "POST", UriTemplate = "deleterefund")] //tempurl
public void DeleteRefund(Refund refund)
{
try
{
refund.DeleteRefund();
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, ex.Message);
}
}
public void ScheduleCampaigns(List <CampaignStatusSchedule> campaignStatusSchedules, string accountID, string campaignGK)
{
try
{
CampaignStatusSchedule.Update(campaignStatusSchedules);
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(System.Net.HttpStatusCode.Forbidden, ex);
}
}
public List <Campaign> GetCampaignsByAccountIdAndChannel(string accountID, string channelID)
{
List <Campaign> campaigns = new List <Campaign>();
try
{
campaigns = Campaign.GetCampaignsByAccountIdAndChannel(int.Parse(accountID), int.Parse(channelID));
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(System.Net.HttpStatusCode.Forbidden, ex);
}
return(campaigns);
}
public List <CampaignStatusSchedule> GetCampaignStatusSchedulesBYcampaignGK(string accountID, string campaignGK)
{
List <CampaignStatusSchedule> campaignStatusSchedules = new List <CampaignStatusSchedule>();
try
{
return(CampaignStatusSchedule.GetCampaignStatusSchedules(int.Parse(campaignGK)));
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(System.Net.HttpStatusCode.Forbidden, ex);
}
return(campaignStatusSchedules);
}
public bool GetSpecificPermissionValue(PermissionRequest permissionRequest)
{
bool hasPermission = false;
try
{
int currentUser;
ThingReader <CalculatedPermission> calculatedPermissionReader;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
List <CalculatedPermission> calculatedPermissionList = new List <CalculatedPermission>();
using (DataManager.Current.OpenConnection())
{
SqlCommand sqlCommand = DataManager.CreateCommand("User_CalculatePermissions(@UserID:Int)", CommandType.StoredProcedure);
sqlCommand.Parameters["@UserID"].Value = currentUser;
calculatedPermissionReader = new ThingReader <CalculatedPermission>(sqlCommand.ExecuteReader(), null);
while (calculatedPermissionReader.Read())
{
calculatedPermissionList.Add(calculatedPermissionReader.Current);
}
calculatedPermissionReader.Dispose();
}
if (calculatedPermissionList != null && calculatedPermissionList.Count > 0)
{
if (string.IsNullOrEmpty(permissionRequest.Path))
{
if (calculatedPermissionList.Count > 0)
{
CalculatedPermission calculatedPermissions = calculatedPermissionList.Find(calculatedPermission => calculatedPermission.AccountID == permissionRequest.AccountID);
if (calculatedPermissions != null)
{
hasPermission = true;
}
}
}
else
{
CalculatedPermission calculatedPermissions = calculatedPermissionList.Find(calculatedPermission => calculatedPermission.AccountID == permissionRequest.AccountID && calculatedPermission.Path.Trim().ToUpper() == permissionRequest.Path.Trim().ToUpper());
if (calculatedPermissions != null)
{
hasPermission = true;
}
}
}
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
return(hasPermission);
}
public override void ProcessRequest(ref System.ServiceModel.Channels.Message request)
{
try
{
HttpRequestMessage httpRequestMessage = request.ToHttpRequestMessage();
if (CheckSession)
{
UriTemplateMatch uriTemplateMatch = (UriTemplateMatch)httpRequestMessage.Properties.Where(prop => prop.GetType() == typeof(UriTemplateMatch)).First();
if (uriTemplateMatch.Data.ToString().ToUpper() != LogIn.ToUpper())
{
if (httpRequestMessage.Headers.ContainsKey(SessionHeader))
{
int userCode;
string session = httpRequestMessage.Headers[SessionHeader];
if (String.IsNullOrEmpty(session) || !IsSessionValid(session, out userCode))
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Invalid session information.");
throw new InvalidOperationException();
}
else
{
OperationContext.Current.IncomingMessageProperties.Add("edge-user-id", userCode);
}
}
else
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Invalid session information.");
throw new InvalidOperationException();
}
}
}
}
catch (Exception ex)
{
if (ex.Message != "Invalid session information.")
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, ex.Message);
}
else
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, ex.Message);
}
throw;
}
}
public void InsertUpdateRemovePermissionForUser(string userID, AssignedPermissionData assignedPermissions)
{
try
{
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
User user = User.GetUserByID(currentUser);
if (user.IsAcountAdmin != true)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can edit permissions");
}
AssignedPermissionData.PermissionOperations(int.Parse(userID), assignedPermissions.accountsPermissionsData, false, assignedPermissions.permissionOperation);
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
}
public List <Account> GetAccount()
{
List <Account> acc = null;
try
{
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
acc = Account.GetAccount(null, true, currentUser);
if (acc.Count == 0)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.NotFound, String.Format("No account with permission found for user {0}", currentUser));
}
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
return(acc);
}
public List <Menu> GetMenu()
{
List <Menu> m = null;
try
{
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
m = Menu.GetMenu(currentUser);
if (m == null || m.Count == 0)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.NotFound, string.Format("No menu found for userId {0} ", currentUser));
}
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
return(m);
}
public int AddNewGroup(Group group)
{
int groupID = 1;
//todo: dont forget on production to change the userID field to auto increment
try
{
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
User activeUser = User.GetUserByID(currentUser);
if (activeUser.IsAcountAdmin != true)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can add group ");
}
groupID = group.GroupOperations(SqlOperation.Insert);
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.NotFound, ex.Message);
}
return(groupID);
}
public List <Group> GetAllGroups()
{
List <Group> groups = null;
try
{
int currentUser;
currentUser = System.Convert.ToInt32(OperationContext.Current.IncomingMessageProperties["edge-user-id"]);
User user = User.GetUserByID(currentUser);
if (user.IsAcountAdmin != true)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.Forbidden, "Only Account Administrator, can get the list of all groups");
}
groups = Group.GetAllGroups();
}
catch (Exception ex)
{
ErrorMessageInterceptor.ThrowError(HttpStatusCode.InternalServerError, ex.Message);
}
return(groups);
}