internal static UserIdentity CreateUserIdentity(UserInformation userInfo)
{
return new UserIdentity(userInfo.Username)
{
UserID = userInfo.UserID,
FullName = userInfo.FullName,
};
}
public static SecurityPrincipal CreateSecurityPrincipal(UserInformation userInfo)
{
if (userInfo != null)
{
return new SecurityPrincipal(userInfo.Permissions, userInfo.Groups, userInfo.Username, userInfo.Stores, userInfo.Accounts)
{
_identity = UserIdentity.CreateUserIdentity(userInfo)
};
}
return null;
}
public UserInformation Authenticate(string username, string password)
{
var userInformation = new UserInformation();
var repository = new UserRepository();
var user = repository.FindBy(u => u.Username == username).FirstOrDefault();
var userGroupRepository = new UserGroupRepository();
var groups = userGroupRepository.FindBy(u => u.UserID == user.UserID);
if (user == null || !user.CheckPassword(password))
return null;
userInformation.Username = user.Username;
if (user.Permissions != null)
userInformation.Permissions = user.Permissions.ToDictionary(permission => permission.Operation.Name, permission => permission.Allow);
if (groups != null)
userInformation.Groups = groups.ToDictionary(usergroup => usergroup.GroupID,
usergroup => usergroup.Group.Name);
if (user.StoreUsers != null)
userInformation.Stores = user.StoreUsers.ToDictionary(store => store.StoreID, store => store.Store.Name);
if (user.AccountUsers != null)
userInformation.Accounts = user.AccountUsers.ToDictionary(account => account.AccountID,
account => account.Account.Name);
return userInformation;
}
public static UserInformation Authenticate(string username)
{
Settings.EncryptionAlgorithm = EncryptionAlgorithms.MD5;
var userInformation = new UserInformation();
var user = repository.Users.FindBy(u => u.UserName == username).FirstOrDefault();
if (user == null || !user.IsActive)
return null;
userInformation.UserID = user.UserID;
userInformation.Username = user.UserName;
//if (user.Permissions != null)
{
var groups = user.UserGroups.Where(ug => ug.GroupStatus == true).Select(ug => ug.Group);
userInformation.Permissions = new Dictionary<string, bool>();
IEnumerable<string> permissions =
repository.RawSql<string>(
string.Format( "select mi.URL + '-' + o.Name from ( select * from [UserGroup] where UserID = {0} and IsActive = 1) ug join (select * from GroupPermission where Allow = 1) gp on ug.GroupID = gp.GroupID join Operation o on o.OperationID = gp.OperationID join MenuItem mi on mi.MenuItemID = o.MenuItemID join ResourceType rt on mi.ResourceTypeID = rt.ResourceTypeID where rt.ResourceTypeCode = 'WIN'", user.UserID));
foreach (var operation in permissions)
{
if (!userInformation.Permissions.ContainsKey(operation))
{
userInformation.Permissions.Add(operation, true);
}
}
}
userInformation.FullName = (user.FullName != null)
? user.FullName
: user.FirstName + " " + user.LastName;
return userInformation;
}
public static UserInformation Authenticate(string username, string password)
{
Settings.EncryptionAlgorithm = EncryptionAlgorithms.MD5;
var userInformation = new UserInformation();
var user = repository.Users.FindBy(u => u.UserName == username).FirstOrDefault();
if (user == null || !user.CheckPassword(password) || !user.IsActive)
return null;
user.LastLogin = Helpers.DateTimeHelper.ServerDateTime;
repository.Users.Update(user);
userInformation.UserID = user.UserID;
userInformation.Username = user.UserName;
// if (user.Permissions != null)
{
var groups = user.UserGroups.Where(ug => ug.GroupStatus == true).Select(ug => ug.Group);
userInformation.Permissions = new Dictionary<string, bool>();
// do the following in the name of optimization
// Amen to all
IEnumerable<string> permissions = repository.RawSql<string>(string.Format("select mi.URL + '-' + o.Name from ( select * from [UserGroup] where UserID = {0} and IsActive = 1) ug join (select * from GroupPermission where Allow = 1) gp on ug.GroupID = gp.GroupID join Operation o on o.OperationID = gp.OperationID join MenuItem mi on mi.MenuItemID = o.MenuItemID join ResourceType rt on mi.ResourceTypeID = rt.ResourceTypeID where rt.ResourceTypeCode = 'WIN'", user.UserID));
foreach (var operation in permissions)
{
if (!userInformation.Permissions.ContainsKey(operation))
{
userInformation.Permissions.Add(operation, true);
}
}
// what was below was replaced by up above
// and the result was tremendous improvement
//foreach (var group in groups)
//{
// // Materialize everything whenever you have to iterate on it. this helps reduce the round trips
// //var allowedOperations = group.GroupPermissions.Where(p => p.Allow == true).Select(p => p.Operation).Select( operation => operation.MenuItem.URL + "-" + operation.Name).ToList();
// //foreach (var operation in allowedOperations)
// //{
// // if (!userInformation.Permissions.ContainsKey(operation))
// // {
// // userInformation.Permissions.Add(operation,true);
// // }
// //}
//}
//user.Permissions.ToDictionary(permission => permission.Operation.Name, permission => permission.Allow);
}
//if (user.UserGroups != null)
//{
// userInformation.Groups = user.UserGroups.Where(g=>g.GroupStatus == true).Select(g=>g.Group).Distinct().ToDictionary(usergroup => usergroup.GroupID,
// usergroup => usergroup.Name);
//}
//if (user.StoreUsers != null)
//{
// userInformation.Stores = user.StoreUsers.Where(store=>store.Store.Warehouse != null).Select(s=>s.Store).ToList().Distinct().ToDictionary(store => store.StoreID, store => store.Name);
//}
//if (user.AccountUsers != null)
//{
// userInformation.Accounts = user.AccountUsers.Where(u=>u.IsActive == true).Select(u=>u.Account).ToList().Distinct().ToDictionary(account => account.ActivityID,
// account => account.Name);
//}
// This line is there to cope with User's full name created with the legacy User Management and the new one?????
userInformation.FullName = (user.FullName != null) ? user.FullName : user.FirstName + " " + user.LastName;
return userInformation;
}