private static bool check( string sessionGuid_in, string ip_forLogPurposes_in, SO_CRD_Profile profile_in, out Sessionuser sessionUser_out, out List <int> errorlist_out ) { Guid _sessionguid; #region check... int[] _errors_out; if (!SBO_CRD_Authentication.isSessionGuid_valid( sessionGuid_in, ip_forLogPurposes_in, out _sessionguid, out sessionUser_out, out errorlist_out, out _errors_out )) { //// no need! //errors_out = _errors.ToArray(); return(false); } #endregion #region check Permissions... if ( !sessionUser_out.hasPermission( false, PermissionType.Profile__insert, PermissionType.Profile__update ) ) { errorlist_out.Add(ErrorType.profile__lack_of_permissions_to_write); return(false); } #endregion if (profile_in != null) { #region check Profile... if ( (profile_in.Name = profile_in.Name.Trim()).Length == 0 ) { errorlist_out.Add(ErrorType.profile__invalid_name); return(false); } #endregion } return(true); }
internal static long insObject_Registration( string login_in, string password_in, int idApplication_in, bool selectIdentity_in, ref List <int> errorlist_in, DBConnection con_in ) { long _output = -1L; // user registering // if (!Sessionuser.checkLogin(login_in, ref errorlist_in)) { return(_output); } bool _constraint; _output = DO_CRD_User.insObject( new SO_CRD_User( -1L, login_in, // ToDos: here! encrypt before sending... password_in, idApplication_in ), selectIdentity_in, out _constraint, con_in ); if (_constraint) { errorlist_in.Add(ErrorType.data__constraint_violation); } else { if (con_in == null) { // assuming NO other (internal) operations are going on errorlist_in.Add(ErrorType.user__successfully_created__WARNING); } } return(_output); }
public static void Logout( string sessionGuid_in ) { Guid _sessionguid; if ( Sessionuser.Guid_TryParse(sessionGuid_in, out _sessionguid) && UserSession.ContainsKey(_sessionguid) ) { UserSession.Remove(_sessionguid); } }
internal static bool isSessionGuid_valid( string sessionGuid_in, out Guid sessionGuid_out, out List <int> errorlist_out ) { errorlist_out = new List <int>(); if (!Sessionuser.Guid_TryParse(sessionGuid_in, out sessionGuid_out)) { errorlist_out.Add(ErrorType.authentication__invalid_guid); return(false); } return(true); }
private static bool check( string sessionGuid_in, string ip_forLogPurposes_in, ref SO_NWS_Attachment attachment_ref, out Guid sessionGuid_out, out Sessionuser sessionUser_out, out List <int> errorlist_out ) { #region check... if (!SBO_CRD_Authentication.isSessionGuid_valid( sessionGuid_in, ip_forLogPurposes_in, out sessionGuid_out, out sessionUser_out, out errorlist_out )) { return(false); } #endregion #region check Permissions . . . if ( !sessionUser_out.hasPermission( false, PermissionType.News__insert, PermissionType.News__update_Approved, PermissionType.News__update_Mine_notApproved ) ) { errorlist_out.Add(ErrorType.news__lack_of_permissions_to_write); return(false); } #endregion #region //check Attachment ... (nothing to check!) #endregion return(true); }
public static bool isSessionGuid_valid( string sessionGuid_in, string ip_forLogPurposes_in, out Guid sessionGuid_out, out Sessionuser sessionUser_out, out List <int> errorlist_out ) { if (!isSessionGuid_valid( sessionGuid_in, out sessionGuid_out, out errorlist_out )) { sessionUser_out = null; return(false); } if (!UserSession.TryGetValue(sessionGuid_out, out sessionUser_out)) { SBO_LOG_Log.log( null, LogType.error, ErrorType.authentication__expired_guid, -1L, -1, "IP:{0};", ip_forLogPurposes_in ); errorlist_out.Add(ErrorType.authentication__expired_guid); return(false); } return(true); }
public static bool isSessionGuid_valid( string sessionGuid_in, string ip_forLogPurposes_in, out Guid sessionGuid_out, out Sessionuser sessionUser_out, out List <int> errorlist_out, out int[] errors_out ) { bool _output = isSessionGuid_valid( sessionGuid_in, ip_forLogPurposes_in, out sessionGuid_out, out sessionUser_out, out errorlist_out ); errors_out = (_output) ? null : errorlist_out.ToArray(); return(_output); }
private static bool check( string sessionGuid_in, string ip_forLogPurposes_in, ref SO_NWS_Author author_ref, out Guid sessionGuid_out, out Sessionuser sessionUser_out, out List <int> errorlist_out ) { #region check... if (!SBO_CRD_Authentication.isSessionGuid_valid( sessionGuid_in, ip_forLogPurposes_in, out sessionGuid_out, out sessionUser_out, out errorlist_out )) { return(false); } #endregion #region check Permissions... if ( !sessionUser_out.hasPermission( false, PermissionType.Author__insert, PermissionType.Author__update ) ) { errorlist_out.Add(ErrorType.author__lack_of_permissions_to_write); return(false); } if ( !sessionUser_out.hasPermission(PermissionType.Author__approve) && ( !author_ref.Approved_date_isNull || !author_ref.IFUser__Approved_isNull ) ) { errorlist_out.Add(ErrorType.author__lack_of_permissions_to_approve); return(false); } #endregion #region check Author... if ( (author_ref.Name = author_ref.Name.Trim()).Length == 0 ) { errorlist_out.Add(ErrorType.author__invalid_name); return(false); } #endregion return(true); }
internal static long insObject_CreateUser( Sessionuser sessionUser_in, string login_in, bool selectIdentity_in, ref List <int> errorlist_in, DBConnection con_in ) { long _output = -1L; // ToDos: here! must have permission to create user if (!sessionUser_in.hasPermission( PermissionType.User__insert )) { errorlist_in.Add(ErrorType.user__lack_of_permissions_to_write); return(_output); } if (!Sessionuser.checkLogin(login_in, ref errorlist_in)) { return(_output); } bool _constraint; _output = DO_CRD_User.insObject( new SO_CRD_User( -1L, login_in, // ToDos: here! encrypt before sending... login_in, // default: password = login sessionUser_in.IDApplication ), selectIdentity_in, out _constraint, con_in ); if (_constraint) { errorlist_in.Add(ErrorType.data__constraint_violation); } else { if (con_in == null) { // assuming NO other (internal) operations are going on errorlist_in.Add(ErrorType.user__successfully_created__WARNING); } } return(_output); }
internal static void log( Sessionuser usersession_in, int logtype_in, int errortype_in, long idPermission_in, int idApplication_in, string format_in, params string[] args_in ) { SO_LOG_Log _log = new SO_LOG_Log(); #region _log.Message = ...; _log.Message = string.Format( System.Globalization.CultureInfo.CurrentCulture, format_in, args_in ); if (_log.Message.Length > MessageSize) { _log.Message = _log.Message.Substring(0, MessageSize); } #endregion #region _log.IDUser = ...; if ( (usersession_in == null) || (usersession_in.IDUser <= 0) ) { _log.IFUser_isNull = true; } else { _log.IFUser = usersession_in.IDUser; } #endregion _log.IFType = logtype_in; #region _log.IDError = ...; if (errortype_in == ErrorType.no_error) { _log.IFError_isNull = true; } else { _log.IFError = errortype_in; } #endregion #region _log.IFPermission = ...; if (idPermission_in <= 0) { _log.IFPermission_isNull = true; } else { _log.IFPermission = idPermission_in; } #endregion _log.Stamp = DateTime.Now; _log.IFUser__read_isNull = true; _log.Stamp__read_isNull = true; #region _log.IFApplication = ...; if (idApplication_in <= 0) { _log.IFApplication_isNull = true; } else { _log.IFApplication = idApplication_in; } #endregion DO_LOG_Log.insObject( _log, false, null ); #if DEBUG Console.WriteLine( ".--- Log ---\n{0}{1}{2}|message: {3}\n'-----------", LogType.Items.ContainsKey(logtype_in) ? string.Format( System.Globalization.CultureInfo.CurrentCulture, "|log type: {0}\n", LogType.Items[logtype_in].Name ) : "", ErrorType.Items.ContainsKey(errortype_in) ? string.Format( System.Globalization.CultureInfo.CurrentCulture, "|error type: {0}\n", ErrorType.Items[errortype_in].Name ) : "", !_log.IFUser_isNull ? string.Format( System.Globalization.CultureInfo.CurrentCulture, "|user: {0}\n", _log.IFUser.ToString(System.Globalization.CultureInfo.CurrentCulture) ) : "", _log.Message ); #endif }
private static bool check( string sessionGuid_in, string ip_forLogPurposes_in, ref SO_NWS_Source source_ref, out Guid sessionGuid_out, out Sessionuser sessionUser_out, out List <int> errorlist_out ) { #region check... if (!SBO_CRD_Authentication.isSessionGuid_valid( sessionGuid_in, ip_forLogPurposes_in, out sessionGuid_out, out sessionUser_out, out errorlist_out )) { return(false); } #endregion #region check Permissions . . . if ( !sessionUser_out.hasPermission( false, PermissionType.Source__insert, PermissionType.Source__update ) ) { errorlist_out.Add(ErrorType.source__lack_of_permissions_to_write); return(false); } if ( !sessionUser_out.hasPermission(PermissionType.Source__approve) && ( !source_ref.Approved_date_isNull || !source_ref.IFUser__Approved_isNull ) ) { errorlist_out.Add(ErrorType.source__lack_of_permissions_to_approve); return(false); } #endregion // ToDos: here! check parent existence // ToDos: here! check if parent within same application // ToDos: here! check if any other checkings needed ... if (source_ref.IFSource__parent <= 0) { source_ref.IFSource__parent_isNull = true; } #region check Source ... if ( (source_ref.Name = source_ref.Name.Trim()).Length == 0 ) { errorlist_out.Add(ErrorType.source__invalid_name); return(false); } #endregion return(true); }
internal static void login( SO_CRD_User user_in, Guid sessionGuid_in, string login_forLogPurposes_in, string ip_forLogPurposes_in, bool andCheckPassword_in, string password_in, out long idUser_out, out string login_out, out long[] idPermissions_out, ref List <int> errorlist_ref ) { //// NOTES: //// - this method allows login without password (if andCheckPassword_in == false), //// hence MUST NEVER be distributed (at least not directly) idPermissions_out = null; idUser_out = -1L; login_out = ""; if ( (user_in != null) && ( !andCheckPassword_in || SimpleHash.VerifyHash( password_in, SimpleHash.HashAlgotithm.SHA256, user_in.Password ) ) ) { login_out = user_in.Login; #region login... #region idPermissions_out = ...; long _count; SO_CRD_Permission[] _so_permissions = DO_CRD_Permission.getRecord_byUser( user_in.IDUser, -1, -1, -1, out _count, null ); idPermissions_out = new long[_so_permissions.Length]; for (int i = 0; i < _so_permissions.Length; i++) { idPermissions_out[i] = _so_permissions[i].IDPermission; } #endregion if (UserSession.ContainsKey(sessionGuid_in)) { Sessionuser _usersession = UserSession[sessionGuid_in]; if (_usersession.IDUser == user_in.IDUser) { _usersession.Sessionstart = DateTime.Now; _usersession.IDUser = user_in.IDUser; _usersession.IDPermissions = idPermissions_out; } else { errorlist_ref.Add(ErrorType.authentication__guid_not_yours); UserSession.Remove(sessionGuid_in); return; } } else { UserSession.Add( sessionGuid_in, new Sessionuser( user_in.IDUser, idPermissions_out, user_in.IFApplication, DateTime.Now ) ); } idUser_out = user_in.IDUser; #endregion } else { errorlist_ref.Add(ErrorType.authentication__invalid_login); #region SBO_LOG_Log.log(...); SBO_LOG_Log.log( null, LogType.error, ErrorType.authentication, -1L, (user_in == null) ? -1 : user_in.IFApplication, "login:{0};password[0]:{1};ip:{2};", new string[] { login_forLogPurposes_in, password_in.Length > 0 ? password_in.Substring(0, 1) : "", ip_forLogPurposes_in } ); #endregion } }
private static bool check( string sessionGuid_in, string ip_forLogPurposes_in, ref SO_NWS_Tag tag_ref, OGen.NTier.Kick.Libraries.DataLayer.Shared.Structures.SO_DIC__TextLanguage[] tx_Name_in, out Guid sessionGuid_out, out Sessionuser sessionUser_out, out List <int> errorlist_out ) { #region check... if (!SBO_CRD_Authentication.isSessionGuid_valid( sessionGuid_in, ip_forLogPurposes_in, out sessionGuid_out, out sessionUser_out, out errorlist_out )) { return(false); } #endregion #region check Permissions . . . if ( !sessionUser_out.hasPermission( false, PermissionType.Tag__insert, PermissionType.Tag__update ) ) { errorlist_out.Add(ErrorType.tag__lack_of_permissions_to_write); return(false); } if ( !sessionUser_out.hasPermission(PermissionType.Tag__approve) && ( !tag_ref.Approved_date_isNull || !tag_ref.IFUser__Approved_isNull ) ) { errorlist_out.Add(ErrorType.tag__lack_of_permissions_to_approve); return(false); } #endregion // ToDos: here! check parent existence // ToDos: here! check if parent within same application // ToDos: here! check if any other checkings needed ... if (tag_ref.IFTag__parent <= 0) { tag_ref.IFTag__parent_isNull = true; } #region check Tag ... if ( (tx_Name_in == null) || (tx_Name_in.Length == 0) ) { errorlist_out.Add(ErrorType.tag__invalid_name); return(false); } else { foreach (SO_DIC__TextLanguage _tx_name in tx_Name_in) { if ( (_tx_name.Text = _tx_name.Text.Trim()).Length == 0 ) { errorlist_out.Add(ErrorType.tag__invalid_name); return(false); } } } #endregion return(true); }