示例#1
0
文件: Meth.cs 项目: nampn/ODental
        ///<summary></summary>
        public static T GetObject <T>(MethodBase methodBase, params object[] parameters)
        {
            if (RemotingClient.RemotingRole != RemotingRole.ClientWeb)
            {
                throw new ApplicationException("Meth.GetObject may only be used when RemotingRole is ClientWeb.");
            }
            //can't verify return type
            DtoGetObject dto = new DtoGetObject();

            if (typeof(T).IsGenericType)
            {
                Type listType = typeof(T).GetGenericArguments()[0];
                dto.ObjectType = "List<" + listType.FullName + ">";
            }
            else
            {
                dto.ObjectType = typeof(T).FullName;
            }
            dto.MethodName           = methodBase.DeclaringType.Name + "." + methodBase.Name;
            dto.Params               = DtoObject.ConstructArray(parameters, GetParamTypes(methodBase));
            dto.Credentials          = new Credentials();
            dto.Credentials.Username = Security.CurUser.UserName;
            dto.Credentials.Password = Security.PasswordTyped;          //.CurUser.Password;
            return(RemotingClient.ProcessGetObject <T>(dto));
        }
示例#2
0
 ///<summary>Will throw an exception if server cannot validate username and password.
 ///configPath will be empty from a workstation and filled from the server.  If Ecw, odpass will actually be the hash.</summary>
 public static Userod LogInWeb(string oduser, string odpass, string configPath, string clientVersionStr, bool usingEcw)
 {
     //Unusual remoting role check designed for first time logging in via middle tier.
     if (RemotingClient.RemotingRole == RemotingRole.ServerWeb)
     {
         Userod user = Userods.CheckUserAndPassword(oduser, odpass, usingEcw);
         if (string.IsNullOrEmpty(odpass))                 //All middle tier connections must pass in a password.
         {
             throw new Exception("Invalid username or password.");
         }
         string command          = "SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
         string dbVersionStr     = Db.GetScalar(command);
         string serverVersionStr = Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
                         #if DEBUG
         if (Assembly.GetAssembly(typeof(Db)).GetName().Version.Build == 0)
         {
             command      = "SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'";                     //Using this during debug in the head makes it open fast with less fiddling.
             dbVersionStr = Db.GetScalar(command);
         }
                         #endif
         if (dbVersionStr != serverVersionStr)
         {
             throw new Exception("Version mismatch.  Server:" + serverVersionStr + "  Database:" + dbVersionStr);
         }
         if (!string.IsNullOrEmpty(clientVersionStr))
         {
             Version clientVersion = new Version(clientVersionStr);
             Version serverVersion = new Version(serverVersionStr);
             if (clientVersion > serverVersion)
             {
                 throw new Exception("Version mismatch.  Client:" + clientVersionStr + "  Server:" + serverVersionStr);
             }
         }
         //if clientVersion == serverVersion, than we need do nothing.
         //if clientVersion < serverVersion, than an update will later be triggered.
         //Security.CurUser=user;//we're on the server, so this is meaningless
         return(user);
         //return 0;//meaningless
     }
     else
     {
         //Because RemotingRole has not been set, and because CurUser has not been set,
         //this particular method is more verbose than most and does not use Meth.
         //It's not a good example of the standard way of doing things.
         DtoGetObject dto = new DtoGetObject();
         dto.Credentials          = new Credentials();
         dto.Credentials.Username = oduser;
         dto.Credentials.Password = odpass;              //Userods.EncryptPassword(password);
         dto.ComputerName         = Security.CurComputerName;
         dto.MethodName           = "OpenDentBusiness.Security.LogInWeb";
         dto.ObjectType           = typeof(Userod).FullName;
         object[] parameters = new object[] { oduser, odpass, configPath, clientVersionStr, usingEcw };
         dto.Params = DtoObject.ConstructArray(MethodBase.GetCurrentMethod(), parameters);
         //Purposefully throws exceptions.
         //If hasConnectionLost was set to true then the user would be stuck in an infinite loop of trying to connect to a potentially invalid Middle Tier URI.
         //Therefore, set hasConnectionLost false so that the user gets an error message immediately in the event that Middle Tier cannot be reached.
         return(RemotingClient.ProcessGetObject <Userod>(dto, false));
     }
 }
示例#3
0
        ///<summary></summary>
        public static T GetObject <T>(MethodBase methodBase, params object[] parameters)
        {
            if (RemotingClient.RemotingRole != RemotingRole.ClientWeb)
            {
                throw new ApplicationException("Meth.GetObject may only be used when RemotingRole is ClientWeb.");
            }
            //can't verify return type
            DtoGetObject dto = new DtoGetObject();

            if (typeof(T).IsGenericType)
            {
                Type listType = typeof(T).GetGenericArguments()[0];
                dto.ObjectType = "List<" + listType.FullName + ">";
            }
            else
            {
                dto.ObjectType = typeof(T).FullName;
            }
            dto.MethodName = methodBase.DeclaringType.Namespace + "."
                             + methodBase.DeclaringType.Name + "." + methodBase.Name;
            dto.Params               = DtoObject.ConstructArray(methodBase, parameters);
            dto.Credentials          = new Credentials();
            dto.Credentials.Username = Security.CurUser.UserName;
            dto.Credentials.Password = Security.PasswordTyped;          //.CurUser.Password;
            dto.ComputerName         = Security.CurComputerName;
            T retval = default(T);

            try {
                retval = RemotingClient.ProcessGetObject <T>(dto);
            }
            catch (ODException ex) {
                if (ex.ErrorCode == (int)ODException.ErrorCodes.CheckUserAndPasswordFailed)
                {
                    if (RemotingClient.HasLoginFailed)                     //login has already failed and we got another CheckUserAndPasswordFailed error, just throw
                    {
                        throw;
                    }
                    CredentialsFailed();
                    retval = GetObject <T>(methodBase, parameters);
                }
                else
                {
                    throw;
                }
            }
            return(retval);
        }
示例#4
0
        //<summary>Obsolete</summary>
        //public static void ResetPassword(){
        //FIXME:UPDATE-MULTIPLE-TABLES

        /*string command="UPDATE userod,grouppermissions SET userod.Password='' "
         +"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
         +"AND grouppermissions.PermType=24";
         * Db.NonQ(command);
         */
        //Code updated to be compatible with Oracle as well as MySQL.

        /*
         * string command="SELECT userod.UserNum FROM userod,grouppermissions "
         +"WHERE grouppermissions.UserGroupNum=userod.UserGroupNum "
         +"AND grouppermissions.PermType=24";
         * DataTable table=Db.GetTable(command);
         * if(table.Rows.Count==0){
         *      throw new ApplicationException("No admin exists.");
         * }
         * command="UPDATE userod SET Password='' WHERE UserNum="+POut.PString(table.Rows[0][0].ToString());
         * Db.NonQ(command);
         * }*/

        ///<summary>RemotingRole has not yet been set to ClientWeb, but it will if this succeeds.  Will throw an exception if server cannot validate username and password.  configPath will be empty from a workstation and filled from the server.  If Ecw, odpass will actually be the hash.</summary>
        public static Userod LogInWeb(string oduser, string odpass, string configPath, string clientVersionStr, bool usingEcw)
        {
            //Very unusual method.  Remoting role can't be checked, but is implied by the presence of a value in configPath.
            if (configPath != "")             //RemotingRole.ServerWeb
            {
                Userods.LoadDatabaseInfoFromFile(ODFileUtils.CombinePaths(configPath, "OpenDentalServerConfig.xml"));
                //ODFileUtils.CombinePaths(
                //  ,"OpenDentalServerConfig.xml"));
                //Path.GetDirectoryName(Application.ExecutablePath),"OpenDentalServerConfig.xml"));
                //Application.StartupPath,"OpenDentalServerConfig.xml"));
                //Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location),"OpenDentalServerConfig.xml"));
                //Environment.CurrentDirectory,"OpenDentalServerConfig.xml"));
                //Then, check username and password
                Userod user = Userods.CheckUserAndPassword(oduser, odpass, usingEcw);
                                #if DEBUG
                //if(oduser=="Admin"){
                //	user=Userods.GetUserByName("Admin",usingEcw);//without checking password.  Makes debugging faster.
                //}
                                #endif
                if (user == null)
                {
                    throw new Exception("Invalid username or password.");
                }
                string command          = "SELECT ValueString FROM preference WHERE PrefName='ProgramVersion'";
                string dbVersionStr     = Db.GetScalar(command);
                string serverVersionStr = Assembly.GetAssembly(typeof(Db)).GetName().Version.ToString(4);
                                #if DEBUG
                if (Assembly.GetAssembly(typeof(Db)).GetName().Version.Build == 0)
                {
                    command      = "SELECT ValueString FROM preference WHERE PrefName='DataBaseVersion'";                     //Using this during debug in the head makes it open fast with less fiddling.
                    dbVersionStr = Db.GetScalar(command);
                }
                                #endif
                if (dbVersionStr != serverVersionStr)
                {
                    throw new Exception("Version mismatch.  Server:" + serverVersionStr + "  Database:" + dbVersionStr);
                }
                Version clientVersion = new Version(clientVersionStr);
                Version serverVersion = new Version(serverVersionStr);
                if (clientVersion > serverVersion)
                {
                    throw new Exception("Version mismatch.  Client:" + clientVersionStr + "  Server:" + serverVersionStr);
                }
                //if clientVersion == serverVersion, than we need do nothing.
                //if clientVersion < serverVersion, than an update will later be triggered.
                //Security.CurUser=user;//we're on the server, so this is meaningless
                return(user);
                //return 0;//meaningless
            }
            else
            {
                //Because RemotingRole has not been set, and because CurUser has not been set,
                //this particular method is more verbose than most and does not use Meth.
                //It's not a good example of the standard way of doing things.
                DtoGetObject dto = new DtoGetObject();
                dto.Credentials          = new Credentials();
                dto.Credentials.Username = oduser;
                dto.Credentials.Password = odpass;              //Userods.EncryptPassword(password);
                dto.MethodName           = "Security.LogInWeb";
                dto.ObjectType           = typeof(Userod).FullName;
                object[] parameters = new object[] { oduser, odpass, configPath, clientVersionStr, usingEcw };
                Type[]   objTypes   = new Type[] { typeof(string), typeof(string), typeof(string), typeof(string), typeof(bool) };
                dto.Params = DtoObject.ConstructArray(parameters, objTypes);
                return(RemotingClient.ProcessGetObject <Userod>(dto));              //can throw exception
            }
        }