| public Set_Value_By_Mapping ( User_Object_Attribute_Mapping_Enum Mapping, string Value ) : void | ||
| Mapping | User_Object_Attribute_Mapping_Enum | Field to set in this user object |
| Value | string | Value to set that field to |
| return | void | |
private void perform_user_checks(bool isPostBack)
{
// If the mode is NULL or the request was already completed, do nothing
if ((currentMode == null) || (currentMode.Request_Completed))
return;
tracer.Add_Trace("SobekCM_Page_Globals.Perform_User_Checks", "In user checks portion");
// If this is to log out of my sobekcm, clear user id and forward back to sobekcm
if ((currentMode.Mode == Display_Mode_Enum.My_Sobek) && (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Log_Out))
{
tracer.Add_Trace("SobekCM_Page_Globals.Perform_User_Checks", "User logged out");
// Delete any user cookie
HttpCookie userCookie = new HttpCookie("SobekUser");
userCookie.Values["userid"] = String.Empty;
userCookie.Values["security_hash"] = String.Empty;
userCookie.Expires = DateTime.Now.AddDays(-1);
HttpContext.Current.Response.Cookies.Add(userCookie);
// Delete from memory
HttpContext.Current.Session["userid"] = 0;
HttpContext.Current.Session["user"] = null;
// Determine new redirect location
string redirect = currentMode.Base_URL;
if (!String.IsNullOrEmpty(currentMode.Return_URL))
{
redirect = currentMode.Base_URL + currentMode.Return_URL;
if (((currentMode.Return_URL.IndexOf("admin") >= 0) && (currentMode.Return_URL.IndexOf("admin") <= 1)) ||
((currentMode.Return_URL.IndexOf("mysobek") >= 0) && (currentMode.Return_URL.IndexOf("mysobek") <= 1)))
redirect = currentMode.Base_URL;
}
HttpContext.Current.Response.Redirect(redirect, false);
HttpContext.Current.ApplicationInstance.CompleteRequest();
currentMode.Request_Completed = true;
return;
}
// If there is already a user logged on, do nothing here
if (HttpContext.Current.Session["user"] == null)
{
// If this is a responce from Shibboleth/Gatorlink, get the user information and register them if necessary
if ((UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth != null) && (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Enabled))
{
string shibboleth_id = HttpContext.Current.Request.ServerVariables[UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.UserIdentityAttribute];
if (shibboleth_id == null)
{
if (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.UserIdentityAttribute + " server variable NOT found");
// For debugging purposes, if this SHOULD have included SHibboleth information, show in the trace route
if (HttpContext.Current.Request.Url.AbsoluteUri.Contains("shibboleth"))
{
foreach (string var in HttpContext.Current.Request.ServerVariables)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Server Variables: " + var + " --> " + HttpContext.Current.Request.ServerVariables[var]);
}
}
}
}
else
{
if (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.UserIdentityAttribute + " server variable found");
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.UserIdentityAttribute + " server variable = '" + shibboleth_id + "'");
// For debugging purposes, if this SHOULD have included SHibboleth information, show in the trace route
if (HttpContext.Current.Request.Url.AbsoluteUri.Contains("shibboleth"))
{
foreach (string var in HttpContext.Current.Request.ServerVariables)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Server Variables: " + var + " --> " + HttpContext.Current.Request.ServerVariables[var]);
}
}
}
if (shibboleth_id.Length > 0)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Pulling from database by shibboleth id");
User_Object possible_user_by_shibboleth_id = SobekCM_Database.Get_User(shibboleth_id, tracer);
// Check to see if we got a valid user back
if (possible_user_by_shibboleth_id != null)
{
if (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
// Set the user information from the server variables here
foreach (string var in HttpContext.Current.Request.ServerVariables)
{
User_Object_Attribute_Mapping_Enum mapping = UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Get_User_Object_Mapping(var);
if (mapping != User_Object_Attribute_Mapping_Enum.NONE)
{
string value = HttpContext.Current.Request.ServerVariables[var];
if (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Server Variable " + var + " ( " + value + " ) would have been mapped to " + User_Object_Attribute_Mapping_Enum_Converter.ToString(mapping));
}
}
else if (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Server Variable " + var + " is not mapped to a user attribute");
}
}
// Set any constants as well
foreach (KeyValuePair<User_Object_Attribute_Mapping_Enum, string> constantMapping in UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Constants)
{
if (constantMapping.Key != User_Object_Attribute_Mapping_Enum.NONE)
{
if (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Constant value ( " + constantMapping.Value + " ) would have been set to " + User_Object_Attribute_Mapping_Enum_Converter.ToString(constantMapping.Key));
}
}
}
}
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Setting session user from shibboleth id");
possible_user_by_shibboleth_id.Authentication_Type = User_Authentication_Type_Enum.Shibboleth;
HttpContext.Current.Session["user"] = possible_user_by_shibboleth_id;
}
else
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "User from shibboleth id was null.. adding user");
// Now build the user object
User_Object newUser = new User_Object();
if ((HttpContext.Current.Request.ServerVariables["HTTP_PRIMARY-AFFILIATION"] != null) && (HttpContext.Current.Request.ServerVariables["HTTP_PRIMARY-AFFILIATION"].IndexOf("F") >= 0))
newUser.Can_Submit = true;
else
newUser.Can_Submit = false;
newUser.Send_Email_On_Submission = true;
newUser.Email = String.Empty;
newUser.Family_Name = String.Empty;
newUser.Given_Name = String.Empty;
newUser.Organization = String.Empty;
newUser.ShibbID = shibboleth_id;
newUser.UserID = -1;
// Set the user information from the server variables here
foreach (string var in HttpContext.Current.Request.ServerVariables)
{
User_Object_Attribute_Mapping_Enum mapping = UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Get_User_Object_Mapping(var);
if (mapping != User_Object_Attribute_Mapping_Enum.NONE)
{
string value = HttpContext.Current.Request.ServerVariables[var];
newUser.Set_Value_By_Mapping(mapping, value);
if (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Server Variable " + var + " ( " + value + " ) mapped to " + User_Object_Attribute_Mapping_Enum_Converter.ToString(mapping));
}
}
else if (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Server Variable " + var + " is not mapped to a user attribute");
}
}
// Set any constants as well
foreach (KeyValuePair<User_Object_Attribute_Mapping_Enum, string> constantMapping in UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Constants)
{
if (constantMapping.Key != User_Object_Attribute_Mapping_Enum.NONE)
{
newUser.Set_Value_By_Mapping(constantMapping.Key, constantMapping.Value);
if (UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Setting constant value ( " + constantMapping.Value + " ) to " + User_Object_Attribute_Mapping_Enum_Converter.ToString(constantMapping.Key));
}
}
}
// Set the username
if (String.IsNullOrEmpty(newUser.UserName))
{
if (newUser.Email.Length > 0)
newUser.UserName = newUser.Email;
else
newUser.UserName = newUser.Family_Name + shibboleth_id;
}
// Set a random password
StringBuilder passwordBuilder = new StringBuilder();
Random randomGenerator = new Random(DateTime.Now.Millisecond);
for (int i = 0; i < 5; i++)
{
int randomNumber = randomGenerator.Next(97, 122);
passwordBuilder.Append((char) randomNumber);
int randomNumber2 = randomGenerator.Next(65, 90);
passwordBuilder.Append((char) randomNumber2);
}
string password = passwordBuilder.ToString();
// Now, save this user
SobekCM_Database.Save_User(newUser, password, newUser.Authentication_Type, tracer);
// Now, pull back out of the database
User_Object possible_user_by_shib2 = SobekCM_Database.Get_User(shibboleth_id, tracer);
possible_user_by_shib2.Is_Just_Registered = true;
possible_user_by_shib2.Authentication_Type = User_Authentication_Type_Enum.Shibboleth;
HttpContext.Current.Session["user"] = possible_user_by_shib2;
}
if (HttpContext.Current.Session["user"] != null)
{
currentMode.Mode = Display_Mode_Enum.My_Sobek;
currentMode.My_Sobek_Type = My_Sobek_Type_Enum.Home;
}
else
{
currentMode.Mode = Display_Mode_Enum.Aggregation;
currentMode.Aggregation_Type = Aggregation_Type_Enum.Home;
currentMode.Aggregation = String.Empty;
}
if (!UI_ApplicationCache_Gateway.Settings.Authentication.Shibboleth.Debug)
{
UrlWriterHelper.Redirect(currentMode);
}
}
}
}
// If the user information is still missing , but the SobekUser cookie exists, then pull
// the user information from the SobekUser cookie in the current requests
if ((HttpContext.Current.Session["user"] == null) && (HttpContext.Current.Request.Cookies["SobekUser"] != null))
{
string userid_string = HttpContext.Current.Request.Cookies["SobekUser"]["userid"];
int userid = -1;
bool valid_perhaps = userid_string.All(Char.IsNumber);
if (valid_perhaps)
Int32.TryParse(userid_string, out userid);
if (userid > 0)
{
User_Object possible_user = SobekCM_Database.Get_User(userid, tracer);
if (possible_user != null)
{
string cookie_security_hash = HttpContext.Current.Request.Cookies["SobekUser"]["security_hash"];
if (cookie_security_hash == possible_user.Security_Hash(HttpContext.Current.Request.UserHostAddress))
{
HttpContext.Current.Session["user"] = possible_user;
}
else
{
// Security hash did not match, so clear the cookie
HttpCookie userCookie = new HttpCookie("SobekUser");
userCookie.Values["userid"] = String.Empty;
userCookie.Values["security_hash"] = String.Empty;
userCookie.Expires = DateTime.Now.AddDays(-1);
HttpContext.Current.Response.Cookies.Add(userCookie);
}
}
}
}
}
// If this is not a post back, set the html writer code to 'l' or 'h' depending on whether logged on
if (!isPostBack)
{
if (HttpContext.Current.Session["user"] != null)
{
if (currentMode.Writer_Type == Writer_Type_Enum.HTML)
{
// If this is really a deprecated URL, don't try to forwaard
if ((currentMode.Mode != Display_Mode_Enum.Item_Display) || (currentMode.BibID.Length > 0) || (currentMode.ItemID_DEPRECATED <= 0))
{
currentMode.Writer_Type = Writer_Type_Enum.HTML_LoggedIn;
UrlWriterHelper.Redirect(currentMode);
return;
}
}
else
{
if ((currentMode.Mode == Display_Mode_Enum.My_Sobek) && (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Logon))
{
currentMode.My_Sobek_Type = My_Sobek_Type_Enum.Home;
}
}
}
else
{
if ((currentMode.Writer_Type == Writer_Type_Enum.HTML_LoggedIn) && (currentMode.My_Sobek_Type != My_Sobek_Type_Enum.Logon) && (currentMode.My_Sobek_Type != My_Sobek_Type_Enum.Preferences))
{
switch (currentMode.Mode)
{
case Display_Mode_Enum.My_Sobek:
currentMode.My_Sobek_Type = My_Sobek_Type_Enum.Logon;
break;
case Display_Mode_Enum.Item_Display:
currentMode.Writer_Type = Writer_Type_Enum.HTML;
// If this is really a deprecated URL, don't try to forwaard
if ((currentMode.BibID.Length > 0) || (currentMode.ItemID_DEPRECATED <= 0))
{
UrlWriterHelper.Redirect(currentMode);
return;
}
break;
default:
currentMode.Writer_Type = Writer_Type_Enum.HTML;
UrlWriterHelper.Redirect(currentMode);
return;
}
}
// If this is requesting an internal page and there is no user, send to the logon page
if (currentMode.Mode == Display_Mode_Enum.Internal)
{
currentMode.Mode = Display_Mode_Enum.My_Sobek;
currentMode.My_Sobek_Type = My_Sobek_Type_Enum.Logon;
}
}
}
else // This IS a postback
{
// If this is a postback from the logon page being inserted in front of the INTERNAL pages,
// then the postback request needs to be handled by the logon page
if ((currentMode.Mode == Display_Mode_Enum.Internal) && (HttpContext.Current.Session["user"] == null))
{
currentMode.Mode = Display_Mode_Enum.My_Sobek;
currentMode.My_Sobek_Type = My_Sobek_Type_Enum.Logon;
}
}
// Set the internal DLC flag
if (HttpContext.Current.Session["user"] != null)
{
currentUser = (User_Object) HttpContext.Current.Session["user"];
// Check if this is an administrative task that the current user does not have access to
if ((!currentUser.Is_System_Admin) && (!currentUser.Is_Portal_Admin) && (currentMode.Mode == Display_Mode_Enum.Administrative) && (currentMode.Admin_Type != Admin_Type_Enum.Aggregation_Single))
{
if (currentUser.LoggedOn)
{
currentMode.Mode = Display_Mode_Enum.My_Sobek;
currentMode.My_Sobek_Type = My_Sobek_Type_Enum.Home;
}
else
{
currentMode.Mode = Display_Mode_Enum.Aggregation;
currentMode.Aggregation_Type = Aggregation_Type_Enum.Home;
currentMode.Aggregation = String.Empty;
}
}
}
else
{
if ((currentMode.Mode == Display_Mode_Enum.My_Sobek) && (currentMode.My_Sobek_Type != My_Sobek_Type_Enum.Preferences))
{
currentMode.Logon_Required = true;
}
if ((currentMode.Mode == Display_Mode_Enum.Aggregation) && (currentMode.Aggregation_Type == Aggregation_Type_Enum.Home) && (currentMode.Home_Type == Home_Type_Enum.Personalized))
currentMode.Home_Type = Home_Type_Enum.List;
}
//// Create the empty user
//if (currentUser == null)
//{
// currentUser = new User_Object();
// HttpContext.Current.Session["user"] = currentUser;
//}
}
