/// <summary>
/// superUser and administerGroup Access
/// </summary>
/// <returns></returns>
public UserSession[] GetUserSessionsWrapper(int userID, int groupID, DateTime timeAfter, DateTime timeBefore)
{
int sessionGroupID = Convert.ToInt32(Session["GroupID"]);
string sessionGroupName=Session["GroupName"].ToString();
int loginUserID = Convert.ToInt32(Session["UserID"].ToString());
try
{
if(sessionGroupName.CompareTo(Group.SUPERUSER)==0)
{
return Administration.AdministrativeAPI.GetUserSessions(userID, groupID, timeAfter, timeBefore);
}
else
{
if (groupID >=0)
{
int qID = Authorization.AuthorizationAPI .GetQualifierID (groupID, Qualifier .groupQualifierTypeID );
if(Authorization.AuthorizationAPI .CheckAuthorization (sessionGroupID, Function .administerGroupFunctionType , qID))
{
return Administration.AdministrativeAPI.GetUserSessions(userID, groupID, timeAfter, timeBefore);
}
else
throw new AccessDeniedException("Cannot list user sessions. Insufficient permission.");
}
else
{
ArrayList allowedGroups = new ArrayList();
ArrayList userSessions = new ArrayList();
if (userID>=0)
{
int[] userParents = Administration.AdministrativeAPI.ListGroupsForAgent(userID);
foreach (int parent in userParents)
{
int qID = Authorization.AuthorizationAPI .GetQualifierID (parent, Qualifier .groupQualifierTypeID );
if(Authorization.AuthorizationAPI .CheckAuthorization (sessionGroupID, Function .administerGroupFunctionType , qID))
{
allowedGroups.Add(parent);
}
}
}
else
{
int[] gIDs = Administration.AdministrativeAPI.ListGroupIDs();
foreach (int gID in gIDs)
{
if (gID>0)
{
int qID = Authorization.AuthorizationAPI .GetQualifierID (gID, Qualifier .groupQualifierTypeID );
if(Authorization.AuthorizationAPI .CheckAuthorization (sessionGroupID, Function .administerGroupFunctionType , qID))
{
allowedGroups.Add(gID);
}
}
}
}
if (allowedGroups.Count>0)
{
foreach (int allowedParent in allowedGroups)
{
UserSession[] temp = Administration.AdministrativeAPI.GetUserSessions(userID, allowedParent, timeAfter, timeBefore);
foreach (UserSession us in temp)
{
userSessions.Add(us);
}
}
UserSession[] sessionArray = new UserSession[userSessions.Count];
for (int i = 0;i <userSessions.Count; i++)
{
sessionArray[i]= (UserSession)userSessions[i];
}
return sessionArray;
}
else
throw new AccessDeniedException("Cannot list user sessions. Insufficient Permission.");
}
}
}
catch (Exception ex)
{
throw;
}
}
///*********************** USER SESSIONS **************************///
/// <summary>
/// Inserts a user session record.
/// </summary>
/// <param name="userID">The ID of the User.</param>
/// <param name="effectiveGroupID">The User's current Effective Group.</param>
/// <param name="sessionKey">The User's current Session Key.</param>
/// <returns>A database generated session ID.</returns>
public static long InsertUserSession(int userID, int effectiveGroupID, int clientID, int tzOffset,string sessionKey)
{
UserSession us = new UserSession();
us.userID = userID;
us.groupID = effectiveGroupID;
us.sessionKey = sessionKey;
us.tzOffset = tzOffset;
us.clientID = clientID;
return InternalAdminDB.InsertUserSession (us);
}
/// <summary>
/// to select a user's sessions given the session IDs
/// </summary>
public static UserSession[] SelectUserSessions(long[] sessionIDs)
{
UserSession[] us = new UserSession[sessionIDs.Length ];
for (int i=0; i<sessionIDs.Length ; i++)
{
us[i] = new UserSession();
}
DbConnection myConnection = FactoryDB.GetConnection();
DbCommand myCommand = FactoryDB.CreateCommand("UserSession_Retrieve", myConnection);
myCommand.CommandType = CommandType.StoredProcedure;
myCommand.Parameters .Add(FactoryDB.CreateParameter("@sessionID",null,DbType.Int64));
try
{
myConnection.Open ();
for (int i =0; i < sessionIDs.Length ; i++)
{
myCommand.Parameters["@sessionID"].Value = sessionIDs[i];
// get session info from table user_sessions
DbDataReader myReader = myCommand.ExecuteReader ();
while(myReader.Read ())
{
us[i].sessionID = sessionIDs[i];
if (myReader["user_id"] != System.DBNull.Value)
us[i].userID = Convert.ToInt32(myReader["user_id"]);
if (myReader["effective_group_id"] != System.DBNull.Value)
us[i].groupID = Convert.ToInt32(myReader["effective_group_id"]);
if (myReader["client_id"] != System.DBNull.Value)
us[i].groupID = Convert.ToInt32(myReader["client_id"]);
if(myReader["session_start_time"] != System.DBNull.Value )
us[i].sessionStartTime = DateUtil.SpecifyUTC((DateTime) myReader["session_start_time"]);
if(myReader["session_end_time"] != System.DBNull.Value )
us[i].sessionEndTime= DateUtil.SpecifyUTC((DateTime) myReader["session_end_time"]);
if(myReader["session_key"] != System.DBNull.Value )
us[i].sessionKey= ((string)myReader["session_key"]);
if (myReader["tz_offset"] != System.DBNull.Value)
us[i].tzOffset = Convert.ToInt32(myReader["tz_offset"]);
}
myReader.Close ();
}
}
catch (Exception ex)
{
throw new Exception("Exception thrown in selecting sessions given sessionIDs",ex);
}
finally
{
myConnection.Close();
}
return us;
}
/// <summary>
/// to select all the sessions of a given user
/// </summary>
public static UserSession[] SelectUserSessions(int userID, int groupID, DateTime timeAfter, DateTime timeBefore)
{
//UserSession[] userSessions = null;
List<UserSession> sessions = new List<UserSession>();
StringBuilder sqlQuery = new StringBuilder();
int whereCount = 0;
sqlQuery.Append("select session_ID, session_start_time, session_end_time,user_ID, effective_group_ID, session_key from user_sessions");
if (userID > 0)
{
if (whereCount== 0 )
sqlQuery.Append(" WHERE");
else
sqlQuery.Append(" AND");
sqlQuery.Append(" user_ID = ");
sqlQuery.Append(userID);
whereCount++;
}
if (groupID > 0)
{
if (whereCount == 0)
sqlQuery.Append(" WHERE");
else
sqlQuery.Append(" AND");
sqlQuery.Append(" effective_group_ID = ");
sqlQuery.Append(groupID);
whereCount++;
}
if (timeBefore.CompareTo(DateTime.MinValue)!=0)
{
if (whereCount == 0)
sqlQuery.Append(" WHERE");
else
sqlQuery.Append(" AND");
sqlQuery.Append(" session_start_time <= '");
sqlQuery.Append(timeBefore);
sqlQuery.Append("'");
whereCount++;
}
if (timeAfter.CompareTo(DateTime.MinValue)!=0)
{
if (whereCount == 0)
sqlQuery.Append(" WHERE");
else
sqlQuery.Append(" AND");
sqlQuery.Append(" session_start_time >= '");
sqlQuery.Append(timeAfter);
sqlQuery.Append("'");
whereCount++;
}
DbConnection myConnection = FactoryDB.GetConnection();
DbCommand myCommand = myConnection.CreateCommand();
myCommand.CommandText = sqlQuery.ToString();
myCommand.CommandType = CommandType.Text;
// DbConnection myConnection = FactoryDB.GetConnection();
// DbCommand myCommand = FactoryDB.CreateCommand("UserSessions_RetrieveAll", myConnection);
// myCommand.CommandType = CommandType.StoredProcedure;
// myCommand.Parameters .Add(new DbParameter ("@userID",userID));
// myCommand.Parameters .Add(new DbParameter ("@groupID",groupID));
// myCommand.Parameters .Add(new DbParameter ("@TimeAfter",timeAfter));
// myCommand.Parameters .Add(new DbParameter ("@TimeBefore",timeBefore));
try
{
myConnection.Open ();
// get session info from table user_sessions
DbDataReader myReader = myCommand.ExecuteReader ();
while(myReader.Read ())
{
UserSession us = new UserSession();
us.sessionID = Convert.ToInt64( myReader["session_id"]); //casting to (long) didn't work
if(myReader["session_start_time"] != System.DBNull.Value )
us.sessionStartTime = DateUtil.SpecifyUTC((DateTime) myReader["session_start_time"]);
if(myReader["session_end_time"] != System.DBNull.Value )
us.sessionEndTime= DateUtil.SpecifyUTC((DateTime) myReader["session_end_time"]);
if(myReader["user_id"]!=System.DBNull.Value)
us.userID=Convert.ToInt32(myReader["user_id"]);
if(myReader["effective_group_id"] != System.DBNull.Value )
us.groupID= Convert.ToInt32(myReader["effective_group_id"]);
if(myReader["session_key"] != System.DBNull.Value )
us.sessionKey= ((string)myReader["session_key"]);
sessions.Add(us);
}
myReader.Close ();
}
catch (Exception ex)
{
throw new Exception("Exception thrown in selecting user session",ex);
}
finally
{
myConnection.Close();
}
return sessions.ToArray();
}
/* !------------------------------------------------------------------------------!
* CALLS FOR USER SESSIONS
* !------------------------------------------------------------------------------!
*/
/// <summary>
/// to insert a user session record. returns a database generated session id.
/// </summary>
public static long InsertUserSession(UserSession us)
{
DbConnection myConnection = FactoryDB.GetConnection();
DbCommand myCommand = FactoryDB.CreateCommand("UserSession_insert", myConnection);
myCommand.CommandType = CommandType.StoredProcedure;
myCommand.Parameters.Add(FactoryDB.CreateParameter("@userID", us.userID,DbType.Int32));
myCommand.Parameters.Add(FactoryDB.CreateParameter("@groupID", us.groupID,DbType.Int32));
myCommand.Parameters.Add(FactoryDB.CreateParameter("@clientID",us.clientID, DbType.Int32));
myCommand.Parameters.Add(FactoryDB.CreateParameter("@tzOffset", us.tzOffset,DbType.Int32));
myCommand.Parameters.Add(FactoryDB.CreateParameter("@sessionKey", us.sessionKey,DbType.AnsiString,512));
try
{
myConnection.Open();
return Convert.ToInt64( myCommand.ExecuteScalar());
}
catch (Exception ex)
{
throw new Exception("Exception thrown in inserting user session",ex);
}
finally
{
myConnection.Close();
}
}
