If possible create a couple of additional account with ADMIN permission. I hope their...

diff --git a/CPE/CPE.App/CPE.App.Web/Controllers/IndexController.cs b/CPE/CPE.App/CPE.App.Web/Controllers/IndexController.cs
index 813d055..c5217bf 100644 (file)
--- a/CPE/CPE.App/CPE.App.Web/Controllers/IndexController.cs
+++ b/CPE/CPE.App/CPE.App.Web/Controllers/IndexController.cs
@@ -27,14 +27,28 @@ namespace CPE.App.Web.Controllers {
             return false;
         }
 
+        private bool IsAdmin(string login, string password)
+        {
+            return Database.Users.Any(t => t.IsAdmin && t.Login == login && t.Password == password);
+        }
+
+        private bool IsAdmin(string password)
+        {
+            return Database.Users.Any(t => t.IsAdmin && t.Password == password);
+        }
+
         // GET: Index
         [HttpGet]
         public ActionResult Index(int? year) {
             if(Request.Cookies["allowed"] == null && !IsLocal())
                 return Redirect("http://www.cpeonline.com/webcasts");
-            string systemPassword = ConfigurationManager.AppSettings["password"];
-            if(Request.Cookies["allowed"] != null && (Request.Cookies["allowed"].Value != systemPassword))
+
+            //string systemPassword = ConfigurationManager.AppSettings["password"];
+            if (Request.Cookies["allowed"] != null && !IsAdmin(Request.Cookies["allowed"].Value))
+            {
                 return Redirect("http://www.cpeonline.com/webcasts");
+            }
+
             DateTime now = DateTime.UtcNow;
 
             if(!year.HasValue) {
@@ -440,10 +454,10 @@ namespace CPE.App.Web.Controllers {
             login = login?.Trim();
             passcode = passcode?.Trim();
 
-            string systemPassword = ConfigurationManager.AppSettings["password"];
-            if(login == ConfigurationManager.AppSettings["login"] & passcode == systemPassword) {
+           // string systemPassword = ConfigurationManager.AppSettings["password"];
+            if(IsAdmin(login, passcode)) {
                 var reportingCookie = new HttpCookie("allowed") {
-                    Value = systemPassword,
+                    Value = passcode,
                     Expires = DateTime.UtcNow.AddDays(1)
                 };
                 Response.Cookies.Add(reportingCookie);
@@ -470,8 +484,8 @@ namespace CPE.App.Web.Controllers {
         public ActionResult Elucidat() {
             if(Request.Cookies["allowed"] == null && !IsLocal())
                 return Redirect("http://www.cpeonline.com/webcasts");
-            string systemPassword = ConfigurationManager.AppSettings["password"];
-            if(Request.Cookies["allowed"] != null && (Request.Cookies["allowed"].Value != systemPassword))
+//            string systemPassword = ConfigurationManager.AppSettings["password"];
+            if(Request.Cookies["allowed"] != null && (!IsAdmin(Request.Cookies["allowed"].Value)))
                 return Redirect("http://www.cpeonline.com/webcasts");
             DateTime now = DateTime.UtcNow;
 

diff --git a/CPE/CPE.App/CPE.App.Web/Models/CPEWeb.dbml b/CPE/CPE.App/CPE.App.Web/Models/CPEWeb.dbml
index 34fa616..ffca4cc 100644 (file)
--- a/CPE/CPE.App/CPE.App.Web/Models/CPEWeb.dbml
+++ b/CPE/CPE.App/CPE.App.Web/Models/CPEWeb.dbml
@@ -19,6 +19,15 @@
       <Column Name="Details" Type="System.String" DbType="NVarChar(MAX) NOT NULL" CanBeNull="false" />
     </Type>
   </Table>
+  <Table Name="dbo.Users" Member="Users">
+    <Type Name="Users">
+      <Column Name="Id" Type="System.Guid" DbType="UniqueIdentifier NOT NULL" IsPrimaryKey="true" CanBeNull="false" />
+      <Column Name="Created" Type="System.DateTime" DbType="DateTime NOT NULL" CanBeNull="false" />
+      <Column Name="Login" Type="System.String" DbType="NVarChar(500) NOT NULL" CanBeNull="false" />
+      <Column Name="Password" Type="System.String" DbType="NVarChar(MAX) NOT NULL" CanBeNull="false" />
+      <Column Name="IsAdmin" Type="System.Boolean" DbType="Bit NOT NULL" CanBeNull="false" />
+    </Type>
+  </Table>
   <Table Name="dbo.Courses" Member="Courses">
     <Type Name="Course">
       <Column Name="ProjectCode" Type="System.String" DbType="NVarChar(50) NOT NULL" CanBeNull="false" />

diff --git a/CPE/CPE.App/CPE.App.Web/Models/CPEWeb.designer.cs b/CPE/CPE.App/CPE.App.Web/Models/CPEWeb.designer.cs
index 180f41a..dc2d7c9 100644 (file)
--- a/CPE/CPE.App/CPE.App.Web/Models/CPEWeb.designer.cs
+++ b/CPE/CPE.App/CPE.App.Web/Models/CPEWeb.designer.cs
@@ -181,7 +181,15 @@ namespace CPE.App.Web.Models
                                return this.GetTable<MeetingDetail>();
                        }
                }
-               
+
+        public System.Data.Linq.Table<Users> Users
+        {
+            get
+            {
+                return this.GetTable<Users>();
+            }
+        }
+
                public System.Data.Linq.Table<MeetingParticipantSession> MeetingParticipantSessions
                {
                        get
@@ -5907,7 +5915,88 @@ namespace CPE.App.Web.Models
                        }
                }
        }
-       
+
+    public partial class Users
+    {
+
+        private System.DateTime _Created;
+
+        private string _Login;
+
+        private string _Password;
+
+        private bool _IsAdmin;
+
+        public Users()
+        {
+        }
+
+        [global::System.Data.Linq.Mapping.ColumnAttribute(Storage = "_Created", DbType = "SmallDateTime NOT NULL")]
+        public System.DateTime Created
+        {
+            get
+            {
+                return this._Created;
+            }
+            set
+            {
+                if ((this._Created != value))
+                {
+                    this._Created = value;
+                }
+            }
+        }
+
+        [global::System.Data.Linq.Mapping.ColumnAttribute(Storage = "_Login", DbType = "NVarChar(500) NOT NULL", CanBeNull = false)]
+        public string Login
+        {
+            get
+            {
+                return this._Login;
+            }
+            set
+            {
+                if ((this._Login != value))
+                {
+                    this._Login = value;
+                }
+            }
+        }
+
+        [global::System.Data.Linq.Mapping.ColumnAttribute(Storage = "_Password", DbType = "NVarChar(MAX) NOT NULL", CanBeNull = false)]
+        public string Password
+               {
+            get
+            {
+                return this._Password;
+            }
+            set
+            {
+                if ((this._Password != value))
+                {
+                    this._Password = value;
+                }
+            }
+        }
+
+        [global::System.Data.Linq.Mapping.ColumnAttribute(Storage = "_IsAdmin", DbType = "Bit NOT NULL")]
+        public bool IsAdmin
+               {
+            get
+            {
+                return this._IsAdmin;
+            }
+            set
+            {
+                if ((this._IsAdmin != value))
+                {
+                    this._IsAdmin = value;
+                }
+            }
+        }
+    }
+
+
        public partial class CreateRebroadcastSessionResult
        {