Beispiel #1
0
        /// <summary>
        ///  Multiple steps. 1) gets PIPoints fo the Server
        ///                  2) Checks AFSecurity, for admin access and removes ability to import.
        ///                  3) Initializes Database and EventFrameFindCtrl.
        /// </summary>
        private void initializeAfServerPicker()
        {
            PISystem sys = afServerPicker.PISystem; //PI System != AF Server

            _curServer = sys.Name;
            PIServer serv = PIServer.FindPIServer(sys, sys.Name);

            List <PIPoint> piPoints = control.getPIPoints(sys, serv);

            avcPIPoints.AFSetObject(piPoints, afDatabasePicker1.AFDatabase, null, null);

            // Decides if you can import or not. Hides the UI. //TODO: Check
            AFSecurity security = sys.Security;

            if (security.HasAdmin)
            {
                isAdministrator = true;
                InformationDirectionPanel.Visible = true;
            }
            else
            {
                InformationDirectionPanel.Visible = false;
            }

            if (_curDatabase == null)
            {
                afDatabasePicker1.SetAFDatabase(sys.Databases[1], sys.Databases[1]);
                afEventFrameFindCtrl.Database = afDatabasePicker1.AFDatabase;
            }
        }
Beispiel #2
0
        public void CheckMinimumAFSecurity()
        {
            using (var fixture = new AFFixture())
            {
                var system = fixture.PISystem;
                Assert.True(system.UOMDatabase.Security.CanWrite, "The current user must have Write permission on the UOMDatabase.");

                foreach (var securityItem in Enum.GetValues(typeof(AFSecurityItem)))
                {
                    var security = system.GetSecurity((AFSecurityItem)securityItem);

                    switch (securityItem)
                    {
                    case AFSecurityItem.AnalysisTemplate:
                    case AFSecurityItem.Category:
                    case AFSecurityItem.Database:
                    case AFSecurityItem.EnumerationSet:
                    case AFSecurityItem.NotificationContactTemplate:
                    case AFSecurityItem.NotificationRuleTemplate:
                    case AFSecurityItem.Table:
                        Assert.True(security.CanRead &&
                                    security.CanWrite &&
                                    security.CanDelete, "The current user must have Read, Write, and Delete permission to the following System collections:\n" +
                                    "\tAnalysis Templates\n" +
                                    "\tCategories\n" +
                                    "\tDatabases\n" +
                                    "\tEnumeration Sets\n" +
                                    "\tNotification Contact Templates\n" +
                                    "\tNotification Rule Templates\n" +
                                    "\tTables");
                        break;

                    case AFSecurityItem.EventFrame:
                    case AFSecurityItem.Transfer:
                        Assert.True(security.CanReadData &&
                                    security.CanWriteData &&
                                    security.CanDelete &&
                                    security.CanAnnotate, "The current user must have Read Data, Write Data, Annotate, and Delete permission to the following System collections:\n" +
                                    "\tEvent Frames\n" +
                                    "\tTransfers");
                        break;

                    case AFSecurityItem.Analysis:
                        Assert.True(security.CanRead &&
                                    security.CanWrite &&
                                    security.CanDelete &&
                                    security.CanExecute, "The current user must have Read, Write, Execute, and Delete permission to the Analyses System collection.");
                        break;

                    case AFSecurityItem.Element:
                    case AFSecurityItem.ElementTemplate:
                        Assert.True(security.CanRead &&
                                    security.CanReadData &&
                                    security.CanWrite &&
                                    security.CanWriteData &&
                                    security.CanDelete, "The current user must have Read, Write, Read Data, Write Data, and Delete permission to the following System collections:\n" +
                                    "\tElements\n" +
                                    "\tElement Templates");

                        var identities      = system.CurrentUserIdentities;
                        var instancedSystem = fixture.GetInstancedSystem();
                        if ((AFSecurityItem)securityItem == AFSecurityItem.Element)
                        {
                            Assert.True(security.CanAnnotate, "The current user must have Annotate permission to the Elements System collection.");
                        }
                        else
                        {
                            var elementTemplateToken = instancedSystem.GetSecurity(AFSecurityItem.ElementTemplate).Token;
                            elementTemplateToken.SecurityItem = AFSecurityItem.EventFrame;
                            var tokens = new List <AFSecurityRightsToken>()
                            {
                                elementTemplateToken
                            };
                            var dict = AFSecurity.CheckSecurity(instancedSystem, identities, tokens);
                            Assert.True(dict[elementTemplateToken.ObjectId].CanAnnotate(), "The current user must have Annotate permission to the Element Templates System collection.");
                        }

                        instancedSystem.Disconnect();
                        break;

                    case AFSecurityItem.NotificationRule:
                        Assert.True(security.CanRead &&
                                    security.CanWrite &&
                                    security.CanDelete &&
                                    security.CanSubscribe, "The current user must have Read, Write, Subscribe, and Delete permission to the Notification Rules System collection.");
                        break;
                    }
                }
            }
        }