protected void flowRepeaterList_ItemDataBound(object sender, RepeaterItemEventArgs e) { DataFlow dataFlow = e.Item.DataItem as DataFlow; DropDownList flowRoleCtrl = e.Item.FindControl("flowRoleCtrl") as DropDownList; Label flowRoleLabel = e.Item.FindControl("flowRoleLabel") as Label; HiddenField flowIsProtected = e.Item.FindControl("flowIsProtected") as HiddenField; FlowRoleType flowRole = FlowRoleType.None; if (_editUserAccount != null) { flowRole = GetFlowRole(_editUserAccount.Policies, dataFlow.FlowName); } List <string> possibleRoles = null; SystemRoleType selectedRole = SelectedRole; bool flowRoleCtrlEnabled = true; if (dataFlow.IsProtected) { flowIsProtected.Value = true.ToString(); if (selectedRole == SystemRoleType.Authed) { possibleRoles = CollectionUtils.CreateList(EnumUtils.ToDescription(FlowRoleType.None), EnumUtils.ToDescription(FlowRoleType.Endpoint)); } else { possibleRoles = CollectionUtils.CreateList(EnumUtils.GetAllDescriptions <FlowRoleType>()); } } else { if (selectedRole == SystemRoleType.Authed) { flowRoleCtrlEnabled = false; } else { possibleRoles = CollectionUtils.CreateList(EnumUtils.ToDescription(FlowRoleType.Endpoint), EnumUtils.ToDescription(FlowRoleType.View), EnumUtils.ToDescription(FlowRoleType.Modify)); } } if (flowRoleCtrlEnabled) { flowRoleCtrl.DataSource = possibleRoles; flowRoleCtrl.DataBind(); flowRoleCtrl.SelectedIndex = 0; flowRoleLabel.Visible = false; if (flowRole != FlowRoleType.None) { flowRoleCtrl.SelectedValue = EnumUtils.ToDescription(flowRole); } } else { flowRoleCtrl.Visible = false; flowRoleLabel.Text = EnumUtils.ToDescription(FlowRoleType.Endpoint); } }
public UserAccessPolicy(string userAccountId, ServiceRequestAuthorizationType type, string qualifier, FlowRoleType flowRoleType) { _accountId = userAccountId; _policyType = type; _typeQualifier = qualifier; _flowRoleType = flowRoleType; }
public UserAccessPolicy CreatePolicy(SystemRoleType userRole, string userId, string flowName, FlowRoleType flowRoleType) { if ((flowRoleType == FlowRoleType.None) || !IsFlowRoleTypePermittedForUserRole(userRole, flowRoleType)) { throw new ArgumentException(string.Format("Invalid user role (\"{0}\") specified for flow role (\"{0}\")", EnumUtils.ToDescription(userRole), EnumUtils.ToDescription(flowRoleType))); } return(new UserAccessPolicy(userId, ServiceRequestAuthorizationType.Flow, flowName, flowRoleType)); }
protected bool IsFlowRoleTypePermittedForUserRole(SystemRoleType userRole, FlowRoleType flowRole) { switch (userRole) { case SystemRoleType.Admin: return(true); case SystemRoleType.Program: return((flowRole == FlowRoleType.Endpoint) || (flowRole == FlowRoleType.View) || (flowRole == FlowRoleType.Modify)); case SystemRoleType.Authed: return(flowRole == FlowRoleType.Endpoint); default: return(false); } }
private bool IsFlowPermitted(IList <UserAccessPolicy> policies, string flowName, string flowId, FlowRoleType flowRole) { if ((flowRole != FlowRoleType.None) && !CollectionUtils.IsNullOrEmpty(policies)) { if (string.IsNullOrEmpty(flowName)) { ExceptionUtils.ThrowIfEmptyString(flowId, "flowId"); flowName = GetFlowNameFromId(flowId); if (flowName == null) { return(false); } } foreach (UserAccessPolicy policy in policies) { if ((policy.PolicyType == ServiceRequestAuthorizationType.Flow) && string.Equals(policy.TypeQualifier, flowName, StringComparison.InvariantCultureIgnoreCase)) { switch (flowRole) { case FlowRoleType.Endpoint: return((policy.FlowRoleType == FlowRoleType.Endpoint) || (policy.FlowRoleType == FlowRoleType.View) || (policy.FlowRoleType == FlowRoleType.Modify)); case FlowRoleType.View: return((policy.FlowRoleType == FlowRoleType.View) || (policy.FlowRoleType == FlowRoleType.Modify)); case FlowRoleType.Modify: return((policy.FlowRoleType == FlowRoleType.Modify)); default: DebugUtils.CheckDebuggerBreak(); return(false); } } } } return(false); }
public IList <string> GetAuthorizedUsernamesForFlow(string flowName, FlowRoleType roleType) { if (roleType == FlowRoleType.None) { return(null); } List <string> usernames = null; DoSimpleQueryWithRowCallbackDelegate( TABLE_NAME, "SystemRole;IsActive;IsDeleted", new object[] { SystemRoleType.Admin.ToString(), DbUtils.ToDbBool(true), DbUtils.ToDbBool(false) }, null, "NAASAccount", delegate(IDataReader reader) { CollectionUtils.Add(reader.GetString(0), ref usernames); }); string isAllowedQuery; switch (roleType) { case FlowRoleType.Modify: isAllowedQuery = "(p.IsAllowed = 'M')"; break; case FlowRoleType.View: isAllowedQuery = "(p.IsAllowed = 'M' OR p.IsAllowed = 'V')"; break; default: isAllowedQuery = "(p.IsAllowed = 'M' OR p.IsAllowed = 'V' OR p.IsAllowed = 'Y')"; break; } isAllowedQuery = string.Format("(UPPER(a.SystemRole) != UPPER('{0}') AND {1})", SystemRoleType.Admin.ToString(), isAllowedQuery); DoSimpleQueryWithRowCallbackDelegate( POLICY_TABLE_NAME + " p;" + TABLE_NAME + " a", "p.Qualifier;a.IsActive;a.IsDeleted;" + isAllowedQuery + ";p.Type = 'Flow';p.AccountId = a.Id", new object[] { flowName, DbUtils.ToDbBool(true), DbUtils.ToDbBool(false) }, null, "DISTINCT a.NAASAccount", delegate(IDataReader reader) { CollectionUtils.Add(reader.GetString(0), ref usernames); }); return(usernames); }
private bool IsFlowPermitted(string flowName, string flowId, FlowRoleType flowRole) { switch (Account.Role) { case SystemRoleType.Admin: return(true); case SystemRoleType.Program: break; // Do IsFlowPermitted() check below case SystemRoleType.Authed: if ((flowRole == FlowRoleType.View) || (flowRole == FlowRoleType.Modify)) { return(false); } break; // Do IsFlowPermitted() check below default: return(false); } return(IsFlowPermitted(Account.Policies, flowName, flowId, flowRole)); }
protected ICollection <FlowNameAndRole> GetPermissionedFlows() { SystemRoleType role = EnumUtils.FromDescription <SystemRoleType>(roleCtrl.SelectedValue); if (role == SystemRoleType.Admin) { return(null); // Everything is allowed } Repeater repeater = flowRepeaterList; List <FlowNameAndRole> permissionedFlows = null; foreach (RepeaterItem item in repeater.Items) { DropDownList flowRoleCtrl = item.FindControl("flowRoleCtrl") as DropDownList; Label flowCodeLabel = item.FindControl("FlowCode") as Label; HiddenField flowIsProtected = item.FindControl("flowIsProtected") as HiddenField; FlowRoleType flowRole = FlowRoleType.None; string flowName = null; if ((flowRoleCtrl != null) && (flowCodeLabel != null) && (flowIsProtected != null) && flowRoleCtrl.Visible) { flowName = flowCodeLabel.Text; flowRole = EnumUtils.FromDescription <FlowRoleType>(flowRoleCtrl.SelectedValue); if (flowRole != FlowRoleType.None) { bool flowIsProtectedValue = flowIsProtected.Value == true.ToString(); if (flowIsProtectedValue || ((flowRole == FlowRoleType.View) || (flowRole == FlowRoleType.Modify))) { FlowNameAndRole flowNameAndRole = new FlowNameAndRole(flowName, flowRole); CollectionUtils.Add(flowNameAndRole, ref permissionedFlows); } } } } return(permissionedFlows); }
public bool IsFlowPermittedById(string flowId, FlowRoleType flowRole) { return(IsFlowPermitted(null, flowId, flowRole)); }
public bool IsFlowPermittedByName(string flowName, FlowRoleType flowRole) { return(IsFlowPermitted(flowName, null, flowRole)); }
public FlowNameAndRole(string flowName, FlowRoleType flowRole) { FlowName = flowName; FlowRole = flowRole; }