void permissionAction_Triggered(object sender, MMC.SyncActionEventArgs e, AuthorizationType authorizationType)
{
try
{
foreach (MMC.ResultNode resultNode in this.SelectedNodes)
{
IAzManAuthorization auth = (IAzManAuthorization)resultNode.Tag;
this.changePermission(auth, authorizationType);
string sAuthType;
switch (authorizationType)
{
default:
case AuthorizationType.Neutral: sAuthType = Globalization.MultilanguageResource.GetString("Domain_Neutral"); break;
case AuthorizationType.Allow: sAuthType = Globalization.MultilanguageResource.GetString("Domain_Allow"); break;
case AuthorizationType.AllowWithDelegation: sAuthType = Globalization.MultilanguageResource.GetString("Domain_AllowWithDelegation"); break;
case AuthorizationType.Deny: sAuthType = Globalization.MultilanguageResource.GetString("Domain_Deny"); break;
}
resultNode.SubItemDisplayNames[0] = sAuthType;
}
}
catch (Exception ex)
{
this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("AuthorizationsListView_Tit10"));
}
finally
{
/*Application.DoEvents();*/
}
}
/// <summary>
/// افزودن نقش به کاربر
/// </summary>
public bool AddUserToRole(string userName, string roleName)
{
try
{
WindowsIdentity wi = new WindowsIdentity(GetUserNameWithoutDomain(userName) + _fullDomainName);
AzmanSid sid = new AzmanSid(wi);
IAzManStorage storage = new SqlAzManStorage(_azManConnectionString);
storage.OpenConnection();
//اگر نقش مورد نظر در ای زد من تعریف شده بود
if (RoleExists(roleName))
{
IAzManItem itemRole = storage[_storageName][_applicationName][roleName];
//نقش به کاربر اختصاص داده شود
IAzManAuthorization auth = itemRole.CreateAuthorization(sid, WhereDefined.LDAP, sid, WhereDefined.LDAP, AuthorizationType.Allow, null, null);
}
storage.CloseConnection();
result = true;
}
catch (Exception ex)
{
//log ex
}
return(result);
}
private void SaveRecord()
{
_Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
foreach (ListViewItem item in lvwStoreGroups.Items)
{
#region update checked items only, not selected
if (item.Checked)
{
_SelectedItems.Add(item);
#region 立即 save
IAzManStoreGroup storeGroup = _Store.GetStoreGroup(item.SubItems[0].Text);
IAzManAuthorization auth = _AuthItem.CreateAuthorization(
new SqlAzManSID(storeGroup.SID.ToString(), this._CurrentOwnerSidWhereDefined == WhereDefined.Store),
this._CurrentOwnerSidWhereDefined,
new SqlAzManSID(storeGroup.SID.ToString(), true),
WhereDefined.Store,
AuthorizationType.Neutral,
null,
null);
#endregion
}
#endregion
}
_Storage.CommitTransaction();
}
public bool AddRole(string user, string application, string role)
{
const string store = "CATS";
string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString;
IAzManStorage storage = new SqlAzManStorage(connectionString);
IAzManStore mystore = storage.GetStore(store); //or storage["My Store"]
IAzManApplication myapp = mystore.GetApplication(application);
//mystore.GetApplications();
IAzManItem azManRole = myapp.GetItem(role);
IAzManAuthorization dele = azManRole.CreateAuthorization(
mystore.GetDBUser("Admin").CustomSid,
WhereDefined.Database,
mystore.GetDBUser(user).CustomSid,
WhereDefined.Database,
AuthorizationType.AllowWithDelegation,
null,
null
);
//IAzManAuthorization del = azManRole.CreateDelegateAuthorization(mystore.GetDBUser("Admin"),mystore.GetDBUser(user).CustomSid,RestrictedAuthorizationType.Allow, null,null);
return(true);
}
private void raiseAuthorizationUpdated(IAzManAuthorization authorization, IAzManSid oldOwner, WhereDefined oldOwnerSidWhereDefined, IAzManSid oldSid, WhereDefined oldSidWhereDefined, AuthorizationType oldAuthorizationType, DateTime?oldValidFrom, DateTime?oldValidTo)
{
if (this.AuthorizationUpdated != null)
{
this.AuthorizationUpdated(authorization, oldOwner, oldOwnerSidWhereDefined, oldSid, oldSidWhereDefined, oldAuthorizationType, oldValidFrom, oldValidTo);
}
}
void deleteAuthorizationsAction_Triggered(object sender, MMC.SyncActionEventArgs e)
{
MessageBoxParameters mbp = new MessageBoxParameters();
mbp.Buttons = MessageBoxButtons.YesNo;
mbp.Caption = e.Action.DisplayName;
mbp.DefaultButton = MessageBoxDefaultButton.Button2;
mbp.Icon = MessageBoxIcon.Question;
mbp.Text = String.Format(Globalization.MultilanguageResource.GetString("Menu_Msg50"));
DialogResult dr = this.SnapIn.Console.ShowDialog(mbp);
if (dr == DialogResult.Yes)
{
try
{
foreach (MMC.ResultNode resultNode in this.SelectedNodes)
{
IAzManAuthorization auth = (IAzManAuthorization)resultNode.Tag;
auth.Delete();
this.ResultNodes.Remove(resultNode);
}
}
catch (Exception ex)
{
this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("AuthorizationsListView_Tit20"));
}
}
}
private void Form_Load(object sender, EventArgs e)
{
_Storage = (IAzManStorage)Session["storage"];
if (Session["selectedObject"] as IAzManStore != null)
{
_Store = Session["selectedObject"] as IAzManStore;
}
if (Session["selectedObject"] as IAzManApplication != null)
{
_Application = Session["selectedObject"] as IAzManApplication;
_Store = _Application.Store;
}
if (Session["selectedObject"] as IAzManItem != null)
{
_AuthItem = Session["selectedObject"] as IAzManItem;
_Application = _AuthItem.Application;
_Store = _Application.Store;
_Authorization = _AuthItem.GetAuthorization(_AuthorizationID);
MemberType memberType = _Authorization.GetMemberInfo(out _DisplayName);
}
if (Session["selectedObject"] as IAzManApplicationGroup != null)
{
_ApplicationGroup = Session["selectedObject"] as IAzManApplicationGroup;
_Application = _ApplicationGroup.Application;
_Store = _Application.Store;
}
SetAttributes();
SetToolBar();
SetListView();
LoadList();
}
private void raiseAuthorizationAttributeCreated(IAzManAuthorization owner, IAzManAttribute <IAzManAuthorization> attributeCreated)
{
if (this.AuthorizationAttributeCreated != null)
{
this.AuthorizationAttributeCreated(owner, attributeCreated);
}
}
/// <summary>
/// Create an Authorization Delegate
/// </summary>
private void CreateDelegate()
{
// USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Users
//Sql Storage connection string
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
//Create an instance of SqlAzManStorage class
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
IAzManStore mystore = storage.GetStore("My Store"); //or storage["My Store"]
IAzManApplication myapp = mystore.GetApplication("My Application");
IAzManItem myop = myapp.GetItem("My Operation");
//Retrieve current user identity (delegating user)
WindowsIdentity userIdentity = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()); //for Windows Applications
//WindowsIdentity userIdentity = this.Request.LogonUserIdentity; //for ASP.NET Applications
//Retrieve delegate user Login
NTAccount delegateUserLogin = new NTAccount("DOMAIN", "delegateuseraccount");
//Retrieve delegate user SID
SecurityIdentifier delegateSID = (SecurityIdentifier)delegateUserLogin.Translate(typeof(SecurityIdentifier));
IAzManSid delegateNetSqlAzManSID = new SqlAzManSID(delegateSID);
//Estabilish delegate authorization (only Allow or Deny)
RestrictedAuthorizationType delegateAuthorization = RestrictedAuthorizationType.Allow;
//Create delegate
IAzManAuthorization del = myop.CreateDelegateAuthorization(userIdentity, delegateNetSqlAzManSID, delegateAuthorization, new DateTime(2006, 1, 1, 0, 0, 0), new DateTime(2006, 12, 31, 23, 59, 59));
//Set custom Attribute on Authorization Delegate
del.CreateAttribute("MyCustomInfoKey", "MyCustomInfoValue");
}
internal static SqlAzManException AttributeNotFoundException(string key, IAzManAuthorization authorization, Exception innerException)
{
SqlAzManException ex = new SqlAzManException(String.Format("Attribute '{0}' not found. Store '{1}', Application '{2}', Item '{3}', Authorization SID '{4}'.",
key, authorization.Item.Application.Store.Name, authorization.Item.Application.Name, authorization.Item.Name, authorization.SID.StringValue), innerException);
addParameter(ex, "Store name", authorization.Item.Application.Store.Name);
addParameter(ex, "Application name", authorization.Item.Application.Name);
addParameter(ex, "Item name", authorization.Item.Name);
addParameter(ex, "Authorization SID", authorization.SID.StringValue);
return(ex);
}
protected void Page_Load(object sender, EventArgs e)
{
IAzManItem item = this.Session["selectedObject"] as IAzManItem;
this.authorization = item.GetAuthorization(int.Parse(this.Request["AuthorizationID"]));
this.Text = "Authorization Attributes";
this.Title = this.Text;
this.Description = this.Text;
if (!Page.IsPostBack)
{
this.bindGridView();
}
}
protected void btnDelegateForBudgetCheck_Click(object sender, EventArgs e)
{
NTAccount delegatedNTAccount = new NTAccount("ProductManager1");
SecurityIdentifier delegatedSid = (SecurityIdentifier)delegatedNTAccount.Translate(typeof(SecurityIdentifier));
this.application.Store.Storage.OpenConnection();
this.application.Store.Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
IAzManAuthorization delegateAuthorization = this.application["Controllo del Budget"].CreateDelegateAuthorization(this.identity, new SqlAzManSID(delegatedSid), RestrictedAuthorizationType.Allow, null, null);
delegateAuthorization.CreateAttribute("SomeBusinessAttribute", "Business profile data");
this.application.Store.Storage.CommitTransaction();
this.application.Store.Storage.CloseConnection();
this.btnDelegateForBudgetCheck.Enabled = false;
this.btnUndelegate.Enabled = true;
}
/// <summary>
/// Create a Full Storage through .NET code
/// </summary>
private void CreateFullStorage()
{
// USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Administrators
//Sql Storage connection string
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
//Create an instance of SqlAzManStorage class
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
//Open Storage Connection
storage.OpenConnection();
//Begin a new Transaction
storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
//Create a new Store
IAzManStore newStore = storage.CreateStore("My Store", "Store description");
//Create a new Basic StoreGroup
IAzManStoreGroup newStoreGroup = newStore.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), "My Store Group", "Store Group Description", String.Empty, GroupType.Basic);
//Retrieve current user SID
IAzManSid mySid = new SqlAzManSID(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User);
//Add myself as sid of "My Store Group"
IAzManStoreGroupMember storeGroupMember = newStoreGroup.CreateStoreGroupMember(mySid, WhereDefined.Local, true);
//Create a new Application
IAzManApplication newApp = newStore.CreateApplication("New Application", "Application description");
//Create a new Role
IAzManItem newRole = newApp.CreateItem("New Role", "Role description", ItemType.Role);
//Create a new Task
IAzManItem newTask = newApp.CreateItem("New Task", "Task description", ItemType.Task);
//Create a new Operation
IAzManItem newOp = newApp.CreateItem("New Operation", "Operation description", ItemType.Operation);
//Add "New Operation" as a sid of "New Task"
newTask.AddMember(newOp);
//Add "New Task" as a sid of "New Role"
newRole.AddMember(newTask);
//Create an authorization for myself on "New Role"
IAzManAuthorization auth = newRole.CreateAuthorization(mySid, WhereDefined.Local, mySid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null);
//Create a custom attribute
IAzManAttribute <IAzManAuthorization> attr = auth.CreateAttribute("New Key", "New Value");
//Create an authorization for DB User "Andrea" on "New Role"
IAzManAuthorization auth2 = newRole.CreateAuthorization(mySid, WhereDefined.Local, storage.GetDBUser("Andrea").CustomSid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null);
//Commit transaction
storage.CommitTransaction();
//Close connection
storage.CloseConnection();
}
private void AddAuthDataRow(IAzManAuthorization authorization)
{
DataRow dr = _AuthData.NewRow();
dr["AuthorizationID"] = authorization.AuthorizationId;
dr["AttributesLink"] = ""; // this.getAttributesLink((int)dr["AuthorizationID"]);
string displayName;
MemberType memberType = authorization.GetMemberInfo(out displayName);
string ownerName;
MemberType ownerType = authorization.GetOwnerInfo(out ownerName);
dr["MemberType"] = NetSqlAzManHelper.GetMemberTypeName(memberType, authorization.SID, _AuthItem);
dr["MemberTypeEnum"] = memberType;
dr["Owner"] = ownerName;
dr["Name"] = displayName;
dr["OwnerSID"] = authorization.Owner;
if (authorization.SidWhereDefined == WhereDefined.Database)
{
dr["ObjectSID"] = authorization.SID.StringValue;
}
else
{
dr["ObjectSID"] = authorization.SID.StringValue;
}
switch (authorization.SidWhereDefined.ToString())
{
case "LDAP": dr["WhereDefined"] = "Active Directory"; break;
case "Local": dr["WhereDefined"] = "Local"; break;
case "Database": dr["WhereDefined"] = "DB User"; break;
case "Store": dr["WhereDefined"] = "Store"; break;
case "Application": dr["WhereDefined"] = "Application"; break;
}
dr["WhereDefinedEnum"] = authorization.SidWhereDefined;
dr["AuthorizationType"] = NetSqlAzManHelper.GetAuthTypeName(authorization.AuthorizationType);
dr["AuthorizationTypeEnum"] = authorization.AuthorizationType;
dr["ValidFrom"] = authorization.ValidFrom.HasValue ? (object)authorization.ValidFrom.Value : DBNull.Value;
dr["ValidTo"] = authorization.ValidTo.HasValue ? (object)authorization.ValidTo.Value : DBNull.Value;
_AuthData.Rows.Add(dr);
}
private void AddAuthorizationDataRow(IAzManAuthorization authorization)
{
DataRow dr = this.dtAuthorizations.NewRow();
dr["AuthorizationID"] = authorization.AuthorizationId;
string displayName;
MemberType memberType = authorization.GetMemberInfo(out displayName);
string ownerName;
MemberType ownerType = authorization.GetOwnerInfo(out ownerName);
dr["MemberType"] = this.RenderMemberType(memberType, authorization.SID);
dr["MemberTypeEnum"] = memberType;
dr["Owner"] = ownerName;
dr["Name"] = displayName;
dr["OwnerSID"] = authorization.Owner;
if (authorization.SidWhereDefined == WhereDefined.Database)
{
dr["ObjectSID"] = new SqlAzManSID(authorization.SID.BinaryValue, true);
}
else
{
dr["ObjectSID"] = authorization.SID;
}
switch (authorization.SidWhereDefined.ToString())
{
case "LDAP": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_LDAP"); break;
case "Local": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_Local"); break;
case "Database": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_DB"); break;
case "Store": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_Store"); break;
case "Application": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_Application"); break;
}
dr["WhereDefinedEnum"] = authorization.SidWhereDefined;
dr["AuthorizationType"] = this.RenderAuthorizationType(authorization.AuthorizationType);
dr["AuthorizationTypeEnum"] = authorization.AuthorizationType;
dr["ValidFrom"] = authorization.ValidFrom.HasValue ? (object)authorization.ValidFrom.Value : DBNull.Value;
dr["ValidTo"] = authorization.ValidTo.HasValue ? (object)authorization.ValidTo.Value : DBNull.Value;
this.dtAuthorizations.Rows.Add(dr);
}
private void AddAuthorizationDataRow(IAzManAuthorization authorization)
{
DataRow dr = this.dtAuthorizations.NewRow();
dr["AuthorizationID"] = authorization.AuthorizationId;
dr["AttributesLink"] = this.getAttributesLink((int)dr["AuthorizationID"]);
string displayName;
MemberType memberType = authorization.GetMemberInfo(out displayName);
string ownerName;
MemberType ownerType = authorization.GetOwnerInfo(out ownerName);
dr["MemberType"] = this.RenderMemberType(memberType, authorization.SID);
dr["MemberTypeEnum"] = memberType;
dr["Owner"] = ownerName;
dr["Name"] = displayName;
dr["OwnerSID"] = authorization.Owner;
if (authorization.SidWhereDefined == WhereDefined.Database)
{
dr["ObjectSID"] = authorization.SID.StringValue;
}
else
{
dr["ObjectSID"] = authorization.SID.StringValue;
}
switch (authorization.SidWhereDefined.ToString())
{
case "LDAP": dr["WhereDefined"] = "Active Directory"; break;
case "Local": dr["WhereDefined"] = "Local"; break;
case "Database": dr["WhereDefined"] = "DB User"; break;
case "Store": dr["WhereDefined"] = "Store"; break;
case "Application": dr["WhereDefined"] = "Application"; break;
}
dr["WhereDefinedEnum"] = authorization.SidWhereDefined;
dr["AuthorizationType"] = this.RenderAuthorizationType(authorization.AuthorizationType);
dr["AuthorizationTypeEnum"] = authorization.AuthorizationType;
dr["ValidFrom"] = authorization.ValidFrom.HasValue ? (object)authorization.ValidFrom.Value : DBNull.Value;
dr["ValidTo"] = authorization.ValidTo.HasValue ? (object)authorization.ValidTo.Value : DBNull.Value;
this.dtAuthorizations.Rows.Add(dr);
}
protected void Page_Load(object sender, EventArgs e)
{
IAzManItem item = this.Session["selectedObject"] as IAzManItem;
this.authorization = item.GetAuthorization(int.Parse(this.Request["AuthorizationID"]));
this.Text = "Authorization Attributes";
this.Title = this.Text;
this.Description = this.Text;
if (!Page.IsPostBack)
{
this.bindGridView();
}
}
private void raiseAuthorizationAttributeCreated(IAzManAuthorization owner, IAzManAttribute<IAzManAuthorization> attributeCreated)
{
if (this.AuthorizationAttributeCreated != null)
this.AuthorizationAttributeCreated(owner, attributeCreated);
}
void ENS_AuthorizationCreated(IAzManItem item, IAzManAuthorization authorizationCreated)
{
System.Diagnostics.Debug.WriteLine(authorizationCreated.Item.Name);
}
private void raiseAuthorizationUpdated(IAzManAuthorization authorization, IAzManSid oldOwner, WhereDefined oldOwnerSidWhereDefined, IAzManSid oldSid, WhereDefined oldSidWhereDefined, AuthorizationType oldAuthorizationType, DateTime? oldValidFrom, DateTime? oldValidTo)
{
if (this.AuthorizationUpdated != null)
this.AuthorizationUpdated(authorization, oldOwner, oldOwnerSidWhereDefined, oldSid, oldSidWhereDefined, oldAuthorizationType, oldValidFrom, oldValidTo);
}
private static void addParameter(SqlAzManException ex, IAzManAuthorization auth)
{
addParameter(ex, "Authorization Id", auth.AuthorizationId);
}
/// <summary>
/// Adds an IAzManAuthorization publisher.
/// </summary>
/// <param name="publisher">The publisher.</param>
internal void AddPublisher(IAzManAuthorization publisher)
{
publisher.AuthorizationAttributeCreated += new AttributeCreatedDelegate<IAzManAuthorization>(delegate(IAzManAuthorization owner, IAzManAttribute<IAzManAuthorization> attributeCreated) { if (this.AuthorizationAttributeCreated != null) this.AuthorizationAttributeCreated(owner, attributeCreated); }); publisher.AuthorizationDeleted += new AuthorizationDeletedDelegate(delegate(IAzManItem ownerItem, IAzManSid owner, IAzManSid sid) { if (this.AuthorizationDeleted != null) this.AuthorizationDeleted(ownerItem, owner, sid); });
publisher.AuthorizationUpdated += new AuthorizationUpdatedDelegate(delegate(IAzManAuthorization authorization, IAzManSid oldOwner, WhereDefined oldOwnerSidWhereDefined, IAzManSid oldSid, WhereDefined oldSidWhereDefined, AuthorizationType oldAuthorizationType, DateTime? oldValidFrom, DateTime? oldValidTo) { if (this.AuthorizationUpdated != null) this.AuthorizationUpdated(authorization, oldOwner, oldOwnerSidWhereDefined, oldSid, oldSidWhereDefined, oldAuthorizationType, oldValidFrom, oldValidTo); });
}
void SqlAzManENS_AuthorizationCreated(IAzManItem item, IAzManAuthorization authorizationCreated)
{
logging.WriteInfo(this, String.Format("ENS Event: {0}\r\n\r\nItem: {1}\r\nAuthorization Created: {2}\r\n", "AuthorizationCreated", item.ToString(), authorizationCreated.ToString()));
}
private void raiseAuthorizationCreated(IAzManItem item, IAzManAuthorization authorizationCreated)
{
if (this.AuthorizationCreated != null)
this.AuthorizationCreated(item, authorizationCreated);
}
private void CommitChanges()
{
if (this.dtAuthorizations.HasErrors)
{
throw new Exception(Globalization.MultilanguageResource.GetString("frmItemAuthorizations_Msg30"));
}
try
{
if (!this.modified)
{
return;
}
//Application Group Properties
this.item.Application.Store.Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
// To Delete
DataTable toDelete = this.dtAuthorizations.GetChanges(DataRowState.Deleted);
if (toDelete != null)
{
toDelete.RejectChanges();
foreach (DataRow dr in toDelete.Rows)
{
this.item.GetAuthorization((int)dr["AuthorizationID"]).Delete();
}
}
// To Add
DataTable toAdd = this.dtAuthorizations.GetChanges(DataRowState.Added);
if (toAdd != null)
{
foreach (DataRow dr in toAdd.Rows)
{
IAzManAuthorization authorization = this.item.CreateAuthorization(
new SqlAzManSID((string)dr["OwnerSID"], this.currentOwnerSidWhereDefined == WhereDefined.Database),
this.currentOwnerSidWhereDefined,
(((WhereDefined)dr["WhereDefinedEnum"]) == WhereDefined.Database ?
new SqlAzManSID((string)dr["ObjectSID"], true) : new SqlAzManSID((string)dr["ObjectSID"], false)),
(WhereDefined)dr["WhereDefinedEnum"],
(AuthorizationType)dr["AuthorizationTypeEnum"],
(dr["ValidFrom"] != DBNull.Value ? (DateTime?)dr["ValidFrom"] : null),
(dr["ValidTo"] != DBNull.Value ? (DateTime?)dr["ValidTo"] : null));
DataRow originalRow = this.dtAuthorizations.Select("AuthorizationID=" + dr["AuthorizationID"].ToString())[0];
originalRow["AuthorizationID"] = authorization.AuthorizationId;
}
}
// To Update
DataTable toUpdate = this.dtAuthorizations.GetChanges(DataRowState.Modified);
if (toUpdate != null)
{
foreach (DataRow dr in toUpdate.Rows)
{
this.item.GetAuthorization((int)dr["AuthorizationID"]).Update(
new SqlAzManSID((string)dr["OwnerSID"], this.currentOwnerSidWhereDefined == WhereDefined.Database),
new SqlAzManSID((string)dr["ObjectSID"], ((WhereDefined)dr["WhereDefinedEnum"]) == WhereDefined.Database),
(WhereDefined)dr["WhereDefinedEnum"],
(AuthorizationType)dr["AuthorizationTypeEnum"],
(dr["ValidFrom"] != DBNull.Value ? (DateTime?)dr["ValidFrom"] : null),
(dr["ValidTo"] != DBNull.Value ? (DateTime?)dr["ValidTo"] : null));
}
}
this.modified = false;
this.dtAuthorizations.AcceptChanges();
this.item.Application.Store.Storage.CommitTransaction();
}
catch
{
this.item.Application.Store.Storage.RollBackTransaction();
throw;
}
finally
{
this.btnApply.Enabled = this.modified;
}
}
void ens_AuthorizationCreated(IAzManItem item, IAzManAuthorization authorizationCreated)
{
MessageBox.Show("created");
}
void SqlAzManENS_AuthorizationUpdated(IAzManAuthorization authorization, IAzManSid oldOwner, WhereDefined oldOwnerSidWhereDefined, IAzManSid oldSid, WhereDefined oldSidWhereDefined, AuthorizationType oldAuthorizationType, DateTime? oldValidFrom, DateTime? oldValidTo)
{
logging.WriteInfo(this, String.Format("ENS Event: {0}\r\n\r\nAuthorization: {1}\r\nOld Owner SID: {2}\r\nOld Owner SID Where Defined: {3}\r\nOld SID: {4}\r\nOld SID Where Defined: {5}\r\nOld Authorization Type: {6}\r\nOld Valid From: {7}\r\nOld Valid To: {8}\r\n",
"AuthorizationUpdated", authorization.ToString(), oldOwner.ToString(), oldOwnerSidWhereDefined, oldSid.ToString(), oldSidWhereDefined, oldAuthorizationType, (oldValidFrom.HasValue ? oldValidFrom.Value.ToString() : ""), (oldValidTo.HasValue ? oldValidTo.Value.ToString() : "")));
}
void ENS_AuthorizationCreated(IAzManItem item, IAzManAuthorization authorizationCreated)
{
System.Diagnostics.Debug.WriteLine(authorizationCreated.Item.Name);
}
internal static SqlAzManException AttributeDuplicateException(string attributeKey, IAzManAuthorization authorization, Exception innerException)
{
SqlAzManException ex = new SqlAzManException(String.Format("An Attribute with the same key name already exists: '{0}'. Store '{1}', Application '{2}', Item '{3}', Authorization Id '{4}'.", attributeKey, authorization.Item.Application.Store.Name, authorization.Item.Application.Name, authorization.Item.Name, authorization.AuthorizationId), innerException);
addParameter(ex, "Attribute key", attributeKey);
addParameter(ex, authorization);
return(ex);
}
internal static SqlAzManException AttributeDuplicateException(string attributeKey, IAzManAuthorization authorization, Exception innerException)
{
SqlAzManException ex = new SqlAzManException(String.Format("An Attribute with the same key name already exists: '{0}'. Store '{1}', Application '{2}', Item '{3}', Authorization Id '{4}'.", attributeKey, authorization.Item.Application.Store.Name, authorization.Item.Application.Name, authorization.Item.Name, authorization.AuthorizationId), innerException);
addParameter(ex, "Attribute key", attributeKey);
addParameter(ex, authorization);
return ex;
}
private void raiseDelegateCreated(IAzManItem item, IAzManAuthorization delegationCreated)
{
if (this.DelegateCreated != null)
this.DelegateCreated(item, delegationCreated);
}
internal static SqlAzManException AttributeNotFoundException(string key, IAzManAuthorization authorization, Exception innerException)
{
SqlAzManException ex = new SqlAzManException(String.Format("Attribute '{0}' not found. Store '{1}', Application '{2}', Item '{3}', Authorization SID '{4}'.",
key, authorization.Item.Application.Store.Name, authorization.Item.Application.Name, authorization.Item.Name, authorization.SID.StringValue), innerException);
addParameter(ex, "Store name", authorization.Item.Application.Store.Name);
addParameter(ex, "Application name", authorization.Item.Application.Name);
addParameter(ex, "Item name", authorization.Item.Name);
addParameter(ex, "Authorization SID", authorization.SID.StringValue);
return ex;
}
void SqlAzManENS_AuthorizationAttributeDeleted(IAzManAuthorization owner, string key)
{
logging.WriteInfo(this, String.Format("ENS Event: {0}\r\n\r\nAuthorization: {1}\r\nAttribute deleted Key: {2}\r\n", "AuthorizationAttributeDeleted", owner.ToString(), key));
}
private void AddAuthorizations(TreeNode parent, IAzManItem item)
{
bool stop = false;
AuthorizationType authType = AuthorizationType.AllowWithDelegation;
IAzManAuthorization[] authz = new IAzManAuthorization[item.Authorizations.Count];
item.Authorizations.CopyTo(authz, 0); ;
if (authz.Length > 0)
{
while (!stop)
{
string sAuthz = String.Empty;
string imageType = String.Empty;
string sAuthType = String.Empty;
switch (authType)
{
case AuthorizationType.AllowWithDelegation: sAuthType = "Allow With Delegation"; imageType = "AllowForDelegation.bmp"; break;
case AuthorizationType.Allow: sAuthType = "Allow"; imageType = "Allow.bmp"; break;
case AuthorizationType.Deny: sAuthType = "Deny"; imageType = "Deny.bmp"; break;
case AuthorizationType.Neutral: sAuthType = "Neutral"; imageType = "Neutral.bmp"; break;
}
foreach (IAzManAuthorization auth in authz)
{
if (auth.AuthorizationType == authType)
{
string displayName = String.Empty;
MemberType mt = auth.GetMemberInfo(out displayName);
sAuthz += displayName + ", ";
}
}
if (sAuthz.EndsWith(", ")) sAuthz = sAuthz.Remove(sAuthz.Length - 2);
if (!String.IsNullOrEmpty(sAuthz))
{
TreeNode imageNode = new TreeNode(sAuthType, sAuthType, this.getImageUrl(imageType));
parent.ChildNodes.Add(imageNode);
TreeNode authzNode = new TreeNode(sAuthz, sAuthz);
imageNode.ChildNodes.Add(authzNode);
}
switch (authType)
{
case AuthorizationType.AllowWithDelegation: authType = AuthorizationType.Allow; break;
case AuthorizationType.Allow: authType = AuthorizationType.Deny; break;
case AuthorizationType.Deny: authType = AuthorizationType.Neutral; break;
case AuthorizationType.Neutral: stop = true; break;
}
if (stop) break;
}
}
}
void SqlAzManENS_AuthorizationAttributeCreated(IAzManAuthorization owner, IAzManAttribute<IAzManAuthorization> attributeCreated)
{
logging.WriteInfo(this, String.Format("ENS Event: {0}\r\n\r\nAuthorization: {1}\r\nAuthorization Attribute Created: {2}\r\n", "AuthorizationAttributeCreated", owner.ToString(), attributeCreated.ToString()));
}
private bool PrintItem(PrintPageEventArgs e, IAzManItem item, int indentLevel, float parentItemX, float parentItemY)
{
Icon itemIcon = null;
switch (item.ItemType)
{
case ItemType.Role:
itemIcon = Properties.Resources.Role_16x16;
break;
case ItemType.Task:
itemIcon = Properties.Resources.Task_16x16;
break;
case ItemType.Operation:
itemIcon = Properties.Resources.Operation_16x16;
break;
}
float parentParentItemX = 0.0F;
float parentParentItemY = 0.0F;
if (!this.alreadyPrinted.Contains(item.ItemId))
{
base.WriteLineString(new String('\t', indentLevel), itemIcon, String.Format("{0}{1}", item.Name, (String.IsNullOrEmpty(item.Description) ? String.Empty : String.Format(" - {0}", item.Description))), e);
if (parentItemX == 0 || parentItemY == 0)
{
parentItemX = e.Graphics.MeasureString(new String('\t', indentLevel - 1), base.font).Width + itemIcon.Size.Width / 2;
parentItemY = base.lastY - 1.5F;
}
parentParentItemX = base.lastX + itemIcon.Width / 2;
parentParentItemY = base.lastY + itemIcon.Height + 3;
this.alreadyPrinted.Add(item.ItemId);
if (base.EOP)
{
return(true);
}
}
AuthorizationType authType = AuthorizationType.AllowWithDelegation;
while (true)
{
IAzManAuthorization[] authz = new IAzManAuthorization[item.Authorizations.Count];
string sAuthz = String.Empty;
Image imageType = null;
item.Authorizations.CopyTo(authz, 0);;
if (authz.Length > 0)
{
if (!this.alreadyPrinted.Contains(item.ItemId.ToString() + authType.ToString()))
{
string sAuthType = String.Empty;
switch (authType)
{
case AuthorizationType.AllowWithDelegation: sAuthType = Globalization.MultilanguageResource.GetString("Domain_AllowWithDelegation"); imageType = Properties.Resources.AllowForDelegation; break;
case AuthorizationType.Allow: sAuthType = Globalization.MultilanguageResource.GetString("Domain_Allow"); imageType = Properties.Resources.Allow; break;
case AuthorizationType.Deny: sAuthType = Globalization.MultilanguageResource.GetString("Domain_Deny"); imageType = Properties.Resources.Deny; break;
case AuthorizationType.Neutral: sAuthType = Globalization.MultilanguageResource.GetString("Domain_Neutral"); imageType = Properties.Resources.Neutral; break;
}
foreach (IAzManAuthorization auth in authz)
{
if (auth.AuthorizationType == authType)
{
string displayName = String.Empty;
MemberType mt = auth.GetMemberInfo(out displayName);
sAuthz += displayName + ", ";
}
}
if (sAuthz.EndsWith(", "))
{
sAuthz = sAuthz.Remove(sAuthz.Length - 2);
}
if (!String.IsNullOrEmpty(sAuthz))
{
base.currentX = e.Graphics.MeasureString(new string('\t', indentLevel + 1), base.font).Width;
RectangleF rect = new RectangleF(this.currentX, this.currentY, e.PageBounds.Width - this.currentX - e.PageBounds.Left, e.PageBounds.Height - e.PageBounds.Top);
StringFormat sf = new StringFormat();
sf.FormatFlags = StringFormatFlags.NoClip;
sf.Trimming = StringTrimming.Word;
if (this.currentY + this.meauseMultiLines(sAuthz, this.font, rect, sf, e) + this.spaceBetweenLines > e.PageBounds.Bottom - 70)
{
//all authz in the next page
return(true);
}
base.WriteLineString(new string('\t', indentLevel + 1), imageType, sAuthType.ToUpper(), e);
base.currentX = e.Graphics.MeasureString(new string('\t', indentLevel + 1), base.font).Width;
base.WriteLineString(sAuthz, e);
this.alreadyPrinted.Add(item.ItemId.ToString() + authType.ToString());
if (base.EOP)
{
return(true);
}
base.WriteLineString(" ", e);
if (base.EOP)
{
return(true);
}
}
}
}
bool stop = false;
switch (authType)
{
case AuthorizationType.AllowWithDelegation: authType = AuthorizationType.Allow; break;
case AuthorizationType.Allow: authType = AuthorizationType.Deny; break;
case AuthorizationType.Deny: authType = AuthorizationType.Neutral; break;
case AuthorizationType.Neutral: stop = true; break;
}
if (stop)
{
break;
}
}
return(false);
}
private static void addParameter(SqlAzManException ex, IAzManAuthorization auth)
{
addParameter(ex, "Authorization Id", auth.AuthorizationId);
}
private void AddAuthorizationDataRow(IAzManAuthorization authorization)
{
DataRow dr = this.dtAuthorizations.NewRow();
dr["AuthorizationID"] = authorization.AuthorizationId;
string displayName;
MemberType memberType = authorization.GetMemberInfo(out displayName);
string ownerName;
MemberType ownerType = authorization.GetOwnerInfo(out ownerName);
dr["MemberType"] = this.RenderMemberType(memberType, authorization.SID);
dr["MemberTypeEnum"] = memberType;
dr["Owner"] = ownerName;
dr["Name"] = displayName;
dr["OwnerSID"] = authorization.Owner;
if (authorization.SidWhereDefined == WhereDefined.Database)
{
dr["ObjectSID"] = new SqlAzManSID(authorization.SID.BinaryValue, true);
}
else
{
dr["ObjectSID"] = authorization.SID;
}
switch (authorization.SidWhereDefined.ToString())
{
case "LDAP": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_LDAP"); break;
case "Local": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_Local"); break;
case "Database": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_DB"); break;
case "Store": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_Store"); break;
case "Application": dr["WhereDefined"] = Globalization.MultilanguageResource.GetString("WhereDefined_Application"); break;
}
dr["WhereDefinedEnum"] = authorization.SidWhereDefined;
dr["AuthorizationType"] = this.RenderAuthorizationType(authorization.AuthorizationType);
dr["AuthorizationTypeEnum"] = authorization.AuthorizationType;
dr["ValidFrom"] = authorization.ValidFrom.HasValue ? (object)authorization.ValidFrom.Value : DBNull.Value;
dr["ValidTo"] = authorization.ValidTo.HasValue ? (object)authorization.ValidTo.Value : DBNull.Value;
this.dtAuthorizations.Rows.Add(dr);
}
/// <summary>
/// Detect if auth1 is the same of auth2
/// </summary>
/// <param name="auth1">The auth1.</param>
/// <param name="auth2">The auth2.</param>
/// <returns></returns>
internal bool areEquals(IAzManAuthorization auth1, IAzManAuthorization auth2)
{
return
auth1.AuthorizationType == auth2.AuthorizationType
&&
auth1.Item.Name == auth2.Item.Name
&&
auth1.Owner.StringValue == auth2.Owner.StringValue
&&
auth1.OwnerSidWhereDefined == auth2.OwnerSidWhereDefined
&&
auth1.SID.StringValue == auth2.SID.StringValue
&&
auth1.SidWhereDefined == auth2.SidWhereDefined
&&
auth1.ValidFrom == auth2.ValidFrom
&&
auth1.ValidTo == auth2.ValidTo;
}
private void AddAuthorizations(TreeNode parent, IAzManItem item)
{
bool stop = false;
AuthorizationType authType = AuthorizationType.AllowWithDelegation;
IAzManAuthorization[] authz = new IAzManAuthorization[item.Authorizations.Count];
item.Authorizations.CopyTo(authz, 0);;
if (authz.Length > 0)
{
while (!stop)
{
string sAuthz = String.Empty;
string imageType = String.Empty;
string sAuthType = String.Empty;
switch (authType)
{
case AuthorizationType.AllowWithDelegation: sAuthType = "Allow With Delegation"; imageType = "AllowForDelegation.bmp"; break;
case AuthorizationType.Allow: sAuthType = "Allow"; imageType = "Allow.bmp"; break;
case AuthorizationType.Deny: sAuthType = "Deny"; imageType = "Deny.bmp"; break;
case AuthorizationType.Neutral: sAuthType = "Neutral"; imageType = "Neutral.bmp"; break;
}
foreach (IAzManAuthorization auth in authz)
{
if (auth.AuthorizationType == authType)
{
string displayName = String.Empty;
MemberType mt = auth.GetMemberInfo(out displayName);
sAuthz += displayName + ", ";
}
}
if (sAuthz.EndsWith(", "))
{
sAuthz = sAuthz.Remove(sAuthz.Length - 2);
}
if (!String.IsNullOrEmpty(sAuthz))
{
TreeNode imageNode = new TreeNode(sAuthType, sAuthType, this.getImageUrl(imageType));
parent.ChildNodes.Add(imageNode);
TreeNode authzNode = new TreeNode(sAuthz, sAuthz);
imageNode.ChildNodes.Add(authzNode);
}
switch (authType)
{
case AuthorizationType.AllowWithDelegation: authType = AuthorizationType.Allow; break;
case AuthorizationType.Allow: authType = AuthorizationType.Deny; break;
case AuthorizationType.Deny: authType = AuthorizationType.Neutral; break;
case AuthorizationType.Neutral: stop = true; break;
}
if (stop)
{
break;
}
}
}
}
private void changePermission(IAzManAuthorization authorization, AuthorizationType authorizationType)
{
authorization.Update(authorization.Owner, authorization.SID, authorization.SidWhereDefined, authorizationType, authorization.ValidFrom, authorization.ValidTo);
}
private void changePermission(IAzManAuthorization authorization, AuthorizationType authorizationType)
{
authorization.Update(authorization.Owner, authorization.SID, authorization.SidWhereDefined, authorizationType, authorization.ValidFrom, authorization.ValidTo);
}
private bool PrintItem(PrintPageEventArgs e, IAzManItem item, int indentLevel, float parentItemX, float parentItemY)
{
Icon itemIcon = null;
switch (item.ItemType)
{
case ItemType.Role:
itemIcon = Properties.Resources.Role_16x16;
break;
case ItemType.Task:
itemIcon = Properties.Resources.Task_16x16;
break;
case ItemType.Operation:
itemIcon = Properties.Resources.Operation_16x16;
break;
}
float parentParentItemX = 0.0F;
float parentParentItemY = 0.0F;
if (!this.alreadyPrinted.Contains(item.ItemId))
{
base.WriteLineString(new String('\t', indentLevel), itemIcon, String.Format("{0}{1}", item.Name, (String.IsNullOrEmpty(item.Description) ? String.Empty : String.Format(" - {0}", item.Description))), e);
if (parentItemX == 0 || parentItemY == 0)
{
parentItemX = e.Graphics.MeasureString(new String('\t', indentLevel - 1), base.font).Width + itemIcon.Size.Width / 2;
parentItemY = base.lastY - 1.5F;
}
parentParentItemX = base.lastX + itemIcon.Width / 2;
parentParentItemY = base.lastY + itemIcon.Height + 3;
this.alreadyPrinted.Add(item.ItemId);
if (base.EOP) return true;
}
AuthorizationType authType = AuthorizationType.AllowWithDelegation;
while (true)
{
IAzManAuthorization[] authz = new IAzManAuthorization[item.Authorizations.Count];
string sAuthz = String.Empty;
Image imageType = null;
item.Authorizations.CopyTo(authz, 0); ;
if (authz.Length > 0)
{
if (!this.alreadyPrinted.Contains(item.ItemId.ToString() + authType.ToString()))
{
string sAuthType = String.Empty;
switch (authType)
{
case AuthorizationType.AllowWithDelegation: sAuthType = Globalization.MultilanguageResource.GetString("Domain_AllowWithDelegation"); imageType = Properties.Resources.AllowForDelegation; break;
case AuthorizationType.Allow: sAuthType = Globalization.MultilanguageResource.GetString("Domain_Allow"); imageType = Properties.Resources.Allow; break;
case AuthorizationType.Deny: sAuthType = Globalization.MultilanguageResource.GetString("Domain_Deny"); imageType = Properties.Resources.Deny; break;
case AuthorizationType.Neutral: sAuthType = Globalization.MultilanguageResource.GetString("Domain_Neutral"); imageType = Properties.Resources.Neutral; break;
}
foreach (IAzManAuthorization auth in authz)
{
if (auth.AuthorizationType == authType)
{
string displayName = String.Empty;
MemberType mt = auth.GetMemberInfo(out displayName);
sAuthz += displayName + ", ";
}
}
if (sAuthz.EndsWith(", ")) sAuthz = sAuthz.Remove(sAuthz.Length - 2);
if (!String.IsNullOrEmpty(sAuthz))
{
base.currentX = e.Graphics.MeasureString(new string('\t', indentLevel+1), base.font).Width;
RectangleF rect = new RectangleF(this.currentX, this.currentY, e.PageBounds.Width - this.currentX - e.PageBounds.Left, e.PageBounds.Height - e.PageBounds.Top);
StringFormat sf = new StringFormat();
sf.FormatFlags = StringFormatFlags.NoClip;
sf.Trimming = StringTrimming.Word;
if (this.currentY + this.meauseMultiLines(sAuthz, this.font, rect, sf, e) + this.spaceBetweenLines > e.PageBounds.Bottom - 70)
{
//all authz in the next page
return true;
}
base.WriteLineString(new string('\t', indentLevel + 1), imageType, sAuthType.ToUpper(), e);
base.currentX = e.Graphics.MeasureString(new string('\t', indentLevel + 1), base.font).Width;
base.WriteLineString(sAuthz, e);
this.alreadyPrinted.Add(item.ItemId.ToString() + authType.ToString());
if (base.EOP) return true;
base.WriteLineString(" ", e);
if (base.EOP) return true;
}
}
}
bool stop = false;
switch (authType)
{
case AuthorizationType.AllowWithDelegation: authType = AuthorizationType.Allow; break;
case AuthorizationType.Allow: authType = AuthorizationType.Deny; break;
case AuthorizationType.Deny: authType = AuthorizationType.Neutral; break;
case AuthorizationType.Neutral: stop = true; break;
}
if (stop) break;
}
return false;
}
