/// <summary>
/// Remove Authorization Delegate
/// </summary>
private void RemoveDelegate()
{
// USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Users
//Sql Storage connection string
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
//Create an instance of SqlAzManStorage class
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
IAzManStore mystore = storage.GetStore("My Store"); //or storage["My Store"]
IAzManApplication myapp = mystore.GetApplication("My Application");
IAzManItem myop = myapp.GetItem("My Operation");
//Retrieve current user identity (delegating user)
WindowsIdentity userIdentity = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()); //for Windows Applications
//WindowsIdentity userIdentity = this.Request.LogonUserIdentity; //for ASP.NET Applications
//Retrieve delegate user Login
NTAccount delegateUserLogin = new NTAccount("DOMAIN", "delegateuseraccount");
//Retrieve delegate user SID
SecurityIdentifier delegateSID = (SecurityIdentifier)delegateUserLogin.Translate(typeof(SecurityIdentifier));
IAzManSid delegateNetSqlAzManSID = new SqlAzManSID(delegateSID);
//Estabilish delegate authorization (only Allow or Deny)
RestrictedAuthorizationType delegateAuthorization = RestrictedAuthorizationType.Allow;
//Remove delegate and all custom attributes
myop.DeleteDelegateAuthorization(userIdentity, delegateNetSqlAzManSID, delegateAuthorization);
}
public bool AddRole(string user, string application, string role)
{
const string store = "CATS";
string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString;
IAzManStorage storage = new SqlAzManStorage(connectionString);
IAzManStore mystore = storage.GetStore(store); //or storage["My Store"]
IAzManApplication myapp = mystore.GetApplication(application);
//mystore.GetApplications();
IAzManItem azManRole = myapp.GetItem(role);
IAzManAuthorization dele = azManRole.CreateAuthorization(
mystore.GetDBUser("Admin").CustomSid,
WhereDefined.Database,
mystore.GetDBUser(user).CustomSid,
WhereDefined.Database,
AuthorizationType.AllowWithDelegation,
null,
null
);
//IAzManAuthorization del = azManRole.CreateDelegateAuthorization(mystore.GetDBUser("Admin"),mystore.GetDBUser(user).CustomSid,RestrictedAuthorizationType.Allow, null,null);
return(true);
}
private UserPermissionCache(IAzManStorage storage, string storeName, string applicationName, bool retrieveAttributes, params KeyValuePair <string, object>[] contextParameters)
{
this.storage = storage;
IAzManStore iStore = this.storage.GetStore(storeName);
this.storeName = storeName;
IAzManApplication iApp = iStore.GetApplication(applicationName);
this.applicationName = applicationName;
this.contextParameters = contextParameters;
this.retrieveAttributes = retrieveAttributes;
}
/// <summary>
/// Navigate through NetSqlAzMan DOM (Document Object Model)
/// </summary>
private void NetSqlAzMan_DOM_Sample()
{
// USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Readers
//Sql Storage connection string
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
//Create an instance of SqlAzManStorage class
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
IAzManStore mystore = storage.GetStore("My Store"); //or storage["My Store"]
IAzManApplication myapp = mystore.GetApplication("My Application");
IAzManItem myop = myapp.GetItem("My Operation");
IAzManAuthorization[] auths = myop.GetAuthorizations();
foreach (IAzManAuthorization auth in auths)
{
IAzManAttribute <IAzManAuthorization>[] attrs = auth.GetAttributes();
foreach (IAzManAttribute <IAzManAuthorization> attr in attrs)
{
string attrKey = attr.Key;
string attrValue = attr.Value;
//do something
}
}
}
