public static object Regiser()
{
string configXmlPath = Rally.Framework.Authorization.ModuleConfiguration.DefaultResourceACConfigurationFilePath;
string configXml = "";
if (!IO.File.Exists(configXmlPath))
{
return(null);
}
using (FileStream stream = new FileStream(configXmlPath, FileMode.Open, FileAccess.Read, FileShare.Read))
{
using (StreamReader reader = new StreamReader(stream))
{
configXml = reader.ReadToEnd();
}
}
ResourceAuthConfiguration authConf = XmlUtility.XmlDeserialize <ResourceAuthConfiguration>(configXml, new Type[] { typeof(Resource), typeof(Subject), typeof(Scope), typeof(Action) }, "utf-8");
IAuthorization authorizationManager = Facade.CreateAuthorizationManager();
string regiseredOpId = null, registeredScopeId = null;
string[] ops = authorizationManager.GetDataTypeOperations(null), scopes = authorizationManager.GetDataScopes(null);
List <string> opsRegistered = null, scopesRegistered = null, rolesRegistered = null, allRoles = new List <string>();
List <object> identityResults = null;
if (authConf != null)
{
opsRegistered = new List <string>();
scopesRegistered = new List <string>();
//rolesRegistered = new List<string>();
foreach (var resource in authConf.Resources)
{
if (resource != null)
{
if ((resource.Actions != null) && (resource.Actions.Length > 0))
{
if (ops == null)
{
ops = new string[] { };
}
ops = ops.Select(o => o.ToLower()).ToArray();
foreach (var action in resource.Actions)
{
if ((action != null) && (!ops.Contains(action.ID.ToLower())) && (!opsRegistered.Contains(action.ID.ToLower())))
{
regiseredOpId = (int)authorizationManager.RegisterOperation(resource.Name, action.ID, action.Name) >= 0 ? action.ID : null;
if (!String.IsNullOrEmpty(regiseredOpId))
{
opsRegistered.Add(regiseredOpId.ToLower());
}
}
}
if (Rally.Framework.Authorization.ModuleConfiguration.ShouldDeleteObsoleteOperationsOnRegistration)
{
var obsoleteRoleOps = authorizationManager.GetRoleOperations(null) as IList <IDictionary <string, object> >;
obsoleteRoleOps = obsoleteRoleOps == null ? null : obsoleteRoleOps.Where(ro => !opsRegistered.Contains((string)ro["OperationId"]) && !ops.Contains((string)ro["OperationId"])) as IList <IDictionary <string, object> >;
if (obsoleteRoleOps != null && obsoleteRoleOps.Count > 0)
{
for (int i = 0; i < obsoleteRoleOps.Count; i++)
{
authorizationManager.DeleteOperation((string)obsoleteRoleOps[i]["OperationId"]);
}
}
var obsoleteObjectAuthItems = authorizationManager.GetObjectAuthItems() as IList <IDictionary <string, object> >;
obsoleteObjectAuthItems = obsoleteObjectAuthItems == null ? null : obsoleteObjectAuthItems.Where(oo => !opsRegistered.Contains((string)oo["OperationId"]) && !ops.Contains((string)oo["OperationId"])) as IList <IDictionary <string, object> >;
if (obsoleteObjectAuthItems != null && obsoleteObjectAuthItems.Count > 0)
{
for (int i = 0; i < obsoleteObjectAuthItems.Count; i++)
{
authorizationManager.DeleteOperation((string)obsoleteObjectAuthItems[i]["OperationId"]);
}
}
var obsoleteOps = authorizationManager.GetOperations() as IList <IDictionary <string, object> >;
obsoleteOps = obsoleteOps == null ? null : obsoleteOps.Where(o => !opsRegistered.Contains((string)o["Id"]) && !ops.Contains((string)o["Id"])) as IList <IDictionary <string, object> >;
if (obsoleteOps != null && obsoleteOps.Count > 0)
{
for (int i = 0; i < obsoleteOps.Count; i++)
{
authorizationManager.DeleteOperation((string)obsoleteOps[i]["Id"]);
}
}
}
}
if ((resource.Scopes != null) && (resource.Scopes.Length > 0))
{
if (scopes == null)
{
scopes = new string[] { };
}
scopes = scopes.Select(s => s.ToLower()).ToArray();
foreach (var scope in resource.Scopes)
{
if ((scope != null) && (!scopes.Contains(scope.ID.ToLower())) && (!scopesRegistered.Contains(scope.ID.ToLower())))
{
registeredScopeId = (int)authorizationManager.RegisterDataScope(resource.Name, scope.ID, scope.Name, scope.Type, resource.Key) >= 0 ? scope.ID : null;
if (!String.IsNullOrEmpty(registeredScopeId))
{
scopesRegistered.Add(registeredScopeId.ToLower());
}
}
}
if (Rally.Framework.Authorization.ModuleConfiguration.ShouldDeleteObsoleteDataScopesOnRegistration)
{
var obsoleteRoleDataScopes = authorizationManager.GetRoleDataScopes(null) as IList <IDictionary <string, object> >;
obsoleteRoleDataScopes = obsoleteRoleDataScopes == null ? null : obsoleteRoleDataScopes.Where(rd => !!scopesRegistered.Contains((string)rd["DataScopeId"]) && !scopes.Contains((string)rd["DataScopeId"])) as IList <IDictionary <string, object> >;
if (obsoleteRoleDataScopes != null && obsoleteRoleDataScopes.Count > 0)
{
for (int i = 0; i < obsoleteRoleDataScopes.Count; i++)
{
authorizationManager.DeleteDataScope((string)obsoleteRoleDataScopes[i]["DataScopeId"]);
}
}
var obsoleteDataScopes = authorizationManager.GetDataScopes(null) as string[];
obsoleteDataScopes = obsoleteDataScopes == null ? null : obsoleteDataScopes.Where(ds => !scopesRegistered.Contains(ds) && !scopes.Contains(ds)) as string[];
if (obsoleteDataScopes != null && obsoleteDataScopes.Length > 0)
{
for (int i = 0; i < obsoleteDataScopes.Length; i++)
{
authorizationManager.DeleteDataScope(obsoleteDataScopes[i]);
}
}
}
}
if ((resource.Subjects != null) && (resource.Subjects.Length > 0))
{
var accountManager = Facade.CreateAccountManager();
var userManager = Facade.CreateUserManager();
IDictionary <string, string> rolesToRegister = new Dictionary <string, string>();
IDictionary <string, string> roleDescriptions = new Dictionary <string, string>();
foreach (var subject in resource.Subjects)
{
if (subject.Type.ToLower() == "fixedrole")
{
allRoles.Add(subject.ID);
if (!authorizationManager.RoleExists(subject.ID, subject.Name))
{
rolesToRegister.Add(subject.ID, subject.Name);
roleDescriptions.Add(subject.ID, subject.Description);
}
}
else if (subject.Type.ToLower() == "fixeduser")
{
bool userExists = userManager.UserExists(subject.ID, subject.Name);
var identityUser = accountManager.GetAccount(subject.ID);
if (identityUser == null)
{
identityUser = accountManager.GetAccountByNickName(subject.Name);
}
if ((identityUser != null) && userExists && Rally.Framework.Authorization.ModuleConfiguration.ShouldDeleteObsoleteUsersOnRegistration)
{
}
if (identityUser == null && !userExists)
{
userManager.AddUser <Core.DomainModel.Account>(subject.ID, subject.Name, Rally.Framework.Authentication.ModuleConfiguration.DefaultFixedUserPassword, (u) => {
string userId = u.ToString();
var account = new Core.DomainModel.Account()
{
ID = userId,
Name = subject.Name,
NickName = subject.Name
};
accountManager.AddAccount(account);
return(account);
});
}
}
}
rolesRegistered = (int)authorizationManager.AddRoles(rolesToRegister, roleDescriptions) >= 0 ? rolesRegistered : null;
if (rolesRegistered == null)
{
rolesRegistered = new List <string>();
}
if (Rally.Framework.Authorization.ModuleConfiguration.ShouldDeleteObsoleteRolesOnRegistration)
{
var obsoleteRoleDataScopes = authorizationManager.GetRoleDataScopes(null) as IList <IDictionary <string, object> >;
obsoleteRoleDataScopes = obsoleteRoleDataScopes == null ? null : obsoleteRoleDataScopes.Where(rd => !rolesRegistered.Contains((string)rd["RoleId"])) as IList <IDictionary <string, object> >;
if (obsoleteRoleDataScopes != null && obsoleteRoleDataScopes.Count > 0)
{
for (int i = 0; i < obsoleteRoleDataScopes.Count; i++)
{
authorizationManager.DeleteDataScope((string)obsoleteRoleDataScopes[i]["DataScopeId"]);
}
}
var obsoleteRoleOps = authorizationManager.GetRoleOperations(null) as IList <IDictionary <string, object> >;
obsoleteRoleOps = obsoleteRoleOps == null ? null : obsoleteRoleOps.Where(ro => !opsRegistered.Contains((string)ro["RoleId"]) && !ops.Contains((string)ro["RoleId"])) as IList <IDictionary <string, object> >;
if (obsoleteRoleOps != null && obsoleteRoleOps.Count > 0)
{
for (int i = 0; i < obsoleteRoleOps.Count; i++)
{
authorizationManager.DeleteOperation((string)obsoleteRoleOps[i]["OperationId"]);
}
}
var obsoleteRoles = authorizationManager.GetRoles() as IList <IDictionary <string, object> >;
obsoleteRoles = obsoleteRoles == null ? null : obsoleteRoles.Where(r => !rolesRegistered.Contains((string)r["Id"]) && !allRoles.Contains((string)r["Id"])) as IList <IDictionary <string, object> >;
if (obsoleteRoles != null && obsoleteRoles.Count > 0)
{
for (int i = 0; i < obsoleteRoles.Count; i++)
{
authorizationManager.DeleteRole((string)obsoleteRoles[i]["Id"]);
}
}
}
}
}
}
}
return(((opsRegistered != null) || (scopesRegistered != null) || (rolesRegistered != null) || (identityResults != null)) ? new object[] { opsRegistered, scopesRegistered, rolesRegistered, identityResults } : null);
}
//public static ILogger Logger = null;
//public static IExHandler ExceptionHandler = null;
//public static ITracer Tracer = null;
public static object Regiser()
{
string configXmlPath = DefaultResourceACConfigurationFilePath;
string configXml = "";
using (FileStream stream = new System.IO.FileStream(configXmlPath, FileMode.Open, FileAccess.Read, FileShare.Read))
{
using (StreamReader reader = new StreamReader(stream))
{
configXml = reader.ReadToEnd();
}
}
ResourceAuthConfiguration authConf = XmlUtility.XmlDeserialize(configXml, typeof(ResourceAuthConfiguration), new Type[] { typeof(Resource), typeof(Subject), typeof(Scope), typeof(Action) }, "utf-8") as ResourceAuthConfiguration;
ISecurityManager securityManager = new SecurityManager();
string regiseredOpId = null, registeredScopeId = null;
string[] ops = securityManager.GetDataTypeOperations(null), scopes = securityManager.GetDataScopes(null);
List <string> opsRegistered = null, scopesRegistered = null, rolesRegistered = null, allRoles = new List <string>();
List <object> identityResults = null;
if (authConf != null)
{
opsRegistered = new List <string>();
scopesRegistered = new List <string>();
//rolesRegistered = new List<string>();
foreach (var resource in authConf.Resources)
{
if (resource != null)
{
if ((resource.Actions != null) && (resource.Actions.Length > 0))
{
//ops = securityManager.GetDataTypeOperations(resource.Name);
foreach (var action in resource.Actions)
{
if ((action != null) && (!ops.Contains(action.ID.ToLower())) && (!opsRegistered.Contains(action.ID.ToLower())))
{
regiseredOpId = (string)securityManager.RegisterOperation(resource.Name, action.ID, action.Name);
if (!String.IsNullOrEmpty(regiseredOpId))
{
opsRegistered.Add(regiseredOpId.ToLower());
}
}
}
if (ShouldDeleteObsoleteOperationsOnRegistration)
{
using (AuthEntityModelContainer context = new AuthEntityModelContainer())
{
var obsoleteRoleOps = context.RoleOperations.Where(ro => !opsRegistered.Contains(ro.OperationId) && !ops.Contains(ro.OperationId));
context.RoleOperations.RemoveRange(obsoleteRoleOps.ToArray());
var obsoleteObjectAuthItems = context.ObjectOperationAuthItems.Where(oo => !opsRegistered.Contains(oo.OperationId) && !ops.Contains(oo.OperationId));
context.ObjectOperationAuthItems.RemoveRange(obsoleteObjectAuthItems.ToArray());
var obsoleteOps = context.Operations.Where(o => !opsRegistered.Contains(o.Id) && !ops.Contains(o.Id));
context.Operations.RemoveRange(obsoleteOps.ToArray());
context.SaveChanges();
}
}
}
if ((resource.Scopes != null) && (resource.Scopes.Length > 0))
{
//scopes = securityManager.GetDataScopes(resource.Name);
foreach (var scope in resource.Scopes)
{
if ((scope != null) && (!scopes.Contains(scope.ID.ToLower())) && (!scopesRegistered.Contains(scope.ID.ToLower())))
{
registeredScopeId = (string)securityManager.RegisterDataScope(resource.Name, scope.ID, scope.Name, scope.Type, resource.Key);
if (!String.IsNullOrEmpty(registeredScopeId))
{
scopesRegistered.Add(registeredScopeId.ToLower());
}
}
}
if (ShouldDeleteObsoleteDataScopesOnRegistration)
{
using (AuthEntityModelContainer context = new AuthEntityModelContainer())
{
var obsoleteRoleDataScopes = context.RoleDataScopes.Where(rd => !scopesRegistered.Contains(rd.DataScopeId) && !scopes.Contains(rd.DataScopeId));
context.RoleDataScopes.RemoveRange(obsoleteRoleDataScopes.ToArray());
var obsoleteDataScopes = context.DataScopes.Where(ds => !scopesRegistered.Contains(ds.Id) && !scopes.Contains(ds.Id));
context.DataScopes.RemoveRange(obsoleteDataScopes.ToArray());
context.SaveChanges();
}
}
}
if ((resource.Subjects != null) && (resource.Subjects.Length > 0))
{
//var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(new MySQLDatabase(ModuleConfiguration.DefaultIdentityStoreConnectionName)));
//var userManager = new UserManager<IdentityUser>(new UserStore<IdentityUser>(new MySQLDatabase(ModuleConfiguration.DefaultIdentityStoreConnectionName)));
var roleManager = new RoleManager <IdentityRole>(new RoleStore <IdentityRole>(new IdentityDbContext(ModuleConfiguration.DefaultIdentityStoreConnectionName)));
var userManager = new UserManager <IdentityUser>(new UserStore <IdentityUser>(new IdentityDbContext(ModuleConfiguration.DefaultIdentityStoreConnectionName)));
IDictionary <string, string> rolesToRegister = new Dictionary <string, string>();
IDictionary <string, string> roleDescriptions = new Dictionary <string, string>();
IdentityUser identityUser = null;
IdentityResult identityResult = null;
identityResults = new List <object>();
foreach (var subject in resource.Subjects)
{
if (subject.Type.ToLower() == "fixedrole")
{
allRoles.Add(subject.ID);
if (!roleManager.RoleExists(subject.Name))
{
rolesToRegister.Add(subject.ID, subject.Name);
roleDescriptions.Add(subject.ID, subject.Description);
}
}
else if (subject.Type.ToLower() == "fixeduser")
{
identityUser = userManager.FindById(subject.ID);
if (identityUser == null)
{
identityUser = userManager.FindByName(subject.Name);
}
if ((identityUser != null) && ShouldDeleteObsoleteUsersOnRegistration)
{
foreach (var role in roleManager.Roles)
{
identityResult = userManager.RemoveFromRole(identityUser.Id, role.Name);
identityResults.Add(identityResult);
}
identityResult = userManager.Delete(identityUser);
identityResults.Add(identityResult);
if (identityResult.Succeeded)
{
identityUser = null;
}
}
if (identityUser == null)
{
identityUser = new IdentityUser()
{
Id = subject.ID,
UserName = subject.Name,
Email = String.Format(DefaultFixedUserEmailTemplate, subject.Name),
//Description = subject.Description,
//UserType = 1
};
identityResult = userManager.Create(identityUser, DefaultFixedUserPassword);
identityResults.Add(identityResult);
}
}
}
rolesRegistered = securityManager.AddRoles(rolesToRegister, roleDescriptions) as List <string>;
if (rolesRegistered == null)
{
rolesRegistered = new List <string>();
}
if (ShouldDeleteObsoleteRolesOnRegistration)
{
using (AuthEntityModelContainer context = new AuthEntityModelContainer())
{
var obsoleteRoleDataScopes = context.RoleDataScopes.Where(rd => !rolesRegistered.Contains(rd.RoleId) && !scopes.Contains(rd.RoleId));
context.RoleDataScopes.RemoveRange(obsoleteRoleDataScopes.ToArray());
var obsoleteRoleOps = context.RoleOperations.Where(ro => !rolesRegistered.Contains(ro.RoleId) && !ops.Contains(ro.RoleId));
context.RoleOperations.RemoveRange(obsoleteRoleOps.ToArray());
context.SaveChanges();
}
var obsoleteRoles = roleManager.Roles.Where(r => !rolesRegistered.Contains(r.Id) && !allRoles.Contains(r.Id));
if (obsoleteRoles != null)
{
var users = userManager.Users;
foreach (var role in obsoleteRoles.ToArray())
{
foreach (var user in users)
{
identityResult = userManager.RemoveFromRole(user.Id, role.Name);
identityResults.Add(identityResult);
}
identityResult = roleManager.Delete(role);
identityResults.Add(identityResult);
}
}
}
}
}
}
}
return(((opsRegistered != null) || (scopesRegistered != null) || (rolesRegistered != null) || (identityResults != null)) ? new object[] { opsRegistered, scopesRegistered, rolesRegistered, identityResults } : null);
}
