private void btnAdd_Click(object sender, EventArgs e)
{
try
{
SearchForm srch = new SearchForm(this.console, SearchForm.SearchMode.Group);
srch.ShowDialog(this);
//get list of groups from the search form.
ListView.SelectedListViewItemCollection items = srch.lvMembers.SelectedItems;
//first update the database, then get it from there.
//for now only one item can be included
if (items != null && items.Count > 0)
{
_User.GroupId = ((GroupItem)items[0]).GroupView.GroupId;
UserStorageView[] users = new UserStorageView[1];
users[0] = this._User;
console.Manager.Admon_UpdateUsers(console.Credentials, users);
}
GetGroupMembershipData();
}
catch (Exception ex)
{
MessageBox.Show("Error changing membership:" + ex.Message, "User Properties", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
//-----------------------------------------------------------------------------------------------
/// <summary>
/// Adds the list of users to the Alchemi database
///
/// </summary>
/// <param name="sc">security credentials to verify if the user has permissions to perform this operation.
/// (i.e add list of users, which is associated with the permission: ManageUsers).</param>
/// <param name="adds">a DataTable object containing the list of users to be added</param>
public void Admon_AddUsers(SecurityCredentials sc, UserStorageView[] adds)
{
AuthenticateUser(sc);
EnsurePermission(sc, Permission.ManageUsers);
ManagerStorageFactory.ManagerStorage().AddUsers(adds);
}
public void PasswordMd5HashTestHasComputing()
{
const string password = "******";
UserStorageView user = new UserStorageView("test", password, 1);
Assert.AreEqual(UserMD5Hash, user.PasswordMd5Hash);
}
public void PasswordMd5HashTestHashRecomputedAfterPasswordChanged()
{
UserStorageView user = new UserStorageView("test");
user.PasswordMd5Hash = UserMD5Hash;
// confirm that the hash is properly initiated
Assert.AreEqual(UserMD5Hash, user.PasswordMd5Hash);
user.Password = "******";
// confirm that the hash is computed again if the password was changed
Assert.AreEqual(AdminMD5Hash, user.PasswordMd5Hash);
}
public void SetData(UserStorageView User)
{
this._User = User;
this.Text = User.Username + " Properties";
this.lbName.Text = User.Username;
GetGroupMembershipData();
if (User.IsSystem)
{
//we cant change group membership
btnAdd.Enabled = false;
btnRemove.Enabled = false;
}
}
// public void UpdateGroupMembership(GroupStorageView group, UserStorageView[] users)
// {
// //todo : usr_grp //put this in the parent interface also
// //delete all existing members, and add these members.
// }
public void UpdateUsers(UserStorageView[] updates)
{
if (updates == null)
{
return;
}
foreach (UserStorageView user in updates)
{
string sqlQuery;
if (user.Password != null && user.Password != "")
{
logger.Debug("Updating password AND group id...." + user.PasswordMd5Hash);
sqlQuery = String.Format("update usr set password='******', grp_id={2} where usr_name='{0}'",
Utils.MakeSqlSafe(user.Username),
Utils.MakeSqlSafe(user.PasswordMd5Hash),
user.GroupId);
}
else
{
logger.Debug("Updating only group id....");
//just change only the group. dont touch the password.
sqlQuery = String.Format("update usr set grp_id={1} where usr_name='{0}'",
Utils.MakeSqlSafe(user.Username),
user.GroupId);
}
RunSql(sqlQuery);
}
}
/// <summary>
/// Add users to a database
/// </summary>
/// <param name="users"></param>
public void AddUsers(UserStorageView[] users)
{
if (users == null)
{
return;
}
foreach (UserStorageView user in users)
{
string sqlQuery;
// sqlQuery = String.Format("insert usr(usr_id, usr_name, password) values({0}, '{1}', '{2}')",
// user.UserId,
// Utils.MakeSqlSafe(user.Username),
// Utils.MakeSqlSafe(user.Password),
// );
sqlQuery = String.Format("insert into usr(usr_name, password, grp_id, is_system) values('{0}', '{1}', {2}, {3})",
Utils.MakeSqlSafe(user.Username),
Utils.MakeSqlSafe(user.PasswordMd5Hash),
user.GroupId,
user.IsSystem ? 1 : 0);
RunSql(sqlQuery);
}
}
public void AuthenticateUserTestSimpleScenario()
{
int groupId = 12;
UserStorageView[] users = new UserStorageView[1];
users[0] = new UserStorageView("username1", "password1", groupId);
_managerStorage.AddUsers(users);
SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashType.MD5));
AuthenticateUser(sc);
// the above throws an exception if something is wrong so we are doing OK if we get this far
Assert.IsTrue(true);
}
private void AddUser(string username, string password, int groupId)
{
UserStorageView[] users = new UserStorageView[1];
users[0] = new UserStorageView(username, password, groupId);
ManagerStorage.AddUsers(users);
}
public void DeleteUser(UserStorageView userToDelete)
{
if (userToDelete == null)
{
return;
}
IObjectContainer container = GetStorage();
try
{
IList<UserStorageView> users =
container.Query<UserStorageView>(delegate(UserStorageView userFinder)
{
return userFinder.Username == userToDelete.Username;
});
if (users.Count > 0)
container.Delete(users[0]);
}
finally
{
container.Close();
}
}
private void UpdateUser()
{
int groupId = -1;
try
{
//get the groupId from the listview.
if (lvGrp.Items != null && lvGrp.Items.Count > 0)
{
if (lvGrp.Items[0] is GroupItem)
{
GroupItem grpItem = (GroupItem)lvGrp.Items[0];
groupId = grpItem.GroupView.GroupId; //set the group Id. For now, a user can be part of one group only.
}
}
if ((groupId != _User.GroupId) && (groupId != -1))
{
UserStorageView[] users = new UserStorageView[1];
users[0] = _User;
console.Manager.Admon_UpdateUsers(console.Credentials, users);
}
else
{
if (groupId == -1)
{
//dont update the user.
MessageBox.Show("Cannot update user: The User is not assigned to any group!", "Edit User", MessageBoxButtons.OK, MessageBoxIcon.Warning);
}
}
}
catch (Exception ex)
{
MessageBox.Show("Error updating user:"******"Update User", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
/// <summary>
/// Create the default objects to complete initializing the manager storage.
/// </summary>
/// <param name="managerStorage"></param>
protected void CreateDefaultObjects(IManagerStorage managerStorage)
{
// create default groups
ArrayList defaultGroups = new ArrayList();
GroupStorageView newGroup;
newGroup = new GroupStorageView(c_AdminsGroupId, "Administrators");
newGroup.Description = "Administrators Group";
newGroup.IsSystem = true;
defaultGroups.Add(newGroup);
newGroup = new GroupStorageView(c_ExecutorsGroupId, "Executors");
newGroup.Description = "Executors Group";
newGroup.IsSystem = true;
defaultGroups.Add(newGroup);
newGroup = new GroupStorageView(c_UsersGroupId, "Users");
newGroup.Description = "Users Group";
newGroup.IsSystem = true;
defaultGroups.Add(newGroup);
managerStorage.AddGroups((GroupStorageView[])defaultGroups.ToArray(typeof(GroupStorageView)));
// set default permissions
//permissions for admins group
managerStorage.AddGroupPermission(c_AdminsGroupId, Permission.ExecuteThread);
managerStorage.AddGroupPermission(c_AdminsGroupId, Permission.ManageOwnApp);
managerStorage.AddGroupPermission(c_AdminsGroupId, Permission.ManageAllApps);
managerStorage.AddGroupPermission(c_AdminsGroupId, Permission.ManageUsers);
//permissions for executors group
managerStorage.AddGroupPermission(c_ExecutorsGroupId, Permission.ExecuteThread);
//permissions for users group
managerStorage.AddGroupPermission(c_UsersGroupId, Permission.ManageOwnApp);
// create default users
ArrayList defaultUsers = new ArrayList();
UserStorageView newUser;
newUser = new UserStorageView("admin", "admin", c_AdminsGroupId);
newUser.IsSystem = true;
defaultUsers.Add(newUser);
newUser = new UserStorageView("executor", "executor", c_ExecutorsGroupId);
newUser.IsSystem = true;
defaultUsers.Add(newUser);
newUser = new UserStorageView("user", "user", c_UsersGroupId);
newUser.IsSystem = true;
defaultUsers.Add(newUser);
managerStorage.AddUsers((UserStorageView[])defaultUsers.ToArray(typeof(UserStorageView)));
}
public void UpdateUsers(UserStorageView[] updates)
{
if (updates == null)
{
return;
}
IObjectContainer container = GetStorage();
try
{
foreach (UserStorageView userInUpdates in updates)
{
UserStorageView user = null;
IList<UserStorageView> users = container.Query<UserStorageView>(delegate(UserStorageView userFinder)
{
return userFinder.Username == userInUpdates.Username;
});
if (users.Count > 0)
{
user = users[0];
user.Password = userInUpdates.Password;
user.GroupId = userInUpdates.GroupId;
container.Set(user);
}
}
}
finally
{
container.Close();
}
}
public void DeleteUser(UserStorageView userToDelete)
{
if (userToDelete == null)
{
return;
}
string sqlQuery;
sqlQuery = String.Format("delete from usr where usr_name='{0}'",
Utils.MakeSqlSafe(userToDelete.Username));
logger.Debug(String.Format("Deleting user {0}", userToDelete.Username));
RunSql(sqlQuery);
}
public void Admon_DeleteUser(SecurityCredentials sc, UserStorageView userToDelete)
{
AuthenticateUser(sc);
EnsurePermission(sc, Permission.ManageUsers);
ManagerStorageFactory.ManagerStorage().DeleteUser(userToDelete);
}
public void PasswordMd5HashTestSettingHashDirectly()
{
UserStorageView user = new UserStorageView("test");
user.PasswordMd5Hash = UserMD5Hash;
// confirm that the hash is properly set even if the password was not set
Assert.AreEqual(UserMD5Hash, user.PasswordMd5Hash);
// the clear-text password should be removed if a hash is set directly
Assert.IsNull(user.Password);
}
public void EnsurePermissionTestSimpleScenario()
{
int groupId = 12;
GroupStorageView[] groups = new GroupStorageView[1];
groups[0] = new GroupStorageView(groupId, "test1");
UserStorageView[] users = new UserStorageView[1];
users[0] = new UserStorageView("username1", "password1", groupId);
_managerStorage.AddGroups(groups);
_managerStorage.AddUsers(users);
_managerStorage.AddGroupPermission(groupId, Permission.ExecuteThread);
SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashType.MD5));
EnsurePermission(sc, Permission.ExecuteThread);
// the above throws an exception if something is wrong so we are doing OK if we get this far
Assert.IsTrue(true);
}
private void SetupApplicationsGroupsAndUsers(Permission permission)
{
// add permissions
int groupId = 12;
GroupStorageView[] groups = new GroupStorageView[1];
groups[0] = new GroupStorageView(groupId, "test1");
UserStorageView[] users = new UserStorageView[1];
users[0] = new UserStorageView("username1", "password1", groupId);
_managerStorage.AddGroups(groups);
_managerStorage.AddUsers(users);
_managerStorage.AddGroupPermission(groupId, permission);
SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashType.MD5));
// add applications, only one assigned to this user
_managerStorage.AddApplication(new ApplicationStorageView("username1"));
_managerStorage.AddApplication(new ApplicationStorageView("username2"));
_managerStorage.AddApplication(new ApplicationStorageView("username3"));
}
public UserStorageView[] GetGroupUsers(int groupId)
{
ArrayList userList = new ArrayList();
using(IDataReader dataReader = RunSqlReturnDataReader(String.Format("select usr_name, password, grp_id, is_system from usr where grp_id={0}", groupId)))
{
while(dataReader.Read())
{
string username = dataReader.GetString(dataReader.GetOrdinal("usr_name"));
string password = dataReader.GetString(dataReader.GetOrdinal("password"));
bool isSystem = false;
if (!dataReader.IsDBNull(dataReader.GetOrdinal("is_system")))
{
isSystem = dataReader.GetBoolean(dataReader.GetOrdinal("is_system"));
}
UserStorageView user = new UserStorageView(username, password, groupId);
user.IsSystem = isSystem;
userList.Add(user);
}
dataReader.Close();
}
return (UserStorageView[])userList.ToArray(typeof(UserStorageView));
}
private UserStorageView[] GetUsers()
{
UserStorageView[] users = new UserStorageView[1];
string username = Utils.MakeSqlSafe(txUsername.Text);
string password = Utils.MakeSqlSafe(txPwd.Text);
int groupId = -1;
foreach (GroupStorageView group in _AllGroups)
{
if (group.GroupName == cboGroup.SelectedItem.ToString())
{
groupId = group.GroupId;
break;
}
}
users[0] = new UserStorageView(username, password, groupId);
return users;
}
public UserStorageView[] GetUsers()
{
UserStorageView[] allUsers;
IObjectContainer container = GetStorage();
try
{
IList<UserStorageView> users =
container.Query<UserStorageView>(delegate(UserStorageView userFinder)
{
return true;
});
if (users.Count > 0)
{
allUsers = new UserStorageView[users.Count];
users.CopyTo(allUsers, 0);
}
else
allUsers = new UserStorageView[0];
}
finally
{
container.Close();
}
return allUsers;
}
public void UpdateUsers(UserStorageView[] updates)
{
if (updates == null)
{
return;
}
for(int indexInList=0; indexInList<_users.Count; indexInList++)
{
UserStorageView userInList = (UserStorageView)_users[indexInList];
foreach(UserStorageView userInUpdates in updates)
{
if (userInList.Username == userInUpdates.Username)
{
userInList.Password = userInUpdates.Password;
userInList.GroupId = userInUpdates.GroupId;
}
}
}
}
public void AddUsers(UserStorageView[] users)
{
if (users == null)
return;
IObjectContainer container = GetStorage();
try
{
foreach (UserStorageView user in users)
container.Set(user);
}
finally
{
container.Close();
}
}
public void AddUsers(UserStorageView[] users)
{
if (users == null)
return;
_users.AddRange(users);
}
public UserStorageView[] GetGroupUsers(int groupId)
{
UserStorageView[] groupUsers;
IObjectContainer container = GetStorage();
try
{
IList<UserStorageView> users =
container.Query<UserStorageView>(delegate(UserStorageView userFinder)
{
return userFinder.GroupId == groupId;
});
if (users.Count > 0)
{
groupUsers = new UserStorageView[users.Count];
users.CopyTo(groupUsers, 0);
}
else
groupUsers = new UserStorageView[0];
}
finally
{
container.Close();
}
return groupUsers;
}
public void DeleteUser(UserStorageView userToDelete)
{
if (userToDelete == null)
{
return;
}
ArrayList remainingUsers = new ArrayList();
for(int indexInList=0; indexInList<_users.Count; indexInList++)
{
UserStorageView userInList = (UserStorageView)_users[indexInList];
if (userInList.Username != userToDelete.Username)
{
remainingUsers.Add(userInList);
}
}
_users = remainingUsers;
}
public UserStorageView GetUser(string username)
{
ArrayList userList = new ArrayList();
UserStorageView user = null;
string sqlQuery = String.Format("select usr_name, password, grp_id, is_system from usr where usr_name = '{0}'",
Utils.MakeSqlSafe(username));
using (IDataReader dataReader = RunSqlReturnDataReader(sqlQuery))
{
if (dataReader.Read())
{
string password = dataReader.GetString(dataReader.GetOrdinal("password"));
int groupId = dataReader.GetInt32(dataReader.GetOrdinal("grp_id"));
bool isSystem = false;
if (!dataReader.IsDBNull(dataReader.GetOrdinal("is_system")))
{
isSystem = dataReader.GetBoolean(dataReader.GetOrdinal("is_system"));
}
user = new UserStorageView(username);
user.PasswordMd5Hash = password;
user.GroupId = groupId;
user.IsSystem = isSystem;
}
dataReader.Close();
}
return (user);
}
public UserStorageView[] GetUsers()
{
ArrayList userList = new ArrayList();
using(IDataReader dataReader = RunSqlReturnDataReader("select usr_name, password, grp_id, is_system from usr"))
{
while(dataReader.Read())
{
string username = dataReader.GetString(dataReader.GetOrdinal("usr_name"));
string password = dataReader.GetString(dataReader.GetOrdinal("password"));
int groupId = dataReader.GetInt32(dataReader.GetOrdinal("grp_id"));
bool isSystem = false;
if (!dataReader.IsDBNull(dataReader.GetOrdinal("is_system")))
{
isSystem = dataReader.GetBoolean(dataReader.GetOrdinal("is_system"));
}
UserStorageView user = new UserStorageView(username);
user.PasswordMd5Hash = password;
user.GroupId = groupId;
user.IsSystem = isSystem;
userList.Add(user);
}
dataReader.Close();
}
return (UserStorageView[])userList.ToArray(typeof(UserStorageView));
}
private void btnChgPwd_Click(object sender, EventArgs e)
{
bool changed = false;
try
{
PasswordForm pwdform = new PasswordForm();
pwdform.ShowDialog(this);
//try to change the password for this user.
if (pwdform.Password != null)
{
UserStorageView[] users = new UserStorageView[1];
users[0] = _User;
_User.Password = pwdform.Password;
console.Manager.Admon_UpdateUsers(console.Credentials, users);
changed = true;
//update the console credentials if needed
if (console.Credentials.Username == _User.Username)
{
console.Credentials.Password = pwdform.Password;
}
}
}
catch (Exception ex)
{
changed = false;
MessageBox.Show("Error changing password:"******"Change Password", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
finally
{
if (changed)
{
MessageBox.Show("Password changed successfully.", "Change Password", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
}
}
public void UpdateUsersTest2()
{
UserStorageView[] userUpdates = new UserStorageView[1];
userUpdates[0] = new UserStorageView("username1", "password2", 55);
ManagerStorage.UpdateUsers(userUpdates);
UserStorageView[] users = ManagerStorage.GetUsers();
Assert.AreEqual(c_DefaultUserCount, users.Length);
}
