private static int CheckUserAccess(string connectString, SecurityRequest securityRequest) { int rtnCode = 0; if (securityRequest.Type == "Administrator") { SqlParameter[] ParamList = new SqlParameter[] { new SqlParameter("@UserName", securityRequest.Id), new SqlParameter("@Token", Guid.Parse(securityRequest.Token)), new SqlParameter("@Code", System.Data.SqlDbType.Int) { Direction = System.Data.ParameterDirection.Output } }; Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(connectString, System.Data.CommandType.StoredProcedure, "SP_CheckAdministratorAccessByToken", ParamList); rtnCode = Int32.Parse(ParamList[2].Value.ToString()); } else if (securityRequest.Type == "ProjectUser") { SqlParameter[] ParamList = new SqlParameter[] { new SqlParameter("@UserName", securityRequest.Id), new SqlParameter("@Token", Guid.Parse(securityRequest.Token)), new SqlParameter("@Code", System.Data.SqlDbType.Int) { Direction = System.Data.ParameterDirection.Output } }; Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(connectString, System.Data.CommandType.StoredProcedure, "SP_CheckProjectUserAccessByToken", ParamList); rtnCode = Int32.Parse(ParamList[2].Value.ToString()); } return(rtnCode); }
public static SecurityCode CheckAccess(string connectString,SecurityRequest securityRequest, System.Reflection.MethodBase methodBase) { new HP.TS.Devops.Core.Logger(connectString, "HP.TS.Devops.Security.CheckAccess").Write(string.Format("ID={0},Type={1},Token={2},Method={3}", securityRequest.Id, securityRequest.Type, Guid.Parse(securityRequest.Token), methodBase.Name)); int checkUserAccess = CheckUserAccess(connectString, securityRequest);//-1, 0 ,1 if (checkUserAccess == -1) { return SecurityCode.Timeout;//timeout } else if (checkUserAccess == 0) { return SecurityCode.TokenIssue;//token error } else if (checkUserAccess == 1) { int checkMethodAccess = CheckMethodAccess(connectString, securityRequest, methodBase);//0, 1 if (checkMethodAccess == 0) { return SecurityCode.MethodAccessIssue;//method no access } else if (checkMethodAccess == 1) { return SecurityCode.Success;//success } else { return SecurityCode.UnknownRuleMapIssue;//unknown rulemap error } } else { return SecurityCode.UnknownUserAccessIssue;//unknown user error } }
public static SecurityCode CheckAccess(string connectString, SecurityRequest securityRequest, System.Reflection.MethodBase methodBase) { new HP.TS.Devops.Core.Logger(connectString, "HP.TS.Devops.Security.CheckAccess").Write(string.Format("ID={0},Type={1},Token={2},Method={3}", securityRequest.Id, securityRequest.Type, Guid.Parse(securityRequest.Token), methodBase.Name)); int checkUserAccess = CheckUserAccess(connectString, securityRequest);//-1, 0 ,1 if (checkUserAccess == -1) { return(SecurityCode.Timeout);//timeout } else if (checkUserAccess == 0) { return(SecurityCode.TokenIssue);//token error } else if (checkUserAccess == 1) { int checkMethodAccess = CheckMethodAccess(connectString, securityRequest, methodBase);//0, 1 if (checkMethodAccess == 0) { return(SecurityCode.MethodAccessIssue);//method no access } else if (checkMethodAccess == 1) { return(SecurityCode.Success);//success } else { return(SecurityCode.UnknownRuleMapIssue);//unknown rulemap error } } else { return(SecurityCode.UnknownUserAccessIssue);//unknown user error } }
public static SecurityCode CheckAccess(string connectString, SecurityRequest securityRequest, out string message) { SecurityCode securityCode = CheckAccess(connectString, securityRequest, new System.Diagnostics.StackFrame(1).GetMethod()); message = Enum.GetName(typeof(SecurityCode), securityCode); return(securityCode); }
private static int CheckMethodAccess(string connectString, SecurityRequest securityRequest, System.Reflection.MethodBase methodBase) { SqlParameter[] ParamList = new SqlParameter[] { new SqlParameter("@Rule", securityRequest.Type), new SqlParameter("@Map", methodBase.Name), new SqlParameter("@Return", System.Data.SqlDbType.Int) { Direction = System.Data.ParameterDirection.ReturnValue } }; Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(connectString, System.Data.CommandType.StoredProcedure, "SP_CheckAccess", ParamList); return(Int32.Parse(ParamList[2].Value.ToString())); }
public static SecurityCode CheckAccess(string connectString, SecurityRequest securityRequest) { return CheckAccess(connectString, securityRequest, new System.Diagnostics.StackFrame(1).GetMethod()); }
public static SecurityCode CheckAccess(string connectString, SecurityRequest securityRequest,out string message) { SecurityCode securityCode = CheckAccess(connectString, securityRequest, new System.Diagnostics.StackFrame(1).GetMethod()); message = Enum.GetName(typeof(SecurityCode), securityCode); return securityCode; }
private static int CheckUserAccess(string connectString, SecurityRequest securityRequest) { int rtnCode = 0; if (securityRequest.Type == "Administrator") { SqlParameter[] ParamList = new SqlParameter[] { new SqlParameter("@UserName", securityRequest.Id), new SqlParameter("@Token", Guid.Parse(securityRequest.Token)), new SqlParameter("@Code", System.Data.SqlDbType.Int) { Direction = System.Data.ParameterDirection.Output } }; Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(connectString, System.Data.CommandType.StoredProcedure, "SP_CheckAdministratorAccessByToken", ParamList); rtnCode = Int32.Parse(ParamList[2].Value.ToString()); } else if (securityRequest.Type == "ProjectUser") { SqlParameter[] ParamList = new SqlParameter[] { new SqlParameter("@UserName", securityRequest.Id), new SqlParameter("@Token", Guid.Parse(securityRequest.Token)), new SqlParameter("@Code", System.Data.SqlDbType.Int) { Direction = System.Data.ParameterDirection.Output } }; Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(connectString, System.Data.CommandType.StoredProcedure, "SP_CheckProjectUserAccessByToken", ParamList); rtnCode = Int32.Parse(ParamList[2].Value.ToString()); } return rtnCode; }
private static int CheckMethodAccess(string connectString, SecurityRequest securityRequest, System.Reflection.MethodBase methodBase) { SqlParameter[] ParamList = new SqlParameter[] { new SqlParameter("@Rule", securityRequest.Type), new SqlParameter("@Map", methodBase.Name), new SqlParameter("@Return",System.Data.SqlDbType.Int){ Direction = System.Data.ParameterDirection.ReturnValue } }; Microsoft.ApplicationBlocks.Data.SqlHelper.ExecuteNonQuery(connectString, System.Data.CommandType.StoredProcedure, "SP_CheckAccess", ParamList); return Int32.Parse(ParamList[2].Value.ToString()); }
public void TestCheckAccess() { SecurityRequest securityRequest = new SecurityRequest() { Type = "Administrator" }; HP.TS.Devops.Security.SecurityAction.CheckAccess(this.ConnectString, securityRequest, new StackFrame(1).GetMethod()); }
public static SecurityCode CheckAccess(string connectString, SecurityRequest securityRequest) { return(CheckAccess(connectString, securityRequest, new System.Diagnostics.StackFrame(1).GetMethod())); }