public async Task <SecurityDescriptorTargetsViewModel> CreateViewModelAsync(IList <SecurityDescriptorTarget> model)
{
var item = new SecurityDescriptorTargetsViewModel(model, factory, dialogCoordinator, eventPublisher.Invoke(), logger, directory, computerTargetProvider, effectiveAccessFactory, shellExecuteProvider);
await item.Initialization;
return(item);
}
public EffectiveAccessViewModel(IAuthorizationInformationBuilder authorizationBuilder, IDialogCoordinator dialogCoordinator, IDirectory directory, SecurityDescriptorTargetsViewModel targets, ILogger <EffectiveAccessViewModel> logger, IComputerTargetProvider computerTargetProvider)
{
this.authorizationBuilder = authorizationBuilder;
this.dialogCoordinator = dialogCoordinator;
this.directory = directory;
this.targets = targets;
this.computerTargetProvider = computerTargetProvider;
this.logger = logger;
}
public void Merge(SecurityDescriptorTargetsViewModel newTargets, bool merge, bool overwriteExisting)
{
foreach (var newTarget in newTargets.ViewModels)
{
newTarget.Model.LastModified = DateTime.UtcNow;
newTarget.Model.LastModifiedBy = WindowsIdentity.GetCurrent().User.ToString();
newTarget.Model.Created = newTarget.Model.LastModified;
newTarget.Model.CreatedBy = newTarget.Model.LastModifiedBy;
if (!merge)
{
Execute.OnUIThread(() => this.Targets.ViewModels.Add(newTarget));
this.Targets.Model.Add(newTarget.Model);
continue;
}
var existingTarget = this.Targets.ViewModels.FirstOrDefault(t => t.IsModePermission && string.Equals(t.Target, newTarget.Target, StringComparison.OrdinalIgnoreCase));
if (existingTarget == null)
{
Execute.OnUIThread(() => this.Targets.ViewModels.Add(newTarget));
this.Targets.Model.Add(newTarget.Model);
continue;
}
existingTarget.Model.LastModified = newTarget.Model.LastModified;
existingTarget.Model.LastModifiedBy = newTarget.Model.LastModifiedBy;
if (string.IsNullOrWhiteSpace(existingTarget.JitAuthorizingGroup) || overwriteExisting)
{
if (!string.IsNullOrWhiteSpace(newTarget.JitAuthorizingGroup))
{
existingTarget.JitAuthorizingGroup = newTarget.JitAuthorizingGroup;
}
}
if (existingTarget.JitExpireMinutes == 0 || overwriteExisting)
{
if (newTarget.JitExpireMinutes > 0)
{
existingTarget.JitExpireAfter = newTarget.JitExpireAfter;
}
}
if (existingTarget.LapsExpireMinutes == 0 || overwriteExisting)
{
if (newTarget.LapsExpireMinutes > 0)
{
existingTarget.LapsExpireAfter = newTarget.LapsExpireAfter;
}
}
if (string.IsNullOrWhiteSpace(existingTarget.Description) || overwriteExisting)
{
if (!string.IsNullOrWhiteSpace(newTarget.Description))
{
existingTarget.Description = newTarget.Description;
}
}
if (overwriteExisting && newTarget.Notifications.SuccessSubscriptions.Count > 0)
{
existingTarget.Notifications.SuccessSubscriptions.Clear();
existingTarget.Notifications.Model.OnSuccess.Clear();
}
foreach (var notification in newTarget.Notifications.SuccessSubscriptions)
{
if (existingTarget.Notifications.SuccessSubscriptions.All(t => t.Id != notification.Id))
{
existingTarget.Notifications.SuccessSubscriptions.Add(notification);
existingTarget.Notifications.Model.OnSuccess.Add(notification.Id);
}
}
if (overwriteExisting && newTarget.Notifications.FailureSubscriptions.Count > 0)
{
existingTarget.Notifications.FailureSubscriptions.Clear();
existingTarget.Notifications.Model.OnFailure.Clear();
}
foreach (var notification in newTarget.Notifications.FailureSubscriptions)
{
if (existingTarget.Notifications.FailureSubscriptions.All(t => t.Id != notification.Id))
{
existingTarget.Notifications.FailureSubscriptions.Add(notification);
existingTarget.Notifications.Model.OnFailure.Add(notification.Id);
}
}
RawSecurityDescriptor existingrsd = new RawSecurityDescriptor(existingTarget.SecurityDescriptor);
RawSecurityDescriptor newrsd = new RawSecurityDescriptor(newTarget.SecurityDescriptor);
CommonSecurityDescriptor existingsd = new CommonSecurityDescriptor(false, false, existingrsd);
CommonSecurityDescriptor newsd = new CommonSecurityDescriptor(false, false, newrsd);
foreach (var ace in newsd.DiscretionaryAcl.OfType <CommonAce>())
{
existingsd.DiscretionaryAcl.AddAccess((AccessControlType)ace.AceType, ace.SecurityIdentifier, ace.AccessMask, ace.InheritanceFlags, ace.PropagationFlags);
}
existingTarget.SecurityDescriptor = existingsd.GetSddlForm(AccessControlSections.All);
}
}
public EffectiveAccessViewModel CreateViewModel(SecurityDescriptorTargetsViewModel targets)
{
return(new EffectiveAccessViewModel(authorizationBuilder, dialogCoordinator, directory, targets, logger, computerTargetProvider));
}
