public void Setup()
{
AzManAuthorizationProviderData azManProviderdata = new AzManAuthorizationProviderData();
azManProviderdata.Name = "AzMan Provider";
SecuritySettings settings = new SecuritySettings();
settings.AuthorizationProviders.Add(azManProviderdata);
registrations = settings.GetRegistrations(null);
}
/// <summary>
/// This method supports the Enterprise Library infrastructure and is not intended to be used directly from your code.
/// Builds an <see cref="AzManAuthorizationProvider"/> based on an instance of <see cref="AzManAuthorizationProviderData"/>.
/// </summary>
/// <seealso cref="AuthorizationProviderCustomFactory"/>
/// <param name="context">The <see cref="IBuilderContext"/> that represents the current building process.</param>
/// <param name="objectConfiguration">The configuration object that describes the object to build. Must be an instance of <see cref="AzManAuthorizationProviderData"/>.</param>
/// <param name="configurationSource">The source for configuration objects.</param>
/// <param name="reflectionCache">The cache to use retrieving reflection information.</param>
/// <returns>A fully initialized instance of <see cref="AzManAuthorizationProvider"/>.</returns>
public IAuthorizationProvider Assemble(IBuilderContext context, AuthorizationProviderData objectConfiguration, IConfigurationSource configurationSource, ConfigurationReflectionCache reflectionCache)
{
AzManAuthorizationProviderData castedObjectConfiguration
= (AzManAuthorizationProviderData)objectConfiguration;
IAuthorizationProvider createdObject
= new AzManAuthorizationProvider(
castedObjectConfiguration.StoreLocation,
castedObjectConfiguration.Application,
castedObjectConfiguration.AuditIdentifierPrefix,
castedObjectConfiguration.Scope);
return(createdObject);
}
public void AzManAuthorizationProviderNodeTest()
{
string name = "some name";
string auditIdentifierPrefix = "pFix";
string storeLocation = "some store location";
string scope = "some scope";
AzManAuthorizationProviderData data = new AzManAuthorizationProviderData();
data.Name = name;
data.AuditIdentifierPrefix = auditIdentifierPrefix;
data.StoreLocation = storeLocation;
data.Scope = scope;
AzManAuthorizationProviderNode node = new AzManAuthorizationProviderNode(data);
Assert.AreEqual(name, node.Name);
Assert.AreEqual(auditIdentifierPrefix, node.AuditIdentifierPrefix);
Assert.AreEqual(storeLocation, node.StoreLocation);
Assert.AreEqual(scope, node.Scope);
}
private object[] GetTaskOperations(AzManAuthorizationProviderData data, IAzApplication azApp, string[] tasks)
{
string[] scopes = new string[] {data.Scope};
StringCollection operations = new StringCollection();
foreach (String task in tasks)
{
IAzScope scope = null;
if ((scopes != null) && (scopes[0].Length > 0))
{
scope = azApp.OpenScope(scopes[0], null);
}
IAzTask azTask = null;
if (scope != null)
{
azTask = scope.OpenTask(task, null);
}
else
{
azTask = azApp.OpenTask(task, null);
}
Array ops = azTask.Operations as Array;
Debug.Assert(ops != null);
foreach (String op in ops)
{
operations.Add(op);
}
}
if (operations.Count == 0)
{
throw new ConfigurationException(SR.NoOperations);
}
object[] operationIds = new object[operations.Count];
for (int index = 0; index < operations.Count; index++)
{
operationIds[index] = azApp.OpenOperation(operations[index], null).OperationID;
}
return operationIds;
}
/// <devdoc>
/// Gets the client context for the call based on the identity, system and parameters.
/// </devdoc>
private IAzClientContext GetClientContext(AzManAuthorizationProviderData data, IIdentity identity, String applicationName, out IAzApplication azApp)
{
WindowsIdentity winIdentity = identity as WindowsIdentity;
if (winIdentity == null)
{
throw new ArgumentException(SR.WindowsIdentityOnly);
}
AzAuthorizationStoreClass store = new AzAuthorizationStoreClass();
store.Initialize(0, data.StoreLocation, null);
azApp = store.OpenApplication(applicationName, null);
Debug.Assert(azApp != null, "could not open the application");
ulong tokenHandle = (ulong) winIdentity.Token.ToInt64();
IAzClientContext clientCtx = azApp.InitializeClientContextFromToken(tokenHandle, null);
Debug.Assert(clientCtx != null, "could not get the context");
return clientCtx;
}
/// <devdoc>
/// Checks access to specified a set of tasks in a specified application in a specified scope.
/// </devdoc>
private bool CheckAccessTasks(AzManAuthorizationProviderData data, string auditIdentifier, IIdentity identity, string[] tasks)
{
string[] scopes = new string[] {data.Scope};
IAzApplication azApp = null;
try
{
IAzClientContext clientCtx = GetClientContext(data, identity, data.Application, out azApp);
Debug.Assert(azApp != null);
object[] operationIds = GetTaskOperations(data, azApp, tasks);
object[] internalScopes = null;
if (scopes != null)
{
internalScopes = new object[1];
internalScopes[0] = scopes[0];
}
object[] result = (object[]) clientCtx.AccessCheck(auditIdentifier,
internalScopes, operationIds, null, null, null, null, null);
foreach (int accessAllowed in result)
{
if (accessAllowed != 0)
{
return false;
}
}
}
catch (COMException comEx)
{
throw new SecurityException(comEx.Message, comEx);
}
return true;
}
public TestAuthorizationProviderConfigurationView(AzManAuthorizationProviderData data, ConfigurationContext context)
: base(context)
{
this.data = data;
}