/// <summary>
/// See if user authorized
/// </summary>
/// <param name="userName"></param>
/// <param name="domainName"></param>
/// <returns></returns>
public static bool IsAuthorized(
string userName,
string domainName,
out UserInfo ui)
{
bool isAuthorized = false;
if (Security.IsSpecialMobiusAccount(userName) || // see if special Mobius system account
UAL.DbConnectionMx.NoDatabaseAccessIsAvailable) // or if we aren't accessing any real databases
{
ui = CreateDefaultMobiusAccountUserInfo(userName);
isAuthorized = true;
}
else if (UseActiveDirectory) // ActiveDirectory is new method
{
isAuthorized = ActiveDirectoryDao.IsAuthorizedAD(userName, domainName, out ui);
}
else
{
isAuthorized = IsAuthorizedOldMethod(userName, domainName, out ui);
}
if (isAuthorized)
{
RestrictedDatabaseView v = RestrictedDatabaseView.GetRestrictedViewForUser(userName);
if (v != null)
{
ui.RestrictedViewUsers = v.Userids;
ui.RestrictedViewAllowedMetaTables = v.MetaTables;
ui.RestrictedViewAllowedCorpIds = v.CorpIds;
}
ui.GenerallyRestrictedMetatables = RestrictedMetatable.GetUsersGenerallyRestrictedMetatables(userName, domainName);
}
return(isAuthorized);
}
/// <summary>
/// Do initial read of the list of restricted metatables and determine which metatables are restricted to the current user.
/// </summary>
public static HashSet <string> GetUsersGenerallyRestrictedMetatables(string userName, string domainName)
{
StreamReader sr;
HashSet <string> generallyRestrictedMetatables = new HashSet <string>();
bool metatableRestrictionsActive = ServicesIniFile.ReadBool("UseGenerallyRestrictedMetatables", false);
if (!metatableRestrictionsActive)
{
return(null);
}
string dirName = ServicesDirs.MetaDataDir + @"\RestrictedMetatables";
if (!Directory.Exists(dirName))
{
return(null);
}
string fileName = dirName + @"\GenerallyRestrictedMetatables.txt";
if (!File.Exists(fileName))
{
return(null);
}
try
{
sr = new StreamReader(fileName);
}
catch (Exception ex)
{
return(null);
}
List <string> userADGroups = ActiveDirectoryDao.GetGroupCommonNamesUserIsMemberOf(userName, domainName, false);
while (true)
{
string txt = sr.ReadLine();
if (txt == null)
{
break;
}
if (Lex.IsUndefined(txt) || txt.StartsWith(";"))
{
continue;
}
string restrictedMetatableName = txt.Trim().ToUpper();
if (!generallyRestrictedMetatables.Contains(restrictedMetatableName))
{
if (IsGenerallyRestrictedMetatable(restrictedMetatableName, userName, userADGroups))
{
generallyRestrictedMetatables.Add(restrictedMetatableName);
}
}
}
sr.Close();
return(generallyRestrictedMetatables.Count > 0 ? generallyRestrictedMetatables : null);
}
