Beispiel #1
0
        public static Models.ValidationResult ValidateUser(Models.CloneDeployUserGroup userGroup, bool isNewUserGroup)
        {
            var validationResult = new Models.ValidationResult();

            if (isNewUserGroup)
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    if (uow.UserGroupRepository.Exists(h => h.Name == userGroup.Name))
                    {
                        validationResult.IsValid = false;
                        validationResult.Message = "This User Group Already Exists";
                        return(validationResult);
                    }
                }
            }
            else
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    var originalUserGroup = uow.UserGroupRepository.GetById(userGroup.Id);
                    if (originalUserGroup.Name != userGroup.Name)
                    {
                        if (uow.UserGroupRepository.Exists(h => h.Name == userGroup.Name))
                        {
                            validationResult.IsValid = false;
                            validationResult.Message = "This User Group Already Exists";
                            return(validationResult);
                        }
                    }
                }
            }

            return(validationResult);
        }
Beispiel #2
0
 public static Models.ValidationResult DeleteGroup(int groupId)
 {
     var result = new ValidationResult();
     using (var uow = new DAL.UnitOfWork())
     {
         BLL.GroupMembership.DeleteAllMembershipsForGroup(groupId);
         BLL.UserGroupManagement.DeleteGroup(groupId);
         BLL.GroupBootMenu.DeleteGroup(groupId);
         BLL.GroupProperty.DeleteGroup(groupId);
         uow.GroupRepository.Delete(groupId);
         result.IsValid = uow.Save();
         return result;
     }
 }
Beispiel #3
0
        public static Models.ValidationResult ValidateUser(Models.CloneDeployUser user, bool isNewUser)
        {
            var validationResult = new Models.ValidationResult();

            if (string.IsNullOrEmpty(user.Name) || !user.Name.All(c => char.IsLetterOrDigit(c) || c == '_'))
            {
                validationResult.IsValid = false;
                validationResult.Message = "User Name Is Not Valid";
                return(validationResult);
            }

            if (isNewUser)
            {
                if (string.IsNullOrEmpty(user.Password))
                {
                    validationResult.IsValid = false;
                    validationResult.Message = "Password Is Not Valid";
                    return(validationResult);
                }

                using (var uow = new DAL.UnitOfWork())
                {
                    if (uow.UserRepository.Exists(h => h.Name == user.Name))
                    {
                        validationResult.IsValid = false;
                        validationResult.Message = "This User Already Exists";
                        return(validationResult);
                    }
                }
            }
            else
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    var originalUser = uow.UserRepository.GetById(user.Id);
                    if (originalUser.Name != user.Name)
                    {
                        if (uow.UserRepository.Exists(h => h.Name == user.Name))
                        {
                            validationResult.IsValid = false;
                            validationResult.Message = "This User Already Exists";
                            return(validationResult);
                        }
                    }
                }
            }

            return(validationResult);
        }
Beispiel #4
0
        public static Models.ValidationResult ValidateGroup(Models.Group group, bool isNewGroup)
        {
            var validationResult = new Models.ValidationResult();

            if (string.IsNullOrEmpty(group.Name) || !group.Name.All(c => char.IsLetterOrDigit(c) || c == '_'))
            {
                validationResult.IsValid = false;
                validationResult.Message = "Group Name Is Not Valid";
                return(validationResult);
            }

            if (isNewGroup)
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    if (uow.GroupRepository.Exists(h => h.Name == group.Name))
                    {
                        validationResult.IsValid = false;
                        validationResult.Message = "This Group Already Exists";
                        return(validationResult);
                    }
                }
            }
            else
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    var originalGroup = uow.GroupRepository.GetById(group.Id);
                    if (originalGroup.Name != group.Name)
                    {
                        if (uow.GroupRepository.Exists(h => h.Name == group.Name))
                        {
                            validationResult.IsValid = false;
                            validationResult.Message = "This Group Already Exists";
                            return(validationResult);
                        }
                    }
                }
            }

            return(validationResult);
        }
Beispiel #5
0
        public static Models.ValidationResult ValidateUser(Models.CloneDeployUser user, bool isNewUser)
        {
            var validationResult = new Models.ValidationResult();

            if (string.IsNullOrEmpty(user.Name) || !user.Name.All(c => char.IsLetterOrDigit(c) || c == '_'))
            {
                validationResult.IsValid = false;
                validationResult.Message = "User Name Is Not Valid";
                return validationResult;
            }

            if (isNewUser)
            {
                if (string.IsNullOrEmpty(user.Password))
                {
                    validationResult.IsValid = false;
                    validationResult.Message = "Password Is Not Valid";
                    return validationResult;
                }

                using (var uow = new DAL.UnitOfWork())
                {
                    if (uow.UserRepository.Exists(h => h.Name == user.Name))
                    {
                        validationResult.IsValid = false;
                        validationResult.Message = "This User Already Exists";
                        return validationResult;
                    }
                }
            }
            else
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    var originalUser = uow.UserRepository.GetById(user.Id);
                    if (originalUser.Name != user.Name)
                    {
                        if (uow.UserRepository.Exists(h => h.Name == user.Name))
                        {
                            validationResult.IsValid = false;
                            validationResult.Message = "This User Already Exists";
                            return validationResult;
                        }
                    }
                }
            }

            return validationResult;
        }
Beispiel #6
0
        public static Models.ValidationResult ValidateGroup(Models.Group group, bool isNewGroup)
        {
            var validationResult = new Models.ValidationResult();

            if (string.IsNullOrEmpty(group.Name) || !group.Name.All(c => char.IsLetterOrDigit(c) || c == '_'))
            {
                validationResult.IsValid = false;
                validationResult.Message = "Group Name Is Not Valid";
                return validationResult;
            }

            if (isNewGroup)
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    if (uow.GroupRepository.Exists(h => h.Name == group.Name))
                    {
                        validationResult.IsValid = false;
                        validationResult.Message = "This Group Already Exists";
                        return validationResult;
                    }
                }
            }
            else
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    var originalGroup = uow.GroupRepository.GetById(group.Id);
                    if (originalGroup.Name != group.Name)
                    {
                        if (uow.GroupRepository.Exists(h => h.Name == group.Name))
                        {
                            validationResult.IsValid = false;
                            validationResult.Message = "This Group Already Exists";
                            return validationResult;
                        }
                    }
                }
            }

            return validationResult;
        }
Beispiel #7
0
        public Models.ValidationResult GlobalLogin(string userName, string password, string loginType)
        {
            var validationResult = new Models.ValidationResult
            {
                Message = "Login Was Not Successful",
                IsValid = false
            };

            //Check if user exists in Clone Deploy
            var user = BLL.User.GetUser(userName);
            if (user == null)
            {
                //Check For a first time LDAP User Group Login
                if (Settings.LdapEnabled == "1")
                {
                    foreach (var ldapGroup in BLL.UserGroup.GetLdapGroups())
                    {
                        if (new BLL.Ldap().Authenticate(userName, password, ldapGroup.GroupLdapName))
                        {
                            //user is a valid ldap user via ldap group that has not yet logged in.
                            //Add the user and allow login.
                            var cdUser = new CloneDeployUser
                            {
                                Name = userName,
                                Salt = Helpers.Utility.CreateSalt(64),
                                Token = Utility.GenerateKey(),
                                IsLdapUser = 1
                            };
                            //Create a local random db pass, should never actually be possible to use.
                            cdUser.Password = Helpers.Utility.CreatePasswordHash(new System.Guid().ToString(), cdUser.Salt);
                            if (BLL.User.AddUser(cdUser).IsValid)
                            {
                                //add user to group
                                var newUser = BLL.User.GetUser(userName);
                                BLL.UserGroup.AddNewGroupMember(ldapGroup,newUser);
                            }
                            validationResult.Message = "Success";
                            validationResult.IsValid = true;
                            break;
                        }
                    }
                }
                return validationResult;
            }

            if (BLL.UserLockout.AccountIsLocked(user.Id))
            {
                BLL.UserLockout.ProcessBadLogin(user.Id);
                validationResult.Message = "Account Is Locked";
                return validationResult;
            }

            //Check against AD
            if (user.IsLdapUser == 1 && Settings.LdapEnabled == "1")
            {
                //Check if user is authenticated against an ldap group
                if (user.UserGroupId != -1)
                {
                    //user is part of a group, is the group an ldap group?
                    var userGroup = BLL.UserGroup.GetUserGroup(user.UserGroupId);
                    if (userGroup != null)
                    {
                        if (userGroup.IsLdapGroup == 1)
                        {
                            //the group is an ldap group
                            //make sure user is still in that ldap group
                            if (new BLL.Ldap().Authenticate(userName, password, userGroup.GroupLdapName))
                            {
                                validationResult.IsValid = true;
                            }
                            else
                            {
                                //user is either not in that group anymore, not in the directory, or bad password
                                validationResult.IsValid = false;

                                if (new BLL.Ldap().Authenticate(userName, password))
                                {
                                    //password was good but user is no longer in the group
                                    //delete the user
                                    BLL.User.DeleteUser(user.Id);
                                }
                            }
                        }
                        else
                        {
                            //the group is not an ldap group
                            //still need to check creds against directory
                            if (new BLL.Ldap().Authenticate(userName, password)) validationResult.IsValid = true;
                        }
                    }
                    else
                    {
                        //group didn't exist for some reason
                        //still need to check creds against directory
                        if (new BLL.Ldap().Authenticate(userName, password)) validationResult.IsValid = true;
                    }
                }
                else
                {
                    //user is not part of a group, check creds against directory
                    if (new BLL.Ldap().Authenticate(userName, password)) validationResult.IsValid = true;
                }

            }
            else if (user.IsLdapUser == 1 && Settings.LdapEnabled != "1")
            {
                //prevent ldap user from logging in with local pass if ldap auth gets turned off
                validationResult.IsValid = false;
            }
            //Check against local DB
            else
            {
                var hash = Helpers.Utility.CreatePasswordHash(password, user.Salt);
                if (user.Password == hash) validationResult.IsValid = true;
            }

            if (validationResult.IsValid)
            {
                BLL.UserLockout.DeleteUserLockouts(user.Id);
                validationResult.Message = "Success";
                return validationResult;
            }
            else
            {
                BLL.UserLockout.ProcessBadLogin(user.Id);
                return validationResult;
            }
        }
Beispiel #8
0
        public Models.ValidationResult GlobalLogin(string userName, string password, string loginType)
        {
            var validationResult = new Models.ValidationResult
            {
                Message = "Login Was Not Successful",
                IsValid = false
            };

            //Check if user exists in Clone Deploy
            var user = BLL.User.GetUser(userName);

            if (user == null)
            {
                //Check For a first time LDAP User Group Login
                if (Settings.LdapEnabled == "1")
                {
                    foreach (var ldapGroup in BLL.UserGroup.GetLdapGroups())
                    {
                        if (new BLL.Ldap().Authenticate(userName, password, ldapGroup.GroupLdapName))
                        {
                            //user is a valid ldap user via ldap group that has not yet logged in.
                            //Add the user and allow login.
                            var cdUser = new CloneDeployUser
                            {
                                Name       = userName,
                                Salt       = Helpers.Utility.CreateSalt(64),
                                Token      = Utility.GenerateKey(),
                                IsLdapUser = 1
                            };
                            //Create a local random db pass, should never actually be possible to use.
                            cdUser.Password = Helpers.Utility.CreatePasswordHash(new System.Guid().ToString(), cdUser.Salt);
                            if (BLL.User.AddUser(cdUser).IsValid)
                            {
                                //add user to group
                                var newUser = BLL.User.GetUser(userName);
                                BLL.UserGroup.AddNewGroupMember(ldapGroup, newUser);
                            }
                            validationResult.Message = "Success";
                            validationResult.IsValid = true;
                            break;
                        }
                    }
                }
                return(validationResult);
            }

            if (BLL.UserLockout.AccountIsLocked(user.Id))
            {
                BLL.UserLockout.ProcessBadLogin(user.Id);
                validationResult.Message = "Account Is Locked";
                return(validationResult);
            }

            //Check against AD
            if (user.IsLdapUser == 1 && Settings.LdapEnabled == "1")
            {
                //Check if user is authenticated against an ldap group
                if (user.UserGroupId != -1)
                {
                    //user is part of a group, is the group an ldap group?
                    var userGroup = BLL.UserGroup.GetUserGroup(user.UserGroupId);
                    if (userGroup != null)
                    {
                        if (userGroup.IsLdapGroup == 1)
                        {
                            //the group is an ldap group
                            //make sure user is still in that ldap group
                            if (new BLL.Ldap().Authenticate(userName, password, userGroup.GroupLdapName))
                            {
                                validationResult.IsValid = true;
                            }
                            else
                            {
                                //user is either not in that group anymore, not in the directory, or bad password
                                validationResult.IsValid = false;

                                if (new BLL.Ldap().Authenticate(userName, password))
                                {
                                    //password was good but user is no longer in the group
                                    //delete the user
                                    BLL.User.DeleteUser(user.Id);
                                }
                            }
                        }
                        else
                        {
                            //the group is not an ldap group
                            //still need to check creds against directory
                            if (new BLL.Ldap().Authenticate(userName, password))
                            {
                                validationResult.IsValid = true;
                            }
                        }
                    }
                    else
                    {
                        //group didn't exist for some reason
                        //still need to check creds against directory
                        if (new BLL.Ldap().Authenticate(userName, password))
                        {
                            validationResult.IsValid = true;
                        }
                    }
                }
                else
                {
                    //user is not part of a group, check creds against directory
                    if (new BLL.Ldap().Authenticate(userName, password))
                    {
                        validationResult.IsValid = true;
                    }
                }
            }
            else if (user.IsLdapUser == 1 && Settings.LdapEnabled != "1")
            {
                //prevent ldap user from logging in with local pass if ldap auth gets turned off
                validationResult.IsValid = false;
            }
            //Check against local DB
            else
            {
                var hash = Helpers.Utility.CreatePasswordHash(password, user.Salt);
                if (user.Password == hash)
                {
                    validationResult.IsValid = true;
                }
            }

            if (validationResult.IsValid)
            {
                BLL.UserLockout.DeleteUserLockouts(user.Id);
                validationResult.Message = "Success";
                return(validationResult);
            }
            else
            {
                BLL.UserLockout.ProcessBadLogin(user.Id);
                return(validationResult);
            }
        }
Beispiel #9
0
        public static Models.ValidationResult ValidateUser(Models.CloneDeployUserGroup userGroup, bool isNewUserGroup)
        {
            var validationResult = new Models.ValidationResult();

            if (isNewUserGroup)
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    if (uow.UserGroupRepository.Exists(h => h.Name == userGroup.Name))
                    {
                        validationResult.IsValid = false;
                        validationResult.Message = "This User Group Already Exists";
                        return validationResult;
                    }
                }
            }
            else
            {
                using (var uow = new DAL.UnitOfWork())
                {
                    var originalUserGroup = uow.UserGroupRepository.GetById(userGroup.Id);
                    if (originalUserGroup.Name != userGroup.Name)
                    {
                        if (uow.UserGroupRepository.Exists(h => h.Name == userGroup.Name))
                        {
                            validationResult.IsValid = false;
                            validationResult.Message = "This User Group Already Exists";
                            return validationResult;
                        }
                    }
                }
            }

            return validationResult;
        }