public ActionResult Login(UserAccessViewModel model) { if (!ModelState.IsValid) { return(View(model)); } AccessRequest oAR = new AccessRequest(); oAR.Email = model.Email; oAR.Password = UtilitiesChat.Tools.Encrypt.GetSHA256(model.Password); RequestUtil oRequestUtil = new RequestUtil(); UtilitiesChat.Models.WS.Reply oReply = oRequestUtil.Execute <AccessRequest>(Constants.Url.ACCESS, "Post", oAR); UtilitiesChat.Models.WS.UserResponse oUserResponse = JsonConvert.DeserializeObject <UtilitiesChat.Models.WS.UserResponse>(JsonConvert.SerializeObject(oReply.data)); if (oReply.result == 1) { Session["User"] = oUserResponse; return(RedirectToAction("Index", "Lobby")); } ViewBag.error = "Datos incorrectos"; return(View()); }
public void RequestedResourceIsWhitelisted_ReturnsFalse_IfRequestResourceIsNotWhitelisted() { using (var context = _apacheLogContextFactory.NewTestContext()) { // Arrange context.WhitelistedResources.Add(new WhitelistedResource() { BasePath = "media" }); context.SaveChanges(); // Arrange var whitelistedResources = new List <string>() { @"media" }.AsQueryable();; var whitelist = new Whitelist(context); var accessRequest = new AccessRequest() { Resource = @"/admin/mysql2/index.php" }; // Act var result = whitelist.RequestedResourceIsWhitelisted(accessRequest); // Assert Assert.False(result); } }
public Reply Login(AccessRequest model) { Reply oR = new Reply(); using (ChatDBEntities db = new ChatDBEntities()) { var oUser = (from d in db.user where d.email == model.Email && d.password == model.Password select d).FirstOrDefault(); if (oUser != null) { string AccessToken = Guid.NewGuid().ToString(); oUser.access_token = AccessToken; db.Entry(oUser).State = System.Data.Entity.EntityState.Modified; db.SaveChanges(); UserResponse oUserResponse = new UserResponse(); oUserResponse.AccessToken = AccessToken; oUserResponse.Name = oUser.name; oUserResponse.City = oUser.city; oUserResponse.Id = oUser.idUser; oR.result = 1; oR.data = oUserResponse; } else { oR.message = "Datos incorrectos"; } } return(oR); }
/// <summary> /// Update the database using the passed AccessRequest /// </summary> /// <param name="accessRequest"></param> public AccessRequest UpdateAccessRequest(AccessRequest accessRequest) { var existingAccessRequest = GetAccessRequest(accessRequest.Id); this.Context.SetOriginalRowVersion(existingAccessRequest); var isApproving = accessRequest.Status == AccessRequestStatus.Approved && existingAccessRequest.Status != AccessRequestStatus.Approved; existingAccessRequest.Note = accessRequest.Note; existingAccessRequest.Status = accessRequest.Status; existingAccessRequest.Roles.Clear(); accessRequest.Roles.ForEach(r => existingAccessRequest.Roles.Add(new AccessRequestRole(existingAccessRequest.Id, r.RoleId))); existingAccessRequest.Agencies.Clear(); accessRequest.Agencies.ForEach(a => existingAccessRequest.Agencies.Add(new AccessRequestAgency(existingAccessRequest.Id, a.AgencyId))); if (isApproving) { var approvedUser = this.Context.Users.Find(existingAccessRequest.UserId); approvedUser.ApprovedById = this.User.GetUserId(); approvedUser.ApprovedOn = DateTime.UtcNow; this.Context.Users.Update(approvedUser); } Context.Entry(existingAccessRequest).State = EntityState.Modified; this.Context.CommitTransaction(); return(accessRequest); }
public Bid Check(string pcUniqueKey, int productId) { try { var accessRequest = new AccessRequest { PcName = null, PcUniqueKey = pcUniqueKey, ProductId = productId }; var jsonResponse = ExecutePostApiMethod("/bids/check", accessRequest); var jsonObject = JObject.Parse(jsonResponse); return(jsonObject.SelectToken("bid", false).ToObject <Bid>()); } catch (WebException exception) { using (var response = exception.Response as HttpWebResponse) { var responseStream = response?.GetResponseStream(); if (responseStream == null) { throw; } using (var streamReader = new StreamReader(responseStream)) { var jsonResponse = streamReader.ReadToEnd(); var error = JsonConvert.DeserializeObject <Error>(jsonResponse); throw new Exception($"Code: {error.Code}, Url: {error.Url}, Messsage: {error.Message}"); } } } }
public void ApproveAccessRequest(AccessRequest accessRequest, UserSecurityContext context, ApprovalDecisionType approvalActionType) { Person approver = _personRepo.GetOne(context.PersonId); if (approver == null) { throw new UnauthorizedAccessException("Approver not found"); } // Check if Person has Authority to Approve/Reject OrganizationMember approverMembership = _organzationMemberRepo.GetMember(approver.Id.Value, accessRequest.OrganizationId.Value); if (approverMembership != null && approverMembership.IsAdministrator.HasValue && approverMembership.IsAdministrator.Value) { accessRequest.IsAccessRequested = false; _accessRequestRepo.Update(accessRequest); //TODO - Disabling as dbcontext is tracking the same ID, need to fix this. //_accessRequestRepo.SoftDelete(accessRequest.Id.Value); if (approvalActionType == ApprovalDecisionType.Approve) { _organzationMemberRepo.Approve(accessRequest.PersonId.Value, accessRequest.OrganizationId.Value, approver.Id.Value); } } else { throw new UnauthorizedAccessException("User is not an Administrator of this Organization"); } }
/// <summary> /// Get all policies that might be applicable for the given request asynchronously /// </summary> /// <param name="request">The access request</param> /// <returns>A list of policies that might be applicable</returns> public async Task <List <Policy> > GetRequestCandidatesAsync(AccessRequest request) { using (var con = new SqlConnection(_connectionString)) { await con.OpenAsync(); SqlCommand command; if (string.IsNullOrEmpty(request.Resource)) { command = new SqlCommand(SqlServerQueries.GetRequestCandidatesQuery, con); command.Parameters.Add(SqlServerQueries.RequestSubjectParameter.Key, SqlServerQueries.RequestSubjectParameter.Value).Value = request.Subject; } else { command = new SqlCommand(SqlServerQueries.GetRequestCandidatesbyResourceAndSubjectQuery, con); command.Parameters.Add(SqlServerQueries.RequestSubjectParameter.Key, SqlServerQueries.RequestSubjectParameter.Value).Value = request.Subject; command.Parameters.Add(SqlServerQueries.RequestResourceParameter.Key, SqlServerQueries.RequestResourceParameter.Value).Value = request.Resource; } using (var reader = await command.ExecuteReaderAsync()) { return(await GetPoliciesFromRowsAsync(reader)); } } }
public IEnumerable <AccessRequest> GetAccessElevationRequestsByUserId(string userId) { List <AccessRequest> userRegulatoryAccesslist = new List <AccessRequest>(); object lockingObject = new object(); var requests = this.azureTableOperations.GetEntityByPartitionKey <AccessElevationRequest>(userId); Parallel.ForEach( requests, authorityAccess => { var userRegulatoryAccess = new AccessRequest() { UserId = authorityAccess.PartitionKey, Regulatory = authorityAccess.Regulatory, CurrentAccessLevel = authorityAccess.CurrentAccessLevel, RequestedAccessLevel = authorityAccess.RequestedAccessLevel, Justification = authorityAccess.Justification, RequestStatus = authorityAccess.RequestStatus, ApprovedUser = authorityAccess.ApprovedUser, Remarks = authorityAccess.Remarks, TimeUpdated = authorityAccess.Timestamp.ToString() }; lock (lockingObject) { userRegulatoryAccesslist.Add(userRegulatoryAccess); } }); return(userRegulatoryAccesslist); }
public void LogAccessRequest(AccessRequest request, string requesterEmail) { _context.RunInRetryableTransaction(() => { var requester = _context .GetUsers(requesterEmail) .Include(x => x.OrganisationUsers) .ThenInclude(x => x.Organisation) .Single(); var requestedIfExists = _context .GetUsers(request.EmailAddress) .Include(x => x.OrganisationUsers) .ThenInclude(x => x.Organisation) .SingleOrDefault(); var entity = _context.AccessRequests.Add(new Domain.Models.AccessRequest() { RequestDateUtc = DateTime.UtcNow, Requester = requester, RequesterEmail = requester.Email, FirstName = request.FirstName, LastName = request.LastName, EmailAddress = request.EmailAddress, Organisation = request.Organisation, Reason = request.Reason, Status = Domain.Models.AccessRequest.RequestStatus.Requested }); _context.Save(); _emailService.SendAccessRequestEmailToSupport(entity.Entity, requester, requestedIfExists); }); }
public void ApproveAccessRequest(AccessRequest accessRequest, UserSecurityContext context, ApprovalDecisionType approvalActionType) { Person approver = _personRepo.GetOne(context.PersonId); if (approver == null) { throw new UnauthorizedAccessException("Approver not found"); } //check if person has authority to approve/reject OrganizationMember approverMembership = _organzationMemberRepo.GetMember(approver.Id.Value, accessRequest.OrganizationId.Value); if (approverMembership != null && approverMembership.IsAdministrator.HasValue && approverMembership.IsAdministrator.Value) { accessRequest.IsAccessRequested = false; _accessRequestRepo.Update(accessRequest); if (approvalActionType == ApprovalDecisionType.Approve) { _organzationMemberRepo.Approve(accessRequest.PersonId.Value, accessRequest.OrganizationId.Value, approver.Id.Value); } } else { throw new UnauthorizedOperationException("User is not an administrator of this organization", EntityOperationType.Update); } }
private void button1_Click(object sender, EventArgs e) { if (txtUser.Text.Equals("") || txtPass.Text.Equals("")) { MessageBox.Show("Los dos campos son obligatorios"); return; } Reply oReply = new Reply(); AccessRequest oAR = new AccessRequest(); oAR.Email = txtUser.Text.Trim(); oAR.Password = UtilitiesChat.Tools.Encrypt.GetSHA256(txtPass.Text.Trim()); RequestUtil oRequestUtil = new RequestUtil(); oReply = oRequestUtil.Execute <AccessRequest>(Constants.Url.ACESS, "post", oAR); JavaScriptSerializer js = new JavaScriptSerializer(); if (oReply.result == 1) { Business.Session.oUser = js.Deserialize <UtilitiesChat.Models.WS.UserResponse>(js.Serialize(oReply.data)); this.Close(); MessageBox.Show("Inicio sesion"); } else { MessageBox.Show(oReply.message); } }
/// <summary> /// Add a new access request for the current user. /// </summary> /// <param name="request"></param> /// <returns></returns> public AccessRequest AddAccessRequest(AccessRequest request) { if (request == null || request.Agencies == null || request.Roles == null) { throw new ArgumentNullException(nameof(request)); } var keycloakUserId = this.User.GetKeycloakUserId(); var position = request.User.Position; request.User = this.GetUserForKeycloakId(keycloakUserId) ?? throw new KeyNotFoundException("Your account has not been activated."); request.UserId = request.User.Id; request.User.Position = position; this.Context.Entry(request.User).State = EntityState.Modified; request.Agencies.ForEach((accessRequestAgency) => { accessRequestAgency.Agency = this.Context.Agencies.Find(accessRequestAgency.AgencyId); }); request.Roles.ForEach((accessRequestRole) => { accessRequestRole.Role = this.Context.Roles.Find(accessRequestRole.RoleId); }); this.Context.AccessRequests.Add(request); this.Context.CommitTransaction(); return(request); }
public bool Parse(string line, out AccessRequest accessRequest) { var pattern = _accessLogConfig.Pattern; var m = Regex.Match(line, pattern, RegexOptions.IgnoreCase); accessRequest = new AccessRequest(); if (m.Success) { accessRequest.IPAddress = m.Groups[_accessLogConfig.IPAddressPatternGroup].Value; accessRequest.DateTime = DateTime.ParseExact( m.Groups[_accessLogConfig.DateTimePatternGroup].Value, _accessLogConfig.DateTimeFormat, CultureInfo.InvariantCulture); accessRequest.Method = m.Groups[_accessLogConfig.MethodPatternGroup].Value; accessRequest.Resource = m.Groups[_accessLogConfig.ResourcePatternGroup].Value; accessRequest.Protocol = m.Groups[_accessLogConfig.ProtocolPatternGroup].Value; accessRequest.StatusCode = int.Parse(m.Groups[_accessLogConfig.StatusCodePatternGroup].Value); accessRequest.Size = int.Parse(m.Groups[_accessLogConfig.SizePatternGroup].Value); } return m.Success; }
private int authenticate() { if (string.IsNullOrEmpty(username)) { return(-1); } if (string.IsNullOrEmpty(password)) { return(-1); } using var req = new AccessRequest(username, password) { Url = $@"{Endpoint}/api/Login", Method = HttpMethod.Get, }; try { req.Perform(); } catch { return(-1); } Token = req.ResponseObject.Token; return(req.ResponseObject.ID); }
public void QuickpurgeTest() { //Arrange int cateId, objectId; var objectRequest = new IdoitObjectInstance(idoitClient); var categoryRequest = new AccessRequest(); var access = new IdoitMvcInstance <AccessResponse>(idoitClient); //Act:Create the Object objectRequest.CmdbStatus = IdoitCmdbStatus.INOPERATION; objectRequest.Type = IdoitObjectTypes.CLIENT; objectRequest.Value = "My Client"; objectId = objectRequest.Create(); //Act: Create the Category categoryRequest.title = "Web GUI"; categoryRequest.description = "Web GUI description"; categoryRequest.type = " ES"; categoryRequest.formatted_url = "https://swsan.admin.acme-it.example/"; access.ObjectId = objectId; access.ObjectRequest = categoryRequest; cateId = access.Create(); //Act access.CateId = cateId; access.Purge(); objectRequest.ObjectId = objectId; objectRequest.Purge(); }
public IActionResult Create([FromBody] AccessRequest request) { // Console.WriteLine("AccessRequestsController: point 10"); if (request == null) { return(BadRequest()); } // Console.WriteLine("AccessRequestsController: point 101"); try { _context.AccessRequests.Add(request); _context.SaveChanges(); } catch (Microsoft.EntityFrameworkCore.DbUpdateException ex) { Console.WriteLine(ex.Message); return(BadRequest(ex)); } catch (Exception ex) { Console.WriteLine("AccessRequestController: point 41"); Console.WriteLine(ex.ToString()); } return(CreatedAtRoute("GetAccessRequest", new { id = request.Id }, request)); }
public ActionResult Login(UserAccessViewModel model) { if (!ModelState.IsValid) { //REGRESO as LA VISTA return(View(model)); } Reply oReply = new Reply(); AccessRequest oAR = new AccessRequest(); oAR.Email = model.Email; oAR.Password = UtilitiesChat.Tools.Encrypt.GetSHA256(model.Password); RequestUtil oRequestUtil = new RequestUtil(); oReply = oRequestUtil.Execute <AccessRequest>(Constants.Url.ACESS, "post", oAR); JavaScriptSerializer js = new JavaScriptSerializer(); UtilitiesChat.Models.WS.UserResponse oUserResponse = js.Deserialize <UtilitiesChat.Models.WS.UserResponse>(js.Serialize(oReply.data)); if (oReply.result == 1) { Session["User"] = oUserResponse; return(RedirectToAction("Index", "Lobby")); } //mandar error ViewBag.error = "Datos Incorrectos"; return(View(model)); }
public StatusCodeResult Index([FromBody] AccessRequest request) { var requesterEmail = this.User.Identity.Name; _service.LogAccessRequest(request, requesterEmail); return(Ok()); }
public async Task <JsonResult> ApproveAccessRequest(int accessRequestId) { var currentUser = await _userManager.GetUserAsync(HttpContext.User); AccessRequest accessRequest = await Mediator.Send(new GetAccessRequestByIdQuery { AccessRequestId = accessRequestId, IdentityUserId = currentUser.Id }); if (accessRequest != null) { var addedUser = await _userManager.FindByIdAsync(accessRequest.Profile.IdentityUserId); string accessRole; if (accessRequest.AccessType == AccessType.Edit) { accessRole = accessRequest.Article.EditRoleString; } else { accessRole = accessRequest.Article.ViewRoleString; } var result = await _userManager.AddToRoleAsync(addedUser, accessRole); if (result.Succeeded) { var mediatorResult = await Mediator.Send(new DeleteAccessRequestCommand { AccessRequstId = accessRequestId, IdentityUserId = currentUser.Id }); if (mediatorResult.IsSuccessful) { await _hubContext.Clients.User(addedUser.Id).SendAsync("Notify", $"User {currentUser.UserName} added you give you {accessRole}"); } else { await _userManager.RemoveFromRoleAsync(addedUser, accessRole); } HttpStatusCode statusCode = mediatorResult.IsSuccessful ? HttpStatusCode.OK : HttpStatusCode.BadRequest; return(new JsonResult(new { mediatorResult.Message }) { StatusCode = (int)statusCode }); } else { return(new JsonResult(new { result.Errors }) { StatusCode = (int)HttpStatusCode.BadRequest }); } } else { return(new JsonResult(new { message = "Not found" }) { StatusCode = (int)HttpStatusCode.NotFound }); } }
public TrackingData GetTrackingData(string trackingNumber) { var ar = new AccessRequest("ACBB0DA11CE56A06", "ytechie", "sVUbis6Kla"); var tr = new TrackingRequest(trackingNumber, "req"); var td = tr.MakeRequest(TrackingRequest.PRODUCTION_URL, ar); return(td); }
public AccessRequest AddAnonymousAccessRequest(AccessRequest accessRequest) { accessRequestRepo.ForceIgnoreSecurity(); var orgAccessRequest = accessRequestRepo.Add(accessRequest); accessRequestRepo.ForceSecurity(); return(orgAccessRequest); }
public TrackingData GetTrackingData(string trackingNumber) { var ar = new AccessRequest("ACBB0DA11CE56A06", "ytechie", "sVUbis6Kla"); var tr = new TrackingRequest(trackingNumber, "req"); var td = tr.MakeRequest(TrackingRequest.PRODUCTION_URL, ar); return td; }
public ActionResult DeleteConfirmed(int id) { AccessRequest accessrequest = db.AccessRequests.Find(id); db.AccessRequests.Remove(accessrequest); db.SaveChanges(); return(RedirectToAction("Index")); }
/** * Authenticates a user. * @param userName user name * @param password password * @return true if authentication is successful, false otherwise * @exception RadiusException malformed packet * @exception IOException communication error (after getRetryCount() * retries) */ public bool Authenticate(String userName, String password) { lock (this) { var request = new AccessRequest(userName, password); RadiusPacket response = Authenticate(request); return(response.Type == RadiusPacket.AccessAccept); } }
private string ExecutePostApiMethod(string methodName, AccessRequest request) { var client = new WebClient(); client.Headers.Add(HttpRequestHeader.ContentType, "application/json"); client.Encoding = Encoding.UTF8; var bodyString = JsonConvert.SerializeObject(request); return(client.UploadString(new Uri(_baseUrl + "client_api" + methodName), bodyString)); }
// // GET: /AccessRequest/Delete/5 public ActionResult Delete(int id = 0) { AccessRequest accessrequest = db.AccessRequests.Find(id); if (accessrequest == null) { return(HttpNotFound()); } return(View(accessrequest)); }
public ActionResult Edit(AccessRequest accessrequest) { if (ModelState.IsValid) { db.Entry(accessrequest).State = EntityState.Modified; db.SaveChanges(); return(RedirectToAction("Index")); } return(View(accessrequest)); }
protected string GetIP(AccessRequest accessRequest) { foreach (RadiusAttribute attr in accessRequest.Attributes) { if (attr.Type == 31) { return(attr.Value); } } return(null); }
public ActionResult Create(AccessRequest accessrequest) { if (ModelState.IsValid) { db.AccessRequests.Add(accessrequest); db.SaveChanges(); return(RedirectToAction("Index")); } return(View(accessrequest)); }
public void AccessRequest_DefaultConstructor() { // Arrange // Act var accessRequest = new AccessRequest(); // Assert accessRequest.Agencies.Should().BeEmpty(); accessRequest.Roles.Should().BeEmpty(); accessRequest.Status.Should().Be(AccessRequestStatus.OnHold); }
/// <summary> /// Update the database using the passed AccessRequest /// </summary> /// <param name="entity"></param> public AccessRequest UpdateAccessRequest(AccessRequest entity) { var accessRequest = GetAccessRequest(entity.Id); entity.UpdatedById = this.User.GetUserId(); // TODO: No longer needed. entity.UpdatedOn = DateTime.UtcNow; this.Context.Entry(accessRequest).CurrentValues.SetValues(entity); accessRequest.UserId = accessRequest.User.Id; Context.Entry(accessRequest).State = EntityState.Modified; this.Context.CommitTransaction(); return(entity); }
static void Main(string[] args) { //Settings const string serverIp = "192.168.1.1"; const string serverSecret = "secretsecretsecret"; const string userName = "******"; const string password = "******"; const string nasIp = "192.168.20.1"; const string clientIp = "192.168.20.45"; const string sessionId = "1234567899874654321"; var radiusClient = new Client(serverIp, 1645, serverSecret) { SendTimeout = 5000, ReceiveTimeout = 5000, Ttl = 50 }; var request = new AccessRequest(nasIp, ServiceType.Framed, userName, password, radiusClient); request.Packet.Attributes.Add(new StringAttribute(AttributeType.NasIdentifier, "BBSM")); request.Packet.Attributes.Add(new NasPortTypeAttribute(NasPortType.Ethernet)); request.Packet.Attributes.Add(new StringAttribute(AttributeType.AcctSessionId, sessionId)); request.Packet.Attributes.Add(new IpAddressAttribute(AttributeType.FramedIpAddress, clientIp)); var response = radiusClient.Send(request, true); var accountingStartRequest = new AccountingRequest(nasIp, ServiceType.Framed, userName, AuthenticationType.Radius, StatusType.Start, 0, clientIp, sessionId, radiusClient); request.Packet.Attributes.Add(new StringAttribute(AttributeType.NasIdentifier, "BBSM")); request.Packet.Attributes.Add(new NasPortTypeAttribute(NasPortType.Ethernet)); var accountingStartResponse = radiusClient.Send(accountingStartRequest, true); var accountingUpdateRequest = new AccountingRequest(nasIp, ServiceType.Framed, userName, AuthenticationType.Radius, StatusType.InterimUpdate, 0, clientIp, sessionId, radiusClient); request.Packet.Attributes.Add(new StringAttribute(AttributeType.NasIdentifier, "BBSM")); request.Packet.Attributes.Add(new IntegerAttribute(AttributeType.AcctInputOctets, 5000)); request.Packet.Attributes.Add(new IntegerAttribute(AttributeType.AcctOutputOctets, 2000)); request.Packet.Attributes.Add(new IntegerAttribute(AttributeType.AcctSessionTime, 50)); var accountingUpdateResponse = radiusClient.Send(accountingUpdateRequest, true); var accountingStopRequest = new AccountingRequest(nasIp, ServiceType.Framed, userName, AuthenticationType.Radius, StatusType.Stop, 0, clientIp, sessionId, radiusClient); request.Packet.Attributes.Add(new StringAttribute(AttributeType.NasIdentifier, "BBSM")); request.Packet.Attributes.Add(new NasPortTypeAttribute(NasPortType.Ethernet)); request.Packet.Attributes.Add(new IntegerAttribute(AttributeType.AcctInputOctets, 40000)); request.Packet.Attributes.Add(new IntegerAttribute(AttributeType.AcctOutputOctets, 20000)); request.Packet.Attributes.Add(new IntegerAttribute(AttributeType.AcctSessionTime, 200)); request.Packet.Attributes.Add(new TerminateCauseAttribute(TerminateCauseType.UserRequest)); var accountingStopResponse = radiusClient.Send(accountingStopRequest, true); }
public static AccessRequestViewModel Create(IRepository repository, IDirectorySearchService directorySearchService, string loginId) { Check.Require(repository != null, "Repository must be supplied"); // execute the search var directoryUser = directorySearchService.FindUser(loginId); var accessRequest = new AccessRequest() { LoginId = loginId, FirstName = directoryUser.FirstName, LastName = directoryUser.LastName, Email = directoryUser.EmailAddress }; var viewModel = new AccessRequestViewModel { AccessRequest = accessRequest, Departments = repository.OfType<Department>().GetAll() }; return viewModel; }