public static bool CreateRole(string role, string aStoreName)
{
bool success = false;
try
{
AzAuthorizationStore store = new AzAuthorizationStore();
string storeLocation = AzManReader.GetAuthStoreLocation(aStoreName);
string roleName = "_" + role;
//4 = AZ_AZSTORE_FLAG_BATCH_UPDATE
store.Initialize(4, storeLocation, null);
foreach (IAzApplication3 application in store.Applications)
{
//Create a new role definition
IAzRoleDefinition newRole = application.CreateRoleDefinition(roleName);
//Create a new role assignment
IAzRoleAssignment newRoleAssignment = application.CreateRoleAssignment(roleName);
newRole.Submit();
newRoleAssignment.AddRoleDefinition(roleName);
newRoleAssignment.Submit();
application.Submit();
}
success = true;
}
catch (COMException ce)
{
if (ce.ErrorCode.Equals(-2147024713))
{
MessageBox.Show(null, "Role already exist in this application.", "Role already exist");
}
else
{
MessageBox.Show(null, ce.Message + "\n" + ce.ErrorCode.ToString(), "COMException occurred");
}
}
catch (Exception ex)
{
if (ex is UnauthorizedAccessException)
{
MessageBox.Show("Access denied to " + aStoreName + "AuthStore.xml. Maybe it is read-only?", "", MessageBoxButtons.OK);
}
else
{
MessageBox.Show("Could not create role. Maybe it already exists?", "", MessageBoxButtons.OK);
}
success = false;
}
return(success);
}
private static void MergeStores(string fromStoreLocation, string toStoreLocation)
{
LogEntry entry = new LogEntry();
entry.Severity = TraceEventType.Verbose;
entry.Priority = -1;
if (Logger.ShouldLog(entry))
{
entry.Message = string.Format("Merging authorization stores.\nFrom Store = \"{0}\"\nTo Store = \"{1}\"...", fromStoreLocation, toStoreLocation);
Logger.Write(entry);
}
try
{
AzAuthorizationStore fromStore = new AzAuthorizationStore();
fromStore.Initialize(0, fromStoreLocation, null);
AzAuthorizationStore toStore = new AzAuthorizationStore();
toStore.Initialize(AZ_AZSTORE_FLAG_BATCH_UPDATE, toStoreLocation, null);
foreach (IAzApplication3 fromApplication in fromStore.Applications)
{
IAzApplication3 toApplication = (IAzApplication3)((IAzAuthorizationStore3)toStore).OpenApplication2(fromApplication.Name, null);
var operationsDictionary = new Dictionary <string, IAzOperation>();
int nextOperationId = 0;
foreach (IAzOperation toOperation in toApplication.Operations)
{
operationsDictionary.Add(toOperation.Name, toOperation);
nextOperationId = Math.Max(nextOperationId, toOperation.OperationID);
}
foreach (IAzOperation fromOperation in fromApplication.Operations)
{
IAzOperation toOperation = null;
if (operationsDictionary.ContainsKey(fromOperation.Name))
{
toOperation = operationsDictionary[fromOperation.Name];
}
else
{
if (Logger.ShouldLog(entry))
{
entry.Message = string.Format("Adding new Operation \"{0}\"...", fromOperation.Name);
Logger.Write(entry);
}
toOperation = toApplication.CreateOperation(fromOperation.Name);
nextOperationId++;
toOperation.OperationID = nextOperationId;
}
toOperation.Description = fromOperation.Description;
toOperation.Submit();
}
var tasksDictionary = new Dictionary <string, IAzTask>();
foreach (IAzTask toTask in toApplication.Tasks)
{
tasksDictionary.Add(toTask.Name, toTask);
}
foreach (IAzTask fromTask in fromApplication.Tasks)
{
IAzTask toTask = null;
if (tasksDictionary.ContainsKey(fromTask.Name))
{
toTask = tasksDictionary[fromTask.Name];
}
else
{
if (Logger.ShouldLog(entry))
{
entry.Message = string.Format("Adding new Task \"{0}\"...", fromTask.Name);
Logger.Write(entry);
}
toTask = toApplication.CreateTask(fromTask.Name);
}
toTask.IsRoleDefinition = fromTask.IsRoleDefinition;
toTask.Description = fromTask.Description;
foreach (string taskOperation in fromTask.Operations)
{
if (!((object[])toTask.Operations).Contains(taskOperation))
{
if (Logger.ShouldLog(entry))
{
entry.Message = string.Format("Adding Operation \"{0}\" to Task \"{1}\"...", taskOperation, toTask.Name);
Logger.Write(entry);
}
toTask.AddOperation(taskOperation);
}
}
toTask.Submit();
}
var rolesDictionary = new Dictionary <string, IAzRoleDefinition>();
foreach (IAzRoleDefinition toRole in toApplication.RoleDefinitions)
{
rolesDictionary.Add(toRole.Name, toRole);
}
foreach (IAzRoleDefinition fromRole in fromApplication.RoleDefinitions)
{
IAzRoleDefinition toRole = null;
if (rolesDictionary.ContainsKey(fromRole.Name))
{
toRole = rolesDictionary[fromRole.Name];
}
else
{
if (Logger.ShouldLog(entry))
{
entry.Message = string.Format("Adding new Role Definition \"{0}\"...", fromRole.Name);
Logger.Write(entry);
}
toRole = toApplication.CreateRoleDefinition(fromRole.Name);
}
toRole.Description = toRole.Description;
foreach (string roleOperation in fromRole.Operations)
{
if (!((object[])toRole.Operations).Contains(roleOperation))
{
if (Logger.ShouldLog(entry))
{
entry.Message = string.Format("Adding Operation \"{0}\" to Role Definition \"{1}\"...", roleOperation, toRole.Name);
Logger.Write(entry);
}
toRole.AddOperation(roleOperation);
}
}
foreach (string roleTask in fromRole.Tasks)
{
if (!((object[])toRole.Tasks).Contains(roleTask))
{
if (Logger.ShouldLog(entry))
{
entry.Message = string.Format("Adding Task \"{0}\" to Role Definition \"{1}\"...", roleTask, toRole.Name);
Logger.Write(entry);
}
toRole.AddTask(roleTask);
}
}
toRole.Submit();
}
}
if (Logger.ShouldLog(entry))
{
entry.Message = string.Format("Submitting changes...");
Logger.Write(entry);
}
toStore.Submit();
}
catch (Exception ex)
{
AuthorizationException authException = new AuthorizationException(string.Format("Failed to merge authorization stores.\nFrom Store = \"{0}\"\nTo Store = \"{1}\"\n", fromStoreLocation, toStoreLocation), ex);
entry.Severity = TraceEventType.Error;
if (Logger.ShouldLog(entry))
{
entry.Message = authException.ToString();
Logger.Write(entry);
}
throw authException;
}
}
