public TerminateUserSessionResponse TerminateUserSession(TerminateUserSessionRequest request)
        {
            Platform.CheckForNullReference(request, "request");
            Platform.CheckForNullReference(request.SessionIds, "SessionIds");

            // exclude the current session - user must not delete own active session!
            var sessionIds = request.SessionIds.Where(id => id != CurrentUserSessionId).ToList();

            if (sessionIds.Count == 0)
            {
                throw new RequestValidationException(SR.MessageCannotDeleteOwnUserCurrentSession);
            }

            // load all sessions by id
            var where = new UserSessionSearchCriteria();
            where.SessionId.In(sessionIds);

            var sessions = PersistenceContext.GetBroker <IUserSessionBroker>().Find(where);

            // terminate all sessions
            foreach (var session in sessions)
            {
                session.Terminate();
            }

            return(new TerminateUserSessionResponse(sessions.Select(s => s.SessionId).ToList()));
        }
Ejemplo n.º 2
0
        public TerminateUserSessionResponse TerminateUserSession(TerminateUserSessionRequest request)
        {
            Platform.CheckForNullReference(request, "request");
            Platform.CheckForNullReference(request.SessionIds, "SessionIds");

            // exclude the current session - user must not delete own active session!
            var sessionIds = request.SessionIds.Where(id => id != CurrentUserSessionId).ToList();

            if (sessionIds.Count == 0)
            {
                throw new RequestValidationException(SR.MessageCannotDeleteOwnUserCurrentSession);
            }

            // load all sessions by id
            var where = new UserSessionSearchCriteria();
            where.SessionId.In(sessionIds);
            where.IsImpersonated.EqualTo(false);                // impersonated sessions cannot be terminated in this manner

            var sessions = PersistenceContext.GetBroker <IUserSessionBroker>().Find(where);

            // terminate sessions
            foreach (var session in sessions)
            {
                // but only if the current user is actually authorized to do so
                EnsureCurrentUserAuthorizedToManage(session.User.AccountType);
                session.Terminate();
            }

            return(new TerminateUserSessionResponse(sessions.Select(s => s.SessionId).ToList()));
        }
Ejemplo n.º 3
0
        /// <summary>
        /// Gets the session identified by the specified session token, or null if no session exists.
        /// </summary>
        /// <param name="sessionToken"></param>
        /// <returns></returns>
        private UserSession GetSession(SessionToken sessionToken)
        {
            if (String.IsNullOrEmpty(sessionToken.Id))
            {
                return(null);                //we know this isn't valid, so don't go to the database.
            }
            var where = new UserSessionSearchCriteria();
            where.SessionId.EqualTo(sessionToken.Id);

            // use query caching here to hopefully speed this up a bit
            var sessions = PersistenceContext.GetBroker <IUserSessionBroker>().Find(
                where, new SearchResultPage(0, 1), new EntityFindOptions {
                Cache = true
            });

            // ensure case-sensitive match, returns null if no match
            return(CollectionUtils.SelectFirst(sessions, s => s.SessionId == sessionToken.Id));
        }
Ejemplo n.º 4
0
		public TerminateUserSessionResponse TerminateUserSession(TerminateUserSessionRequest request)
		{
			Platform.CheckForNullReference(request, "request");
			Platform.CheckForNullReference(request.SessionIds, "SessionIds");

			// exclude the current session - user must not delete own active session!
			var sessionIds = request.SessionIds.Where(id => id != CurrentUserSessionId).ToList();
			if(sessionIds.Count == 0)
				throw new RequestValidationException(SR.MessageCannotDeleteOwnUserCurrentSession);

			// load all sessions by id 
			var where = new UserSessionSearchCriteria();
			where.SessionId.In(sessionIds);
			where.IsImpersonated.EqualTo(false);	// impersonated sessions cannot be terminated in this manner

			var sessions = PersistenceContext.GetBroker<IUserSessionBroker>().Find(where);

			// terminate sessions
			foreach (var session in sessions)
			{
				// but only if the current user is actually authorized to do so
				EnsureCurrentUserAuthorizedToManage(session.User.AccountType);
				session.Terminate();
			}

			return new TerminateUserSessionResponse(sessions.Select(s => s.SessionId).ToList());
		}
		/// <summary>
		/// Gets the session identified by the specified session token, or null if no session exists.
		/// </summary>
		/// <param name="sessionToken"></param>
		/// <returns></returns>
		private UserSession GetSession(SessionToken sessionToken)
		{
			if (String.IsNullOrEmpty(sessionToken.Id))
				return null; //we know this isn't valid, so don't go to the database.

			var where = new UserSessionSearchCriteria();
			where.SessionId.EqualTo(sessionToken.Id);

			// use query caching here to hopefully speed this up a bit
			var sessions = PersistenceContext.GetBroker<IUserSessionBroker>().Find(
				where, new SearchResultPage(0, 1), new EntityFindOptions { Cache = true });

			// ensure case-sensitive match, returns null if no match
			return CollectionUtils.SelectFirst(sessions, s => s.SessionId == sessionToken.Id);
		}
Ejemplo n.º 6
0
		public TerminateUserSessionResponse TerminateUserSession(TerminateUserSessionRequest request)
		{
			Platform.CheckForNullReference(request, "request");
			Platform.CheckForNullReference(request.SessionIds, "SessionIds");

			// exclude the current session - user must not delete own active session!
			var sessionIds = request.SessionIds.Where(id => id != CurrentUserSessionId).ToList();
			if(sessionIds.Count == 0)
				throw new RequestValidationException(SR.MessageCannotDeleteOwnUserCurrentSession);

			// load all sessions by id 
			var where = new UserSessionSearchCriteria();
			where.SessionId.In(sessionIds);

			var sessions = PersistenceContext.GetBroker<IUserSessionBroker>().Find(where);

			// terminate all sessions
			foreach (var session in sessions)
			{
				session.Terminate();
			}

			return new TerminateUserSessionResponse(sessions.Select(s => s.SessionId).ToList());
		}