public static bool CheckToken(string userName, string tokenValue, string ipAddress, string method, bool refreshToken, out HTTPCheckRoles role)
{
role = 0;
ExpireAllTokensForUser(userName);
CriticalResultsEntityManager manager = new CriticalResultsEntityManager();
TokenEntity[] tokens = manager.GetTokensForUser(userName);
foreach (TokenEntity token in tokens)
{
if (token.Token == new Guid(tokenValue) && token.Ipv4 == ipAddress)
{
if (refreshToken)
token.UpdatedTime = DateTime.Now;
manager.SaveChanges();
foreach (RoleEntity re in token.User.Roles)
{
object r = Enum.Parse(typeof(HTTPCheckRoles), re.Name, true);
if (r != null)
{
role |= (HTTPCheckRoles)r;
}
}
return true;
}
}
return false;
}
public static bool Authenticate(string authKey, string authValue, string userName, string userIP, TraceSource _Trace, out string outUserName, out string tokenString, out string message)
{
outUserName="";
tokenString = "";
CriticalResults.CriticalResultsEntityManager manager = new CriticalResultsEntityManager();
bool hasPassword = false;
string queryString = string.Format("it.Type='AuthExt' AND it.Key='{0}' AND it.Value='{1}'", authKey, authValue);
// if userName is specified then we go from ANCR and authValue is password, overwise authValue is username of already authenticated user
if (userName != null)
{
hasPassword = true;
UserEntity user = manager.GetUser(userName);
if (user == null)
{
message = "Invalid username or password.";
return false;
}
queryString = string.Format("it.Type='AuthExt' AND it.Key='{0}' AND it.Value='{1}' AND it.User.Id={2}", authKey, authValue, user.Id);
}
CriticalResults.UserEntryEntity[] entries = manager.QueryUserEntryEntities(queryString, null, null);
if (entries.Count() == 1)
{
UserEntity user=entries.First().User;
if (!hasPassword)
{
_Trace.TraceEvent(TraceEventType.Information, 0, "Lookup for username \"{0}\" mapped to \"{1}\".", authValue, user.UserName);
}
if (user.Enabled == true)
{
outUserName = user.UserName;
CriticalResults.TokenEntity[] currentTokens = manager.GetTokensForUser(user.UserName);
foreach (CriticalResults.TokenEntity t in currentTokens)
{
if (t.Ipv4 == userIP)
{
t.UpdatedTime = DateTime.Now;
manager.SaveChanges();
tokenString = t.Token.ToString();
message = "";
return true;
}
}
CriticalResults.TokenEntity token = manager.CreateToken(user, userIP);
tokenString = token.Token.ToString();
message = "";
return true;
}
else
{
_Trace.TraceEvent(TraceEventType.Warning, 0, "Found user \"{0}\" mapped to \"{1}\". ANCR Account disabled.", authValue, user.UserName);
message = "Your account is disabled. Please contact your System Administrator.";
return false;
}
}
else
{
if (entries.Count() > 1)
{
_Trace.TraceEvent(TraceEventType.Warning, 0, "Found multiple users \"{0}\" (Count: {1})", authValue, entries.Count());
message = "Multiple ANCR users found for your username, until this is resolved you may not login with your credentials. Please contact your System Administrator.";
}
else
{
if (hasPassword)
{
_Trace.TraceEvent(TraceEventType.Warning, 0, "Invalid username or password \"{0}\"", userName);
message = "Invalid username or password.";
}
else
{
_Trace.TraceEvent(TraceEventType.Warning, 0, "No ANCR account found for \"{0}\"", authValue);
message = "No ANCR user is found for your credentials. Please contact your System Administrator.";
}
}
return false;
}
}
public Level CreateLevel(Level level)
{
_Trace.TraceEvent(TraceEventType.Verbose, -1, "CreateLevel");
CriticalResultsEntityManager manager = new CriticalResultsEntityManager();
LevelEntity entity = manager.CreateLevel(level.Name, level.Description, level.ShortDescription, level.ColorValue, level.EscalationTimeout, level.DueTimeout, level.DirectContactRequired);
if (level.Transports != null)
{
foreach(Transport t in level.Transports){
bool mandatory = false;
foreach(Transport mT in level.MandatoryTransports)
{
if(mT.Name == t.Name)
{
mandatory = true;
}
}
manager.CreateTransportLevelEntity(entity.Uuid, t.Name, mandatory);
}
UserEntity[] ues = manager.GetAllUsers();
entity.TransportLevels.Load();
foreach (UserEntity ue in ues)
{
ue.UserTransports.Load();
foreach (UserTransportEntity te in ue.UserTransports)
{
foreach (TransportLevelEntity t in entity.TransportLevels)
{
if (te.Transport != null)
{
if (t.Transport.Name == te.Transport.Name)
{
te.Levels.Add(entity);
}
}
}
}
}
manager.SaveChanges();
}
return new Level(entity);
}
