public int InsertNode(ADItem aditem) { if (string.Equals(aditem.Class, "foreignsecurityprincipal", StringComparison.OrdinalIgnoreCase) && aditem.ObjectSid != null) { return(InsertUnknownSidNode(aditem.ObjectSid.Value)); } Node node = new Node(); node.Type = aditem.Class.ToLowerInvariant(); node.Dn = aditem.DistinguishedName; node.Sid = (aditem.ObjectSid != null ? aditem.ObjectSid.Value : null); if (!string.IsNullOrEmpty(node.Sid) && (node.Sid.EndsWith("-513") || node.Sid.EndsWith("-515"))) { node.EveryoneLikeGroup = true; } node.Shortname = aditem.DisplayName; node.ADItem = aditem; // reentrance from previous if if (string.IsNullOrEmpty(node.Shortname)) { node.Shortname = aditem.Name; } if (string.IsNullOrEmpty(node.Shortname)) { Regex re = new Regex(@"^(?:OU|CN)=(?<cn>.+?)(?<!\\),(?<ou>(?:(?:OU|CN).+?(?<!\\),)*(?<dc>DC.+?))$"); Match m = re.Match(aditem.DistinguishedName); if (!m.Success) { node.Shortname = "<none>"; } else { node.Shortname = m.Groups[1].Value; } } if (string.Equals(node.Type, "unknown", StringComparison.OrdinalIgnoreCase)) { if (node.Dn.Contains(",CN=ForeignSecurityPrincipals,DC=")) { node.Type = "foreignsecurityprincipal"; node.Sid = node.Dn.Substring(3, node.Dn.IndexOf(',') - 3); } } return(CreateNode(node)); }
private void GenerateComputerData(FakeHealthCheckDataGeneratorDomainModel model, HealthcheckData healthcheckData) { healthcheckData.OperatingSystem = new List <HealthcheckOSData>(); healthcheckData.ComputerAccountData = new HealthcheckAccountData(); int size = GetCountFromSize(model); for (int i = 0; i < size; i++) { ADItem x = new ADItem(); x.DistinguishedName = "CN=123"; // disabled x.UserAccountControl += BoolOnChance(15) * 0x00000002; //preauth x.UserAccountControl += BoolOnChance(1) * 0x400000; // locked x.UserAccountControl += BoolOnChance(4) * 0x00000010; // pwd never expires x.UserAccountControl += BoolOnChance(10) * 0x00010000; // pwd not required x.UserAccountControl += BoolOnChance(2) * 0x00000020; // trusted to authenticate x.UserAccountControl += BoolOnChance(2) * 0x80000; x.PrimaryGroupID = 515 + BoolOnChance(1); new HealthcheckAnalyzer().ProcessAccountData(healthcheckData.ComputerAccountData, x, true); } healthcheckData.LoginScript = new List <HealthcheckLoginScriptData>(); healthcheckData.DomainControllers = new List <HealthcheckDomainController>(); size = (int)Math.Exp(Math.Log10(size) / 2); if (size < 1) { size = 1; } for (int i = 0; i < size; i++) { HealthcheckDomainController dc = new HealthcheckDomainController(); dc.DCName = "DC" + i; dc.CreationDate = DateBetween2Dates(healthcheckData.DomainCreation, DateTime.Now); // last logon timestam can have a delta of 14 days dc.LastComputerLogonDate = DateTime.Now.AddDays(-1 * rnd.Next(180)); dc.DistinguishedName = "DC=DC"; dc.OperatingSystem = "Windows 2019"; healthcheckData.DomainControllers.Add(dc); } }
private void AddADRelation(ADItem aditem) { if (aditem.DistinguishedName != null && !aditem.DistinguishedName.StartsWith("DC=", StringComparison.OrdinalIgnoreCase)) { string parentcontainer = GetContainerDN(aditem.DistinguishedName); Storage.InsertRelation(parentcontainer, MappingType.Name, aditem.DistinguishedName, MappingType.Name, RelationType.container_hierarchy); } if (aditem.MemberOf != null) { foreach (string member in aditem.MemberOf) { Storage.InsertRelation(aditem.DistinguishedName, MappingType.Name, member, MappingType.Name, RelationType.group_member); } } if (aditem.Member != null) { foreach (string member in aditem.Member) { Storage.InsertRelation(member, MappingType.Name, aditem.DistinguishedName, MappingType.Name, RelationType.group_member); } } if (aditem.PrimaryGroupID > 0) { Storage.InsertRelation(aditem.DistinguishedName, MappingType.Name, DomainInfo.DomainSid + "-" + aditem.PrimaryGroupID, MappingType.Sid, RelationType.primary_group_member); } if (aditem.NTSecurityDescriptor != null) { InsertSecurityDescriptorRelation(aditem); } if (aditem.msDSAllowedToActOnBehalfOfOtherIdentity != null) { InsertDelegationRelation(aditem); } if (!String.IsNullOrEmpty(aditem.GPLink)) { InsertGPORelation(aditem); } if (aditem.SIDHistory != null) { foreach (SecurityIdentifier sidHistory in aditem.SIDHistory) { Storage.InsertRelation(aditem.DistinguishedName, MappingType.Name, sidHistory.Value, MappingType.Sid, RelationType.SIDHistory); } } }
private void ExportReportData(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, LiveDataStorage storage, GraphObjectReference objectReference, List <string> UsersToInvestigate) { ADItem aditem = null; foreach (var typology in objectReference.Objects.Keys) { var toDelete = new List <GraphSingleObject>(); foreach (var obj in objectReference.Objects[typology]) { DisplayAdvancement("Working on " + obj.Description); aditem = Search(adws, domainInfo, obj.Name); if (aditem != null) { relationFactory.AnalyzeADObject(aditem); } else { Trace.WriteLine("Unable to find the user: "******"Working on " + user); aditem = Search(adws, domainInfo, user); if (aditem != null) { objectReference.Objects[Data.CompromiseGraphDataTypology.UserDefined].Add(new GraphSingleObject(user, user)); relationFactory.AnalyzeADObject(aditem); } else { Trace.WriteLine("Unable to find the user: " + user); } } AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage); relationFactory.InsertFiles(); AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage); }
//图片预览 public List <ADItem> getListShow(long AC_ID) { List <ADItem> listSC = new List <ADItem>(); string sqlStr = "select AI_ID,FileName,OrderID,Length,FileLength,StoreName from ADItem where IsDisplay =1 and BDate <=getdate() and getdate()<=EDate and AC_ID =" + AC_ID; SqlDataReader sqlRead = SQLHelper.ExecuteReader(conString, CommandType.Text, sqlStr.ToString()); while (sqlRead.Read()) { ADItem adSC = new ADItem(); adSC.AI_ID = long.Parse(sqlRead["AI_ID"].ToString()); adSC.Length = short.Parse(sqlRead["Length"].ToString()); adSC.OrderID = short.Parse(sqlRead["OrderID"].ToString()); adSC.FileName = sqlRead["FileName"].ToString(); adSC.StoreName = sqlRead["StoreName"].ToString(); adSC.FileLength = int.Parse(sqlRead["FileLength"].ToString()); listSC.Add(adSC); } sqlRead.Close(); return(listSC); }
private ADItem Search(ADWebService adws, ADDomainInfo domainInfo, string userName) { ADItem output = null; WorkOnReturnedObjectByADWS callback = (ADItem aditem) => { output = aditem; }; if (userName.StartsWith("S-1-5")) { adws.Enumerate(domainInfo.DefaultNamingContext, "(objectSid=" + ADConnection.EncodeSidToString(userName) + ")", properties, callback); } adws.Enumerate(domainInfo.DefaultNamingContext, "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + ADConnection.EscapeLDAP(userName) + "))", properties, callback); if (output != null) { return(output); } adws.Enumerate(domainInfo.DefaultNamingContext, "(cn=" + ADConnection.EscapeLDAP(userName) + ")", properties, callback); if (output != null) { return(output); } adws.Enumerate(domainInfo.DefaultNamingContext, "(displayName=" + ADConnection.EscapeLDAP(userName) + ")", properties, callback); if (output != null) { return(output); } return(output); }
/// <summary> /// 排序下移 /// </summary> /// <param name="AI_ID"></param> /// <param name="orderID"></param> /// <returns></returns> public Message downOrder(ADItem info) { Message jsonMessage; bool resultB = false; string reStr = ""; long aiID = -1; int upOrderID = -1; //查找比当前OrderID还要小的值是否存在; string sqlStr = "select min(ai_id) ai_id,min(orderID) orderID from ADItem where orderID>" + info.OrderID + " and AC_ID=" + info.AC_ID; SqlDataReader infoReader = SQLHelper.ExecuteReader(conString, CommandType.Text, sqlStr.ToString()); if (infoReader.Read() && infoReader["ai_id"].ToString() != "") { aiID = long.Parse(infoReader["ai_id"].ToString()); upOrderID = int.Parse(infoReader["orderID"].ToString()); } infoReader.Close(); //当没有查到数据时,证明为最后一行,不能下移; if (aiID == -1) { reStr = "已排最后一行,不需要下移!"; } else //进行排名修改,即把两条记录的排序编号进行调换; { string sqlUpOrderID = "update ADItem set orderID = " + upOrderID + " where Ai_ID=" + info.AI_ID + ";"; sqlUpOrderID += "update ADItem set orderID = " + info.OrderID + " where Ai_ID=" + aiID + ";"; resultB = SQLHelper.ExecuteNonQuery(conString, CommandType.Text, sqlUpOrderID.ToString()) > 0; } if (resultB) { reStr = "上移成功!"; } jsonMessage = new Message() { Result = resultB, TxtMessage = reStr }; return(jsonMessage); }
public void AnalyzeADObject(ADItem aditem) { // avoid reentry which can be caused by primary group id checks if (aditem.ObjectSid != null) { if (Storage.SearchItem(aditem.ObjectSid.Value) != -1) { Trace.WriteLine("Item " + aditem.DistinguishedName + " has already been analyzed"); return; } } Trace.WriteLine("Working on " + aditem.DistinguishedName); Storage.InsertNode(aditem); if (String.Equals(aditem.Class, "foreignsecurityprincipal", StringComparison.OrdinalIgnoreCase)) { return; } // membership, security descriptor, ... AddADRelation(aditem); // GPO, script AddFileRelation(aditem); }
private void InsertNode(ADItem aditem) { string shortname = aditem.Name; //if (aditem.Class.Equals("foreignSecurityPrincipal", StringComparison.InvariantCultureIgnoreCase) && aditem.ObjectSid != null) //{ // shortname = NativeMethods.ConvertSIDToName(aditem.ObjectSid.Value, null); //} if (String.IsNullOrEmpty(shortname)) { Regex re = new Regex(@"^(?:OU|CN)=(?<cn>.+?)(?<!\\),(?<ou>(?:(?:OU|CN).+?(?<!\\),)*(?<dc>DC.+?))$"); Match m = re.Match(aditem.DistinguishedName); if (!m.Success) { shortname = "<none>"; } else { shortname = m.Groups[1].Value; } } Storage.InsertNode(shortname, aditem.Class, aditem.DistinguishedName, (aditem.ObjectSid != null ? aditem.ObjectSid.Value : null)); }
private SingleCompromiseGraphComputerMemberData BuildMembersComputer(ADItem x) { var member = new SingleCompromiseGraphComputerMemberData(); member.Name = x.SAMAccountName; member.DistinguishedName = x.DistinguishedName; member.LastLogonTimestamp = x.LastLogonTimestamp; if ((x.UserAccountControl & 0x00000002) != 0) { } else { member.IsEnabled = true; // last login since 6 months if (x.LastLogonTimestamp.AddDays(6 * 31) > DateTime.Now) { member.IsActive = true; } else { } if (x.ServicePrincipalName != null && x.ServicePrincipalName.Length > 0) { member.SPN = new List <string>(x.ServicePrincipalName); } if ((x.UserAccountControl & 0x00000010) != 0) { member.IsLocked = true; } // this account is sensitive and cannot be delegated if ((x.UserAccountControl & 0x100000) == 0) { member.CanBeDelegated = true; } } return(member); }
public Group(ADItem parent, string name) : base(parent, Guid.NewGuid().ToString(), name) { mItems = new List <Item>(); mGroups = new List <Group>(); }
private void InsertSecurityDescriptorRelation(ADItem aditem) { ActiveDirectorySecurity sd = aditem.NTSecurityDescriptor; Storage.InsertRelation(sd.GetOwner(typeof(SecurityIdentifier)).Value, MappingType.Sid, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.AD_OWNER); // relations can be duplicated - will slow down import Dictionary <string, List <RelationType> > relationToAdd = new Dictionary <string, List <RelationType> >(); foreach (ActiveDirectoryAccessRule accessrule in sd.GetAccessRules(true, false, typeof(SecurityIdentifier))) { // ignore audit / denied ace if (accessrule.AccessControlType != AccessControlType.Allow) { continue; } RelationType restrictedObject = RelationType.container_hierarchy; if ((accessrule.ObjectFlags & ObjectAceFlags.ObjectAceTypePresent) != 0) { switch (accessrule.ObjectType.ToString().ToLowerInvariant()) { case "4828cc14-1437-45bc-9b07-ad6f015e5f28": // inetorg case "bf967aba-0de6-11d0-a285-00aa003049e2": // user restrictedObject = RelationType.RestrictedToUser; break; case "bf967a86-0de6-11d0-a285-00aa003049e2": restrictedObject = RelationType.RestrictedToComputer; break; case "bf967aa5-0de6-11d0-a285-00aa003049e2": restrictedObject = RelationType.RestrictedToOU; break; case "bf967a9c-0de6-11d0-a285-00aa003049e2": restrictedObject = RelationType.RestrictedToGroup; break; case "ce206244-5827-4a86-ba1c-1c0c386c1b64": case "7b8b558a-93a5-4af7-adca-c017e67f1057": restrictedObject = RelationType.RestrictedToMsaOrGmsa; break; case "f30e3bc2-9ff0-11d1-b603-0000f80367c1": restrictedObject = RelationType.RestrictedToGpo; break; default: continue; } } // ADS_RIGHT_GENERIC_ALL if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.GenericAll)) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.GEN_RIGHT_ALL); } else { // ADS_RIGHT_GENERIC_WRITE if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.GenericWrite)) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.GEN_RIGHT_WRITE); } // ADS_RIGHT_WRITE_DAC if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.WriteDacl)) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.ADS_RIGHT_WRITE_DAC); } // ADS_RIGHT_WRITE_OWNER if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.WriteOwner)) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.ADS_RIGHT_WRITE_OWNER); } if (accessrule.ObjectFlags == ObjectAceFlags.None) { // ADS_RIGHT_DS_CONTROL_ACCESS if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.ExtendedRight)) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.EXT_RIGHT_ALL); } // ADS_RIGHT_DS_SELF if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.Self)) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.VAL_WRITE_ALL); } // ADS_RIGHT_DS_WRITE_PROP if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.WriteProperty)) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.WRITE_PROP_ALL); } } else if ((accessrule.ObjectFlags & ObjectAceFlags.ObjectAceTypePresent) == ObjectAceFlags.ObjectAceTypePresent) { // ADS_RIGHT_DS_CONTROL_ACCESS if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.ExtendedRight)) { foreach (KeyValuePair <Guid, RelationType> extendedright in GuidsControlExtendedRights) { if (extendedright.Key == accessrule.ObjectType) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, extendedright.Value); } } } // ADS_RIGHT_DS_SELF if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.Self)) { foreach (KeyValuePair <Guid, RelationType> validatewrite in GuidsControlValidatedWrites) { if (validatewrite.Key == accessrule.ObjectType) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, validatewrite.Value); } } } // ADS_RIGHT_DS_WRITE_PROP if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.WriteProperty)) { foreach (KeyValuePair <Guid, RelationType> controlproperty in GuidsControlProperties) { if (controlproperty.Key == accessrule.ObjectType) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlproperty.Value); } } foreach (KeyValuePair <Guid, RelationType> controlpropertyset in GuidsControlPropertiesSets) { if (controlpropertyset.Key == accessrule.ObjectType) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlpropertyset.Value); } } } if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.ReadProperty)) { foreach (KeyValuePair <Guid, RelationType> controlproperty in GuidsReadProperties) { if (controlproperty.Key == accessrule.ObjectType) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlproperty.Value); } } } } } if (restrictedObject != RelationType.container_hierarchy && relationToAdd.ContainsKey(accessrule.IdentityReference.Value)) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, restrictedObject); } } foreach (string target in relationToAdd.Keys) { foreach (RelationType link in relationToAdd[target]) { Storage.InsertRelation(target, MappingType.Sid, aditem.DistinguishedName, MappingType.DistinguishedName, link); } } }
private void AddADRelation(ADItem aditem) { if (aditem.DistinguishedName != null && !aditem.DistinguishedName.StartsWith("DC=", StringComparison.OrdinalIgnoreCase)) { string parentcontainer = GetContainerDN(aditem.DistinguishedName); Storage.InsertRelation(parentcontainer, MappingType.DistinguishedName, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.container_hierarchy); } if (aditem.Member != null) { foreach (string member in aditem.Member) { Storage.InsertRelation(member, MappingType.DistinguishedName, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.group_member); } } if (aditem.PrimaryGroupID > 0) { // don't link users with Domain User or Domain Computers ! It will build a complicated graph else if (aditem.PrimaryGroupID != 513 && aditem.PrimaryGroupID != 515) { Storage.InsertRelation(aditem.DistinguishedName, MappingType.DistinguishedName, DomainInfo.DomainSid + "-" + aditem.PrimaryGroupID, MappingType.Sid, RelationType.primary_group_member); } } if (aditem.NTSecurityDescriptor != null) { InsertSecurityDescriptorRelation(aditem); } if (delegations != null) { List <string> sidDelegated = new List <string>(); if (!string.IsNullOrEmpty(aditem.DNSHostName) && delegations.ContainsKey(aditem.DNSHostName)) { foreach (var item in delegations[aditem.DNSHostName]) { if (!sidDelegated.Contains(item)) { sidDelegated.Add(item); } } } if (!string.IsNullOrEmpty(aditem.SAMAccountName) && delegations.ContainsKey(aditem.SAMAccountName.Replace("$", ""))) { foreach (var item in delegations[aditem.SAMAccountName.Replace("$", "")]) { if (!sidDelegated.Contains(item)) { sidDelegated.Add(item); } } } foreach (var item in sidDelegated) { if (protocolTransitionSid.Contains(item)) { Storage.InsertRelation(item, MappingType.Sid, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.msDS_Allowed_To_Delegate_To_With_Protocol_Transition); } else { Storage.InsertRelation(item, MappingType.Sid, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.msDS_Allowed_To_Delegate_To); } } } if (aditem.msDSAllowedToActOnBehalfOfOtherIdentity != null) { InsertDelegationRelation(aditem); } if (!String.IsNullOrEmpty(aditem.GPLink)) { InsertGPORelation(aditem); } if (aditem.SIDHistory != null) { foreach (SecurityIdentifier sidHistory in aditem.SIDHistory) { Storage.InsertRelation(aditem.DistinguishedName, MappingType.DistinguishedName, sidHistory.Value, MappingType.Sid, RelationType.SIDHistory); } } }
public int InsertNode(string shortname, string objectclass, string name, string sid, ADItem adItem) { if (String.Equals(objectclass, "unknown", StringComparison.OrdinalIgnoreCase)) { if (name.Contains(",CN=ForeignSecurityPrincipals,DC=")) { objectclass = "foreignsecurityprincipal"; sid = name.Substring(3, name.IndexOf(',') - 3); } } // reentrance from previous if if (String.Equals(objectclass, "foreignsecurityprincipal", StringComparison.OrdinalIgnoreCase)) { // avoid CREATOR OWNER (used for dynamic permissions) if (String.Equals(sid, "S-1-3-0", StringComparison.OrdinalIgnoreCase)) { return(-1); } if (String.Equals(sid, "S-1-5-18", StringComparison.OrdinalIgnoreCase)) { return(-1); } string referencedDomain = null; string ntaccount = NativeMethods.ConvertSIDToName(sid, serverForSIDResolution, out referencedDomain); if (ntaccount == shortname) { if (String.IsNullOrEmpty(referencedDomain)) { ntaccount = shortname; } else { ntaccount = referencedDomain + "\\" + shortname; } } shortname = ntaccount; name = sid; adItem = null; } Node node = new Node(); node.Shortname = shortname; node.Type = objectclass; node.Dn = name; node.Sid = sid; node.ADItem = adItem; //12345 lock (nodes) { Trace.WriteLine("Inserting node " + index + " name=" + node.Name + " sid=" + node.Sid + " shortname=" + node.Shortname); node.Id = index; nodes.Add(index, node); if (!string.IsNullOrEmpty(name)) { if (name.StartsWith("\\\\")) { KnownFiles.Add(name); if (FilesToInvestigate.Contains(name)) { FilesToInvestigate.Remove(name); } } else { KnownCN.Add(name); if (CNToInvestigate.Contains(name)) { CNToInvestigate.Remove(name); } } } if (!String.IsNullOrEmpty(sid)) { KnownSID.Add(sid); if (SIDToInvestigate.Contains(sid)) { SIDToInvestigate.Remove(sid); } // handle primary group id if (objectclass == "group") { if (sid.StartsWith("S-1-5-21-")) { var part = sid.Split('-'); int PGId = int.Parse(part[part.Length - 1]); if (!KnownPGId.Contains(PGId) && !PGIdToInvestigate.Contains(PGId)) { PGIdToInvestigate.Add(PGId); } } } } return(index++); } }
private void InsertSecurityDescriptorRelation(ADItem aditem) { ActiveDirectorySecurity sd = aditem.NTSecurityDescriptor; Storage.InsertRelation(sd.GetOwner(typeof(SecurityIdentifier)).Value, MappingType.Sid, aditem.DistinguishedName, MappingType.Name, RelationType.AD_OWNER); // relations can be duplicated - will slow down import Dictionary <string, List <RelationType> > relationToAdd = new Dictionary <string, List <RelationType> >(); foreach (ActiveDirectoryAccessRule accessrule in sd.GetAccessRules(true, false, typeof(SecurityIdentifier))) { // ignore audit / denied ace if (accessrule.AccessControlType != AccessControlType.Allow) { continue; } // ADS_RIGHT_GENERIC_ALL if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.GenericAll) == ActiveDirectoryRights.GenericAll) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.GEN_RIGHT_ALL); } // ADS_RIGHT_GENERIC_WRITE if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.GenericWrite) == ActiveDirectoryRights.GenericWrite) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.GEN_RIGHT_WRITE); } // ADS_RIGHT_WRITE_DAC if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.WriteDacl) == ActiveDirectoryRights.WriteDacl) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.ADS_RIGHT_WRITE_DAC); } // ADS_RIGHT_WRITE_OWNER if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.WriteOwner) == ActiveDirectoryRights.WriteOwner) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.ADS_RIGHT_WRITE_OWNER); } if (accessrule.ObjectFlags == ObjectAceFlags.None) { // ADS_RIGHT_DS_CONTROL_ACCESS if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.ExtendedRight) == ActiveDirectoryRights.ExtendedRight) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.EXT_RIGHT_ALL); } // ADS_RIGHT_DS_SELF if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.Self) == ActiveDirectoryRights.Self) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.VAL_WRITE_ALL); } // ADS_RIGHT_DS_WRITE_PROP if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.WriteProperty) == ActiveDirectoryRights.WriteProperty) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.WRITE_PROP_ALL); } } else if ((accessrule.ObjectFlags & ObjectAceFlags.ObjectAceTypePresent) == ObjectAceFlags.ObjectAceTypePresent) { if (new Guid("00299570-246d-11d0-a768-00aa006e0529") == accessrule.ObjectType) { } // ADS_RIGHT_DS_CONTROL_ACCESS if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.ExtendedRight) == ActiveDirectoryRights.ExtendedRight) { foreach (KeyValuePair <Guid, RelationType> extendedright in GuidsControlExtendedRights) { if (extendedright.Key == accessrule.ObjectType) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, extendedright.Value); } } } // ADS_RIGHT_DS_SELF if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.Self) == ActiveDirectoryRights.Self) { foreach (KeyValuePair <Guid, RelationType> validatewrite in GuidsControlValidatedWrites) { if (validatewrite.Key == accessrule.ObjectType) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, validatewrite.Value); } } } // ADS_RIGHT_DS_WRITE_PROP if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.WriteProperty) == ActiveDirectoryRights.WriteProperty) { foreach (KeyValuePair <Guid, RelationType> controlproperty in GuidsControlProperties) { if (controlproperty.Key == accessrule.ObjectType) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlproperty.Value); } } foreach (KeyValuePair <Guid, RelationType> controlpropertyset in GuidsControlPropertiesSets) { if (controlpropertyset.Key == accessrule.ObjectType) { IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlpropertyset.Value); } } } } } foreach (string target in relationToAdd.Keys) { foreach (RelationType link in relationToAdd[target]) { Storage.InsertRelation(target, MappingType.Sid, aditem.DistinguishedName, MappingType.Name, link); } } }
/// <summary> /// 修改主题 /// </summary> /// <param name="info"></param> /// <returns></returns> public Message Edit(ADItem model) { Message jsonMessage; bool resultB = false; string reStr = ""; try { StringBuilder strSql = new StringBuilder(); strSql.Append("update ADItem set "); strSql.Append("AC_ID=@AC_ID,"); strSql.Append("OrderID=@OrderID,"); strSql.Append("FileName=@FileName,"); strSql.Append("BDate=@BDate,"); strSql.Append("EDate=@EDate,"); strSql.Append("Length=@Length,"); strSql.Append("StoreName=@StoreName,"); strSql.Append("IsDisplay=@IsDisplay,"); strSql.Append("StorePath=@StorePath,"); strSql.Append("FileLength=@FileLength"); strSql.Append(" where AI_ID=@AI_ID"); SqlParameter[] parameters = { new SqlParameter("@AC_ID", SqlDbType.BigInt, 8), new SqlParameter("@OrderID", SqlDbType.SmallInt, 2), new SqlParameter("@FileName", SqlDbType.VarChar, 20), new SqlParameter("@BDate", SqlDbType.DateTime), new SqlParameter("@EDate", SqlDbType.DateTime), new SqlParameter("@Length", SqlDbType.SmallInt, 2), new SqlParameter("@StoreName", SqlDbType.Char, 20), new SqlParameter("@IsDisplay", SqlDbType.Bit, 1), new SqlParameter("@StorePath", SqlDbType.VarChar), new SqlParameter("@FileLength", SqlDbType.Int, 4), new SqlParameter("@AI_ID", SqlDbType.BigInt, 8) }; parameters[0].Value = model.AC_ID; parameters[1].Value = model.OrderID; parameters[2].Value = model.FileName; parameters[3].Value = model.BDate; parameters[4].Value = model.EDate; parameters[5].Value = model.Length; parameters[6].Value = model.StoreName; parameters[7].Value = model.IsDisplay; parameters[8].Value = model.StorePath; parameters[9].Value = model.FileLength; parameters[10].Value = model.AI_ID; resultB = SQLHelper.ExecuteNonQuery(conString, CommandType.Text, strSql.ToString(), parameters) > 0; } catch (Exception e) { reStr = e.ToString(); } if (!resultB) { reStr = "修改失败!"; } else { //反回Json字段串: reStr = "{\"AI_ID\":\"" + model.AI_ID + "\",\"IsDisplay\":\"" + model.IsDisplay + "\",\"Length\":\"" + model.Length + "\",\"EDate\":\"" + model.EDate + "\",\"BDate\":\"" + model.BDate + "\",\"AC_ID\":\"" + model.AC_ID + "\",\"OrderID\":\"" + model.OrderID + "\",\"FileName\":\"" + model.FileName + "\"}"; } jsonMessage = new Message() { Result = resultB, TxtMessage = reStr }; return(jsonMessage); }
public void AddSIDHistoryDetail(Healthcheck.HealthcheckAccountDetailData item, ADItem x) { AddWithoutDetail("SidHistory"); }
public override ADItem Clone(ADItem parent) { return(Item.FromXML(parent, this.ToXML())); }
public override void DoLoginedHandlerWork(HttpContext context) { Message jsonMessage; jsonMessage = new Message() { Result = false, TxtMessage = "权限验证失败,可能原因:\n1、数据中心通讯失败。\n2、系统管理员未与您分配对应操作权限。" }; string AjaxType = context.Request.QueryString["AType"] == null ? string.Empty : context.Request.QueryString["AType"].ToString().ToUpper(); ADItem Info = new ADItem(); WCFServiceProxy <IADItemDAL> proxy = null; Info = new CommonModelFactory <ADItem>().GetModelFromContext(context); proxy = new WCFServiceProxy <IADItemDAL>(); //文件控制接口 WCFServiceProxy <IADFileService> fileContrl = new WCFServiceProxy <IADFileService>(); try { switch (AjaxType) {//查询用户 case "QUERY": CommonSearch <ADItem> InfoSearch = new CommonSearch <ADItem>(); string Where = "1=1 "; if (context.Request.Form["TWhere"] != null && context.Request.Form["TWhere"].ToString().Trim() != string.Empty) { Where += context.Request.Form["TWhere"].ToString(); } SearchCondition sCondition = new SearchCondition() { TBName = "ADItem", TFieldKey = "AI_ID", TTotalCount = -1, TPageCurrent = 1, TFieldOrder = "OrderID asc", TWhere = Where }; List <ADItem> list = InfoSearch.GetList(ref sCondition, context); jsonMessage = new Message() { Result = true, TxtMessage = JSon.ListToJson <ADItem>(list, sCondition.TTotalCount) }; break; //列表 case "QUERYVIEW": CommonSearch <ADItem> InfoSearchView = new CommonSearch <ADItem>(); Where = "1=1 "; if (context.Request.Form["TWhere"] != null && context.Request.Form["TWhere"].ToString().Trim() != string.Empty) { Where += context.Request.Form["TWhere"].ToString(); } sCondition = new SearchCondition() { TBName = "ADItem", TFieldKey = "AI_ID", TTotalCount = -1, TPageCurrent = 1, TFieldOrder = " OrderID asc", TWhere = Where }; List <ADItem> listView = InfoSearchView.GetList(ref sCondition, context); //SysCookie.UrlParaStr = "InfoCount?" + listView.Count;//取得条数据,方便生成序列号 jsonMessage = new Message() { Result = true, TxtMessage = JSon.ListToJson <ADItem>(listView, sCondition.TTotalCount) }; break; //添加广告内容 case "ADD": //提取上传地址配置值 string ADFilePath = System.Configuration.ConfigurationManager.AppSettings["ADFilePath"].ToString(); HttpPostedFile postedFile = context.Request.Files[0]; //提取扩展名 string fileExtendName = Info.FileName.Substring(Info.FileName.IndexOf("."), Info.FileName.Length - Info.FileName.IndexOf(".")); //将文件存到服务器上 postedFile.SaveAs(ADFilePath + @"\" + Info.FileName); //将生成文件流 System.IO.Stream stream = postedFile.InputStream; //将文件转换成文件流并存入二进制数组 byte[] data = new byte[stream.Length]; stream.Read(data, 0, data.Length); stream.Close(); Info.FileLength = data.Length; Info.StorePath = postedFile.FileName; Info.StoreName = loginOperator.CompanyID + string.Format("{0:yyMMdd}", DateTime.Now) + AdMComm.GetAddZero(proxy.getChannel.userPuFileNum(loginOperator.CompanyID) + 1, 5) + fileExtendName; //调用共用文件上传接口 string fileRetrue = fileContrl.getChannel.UpLoad(loginOperator.CompanyID, Info.StoreName, data); jsonMessage = proxy.getChannel.Add(Info); break; case "EDIT": HttpFileCollection files = HttpContext.Current.Request.Files; if (files.Count > 0) { //提取上传地址配置值 string eADFilePath = System.Configuration.ConfigurationManager.AppSettings["ADFilePath"].ToString(); HttpPostedFile epostedFile = context.Request.Files[0]; //提取扩展名 string efileExtendName = Info.FileName.Substring(Info.FileName.IndexOf("."), Info.FileName.Length - Info.FileName.IndexOf(".")); //将文件存到服务器上 epostedFile.SaveAs(eADFilePath + @"\" + Info.FileName); //将生成文件流 System.IO.Stream estream = epostedFile.InputStream; //将文件转换成文件流并存入二进制数组 byte[] edata = new byte[estream.Length]; estream.Read(edata, 0, edata.Length); estream.Close(); Info.FileLength = edata.Length; Info.StorePath = epostedFile.FileName; Info.StoreName = loginOperator.CompanyID + string.Format("{0:yyMMdd}", DateTime.Now) + AdMComm.GetAddZero(proxy.getChannel.userPuFileNum(loginOperator.CompanyID) + 1, 5) + efileExtendName; //调用共用文件上传接口 string efileRetrue = fileContrl.getChannel.UpLoad(loginOperator.CompanyID, Info.StoreName, edata); } jsonMessage = proxy.getChannel.Edit(Info); break; case "UPORDER": //if (Info.OrderID != null) orderIDre = short.Parse(Info.OrderID.ToString()); jsonMessage = proxy.getChannel.upOrder(Info); break; case "DOWNORDER": //if (Info.OrderID != null) orderIDre = short.Parse(Info.OrderID.ToString()); jsonMessage = proxy.getChannel.downOrder(Info); break; //删除信息 case "DELFILE": jsonMessage = proxy.getChannel.Delete(Info.AI_ID); //调用共用文件接口,删除文件 string dfileRetrue = fileContrl.getChannel.Delete(loginOperator.CompanyID, Info.StoreName); break; default: jsonMessage = new Message() { Result = false, TxtMessage = "1.操作未定义!" }; break; } } catch (Exception ex) { jsonMessage = new Message() { Result = false, TxtMessage = ex.Message }; } finally { if (proxy != null) { proxy.CloseChannel(); } } context.Response.Write(JSon.TToJson <Message>(jsonMessage)); }