private CustomIdentity PermissionFetch(Csla.Security.UsernameCriteria criteria)
{
CustomIdentity obj;
using (var ctx = Csla.Data.ObjectContextManager <SecurityEntities> .GetManager("SecurityEntities"))
{
var q = (from r in ctx.ObjectContext.Users
where r.Username == criteria.Username
select r).FirstOrDefault();
if (q != null)
{
q.Roles.Load();
var roles = new List <string>();
var permissions = new List <string>();
foreach (var r in q.Roles)
{
roles.Add(r.Name);
r.Permissions.Load();
foreach (var p in r.Permissions)
{
if (!permissions.Contains(p.Name))
{
permissions.Add(p.Name);
}
}
}
obj = new CustomIdentity(q.Username, roles, permissions);
}
else
{
obj = new CustomIdentity();
}
}
return(obj);
}
public void DataPortal_Create(Csla.Security.UsernameCriteria criteria)
{
RetrieverId = Guid.NewGuid();
CreatedUserId = Guid.Empty;
WasSuccessful = false;
using (var dalManager = DalFactory.GetDalManager())
{
var customIdentityDal = dalManager.GetProvider <IUserDal>();
var result = customIdentityDal.AddUser(criteria);
if (!result.IsSuccess)
{
Exception error = result.GetExceptionFromInfo();
if (error != null)
{
throw error;
}
else
{
throw new DataAccess.Exceptions.AddUserFailedException(result.Msg);
}
}
CreatedUserId = result.Obj.Id;
WasSuccessful = true;
}
}
public async Task AddUser()
{
#region Thinking
var thinkingId = Guid.NewGuid();
History.Events.ThinkingAboutTargetEvent.Publish(thinkingId);
#endregion
var criteria = new Csla.Security.UsernameCriteria(NewUsername, NewPassword);
try
{
var creator = await Business.NewUserCreator.CreateNewAsync(criteria);
if (creator.WasSuccessful)
{
MessageBox.Show(string.Format(ViewViewModelResources.MessageNewUserAdded, NewUsername));
}
else
{
MessageBox.Show(string.Format(ViewViewModelResources.ErrorMsgAddUserWasUnsuccessful, NewUsername));
}
}
finally
{
#region Thinked
History.Events.ThinkedAboutTargetEvent.Publish(thinkingId);
#endregion
}
}
public async Task TEST_ADD_20_RANDOM_USERS_RANDOM_PASSWORDS_MUST_CLEAN_SOLUTION_FIRST()
{
int numToDo = 20;
int maxAttempts = 50;
var creationAttempts = 0;
var creationSuccesses = 0;
var isAsyncComplete = false;
var hasError = false;
EnqueueConditional(() => isAsyncComplete);
await Setup();
try
{
for (int i = 0; i < numToDo; i++)
{
string randomUsername = GenerateRandomUsername();
string randomPassword = GenerateRandomPassword();
var criteria = new Csla.Security.UsernameCriteria(randomUsername, randomPassword);
try
{
creationAttempts++;
var creator = await Business.NewUserCreator.CreateNewAsync(criteria);
creationSuccesses++;
}
catch (Exception)
{
//Don't care about errors.
//we just don't increment creationSuccesses
}
}
}
catch
{
hasError = true;
}
finally
{
EnqueueConditional(() => (creationSuccesses == numToDo) || (maxAttempts == creationAttempts));
EnqueueCallback(
() => Assert.IsFalse(hasError),
() => Assert.IsTrue(Csla.ApplicationContext.User.IsInRole(_TestRoleUser)),
() => Assert.IsTrue(creationAttempts < maxAttempts),
() => Assert.AreEqual(numToDo, creationSuccesses),
() => Teardown()
);
EnqueueTestComplete();
isAsyncComplete = true;
}
}
public CustomIdentity Fetch(Csla.Security.UsernameCriteria criteria)
{
if (string.IsNullOrEmpty(ConfigurationManager.AppSettings["CslaIsInRoleProvider"]))
{
return(DoFetch(criteria));
}
else
{
return(PermissionFetch(criteria));
}
}
public async void AddUser()
{
#region Thinking
var thinkingId = Guid.NewGuid();
History.Events.ThinkingAboutTargetEvent.Publish(thinkingId);
#endregion
var criteria = new Csla.Security.UsernameCriteria(NewUsername, NewPassword);
try
{
var result = await Business.NewUserCreator.CreateNewAsync(criteria);
MessageBox.Show(string.Format(ViewViewModelResources.MessageNewUserAdded, NewUsername));
}
catch (Exception ex)
{
}
finally
{
#region Thinked
History.Events.ThinkedAboutTargetEvent.Publish(thinkingId);
#endregion
}
}
public Result <UserDto> AddUser(Csla.Security.UsernameCriteria criteria)
{
Result <UserDto> retResult = Result <UserDto> .Undefined(null);
try
{
Common.CommonHelper.CheckAuthentication();
DalHelper.CheckAuthorizationToAddUser();
var userDto = AddUserImpl(criteria);
if (userDto == null)
{
throw new Exception();
}
retResult = Result <UserDto> .Success(userDto);
}
catch (Exception ex)
{
var wrapperEx = new Exceptions.AddUserFailedException(ex, criteria.Username);
retResult = Result <UserDto> .FailureWithInfo(null, wrapperEx);
}
return(retResult);
}
protected abstract UserDto AddUserImpl(Csla.Security.UsernameCriteria criteria);
public async Task TEST_LOGIN_ADMIN_ADD_USER_DELETE_USER_LOGOUT()
{
var newUserLoginWasSuccessful = false;
//var newUserIsInUserRole = false;
//ASSUME DELETED USER LOGIN IS SUCCESSFUL
var deletedUserLoginWasSuccessful = true;
Business.NewUserCreator creator = null;
Business.DeleteUserReadOnly deleter = null;
var isAsyncComplete = false;
var hasError = false;
EnqueueConditional(() => isAsyncComplete);
await Setup();
try
{
//LOGIN AS THE ADMIN
await UserPrincipal.LoginAsync(_TestValidUsernameAdmin, _TestValidPasswordAdmin);
//CREATE THE USER
var testNewUsername = "******";
var testNewUserPassword = "******";
var criteria = new Csla.Security.UsernameCriteria(testNewUsername, testNewUserPassword);
creator = await Business.NewUserCreator.CreateNewAsync(criteria);
//LOGOUT ADMIN
UserPrincipal.Logout();
//LOGIN AS THE NEW USER
await UserPrincipal.LoginAsync(testNewUsername, testNewUserPassword);
//CONFIRM LOGIN
newUserLoginWasSuccessful = Common.CommonHelper.CurrentUserIsAuthenticated();
//LOGOUT NEW USER
UserPrincipal.Logout();
//LOG BACK IN AS ADMIN
await UserPrincipal.LoginAsync(_TestValidUsernameAdmin, _TestValidPasswordAdmin);
//DELETE THE USER
deleter = await Business.DeleteUserReadOnly.CreateNewAsync(testNewUsername);
//LOGOUT ADMIN AGAIN
UserPrincipal.Logout();
//TRY TO LOG THE DELETED USER BACK IN, BUT SHOULD FAIL (BUT NOT THROW EXCEPTION)
await UserPrincipal.LoginAsync(testNewUsername, testNewUserPassword);
//THIS SHOULD BE FALSE.
deletedUserLoginWasSuccessful = Common.CommonHelper.CurrentUserIsAuthenticated();
EnqueueTestComplete();
}
catch
{
hasError = true;
}
finally
{
var adminRole = DataAccess.SeedData.Ton.AdminRoleText;
EnqueueCallback(
() => Assert.IsFalse(hasError),
() => Assert.IsTrue(Csla.ApplicationContext.User.IsInRole(adminRole)),
() => Assert.IsTrue(creator.WasSuccessful),
() => Assert.IsTrue(deleter.WasSuccessful),
() => Assert.IsFalse(deletedUserLoginWasSuccessful),
() => Assert.IsFalse(Common.CommonHelper.CurrentUserIsAuthenticated())
);
EnqueueTestComplete();
Teardown();
isAsyncComplete = true;
}
}
public static async Task <NewUserCreator> CreateNewAsync(Csla.Security.UsernameCriteria criteria)
{
var result = await DataPortal.CreateAsync <NewUserCreator>(criteria);
return(result);
}
protected override UserDto AddUserImpl(Csla.Security.UsernameCriteria criteria)
{
var username = criteria.Username;
var password = criteria.Password;
UserDto retResult = null;
//VALIDATE USERNAME
bool usernameIsValid = CommonHelper.UsernameIsValid(username);
if (!usernameIsValid)
{
throw new DataAccess.Exceptions.InvalidUsernameException(username);
}
//VALIDATE USER DOESN'T ALREADY EXIST
if (SeedData.Ton.ContainsUsername(username))
{
throw new DataAccess.Exceptions.UsernameAlreadyExistsException(username);
}
//VALIDATE PASSWORD
bool passwordIsValid = CommonHelper.PasswordIsValid(password);
if (!passwordIsValid)
{
throw new DataAccess.Exceptions.InvalidPasswordException(password);
}
//GENERATE UNIQUE SALT
bool saltAlreadyExists = true;
int salt = -1;
Random r = new Random(DateTime.Now.Millisecond * DateTime.Now.Minute * DateTime.Now.Month);
int maxTries = int.Parse(DalResources.MaxTriesGenerateSalt);
int tries = 0;
do
{
salt = r.Next(int.Parse(DataAccess.DalResources.MaxSaltValue));
saltAlreadyExists = SeedData.Ton.ContainsSalt(salt);
tries++;
if (tries > maxTries)
{
throw new DataAccess.Exceptions.GeneralDataAccessException("MaxTries for generating salt reached.");
}
} while (saltAlreadyExists);
//GENERATE SALTEDHASHEDPASSWORD
var saltedHashedPasswordObj = new Common.SaltedHashedPassword(password, salt);
string saltedHashedPasswordString = saltedHashedPasswordObj.Value;
//GET ROLEID FOR PLAIN USER (NOT ADMIN)
var roleId = SeedData.Ton.UserRoleId;
//CREATE ACTUAL USERDTO
UserDto newUserDto = new UserDto()
{
Id = Guid.NewGuid(),
Username = username,
Salt = salt,
SaltedHashedPasswordValue = saltedHashedPasswordString,
RoleIds = new List <Guid>()
{
roleId
}
};
//ADD THE USER TO THE SEEDDATA (WE ARE IN THE MOCK DAL)
SeedData.Ton.Users.Add(newUserDto);
//ASSIGN SUCCESFUL RESULT WITH USERDTO
retResult = newUserDto;
//RETURN RESULT
return(retResult);
}
public async Task TEST_ADD_20_RANDOM_USERS_RANDOM_PASSWORDS_MUST_CLEAN_SOLUTION_FIRST()
{
int numToDo = 20;
int maxAttempts = 50;
var creationAttempts = 0;
var creationSuccesses = 0;
var isAsyncComplete = false;
var hasError = false;
EnqueueConditional(() => isAsyncComplete);
await Setup();
try
{
for (int i = 0; i < numToDo; i++)
{
string randomUsername = GenerateRandomUsername();
string randomPassword = GenerateRandomPassword();
var criteria = new Csla.Security.UsernameCriteria(randomUsername, randomPassword);
try
{
creationAttempts++;
var creator = await Business.NewUserCreator.CreateNewAsync(criteria);
creationSuccesses++;
}
catch (Exception)
{
//Don't care about errors.
//we just don't increment creationSuccesses
}
}
}
catch
{
hasError = true;
}
finally
{
EnqueueConditional(() => (creationSuccesses == numToDo) || (maxAttempts == creationAttempts));
EnqueueCallback(
() => Assert.IsFalse(hasError),
() => Assert.IsTrue(Csla.ApplicationContext.User.IsInRole(_TestRoleUser)),
() => Assert.IsTrue(creationAttempts < maxAttempts),
() => Assert.AreEqual(numToDo, creationSuccesses),
() => Teardown()
);
EnqueueTestComplete();
isAsyncComplete = true;
}
}
public async Task TEST_LOGIN_ADMIN_ADD_USER_DELETE_USER_LOGOUT()
{
var newUserLoginWasSuccessful = false;
//var newUserIsInUserRole = false;
//ASSUME DELETED USER LOGIN IS SUCCESSFUL
var deletedUserLoginWasSuccessful = true;
Business.NewUserCreator creator = null;
Business.DeleteUserReadOnly deleter = null;
var isAsyncComplete = false;
var hasError = false;
EnqueueConditional(() => isAsyncComplete);
await Setup();
try
{
//LOGIN AS THE ADMIN
await UserPrincipal.LoginAsync(_TestValidUsernameAdmin, _TestValidPasswordAdmin);
//CREATE THE USER
var testNewUsername = "******";
var testNewUserPassword = "******";
var criteria = new Csla.Security.UsernameCriteria(testNewUsername, testNewUserPassword);
creator = await Business.NewUserCreator.CreateNewAsync(criteria);
//LOGOUT ADMIN
UserPrincipal.Logout();
//LOGIN AS THE NEW USER
await UserPrincipal.LoginAsync(testNewUsername, testNewUserPassword);
//CONFIRM LOGIN
newUserLoginWasSuccessful = Common.CommonHelper.CurrentUserIsAuthenticated();
//LOGOUT NEW USER
UserPrincipal.Logout();
//LOG BACK IN AS ADMIN
await UserPrincipal.LoginAsync(_TestValidUsernameAdmin, _TestValidPasswordAdmin);
//DELETE THE USER
deleter = await Business.DeleteUserReadOnly.CreateNewAsync(testNewUsername);
//LOGOUT ADMIN AGAIN
UserPrincipal.Logout();
//TRY TO LOG THE DELETED USER BACK IN, BUT SHOULD FAIL (BUT NOT THROW EXCEPTION)
await UserPrincipal.LoginAsync(testNewUsername, testNewUserPassword);
//THIS SHOULD BE FALSE.
deletedUserLoginWasSuccessful = Common.CommonHelper.CurrentUserIsAuthenticated();
EnqueueTestComplete();
}
catch
{
hasError = true;
}
finally
{
var adminRole = DataAccess.SeedData.Ton.AdminRoleText;
EnqueueCallback(
() => Assert.IsFalse(hasError),
() => Assert.IsTrue(Csla.ApplicationContext.User.IsInRole(adminRole)),
() => Assert.IsTrue(creator.WasSuccessful),
() => Assert.IsTrue(deleter.WasSuccessful),
() => Assert.IsFalse(deletedUserLoginWasSuccessful),
() => Assert.IsFalse(Common.CommonHelper.CurrentUserIsAuthenticated())
);
EnqueueTestComplete();
Teardown();
isAsyncComplete = true;
}
}
public async Task AddUser()
{
#region Thinking
var thinkingId = Guid.NewGuid();
History.Events.ThinkingAboutTargetEvent.Publish(thinkingId);
#endregion
var criteria = new Csla.Security.UsernameCriteria(NewUsername, NewPassword);
try
{
var creator = await Business.NewUserCreator.CreateNewAsync(criteria);
if (creator.WasSuccessful)
MessageBox.Show(string.Format(ViewViewModelResources.MessageNewUserAdded, NewUsername));
else
MessageBox.Show(string.Format(ViewViewModelResources.ErrorMsgAddUserWasUnsuccessful, NewUsername));
}
finally
{
#region Thinked
History.Events.ThinkedAboutTargetEvent.Publish(thinkingId);
#endregion
}
}
public async void AddUser()
{
#region Thinking
var thinkingId = Guid.NewGuid();
History.Events.ThinkingAboutTargetEvent.Publish(thinkingId);
#endregion
var criteria = new Csla.Security.UsernameCriteria(NewUsername, NewPassword);
try
{
var result = await Business.NewUserCreator.CreateNewAsync(criteria);
MessageBox.Show(string.Format(ViewViewModelResources.MessageNewUserAdded, NewUsername));
}
catch (Exception ex)
{
}
finally
{
#region Thinked
History.Events.ThinkedAboutTargetEvent.Publish(thinkingId);
#endregion
}
}
protected override UserDto AddUserImpl(Csla.Security.UsernameCriteria criteria)
{
var username = criteria.Username;
var password = criteria.Password;
//RECHECK AUTHORIZATION.
DalHelper.CheckAuthorizationToAddUser();
//THIS FOR LOOP IS FOR RETRYING DUE TO EF DB DEADLOCK
int maxTries = int.Parse(EfResources.MaxDeadlockAttempts);
for (int i = 0; i < maxTries; i++)
{
try
{
using (var ctx = LearnLanguagesContextManager.Instance.GetManager())
{
//VALIDATE USERNAME
bool usernameIsValid = CommonHelper.UsernameIsValid(username);
if (!usernameIsValid)
{
throw new DataAccess.Exceptions.InvalidUsernameException(username);
}
//VALIDATE USER DOESN'T ALREADY EXIST
var alreadyExists = (from userData in ctx.ObjectContext.UserDatas
where userData.Username == username
select userData).Count() > 0;
if (alreadyExists)
{
throw new DataAccess.Exceptions.UsernameAlreadyExistsException(username);
}
//VALIDATE PASSWORD
bool passwordIsValid = CommonHelper.PasswordIsValid(password);
if (!passwordIsValid)
{
throw new DataAccess.Exceptions.InvalidPasswordException(password);
}
//GENERATE UNIQUE SALT
//bool saltAlreadyExists = true;
int salt = -1;
salt = EfHelper.GenerateNewUniqueSalt(ctx.ObjectContext);
//Random r = new Random(DateTime.Now.Millisecond * DateTime.Now.Minute * DateTime.Now.Month);
//int maxSaltTries = int.Parse(DalResources.MaxTriesGenerateSalt);
//int tries = 0;
//do
//{
// salt = r.Next(int.Parse(DataAccess.DalResources.MaxSaltValue));
// saltAlreadyExists = (from userData in ctx.ObjectContext.UserDatas
// where userData.Salt == salt
// select userData).Count() > 0;
// tries++;
// if (tries > maxSaltTries)
// throw new DataAccess.Exceptions.GeneralDataAccessException("MaxTries for generating salt reached.");
//} while (saltAlreadyExists);
//GENERATE SALTEDHASHEDPASSWORD
var saltedHashedPasswordObj = new Common.SaltedHashedPassword(password, salt);
string saltedHashedPasswordString = saltedHashedPasswordObj.Value;
//GET ROLEID FOR PLAIN USER (NOT ADMIN)
var userRoleData = (from roleData in ctx.ObjectContext.RoleDatas
where roleData.Text == DalResources.RoleUser
select roleData).First();
var roleId = userRoleData.Id;
//CREATE NEW USERDATA
var newUserData = ctx.ObjectContext.UserDatas.CreateObject();
//ASSIGN PROPERTIES
newUserData.Username = username;
newUserData.Salt = salt;
newUserData.SaltedHashedPasswordValue = saltedHashedPasswordString;
newUserData.RoleDatas.Add(userRoleData);
//ADD TO CONTEXT
ctx.ObjectContext.UserDatas.AddObject(newUserData);
//SAVE CHANGES
ctx.ObjectContext.SaveChanges();
//CREATE RETURN USERDTO
var retUserDto = EfHelper.ToDto(newUserData);
//RETURN IT, WE'RE DONE.
return(retUserDto);
}
}
catch (Exception ex)
{
if (ex is System.Data.EntityCommandExecutionException &&
ex.InnerException is System.Data.SqlClient.SqlException &&
ex.InnerException.Message.Contains("Rerun the transaction"))
{
//"Transaction (Process ID 55) was deadlocked on lock resources with another process and has been chosen as the deadlock victim. Rerun the transaction."
//DO NOTHING IF THE ERROR IS A DEADLOCK. WE HAVE THIS IN A FOR LOOP THAT WILL RETRY UP TO A MAX NUMBER OF ATTEMPTS
}
else
{
#if DEBUG
System.Diagnostics.Debugger.Break();
#endif
//RETHROW THIS EXCEPTION
throw;
}
}
}
//IF WE REACH THIS POINT, THEN WE HAVE TRIED OUR MAX TRIES AT BREAKING A SQL DEADLOCK.
#if DEBUG
//if (retRoles == null)
System.Diagnostics.Debugger.Break();
#endif
var errorMsg2 = string.Format(DalResources.ErrorMsgVeryBadException,
DalResources.ErrorMsgVeryBadExceptionDetail_DeadlockRetriesExceededMaxTries);
throw new Exceptions.VeryBadException(errorMsg2);
}
