public void New_Test() { var user = new User(); var identity = new CustomIdentity<User>(user, user.Name, true); var roleProvider = new BasicRoleProvider<User>(); var principal = new CustomPrincipal<User>(identity, roleProvider); Assert.AreSame(identity, principal.Identity); Assert.AreSame(roleProvider, principal.RoleProvider); Assert.IsTrue(principal.IsInRole("any string")); Assert.Throws<ArgumentNullException>(() => new CustomPrincipal<User>(null, roleProvider)); Assert.Throws<ArgumentNullException>(() => new CustomPrincipal<User>(identity, null)); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { CustomPrincipal prinzipal = new CustomPrincipal(filterContext.HttpContext.User.Identity); if (prinzipal.IsInRole(Role)) { return; } RouteValueDictionary dictionary = new RouteValueDictionary { {"controller", "Content"}, {"action", "Show"}, {"id", "AccessDenied"} }; filterContext.Result = new RedirectToRouteResult(dictionary); }
public void TestDefaultBehavior() { // arrange var identity = new Mock <IIdentity>(); var obj = new { id = 1, firstName = "John", lastName = "Smith", roles = new[] { Constants.Roles.ADMINISTRATOR_ROLE } }; // act var principal = new CustomPrincipal(identity.Object, obj.roles, obj.id, obj.firstName, obj.lastName); // assert Assert.Equal(obj.id, principal.Id); Assert.Equal(obj.firstName, principal.FirstName); Assert.Equal(obj.lastName, principal.LastName); Assert.True(principal.IsInRole(Constants.Roles.ADMINISTRATOR_ROLE)); }
public double Process_Id(int id_Brojila) { double x = 0; CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal; if (principal.IsInRole(Permissions.execute.ToString())) { x = GetPotrosnja(id_Brojila); /// OperationContext context = OperationContext.Current; MessageProperties prop = context.IncomingMessageProperties; RemoteEndpointMessageProperty endpoint = prop[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty; string ip = endpoint.Address; /// // _listID[id_counter] = OperationContext.Current.SessionId; _listID[id_counter] = ip; id_counter++; if (IPS(ip)) // sad pogledaj da li ta ip adresa je na crnoj listi , ako jeste prekini izvrsavanje!!! { return(0); // prekini operaciju !!! } int z = IDS(_listID); if (IDS(_listID) == 3) { Console.WriteLine("Prijavljujem DooS napad"); Audit.Dos_Attack_Report(principal.Identity.Name); _listID = new string[15]; Block_listID[block_id_counter] = ip; block_id_counter++; id_counter = 0; } Audit.AuthorizationSuccess(principal.Identity.Name, Permissions.execute.ToString()); } return(x); }
private IList <RestoreQueue> InternalSelect(int startRowIndex, int maximumRows, out int resultCount) { resultCount = 0; if (maximumRows == 0) { return(new List <RestoreQueue>()); } if (SearchKeys != null) { IList <RestoreQueue> archiveQueueList = new List <RestoreQueue>(); foreach (ServerEntityKey key in SearchKeys) { archiveQueueList.Add(RestoreQueue.Load(key)); } resultCount = archiveQueueList.Count; return(archiveQueueList); } WebQueryRestoreQueueParameters parameters = new WebQueryRestoreQueueParameters(); parameters.StartIndex = startRowIndex; parameters.MaxRowCount = maximumRows; if (Partition != null) { parameters.ServerPartitionKey = Partition.Key; } if (!string.IsNullOrEmpty(PatientId)) { string key = PatientId.Replace("*", "%"); key = key.Replace("?", "_"); parameters.PatientId = key; } if (!string.IsNullOrEmpty(PatientName)) { string key = PatientName.Replace("*", "%"); key = key.Replace("?", "_"); parameters.PatientsName = key; } if (String.IsNullOrEmpty(ScheduledDate)) { parameters.ScheduledTime = null; } else { parameters.ScheduledTime = DateTime.ParseExact(ScheduledDate, DateFormats, null); } if (StatusEnum != null) { parameters.RestoreQueueStatusEnum = StatusEnum; } List <string> groupOIDs = new List <string>(); CustomPrincipal user = Thread.CurrentPrincipal as CustomPrincipal; if (user != null) { if (!user.IsInRole(MatrixPACS.Enterprise.Common.AuthorityTokens.DataAccess.AllStudies)) { foreach (var oid in user.Credentials.DataAccessAuthorityGroups) { groupOIDs.Add(oid.ToString()); } parameters.CheckDataAccess = true; parameters.UserAuthorityGroupGUIDs = StringUtilities.Combine(groupOIDs, ","); } } IList <RestoreQueue> list = _searchController.FindRestoreQueue(parameters); resultCount = parameters.ResultCount; return(list); }
private IList <WorkQueue> InternalSelect(int startRowIndex, int maximumRows, out int resultCount) { resultCount = 0; if (maximumRows == 0) { return(new List <WorkQueue>()); } if (SearchKeys != null) { IList <WorkQueue> workQueueList = new List <WorkQueue>(); foreach (ServerEntityKey key in SearchKeys) { workQueueList.Add(WorkQueue.Load(key)); } resultCount = workQueueList.Count; return(workQueueList); } WebWorkQueueQueryParameters parameters = new WebWorkQueueQueryParameters { StartIndex = startRowIndex, MaxRowCount = maximumRows }; if (Partition != null) { parameters.ServerPartitionKey = Partition.Key; } if (!string.IsNullOrEmpty(PatientsName)) { string key = PatientsName.Replace("*", "%"); key = key.Replace("?", "_"); parameters.PatientsName = key; } if (!string.IsNullOrEmpty(PatientId)) { string key = PatientId.Replace("*", "%"); key = key.Replace("?", "_"); parameters.PatientID = key; } if (!string.IsNullOrEmpty(ProcessingServer)) { string key = ProcessingServer.Replace("*", "%"); key = key.Replace("?", "_"); parameters.ProcessorID = key; } if (String.IsNullOrEmpty(ScheduledDate)) { parameters.ScheduledTime = null; } else { parameters.ScheduledTime = DateTime.ParseExact(ScheduledDate, DateFormats, null); } if (TypeEnums != null && TypeEnums.Length > 0) { string types = "("; if (TypeEnums.Length == 1) { types += TypeEnums[0].Enum; } else { string separator = ""; foreach (WorkQueueTypeEnum typeEnum in TypeEnums) { types += separator + typeEnum.Enum; separator = ","; } } parameters.Type = types + ")"; } if (StatusEnums != null && StatusEnums.Length > 0) { string statuses = "("; if (StatusEnums.Length == 1) { statuses += StatusEnums[0].Enum; } else { string separator = ""; foreach (WorkQueueStatusEnum statusEnum in StatusEnums) { statuses += separator + statusEnum.Enum; separator = ","; } } parameters.Status = statuses + ")"; } if (PriorityEnum != null) { parameters.Priority = PriorityEnum; } List <string> groupOIDs = new List <string>(); CustomPrincipal user = Thread.CurrentPrincipal as CustomPrincipal; if (user != null) { if (!user.IsInRole(ClearCanvas.Enterprise.Common.AuthorityTokens.DataAccess.AllStudies)) { foreach (var oid in user.Credentials.DataAccessAuthorityGroups) { groupOIDs.Add(oid.ToString()); } parameters.CheckDataAccess = true; parameters.UserAuthorityGroupGUIDs = StringUtilities.Combine(groupOIDs, ","); } } IList <WorkQueue> list = _searchController.FindWorkQueue(parameters); resultCount = parameters.ResultCount; return(list); }
protected void Page_Load(object sender, EventArgs e) { //if (System.Web.HttpContext.Current.User.Identity.IsAuthenticated) //{ CustomPrincipal cp = HttpContext.Current.User as CustomPrincipal; String activepage = Request.RawUrl; if (cp != null && cp.IsInRole("Admin")) { AdminPanel.Visible = true; CandidatePanel.Visible = false; } if (cp == null || cp.IsInRole("Candidate")) { if (activepage.Contains("RegisterCandidate.aspx") || activepage.Contains("ViewCandidate.aspx") || activepage.Contains("CandidateManagement2.aspx") || activepage.Contains("AddProfession.aspx") || activepage.Contains("AddSkillSet.aspx") || activepage.Contains("AddRegion.aspx") || activepage.Contains("AddJobPosting.aspx") || activepage.Contains("ViewJobPosting.aspx") || activepage.Contains("ModifyJobPosting.aspx") || activepage.Contains("ViewReports.aspx")) { Response.Redirect("/Default.aspx"); } AdminPanel.Visible = false; CandidatePanel.Visible = true; } if (cp == null) { CandidateProfileLink.Visible = false; LinkButton1.Visible = false; RegisterCandidateLink.Visible = true; LoginLink.Visible = true; RegisterAccountLink.Visible = true; } #region ActiveLinkCheck if (activepage.Contains("Default.aspx")) { DefaultLink.Attributes.Add("class", "nav-link active"); DefaultLink2.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("RegisterCandidate.aspx")) { RegisterCandidateLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("ViewCandidate.aspx")) { ViewCandidateLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("AddJobPosting.aspx")) { AddJobPostingLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("ModifyJobPosting.aspx")) { ModifyJobPostingLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("ViewJobPosting.aspx")) { ViewJobpostingLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("CandidateManagement.aspx")) { CandidateManagementLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("CandidateProfile.aspx")) { CandidateProfileLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("Contact.aspx")) { ContactLink.Attributes.Add("class", "nav-link active"); ContactLink2.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("ViewReports.aspx")) { ReportLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("AddProfession.aspx")) { AddProfessionLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("AddSkillSet.aspx")) { AddSkillsetLink.Attributes.Add("class", "nav-link active"); } else if (activepage.Contains("AddRegion.aspx")) { AddRegionLink.Attributes.Add("class", "nav-link active"); } else { DefaultLink.Attributes.Add("class", "nav-link active"); DefaultLink2.Attributes.Add("class", "nav-link active"); } #endregion //} //else //{ // SignOut.Text = "Sign In"; //} }
public override void OnAuthorization(HttpActionContext actionContext) { try { AuthenticationHeaderValue authValue = actionContext.Request.Headers.Authorization; if (authValue != null && !String.IsNullOrWhiteSpace(authValue.Parameter) && authValue.Scheme == BasicAuthResponseHeaderValue) { Credentials parsedCredentials = ParseAuthorizationHeader(authValue.Parameter); if (parsedCredentials != null) { var user = Context.Users.Where(u => u.Name == parsedCredentials.Username).FirstOrDefault(); bool VerifyPassword = HashSalt.VerifyPassword(parsedCredentials.Password, user.PasswordHash, user.PasswordSalt); if (user != null && VerifyPassword) { List <string> list = new List <string>(); string[] userinroles = user.Role.Split(','); foreach (var item in userinroles) { list.Add(item); } var roles = list.ToArray(); var authorizedUsers = ConfigurationManager.AppSettings[UsersConfigKey]; var authorizedRoles = ConfigurationManager.AppSettings[RolesConfigKey]; Users = String.IsNullOrEmpty(Users) ? authorizedUsers : Users; Roles = String.IsNullOrEmpty(Roles) ? authorizedRoles : Roles; CurrentUser = new CustomPrincipal(parsedCredentials.Username, roles); if (!String.IsNullOrEmpty(Roles)) { if (!CurrentUser.IsInRole(Roles)) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden); actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue); return; } } if (!String.IsNullOrEmpty(Users)) { if (!Users.Contains(CurrentUser.UserId.ToString())) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden); actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue); return; } } } } } } catch (Exception) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); actionContext.Response.Headers.Add(BasicAuthResponseHeader, BasicAuthResponseHeaderValue); return; } }
/// <summary> /// Retrieves a Boolean value indicating whether the specified System.Web.SiteMapNode /// object can be viewed by the user in the specified context. /// </summary> /// <param name="context">The System.Web.HttpContext that contains user information.</param> /// <param name="node">The System.Web.SiteMapNode that is requested by the user.</param> /// <returns>True if security trimming is enabled and node can be viewed by the user or security trimming is not enabled; otherwise, false.</returns> public override bool IsAccessibleToUser(HttpContext context, SiteMapNode node) { CustomPrincipal user = HttpContext.Current.User as CustomPrincipal; if (node == null) { throw new ArgumentNullException("node"); } if (context == null) { throw new ArgumentNullException("context"); } if (!this.SecurityTrimmingEnabled) { return(true); } if ((node.Roles != null) && (node.Roles.Count > 0)) { foreach (string role in node.Roles) { if (!string.Equals(role, "*", StringComparison.InvariantCultureIgnoreCase) && ((user == null) || !user.IsInRole(role))) { continue; } return(true); } } return(false); }
public static bool IsInRole(this Controller controller, Role role) { CustomPrincipal prinzipal = new CustomPrincipal(controller.HttpContext.User.Identity); return prinzipal.IsInRole(role); }
public static bool IsInRole2(this CustomPrincipal user, string role) { return(user?.IsInRole(role) ?? false); }