protected void btnCreateStore_Click(object sender, EventArgs e)
{
IAzManStorage storage = new SqlAzManStorage(ConfigurationManager.ConnectionStrings["NetSqlAzManStorage"].ConnectionString);
storage.OpenConnection();
try
{
storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
IAzManStore store = storage.CreateStore("Store Created Programmatically", "store description");
for (int i = 0; i < 10; i++)
{
IAzManApplication app = store.CreateApplication("App " + i.ToString(), "application description");
IAzManItem prevItem = null;
for (int j = 0; j < 10; j++)
{
IAzManItem item = app.CreateItem("Item " + j.ToString(), "item description", ItemType.Operation);
if (prevItem != null)
{
item.AddMember(prevItem);
}
prevItem = item;
}
}
storage.CommitTransaction();
}
catch
{
storage.RollBackTransaction();
throw;
}
finally
{
storage.CloseConnection();
}
}
/// <summary>
/// Adds the specified user names to the specified roles for the configured applicationName.
/// </summary>
/// <param name="usernames">A string array of user names to be added to the specified roles.</param>
/// <param name="roleNames">A string array of the role names to add the specified user names to.</param>
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString))
{
try
{
storage.OpenConnection();
storage.BeginTransaction();
IAzManApplication application = storage[this.storeName][this.applicationName];
foreach (string roleName in roleNames)
{
IAzManItem role = application.GetItem(roleName);
if (role.ItemType != ItemType.Role)
{
throw new ArgumentException(String.Format("{0} must be a Role.", roleName));
}
foreach (string username in usernames)
{
IAzManSid owner = new SqlAzManSID(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User);
WhereDefined whereDefined = WhereDefined.LDAP;
if (this.userLookupType == "LDAP")
{
string fqun = this.getFQUN(username);
NTAccount ntaccount = new NTAccount(fqun);
if (ntaccount == null)
{
throw SqlAzManException.UserNotFoundException(username, null);
}
IAzManSid sid = new SqlAzManSID(((SecurityIdentifier)(ntaccount.Translate(typeof(SecurityIdentifier)))));
if (sid == null)
{
throw SqlAzManException.UserNotFoundException(username, null);
}
role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.LDAP, AuthorizationType.Allow, null, null);
}
else
{
var dbuser = application.GetDBUser(username);
IAzManSid sid = dbuser.CustomSid;
role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.Database, AuthorizationType.Allow, null, null);
}
}
}
storage.CommitTransaction();
//Rebuild StorageCache
this.InvalidateCache(false);
}
catch
{
storage.RollBackTransaction();
throw;
}
finally
{
storage.CloseConnection();
}
}
}
/// <summary>
/// Create a Full Storage through .NET code
/// </summary>
private void CreateFullStorage()
{
// USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Administrators
//Sql Storage connection string
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
//Create an instance of SqlAzManStorage class
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
//Open Storage Connection
storage.OpenConnection();
//Begin a new Transaction
storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
//Create a new Store
IAzManStore newStore = storage.CreateStore("My Store", "Store description");
//Create a new Basic StoreGroup
IAzManStoreGroup newStoreGroup = newStore.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), "My Store Group", "Store Group Description", String.Empty, GroupType.Basic);
//Retrieve current user SID
IAzManSid mySid = new SqlAzManSID(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User);
//Add myself as sid of "My Store Group"
IAzManStoreGroupMember storeGroupMember = newStoreGroup.CreateStoreGroupMember(mySid, WhereDefined.Local, true);
//Create a new Application
IAzManApplication newApp = newStore.CreateApplication("New Application", "Application description");
//Create a new Role
IAzManItem newRole = newApp.CreateItem("New Role", "Role description", ItemType.Role);
//Create a new Task
IAzManItem newTask = newApp.CreateItem("New Task", "Task description", ItemType.Task);
//Create a new Operation
IAzManItem newOp = newApp.CreateItem("New Operation", "Operation description", ItemType.Operation);
//Add "New Operation" as a sid of "New Task"
newTask.AddMember(newOp);
//Add "New Task" as a sid of "New Role"
newRole.AddMember(newTask);
//Create an authorization for myself on "New Role"
IAzManAuthorization auth = newRole.CreateAuthorization(mySid, WhereDefined.Local, mySid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null);
//Create a custom attribute
IAzManAttribute <IAzManAuthorization> attr = auth.CreateAttribute("New Key", "New Value");
//Create an authorization for DB User "Andrea" on "New Role"
IAzManAuthorization auth2 = newRole.CreateAuthorization(mySid, WhereDefined.Local, storage.GetDBUser("Andrea").CustomSid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null);
//Commit transaction
storage.CommitTransaction();
//Close connection
storage.CloseConnection();
}
/// <summary>
/// Removes the specified user names from the specified roles for the configured applicationName.
/// </summary>
/// <param name="usernames">A string array of user names to be removed from the specified roles.</param>
/// <param name="roleNames">A string array of role names to remove the specified user names from.</param>
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString))
{
try
{
storage.OpenConnection();
storage.BeginTransaction();
IAzManApplication application = storage[this.storeName][this.applicationName];
foreach (string roleName in roleNames)
{
IAzManItem role = application.GetItem(roleName);
if (role.ItemType != ItemType.Role)
{
throw new ArgumentException(String.Format("{0} must be a Role.", roleName));
}
foreach (IAzManAuthorization auth in role.GetAuthorizations())
{
string displayName;
auth.GetMemberInfo(out displayName);
foreach (string username in usernames)
{
if (String.Compare(this.getFQUN(username), displayName, true) == 0)
{
auth.Delete();
}
}
}
}
storage.CommitTransaction();
//Rebuild StorageCache
this.InvalidateCache(false);
}
catch
{
storage.RollBackTransaction();
throw;
}
finally
{
storage.CloseConnection();
}
}
}
private void CreaStrutturaSuNetSqlAzMan(string connectionString, int n)
{
this.Clessidra(true);
this.StartTimer();
WindowsIdentity id = WindowsIdentity.GetCurrent();
IAzManStorage storage = new SqlAzManStorage(connectionString);
storage.ENS.AuthorizationCreated += new NetSqlAzMan.ENS.AuthorizationCreatedDelegate(ENS_AuthorizationCreated);
try
{
IAzManStore s = storage["Store Stress Test"];
if (s != null)
{
s.Delete();
}
}
catch { }
storage.OpenConnection();
storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
IAzManStore store = storage.CreateStore("Store Stress Test", String.Empty);
this.pb.Maximum = n - 1;
for (int a = 0; a < n; a++)
{
IAzManApplication app = store.CreateApplication("Application" + a.ToString(), String.Empty);
this.pb.Value = a;
Application.DoEvents();
for (int i = 0; i < n; i++)
{
IAzManItem role = app.CreateItem("Role" + i.ToString(), String.Empty, ItemType.Role);
IAzManItem task = app.CreateItem("Task" + i.ToString(), String.Empty, ItemType.Task);
IAzManItem op = app.CreateItem("Operation" + i.ToString(), String.Empty, ItemType.Operation);
role.AddMember(task);
task.AddMember(op);
role.CreateAuthorization(new SqlAzManSID(id.User), WhereDefined.LDAP, new SqlAzManSID(id.User), WhereDefined.LDAP, AuthorizationType.Allow, null, null); //add current Windows user
//role.CreateAuthorization(new SqlAzManSID(id.User), WhereDefined.LDAP, new SqlAzManSID(storage.GetDBUser("Andrea").CustomSid.BinaryValue, true), WhereDefined.Database, AuthorizationType.Allow, null, null); //add Andrea DB User
}
}
//storage.RollBackTransaction();
storage.CommitTransaction();
storage.CloseConnection();
this.StopTimer(this.txtNetSqlAzManElapsed);
this.Clessidra(false);
}
/// <summary>
/// Removes the specified user names from the specified roles for the configured applicationName.
/// </summary>
/// <param name="usernames">A string array of user names to be removed from the specified roles.</param>
/// <param name="roleNames">A string array of role names to remove the specified user names from.</param>
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString))
{
try
{
storage.OpenConnection();
storage.BeginTransaction();
IAzManApplication application = storage[this.storeName][this.applicationName];
foreach (string roleName in roleNames)
{
IAzManItem role = application.GetItem(roleName);
if (role.ItemType != ItemType.Role)
throw new ArgumentException(String.Format("{0} must be a Role.", roleName));
foreach (IAzManAuthorization auth in role.GetAuthorizations())
{
string displayName;
auth.GetMemberInfo(out displayName);
foreach (string username in usernames)
{
if (String.Compare(this.getFQUN(username), displayName, true) == 0)
{
auth.Delete();
}
}
}
}
storage.CommitTransaction();
//Rebuild StorageCache
this.InvalidateCache(false);
}
catch
{
storage.RollBackTransaction();
throw;
}
finally
{
storage.CloseConnection();
}
}
}
/// <summary>
/// Adds the specified user names to the specified roles for the configured applicationName.
/// </summary>
/// <param name="usernames">A string array of user names to be added to the specified roles.</param>
/// <param name="roleNames">A string array of the role names to add the specified user names to.</param>
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString))
{
try
{
storage.OpenConnection();
storage.BeginTransaction();
IAzManApplication application = storage[this.storeName][this.applicationName];
foreach (string roleName in roleNames)
{
IAzManItem role = application.GetItem(roleName);
if (role.ItemType != ItemType.Role)
throw new ArgumentException(String.Format("{0} must be a Role.", roleName));
foreach (string username in usernames)
{
IAzManSid owner = new SqlAzManSID(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User);
WhereDefined whereDefined = WhereDefined.LDAP;
if (this.userLookupType == "LDAP")
{
string fqun = this.getFQUN(username);
NTAccount ntaccount = new NTAccount(fqun);
if (ntaccount == null)
throw SqlAzManException.UserNotFoundException(username, null);
IAzManSid sid = new SqlAzManSID(((SecurityIdentifier)(ntaccount.Translate(typeof(SecurityIdentifier)))));
if (sid == null)
throw SqlAzManException.UserNotFoundException(username, null);
role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.LDAP, AuthorizationType.Allow, null, null);
}
else
{
var dbuser = application.GetDBUser(username);
IAzManSid sid = dbuser.CustomSid;
role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.Database, AuthorizationType.Allow, null, null);
}
}
}
storage.CommitTransaction();
//Rebuild StorageCache
this.InvalidateCache(false);
}
catch
{
storage.RollBackTransaction();
throw;
}
finally
{
storage.CloseConnection();
}
}
}
