/// <summary>
/// Check Access from your Application [FOR Windows Users ONLY].
/// </summary>
/// <param name="dbUserName">DB Username</param>
private void CheckAccessPermissionsForDBUsers(string dbUserName)
{
// REMBER:
// Modify dbo.GetDBUsers Table-Function to customize DB User list.
// USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Readers
//Sql Storage connection string
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
//Create an instance of SqlAzManStorage class
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
//Retrieve DB User identity from dbo.GetDBUsers Table-Function
IAzManDBUser dbUser = storage.GetDBUser(dbUserName);
AuthorizationType auth = storage.CheckAccess("My Store", "My Application", "My Operation", dbUser, DateTime.Now, true);
switch (auth)
{
case AuthorizationType.AllowWithDelegation:
//Yes, I can ... and I can delegate
break;
case AuthorizationType.Allow:
//Yes, I can
break;
case AuthorizationType.Neutral:
case AuthorizationType.Deny:
//No, I cannot
break;
}
}
protected void Button2_Click(object sender, EventArgs e)
{
IAzManStorage storage = new SqlAzManStorage("data source=(local);Initial Catalog=NetSqlAzManStorage;user id=sa;password="******"Andrea");
UserPermissionCache cache = new UserPermissionCache(storage, "Store Stress Test", "Application0", andrea, true, true);
Session["cache"] = cache;
}
public List <Role> GetUserPermissionsNotification(string userName, string store, string application)
{
//throw new NotImplementedException();
//string userSid = userId.ToString("X");
//string zeroes = string.Empty;
//for (int start = 0; start < 8 - userSid.Length; start++)
// zeroes += "0";
string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString;
IAzManStorage AzManStore = new SqlAzManStorage(connectionString);
StorageCache storage = new StorageCache(connectionString);
//storage.BuildStorageCache(store, application);
//new AuthorizedItem(){}
//AuthorizedItem[] items = storage.GetAuthorizedItems(store, application, AzManStore.GetDBUser(userName).CustomSid.StringValue, DateTime.Now);
//AuthorizedItem[] items = storage.GetAuthorizedItems("CATS", application, AzManStore.GetDBUser(userName).CustomSid.StringValue, DateTime.Now, null);
var allItems = storage.Storage.GetStore(store).GetApplication(application).Items;
////var d = CheckAccess(AzManStore.GetDBUser(userName), application, "EW Coordinator", AzManStore);
var roleItems = (
from t in allItems
where t.Value.ItemType == ItemType.Role
select t
);
var roles = new List <Role>();
foreach (var item in roleItems)
{
var r = new Role();
r.RoleName = item.Value.Name;
r.IsChecked = CheckAccess(AzManStore.GetDBUser(userName), application, item.Value.Name, AzManStore);
if (r.IsChecked)
{
roles.Add(r);
}
}
//AuthorizedItem[] items = storage.GetAuthorizedItems();
//var f =(from t in items where t.Authorization == AuthorizationType.Allow && t.Type == ItemType.Role select new Role { RoleName = t.Name }).ToList();
return(roles);
}
/// <summary>
/// Create a Full Storage through .NET code
/// </summary>
private void CreateFullStorage()
{
// USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Administrators
//Sql Storage connection string
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
//Create an instance of SqlAzManStorage class
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
//Open Storage Connection
storage.OpenConnection();
//Begin a new Transaction
storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
//Create a new Store
IAzManStore newStore = storage.CreateStore("My Store", "Store description");
//Create a new Basic StoreGroup
IAzManStoreGroup newStoreGroup = newStore.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), "My Store Group", "Store Group Description", String.Empty, GroupType.Basic);
//Retrieve current user SID
IAzManSid mySid = new SqlAzManSID(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User);
//Add myself as sid of "My Store Group"
IAzManStoreGroupMember storeGroupMember = newStoreGroup.CreateStoreGroupMember(mySid, WhereDefined.Local, true);
//Create a new Application
IAzManApplication newApp = newStore.CreateApplication("New Application", "Application description");
//Create a new Role
IAzManItem newRole = newApp.CreateItem("New Role", "Role description", ItemType.Role);
//Create a new Task
IAzManItem newTask = newApp.CreateItem("New Task", "Task description", ItemType.Task);
//Create a new Operation
IAzManItem newOp = newApp.CreateItem("New Operation", "Operation description", ItemType.Operation);
//Add "New Operation" as a sid of "New Task"
newTask.AddMember(newOp);
//Add "New Task" as a sid of "New Role"
newRole.AddMember(newTask);
//Create an authorization for myself on "New Role"
IAzManAuthorization auth = newRole.CreateAuthorization(mySid, WhereDefined.Local, mySid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null);
//Create a custom attribute
IAzManAttribute <IAzManAuthorization> attr = auth.CreateAttribute("New Key", "New Value");
//Create an authorization for DB User "Andrea" on "New Role"
IAzManAuthorization auth2 = newRole.CreateAuthorization(mySid, WhereDefined.Local, storage.GetDBUser("Andrea").CustomSid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null);
//Commit transaction
storage.CommitTransaction();
//Close connection
storage.CloseConnection();
}
public ActionResult Login(LoginModel model, string returnUrl)
{
// Check if the supplied credentials are correct.
ViewBag.HasError = false;
ViewBag.returnUrl = returnUrl;
// Create logger instance to record activities
var log = new Logger();
try
{
if (_userAccountService.Authenticate(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, true);
// Will be refactored
var user = _userAccountService.GetUserDetail(model.UserName);
user.LogginDate = DateTime.Now;
user.NumberOfLogins += 1;
// Session["USER_PROFILE"] = user;
_userAccountService.UpdateUser(user);
// Add user information to session variable to avoid frequent trip to the databas
var service = (IUserAccountService)DependencyResolver.Current.GetService(typeof(IUserAccountService));
var userInfo = service.GetUserInfo(model.UserName);
Session["USER_INFO"] = userInfo;
Session["USER_PROFILE"] = service.GetUserDetail(model.UserName);
// Before trying to go and look for user permissions, check if the user is logged in or not
//// Load user permissions
IAzManStorage storage = new SqlAzManStorage(ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString);
IAzManDBUser dbUser = storage.GetDBUser(user.UserName);
// Early Warning user permissions
UserPermissionCache earlyWarningPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.EARLY_WARNING, dbUser, true, false);
Session[CatsGlobals.EARLY_WARNING_PERMISSIONS] = earlyWarningPermissionCache;
//PSNP user permission
UserPermissionCache psnpPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.PSNP, dbUser, true, false);
Session[CatsGlobals.PSNP_PERMISSIONS] = psnpPermissionCache;
// Logistics user permissions
UserPermissionCache logisticsPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.LOGISTICS, dbUser, true, false);
Session[CatsGlobals.LOGISTICS_PERMISSIONS] = logisticsPermissionCache;
// Procurement user permissions
UserPermissionCache procurementPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.PROCUREMENT, dbUser, true, false);
Session[CatsGlobals.PROCUREMENT_PERMISSIONS] = procurementPermissionCache;
// Hub user permissions
UserPermissionCache hubPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.HUB, dbUser, true, false);
Session[CatsGlobals.HUB_PERMISSIONS] = hubPermissionCache;
// Regional user permissions
UserPermissionCache regionalPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.REGION, dbUser, true, false);
Session[CatsGlobals.REGION_PERMISSIONS] = regionalPermissionCache;
// Regional user permissions
UserPermissionCache financePermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.FINANCE, dbUser, true, false);
Session[CatsGlobals.FINANCE_PERMISSIONS] = financePermissionCache;
// Whatever permission we are going to have!
_log.Info("Logged in User: "******"Administrator", "Manage User Account");
//service.GetUserPermissions(model.UserName, "CATS", "Finance");
return(RedirectToLocal(returnUrl));
}
}
catch (UserNotFoundException unfe)
{
log.LogAllErrorsMesseges(unfe, _log);
ViewBag.HasError = true;
ViewBag.Error = unfe.ToString();
ViewBag.ErrorMessage = "Your user name is not registered as a user on CATS. Please contact your system administrator.";
}
catch (DisabledUserException due)
{
log.LogAllErrorsMesseges(due, _log);
ViewBag.HasError = true;
ViewBag.Error = due.ToString();
ViewBag.ErrorMessage = "Your user account is disabled. Please contact your system administrator.";
}
catch (UnmatchingUsernameAndPasswordException uuape)
{
log.LogAllErrorsMesseges(uuape, _log);
ViewBag.HasError = true;
ViewBag.Error = uuape.ToString();
ViewBag.ErrorMessage = "The user name and password you provided do not match. Please try again with a correct combination.";
}
catch (Exception exception)
{
log.LogAllErrorsMesseges(exception, _log);
ViewBag.HasError = true;
ViewBag.Error = exception.ToString();
ViewBag.ErrorMessage = "Login failed. Try logging in with the right user name and password.";
ModelState.AddModelError("", exception.Message);
}
return(View());
}
