/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private List <Object> accessrequestlist(IAMDatabase database, Dictionary <String, Object> parameters)
{
List <Object> result = new List <Object>();
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
Int32 page = 1;
Int32 pageSize = 10;
if (parameters.ContainsKey("page"))
{
Int32.TryParse(parameters["page"].ToString(), out page);
}
if (parameters.ContainsKey("page_size"))
{
Int32.TryParse(parameters["page_size"].ToString(), out pageSize);
}
if (pageSize < 1)
{
pageSize = 1;
}
if (page < 1)
{
page = 1;
}
Int32 rStart = ((page - 1) * pageSize) + 1;
Int32 rEnd = rStart + (pageSize - 1);
/*
* select * from st_workflow_request r with(nolock)
* inner join entity e with(nolock) on e.id = r.entity_id
* inner join context c with(nolock) on c.id = e.context_id
* */
String sql = "";
sql += "WITH result_set AS (";
sql += " SELECT ";
sql += " ROW_NUMBER() OVER (ORDER BY r.create_date) AS [row_number], r.*, e.context_id, c.enterprise_id, e.full_name, e.login";
sql += " from st_workflow_request r with(nolock) ";
sql += " inner join entity e with(nolock) on e.id = r.entity_id ";
sql += " inner join context c with(nolock) on c.id = e.context_id ";
sql += " where (c.enterprise_id = @enterprise_id ";
if ((parameters.ContainsKey("filter")) && (parameters["filter"] is Dictionary <String, Object>))
{
Dictionary <String, Object> filter = (Dictionary <String, Object>)parameters["filter"];
foreach (String k in filter.Keys)
{
switch (k.ToLower())
{
case "text":
if (!String.IsNullOrWhiteSpace(filter["text"].ToString()))
{
par.Add("@text", typeof(String)).Value = filter["text"].ToString();
sql += " and (e.full_name like '%'+@text+'%' or e.login like '%'+@text+'%' or r.description like '%'+@text+'%')";
}
break;
case "contextid":
if (!String.IsNullOrWhiteSpace(filter["contextid"].ToString()))
{
try
{
Int64 tmp = Int64.Parse(filter["contextid"].ToString());
par.Add("@context_id", typeof(Int64)).Value = tmp;
sql += " and c.id = @context_id";
}
catch { }
}
break;
case "workflowid":
if (!String.IsNullOrWhiteSpace(filter["workflowid"].ToString()))
{
try
{
Int64 tmp = Int64.Parse(filter["workflowid"].ToString());
par.Add("@workflow_id", typeof(Int64)).Value = tmp;
sql += " and r.workflow_id = @workflow_id";
}
catch { }
}
break;
case "status":
if (!String.IsNullOrWhiteSpace(filter["status"].ToString()))
{
try
{
WorkflowRequestStatus tmp = (WorkflowRequestStatus)Int32.Parse(filter["status"].ToString());
par.Add("@status", typeof(Int32)).Value = (Int32)tmp;
sql += " and r.status = @status";
}
catch { }
}
break;
}
}
}
sql += " )";
sql += ") SELECT";
sql += " *";
sql += " FROM";
sql += " result_set";
sql += " WHERE";
sql += " [row_number] BETWEEN " + rStart + " AND " + rEnd;
DataTable dtRequest = database.ExecuteDataTable(sql, CommandType.Text, par, null);
if ((dtRequest != null) && (dtRequest.Rows.Count > 0))
{
foreach (DataRow dr1 in dtRequest.Rows)
{
using (IAMRBAC rbac = new IAMRBAC())
if (!rbac.UserAdmin(database, Acl.EntityId, this._enterpriseId))
{
using (WorkflowRequest request = new WorkflowRequest((Int64)dr1["id"]))
{
WorkflowRequestProccess proc = request.GetInicialData(database);
if (!proc.Success)
{
Error(ErrorType.InternalError, proc.Message, proc.Debug, null);
return(null);
}
if (!database.ExecuteScalar <Boolean>("select case when COUNT(*) > 0 then CAST(1 as bit) else CAST(0 as bit) end from entity e with(nolock) where e.id = " + Acl.EntityId + " and (e.id in (" + request.Workflow.Owner + "," + request.Activity.ManualApproval.EntityApprover + ") or e.id in (select i.entity_id from identity_role ir with(nolock) inner join [identity] i with(nolock) on i.id = ir.identity_id where ir.role_id = " + request.Activity.ManualApproval.RoleApprover + "))", CommandType.Text, null))
{
continue;
}
}
}
Dictionary <string, object> newItem = new Dictionary <string, object>();
newItem.Add("access_request_id", dr1["id"]);
newItem.Add("userid", dr1["entity_id"]);
newItem.Add("context_id", dr1["context_id"]);
newItem.Add("enterprise_id", dr1["enterprise_id"]);
newItem.Add("workflow_id", dr1["workflow_id"]);
newItem.Add("status", dr1["status"]);
newItem.Add("description", dr1["description"]);
newItem.Add("entity_full_name", dr1["full_name"]);
newItem.Add("entity_login", dr1["login"]);
newItem.Add("deployed", dr1["deployed"]);
newItem.Add("start_date", (dr1["start_date"] != DBNull.Value ? (Int32)((((DateTime)dr1["start_date"]) - new DateTime(1970, 1, 1)).TotalSeconds) : 0));
newItem.Add("end_date", (dr1["end_date"] != DBNull.Value ? (Int32)((((DateTime)dr1["end_date"]) - new DateTime(1970, 1, 1)).TotalSeconds) : 0));
newItem.Add("create_date", (dr1["create_date"] != DBNull.Value ? (Int32)((((DateTime)dr1["create_date"]) - new DateTime(1970, 1, 1)).TotalSeconds) : 0));
WorkflowConfig wk = new WorkflowConfig();
wk.GetDatabaseData(database, (Int64)dr1["workflow_id"]);
newItem.Add("workflow", wk.ToJsonObject());
result.Add(newItem);
}
}
return(result);
}
private void WorkflowTimer(Object state)
{
if (executing)
{
return;
}
executing = true;
startTime = DateTime.Now;
try
{
IAMDatabase db = null;
try
{
db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword);
db.openDB();
db.Timeout = 900;
DataTable dtRequests = db.ExecuteDataTable("select id, workflow_id from [st_workflow_request] r with(nolock) where r.deployed = 0 order by r.create_date");
if ((dtRequests != null) && (dtRequests.Rows.Count > 0))
{
try
{
TextLog.Log("WorkflowProcessor", "Starting workflow processor timer");
foreach (DataRow dr in dtRequests.Rows)
{
try
{
WorkflowRequest request = new WorkflowRequest((Int64)dr["id"]);
request.GetInicialData(db);
WorkflowConfig workflow = new WorkflowConfig();
workflow.GetDatabaseData(db, (Int64)dr["workflow_id"]);
switch (request.Status)
{
case WorkflowRequestStatus.Deny:
case WorkflowRequestStatus.Expired:
case WorkflowRequestStatus.UserCanceled:
//Somente atualiza como deployed, para não ficar verificando
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
continue;
break;
case WorkflowRequestStatus.Waiting:
//Verifica escalation
DateTime escalation = request.ActivityCreated.AddDays(request.Activity.EscalationDays);
DateTime expired = request.ActivityCreated.AddDays(request.Activity.ExpirationDays);
if (expired.CompareTo(DateTime.Now) < 0)
{
request.SetStatus(db, WorkflowRequestStatus.Escalated, request.UserId);
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
}
else if (escalation.CompareTo(DateTime.Now) < 0)
{
request.SetStatus(db, WorkflowRequestStatus.Escalated, request.UserId);
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
}
break;
case WorkflowRequestStatus.Escalated:
//Verifica escalation
DateTime expired2 = request.ActivityCreated.AddDays(request.Activity.ExpirationDays);
if (expired2.CompareTo(DateTime.Now) < 0)
{
request.SetStatus(db, WorkflowRequestStatus.Expired, request.UserId);
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
}
break;
case WorkflowRequestStatus.Approved:
//Somente executa alguma ação quando não há mais nenhuma atividade a ser executada
if (request.NextActivity == null)
{
switch (workflow.AccessType)
{
case WorkflowAccessType.RoleGrant:
WorkflowAccessRoleGrant rg = (WorkflowAccessRoleGrant)workflow.Access;
//Seleciona todas as identidades do usuário e adiciona na role
DataTable drIdent = db.ExecuteDataTable("select i.* from [identity] i with(nolock) inner join resource_plugin rp with(nolock) on i.resource_plugin_id = rp.id where rp.enable_import = 1 and rp.permit_add_entity = 1 and i.entity_id = " + request.UserId);
if ((drIdent == null) || (drIdent.Rows.Count == 0))
{
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = "No inbound identity found for allow access";
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
else
{
//Lista o nome e id de todas as roles que serão utilizadas
List <String> roleList = new List <String>();
foreach (Int64 r in rg.Roles)
{
roleList.Add(r.ToString());
}
DataTable drRoles = db.ExecuteDataTable("select * from [role] where id in (" + String.Join(",", roleList) + ")");
if ((drRoles == null) || (drRoles.Rows.Count == 0))
{
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = "No role found for allow access";
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
else
{
String roleNames = "";
//Adiciona as roles
foreach (DataRow dr2 in drIdent.Rows)
{
foreach (DataRow drRole in drRoles.Rows)
{
DbParameterCollection par = new DbParameterCollection();
par.Add("@identity_id", typeof(Int64)).Value = dr2["id"];
par.Add("@role_id", typeof(Int64)).Value = drRole["id"];
Boolean added = db.ExecuteScalar <Boolean>("sp_insert_identity_role", CommandType.StoredProcedure, par);
if (added)
{
roleNames += drRole["name"] + Environment.NewLine;
}
}
}
if (roleNames != null)
{
db.AddUserLog(LogKey.User_IdentityRoleBind, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, request.UserId, 0, "Entity bind to roles by workflow access request", roleNames);
}
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = "Entity bind to roles";
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
}
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
break;
}
}
break;
case WorkflowRequestStatus.Revoked:
//Remove as permissões dadas
switch (workflow.AccessType)
{
case WorkflowAccessType.RoleGrant:
WorkflowAccessRoleGrant rg = (WorkflowAccessRoleGrant)workflow.Access;
//Lista o nome e id de todas as roles que serão utilizadas
List <String> roleList = new List <String>();
foreach (Int64 r in rg.Roles)
{
roleList.Add(r.ToString());
}
String log = "";
DataTable drRoles = db.ExecuteDataTable("select distinct ir.*, r.name role_name from [role] r with(nolock) inner join identity_role ir with(nolock) on ir.role_id = r.id inner join [identity] i with(nolock) on ir.identity_id = i.id where i.entity_id = " + request.UserId + " and r.id in (" + String.Join(",", roleList) + ")");
if ((drRoles != null) && (drRoles.Rows.Count > 0))
{
foreach (DataRow dr2 in drRoles.Rows)
{
log += "Identity unbind to role " + dr2["role_name"] + Environment.NewLine;
db.AddUserLog(LogKey.User_IdentityRoleUnbind, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, request.UserId, (Int64)dr2["identity_id"], "Identity unbind to role " + dr2["role_name"]);
db.ExecuteNonQuery("delete from identity_role where identity_id = " + dr2["identity_id"] + " and role_id = " + dr2["role_id"], CommandType.Text, null);
}
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = log;
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
else
{
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = "No permission to remove";
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
break;
}
break;
case WorkflowRequestStatus.UnderReview:
//Nada
break;
}
}
catch (Exception ex)
{
db.AddUserLog(LogKey.Workflow, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, 0, 0, "Workflow proccess error", ex.Message);
}
}
}
finally
{
if (db != null)
{
db.Dispose();
}
TextLog.Log("WorkflowProcessor", "Finishing workflow processor timer");
}
}
db.closeDB();
}
finally
{
if (db != null)
{
db.Dispose();
}
}
}
catch (Exception ex)
{
TextLog.Log("WorkflowProcessor", "Error on message timer " + ex.Message);
}
finally
{
executing = false;
last_status = "";
startTime = new DateTime(1970, 1, 1);
}
}
