/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Boolean accessrequestrevoke(IAMDatabase database, Dictionary <String, Object> parameters) { if (!parameters.ContainsKey("requestid")) { Error(ErrorType.InvalidRequest, "Parameter requestid is not defined.", "", null); return(false); } Int64 requestid = 0; try { requestid = Int64.Parse(parameters["requestid"].ToString()); } catch { Error(ErrorType.InvalidRequest, "Parameter requestid is not a long integer.", "", null); return(false); } WorkflowRequest req = new WorkflowRequest(requestid); WorkflowRequestProccess proc = req.SetStatus(database, WorkflowRequestStatus.Revoked, Acl.EntityId); if (!proc.Success) { Error(ErrorType.InvalidRequest, proc.Message, proc.Debug, null); return(false); } else { return(true); } }
private void WorkflowTimer(Object state) { if (executing) { return; } executing = true; startTime = DateTime.Now; try { IAMDatabase db = null; try { db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword); db.openDB(); db.Timeout = 900; DataTable dtRequests = db.ExecuteDataTable("select id, workflow_id from [st_workflow_request] r with(nolock) where r.deployed = 0 order by r.create_date"); if ((dtRequests != null) && (dtRequests.Rows.Count > 0)) { try { TextLog.Log("WorkflowProcessor", "Starting workflow processor timer"); foreach (DataRow dr in dtRequests.Rows) { try { WorkflowRequest request = new WorkflowRequest((Int64)dr["id"]); request.GetInicialData(db); WorkflowConfig workflow = new WorkflowConfig(); workflow.GetDatabaseData(db, (Int64)dr["workflow_id"]); switch (request.Status) { case WorkflowRequestStatus.Deny: case WorkflowRequestStatus.Expired: case WorkflowRequestStatus.UserCanceled: //Somente atualiza como deployed, para não ficar verificando db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); continue; break; case WorkflowRequestStatus.Waiting: //Verifica escalation DateTime escalation = request.ActivityCreated.AddDays(request.Activity.EscalationDays); DateTime expired = request.ActivityCreated.AddDays(request.Activity.ExpirationDays); if (expired.CompareTo(DateTime.Now) < 0) { request.SetStatus(db, WorkflowRequestStatus.Escalated, request.UserId); db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); } else if (escalation.CompareTo(DateTime.Now) < 0) { request.SetStatus(db, WorkflowRequestStatus.Escalated, request.UserId); db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); } break; case WorkflowRequestStatus.Escalated: //Verifica escalation DateTime expired2 = request.ActivityCreated.AddDays(request.Activity.ExpirationDays); if (expired2.CompareTo(DateTime.Now) < 0) { request.SetStatus(db, WorkflowRequestStatus.Expired, request.UserId); db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); } break; case WorkflowRequestStatus.Approved: //Somente executa alguma ação quando não há mais nenhuma atividade a ser executada if (request.NextActivity == null) { switch (workflow.AccessType) { case WorkflowAccessType.RoleGrant: WorkflowAccessRoleGrant rg = (WorkflowAccessRoleGrant)workflow.Access; //Seleciona todas as identidades do usuário e adiciona na role DataTable drIdent = db.ExecuteDataTable("select i.* from [identity] i with(nolock) inner join resource_plugin rp with(nolock) on i.resource_plugin_id = rp.id where rp.enable_import = 1 and rp.permit_add_entity = 1 and i.entity_id = " + request.UserId); if ((drIdent == null) || (drIdent.Rows.Count == 0)) { using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = "No inbound identity found for allow access"; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } else { //Lista o nome e id de todas as roles que serão utilizadas List <String> roleList = new List <String>(); foreach (Int64 r in rg.Roles) { roleList.Add(r.ToString()); } DataTable drRoles = db.ExecuteDataTable("select * from [role] where id in (" + String.Join(",", roleList) + ")"); if ((drRoles == null) || (drRoles.Rows.Count == 0)) { using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = "No role found for allow access"; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } else { String roleNames = ""; //Adiciona as roles foreach (DataRow dr2 in drIdent.Rows) { foreach (DataRow drRole in drRoles.Rows) { DbParameterCollection par = new DbParameterCollection(); par.Add("@identity_id", typeof(Int64)).Value = dr2["id"]; par.Add("@role_id", typeof(Int64)).Value = drRole["id"]; Boolean added = db.ExecuteScalar <Boolean>("sp_insert_identity_role", CommandType.StoredProcedure, par); if (added) { roleNames += drRole["name"] + Environment.NewLine; } } } if (roleNames != null) { db.AddUserLog(LogKey.User_IdentityRoleBind, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, request.UserId, 0, "Entity bind to roles by workflow access request", roleNames); } using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = "Entity bind to roles"; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } } db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); break; } } break; case WorkflowRequestStatus.Revoked: //Remove as permissões dadas switch (workflow.AccessType) { case WorkflowAccessType.RoleGrant: WorkflowAccessRoleGrant rg = (WorkflowAccessRoleGrant)workflow.Access; //Lista o nome e id de todas as roles que serão utilizadas List <String> roleList = new List <String>(); foreach (Int64 r in rg.Roles) { roleList.Add(r.ToString()); } String log = ""; DataTable drRoles = db.ExecuteDataTable("select distinct ir.*, r.name role_name from [role] r with(nolock) inner join identity_role ir with(nolock) on ir.role_id = r.id inner join [identity] i with(nolock) on ir.identity_id = i.id where i.entity_id = " + request.UserId + " and r.id in (" + String.Join(",", roleList) + ")"); if ((drRoles != null) && (drRoles.Rows.Count > 0)) { foreach (DataRow dr2 in drRoles.Rows) { log += "Identity unbind to role " + dr2["role_name"] + Environment.NewLine; db.AddUserLog(LogKey.User_IdentityRoleUnbind, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, request.UserId, (Int64)dr2["identity_id"], "Identity unbind to role " + dr2["role_name"]); db.ExecuteNonQuery("delete from identity_role where identity_id = " + dr2["identity_id"] + " and role_id = " + dr2["role_id"], CommandType.Text, null); } using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = log; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } else { using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = "No permission to remove"; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); break; } break; case WorkflowRequestStatus.UnderReview: //Nada break; } } catch (Exception ex) { db.AddUserLog(LogKey.Workflow, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, 0, 0, "Workflow proccess error", ex.Message); } } } finally { if (db != null) { db.Dispose(); } TextLog.Log("WorkflowProcessor", "Finishing workflow processor timer"); } } db.closeDB(); } finally { if (db != null) { db.Dispose(); } } } catch (Exception ex) { TextLog.Log("WorkflowProcessor", "Error on message timer " + ex.Message); } finally { executing = false; last_status = ""; startTime = new DateTime(1970, 1, 1); } }