/// <summary> /// Change all the DateTime fields in the object which are marked as DateTimeKind.Unspecified to UTC /// </summary> /// <param name="obj"></param> /// <param name="so"></param> public static void GlobalizeObject(object obj, SessionObject so) { var cso = so as ConfiguredSessionObject; if (obj == null || cso == null) return; PropertyInfo[] properties = obj.GetType().GetProperties(); foreach (PropertyInfo prop in properties) { if (prop.PropertyType == typeof(DateTime)) { var dt = (DateTime)prop.GetValue(obj, null); if (dt != DateTime.MinValue && dt.Kind == DateTimeKind.Unspecified) { DateTime utc; if (cso.RequiresTimeZoneConversion) { utc = cso.ToUtc(dt); } else { utc = DateTime.SpecifyKind(dt, DateTimeKind.Utc); } if (utc < TimeUtils.MinValue) { utc = TimeUtils.MinValue; } else if (utc > TimeUtils.MaxValue) { utc = TimeUtils.MaxValue; } prop.SetValue(obj, utc, null); } } //if (prop.PropertyType == typeof(string) && prop.Name.Contains("TimeZone")) //{ // string s = (string)prop.GetValue(obj, null); // if (s.StartsWith("(")) // { // prop.SetValue(obj, TimeUtils.GetTimeZoneID(s), null); // } //} } //if (obj is FullBusinessEntity) //{ // var entity = (FullBusinessEntity)obj; // EntityAttributes ea = entity.Attributes; // if (ea != null && ea.HasAttributes) // { // //TODO look into this // //foreach (object key in ea.Map.Keys) // //{ // // ea.Map[key] = GlobalizeAttribute((string)ea.Map[key], cso); // //} // ea.UpdateAttributeString(); // } //} }
/// <summary> /// Change timestamp from unspecified to utc. /// </summary> /// <param name="request"></param> /// <param name="so"></param> public static void Globalize(GetListByTimestampRequest request, SessionObject so) { var cso = (ConfiguredSessionObject)so; if (cso.RequiresTimeZoneConversion) { request.TimeStamp = cso.ToUtc(request.TimeStamp); } }
public ConfiguredSessionObject(SessionObject session, SessionConfigGroup userCfg, LoginMode mode) { ApplicationID = session.ApplicationID; SessionID = session.SessionID; CRMID = session.CRMID; SecurityEntityID = session.SecurityEntityID; CompanyID = session.CompanyID; Username = session.Username; Password = session.Password; Impersonation = session.Impersonation; PermissionsList = session.PermissionsList; Locale = userCfg.Locale; EntityName = session.EntityName; EntityType = session.EntityType; TimeZoneKey = session.TimeZoneKey ?? "UTC"; EnableTimeZoneSelect = session.EnableTimeZoneSelect; _configuration = userCfg; Initialize(mode); }
public SessionObject Clone() { //do a deep copy, fastest copy is just one on one var res = new SessionObject(); res.Active = Active; res.DateCreated = DateCreated; res.DateModified = DateModified; res.ApplicationID = ApplicationID; res.SessionID = SessionID; res.CRMID = CRMID; res.SecurityEntityID = SecurityEntityID; res.CompanyID = CompanyID; res.EntityName = EntityName; res.Username = Username; res.Password = Password; res.Impersonation = Impersonation; res.EnableTimeZoneSelect = EnableTimeZoneSelect; res.TimeZoneKey = TimeZoneKey; res.PermissionsList = new List<Guid>(PermissionsList); return res; }
/// <summary> /// Store a session in the cache. /// </summary> /// <param name="sessionObj">session to store, ID must not be Guid.Empty</param> public void StoreSession(SessionObject sessionObj) { if (sessionObj.SessionID == Guid.Empty) throw new ArgumentException("StoreSession: SessionID must not be empty"); if (_Impl != null) { _Impl[sessionObj.SessionID.ToString()] = sessionObj; } }
/// <summary> /// Check whether the authToken is in the permissions list. Throw SecurityException /// if unauthorized. /// </summary> /// <param name="sessionID">identifies session that contains the permissions list</param> /// <param name="authToken">token representing a requested permission</param> /// <returns>the SessionObject that has the sessionID, if authorized, otherwise null.</returns> public SessionObject CheckPermissions(Guid sessionID, Guid authToken) { var session = GetSession(sessionID); if (session != null) return session; // session not in cache if (sessionID == SpecialSessionID) //HACK for Unit API { session = new SessionObject { SessionID = SpecialSessionID, TimeZoneKey = "UTC" }; StoreSession(session); } else { throw new SessionException(string.Format("NO_SESSION|sessionID:{0}", sessionID)); } //if (session == null) //{ // //TODO not in cache => load it and put in cache //} //if (!session.GrantedPermissions.Contains(authToken)) //{ // throw new SessionException("PERMISSION_DENIED|" + authToken); //} return session; }
// Code below moved to Web Tier. //public static void LocalizeAttributes(EntityAttributes ea, SessionObject so) //{ // if (ea == null || !ea.HasAttributes) return; // var cso = so as ConfiguredSessionObject; // if (cso != null && cso.RequiresTimeZoneConversion) // { // var keyArray = new object[ea.Map.Keys.Count]; // ea.Map.Keys.CopyTo(keyArray, 0); // foreach (object key in keyArray) // { // object val = ea.Map[key]; // if (val is string[]) // { // var elems = (string[])val; // for (int i = 0; i < elems.Length; i++) // { // elems[i] = LocalizeAttribute(elems[i], cso); // } // } // else // { // ea.Map[key] = LocalizeAttribute((string)ea.Map[key], cso); // } // } // ea.UpdateAttributeString(); // } //} //private static string LocalizeAttribute(string s, ConfiguredSessionObject cso) //{ // if (s != null && s.Length == Formats.DateFmtLength && s[10] == 'T') // { // DateTime? dt = EntityAttributes.ParseDateTime(s); // return dt.HasValue ? cso.FromUtc(dt.Value).ToString("s") : "INVALID"; // } // return s; //} /// <summary> /// Change all the DateTime fields in all the objects in the list if the are UTC, to preferred zone. /// </summary> /// <param name="list"></param> /// <param name="so"></param> public static void LocalizeObjectList(IList list, SessionObject so) { if (list == null) return; var cso = so as ConfiguredSessionObject; if (cso != null && cso.RequiresTimeZoneConversion) { foreach (object obj in list) LocalizeObject(obj, cso); } }
/// <summary> /// Change all the DateTime fields which are UTC to the preferred zone /// </summary> /// <param name="obj"></param> /// <param name="so"></param> public static void LocalizeObject(object obj, SessionObject so) { if (obj == null) { return; } var cso = so as ConfiguredSessionObject; if (cso != null && cso.RequiresTimeZoneConversion) { PropertyInfo[] properties = obj.GetType().GetProperties(); foreach (PropertyInfo prop in properties) { if (prop.PropertyType == typeof (DateTime)) { var dt = (DateTime) prop.GetValue(obj, null); if (dt.Kind == DateTimeKind.Utc) { DateTime local = cso.FromUtc(dt); prop.SetValue(obj, local, null); } } } } }
/// <summary> /// Iterates thru the parameters of the request and converts every valid date in our standard date time format /// to UTC. It interprets the date time strings as being in the configured time zone. /// </summary> /// <param name="request"></param> /// <param name="so"></param> public static void GlobalizeRequest(ParameterMessageBase request, SessionObject so) { var cso = so as ConfiguredSessionObject; if (cso == null) return; if (cso.RequiresTimeZoneConversion) { var list = new List<KeyValuePair<string, string>>(); foreach (string key in request.Keys) { string val = request[key]; DateTime dt; if (DateTime.TryParseExact(val, "s", null, DateTimeStyles.None, out dt) || DateTime.TryParseExact(val, Formats.JsDateTimeFmt, null, DateTimeStyles.None, out dt)) { DateTime utc = cso.ToUtc(dt); list.Add(new KeyValuePair<string, string> { Key = key, Value = utc.ToString("s") }); } } foreach (var kv in list) { request[kv.Key] = kv.Value; } } }
/// <summary> /// Change all the DateTime fields in each object in the list which are marked as DateTimeKind.Unspecified to UTC /// </summary> /// <param name="list"></param> /// <param name="so"></param> public static void GlobalizeObjectList(IList list, SessionObject so) { var cso = so as ConfiguredSessionObject; if (list == null || cso == null) { return; } if (cso.RequiresTimeZoneConversion) { foreach (object obj in list) { GlobalizeObject(obj, cso); } } }
public GetItemResponse<SessionObject> GetSessionObject(SessionRequest request) { var response = new GetItemResponse<SessionObject>(); LogonLog logonLog = new LogonLog(); logonLog.ID = SequentialGuid.NewDbGuid(); logonLog.ApplicationID = request.ApplicationID; logonLog.HostIPAddress = request.HostIPAddress; logonLog.FailureCode = AuthenticationResult.Undefined; logonLog.LoginUsername = request.Username.Truncate(50); try { SessionObject sessionObj = null; //look for session in cache, if exists return it. sessionObj = SessionObjectCache.Instance.GetSession(request.SessionID); if (sessionObj != null) { //we must clone otherwise wcf may mess up the channel return new GetItemResponse<SessionObject>(sessionObj.Clone()); } if (sessionObj == null) { if (request.SessionID != Guid.Empty) { _Log.InfoFormat("Session {0} not in cache", request.SessionID); //log the session expiry - this must be a seperate log with a sepereate id see IM-4806 LogonLog expiryLog = new LogonLog(); expiryLog.ID = SequentialGuid.NewDbGuid(); expiryLog.ApplicationID = request.ApplicationID; expiryLog.HostIPAddress = request.HostIPAddress; expiryLog.FailureCode = AuthenticationResult.Undefined; expiryLog.LoginUsername = request.Username.Truncate(50); expiryLog.Logon = LogonType.SessionExpired; expiryLog.SessionObjectID = request.SessionID; expiryLog.SecurityEntityID = request.SecurityEntityID; //companyid and userid are unknown SaveLogonLog(new SaveRequest<LogonLog>(expiryLog)); } SecurityEntity entity; bool impersonation = false; if (request.SecurityEntityID != Guid.Empty) { var seResponse = GetSecurityEntity(new IDRequest(request.SecurityEntityID)); ErrorHandler.Check(seResponse); entity = seResponse.Item; impersonation = true; logonLog.Logon = LogonType.Impersonation; if (entity != null) { logonLog.FailureCode = AuthenticationResult.Success; logonLog.LoginUsername = entity.LoginUsername; } else { logonLog.FailureCode = AuthenticationResult.Undefined; logonLog.LoginUsername = "******"; } } else { logonLog.FailureCode = Authenticate(request.Username, request.Password, request.Mode, request.EntityType, out entity); logonLog.Logon = LogonType.UserLogon; } string msg = string.Format("SecurityEntity: {0} for `{1}` -> {2}/{3}", entity, request.Username, logonLog.Logon, logonLog.FailureCode); _Log.Info(msg); response.StatusMessage = msg; if (entity == null) { response.Status = false; logonLog.FailureCode = AuthenticationResult.SecurityEntityNotFound; logonLog.Success = false; logonLog.SessionObjectID = Guid.Empty; logonLog.SecurityEntityID = Guid.Empty; } else { logonLog.CompanyID = entity.CompanyID; logonLog.SecurityEntityID = entity.ID; logonLog.UserID = entity.UserID; if (logonLog.FailureCode == AuthenticationResult.Success) { var permissionList = GetSecurityPermissionList(request.ApplicationID, entity) .ConvertAll<Guid>(permission => permission.SecurityObjectID); // Check if this it is the Imarda Admin Console trying to log in thru the provioning service // in that case Flags == 2, and the IAC login security object must be linked to the security entity of the user if (request.Mode == LoginMode.IAC && !permissionList.Contains(AuthToken.ImardaAdminServiceLogin)) { msg = string.Format("IAC login {0} failed, IAC permission for {1} not found", request.Username, entity); _Log.Info(msg); response.Status = false; response.StatusMessage = msg; logonLog.FailureCode = AuthenticationResult.IACPermissionNotFound; logonLog.Success = false; logonLog.SessionObjectID = Guid.Empty; SaveLogonLog(new SaveRequest<LogonLog>(logonLog)); return response; } sessionObj = new SessionObject { ApplicationID = request.ApplicationID, SessionID = Guid.NewGuid(), CRMID = entity.CRMId, SecurityEntityID = entity.ID, CompanyID = entity.CompanyID, Username = entity.LoginUsername, Password = entity.LoginPassword, PermissionsList = permissionList, Impersonation = impersonation, TimeZoneKey = entity.TimeZone, EntityName = entity.EntityName, EntityType = entity.EntityType, EnableTimeZoneSelect = entity.EnableTimeZoneSelect, }; logonLog.Success = true; logonLog.SessionObjectID = sessionObj.SessionID; SessionObjectCache.Instance.StoreSession(sessionObj); _Log.InfoFormat("Store new session: {0}", sessionObj); } } SaveLogonLog(new SaveRequest<LogonLog>(logonLog)); } return new GetItemResponse<SessionObject>(sessionObj) {ErrorCode = logonLog.FailureCode.ToString()}; // StatusMessage = response.StatusMessage}; } catch (Exception ex) { return ErrorHandler.Handle<GetItemResponse<SessionObject>>(ex); } }