private void btnMembersAddWindowsUsersAndGroups_Click(object sender, EventArgs e)
{
try
{
this.HourGlass(true);
ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, this.applicationGroup.Application.Store.Storage.Mode == NetSqlAzManMode.Developer);
/*Application.DoEvents();*/
if (res != null)
{
foreach (ADObject o in res)
{
if (!this.MembersToRemove.Remove(o.Sid) && !this.FindMember(this.applicationGroup.GetApplicationGroupMembers(), o.Sid) && !this.FindMember(this.MembersToAdd, o.Sid))
{
WhereDefined wd = WhereDefined.LDAP;
if (!o.ADSPath.StartsWith("LDAP"))
{
wd = WhereDefined.Local;
}
this.MembersToAdd.Add(new GenericMember(o.Name, new SqlAzManSID(o.Sid), wd));
this.modified = true;
}
}
this.RefreshApplicationGroupProperties();
}
this.HourGlass(false);
}
catch (Exception ex)
{
this.HourGlass(false);
MessageBox.Show(ex.Message);
}
}
/// <summary>
/// Executes the LDAP query.
/// </summary>
/// <param name="testLDapQuery">The test L dap query.</param>
/// <returns></returns>
public SearchResultCollection ExecuteLDAPQuery(string testLDapQuery)
{
if (this.groupType != GroupType.LDapQuery)
{
throw new InvalidOperationException("Method not supported for Basic Groups");
}
if (!String.IsNullOrEmpty(testLDapQuery.Trim()))
{
string rootdse = DirectoryServicesUtils.GetRootDSEPart(testLDapQuery);
string ldapquery = DirectoryServicesUtils.GetLDAPQueryPart(testLDapQuery);
string query = String.Empty;
if (rootdse == null)
{
query = String.Format("(&(!(objectClass=computer))(&(|(objectClass=user)(objectClass=group)))({0}))", ldapquery);
}
else
{
query = String.Format("[RootDSE:{0}](&(!(objectClass=computer))(&(|(objectClass=user)(objectClass=group)))({1}))", rootdse, ldapquery);
}
return(DirectoryServices.DirectoryServicesUtils.ExecuteLDAPQuery(query));
}
else
{
return(null);
}
}
/// <summary>
/// Gets the owner info.
/// </summary>
/// <param name="displayName">Display name of the Owner.</param>
/// <returns></returns>
public MemberType GetOwnerInfo(out string displayName)
{
if (System.Security.Principal.WindowsIdentity.GetCurrent().User.Value == this.owner.StringValue)
{
displayName = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).Name;
return(MemberType.WindowsNTUser);
}
if (this.ownerSidWhereDefined == WhereDefined.Database)
{
try
{
displayName = this.item.Application.GetDBUser(this.owner).UserName;
}
catch (SqlAzManException)
{
displayName = this.owner.StringValue;
}
return(MemberType.DatabaseUser);
}
bool isAGroup;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(this.owner.StringValue, out displayName, out isAGroup, out isLocal);
if (this.item.Application.Store.Storage.Mode == NetSqlAzManMode.Administrator && isLocal)
{
displayName = this.owner.StringValue;
return(MemberType.AnonymousSID);
}
return(isAGroup ? MemberType.WindowsNTGroup : MemberType.WindowsNTUser);
}
/// <summary>
/// Updates the specified authorization type.
/// </summary>
/// <param name="owner">The owner Sid.</param>
/// <param name="sid">The member Sid.</param>
/// <param name="sidWhereDefined">The object owner where defined.</param>
/// <param name="authorizationType">Type of the authorization.</param>
/// <param name="validFrom">The valid from.</param>
/// <param name="validTo">The valid to.</param>
public void Update(IAzManSid owner, IAzManSid sid, WhereDefined sidWhereDefined, AuthorizationType authorizationType, DateTime?validFrom, DateTime?validTo)
{
if (this.owner.StringValue != owner.StringValue || this.sid.StringValue != sid.StringValue || this.sidWhereDefined != sidWhereDefined || this.authorizationType != authorizationType || this.validFrom != validFrom || this.validTo != validTo)
{
//DateTime range check
if (validFrom.HasValue && validTo.HasValue)
{
if (validFrom.Value > validTo.Value)
{
throw new InvalidOperationException("ValidFrom cannot be greater then ValidTo if supplied.");
}
}
SqlAzManSID oldOwner = new SqlAzManSID(this.owner.StringValue, this.ownerSidWhereDefined == WhereDefined.Database);
SqlAzManSID oldSid = new SqlAzManSID(this.sid.StringValue, this.sidWhereDefined == WhereDefined.Database);
WhereDefined oldOwnerSidWhereDefined = this.ownerSidWhereDefined;
WhereDefined oldSidWhereDefined = this.SidWhereDefined;
AuthorizationType oldAuthorizationType = this.AuthorizationType;
DateTime? oldValidFrom = this.validFrom;
DateTime? oldValidTo = this.validTo;
string memberName;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(owner.StringValue, out memberName, out isLocal);
WhereDefined ownerSidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP;
this.db.AuthorizationUpdate(this.item.ItemId, owner.BinaryValue, (byte)ownerSidWhereDefined, sid.BinaryValue, (byte)sidWhereDefined, (byte)authorizationType, (validFrom.HasValue ? validFrom.Value : new DateTime?()), (validTo.HasValue ? validTo.Value : new DateTime?()), this.authorizationId, this.item.Application.ApplicationId);
this.owner = new SqlAzManSID(owner.BinaryValue);
this.ownerSidWhereDefined = ownerSidWhereDefined;
this.sid = sid;
this.sidWhereDefined = sidWhereDefined;
this.authorizationType = authorizationType;
this.validFrom = validFrom;
this.validTo = validTo;
this.raiseAuthorizationUpdated(this, oldOwner, oldOwnerSidWhereDefined, oldSid, oldSidWhereDefined, oldAuthorizationType, oldValidFrom, oldValidTo);
}
}
private void btnBrowseWindowsUser_Click(object sender, EventArgs e)
{
string userName = String.Empty;
try
{
this.rbWindowsUser.Checked = true;
ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, false, true, false);
/*Application.DoEvents();*/
if (res != null)
{
if (res.Length > 1)
{
this.ShowError(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg20"), Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10"));
}
if (res.Length == 1)
{
userName = res[0].UPN;
this.wid = new WindowsIdentity(userName);
this.txtWindowsUser.Text = userName;
this.dbuser = null;
}
}
}
catch (Exception ex)
{
this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10"));
}
finally
{
this.FormValidate();
}
}
/// <summary>
/// Gets the member info.
/// </summary>
/// <param name="displayName">Display name of the member.</param>
/// <returns></returns>
public MemberType GetMemberInfo(out string displayName)
{
switch (this.SidWhereDefined)
{
case WhereDefined.Store:
displayName = this.item.Application.Store.GetStoreGroup(this.sid).Name;
return(MemberType.StoreGroup);
case WhereDefined.Application:
displayName = this.item.Application.GetApplicationGroup(this.sid).Name;
return(MemberType.ApplicationGroup);
case WhereDefined.LDAP:
bool isAnLdapGroup;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(this.sid.StringValue, out displayName, out isAnLdapGroup, out isLocal);
if (this.sid.StringValue.Equals(displayName))
{
return(MemberType.AnonymousSID);
}
return(isAnLdapGroup ? MemberType.WindowsNTGroup : MemberType.WindowsNTUser);
case WhereDefined.Local:
if (this.item.Application.Store.Storage.Mode == NetSqlAzManMode.Administrator)
{
break;
}
bool isALocalGroup;
bool isLocal2;
DirectoryServicesUtils.GetMemberInfo(this.sid.StringValue, out displayName, out isALocalGroup, out isLocal2);
if (this.sid.StringValue.Equals(displayName))
{
return(MemberType.AnonymousSID);
}
return(isALocalGroup ? MemberType.WindowsNTGroup : MemberType.WindowsNTUser);
case WhereDefined.Database:
try
{
displayName = this.item.Application.GetDBUser(this.sid).UserName;
if (displayName == this.sid.StringValue)
{
displayName = this.item.Application.Store.GetDBUser(this.sid).UserName;
}
if (displayName == this.sid.StringValue)
{
displayName = this.item.Application.Store.Storage.GetDBUser(this.sid).UserName;
}
}
catch (SqlAzManException)
{
displayName = this.sid.StringValue;
}
return(MemberType.DatabaseUser);
}
displayName = this.sid.StringValue;
return(MemberType.AnonymousSID);
}
private List <string> ObtainUserGroups(string sSystemUserName)
{
string sServerName = String.Empty;
string sUserName = String.Empty;
List <string> oNetGroups = new List <string>();
DirectoryServicesUtils.ParseAccountName(sSystemUserName, out sServerName, out sUserName);
oNetGroups.AddRange(ObtainFullUserGroupName(sServerName, sUserName)); // Domain user groups
oNetGroups.AddRange(ObtainFullUserGroupName(Environment.MachineName, sSystemUserName)); // Local user groups
return(oNetGroups);
}
private void btnAddWindowsUsersAndGroups_Click(object sender, EventArgs e)
{
try
{
this.HourGlass(true);
ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, this.item.Application.Store.Storage.Mode == NetSqlAzManMode.Developer);
/*Application.DoEvents();*/
if (res != null)
{
List <DataRow> rowsAdded = new List <DataRow>();
foreach (ADObject o in res)
{
WhereDefined wd = WhereDefined.LDAP;
if (!o.ADSPath.StartsWith("LDAP"))
{
wd = WhereDefined.Local;
}
string displayName;
bool isAGroup;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(o.Sid, out displayName, out isAGroup, out isLocal);
GenericMember gm = new GenericMember(new SqlAzManSID(o.Sid), wd, AuthorizationType.Neutral, null, null);
gm.Name = displayName;
rowsAdded.Add(this.AddLDapDataRow(gm, isAGroup));
this.modified = true;
}
this.SelectDataGridViewRows(rowsAdded);
}
this.btnApply.Enabled = this.modified;
//Adjust columns Width
foreach (DataGridViewColumn dgvc in this.dgAuthorizations.Columns)
{
dgvc.Width = dgvc.GetPreferredWidth(DataGridViewAutoSizeColumnMode.AllCells, true);
}
this.HourGlass(false);
}
catch (Exception ex)
{
this.HourGlass(false);
this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("frmItemAuthorizations_Msg10"));
}
finally
{
this.btnApply.Enabled = this.modified;
}
}
/// <summary>
/// Updates the L dap query.
/// </summary>
/// <param name="newLdapQuery">The new ldap query.</param>
public void UpdateLDapQuery(string newLdapQuery)
{
if (this.lDapQuery != newLdapQuery)
{
if (DirectoryServicesUtils.TestLDAPQuery(newLdapQuery))
{
string oldLDapQuery = this.lDapQuery;
this.db.StoreGroupUpdate(this.store.StoreId, this.SID.BinaryValue, this.name, this.description, newLdapQuery, (byte)this.groupType, this.storeGroupId);
this.lDapQuery = newLdapQuery;
this.raiseStoreGroupLDAPQueryUpdated(this, oldLDapQuery);
}
else
{
throw new ArgumentException("LDAP Query syntax error or unavailable Domain.", "newLdapQuery");
}
}
}
public frmImportFromAzMan()
{
InitializeComponent();
try
{
string memberName;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal);
if (!isLocal)
{
this.currentOwnerSidWhereDefined = WhereDefined.LDAP;
}
else
{
this.currentOwnerSidWhereDefined = WhereDefined.Local;
}
}
catch
{
this.currentOwnerSidWhereDefined = WhereDefined.LDAP;
}
}
private void btnNonMembersAddWindowsUsersAndGroup_Click(object sender, EventArgs e)
{
this.HourGlass(true);
ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, this.storeGroup.Store.Storage.Mode == NetSqlAzManMode.Developer);
if (res != null)
{
foreach (ADObject o in res)
{
if (!this.NonMembersToRemove.Remove(o.Sid) && !this.FindMember(this.storeGroup.GetStoreGroupNonMembers(), new SqlAzManSID(o.Sid)) && !this.FindMember(this.NonMembersToAdd, new SqlAzManSID(o.Sid)))
{
WhereDefined wd = WhereDefined.LDAP;
if (!o.ADSPath.StartsWith("LDAP"))
{
wd = WhereDefined.Local;
}
this.NonMembersToAdd.Add(new GenericMember(o.Name, new SqlAzManSID(o.Sid), wd));
this.modified = true;
}
}
this.RefreshStoreGroupProperties();
}
this.HourGlass(false);
}
public frmItemAuthorizations()
{
InitializeComponent();
string memberName;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal);
this.currentOwnerSidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP;
this.dtAuthorizations = new DataTable();
DataColumn dcAuthorizationId = new DataColumn("AuthorizationID", typeof(int));
dcAuthorizationId.AutoIncrement = true;
dcAuthorizationId.AutoIncrementSeed = -1;
dcAuthorizationId.AutoIncrementStep = -1;
dcAuthorizationId.AllowDBNull = false;
dcAuthorizationId.Unique = true;
DataColumn dcMemberTypeEnum = new DataColumn("MemberTypeEnum", typeof(MemberType));
DataColumn dcMemberType = new DataColumn("MemberType", typeof(Bitmap));
DataColumn dcOwner = new DataColumn("Owner", typeof(string));
DataColumn dcOwnerSid = new DataColumn("OwnerSID", typeof(string));
DataColumn dcName = new DataColumn("Name", typeof(string));
DataColumn dcObjectSid = new DataColumn("ObjectSID", typeof(string));
DataColumn dcWhereDefined = new DataColumn("WhereDefined", typeof(string));
DataColumn dcWhereDefinedEnum = new DataColumn("WhereDefinedEnum", typeof(WhereDefined));
DataColumn dcAuthorizationType = new DataColumn("AuthorizationType", typeof(Bitmap));
DataColumn dcAuthorizationTypeEnum = new DataColumn("AuthorizationTypeEnum", typeof(AuthorizationType));
DataColumn dcValidFrom = new DataColumn("ValidFrom", typeof(DateTime));
dcValidFrom.AllowDBNull = true;
DataColumn dcValidTo = new DataColumn("ValidTo", typeof(DateTime));
dcValidTo.AllowDBNull = true;
dcMemberType.Caption = Globalization.MultilanguageResource.GetString("DGColumn_10");
dcOwner.Caption = Globalization.MultilanguageResource.GetString("DGColumn_20");
dcOwnerSid.Caption = Globalization.MultilanguageResource.GetString("DGColumn_30");
dcName.Caption = Globalization.MultilanguageResource.GetString("DGColumn_40");
dcObjectSid.Caption = Globalization.MultilanguageResource.GetString("DGColumn_50");
dcWhereDefined.Caption = Globalization.MultilanguageResource.GetString("DGColumn_60");
dcAuthorizationType.Caption = Globalization.MultilanguageResource.GetString("DGColumn_70");
dcValidFrom.Caption = Globalization.MultilanguageResource.GetString("DGColumn_80");
dcValidTo.Caption = Globalization.MultilanguageResource.GetString("DGColumn_90");
this.dtAuthorizations.Columns.AddRange(
new DataColumn[]
{
dcAuthorizationId,
dcMemberType,
dcName,
dcAuthorizationType,
dcWhereDefined,
dcOwner,
dcOwnerSid,
dcValidFrom,
dcValidTo,
dcObjectSid,
dcAuthorizationTypeEnum,
dcWhereDefinedEnum,
dcMemberTypeEnum,
});
this.modified = false;
}
private void ImportFromAzMan(string azManStorePath, string netSqlAzManStoreName)
{
Microsoft.Interop.Security.AzRoles.AzAuthorizationStore azstore = null;
try
{
this.SetMessage(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg50"));
this.storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
string storeDescription = String.Format(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg60") + " ({0}) - {1}", azManStorePath, DateTime.Now.ToString());
IAzManStore store = this.storage.CreateStore(netSqlAzManStoreName, storeDescription);
azstore = new AzAuthorizationStoreClass();
this.SetMessage(String.Format(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg70") + " '{0}'", azManStorePath));
azstore.Initialize(2, azManStorePath, null);
#region Store Groups
//Store Groups
foreach (IAzApplicationGroup azStoreGroup in azstore.ApplicationGroups)
{
//Store Groups Definition
this.SetMessage(String.Format("Store Group: '{0}'", azStoreGroup.Name));
if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
{
//Basic
store.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), azStoreGroup.Name, azStoreGroup.Description, String.Empty, GroupType.Basic);
}
else if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_LDAP_QUERY)
{
//LDap
store.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), azStoreGroup.Name, azStoreGroup.Description, azStoreGroup.LdapQuery, GroupType.LDapQuery);
}
}
//Store Groups Members
foreach (IAzApplicationGroup azStoreGroup in azstore.ApplicationGroups)
{
if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
{
//Basic
IAzManStoreGroup storeGroup = store.GetStoreGroup(azStoreGroup.Name);
//Store Group Members - Members Store Group
this.SetMessage(String.Format("Store Group: '{0}' Members", storeGroup.Name));
object[] azStoreGroupMembers = azStoreGroup.AppMembers as object[];
if (azStoreGroupMembers != null)
{
foreach (string azStoreGroupMember in azStoreGroupMembers)
{
IAzManStoreGroup member = store.GetStoreGroup(azStoreGroupMember);
storeGroup.CreateStoreGroupMember(member.SID, WhereDefined.Store, true);
}
}
//Store Group Non-Members - Non-Members Store Group
this.SetMessage(String.Format("Store Group: '{0}' Non-Members", storeGroup.Name));
object[] azStoreGroupNonMembers = azStoreGroup.AppNonMembers as object[];
if (azStoreGroupNonMembers != null)
{
foreach (string azStoreGroupNonMember in azStoreGroupNonMembers)
{
IAzManStoreGroup nonMember = store.GetStoreGroup(azStoreGroupNonMember);
storeGroup.CreateStoreGroupMember(nonMember.SID, WhereDefined.Store, false);
}
}
//Store Group Members - Windows NT Account
this.SetMessage(String.Format("Store Group: '{0}' Windows account Members", storeGroup.Name));
object[] azStoreGroupWindowsMembers = azStoreGroup.Members as object[];
if (azStoreGroupWindowsMembers != null)
{
foreach (string azStoreWindowsMember in azStoreGroupWindowsMembers)
{
IAzManSid sid = new SqlAzManSID(azStoreWindowsMember);
string memberName;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
storeGroup.CreateStoreGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, true);
}
}
//Store Group NonMembers - Windows NT Account
this.SetMessage(String.Format("Store Group: '{0}' Windows account Non-Members", storeGroup.Name));
object[] azStoreGroupWindowsNonMembers = azStoreGroup.NonMembers as object[];
if (azStoreGroupWindowsNonMembers != null)
{
foreach (string azStoreWindowsNonMember in azStoreGroupWindowsNonMembers)
{
IAzManSid sid = new SqlAzManSID(azStoreWindowsNonMember);
string memberName;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
storeGroup.CreateStoreGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, false);
}
}
}
}
#endregion Store Groups
#region Applications
//Applications
foreach (IAzApplication azApplication in azstore.Applications)
{
this.SetMessage(String.Format("Application: '{0}'", azApplication.Name));
IAzManApplication application = store.CreateApplication(azApplication.Name, azApplication.Description);
#region Application Groups
//Store Groups
foreach (IAzApplicationGroup azApplicationGroup in azApplication.ApplicationGroups)
{
//Application Groups Definition
this.SetMessage(String.Format("Application Group: '{0}'", azApplicationGroup.Name));
if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
{
//Basic
application.CreateApplicationGroup(SqlAzManSID.NewSqlAzManSid(), azApplicationGroup.Name, azApplicationGroup.Description, String.Empty, GroupType.Basic);
}
else if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_LDAP_QUERY)
{
//LDap
application.CreateApplicationGroup(SqlAzManSID.NewSqlAzManSid(), azApplicationGroup.Name, azApplicationGroup.Description, azApplicationGroup.LdapQuery, GroupType.LDapQuery);
}
}
//Application Groups Members
foreach (IAzApplicationGroup azApplicationGroup in azApplication.ApplicationGroups)
{
if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
{
//Basic
IAzManApplicationGroup applicationGroup = application.GetApplicationGroup(azApplicationGroup.Name);
//Application Group Members - Members Group
this.SetMessage(String.Format("Application Group: '{0}' Members", applicationGroup.Name));
object[] azStoreGroupMembers = azApplicationGroup.AppMembers as object[];
if (azStoreGroupMembers != null)
{
foreach (string azGroupMember in azStoreGroupMembers)
{
IAzManStoreGroup storemember;
try
{
storemember = store.GetStoreGroup(azGroupMember);
}
catch (SqlAzManException)
{
storemember = null;
}
IAzManApplicationGroup appmember;
try
{
appmember = application.GetApplicationGroup(azGroupMember);
}
catch (SqlAzManException)
{
appmember = null;
}
if (storemember != null)
{
applicationGroup.CreateApplicationGroupMember(storemember.SID, WhereDefined.Store, true);
}
else
{
applicationGroup.CreateApplicationGroupMember(appmember.SID, WhereDefined.Application, true);
}
}
}
//Application Group Non-Members - Non-Members Group
this.SetMessage(String.Format("Application Group: '{0}' Non-Members", applicationGroup.Name));
object[] azStoreGroupNonMembers = azApplicationGroup.AppNonMembers as object[];
if (azStoreGroupNonMembers != null)
{
foreach (string azGroupNonMember in azStoreGroupNonMembers)
{
IAzManStoreGroup storenonMember;
try
{
storenonMember = store.GetStoreGroup(azGroupNonMember);
}
catch (SqlAzManException)
{
storenonMember = null;
}
IAzManApplicationGroup appnonMember;
try
{
appnonMember = application.GetApplicationGroup(azGroupNonMember);
}
catch (SqlAzManException)
{
appnonMember = null;
}
if (storenonMember != null)
{
applicationGroup.CreateApplicationGroupMember(storenonMember.SID, WhereDefined.Store, false);
}
else
{
applicationGroup.CreateApplicationGroupMember(appnonMember.SID, WhereDefined.Application, false);
}
}
}
//Application Group Members - Windows NT Account
this.SetMessage(String.Format("Application Group: '{0}' Windows account Members", applicationGroup.Name));
object[] azApplicationGroupWindowsMembers = azApplicationGroup.Members as object[];
if (azApplicationGroupWindowsMembers != null)
{
foreach (string azApplicationWindowsMember in azApplicationGroupWindowsMembers)
{
IAzManSid sid = new SqlAzManSID(azApplicationWindowsMember);
string memberName;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
applicationGroup.CreateApplicationGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, true);
}
}
//Application Group NonMembers - Windows NT Account
this.SetMessage(String.Format("Application Group: '{0}' Windows account Non-Members", applicationGroup.Name));
object[] azApplicationGroupWindowsNonMembers = azApplicationGroup.NonMembers as object[];
if (azApplicationGroupWindowsNonMembers != null)
{
foreach (string azApplicationWindowsNonMember in azApplicationGroupWindowsNonMembers)
{
IAzManSid sid = new SqlAzManSID(azApplicationWindowsNonMember);
string memberName;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
applicationGroup.CreateApplicationGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, false);
}
}
}
}
#endregion Application Groups
//Without Scopes
IAzTasks tasks = azApplication.Tasks as IAzTasks;
if (tasks != null)
{
foreach (IAzTask azTask in tasks)
{
if (azTask.IsRoleDefinition == 1)
{
this.SetMessage(String.Format("Role: '{0}'", azTask.Name));
IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Role);
}
else
{
this.SetMessage(String.Format("Task: '{0}'", azTask.Name));
IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Task);
}
}
}
IAzOperations operations = azApplication.Operations as IAzOperations;
if (operations != null)
{
foreach (IAzOperation azOperation in operations)
{
this.SetMessage(String.Format("Operation: '{0}'", azOperation.Name));
application.CreateItem(azOperation.Name, azOperation.Description, ItemType.Operation);
}
}
//Build Item Hierarchy
if (tasks != null)
{
foreach (IAzTask azTask in tasks)
{
this.SetMessage(String.Format("Task: '{0}'", azTask.Name));
this.SetHirearchy(null, azApplication, azTask.Name, application);
}
}
//Scopes
foreach (IAzScope azScope in azApplication.Scopes)
{
azApplication.OpenScope(azScope.Name, null);
IAzTasks tasksOfScope = azScope.Tasks as IAzTasks;
if (tasksOfScope != null)
{
foreach (IAzTask azTask in tasksOfScope)
{
if (azTask.IsRoleDefinition == 1)
{
this.SetMessage(String.Format("Role: '{0}'", azTask.Name));
IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Role);
}
else
{
this.SetMessage(String.Format("Task: '{0}'", azTask.Name));
IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Task);
}
}
}
//Build Item Hierarchy
if (tasksOfScope != null)
{
foreach (IAzTask azTask in tasksOfScope)
{
this.SetMessage(String.Format("Task: '{0}'", azTask.Name));
this.SetHirearchy(azScope, azApplication, azTask.Name, application);
}
}
}
//Authorizations on Roles without Scopes
AuthorizationType defaultAuthorization = AuthorizationType.AllowWithDelegation;
IAzRoles azRoles = azApplication.Roles;
foreach (IAzRole azRole in azRoles)
{
IAzManItem item;
try
{
item = application.GetItem(azRole.Name);
}
catch (SqlAzManException)
{
item = null;
}
if (item == null)
{
item = application.CreateItem(azRole.Name, azRole.Description, ItemType.Role);
}
//Store & Application Groups Authorizations
foreach (string member in (object[])azRole.AppMembers)
{
IAzManStoreGroup storeGroup;
try
{
storeGroup = application.Store.GetStoreGroup(member);
}
catch (SqlAzManException)
{
storeGroup = null;
}
IAzManApplicationGroup applicationGroup;
try
{
applicationGroup = application.GetApplicationGroup(member);
}
catch (SqlAzManException)
{
applicationGroup = null;
}
if (storeGroup != null)
{
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, storeGroup.SID, WhereDefined.Store, defaultAuthorization, null, null);
}
else if (applicationGroup != null)
{
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, applicationGroup.SID, WhereDefined.Application, defaultAuthorization, null, null);
}
}
//Windows Users & Groups Authorizations
foreach (string sSid in (object[])azRole.Members)
{
IAzManSid sid = new SqlAzManSID(sSid);
string memberName;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, defaultAuthorization, null, null);
}
}
//Authorizations on Roles with Scopes
foreach (IAzScope azScope in azApplication.Scopes)
{
IAzRoles azRolesWithScopes = azScope.Roles;
foreach (IAzRole azRole in azRolesWithScopes)
{
IAzManItem item;
try
{
item = application.GetItem(azRole.Name);
}
catch (SqlAzManException)
{
item = null;
}
if (item == null)
{
item = application.CreateItem(azRole.Name, azRole.Description, ItemType.Role);
}
//Store & Application Groups Authorizations
foreach (string member in (object[])azRole.AppMembers)
{
IAzManStoreGroup storeGroup;
try
{
storeGroup = application.Store.GetStoreGroup(member);
}
catch (SqlAzManException)
{
storeGroup = null;
}
IAzManApplicationGroup applicationGroup;
try
{
applicationGroup = application.GetApplicationGroup(member);
}
catch (SqlAzManException)
{
applicationGroup = null;
}
if (storeGroup != null)
{
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, storeGroup.SID, WhereDefined.Store, defaultAuthorization, null, null);
}
else if (applicationGroup != null)
{
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, applicationGroup.SID, WhereDefined.Application, defaultAuthorization, null, null);
}
}
//Windows Users & Groups Authorizations
foreach (string sSid in (object[])azRole.Members)
{
IAzManSid sid = new SqlAzManSID(sSid);
string memberName;
bool isLocal;
DirectoryServicesUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, defaultAuthorization, null, null);
}
}
}
//try
//{
// azstore.CloseApplication(azApplication.Name, 0);
//}
//catch
//{
// //PorkAround: COM Is a mistery
//}
}
#endregion Applications
this.SetMessage(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg80"));
if (storage.TransactionInProgress)
{
storage.CommitTransaction();
}
}
catch
{
if (storage.TransactionInProgress)
{
this.SetMessage(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg90"));
storage.RollBackTransaction();
}
throw;
}
finally
{
if (azstore != null)
{
this.SetMessage(Globalization.MultilanguageResource.GetString("frmImportFromAzMan_Msg100"));
System.Runtime.InteropServices.Marshal.ReleaseComObject(azstore);
azstore = null;
}
this.SetMessage(Globalization.MultilanguageResource.GetString("Done_Msg10"));
}
}
