internal static void SetupImp()
{
ModelUser mu = new ModelUser("Everyone");
if (!mu.Exists)
{
mu.PasswordHash = null;
mu.Enabled = false;
mu.Create();
ModelUserRights ur = new ModelUserRights("owner", "Everyone");
ur.Create();
}
Securable s = new Securable(typeof(ApplicationExceptionSecureService).FullName);
if (!s.Exists)
{
// Default configuration - the safe way.
s.TimeSessionIsIssued = 20;
s.AllowAnonymousAccess = true;
s.Enabled = true;
s.GenerationPasswordLength = 6;
s.AllowedIPFailures = 10;
s.IPsMustBePreregistered = false;
s.IPFailureTimeDenying = 60;
s.DisableIPFiltering = false;
s.SessionsPerIPAllowed = 2;
s.Create();
}
}
public void CreateObjectFromOwner(ModelUser _ModelUser, Services.Packages.Security.ModelUser _Owner, string SessionToken)
{
ModelSession session = ModelUserSecureService.CheckSessionImp(SessionToken);
//if (!Services.Packages.Security.Security.ModelUserSecureService.CheckAccessImp(_Owner, SessionToken, "Create ModelUserOwning"))
// throw new UnauthorizedAccessException("Access Denied");
_ModelUser.Reload();
if (!_ModelUser.Exists && !Services.Packages.Security.Security.ModelUserSecureService.CheckAccessImp(_Owner, SessionToken, "Create ModelUserOwning"))
throw new UnauthorizedAccessException("Access Denied");
else if (_ModelUser.Exists && !ModelUserSecureService.CheckAccessImp(_ModelUser, SessionToken, "Update"))
throw new UnauthorizedAccessException("Access Denied");
_ModelUser.Owner = session.User;
_ModelUser.Owner = _Owner;
_ModelUser.Create();
}
internal static void AddUserImp(string userName, string password, string email, string secretQuestion,
string secretAnswer, bool enabled, string SessionToken)
{
if (String.IsNullOrEmpty(userName) ||
String.IsNullOrEmpty(password) ||
String.IsNullOrEmpty(email) ||
String.IsNullOrEmpty(secretQuestion) ||
String.IsNullOrEmpty(secretAnswer))
{
throw new InvalidOperationException("One of the requested fields is empty.");
}
ModelSession session = CheckSessionImp(SessionToken);
if (CheckUserRightsImp(session.User.Name, "ManageUsers"))
{
ModelUser mu = new ModelUser(userName);
if (mu.Exists)
throw new InvalidOperationException("User already exists.");
mu.PasswordHash = Platform.Runtime.Security.Hash.ComputeHash(password, "SHA512", null);
mu.Email = email;
mu.SecretQuestion = secretQuestion;
mu.SecretAnswer = secretAnswer;
mu.Enabled = enabled;
mu.Create();
return;
}
throw new UnauthorizedAccessException("Access Denied");
}
public void CreateObject(ModelUser _ModelUser, string SessionToken)
{
ModelSession session = ModelUserSecureService.CheckSessionImp(SessionToken);
if (!ModelUserSecureService.CheckUserRightsImp(session.User.Name, "Create " + typeof(ModelUser).FullName))
throw new UnauthorizedAccessException("Access Denied");
_ModelUser.Owner = session.User;
_ModelUser.Create();
}
