internal SecurityIdentifier GetUpnSid()
{
if (!this.hasUpnSidBeenComputed)
{
lock (this.thisLock)
{
string resource = (string)base.IdentityClaim.Resource;
if (!this.hasUpnSidBeenComputed)
{
try
{
NTAccount account = new NTAccount(resource);
this.upnSid = account.Translate(typeof(SecurityIdentifier)) as SecurityIdentifier;
}
catch (Exception exception)
{
if (Fx.IsFatal(exception))
{
throw;
}
if (exception is NullReferenceException)
{
throw;
}
SecurityTraceRecordHelper.TraceSpnToSidMappingFailure(resource, exception);
}
finally
{
this.hasUpnSidBeenComputed = true;
}
}
}
}
return(this.upnSid);
}
static SecurityIdentifier GetUserSecurityIdentifier(string name)
{
NTAccount acct = new NTAccount(Environment.MachineName, name);
SecurityIdentifier id = (SecurityIdentifier)acct.Translate(typeof(SecurityIdentifier));
return(id);
}
private string _TranslateUserNameToSid(string username)
{
NTAccount ntAcct = new NTAccount(username);
SecurityIdentifier sid = (SecurityIdentifier)ntAcct.Translate(typeof(SecurityIdentifier));
return(sid.ToString());
}
static string GetSidForUser(string username)
{
var account = new NTAccount(username);
var sid = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier));
return(sid.ToString());
}
private void UpdateOnedriveInfo()
{
onedriveButton.Enabled = false;
//ModifyRegistry.ModifyRegistry userShellFolders = new ModifyRegistry.ModifyRegistry(Registry.CurrentUser, @"Microsoft", @"Windows\CurrentVersion\Explorer\User Shell Folders");
ModifyRegistry.ModifyRegistry userShellFolders = new ModifyRegistry.ModifyRegistry(Registry.CurrentUser, "Microsoft", @"Windows\CurrentVersion\Explorer\User Shell Folders");
ModifyRegistry.ModifyRegistry onedriveFolder = new ModifyRegistry.ModifyRegistry(Registry.CurrentUser, @"Microsoft", @"OneDrive\Accounts\Business1");
ModifyRegistry.ModifyRegistry onedriveVersionFolder = new ModifyRegistry.ModifyRegistry(Registry.CurrentUser, @"Microsoft", @"Onedrive");
string user = Environment.UserName;
NTAccount currentUser = new NTAccount(user);
SecurityIdentifier sid = (SecurityIdentifier)currentUser.Translate(typeof(SecurityIdentifier));
SID.Text = sid.ToString();
desktopLocation.Text = userShellFolders.ReadString("{754AC886-DF64-4CBA-86B5-F7FBF4FBCEF5}");
documents.Text = userShellFolders.ReadString("Personal");
deviceID.Text = HardwareLibrary.DeviceID();
LoadAdminGroup();
bool onedriveInstalled = (onedriveFolder.ReadString(@"UserFolder") == null) ? false : true;
if (onedriveInstalled)
{
onedrive.Text = onedriveFolder.ReadString("UserFolder");
version.Text = onedriveVersionFolder.ReadString("Version");
Thread.Sleep(200);
onedriveButton.Enabled = true;
}
}
public static SecurityIdentifier GetSidFromClaim(string claimValue)
{
SecurityIdentifier sid = null;
SPClaimProviderManager claimManager = SPClaimProviderManager.Local;
if (claimManager == null)
{
throw new ApplicationException("Unable to access the claims provider manager.");
}
try
{
SPClaim claim = claimManager.DecodeClaim(claimValue);
if (claim.OriginalIssuer.Equals("Windows", StringComparison.OrdinalIgnoreCase))
{
if (claim.ClaimType.Equals(Microsoft.IdentityModel.Claims.ClaimTypes.GroupSid, StringComparison.OrdinalIgnoreCase))
{
sid = new SecurityIdentifier(claim.Value);
}
else if (claim.ClaimType.Equals(Microsoft.SharePoint.Administration.Claims.SPClaimTypes.UserLogonName, StringComparison.OrdinalIgnoreCase))
{
NTAccount userAccount = new NTAccount(claim.Value);
sid = (SecurityIdentifier)userAccount.Translate(typeof(SecurityIdentifier));
}
}
}
catch (ArgumentException currentException)
{
GlymaSearchLogger.WriteTrace(LogCategoryId.Security, TraceSeverity.Unexpected, "The following exception occured when attempting to decode the claim, " + claimValue + " : " + currentException.ToString());
}
return(sid);
}
internal static string GetFormattedLocalUserSid(string windowsUsername)
{
var ntaccount = new NTAccount("", windowsUsername);
var sid = ntaccount.Translate(typeof(SecurityIdentifier)).Value;
return(String.Format(CultureInfo.InvariantCulture, "D:(A;;CC;;;{0})", sid));
}
/// <summary>
/// Deletes the user profile.
/// </summary>
/// <param name="userName">Name of the user.</param>
/// <param name="domainName">The domain name of the user to act as.</param>
public static void DeleteUserProfile(string userName, string domainName)
{
NTAccount ntaccount = new NTAccount(domainName, userName);
string userSid = ntaccount.Translate(typeof(SecurityIdentifier)).Value;
bool retry = true;
int retries = 2;
while (retry && retries > 0)
{
retry = false;
if (!DeleteProfile(userSid, null, null))
{
int errorCode = Marshal.GetLastWin32Error();
// Error Code 2: The user profile was not created or was already deleted
if (errorCode == 2)
{
return;
}
// Error Code 87: The user profile is still loaded.
else if (errorCode == 87)
{
retry = true;
retries--;
}
else
{
throw new Win32Exception(errorCode);
}
}
}
}
static void CreateDatabase(SlkSPSiteMapping mapping, string databaseName, string appPoolAccountName, string databaseSchema)
{
// restrict the characters in <databaseName>
if (!Regex.Match(databaseName, @"^\w+$").Success)
{
throw new SafeToDisplayException(SlkCulture.GetResources().InvalidDatabaseName, databaseName);
}
// if <appPoolAccountName> is null, set it to the name of the application pool account
// (e.g. "NT AUTHORITY\NETWORK SERVICE"); set <appPoolSid> to its SID
byte[] appPoolSid = null;
if (appPoolAccountName == null)
{
using (SPSite site = new SPSite(mapping.SPSiteGuid))
{
appPoolAccountName = site.WebApplication.ApplicationPool.Username;
}
}
NTAccount appPoolAccount = new NTAccount(appPoolAccountName);
SecurityIdentifier securityId =
(SecurityIdentifier)appPoolAccount.Translate(typeof(SecurityIdentifier));
appPoolSid = new byte[securityId.BinaryLength];
securityId.GetBinaryForm(appPoolSid, 0);
SlkUtilities.ImpersonateAppPool(delegate()
{
CreateDatabase(mapping.DatabaseServerConnectionString, databaseName,
mapping.DatabaseConnectionString, appPoolAccountName,
appPoolSid, databaseSchema);
});
}
public MethodStatus SetPermission(string domain, string userName, AccessMaskTypes amtype)
{
NTAccount account = new NTAccount(domain, userName);
SecurityIdentifier sid = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier));
byte[] sidArray = new byte[sid.BinaryLength];
sid.GetBinaryForm(sidArray, 0);
ManagementObject trustee = new ManagementClass(new ManagementPath("Win32_Trustee"), null);
trustee["Domain"] = domain;
trustee["Name"] = userName;
trustee["SID"] = sidArray;
ManagementObject adminACE = new ManagementClass(new ManagementPath("Win32_Ace"), null);
adminACE["AccessMask"] = (int)amtype;
adminACE["AceFlags"] = 3;
adminACE["AceType"] = 0;
adminACE["Trustee"] = trustee;
ManagementObject secDescriptor = new ManagementClass(new ManagementPath("Win32_SecurityDescriptor"), null);
secDescriptor["ControlFlags"] = 4; //SE_DACL_PRESENT
secDescriptor["DACL"] = new object[] { adminACE };
object result = _winShareObject.InvokeMethod("SetShareInfo", new object[] { int.MaxValue, Description, secDescriptor });
uint r = Convert.ToUInt32(result);
return((MethodStatus)r);
}
// To check if the required environment variable exists for the given User Name
public bool EnvironmentVariableExists(string domainName, string userName)
{
try
{
NTAccount f = new NTAccount(domainName, userName);
SecurityIdentifier s = (SecurityIdentifier)f.Translate(typeof(SecurityIdentifier));
string sidString = s.ToString();
var regView = (Environment.Is64BitOperatingSystem ? RegistryView.Registry64 : RegistryView.Registry32);
var baseKey = RegistryKey.OpenBaseKey(RegistryHive.Users, regView);
var baseKeyPath = Path.Combine(sidString, "Environment");
var environmentKey = baseKey.OpenSubKey(baseKeyPath);
var envVariable = environmentKey.GetValue(EnvironmentVariableName);
if (envVariable != null)
{
EnvironmentVariableValue = envVariable.ToString();
return(true);
}
return(false);
}
catch (Exception ex)
{
return(false);
}
}
private static string SidFromDotNetFcl(string username)
{
var account = new NTAccount(username);
var sid = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier));
return(sid.ToString());
}
private static string GetAllowDaclFromUserName(string userName)
{
NTAccount entryPointRunAsUser = new NTAccount(userName);
SecurityIdentifier entryPointRunAsUserSid = (SecurityIdentifier)entryPointRunAsUser.Translate(typeof(SecurityIdentifier));
return(GetAllowDacl(entryPointRunAsUserSid));
}
public static void RemoveUser(string targetDir, string user, string windowsUser, string userHomeDir, string userShell)
{
string passwdFile = Path.Combine(targetDir, "etc", "passwd");
string userSID = null;
try
{
var objUser = new NTAccount(windowsUser);
userSID = ((SecurityIdentifier)objUser.Translate(typeof(SecurityIdentifier))).Value;
}
catch
{
throw new Exception(string.Format("Could not get SID for user {0}. Aborting.", windowsUser));
}
string usersGroupSID = CygwinPasswd.GetNoneGroupSID();
Logger.Debug("Setting up user in passwd file...");
string uid = userSID.Split('-').Last();
string gid = usersGroupSID.Split('-').Last();
string userHomeDirLinux = LinuxFiles.Cygpath(userHomeDir);
userShell = LinuxFiles.Cygpath(userShell);
string match = string.Format("{0}:unused:{1}:{2}:{3},{4}:{5}:{6}", user, uid, gid, windowsUser, userSID, userHomeDirLinux, userShell);
List <string> content = File.ReadAllLines(passwdFile).ToList();
content.Remove(match);
File.WriteAllLines(passwdFile, content, Encoding.ASCII);
}
internal static string GetSID(string _userid)
{
NTAccount acc = new NTAccount(_userid);
SecurityIdentifier sid = (SecurityIdentifier)acc.Translate(typeof(SecurityIdentifier));
return(sid.ToString());
}
/// <summary>
/// This is a demo of the older (circa 2002) approach to doing Identity and Principal authentication/authorization. It demonstrates
/// the IPrincipal and IIdentity approaches by creating a WindowsIdentity which implements the IIdentity interface.
/// </summary>
static void IdentityDemo()
{
WindowsIdentity id = WindowsIdentity.GetCurrent();
System.Console.WriteLine("Windows Account Name: " + id.Name);
var account = new NTAccount(id.Name);
System.Console.WriteLine("Windows Account SID: " + account.Translate(typeof(SecurityIdentifier)));
System.Console.WriteLine();
System.Console.WriteLine("Groups ...");
foreach (var group in id.Groups.Translate(typeof(NTAccount)))
{
System.Console.WriteLine(" " + group);
}
WindowsPrincipal principal = new WindowsPrincipal(id);
var domainGroup = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, id.User.AccountDomainSid);
System.Console.WriteLine("Domain Group ...");
System.Console.WriteLine("SID: " + domainGroup.AccountDomainSid);
System.Console.WriteLine("Name: " + domainGroup.Translate(typeof(NTAccount)));
System.Console.WriteLine("Is in Role: " + principal.IsInRole(domainGroup));
// Note that the windows principal is not set as the current thread principal.
System.Console.WriteLine("Current Identity Name: " + ClaimsPrincipal.Current.Identity.Name);
Thread.CurrentPrincipal = principal;
System.Console.WriteLine("Current Identity Name: " + ClaimsPrincipal.Current.Identity.Name);
}
static DiscretionaryAcl BuildAclFromConfig()
{
DiscretionaryAcl dacl = new DiscretionaryAcl(false, false, 1);
string authorizationLocation = @"..\..\AuthorizationList.xml";
XPathDocument xpathDoc = new XPathDocument(authorizationLocation);
XPathNavigator xpathNav = xpathDoc.CreateNavigator();
xpathNav = xpathNav.SelectSingleNode("remotingAuthorization");
if (xpathNav.HasChildren)
{
xpathNav.MoveToChild(XPathNodeType.Element);
do
{
AccessControlType accessType = (AccessControlType)Enum.Parse(typeof(AccessControlType), xpathNav.Name);
Console.WriteLine(xpathNav.Name);
xpathNav.MoveToAttribute("users", xpathNav.NamespaceURI);
Console.WriteLine(xpathNav.Name);
Console.WriteLine(xpathNav.Value);
NTAccount account = new NTAccount(xpathNav.Value);
dacl.AddAccess(
accessType,
(SecurityIdentifier)account.Translate(typeof(SecurityIdentifier)),
-1, InheritanceFlags.None,
PropagationFlags.None);
xpathNav.MoveToParent();
} while (xpathNav.MoveToNext(XPathNodeType.Element));
}
return(dacl);
}
internal protected SecurityAccount(SecurityCache parent, IdentityReference ident)
{
NTAccount = ident as NTAccount;
if (NTAccount != null)
{
Sid = (SecurityIdentifier)NTAccount.Translate(typeof(SecurityIdentifier));
IsMapped = true;
}
else
{
Sid = (SecurityIdentifier)ident;
try
{
NTAccount = (NTAccount)Sid.Translate(typeof(NTAccount));
IsMapped = true;
}
catch
{
NTAccount = new NTAccount("unknown", Sid.Value);
}
}
IsAccoundSid = Sid.IsAccountSid();
for (int i = 0; i < wellKnownTypes.Length; i++)
{
if (!Sid.IsWellKnown(wellKnownTypes[i]))
{
continue;
}
WellKnownSid = wellKnownTypes[i];
break;
}
IsGroup = IsMapped && isGroup(parent);
}
private void BtnDeleteUsers_Click(object sender, EventArgs e)
{
if (MessageToUser("Czy chcesz usunąć użytkownika z komputera?", "Usuwanie użytkownika"))
{
if (MessageToUser("Czy jesteś pewien?", "Usuwanie użytkownika"))
{
var UserObj = ComboBoxUsers.SelectedItem.ToString();
var objSID = new NTAccount(UserObj);
var keepData = true;
if (PuzzelLibrary.Settings.Values.SaveUserData == false)
{
keepData = MessageToUser("Czy chcesz zachować dane?", "Usuwanie użytkownika");
}
try
{
var objUser = objSID.Translate(typeof(SecurityIdentifier));
new PuzzelLibrary.QuickFix.DeleteUsers(_HostName).saveDeleteUserData(UserObj, keepData);
}
catch (IdentityNotMappedException)
{
new PuzzelLibrary.QuickFix.DeleteUsers(_HostName).saveDeleteUserData(UserObj, keepData);
}
}
}
}
public string GetSID(string userName)
{
var account = new NTAccount(null, userName);
var securityIdentifier = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier));
return(securityIdentifier.ToString());
}
public void AddUser(string user)
{
NTAccount account = new NTAccount(user);
SecurityIdentifier sid = (SecurityIdentifier)account.Translate(typeof(SecurityIdentifier));
AddSecurityIdentifier(sid);
}
public string GetPathEnvironmentVariable(string domainName, string userName)
{
try
{
NTAccount f = new NTAccount(domainName, userName);
SecurityIdentifier s = (SecurityIdentifier)f.Translate(typeof(SecurityIdentifier));
string sidString = s.ToString();
var regView = (Environment.Is64BitOperatingSystem ? RegistryView.Registry64 : RegistryView.Registry32);
var baseKey = RegistryKey.OpenBaseKey(RegistryHive.Users, regView);
var baseKeyPath = Path.Combine(sidString, "Environment");
var environmentKey = baseKey.OpenSubKey(baseKeyPath);
var variableNames = environmentKey.GetValueNames();
string pathVariableVal = string.Empty;
foreach (var varName in variableNames)
{
if (varName.ToLower().Equals("path"))
{
pathVariableVal = environmentKey.GetValue(varName).ToString();
break;
}
}
return(pathVariableVal);
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// Remove Authorization Delegate
/// </summary>
private void RemoveDelegate()
{
// USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Users
//Sql Storage connection string
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
//Create an instance of SqlAzManStorage class
IAzManStorage storage = new SqlAzManStorage(sqlConnectionString);
IAzManStore mystore = storage.GetStore("My Store"); //or storage["My Store"]
IAzManApplication myapp = mystore.GetApplication("My Application");
IAzManItem myop = myapp.GetItem("My Operation");
//Retrieve current user identity (delegating user)
WindowsIdentity userIdentity = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()); //for Windows Applications
//WindowsIdentity userIdentity = this.Request.LogonUserIdentity; //for ASP.NET Applications
//Retrieve delegate user Login
NTAccount delegateUserLogin = new NTAccount("DOMAIN", "delegateuseraccount");
//Retrieve delegate user SID
SecurityIdentifier delegateSID = (SecurityIdentifier)delegateUserLogin.Translate(typeof(SecurityIdentifier));
IAzManSid delegateNetSqlAzManSID = new SqlAzManSID(delegateSID);
//Estabilish delegate authorization (only Allow or Deny)
RestrictedAuthorizationType delegateAuthorization = RestrictedAuthorizationType.Allow;
//Remove delegate and all custom attributes
myop.DeleteDelegateAuthorization(userIdentity, delegateNetSqlAzManSID, delegateAuthorization);
}
private static bool GetSID(string userAccount, out string sid)
{
bool ReturnValue = false;
// Defaults
sid = null;
try
{
NTAccount Account;
SecurityIdentifier SID;
if (userAccount.Contains(@"\"))
{
userAccount = userAccount.Substring(userAccount.IndexOf(@"\") + 1);
}
Account = new NTAccount(userAccount);
SID = (SecurityIdentifier)Account.Translate(typeof(SecurityIdentifier));
sid = SID.ToString();
ReturnValue = true;
}
catch (Exception)
{
ReturnValue = false;
}
return(ReturnValue);
}
public static void ResetOwnershipAndRelinquishControl(String fileName)
{
// // at least, I think this is SDDL format
// const String trustedInstallerSidSddl = @"S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464 ";
NativeMethods.EnableProcessToken(NativeMethods.SePrivileges.TakeOwnership);
NativeMethods.EnableProcessToken(NativeMethods.SePrivileges.Restore);
FileInfo file = new FileInfo(fileName);
// TrustedInstaller is the default owner of system files in Vista, this adds an additional layer of system protection
// So you need to Take Ownership, then add permission for yourself to do whatever it is you're doing
SecurityIdentifier builtinAdministratorsGroupSid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
// SecurityIdentifier trustedInstallerSid = new SecurityIdentifier( trustedInstallerSidSddl );
NTAccount trustedInstallerServiceAccount = new NTAccount("NT Service\\TrustedInstaller");
SecurityIdentifier trustedInstallerSid = (SecurityIdentifier)trustedInstallerServiceAccount.Translate(typeof(SecurityIdentifier));
// Change Ownership
FileSecurity ownerSec = file.GetAccessControl(AccessControlSections.Owner);
ownerSec.SetOwner(trustedInstallerSid);
file.SetAccessControl(ownerSec);
// Reliquish Full Control
FileSecurity aclSec = file.GetAccessControl(AccessControlSections.Access);
aclSec.RemoveAccessRule(new FileSystemAccessRule(builtinAdministratorsGroupSid, FileSystemRights.FullControl, AccessControlType.Allow));
file.SetAccessControl(aclSec);
}
public void Can_find_sid()
{
var account = new NTAccount(_testUser.Username);
string sid = account.Translate(typeof(SecurityIdentifier)).Value;
Console.Out.WriteLine("sid = {0}", sid);
}
private static string GetNTAccountSecIdentifier()
{
NTAccount nTAccount = new NTAccount(WindowsIdentity.GetCurrent().Name);
SecurityIdentifier securityIdentifier = (SecurityIdentifier)nTAccount.Translate(typeof(SecurityIdentifier));
return(securityIdentifier.ToString());
}
//load hives
public static void loadUserRegistryHive(string username)
{
string wimHivePath = "C:\\Users\\" + username + "\\ntuser.dat";
try
{
NTAccount f = new NTAccount(username);
SecurityIdentifier s = (SecurityIdentifier)f.Translate(typeof(SecurityIdentifier));
string sidString = s.ToString();
string[] loadedHives = Registry.Users.GetSubKeyNames();
bool foundUserName = false;
foreach (string hiveName in loadedHives)
{
if (hiveName.Equals(sidString))
{
foundUserName = true;
}
}
if (!foundUserName)
{
string loadedHiveKey = RegistryInterop.Load(wimHivePath, sidString);
Console.WriteLine("Key Loaded: {0}", loadedHiveKey);
}
}
catch (Exception)
{
Console.WriteLine("Could not resolve sid for user: {0}", username);
}
}
private SecurityIdentifier GetDomainSid()
{
var administratorAcount = new NTAccount(this._ldapSettings.DomainName, "administrator");
var administratorSId = (SecurityIdentifier)administratorAcount.Translate(typeof(SecurityIdentifier));
return(administratorSId.AccountDomainSid);
}
/// <summary>
/// Gets the SID for the associated Windows user.
/// </summary>
/// <returns>
/// The SID for the Windows user.
/// </returns>
private string GetSid()
{
// Verify that the username was provided
if (string.IsNullOrEmpty(Name))
{
return(string.Empty);
}
try
{
// Get the account for the username
NTAccount account = new NTAccount(Name);
// Try to get the security identifier for the username
SecurityIdentifier identifier = (SecurityIdentifier)account.Translate(
typeof(SecurityIdentifier));
// Return the string value of the identifier
return(identifier.Value);
}
catch (IdentityNotMappedException)
{
// If the identity could not be mapped, just return an empty string
return(string.Empty);
}
}
protected void btnUndelegate_Click(object sender, EventArgs e)
{
NTAccount delegatedNTAccount = new NTAccount("ProductManager1");
SecurityIdentifier delegatedSid = (SecurityIdentifier)delegatedNTAccount.Translate(typeof(SecurityIdentifier));
IAzManItem item = this.application["Controllo del Budget"];
item.DeleteDelegateAuthorization(this.identity, new SqlAzManSID(delegatedSid), RestrictedAuthorizationType.Allow);
this.btnDelegateForBudgetCheck.Enabled = true;
this.btnUndelegate.Enabled = false;
}
protected void btnDelegateForBudgetCheck_Click(object sender, EventArgs e)
{
NTAccount delegatedNTAccount = new NTAccount("ProductManager1");
SecurityIdentifier delegatedSid = (SecurityIdentifier)delegatedNTAccount.Translate(typeof(SecurityIdentifier));
this.application.Store.Storage.OpenConnection();
this.application.Store.Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
IAzManAuthorization delegateAuthorization = this.application["Controllo del Budget"].CreateDelegateAuthorization(this.identity, new SqlAzManSID(delegatedSid), RestrictedAuthorizationType.Allow, null, null);
delegateAuthorization.CreateAttribute("SomeBusinessAttribute", "Business profile data");
this.application.Store.Storage.CommitTransaction();
this.application.Store.Storage.CloseConnection();
this.btnDelegateForBudgetCheck.Enabled = false;
this.btnUndelegate.Enabled = true;
}
protected void Page_Load(object sender, EventArgs e)
{
IAzManStorage storage = new SqlAzManStorage(ConfigurationManager.ConnectionStrings["NetSqlAzManStorage"].ConnectionString);
this.application = storage[ConfigurationManager.AppSettings["StoreName"]][ConfigurationManager.AppSettings["ApplicationName"]];
//Get user Identity
this.identity = this.Request.LogonUserIdentity;
this.lblIAM.Text = this.identity.Name;
//Print DateTime
this.lblDateTime.Text = DateTime.Now.ToString();
//Check Access on Items
this.application.Store.Storage.OpenConnection();
this.btnBudgetCheck.Enabled = this.checkAccessHelper("Controllo del Budget");
this.btnCustomerRelationshipManagement.Enabled = this.checkAccessHelper("Relazioni con i Clienti");
this.btnConstraintCheck.Enabled = this.checkAccessHelper("Controllo dei Vincoli");
this.btnTimesheetCheck.Enabled = this.checkAccessHelper("Approvazione del TimeSheet");
this.btnTimesheetCompile.Enabled = this.checkAccessHelper("Compilazione del Timesheet");
this.btnDevelopment.Enabled = this.checkAccessHelper("Sviluppo");
//Can delegate ?
NTAccount delegatedNTAccount = new NTAccount("ProductManager1");
SecurityIdentifier delegatedSid = (SecurityIdentifier)delegatedNTAccount.Translate(typeof(SecurityIdentifier));
bool canDelegate = this.checkAccessForDelegationHelper("Controllo del Budget");
bool alreadyDelegate = this.application["Controllo del Budget"].GetAuthorizations(new SqlAzManSID(this.identity.User), new SqlAzManSID(delegatedSid)).Length > 0;
this.btnDelegateForBudgetCheck.Enabled = canDelegate && !alreadyDelegate;
this.btnUndelegate.Enabled = canDelegate && alreadyDelegate;
//Attributes
IAzManAuthorization[] auths = this.application["Controllo del Budget"].GetAuthorizationsOfMember(new SqlAzManSID(this.identity.User));
string toolTip = String.Empty;
foreach (IAzManAuthorization auth in auths)
{
IAzManAttribute<IAzManAuthorization>[] attribs = auth.GetAttributes();
foreach (IAzManAttribute<IAzManAuthorization> attrib in attribs)
{
toolTip += String.Format("{0} - {1}\r\n", attrib.Key, attrib.Value);
}
}
this.btnBudgetCheck.ToolTip = toolTip;
this.application.Store.Storage.CloseConnection();
}
