/// <summary> /// Check Access from your Application [FOR Windows Users ONLY]. /// </summary> /// <param name="dbUserName">DB Username</param> private void CheckAccessPermissionsForDBUsers(string dbUserName) { // REMBER: // Modify dbo.GetDBUsers Table-Function to customize DB User list. // USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Readers //Sql Storage connection string string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password"; //Create an instance of SqlAzManStorage class IAzManStorage storage = new SqlAzManStorage(sqlConnectionString); //Retrieve DB User identity from dbo.GetDBUsers Table-Function IAzManDBUser dbUser = storage.GetDBUser(dbUserName); AuthorizationType auth = storage.CheckAccess("My Store", "My Application", "My Operation", dbUser, DateTime.Now, true); switch (auth) { case AuthorizationType.AllowWithDelegation: //Yes, I can ... and I can delegate break; case AuthorizationType.Allow: //Yes, I can break; case AuthorizationType.Neutral: case AuthorizationType.Deny: //No, I cannot break; } }
protected void Button2_Click(object sender, EventArgs e) { IAzManStorage storage = new SqlAzManStorage("data source=(local);Initial Catalog=NetSqlAzManStorage;user id=sa;password="******"Andrea"); UserPermissionCache cache = new UserPermissionCache(storage, "Store Stress Test", "Application0", andrea, true, true); Session["cache"] = cache; }
public List <Role> GetUserPermissionsNotification(string userName, string store, string application) { //throw new NotImplementedException(); //string userSid = userId.ToString("X"); //string zeroes = string.Empty; //for (int start = 0; start < 8 - userSid.Length; start++) // zeroes += "0"; string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString; IAzManStorage AzManStore = new SqlAzManStorage(connectionString); StorageCache storage = new StorageCache(connectionString); //storage.BuildStorageCache(store, application); //new AuthorizedItem(){} //AuthorizedItem[] items = storage.GetAuthorizedItems(store, application, AzManStore.GetDBUser(userName).CustomSid.StringValue, DateTime.Now); //AuthorizedItem[] items = storage.GetAuthorizedItems("CATS", application, AzManStore.GetDBUser(userName).CustomSid.StringValue, DateTime.Now, null); var allItems = storage.Storage.GetStore(store).GetApplication(application).Items; ////var d = CheckAccess(AzManStore.GetDBUser(userName), application, "EW Coordinator", AzManStore); var roleItems = ( from t in allItems where t.Value.ItemType == ItemType.Role select t ); var roles = new List <Role>(); foreach (var item in roleItems) { var r = new Role(); r.RoleName = item.Value.Name; r.IsChecked = CheckAccess(AzManStore.GetDBUser(userName), application, item.Value.Name, AzManStore); if (r.IsChecked) { roles.Add(r); } } //AuthorizedItem[] items = storage.GetAuthorizedItems(); //var f =(from t in items where t.Authorization == AuthorizationType.Allow && t.Type == ItemType.Role select new Role { RoleName = t.Name }).ToList(); return(roles); }
/// <summary> /// Create a Full Storage through .NET code /// </summary> private void CreateFullStorage() { // USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Administrators //Sql Storage connection string string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password"; //Create an instance of SqlAzManStorage class IAzManStorage storage = new SqlAzManStorage(sqlConnectionString); //Open Storage Connection storage.OpenConnection(); //Begin a new Transaction storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted); //Create a new Store IAzManStore newStore = storage.CreateStore("My Store", "Store description"); //Create a new Basic StoreGroup IAzManStoreGroup newStoreGroup = newStore.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), "My Store Group", "Store Group Description", String.Empty, GroupType.Basic); //Retrieve current user SID IAzManSid mySid = new SqlAzManSID(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User); //Add myself as sid of "My Store Group" IAzManStoreGroupMember storeGroupMember = newStoreGroup.CreateStoreGroupMember(mySid, WhereDefined.Local, true); //Create a new Application IAzManApplication newApp = newStore.CreateApplication("New Application", "Application description"); //Create a new Role IAzManItem newRole = newApp.CreateItem("New Role", "Role description", ItemType.Role); //Create a new Task IAzManItem newTask = newApp.CreateItem("New Task", "Task description", ItemType.Task); //Create a new Operation IAzManItem newOp = newApp.CreateItem("New Operation", "Operation description", ItemType.Operation); //Add "New Operation" as a sid of "New Task" newTask.AddMember(newOp); //Add "New Task" as a sid of "New Role" newRole.AddMember(newTask); //Create an authorization for myself on "New Role" IAzManAuthorization auth = newRole.CreateAuthorization(mySid, WhereDefined.Local, mySid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null); //Create a custom attribute IAzManAttribute <IAzManAuthorization> attr = auth.CreateAttribute("New Key", "New Value"); //Create an authorization for DB User "Andrea" on "New Role" IAzManAuthorization auth2 = newRole.CreateAuthorization(mySid, WhereDefined.Local, storage.GetDBUser("Andrea").CustomSid, WhereDefined.Local, AuthorizationType.AllowWithDelegation, null, null); //Commit transaction storage.CommitTransaction(); //Close connection storage.CloseConnection(); }
public ActionResult Login(LoginModel model, string returnUrl) { // Check if the supplied credentials are correct. ViewBag.HasError = false; ViewBag.returnUrl = returnUrl; // Create logger instance to record activities var log = new Logger(); try { if (_userAccountService.Authenticate(model.UserName, model.Password)) { FormsAuthentication.SetAuthCookie(model.UserName, true); // Will be refactored var user = _userAccountService.GetUserDetail(model.UserName); user.LogginDate = DateTime.Now; user.NumberOfLogins += 1; // Session["USER_PROFILE"] = user; _userAccountService.UpdateUser(user); // Add user information to session variable to avoid frequent trip to the databas var service = (IUserAccountService)DependencyResolver.Current.GetService(typeof(IUserAccountService)); var userInfo = service.GetUserInfo(model.UserName); Session["USER_INFO"] = userInfo; Session["USER_PROFILE"] = service.GetUserDetail(model.UserName); // Before trying to go and look for user permissions, check if the user is logged in or not //// Load user permissions IAzManStorage storage = new SqlAzManStorage(ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString); IAzManDBUser dbUser = storage.GetDBUser(user.UserName); // Early Warning user permissions UserPermissionCache earlyWarningPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.EARLY_WARNING, dbUser, true, false); Session[CatsGlobals.EARLY_WARNING_PERMISSIONS] = earlyWarningPermissionCache; //PSNP user permission UserPermissionCache psnpPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.PSNP, dbUser, true, false); Session[CatsGlobals.PSNP_PERMISSIONS] = psnpPermissionCache; // Logistics user permissions UserPermissionCache logisticsPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.LOGISTICS, dbUser, true, false); Session[CatsGlobals.LOGISTICS_PERMISSIONS] = logisticsPermissionCache; // Procurement user permissions UserPermissionCache procurementPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.PROCUREMENT, dbUser, true, false); Session[CatsGlobals.PROCUREMENT_PERMISSIONS] = procurementPermissionCache; // Hub user permissions UserPermissionCache hubPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.HUB, dbUser, true, false); Session[CatsGlobals.HUB_PERMISSIONS] = hubPermissionCache; // Regional user permissions UserPermissionCache regionalPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.REGION, dbUser, true, false); Session[CatsGlobals.REGION_PERMISSIONS] = regionalPermissionCache; // Regional user permissions UserPermissionCache financePermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.FINANCE, dbUser, true, false); Session[CatsGlobals.FINANCE_PERMISSIONS] = financePermissionCache; // Whatever permission we are going to have! _log.Info("Logged in User: "******"Administrator", "Manage User Account"); //service.GetUserPermissions(model.UserName, "CATS", "Finance"); return(RedirectToLocal(returnUrl)); } } catch (UserNotFoundException unfe) { log.LogAllErrorsMesseges(unfe, _log); ViewBag.HasError = true; ViewBag.Error = unfe.ToString(); ViewBag.ErrorMessage = "Your user name is not registered as a user on CATS. Please contact your system administrator."; } catch (DisabledUserException due) { log.LogAllErrorsMesseges(due, _log); ViewBag.HasError = true; ViewBag.Error = due.ToString(); ViewBag.ErrorMessage = "Your user account is disabled. Please contact your system administrator."; } catch (UnmatchingUsernameAndPasswordException uuape) { log.LogAllErrorsMesseges(uuape, _log); ViewBag.HasError = true; ViewBag.Error = uuape.ToString(); ViewBag.ErrorMessage = "The user name and password you provided do not match. Please try again with a correct combination."; } catch (Exception exception) { log.LogAllErrorsMesseges(exception, _log); ViewBag.HasError = true; ViewBag.Error = exception.ToString(); ViewBag.ErrorMessage = "Login failed. Try logging in with the right user name and password."; ModelState.AddModelError("", exception.Message); } return(View()); }