/// <summary>
/// Checks if the specified user is allowed to access this partition.
/// </summary>
/// <returns></returns>
public static bool IsUserAccessAllowed(this ServerPartition partition, CustomPrincipal user)
{
Platform.CheckForNullReference(user, "user cannot be null");
// If user has the "access all" token, return true
if (user.IsInRole(ClearCanvas.Enterprise.Common.AuthorityTokens.DataAccess.AllPartitions))
return true;
// If user belongs to any data access authority group which can access the partition, return true
var isAllowed = user.Credentials.DataAccessAuthorityGroups != null
&& user.Credentials.DataAccessAuthorityGroups.Any(g => partition.IsAuthorityGroupAllowed(g.ToString()));
return isAllowed;
}
public SessionInfo Login(string userName, string password, string appName)
{
if (string.IsNullOrEmpty(userName))
{
throw new ArgumentException(SR.UserIDIsEmpty);
}
if (string.IsNullOrEmpty(password))
{
throw new ArgumentException(SR.PasswordIsEmpty);
}
Platform.CheckForEmptyString(password, "password");
Platform.CheckForEmptyString(appName, "appName");
SessionInfo session = null;
Platform.GetService(
delegate(IAuthenticationService service)
{
try
{
var request = new InitiateSessionRequest(userName, appName,
Dns.GetHostName(), password)
{
GetAuthorizations = true
};
InitiateSessionResponse response = service.InitiateSession(request);
if (response != null)
{
var credentials = new LoginCredentials
{
UserName = userName,
DisplayName = response.DisplayName,
SessionToken = response.SessionToken,
Authorities = response.AuthorityTokens,
DataAccessAuthorityGroups = response.DataGroupOids,
EmailAddress = response.EmailAddress
};
var user = new CustomPrincipal(new CustomIdentity(userName, response.DisplayName), credentials);
Thread.CurrentPrincipal = user;
session = new SessionInfo(user);
session.User.WarningMessages = response.WarningMessages;
// Note: need to insert into the cache before calling SessionInfo.Validate()
SessionCache.Instance.AddSession(response.SessionToken.Id, session);
session.Validate();
Platform.Log(LogLevel.Info, "{0} has successfully logged in.", userName);
}
}
catch (FaultException <PasswordExpiredException> ex)
{
throw ex.Detail;
}
catch (FaultException <UserAccessDeniedException> ex)
{
throw ex.Detail;
}
catch (FaultException <RequestValidationException> ex)
{
throw ex.Detail;
}
}
);
return(session);
}
private static string GetDataAccessSubCriteriaCacheID(CustomPrincipal principal)
{
return DataAccessSubCriteriaPrefix + principal.SessionTokenId;
}
public SessionInfo Login(string userName, string password, string appName)
{
if (string.IsNullOrEmpty(userName))
throw new ArgumentException(SR.UserIDIsEmpty);
if (string.IsNullOrEmpty(password))
throw new ArgumentException(SR.PasswordIsEmpty);
Platform.CheckForEmptyString(password, "password");
Platform.CheckForEmptyString(appName, "appName");
SessionInfo session = null;
Platform.GetService(
delegate(IAuthenticationService service)
{
try
{
var request = new InitiateSessionRequest(userName, appName,
Dns.GetHostName(), password)
{
GetAuthorizations = true
};
InitiateSessionResponse response = service.InitiateSession(request);
if (response != null)
{
var credentials = new LoginCredentials
{
UserName = userName,
DisplayName = response.DisplayName,
SessionToken = response.SessionToken,
Authorities = response.AuthorityTokens,
DataAccessAuthorityGroups = response.DataGroupOids,
EmailAddress = response.EmailAddress
};
var user = new CustomPrincipal(new CustomIdentity(userName, response.DisplayName),credentials);
Thread.CurrentPrincipal = user;
session = new SessionInfo(user);
session.User.WarningMessages = response.WarningMessages;
// Note: need to insert into the cache before calling SessionInfo.Validate()
SessionCache.Instance.AddSession(response.SessionToken.Id, session);
session.Validate();
Platform.Log(LogLevel.Info, "{0} has successfully logged in.", userName);
}
}
catch (FaultException<PasswordExpiredException> ex)
{
throw ex.Detail;
}
catch(FaultException<UserAccessDeniedException> ex)
{
throw ex.Detail;
}
catch (FaultException<RequestValidationException> ex)
{
throw ex.Detail;
}
}
);
return session;
}
public SessionInfo(CustomPrincipal user)
{
_user = user;
}
public SessionInfo(CustomPrincipal user)
{
_user = user;
}
