public static Models.ValidationResult ValidateUser(Models.CloneDeployUserGroup userGroup, bool isNewUserGroup)
{
var validationResult = new Models.ValidationResult();
if (isNewUserGroup)
{
using (var uow = new DAL.UnitOfWork())
{
if (uow.UserGroupRepository.Exists(h => h.Name == userGroup.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This User Group Already Exists";
return(validationResult);
}
}
}
else
{
using (var uow = new DAL.UnitOfWork())
{
var originalUserGroup = uow.UserGroupRepository.GetById(userGroup.Id);
if (originalUserGroup.Name != userGroup.Name)
{
if (uow.UserGroupRepository.Exists(h => h.Name == userGroup.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This User Group Already Exists";
return(validationResult);
}
}
}
}
return(validationResult);
}
public static Models.ValidationResult DeleteGroup(int groupId)
{
var result = new ValidationResult();
using (var uow = new DAL.UnitOfWork())
{
BLL.GroupMembership.DeleteAllMembershipsForGroup(groupId);
BLL.UserGroupManagement.DeleteGroup(groupId);
BLL.GroupBootMenu.DeleteGroup(groupId);
BLL.GroupProperty.DeleteGroup(groupId);
uow.GroupRepository.Delete(groupId);
result.IsValid = uow.Save();
return result;
}
}
public static Models.ValidationResult ValidateUser(Models.CloneDeployUser user, bool isNewUser)
{
var validationResult = new Models.ValidationResult();
if (string.IsNullOrEmpty(user.Name) || !user.Name.All(c => char.IsLetterOrDigit(c) || c == '_'))
{
validationResult.IsValid = false;
validationResult.Message = "User Name Is Not Valid";
return(validationResult);
}
if (isNewUser)
{
if (string.IsNullOrEmpty(user.Password))
{
validationResult.IsValid = false;
validationResult.Message = "Password Is Not Valid";
return(validationResult);
}
using (var uow = new DAL.UnitOfWork())
{
if (uow.UserRepository.Exists(h => h.Name == user.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This User Already Exists";
return(validationResult);
}
}
}
else
{
using (var uow = new DAL.UnitOfWork())
{
var originalUser = uow.UserRepository.GetById(user.Id);
if (originalUser.Name != user.Name)
{
if (uow.UserRepository.Exists(h => h.Name == user.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This User Already Exists";
return(validationResult);
}
}
}
}
return(validationResult);
}
public static Models.ValidationResult ValidateGroup(Models.Group group, bool isNewGroup)
{
var validationResult = new Models.ValidationResult();
if (string.IsNullOrEmpty(group.Name) || !group.Name.All(c => char.IsLetterOrDigit(c) || c == '_'))
{
validationResult.IsValid = false;
validationResult.Message = "Group Name Is Not Valid";
return(validationResult);
}
if (isNewGroup)
{
using (var uow = new DAL.UnitOfWork())
{
if (uow.GroupRepository.Exists(h => h.Name == group.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This Group Already Exists";
return(validationResult);
}
}
}
else
{
using (var uow = new DAL.UnitOfWork())
{
var originalGroup = uow.GroupRepository.GetById(group.Id);
if (originalGroup.Name != group.Name)
{
if (uow.GroupRepository.Exists(h => h.Name == group.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This Group Already Exists";
return(validationResult);
}
}
}
}
return(validationResult);
}
public static Models.ValidationResult ValidateUser(Models.CloneDeployUser user, bool isNewUser)
{
var validationResult = new Models.ValidationResult();
if (string.IsNullOrEmpty(user.Name) || !user.Name.All(c => char.IsLetterOrDigit(c) || c == '_'))
{
validationResult.IsValid = false;
validationResult.Message = "User Name Is Not Valid";
return validationResult;
}
if (isNewUser)
{
if (string.IsNullOrEmpty(user.Password))
{
validationResult.IsValid = false;
validationResult.Message = "Password Is Not Valid";
return validationResult;
}
using (var uow = new DAL.UnitOfWork())
{
if (uow.UserRepository.Exists(h => h.Name == user.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This User Already Exists";
return validationResult;
}
}
}
else
{
using (var uow = new DAL.UnitOfWork())
{
var originalUser = uow.UserRepository.GetById(user.Id);
if (originalUser.Name != user.Name)
{
if (uow.UserRepository.Exists(h => h.Name == user.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This User Already Exists";
return validationResult;
}
}
}
}
return validationResult;
}
public static Models.ValidationResult ValidateGroup(Models.Group group, bool isNewGroup)
{
var validationResult = new Models.ValidationResult();
if (string.IsNullOrEmpty(group.Name) || !group.Name.All(c => char.IsLetterOrDigit(c) || c == '_'))
{
validationResult.IsValid = false;
validationResult.Message = "Group Name Is Not Valid";
return validationResult;
}
if (isNewGroup)
{
using (var uow = new DAL.UnitOfWork())
{
if (uow.GroupRepository.Exists(h => h.Name == group.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This Group Already Exists";
return validationResult;
}
}
}
else
{
using (var uow = new DAL.UnitOfWork())
{
var originalGroup = uow.GroupRepository.GetById(group.Id);
if (originalGroup.Name != group.Name)
{
if (uow.GroupRepository.Exists(h => h.Name == group.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This Group Already Exists";
return validationResult;
}
}
}
}
return validationResult;
}
public Models.ValidationResult GlobalLogin(string userName, string password, string loginType)
{
var validationResult = new Models.ValidationResult
{
Message = "Login Was Not Successful",
IsValid = false
};
//Check if user exists in Clone Deploy
var user = BLL.User.GetUser(userName);
if (user == null)
{
//Check For a first time LDAP User Group Login
if (Settings.LdapEnabled == "1")
{
foreach (var ldapGroup in BLL.UserGroup.GetLdapGroups())
{
if (new BLL.Ldap().Authenticate(userName, password, ldapGroup.GroupLdapName))
{
//user is a valid ldap user via ldap group that has not yet logged in.
//Add the user and allow login.
var cdUser = new CloneDeployUser
{
Name = userName,
Salt = Helpers.Utility.CreateSalt(64),
Token = Utility.GenerateKey(),
IsLdapUser = 1
};
//Create a local random db pass, should never actually be possible to use.
cdUser.Password = Helpers.Utility.CreatePasswordHash(new System.Guid().ToString(), cdUser.Salt);
if (BLL.User.AddUser(cdUser).IsValid)
{
//add user to group
var newUser = BLL.User.GetUser(userName);
BLL.UserGroup.AddNewGroupMember(ldapGroup,newUser);
}
validationResult.Message = "Success";
validationResult.IsValid = true;
break;
}
}
}
return validationResult;
}
if (BLL.UserLockout.AccountIsLocked(user.Id))
{
BLL.UserLockout.ProcessBadLogin(user.Id);
validationResult.Message = "Account Is Locked";
return validationResult;
}
//Check against AD
if (user.IsLdapUser == 1 && Settings.LdapEnabled == "1")
{
//Check if user is authenticated against an ldap group
if (user.UserGroupId != -1)
{
//user is part of a group, is the group an ldap group?
var userGroup = BLL.UserGroup.GetUserGroup(user.UserGroupId);
if (userGroup != null)
{
if (userGroup.IsLdapGroup == 1)
{
//the group is an ldap group
//make sure user is still in that ldap group
if (new BLL.Ldap().Authenticate(userName, password, userGroup.GroupLdapName))
{
validationResult.IsValid = true;
}
else
{
//user is either not in that group anymore, not in the directory, or bad password
validationResult.IsValid = false;
if (new BLL.Ldap().Authenticate(userName, password))
{
//password was good but user is no longer in the group
//delete the user
BLL.User.DeleteUser(user.Id);
}
}
}
else
{
//the group is not an ldap group
//still need to check creds against directory
if (new BLL.Ldap().Authenticate(userName, password)) validationResult.IsValid = true;
}
}
else
{
//group didn't exist for some reason
//still need to check creds against directory
if (new BLL.Ldap().Authenticate(userName, password)) validationResult.IsValid = true;
}
}
else
{
//user is not part of a group, check creds against directory
if (new BLL.Ldap().Authenticate(userName, password)) validationResult.IsValid = true;
}
}
else if (user.IsLdapUser == 1 && Settings.LdapEnabled != "1")
{
//prevent ldap user from logging in with local pass if ldap auth gets turned off
validationResult.IsValid = false;
}
//Check against local DB
else
{
var hash = Helpers.Utility.CreatePasswordHash(password, user.Salt);
if (user.Password == hash) validationResult.IsValid = true;
}
if (validationResult.IsValid)
{
BLL.UserLockout.DeleteUserLockouts(user.Id);
validationResult.Message = "Success";
return validationResult;
}
else
{
BLL.UserLockout.ProcessBadLogin(user.Id);
return validationResult;
}
}
public Models.ValidationResult GlobalLogin(string userName, string password, string loginType)
{
var validationResult = new Models.ValidationResult
{
Message = "Login Was Not Successful",
IsValid = false
};
//Check if user exists in Clone Deploy
var user = BLL.User.GetUser(userName);
if (user == null)
{
//Check For a first time LDAP User Group Login
if (Settings.LdapEnabled == "1")
{
foreach (var ldapGroup in BLL.UserGroup.GetLdapGroups())
{
if (new BLL.Ldap().Authenticate(userName, password, ldapGroup.GroupLdapName))
{
//user is a valid ldap user via ldap group that has not yet logged in.
//Add the user and allow login.
var cdUser = new CloneDeployUser
{
Name = userName,
Salt = Helpers.Utility.CreateSalt(64),
Token = Utility.GenerateKey(),
IsLdapUser = 1
};
//Create a local random db pass, should never actually be possible to use.
cdUser.Password = Helpers.Utility.CreatePasswordHash(new System.Guid().ToString(), cdUser.Salt);
if (BLL.User.AddUser(cdUser).IsValid)
{
//add user to group
var newUser = BLL.User.GetUser(userName);
BLL.UserGroup.AddNewGroupMember(ldapGroup, newUser);
}
validationResult.Message = "Success";
validationResult.IsValid = true;
break;
}
}
}
return(validationResult);
}
if (BLL.UserLockout.AccountIsLocked(user.Id))
{
BLL.UserLockout.ProcessBadLogin(user.Id);
validationResult.Message = "Account Is Locked";
return(validationResult);
}
//Check against AD
if (user.IsLdapUser == 1 && Settings.LdapEnabled == "1")
{
//Check if user is authenticated against an ldap group
if (user.UserGroupId != -1)
{
//user is part of a group, is the group an ldap group?
var userGroup = BLL.UserGroup.GetUserGroup(user.UserGroupId);
if (userGroup != null)
{
if (userGroup.IsLdapGroup == 1)
{
//the group is an ldap group
//make sure user is still in that ldap group
if (new BLL.Ldap().Authenticate(userName, password, userGroup.GroupLdapName))
{
validationResult.IsValid = true;
}
else
{
//user is either not in that group anymore, not in the directory, or bad password
validationResult.IsValid = false;
if (new BLL.Ldap().Authenticate(userName, password))
{
//password was good but user is no longer in the group
//delete the user
BLL.User.DeleteUser(user.Id);
}
}
}
else
{
//the group is not an ldap group
//still need to check creds against directory
if (new BLL.Ldap().Authenticate(userName, password))
{
validationResult.IsValid = true;
}
}
}
else
{
//group didn't exist for some reason
//still need to check creds against directory
if (new BLL.Ldap().Authenticate(userName, password))
{
validationResult.IsValid = true;
}
}
}
else
{
//user is not part of a group, check creds against directory
if (new BLL.Ldap().Authenticate(userName, password))
{
validationResult.IsValid = true;
}
}
}
else if (user.IsLdapUser == 1 && Settings.LdapEnabled != "1")
{
//prevent ldap user from logging in with local pass if ldap auth gets turned off
validationResult.IsValid = false;
}
//Check against local DB
else
{
var hash = Helpers.Utility.CreatePasswordHash(password, user.Salt);
if (user.Password == hash)
{
validationResult.IsValid = true;
}
}
if (validationResult.IsValid)
{
BLL.UserLockout.DeleteUserLockouts(user.Id);
validationResult.Message = "Success";
return(validationResult);
}
else
{
BLL.UserLockout.ProcessBadLogin(user.Id);
return(validationResult);
}
}
public static Models.ValidationResult ValidateUser(Models.CloneDeployUserGroup userGroup, bool isNewUserGroup)
{
var validationResult = new Models.ValidationResult();
if (isNewUserGroup)
{
using (var uow = new DAL.UnitOfWork())
{
if (uow.UserGroupRepository.Exists(h => h.Name == userGroup.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This User Group Already Exists";
return validationResult;
}
}
}
else
{
using (var uow = new DAL.UnitOfWork())
{
var originalUserGroup = uow.UserGroupRepository.GetById(userGroup.Id);
if (originalUserGroup.Name != userGroup.Name)
{
if (uow.UserGroupRepository.Exists(h => h.Name == userGroup.Name))
{
validationResult.IsValid = false;
validationResult.Message = "This User Group Already Exists";
return validationResult;
}
}
}
}
return validationResult;
}
