/* * public iFolderUser(Simias.Storage.Member member) * { * this.Name = member.Name; * this.UserID = member.UserID; * this.Rights = member.Rights.ToString(); * this.ID = member.ID; * this.State = "Member"; * this.IsOwner = member.IsOwner; * } */ /// <summary> /// </summary> /// <param name="domain"></param> /// <param name="member"></param> public iFolderUser(Simias.Storage.Domain domain, Simias.Storage.Member member) { this.Name = member.Name; this.UserID = member.UserID; this.ID = member.ID; this.State = "Member"; this.IsOwner = member.IsOwner; this.Rights = member.Rights.ToString(); if (member.Given != null) { this.Surname = member.Family; this.FirstName = member.Given; this.FN = member.FN; } else { if (domain != null) { Simias.Storage.Member dMember = domain.GetMemberByID(member.UserID); if (dMember != null) { this.Surname = dMember.Family; this.FirstName = dMember.Given; this.FN = dMember.FN; } } } }
/* * public iFolderUser(Simias.Storage.Member member, * Novell.AddressBook.Contact contact) * { * if(contact != null) * { * Novell.AddressBook.Name name; * * name = contact.GetPreferredName(); * if(name != null) * { * this.Surname = name.Family; * this.FirstName = name.Given; * } * this.FN = contact.FN; * } * * this.Name = member.Name; * this.UserID = member.UserID; * this.ID = member.ID; * this.State = "Member"; * this.IsOwner = member.IsOwner; * this.Rights = member.Rights.ToString(); * } */ /// <summary> /// </summary> /// <param name="sub"></param> public iFolderUser(Simias.POBox.Subscription sub) { this.Name = sub.ToName; this.UserID = sub.ToIdentity; // Need to get the member for first and last name Simias.Storage.Domain domain = Store.GetStore().GetDomain(sub.DomainID); if (domain != null) { Simias.Storage.Member simMem = domain.GetMemberByID(sub.ToIdentity); if (simMem != null) { this.Surname = simMem.Family; this.FirstName = simMem.Given; this.FN = simMem.FN; } } this.Rights = sub.SubscriptionRights.ToString(); this.ID = sub.ID; this.iFolderID = sub.SubscriptionCollectionID; this.State = "Invited"; this.IsOwner = false; if (sub.SubscriptionState == Simias.POBox.SubscriptionStates.Invited) { this.State = "WaitSync"; } else if (sub.SubscriptionState == Simias.POBox.SubscriptionStates.Posted) { this.State = "Invited"; } else if (sub.SubscriptionState == Simias.POBox.SubscriptionStates.Pending) { this.State = "AccessRequest"; } else if (sub.SubscriptionState == Simias.POBox.SubscriptionStates.Responded) { if (sub.SubscriptionDisposition == Simias.POBox.SubscriptionDispositions.Declined) { this.State = "Declined"; } else { this.State = "Unknown"; } } else { this.State = "Unknown"; } }
/// <summary> /// Method to change a user's password /// </summary> /// <param name="Username" mandatory="true">Username to set the password on.</param> /// <param name="OldPassword" mandatory="true">Old password.</param> /// <param name="NewPassword" mandatory="true">New password.</param> /// <returns>int status for different status results</returns> static public int ChangePassword(string UserID, string OldPassword, string NewPassword) { int status = 2; //2 is for Failed to reset password. Store store = null; Simias.Storage.Domain domain = null; Member member = null; Property DNprop = null; string MemberDN = null; if (User.provider != null && OldPassword != null && NewPassword != null) { store = Store.GetStore(); domain = store.GetDomain(store.DefaultDomain); member = domain.GetMemberByID(UserID); if (member != null) { DNprop = member.Properties.GetSingleProperty("DN"); if (DNprop != null && DNprop.Value != null) { MemberDN = (string)DNprop.Value as string; if (Simias.Service.Manager.LdapServiceEnabled == false) { status = User.provider.ResetPassword(MemberDN, OldPassword, NewPassword); } else { Simias.Server.IUserProvider userProvider = null; Simias.Configuration config = Store.Config; string assemblyName = String.Empty; assemblyName = config.Get("Identity", "Assembly"); string userClass = config.Get("Identity", "Class"); if (assemblyName != null && userClass != null) { Assembly idAssembly = Assembly.LoadWithPartialName(assemblyName); if (idAssembly != null) { Type type = idAssembly.GetType(userClass); if (type != null) { userProvider = Activator.CreateInstance(type) as IUserProvider; if (userProvider != null) { status = userProvider.ResetPassword(MemberDN, OldPassword, NewPassword); } } } } } } } } return(status); }
public DomainInfo GetDomainInfo(string userID) { Simias.Server.EnterpriseDomain enterpriseDomain = new Simias.Server.EnterpriseDomain(false); if (enterpriseDomain == null) { throw new SimiasException("Enterprise server domain does not exist."); } Store store = Store.GetStore(); Simias.Storage.Domain domain = store.GetDomain(enterpriseDomain.ID); if (domain == null) { throw new SimiasException("Enterprise server domain does not exist."); } DomainInfo info = new DomainInfo(); info.ID = domain.ID; info.Name = domain.Name; info.Description = domain.Description; // member info Member member = domain.GetMemberByID(userID); if (member != null) { info.MemberNodeName = member.Name; info.MemberNodeID = member.ID; // Clients before this build do not understand "Secondary" rights so change that to ReadWrite. Also, Secondary rights // are relevant only for server and not for clients, so makes sense. Access.Rights rights = (Access.Rights)member.Rights; // ( Access.Rights )Enum.Parse( typeof( Access.Rights ), member.Rights ); Access.Rights NewRight = rights; if (rights == Access.Rights.Secondary) { NewRight = Access.Rights.ReadWrite; } info.MemberRights = NewRight.ToString(); } else { throw new SimiasException("User: "******" does not exist"); } return(info); }
public void RemoveServerCollections(string DomainID, string UserID) { Store store = Store.GetStore(); if (DomainID == null) { throw new SimiasException("Null Domain ID"); } // This method can only target the simple server Simias.Storage.Domain domain = store.GetDomain(DomainID); if (domain == null) { throw new SimiasException("Specified server domain does not exist."); } /* * if ( domainID != domain.ID ) * { * throw new SimiasException("Only the Simias Server domain can be used."); * } */ // Make sure that the caller is the current owner. string existingUserID = Thread.CurrentPrincipal.Identity.Name; Member existingMember = domain.GetMemberByID(existingUserID); if (existingMember == null) { throw new SimiasException(String.Format("Impersonating user: {0} is not a member of the domain.", Thread.CurrentPrincipal.Identity.Name)); } // Make sure the creator and the owner are the same ID. if (existingUserID != UserID) { throw new SimiasException(String.Format("Creator ID {0} is not the same as the caller ID {1}.", existingUserID, UserID)); } // Get all of the collections that this user is member of. ICSList cList = store.GetCollectionsByUser(UserID); foreach (ShallowNode sn in cList) { // Remove the user as a member of this collection. Collection c = new Collection(store, sn); // Only look for collections from the specified domain and // don't allow this user's membership from being removed from the domain. if ((c.Domain == DomainID) && !((Node)c).IsBaseType(Simias.Client.NodeTypes.DomainType)) { Member member = c.GetMemberByID(UserID); if (member != null) { if (member.IsOwner) { // Don't remove an orphaned collection. if ((member.UserID != domain.Owner.UserID) || (c.PreviousOwner == null)) { // The user is the owner, delete this collection. c.Commit(c.Delete()); } } else { // Not the owner, just remove the membership. c.Commit(c.Delete(member)); } } } } }
public string CreateMaster(string collectionID, string collectionName, string rootDirID, string rootDirName, string userID, string memberName, string memberID, string memberRights) { Simias.Server.EnterpriseDomain enterpriseDomain = new Simias.Server.EnterpriseDomain(false); if (enterpriseDomain == null) { throw new SimiasException("Enterprise server domain does not exist."); } Store store = Store.GetStore(); Simias.Storage.Domain domain = store.GetDomain(enterpriseDomain.ID); if (domain == null) { throw new SimiasException("Enterprise server domain does not exist."); } ArrayList nodeList = new ArrayList(); Collection c = new Collection(store, collectionName, collectionID, domain.ID); c.Proxy = true; nodeList.Add(c); string existingUserID = Thread.CurrentPrincipal.Identity.Name; Member existingMember = domain.GetMemberByID(existingUserID); if (existingMember == null) { throw new SimiasException(String.Format("Impersonating user: {0} is not a member of the domain.", Thread.CurrentPrincipal.Identity.Name)); } // Make sure the creator and the owner are the same ID. if (existingUserID != userID) { throw new SimiasException(String.Format("Creator ID {0} is not the same as the caller ID {1}.", existingUserID, userID)); } // member node. Access.Rights rights = (Access.Rights)Enum.Parse(typeof(Access.Rights), memberRights); Member member = new Member(memberName, memberID, userID, rights, null); member.IsOwner = true; member.Proxy = true; nodeList.Add(member); // check for a root dir node if (((rootDirID != null) && (rootDirID.Length > 0)) && (rootDirName != null) && (rootDirName.Length > 0)) { // Get the collections Unmanaged Path string path = c.UnmanagedPath; path = Path.Combine(path, rootDirName); // create root directory node DirNode dn = new DirNode(c, path, rootDirID); if (!System.IO.Directory.Exists(path)) { System.IO.Directory.CreateDirectory(path); } dn.Proxy = true; nodeList.Add(dn); } // Create the collection. c.Commit(nodeList.ToArray(typeof(Node)) as Node[]); // get the collection master url Uri request = Context.Request.Url; UriBuilder uri = new UriBuilder(request.Scheme, request.Host, request.Port, Context.Request.ApplicationPath.TrimStart(new char[] { '/' })); return(uri.ToString()); }
/// <summary> /// Get HostNode from host ID /// </summary> /// <param name="domainId">Domain ID where host is available</param> /// <param name="hostId">ID of the host whose name we have to get</param> /// <returns>Retuns the Host node</returns> public static HostNode GetHostByID(string domainId, string hostId) { Domain domain = Store.GetStore().GetDomain(domainId); return(new HostNode(domain.GetMemberByID(hostId))); }
/// <summary> /// Used by server to validate the signature using PPK. /// </summary> /// <param name="domainId"></param> /// <param name="memberId"></param> /// <param name="signed"></param> /// <param name="ctx"></param> static public void VerifyWithPPK(string domainId, string memberId, byte[] signed, HttpContext ctx) { Simias.Authentication.Session simiasSession; Simias.Storage.Domain domain = null; Simias.Storage.Member member = null; Store store = Store.GetStore(); ctx.Response.Cache.SetCacheability(HttpCacheability.NoCache); domain = store.GetDomain(domainId); if (domain == null) { ctx.Response.StatusCode = 500; ctx.Response.StatusDescription = "Invalid Domain"; ctx.ApplicationInstance.CompleteRequest(); return; } member = domain.GetMemberByID(memberId); if (member == null) { ctx.Response.StatusCode = 500; ctx.Response.StatusDescription = "Invalid Member"; ctx.ApplicationInstance.CompleteRequest(); return; } if (ctx.Session == null) { // Must have a session. ctx.Response.StatusCode = 401; ctx.Response.AddHeader( "WWW-Authenticate", String.Concat("Basic realm=\"", domain.Name, "\"")); ctx.ApplicationInstance.CompleteRequest(); return; } simiasSession = ctx.Session[sessionTag] as Simias.Authentication.Session; if (simiasSession != null) { ctx.User = simiasSession.User; } if (ctx.User.Identity.IsAuthenticated == false) { // Validate signature. string nonce = (string)ctx.Session[NonceKey]; byte[] nonceBytes = Nonce.GetBytes(nonce); if (member.PublicKey.VerifyData(nonceBytes, new SHA1CryptoServiceProvider(), signed)) { simiasSession = new Simias.Authentication.Session(); simiasSession.MemberID = member.UserID; simiasSession.Requests++; ctx.Session[sessionTag] = simiasSession; // Setup a principal simiasSession.User = new GenericPrincipal( new GenericIdentity( member.UserID, PpkType), hostRoles); ctx.User = simiasSession.User; Thread.CurrentPrincipal = ctx.User; // Set the last login time for the user. SetLastLoginTime(domain, member); } else { // Failed ctx.Response.StatusCode = 401; ctx.Response.AddHeader( "WWW-Authenticate", String.Concat("Basic realm=\"", domain.Name, "\"")); ctx.ApplicationInstance.CompleteRequest(); return; } } else { simiasSession.Requests++; Thread.CurrentPrincipal = ctx.User; member = domain.GetMemberByID(simiasSession.MemberID); } }
/// <summary> /// Summary description for Http /// </summary> /// <param name="domainID"></param> /// <param name="ctx"></param> static public Simias.Storage.Member GetMember(string domainID, HttpContext ctx) { Simias.Authentication.Session simiasSession; Simias.Authentication.Status status; Simias.Storage.Domain domain = null; Simias.Storage.Member member = null; Store store = Store.GetStore(); ctx.Response.Cache.SetCacheability(HttpCacheability.NoCache); // // Look for the special domain ID header in the request. If the // header doesn't exist use the default domain // if ((domainID != null) && (domainID != String.Empty)) { domain = store.GetDomain(domainID); } if (domain == null) { ctx.Response.StatusCode = 500; ctx.Response.StatusDescription = "Invalid Domain"; ctx.ApplicationInstance.CompleteRequest(); return(null); } if (ctx.Session != null) { simiasSession = ctx.Session[sessionTag] as Simias.Authentication.Session; if (simiasSession != null) { ctx.User = simiasSession.User; } if (ctx.User.Identity.IsAuthenticated == false) { status = DomainProvider.Authenticate(domain, ctx); if (status.statusCode != StatusCodes.Success && status.statusCode != StatusCodes.SuccessInGrace) { Simias.Authentication.Http.SetResponseHeaders(ctx, status); if (ctx.Response.StatusCode == 401) { ctx.Response.AddHeader( "WWW-Authenticate", String.Concat("Basic realm=\"", domain.Name, "\"")); } ctx.ApplicationInstance.CompleteRequest(); return(null); } // Authentication modules are required to set the member's // userID on successful authentication - let's make sure if (status.UserID == null || status.UserID == "") { ctx.Response.StatusCode = 500; ctx.Response.StatusDescription = "Unknown UserID"; ctx.ApplicationInstance.CompleteRequest(); return(null); } member = domain.GetMemberByID(status.UserID); if (member == null) { ctx.Response.StatusCode = 500; ctx.Response.StatusDescription = "Unknown Member in Domain"; ctx.ApplicationInstance.CompleteRequest(); return(null); } if (status.statusCode == StatusCodes.SuccessInGrace || status.statusCode == StatusCodes.Success) { Simias.Authentication.Http.SetResponseHeaders(ctx, status); } simiasSession = new Simias.Authentication.Session(); simiasSession.MemberID = member.UserID; simiasSession.Requests++; ctx.Session[sessionTag] = simiasSession; // Setup a principal simiasSession.User = new GenericPrincipal( new GenericIdentity( member.UserID, "Basic authentication"), rolesArray); ctx.User = simiasSession.User; Thread.CurrentPrincipal = ctx.User; // Set the last login time for the user. SetLastLoginTime(domain, member); } else { simiasSession.Requests++; Thread.CurrentPrincipal = ctx.User; member = domain.GetMemberByID(simiasSession.MemberID); } } else { // No session exists so "authenticate" every request status = DomainProvider.Authenticate(domain, ctx); if (status.statusCode != StatusCodes.Success && status.statusCode != StatusCodes.SuccessInGrace) { Simias.Authentication.Http.SetResponseHeaders(ctx, status); if (ctx.Response.StatusCode == 401) { ctx.Response.AddHeader( "WWW-Authenticate", String.Concat("Basic realm=\"", domain.Name, "\"")); } ctx.ApplicationInstance.CompleteRequest(); return(null); } // Authentication modules are required to set the member's // userID on successful authentication - let's make sure if (status.UserID == null || status.UserID == "") { ctx.Response.StatusCode = 500; ctx.Response.StatusDescription = "Unknown UserID-2"; ctx.ApplicationInstance.CompleteRequest(); return(null); } member = domain.GetMemberByID(status.UserID); if (member == null) { ctx.Response.StatusCode = 500; ctx.Response.StatusDescription = "Unknown Member in Domain-2"; ctx.ApplicationInstance.CompleteRequest(); return(null); } // Setup a principal ctx.User = new GenericPrincipal( new GenericIdentity( member.UserID, "Basic authentication"), rolesArray); Thread.CurrentPrincipal = ctx.User; // Set the last login time for the user. SetLastLoginTime(domain, member); } return(member); }
/// <summary> /// Gets the Member object that represents the currently executing security context. /// </summary> /// <param name="store">Store object.</param> /// <param name="domainID">The domain used to map the current user to.</param> /// <param name="createMember">If true, creates Member object if it does not exist.</param> /// <returns>A Member object that represents the currently executing security context.</returns> public Member GetCurrentMember(Store store, string domainID, bool createMember) { log.Debug("GetCurrentMember domain id is : {0}", domainID); // See if there is a currently impersonating user. Member member = ImpersonationMember; if (member == null) { // This collection is not currently being impersonated, go look up the Member object of // the current identity in the store. Identity identity = store.CurrentUser; string userID = identity.GetUserIDFromDomain(domainID); if (userID == null) { // The domain mapping has to exist or it means that we never were invited to this domain. throw new DoesNotExistException(String.Format("There is no identity mapping for identity {0} to domain {1}.", identity.ID, domainID)); } // Check in the local store to see if there is an existing member. member = GetMember(userID); if (member == null) { // The Member object does not exist, we were specified to create it with full rights. // If this is a collection in a proxy state, create a special member for it with read // only rights. This member will not be committable and should be treated as a read-only // object. string userName = identity.Name; // Get the member that is represented in the domain. Domain domain = store.GetDomain(collection.Domain); if (domain != null) { // Find the member in the domain. Member domainMember = domain.GetMemberByID(userID); if (domainMember != null) { userName = domainMember.Name; } } if (createMember) { member = new Member(userName, userID, Access.Rights.Admin); member.IsOwner = true; } else { // Member is not part of the cllection. Check whether it is // shared with the Members group. string[] IDs = domain.GetMemberFamilyList(userID); foreach (string id in IDs) { member = collection.GetMemberByID(id); if (member != null) { break; } } if (member == null) { throw new DoesNotExistException(String.Format("The identity {0} - ID: {1} is not a member of collection {2} - ID: {3}.", userName, userID, collection.Name, collection.ID)); } } } } return(member); }