/*
* public iFolderUser(Simias.Storage.Member member)
* {
* this.Name = member.Name;
* this.UserID = member.UserID;
* this.Rights = member.Rights.ToString();
* this.ID = member.ID;
* this.State = "Member";
* this.IsOwner = member.IsOwner;
* }
*/
/// <summary>
/// </summary>
/// <param name="domain"></param>
/// <param name="member"></param>
public iFolderUser(Simias.Storage.Domain domain, Simias.Storage.Member member)
{
this.Name = member.Name;
this.UserID = member.UserID;
this.ID = member.ID;
this.State = "Member";
this.IsOwner = member.IsOwner;
this.Rights = member.Rights.ToString();
if (member.Given != null)
{
this.Surname = member.Family;
this.FirstName = member.Given;
this.FN = member.FN;
}
else
{
if (domain != null)
{
Simias.Storage.Member dMember = domain.GetMemberByID(member.UserID);
if (dMember != null)
{
this.Surname = dMember.Family;
this.FirstName = dMember.Given;
this.FN = dMember.FN;
}
}
}
}
/*
* public iFolderUser(Simias.Storage.Member member,
* Novell.AddressBook.Contact contact)
* {
* if(contact != null)
* {
* Novell.AddressBook.Name name;
*
* name = contact.GetPreferredName();
* if(name != null)
* {
* this.Surname = name.Family;
* this.FirstName = name.Given;
* }
* this.FN = contact.FN;
* }
*
* this.Name = member.Name;
* this.UserID = member.UserID;
* this.ID = member.ID;
* this.State = "Member";
* this.IsOwner = member.IsOwner;
* this.Rights = member.Rights.ToString();
* }
*/
/// <summary>
/// </summary>
/// <param name="sub"></param>
public iFolderUser(Simias.POBox.Subscription sub)
{
this.Name = sub.ToName;
this.UserID = sub.ToIdentity;
// Need to get the member for first and last name
Simias.Storage.Domain domain = Store.GetStore().GetDomain(sub.DomainID);
if (domain != null)
{
Simias.Storage.Member simMem = domain.GetMemberByID(sub.ToIdentity);
if (simMem != null)
{
this.Surname = simMem.Family;
this.FirstName = simMem.Given;
this.FN = simMem.FN;
}
}
this.Rights = sub.SubscriptionRights.ToString();
this.ID = sub.ID;
this.iFolderID = sub.SubscriptionCollectionID;
this.State = "Invited";
this.IsOwner = false;
if (sub.SubscriptionState ==
Simias.POBox.SubscriptionStates.Invited)
{
this.State = "WaitSync";
}
else if (sub.SubscriptionState ==
Simias.POBox.SubscriptionStates.Posted)
{
this.State = "Invited";
}
else if (sub.SubscriptionState ==
Simias.POBox.SubscriptionStates.Pending)
{
this.State = "AccessRequest";
}
else if (sub.SubscriptionState ==
Simias.POBox.SubscriptionStates.Responded)
{
if (sub.SubscriptionDisposition ==
Simias.POBox.SubscriptionDispositions.Declined)
{
this.State = "Declined";
}
else
{
this.State = "Unknown";
}
}
else
{
this.State = "Unknown";
}
}
/// <summary>
/// Method to change a user's password
/// </summary>
/// <param name="Username" mandatory="true">Username to set the password on.</param>
/// <param name="OldPassword" mandatory="true">Old password.</param>
/// <param name="NewPassword" mandatory="true">New password.</param>
/// <returns>int status for different status results</returns>
static public int ChangePassword(string UserID, string OldPassword, string NewPassword)
{
int status = 2; //2 is for Failed to reset password.
Store store = null;
Simias.Storage.Domain domain = null;
Member member = null;
Property DNprop = null;
string MemberDN = null;
if (User.provider != null && OldPassword != null && NewPassword != null)
{
store = Store.GetStore();
domain = store.GetDomain(store.DefaultDomain);
member = domain.GetMemberByID(UserID);
if (member != null)
{
DNprop =
member.Properties.GetSingleProperty("DN");
if (DNprop != null && DNprop.Value != null)
{
MemberDN = (string)DNprop.Value as string;
if (Simias.Service.Manager.LdapServiceEnabled == false)
{
status = User.provider.ResetPassword(MemberDN, OldPassword, NewPassword);
}
else
{
Simias.Server.IUserProvider userProvider = null;
Simias.Configuration config = Store.Config;
string assemblyName = String.Empty;
assemblyName = config.Get("Identity", "Assembly");
string userClass = config.Get("Identity", "Class");
if (assemblyName != null && userClass != null)
{
Assembly idAssembly = Assembly.LoadWithPartialName(assemblyName);
if (idAssembly != null)
{
Type type = idAssembly.GetType(userClass);
if (type != null)
{
userProvider = Activator.CreateInstance(type) as IUserProvider;
if (userProvider != null)
{
status = userProvider.ResetPassword(MemberDN, OldPassword, NewPassword);
}
}
}
}
}
}
}
}
return(status);
}
public DomainInfo GetDomainInfo(string userID)
{
Simias.Server.EnterpriseDomain enterpriseDomain =
new Simias.Server.EnterpriseDomain(false);
if (enterpriseDomain == null)
{
throw new SimiasException("Enterprise server domain does not exist.");
}
Store store = Store.GetStore();
Simias.Storage.Domain domain = store.GetDomain(enterpriseDomain.ID);
if (domain == null)
{
throw new SimiasException("Enterprise server domain does not exist.");
}
DomainInfo info = new DomainInfo();
info.ID = domain.ID;
info.Name = domain.Name;
info.Description = domain.Description;
// member info
Member member = domain.GetMemberByID(userID);
if (member != null)
{
info.MemberNodeName = member.Name;
info.MemberNodeID = member.ID;
// Clients before this build do not understand "Secondary" rights so change that to ReadWrite. Also, Secondary rights
// are relevant only for server and not for clients, so makes sense.
Access.Rights rights = (Access.Rights)member.Rights; // ( Access.Rights )Enum.Parse( typeof( Access.Rights ), member.Rights );
Access.Rights NewRight = rights;
if (rights == Access.Rights.Secondary)
{
NewRight = Access.Rights.ReadWrite;
}
info.MemberRights = NewRight.ToString();
}
else
{
throw new SimiasException("User: "******" does not exist");
}
return(info);
}
public void RemoveServerCollections(string DomainID, string UserID)
{
Store store = Store.GetStore();
if (DomainID == null)
{
throw new SimiasException("Null Domain ID");
}
// This method can only target the simple server
Simias.Storage.Domain domain = store.GetDomain(DomainID);
if (domain == null)
{
throw new SimiasException("Specified server domain does not exist.");
}
/*
* if ( domainID != domain.ID )
* {
* throw new SimiasException("Only the Simias Server domain can be used.");
* }
*/
// Make sure that the caller is the current owner.
string existingUserID = Thread.CurrentPrincipal.Identity.Name;
Member existingMember = domain.GetMemberByID(existingUserID);
if (existingMember == null)
{
throw new SimiasException(String.Format("Impersonating user: {0} is not a member of the domain.", Thread.CurrentPrincipal.Identity.Name));
}
// Make sure the creator and the owner are the same ID.
if (existingUserID != UserID)
{
throw new SimiasException(String.Format("Creator ID {0} is not the same as the caller ID {1}.", existingUserID, UserID));
}
// Get all of the collections that this user is member of.
ICSList cList = store.GetCollectionsByUser(UserID);
foreach (ShallowNode sn in cList)
{
// Remove the user as a member of this collection.
Collection c = new Collection(store, sn);
// Only look for collections from the specified domain and
// don't allow this user's membership from being removed from the domain.
if ((c.Domain == DomainID) &&
!((Node)c).IsBaseType(Simias.Client.NodeTypes.DomainType))
{
Member member = c.GetMemberByID(UserID);
if (member != null)
{
if (member.IsOwner)
{
// Don't remove an orphaned collection.
if ((member.UserID != domain.Owner.UserID) || (c.PreviousOwner == null))
{
// The user is the owner, delete this collection.
c.Commit(c.Delete());
}
}
else
{
// Not the owner, just remove the membership.
c.Commit(c.Delete(member));
}
}
}
}
}
public string CreateMaster(string collectionID, string collectionName, string rootDirID, string rootDirName, string userID, string memberName, string memberID, string memberRights)
{
Simias.Server.EnterpriseDomain enterpriseDomain =
new Simias.Server.EnterpriseDomain(false);
if (enterpriseDomain == null)
{
throw new SimiasException("Enterprise server domain does not exist.");
}
Store store = Store.GetStore();
Simias.Storage.Domain domain = store.GetDomain(enterpriseDomain.ID);
if (domain == null)
{
throw new SimiasException("Enterprise server domain does not exist.");
}
ArrayList nodeList = new ArrayList();
Collection c = new Collection(store, collectionName, collectionID, domain.ID);
c.Proxy = true;
nodeList.Add(c);
string existingUserID = Thread.CurrentPrincipal.Identity.Name;
Member existingMember = domain.GetMemberByID(existingUserID);
if (existingMember == null)
{
throw new SimiasException(String.Format("Impersonating user: {0} is not a member of the domain.", Thread.CurrentPrincipal.Identity.Name));
}
// Make sure the creator and the owner are the same ID.
if (existingUserID != userID)
{
throw new SimiasException(String.Format("Creator ID {0} is not the same as the caller ID {1}.", existingUserID, userID));
}
// member node.
Access.Rights rights = (Access.Rights)Enum.Parse(typeof(Access.Rights), memberRights);
Member member = new Member(memberName, memberID, userID, rights, null);
member.IsOwner = true;
member.Proxy = true;
nodeList.Add(member);
// check for a root dir node
if (((rootDirID != null) && (rootDirID.Length > 0)) &&
(rootDirName != null) && (rootDirName.Length > 0))
{
// Get the collections Unmanaged Path
string path = c.UnmanagedPath;
path = Path.Combine(path, rootDirName);
// create root directory node
DirNode dn = new DirNode(c, path, rootDirID);
if (!System.IO.Directory.Exists(path))
{
System.IO.Directory.CreateDirectory(path);
}
dn.Proxy = true;
nodeList.Add(dn);
}
// Create the collection.
c.Commit(nodeList.ToArray(typeof(Node)) as Node[]);
// get the collection master url
Uri request = Context.Request.Url;
UriBuilder uri =
new UriBuilder(request.Scheme, request.Host, request.Port, Context.Request.ApplicationPath.TrimStart(new char[] { '/' }));
return(uri.ToString());
}
/// <summary>
/// Get HostNode from host ID
/// </summary>
/// <param name="domainId">Domain ID where host is available</param>
/// <param name="hostId">ID of the host whose name we have to get</param>
/// <returns>Retuns the Host node</returns>
public static HostNode GetHostByID(string domainId, string hostId)
{
Domain domain = Store.GetStore().GetDomain(domainId);
return(new HostNode(domain.GetMemberByID(hostId)));
}
/// <summary>
/// Used by server to validate the signature using PPK.
/// </summary>
/// <param name="domainId"></param>
/// <param name="memberId"></param>
/// <param name="signed"></param>
/// <param name="ctx"></param>
static public void VerifyWithPPK(string domainId, string memberId, byte[] signed, HttpContext ctx)
{
Simias.Authentication.Session simiasSession;
Simias.Storage.Domain domain = null;
Simias.Storage.Member member = null;
Store store = Store.GetStore();
ctx.Response.Cache.SetCacheability(HttpCacheability.NoCache);
domain = store.GetDomain(domainId);
if (domain == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Invalid Domain";
ctx.ApplicationInstance.CompleteRequest();
return;
}
member = domain.GetMemberByID(memberId);
if (member == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Invalid Member";
ctx.ApplicationInstance.CompleteRequest();
return;
}
if (ctx.Session == null)
{
// Must have a session.
ctx.Response.StatusCode = 401;
ctx.Response.AddHeader(
"WWW-Authenticate",
String.Concat("Basic realm=\"", domain.Name, "\""));
ctx.ApplicationInstance.CompleteRequest();
return;
}
simiasSession = ctx.Session[sessionTag] as Simias.Authentication.Session;
if (simiasSession != null)
{
ctx.User = simiasSession.User;
}
if (ctx.User.Identity.IsAuthenticated == false)
{
// Validate signature.
string nonce = (string)ctx.Session[NonceKey];
byte[] nonceBytes = Nonce.GetBytes(nonce);
if (member.PublicKey.VerifyData(nonceBytes, new SHA1CryptoServiceProvider(), signed))
{
simiasSession = new Simias.Authentication.Session();
simiasSession.MemberID = member.UserID;
simiasSession.Requests++;
ctx.Session[sessionTag] = simiasSession;
// Setup a principal
simiasSession.User =
new GenericPrincipal(
new GenericIdentity(
member.UserID,
PpkType),
hostRoles);
ctx.User = simiasSession.User;
Thread.CurrentPrincipal = ctx.User;
// Set the last login time for the user.
SetLastLoginTime(domain, member);
}
else
{
// Failed
ctx.Response.StatusCode = 401;
ctx.Response.AddHeader(
"WWW-Authenticate",
String.Concat("Basic realm=\"", domain.Name, "\""));
ctx.ApplicationInstance.CompleteRequest();
return;
}
}
else
{
simiasSession.Requests++;
Thread.CurrentPrincipal = ctx.User;
member = domain.GetMemberByID(simiasSession.MemberID);
}
}
/// <summary>
/// Summary description for Http
/// </summary>
/// <param name="domainID"></param>
/// <param name="ctx"></param>
static public Simias.Storage.Member GetMember(string domainID, HttpContext ctx)
{
Simias.Authentication.Session simiasSession;
Simias.Authentication.Status status;
Simias.Storage.Domain domain = null;
Simias.Storage.Member member = null;
Store store = Store.GetStore();
ctx.Response.Cache.SetCacheability(HttpCacheability.NoCache);
//
// Look for the special domain ID header in the request. If the
// header doesn't exist use the default domain
//
if ((domainID != null) && (domainID != String.Empty))
{
domain = store.GetDomain(domainID);
}
if (domain == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Invalid Domain";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
if (ctx.Session != null)
{
simiasSession = ctx.Session[sessionTag] as Simias.Authentication.Session;
if (simiasSession != null)
{
ctx.User = simiasSession.User;
}
if (ctx.User.Identity.IsAuthenticated == false)
{
status = DomainProvider.Authenticate(domain, ctx);
if (status.statusCode != StatusCodes.Success &&
status.statusCode != StatusCodes.SuccessInGrace)
{
Simias.Authentication.Http.SetResponseHeaders(ctx, status);
if (ctx.Response.StatusCode == 401)
{
ctx.Response.AddHeader(
"WWW-Authenticate",
String.Concat("Basic realm=\"", domain.Name, "\""));
}
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
// Authentication modules are required to set the member's
// userID on successful authentication - let's make sure
if (status.UserID == null || status.UserID == "")
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Unknown UserID";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
member = domain.GetMemberByID(status.UserID);
if (member == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Unknown Member in Domain";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
if (status.statusCode == StatusCodes.SuccessInGrace ||
status.statusCode == StatusCodes.Success)
{
Simias.Authentication.Http.SetResponseHeaders(ctx, status);
}
simiasSession = new Simias.Authentication.Session();
simiasSession.MemberID = member.UserID;
simiasSession.Requests++;
ctx.Session[sessionTag] = simiasSession;
// Setup a principal
simiasSession.User =
new GenericPrincipal(
new GenericIdentity(
member.UserID,
"Basic authentication"),
rolesArray);
ctx.User = simiasSession.User;
Thread.CurrentPrincipal = ctx.User;
// Set the last login time for the user.
SetLastLoginTime(domain, member);
}
else
{
simiasSession.Requests++;
Thread.CurrentPrincipal = ctx.User;
member = domain.GetMemberByID(simiasSession.MemberID);
}
}
else
{
// No session exists so "authenticate" every request
status = DomainProvider.Authenticate(domain, ctx);
if (status.statusCode != StatusCodes.Success &&
status.statusCode != StatusCodes.SuccessInGrace)
{
Simias.Authentication.Http.SetResponseHeaders(ctx, status);
if (ctx.Response.StatusCode == 401)
{
ctx.Response.AddHeader(
"WWW-Authenticate",
String.Concat("Basic realm=\"", domain.Name, "\""));
}
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
// Authentication modules are required to set the member's
// userID on successful authentication - let's make sure
if (status.UserID == null || status.UserID == "")
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Unknown UserID-2";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
member = domain.GetMemberByID(status.UserID);
if (member == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Unknown Member in Domain-2";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
// Setup a principal
ctx.User =
new GenericPrincipal(
new GenericIdentity(
member.UserID,
"Basic authentication"),
rolesArray);
Thread.CurrentPrincipal = ctx.User;
// Set the last login time for the user.
SetLastLoginTime(domain, member);
}
return(member);
}
/// <summary>
/// Gets the Member object that represents the currently executing security context.
/// </summary>
/// <param name="store">Store object.</param>
/// <param name="domainID">The domain used to map the current user to.</param>
/// <param name="createMember">If true, creates Member object if it does not exist.</param>
/// <returns>A Member object that represents the currently executing security context.</returns>
public Member GetCurrentMember(Store store, string domainID, bool createMember)
{
log.Debug("GetCurrentMember domain id is : {0}", domainID);
// See if there is a currently impersonating user.
Member member = ImpersonationMember;
if (member == null)
{
// This collection is not currently being impersonated, go look up the Member object of
// the current identity in the store.
Identity identity = store.CurrentUser;
string userID = identity.GetUserIDFromDomain(domainID);
if (userID == null)
{
// The domain mapping has to exist or it means that we never were invited to this domain.
throw new DoesNotExistException(String.Format("There is no identity mapping for identity {0} to domain {1}.", identity.ID, domainID));
}
// Check in the local store to see if there is an existing member.
member = GetMember(userID);
if (member == null)
{
// The Member object does not exist, we were specified to create it with full rights.
// If this is a collection in a proxy state, create a special member for it with read
// only rights. This member will not be committable and should be treated as a read-only
// object.
string userName = identity.Name;
// Get the member that is represented in the domain.
Domain domain = store.GetDomain(collection.Domain);
if (domain != null)
{
// Find the member in the domain.
Member domainMember = domain.GetMemberByID(userID);
if (domainMember != null)
{
userName = domainMember.Name;
}
}
if (createMember)
{
member = new Member(userName, userID, Access.Rights.Admin);
member.IsOwner = true;
}
else
{
// Member is not part of the cllection. Check whether it is
// shared with the Members group.
string[] IDs = domain.GetMemberFamilyList(userID);
foreach (string id in IDs)
{
member = collection.GetMemberByID(id);
if (member != null)
{
break;
}
}
if (member == null)
{
throw new DoesNotExistException(String.Format("The identity {0} - ID: {1} is not a member of collection {2} - ID: {3}.", userName, userID, collection.Name, collection.ID));
}
}
}
}
return(member);
}
