Exemple #1
0
 public int count()
 {
     using (SecurityDAO dao = new SecurityDAO())
     {
         return dao.ListAllRoles().Count;
     }
 }
Exemple #2
0
 public IList<Role> list(int first, int offset)
 {
     using(SecurityDAO dao = new SecurityDAO())
     {
         var list = (from r in dao.ListAllRoles() select r).Skip(first).Take(offset).ToList();
         return list;
     }
 }
        public override void AddUsersToRoles(string[] userNames, string[] roleNames)
        {
            validateRolesExists(roleNames);

            validateUsersDoNotHaveRolesAllready(userNames, roleNames);

            using (SecurityDAO secDAO = new SecurityDAO())
            {
                foreach (string username in userNames)
                {
                    foreach (string rolename in roleNames)
                    {
                        secDAO.AssignRoleToUser(rolename, username);
                    }
                }
            }
        }
 public override void CreateRole(string roleName)
 {
     if (roleName.Contains(","))
     {
         throw new ArgumentException("Role names cannot contain commas.");
     }
     if (RoleExists(roleName))
     {
         throw new InvalidOperationException("Role name [" + roleName + "]already exists");
     }
     using (SecurityDAO secDAO = new SecurityDAO())
     {
         secDAO.CreateRole(new Role
         {
             Name = roleName,
             Description = ""
         });
     }
 }
        public void authorize(object sender, EventArgs e)
        {
            HttpApplication application = (HttpApplication)sender;

            if (existValidUser())
            {
                using (SecurityDAO secDAO = new SecurityDAO())
                {
                    Menu menu = secDAO.GetMenuByPath(getVirtualPathAsLowerCase(application));
                    if (menu != null)
                    {
                        foreach (Role menuRole in secDAO.GetRolesFor(menu))
                        {
                            if (!userIsInRole(application, menuRole))
                            {
                                throw new HttpException(401, "UnAuthorized access to " + application.Request.Path);
                            }
                        }
                    }
                }
            }
        }
Exemple #6
0
        public void Init(HttpApplication context)
        {
            if (!InsertDefaultDataOnInit) return;
            using (var db = new DbManager())
            {
                db.SetCommand("TRUNCATE TABLE Users_Roles").ExecuteNonQuery();
                db.SetCommand("TRUNCATE TABLE Menus_Roles").ExecuteNonQuery();
                db.SetCommand("TRUNCATE TABLE Menus").ExecuteNonQuery();
                db.SetCommand("TRUNCATE TABLE Users").ExecuteNonQuery();
                db.SetCommand("TRUNCATE TABLE Roles").ExecuteNonQuery();
            }

            using (var secDAO = new SecurityDAO())
            {
                secDAO.CreateRole("admins", "");

                secDAO.CreateUser("*****@*****.**", "admin", "admin");
                secDAO.AssignRoleToUser("admins", "admin");

                secDAO.CreateMenu("home", "_private/home.aspx");
                secDAO.AssignRoleToMenu("admins", "_private/home.aspx");
            }
        }
 public override string[] FindUsersInRole(string roleName, string userNameToMatch)
 {
     using (SecurityDAO dao = new SecurityDAO())
     {
         return dao.ListUserNamesByRoleAndName(roleName, userNameToMatch).ToArray();
     }
 }
 public override bool RoleExists(string roleName)
 {
     using (SecurityDAO dao = new SecurityDAO())
     {
         return dao.ReadRoleByName(roleName) != null;
     }
 }
        public override void RemoveUsersFromRoles(string[] userNames, string[] roleNames)
        {
            foreach (string roleName in roleNames)
            {
                if (!RoleExists(roleName))
                {
                    throw new InvalidOperationException("Role name not found");
                }
            }

            foreach (string userName in userNames)
            {
                foreach (string roleName in roleNames)
                {
                    if (!IsUserInRole(userName, roleName))
                    {
                        throw new InvalidOperationException("User is not in role");
                    }
                }
            }

            using (SecurityDAO dao = new SecurityDAO())
            {
                foreach (string userName in userNames)
                {
                    foreach (string roleName in roleNames)
                    {
                        dao.RemoveUserFromRole(userName, roleName);
                    }
                }
            }
        }
 public override bool IsUserInRole(string userName, string roleName)
 {
     using (SecurityDAO dao = new SecurityDAO())
     {
         return dao.IsUserInRole(userName, roleName);
     }
 }
 public override string[] GetUsersInRole(string roleName)
 {
     using (SecurityDAO secDAO = new SecurityDAO())
     {
         return secDAO.ListUserNamesByRole(roleName).ToArray();
     }
 }
 public override string[] GetRolesForUser(string userName)
 {
     using (SecurityDAO dao = new SecurityDAO())
     {
         string[] roles = dao.ListRoleNamesByUser(userName).ToArray();
         return roles;
     }
 }
 public override string[] GetAllRoles()
 {
     using (SecurityDAO dao = new SecurityDAO())
     {
         return dao.ListAllRoleNames().ToArray();
     }
 }
 /// <summary>
 /// Takes, as input, a user name and a Boolean value indicating whether to update the LastActivityDate value for the user to show that the user is currently online. The GetUser method returns a MembershipUser object populated with current values from the data source for the specified user. If the user name is not found in the data source, the GetUser method returns null (Nothing in Visual Basic).
 /// </summary>
 /// <param name="username"></param>
 /// <param name="userIsOnline"></param>
 /// <returns></returns>
 public override MembershipUser GetUser(string username, bool userIsOnline)
 {
     using (SecurityDAO secDAO = new SecurityDAO())
     {
         User dbUser = secDAO.ReadUserByName(username);
         MembershipUser user = secDAO.ConvertUserToMembershipUser(dbUser, this.Name);
         if (userIsOnline)
         {
             secDAO.RecordUserActivity(dbUser);
         }
         return user;
     }
 }
 public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)
 {
     using (SecurityDAO secDAO = new SecurityDAO())
     {
         Int32 id = Convert.ToInt32(providerUserKey);
         User dbUser = secDAO.ReadUserById(id);
         MembershipUser user = secDAO.ConvertUserToMembershipUser(dbUser, this.Name);
         if (userIsOnline)
         {
             secDAO.RecordUserActivity(dbUser);
         }
         return user;
     }
 }
        public override bool ValidateUser(string username, string password)
        {
            using (SecurityDAO secDAO = new SecurityDAO())
            {
                User user = secDAO.ReadUserByName(username);
                if (user == null)
                    return false;

                string hashedPassword = secDAO.EncodePassword(password, user.Salt);

                bool isValid = (!user.Blocked && user.Password == hashedPassword);
                if (isValid)
                {
                    secDAO.RecordUserLoginSuccess(user);
                }
                else
                {
                    //TODO record user login attemp failure
                    secDAO.RecordUserLoginFailure(user);
                }
                return isValid;
            }
        }
 public override void UpdateUser(MembershipUser user)
 {
     using (SecurityDAO secDAO = new SecurityDAO())
     {
         User dbUser = secDAO.ReadUserById(Convert.ToInt32(user.ProviderUserKey));
         dbUser.Blocked = user.IsLockedOut;
         secDAO.UpdateUser(dbUser);
     }
 }
 public override bool UnlockUser(string username)
 {
     try
     {
         using (SecurityDAO secDAO = new SecurityDAO())
         {
             User user = secDAO.ReadUserByName(username);
             if (user == null)
             {
                 return false;
             }
             user.Blocked = false;
             secDAO.UpdateUser(user);
             //TODO record somewhere into the db that the user got unblocked
             return true;
         }
     }
     catch (Exception)
     {
         return false;
     }
 }
 public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
 {
     if (!RoleExists(roleName))
     {
         throw new InvalidOperationException("Role does not exists");
     }
     if (throwOnPopulatedRole && GetUsersInRole(roleName).Length > 0)
     {
         throw new InvalidOperationException("Cannot delete a role with related users");
     }
     using (SecurityDAO secDAO = new SecurityDAO())
     {
         secDAO.DeleteRole(secDAO.ReadRoleByName(roleName));
     }
     return true;
 }
 public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize,
     out int totalRecords)
 {
     MembershipUserCollection collection = new MembershipUserCollection();
     using (SecurityDAO secDAO = new SecurityDAO())
     {
         IList<User> users = secDAO.ListUsersByName(usernameToMatch, pageIndex, pageSize);
         foreach (User user in users)
         {
             collection.Add(secDAO.ConvertUserToMembershipUser(user, this.Name));
         }
         totalRecords = users.Count;
     }
     return collection;
 }