Esempio n. 1
0
        internal static void Useradd(UseraddParms parms)
        {
            var roles = new List <SecurityRoleInfo>();

            if (parms.Roles?.Count > 0)
            {
                roles = parms.Roles.OfType <String>().Select(o => m_client.GetRoles(r => r.Name == o).CollectionItem.FirstOrDefault()).ToList();
            }

            if (roles.Count == 0)
            {
                throw new InvalidOperationException("The specified roles do not exit. Roles are case sensitive");
            }
            ;
            if (parms.UserName == null)
            {
                throw new InvalidOperationException("Must specify a user");
            }

            foreach (var un in parms.UserName)
            {
                m_client.CreateUser(new Core.Model.AMI.Auth.SecurityUserInfo()
                {
                    UserName = un,
                    Password = parms.Password ?? "Mohawk123",
                    Email    = parms.Email,
                    Roles    = roles
                });
            }
        }
Esempio n. 2
0
        internal static void RoleInfo(GenericRoleParms parms)
        {
            if (parms.RoleName == null)
            {
                throw new InvalidOperationException("Must specify a role");
            }

            var role = m_client.GetRoles(o => o.Name == parms.RoleName).CollectionItem.FirstOrDefault() as SecurityRoleInfo;

            if (role == null)
            {
                throw new KeyNotFoundException($"Role {parms.RoleName} not found");
            }

            DisplayUtil.PrintPolicies(role,
                                      new string[] { "Name", "SID", "Description", "Created", "Updated", "De-Activated" },
                                      u => u.Name,
                                      u => u.Key,
                                      u => u.Description,
                                      u => String.Format("{0} ({1})", u.CreationTimeXml, m_client.GetUser(m_client.GetProvenance(u.CreatedByKey.Value).UserKey.Value).Entity.UserName),
                                      u => String.Format("{0} ({1})", u.UpdatedTimeXml, m_client.GetUser(m_client.GetProvenance(u.UpdatedByKey.Value).UserKey.Value).Entity.UserName),
                                      u => String.Format("{0} ({1})", u.ObsoletionTimeXml, m_client.GetUser(m_client.GetProvenance(u.ObsoletedByKey.Value).UserKey.Value).Entity.UserName)
                                      );
        }
Esempio n. 3
0
        public async Task <ActionResult> JoinRealmAsync(JoinRealmModel model)
        {
            HttpContext.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
            this.Response.Cookies.Remove("access_token");

            if (ModelState.IsValid)
            {
                model.Address = model.Address.HasTrailingBackSlash() ? model.Address.RemoveTrailingBackSlash() : model.Address;
                model.Address = model.Address.HasTrailingForwardSlash() ? model.Address.RemoveTrailingForwardSlash() : model.Address;

                Realm realm = unitOfWork.RealmRepository.Get(r => r.Address == model.Address && r.ObsoletionTime != null).AsEnumerable().SingleOrDefault();

                // remove any leading or trailing spaces
                model.Address = model.Address.Trim();

                // HACK: the UrlAttribute class thinks that http://localhost is not a valid url...
                if (model.Address.StartsWith("http://localhost"))
                {
                    model.Address = model.Address.Replace("http://localhost", "http://127.0.0.1");
                }
                else if (model.Address.StartsWith("https://localhost"))
                {
                    model.Address = model.Address.Replace("https://localhost", "https://127.0.0.1");
                }

                // is the user attempting to join a realm which they have already left?
                if (realm != null)
                {
                    realm.Map(model);
                    realm.ObsoletionTime = null;

                    unitOfWork.RealmRepository.Update(realm);
                    unitOfWork.Save();
                }
                else
                {
                    realm = unitOfWork.RealmRepository.Create();

                    realm.Map(model);
                    realm.DeviceId     = Environment.MachineName + "-" + Guid.NewGuid().ToString().ToUpper();
                    realm.DeviceSecret = Guid.NewGuid().ToString().ToUpper();

                    var activeRealms = unitOfWork.RealmRepository.AsQueryable().Where(r => r.ObsoletionTime == null).AsEnumerable();

                    foreach (var activeRealm in activeRealms)
                    {
                        activeRealm.ObsoletionTime = DateTime.UtcNow;
                        unitOfWork.RealmRepository.Update(activeRealm);
                    }

                    unitOfWork.RealmRepository.Add(realm);
                    unitOfWork.Save();
                }

                try
                {
                    var result = await this.SignInManager.PasswordSignInAsync(model.Username, model.Password, false, false);

                    switch (result)
                    {
                    case SignInStatus.Success:
                        using (var amiServiceClient = new AmiServiceClient(new RestClientService(Constants.Ami, this.HttpContext, this.SignInManager.AccessToken)))
                        {
                            var synchronizers = amiServiceClient.GetRoles(r => r.Name == "SYNCHRONIZERS").CollectionItem.FirstOrDefault();
                            var device        = amiServiceClient.GetRoles(r => r.Name == "DEVICE").CollectionItem.FirstOrDefault();

                            var securityUserInfo = new SecurityUserInfo
                            {
                                Password = realm.DeviceSecret,
                                Roles    = new List <SecurityRoleInfo>
                                {
                                    device,
                                    synchronizers
                                },
                                UserName = realm.DeviceId,
                                User     = new SecurityUser
                                {
                                    Key          = Guid.NewGuid(),
                                    UserClass    = UserClassKeys.ApplicationUser,
                                    UserName     = realm.DeviceId,
                                    SecurityHash = Guid.NewGuid().ToString()
                                },
                            };

                            amiServiceClient.CreateUser(securityUserInfo);

                            var securityDeviceInfo = new SecurityDeviceInfo
                            {
                                Device = new SecurityDevice
                                {
                                    DeviceSecret = realm.DeviceSecret,
                                    Name         = realm.DeviceId
                                }
                            };

                            amiServiceClient.CreateDevice(securityDeviceInfo);
                        }

                        MvcApplication.MemoryCache.Set(RealmConfig.RealmCacheKey, true, ObjectCache.InfiniteAbsoluteExpiration);
                        break;

                    default:
                        // always sign out the user when joining the realm
                        SignInManager.AuthenticationManager.SignOut();

                        var addedRealm = unitOfWork.RealmRepository.Get(r => r.Address == model.Address).FirstOrDefault();

                        if (addedRealm != null)
                        {
                            unitOfWork.RealmRepository.Delete(addedRealm.Id);
                            unitOfWork.Save();
                        }

                        ModelState.AddModelError("", Locale.IncorrectUsernameOrPassword);

                        return(View(model));
                    }

                    this.TempData["success"] = Locale.RealmJoinedSuccessfully;

                    return(RedirectToAction("Login", "Account"));
                }
                catch (Exception e)
                {
                    Trace.TraceError($"Unable to join realm: {e}");

                    var addedRealm = unitOfWork.RealmRepository.Get(r => r.Address == model.Address).Single();
                    unitOfWork.RealmRepository.Delete(addedRealm.Id);
                    unitOfWork.Save();
                }
                finally
                {
                    // always sign out the user when joining the realm
                    HttpContext.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
                }
            }

            TempData["error"] = Locale.UnableToJoinRealm;

            return(View(model));
        }