public List <AppRoles> GetRoles() { //Dim MyRoleObject_List As New List(Of AppRoles) //Dim MyRole As AppRoles //For Each sRoleName As String In Roles.GetAllRoles // MyRole = New AppRoles // MyRole.RoleName = sRoleName // MyRoleObject_List.Add(MyRole) //Next //Return MyRoleObject_List List <AppRoles> MyRoleObject_List = new List <AppRoles>(); AppRoles MyRole; foreach (string sRoleName in Roles.GetAllRoles()) { MyRole = new AppRoles(); MyRole.RoleName = sRoleName; MyRoleObject_List.Add(MyRole); } return(MyRoleObject_List); }
private void GetApplicationRole() { List <AppRoles> allRoles = new List <AppRoles>(); OguObjectCollection <IUser> users = OguMechanismFactory.GetMechanism().GetObjects <IUser>(SearchOUIDType.Guid, Data.ID); ExceptionHelper.FalseThrow(users.Count > 0, "不能找到ID为\"{0}\"的用户", Data.ID); ApplicationCollection result = PermissionMechanismFactory.GetMechanism().GetAllApplications(); foreach (IApplication app in result) { RoleCollection roles = users[0].Roles[app.CodeName]; if (roles.Count > 0) { AppRoles ar = new AppRoles(); ar.AppName = app.Name; ar.Roles = GetRoleNames(roles); allRoles.Add(ar); } } gridAppRoles.DataSource = allRoles; gridAppRoles.DataBind(); }
public static bool IsAuthorized(AppRoles role, String UserName) { bool returnValue = true; try { //string user = System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString().ToUserIDWithoutDomain().ToUpper(); string user = UserName; if (TACAuthorization.HasPersmission("ERMA", user, role.ToString(), false)) { returnValue = true; } else { returnValue = false; } } catch { returnValue = false; } return(returnValue); }
public ActionResult CheckSecurity(AppRoles r, string UserName = null) { try { if (UserName is null) { return(RedirectToAction("Login", "Home")); } if (!(SecurityUtility.isAuthenticated(UserName))) { return(RedirectToAction("Login", "Home")); } if (!(Authorize.IsAuthorized(r, UserName))) { return(RedirectToAction("Unauthorized", "Home")); } } catch { return(RedirectToAction("Login", "Home")); } return(null); }
public void SetAppRole(AppRoles role, string pass) { var conn = AviaSalesConnection.Database.Connection; var initialState = conn.State; try { if (initialState != ConnectionState.Open) { conn.Open(); } using (DbCommand cmd = conn.CreateCommand()) { cmd.CommandText = "sp_setapprole"; cmd.Parameters.Add(new SqlParameter("@rolename", role.ToString())); cmd.Parameters.Add(new SqlParameter("@password", pass)); cmd.CommandType = CommandType.StoredProcedure; var su = cmd.ExecuteNonQuery(); } } catch (Exception ex) { logger.ConditionalDebug(ex.Message); throw; } }
public void UpdateUser_IdentitySucceed_ReturnSuccessServiceResult() { var newUser = new ApplicationUser() { Name = "name", UserName = "******", Email = "*****@*****.**" }; ServiceResult expectedResult = new ServiceResult(true); _mockRepository.Setup(m => m.GetById(_userId)) .Returns(newUser); IEnumerable <string> roles = AppRoles.GetRoleNames(); _mockUserStore.Setup(m => m.UpdateAsync(newUser)) .Returns(Task.FromResult(IdentityResult.Success)); _mockUserStore.Setup(m => m.FindByIdAsync(It.IsAny <string>())) .Returns(Task.FromResult(newUser)); IList <string> userRoles = new List <string>(); _mockUserRoleStore.Setup(m => m.GetRolesAsync(newUser)).Returns(Task.FromResult(userRoles)); var result = _service.UpdateUser(_userId, newUser.Name, newUser.Email, roles, _userManager); result.Succeeded.Should().BeTrue(); }
public async Task CreateAsync(string email, string rolName, string pasword, Person person) { var rol = AppRoles.FindByName(rolName); var exist = await _userManager.FindByEmailAsync(email); if (exist != null) { throw new AppException("El usuario ya existe"); } var user = new AppUser { Email = email, UserName = email, Person = person }; var result = await _userManager.CreateAsync(user, pasword); if (result.Succeeded) { await _userManager.AddToRoleAsync(user, rol.Name); } }
public async Task UpdateAsync(string email, string rolName) { var rol = AppRoles.FindByName(rolName); var edit = await _userManager.FindByEmailAsync(email); if (edit == null) { throw new AppNotFoundException("Usuario no encontrado"); } var roles = await _userManager.GetRolesAsync(edit); await _userManager.RemoveFromRolesAsync(edit, roles); await _userManager.AddToRoleAsync(edit, rol.Name); var log = new LogDataChange { UpdatedAt = DateTime.UtcNow, UpdatedBy = _appIdentity.Username, Table = "UsersRoles", Pk = int.Parse(edit.Id.ToString()), Changes = $"Role: {roles[0]} => {rol.Name}" }; await _unitOfWork.LogsDataChanges.AddAsync(log); await _unitOfWork.SaveChangesAsync(); }
public void Create_IdentitySucceed_ReturnSuccessIdentityResult() { var newUser = new ApplicationUser() { Name = "name", UserName = "******", Email = "*****@*****.**" }; IEnumerable <string> roles = AppRoles.GetRoleNames(); string password = "******"; _mockUserStore.Setup(m => m.CreateAsync(newUser)) .Returns(Task.FromResult(IdentityResult.Success)); _mockUserStore.Setup(m => m.FindByIdAsync(It.IsAny <string>())) .Returns(Task.FromResult(newUser)); IList <string> userRoles = new List <string>(); _mockUserRoleStore.Setup(m => m.GetRolesAsync(newUser)).Returns(Task.FromResult(userRoles)); var result = _service.CreateUser(newUser.Name, newUser.Email, password, roles, _userManager); result.Succeeded.Should().BeTrue(); }
private bool IsInAppRole(ClaimsPrincipal claimsPrincipal) { List <OrgAppUserRoleClaim> orgAppRoles = claimsPrincipal.GetClaims <OrgAppUserRoleClaim>("orgAppRoles"); foreach (var org in orgAppRoles) { if (!org.IsActive && org.IsDeleted) { continue; } var app = org.Apps.FirstOrDefault(i => App.Equals(i.AppName) && i.IsActive && !i.IsDeleted); if (app == null) { continue; } var exists = app.Roles.Any(i => i.IsActive && !i.IsDeleted && AppRoles.Any(ar => i.Name.Equals(ar))); return(exists); } return(false); }
public async Task <IActionResult> CreateRole(CreateRoleViewModel model) { try { var role = new AppRoles { Name = model.Name, }; var result = await _iDomain.CreateRoleAsync(role); if (result.Succeeded) { return(Ok(result)); } foreach (var err in result.Errors) { ModelState.AddModelError(err.Code, err.Description); } return(BadRequest(new ApiResult() { Code = ResultCode.FailValidation, Data = ModelState, Message = ResultCode.FailValidation.DisplayName() })); } catch (Exception e) { return(Error(new ApiResult() { Code = ResultCode.UnknownError, Message = ResultCode.UnknownError.DisplayName() + ": " + e.Message })); } }
public PollingAppContext() : base("name=PollingAppConnection") { AppRoles.AsNoTracking(); TopicMasters.AsNoTracking(); TopicOptionMappings.AsNoTracking(); OptionMasters.AsNoTracking(); }
public async Task <IdentityResult> EditRoleAsync(AppRoles role, EditRoleViewModel model) { role.Name = model.Name; var result = await _roleManager.UpdateAsync(role); return(result); }
protected override void Seed(ApplicationDbContext context) { // This method will be called after migrating to the latest version. // You can use the DbSet<T>.AddOrUpdate() helper extension method // to avoid creating duplicate seed data. var userManager = new ApplicationUserManager(new UserStore <ApplicationUser, ApplicationRole, string, IdentityUserLogin, ApplicationUserRole, IdentityUserClaim>(context)); var roleManager = new ApplicationRoleManager(new RoleStore <ApplicationRole, string, ApplicationUserRole>(context)); const string name = "*****@*****.**"; const string password = "******"; //Create Role Admin if it does not exist var role = roleManager.FindByName(AppRoles.Admin); if (role == null) { role = new ApplicationRole(AppRoles.Admin); var roleresult = roleManager.Create(role); } var user = userManager.FindByName(name); if (user == null) { user = new ApplicationUser { UserName = name, Email = name }; var result = userManager.Create(user, password); result = userManager.SetLockoutEnabled(user.Id, false); } // Add user admin to Role Admin if not already added var rolesForUser = userManager.GetRoles(user.Id); if (!rolesForUser.Contains(role.Name)) { var result = userManager.AddToRole(user.Id, role.Name); } foreach (var appRole in AppRoles.GetRoleNames()) { if (roleManager.FindByName(appRole) == null) { var roleresult = roleManager .Create(new ApplicationRole(appRole)); } } }
private void ManageUserRoles(string userId, IEnumerable <string> Roles, ApplicationUserManager userManager) { foreach (var role in AppRoles.GetRoleNames()) { if (!Roles.Contains(role) && userManager.IsInRole(userId, role)) { userManager.RemoveFromRole(userId, role); } else if (Roles.Contains(role)) { userManager.AddToRole(userId, role); } } }
public static bool IsInRole(this IPrincipal user, AppRoles role) { return user.IsInRole(role.ToString()); }
public async Task <IdentityResult> CreateRoleAsync(AppRoles role) { var result = await _roleManager.CreateAsync(role); return(result); }
public async Task <IdentityResult> RemoveRoleAsync(AppRoles role) { return(await _roleManager.DeleteAsync(role)); }
private async Task <List <RoleAssignments> > GetRoleAssignments(string userId) { List <RoleAssignments> assignments = new List <RoleAssignments>(); // get the list of applications to consider for roles var appIds = CasConfig.AzureApplicationIds; if (appIds == null || appIds.Count() < 1) { return(assignments); } // get an access token var accessToken = await AccessTokenFetcher.GetAccessToken("https://graph.microsoft.com", "GRAPH"); // lookup all specified applications // NOTE: catch the possible 403 Forbidden because access rights have not been granted List <AppRoles> apps = new List <AppRoles>(); string filter = "$filter=" + string.Join(" or ", appIds.Select(appId => $"appId eq '{appId}'")); string select = "$select=appId,appRoles"; using (var request = new HttpRequestMessage() { RequestUri = new Uri($"https://graph.microsoft.com/beta/applications/?{filter}&{select}"), Method = HttpMethod.Get }) { request.Headers.Add("Authorization", $"Bearer {accessToken}"); using (var response = await this.HttpClient.SendAsync(request)) { var raw = await response.Content.ReadAsStringAsync(); if ((int)response.StatusCode == 403) // Forbidden { throw new Exception("GetRoleAssignments: the auth identity does not have the Directory.Read.All right"); } else if (!response.IsSuccessStatusCode) { throw new Exception($"GetRoleAssignments: HTTP {(int)response.StatusCode} - {raw}"); } dynamic json = JObject.Parse(raw); var values = (JArray)json.value; foreach (dynamic value in values) { var app = new AppRoles() { AppId = (string)value.appId }; apps.Add(app); foreach (dynamic appRole in value.appRoles) { app.Roles.Add((string)appRole.id, (string)appRole.value); } } } }; // get the roles that the user is in using (var request = new HttpRequestMessage() { RequestUri = new Uri($"https://graph.microsoft.com/beta/users/{userId}/appRoleAssignments"), Method = HttpMethod.Get }) { request.Headers.Add("Authorization", $"Bearer {accessToken}"); using (var response = await this.HttpClient.SendAsync(request)) { var raw = await response.Content.ReadAsStringAsync(); if ((int)response.StatusCode == 404) // Not Found { // ignore, the user might not be in the directory return(assignments); } else if (!response.IsSuccessStatusCode) { throw new Exception($"GetRoleAssignments: HTTP {(int)response.StatusCode} - {raw}"); } dynamic json = JObject.Parse(raw); var values = (JArray)json.value; foreach (dynamic value in values) { var appRoleId = (string)value.appRoleId; var app = apps.FirstOrDefault(a => a.Roles.ContainsKey(appRoleId)); if (app != null) { var roleName = app.Roles[appRoleId]; var existingAssignment = assignments.FirstOrDefault(ra => ra.AppId == app.AppId); if (existingAssignment != null) { existingAssignment.Roles.Add(roleName); } else { var assignment = new RoleAssignments() { AppId = (string)app.AppId }; assignment.Roles.Add(roleName); assignments.Add(assignment); } } } } }; return(assignments); }
public async Task EnsureSeedData() { try { // Creación de roles foreach (var rol in AppRoles.Get()) { var exists = await _rolManager.FindByNameAsync(rol.Name); if (exists != null) { continue; } var result = await _rolManager.CreateAsync(new AppRole { Name = rol.Name }); if (!result.Succeeded) { continue; } var claims = new List <string>(); if (rol == AppRoles.DocumentManager) { claims.Add(AppPermissions.Document.Add); claims.Add(AppPermissions.Document.Query); claims.Add(AppPermissions.Document.Edit); claims.Add(AppPermissions.Document.View); claims.Add(AppPermissions.Person.Query); } if (rol == AppRoles.User) { claims.Add(AppPermissions.Document.Query); claims.Add(AppPermissions.Document.View); } var roleName = await _rolManager.FindByNameAsync(rol.Name); foreach (var claim in claims) { await _rolManager.AddClaimAsync(roleName, new Claim(AppClaimTypes.Permission, claim)); } } if (!_context.Companies.Any()) { var companies = new List <Company> { new Company { Name = "Alpha" }, new Company { Name = "Patitos" }, }; _context.Companies.AddRange(companies); await _context.SaveChangesAsync(); } if (!_context.People.Any()) { var person = new Person { CompanyId = 2, Name = "Jose", LastName = "Mejia", Phone = "30212222222" }; _context.People.Add(person); await _context.SaveChangesAsync(); } // Creación de usuario administrador if (await _usuarioManager.FindByEmailAsync("*****@*****.**") == null) { var user = new AppUser { Email = "*****@*****.**", UserName = "******", Person = new Person { CompanyId = 1, Name = "Admin", LastName = "Admin", Phone = "00000000" } }; var result = await _usuarioManager.CreateAsync(user, "P4$$w0rd"); if (result.Succeeded) { await _usuarioManager.AddToRoleAsync(user, AppRoles.SuperAdmin.Name); } } // Creación de usuario if (await _usuarioManager.FindByEmailAsync("*****@*****.**") == null) { var user = new AppUser { Email = "*****@*****.**", UserName = "******", Person = new Person { CompanyId = 1, Name = "Andres", LastName = "Iniesta", Phone = "300080808" } }; var result = await _usuarioManager.CreateAsync(user, "P4$$w0rd"); if (result.Succeeded) { await _usuarioManager.AddToRoleAsync(user, AppRoles.User.Name); } } // Creación de gestor de documentos if (await _usuarioManager.FindByEmailAsync("*****@*****.**") == null) { var user = new AppUser { Email = "*****@*****.**", UserName = "******", Person = new Person { CompanyId = 1, Name = "Xabi", LastName = "Hernandez", Phone = "300080808" } }; var result = await _usuarioManager.CreateAsync(user, "P4$$w0rd"); if (result.Succeeded) { await _usuarioManager.AddToRoleAsync(user, AppRoles.DocumentManager.Name); } } } catch (Exception ex) { Console.WriteLine($"{ex.Message} --- {ex.InnerException}"); } }
/// <summary> /// Inserts master data and other static data required by the api/app to be functional. /// </summary> /// <param name="context"></param> private void InsertMandatoryData(AppDatabaseContext context) { #region UserRoles var userRoles = new List <AppRole>(); foreach (var role in AppRoles.GetAll()) { userRoles.Add(new AppRole { Name = role }); } ; foreach (var role in userRoles) { context.Roles.AddOrUpdate(r => r.Name, role); context.SaveChanges(); } #endregion #region Countries foreach (var countryName in _countries) { var country = new Country { Name = countryName }; context.Countries.AddOrUpdate(c => c.Name, country); context.SaveChanges(); } #endregion #region India - states var india = context.Countries.FirstOrDefault(c => c.Name == "India"); foreach (var stateName in _indiaStates) { var state = new State { Name = stateName, CountryId = india.Id }; context.States.AddOrUpdate(c => c.Name, state); context.SaveChanges(); } #endregion #region India - Maharashtra - cities var indiaMahrashtra = context.States.FirstOrDefault(c => c.Name == "Maharashtra"); foreach (var cityName in _indiaMaharashtraCities) { var city = new City { Name = cityName, StateId = indiaMahrashtra.Id }; context.Cities.AddOrUpdate(c => c.Name, city); context.SaveChanges(); } #endregion #region Clients var activeClient = new Client(); activeClient.Id = "AngularWebApp"; activeClient.AllowedOrigin = "*"; // TODO: replace with the actual client url. activeClient.ClientType = ClientType.JavaScript; activeClient.IsActive = true; activeClient.Name = "Website"; activeClient.RefreshTokenLifeTime = 365 * 24 * 60; // 1 year activeClient.Secret = Encryptor.GetHash("11902180-A110-4DE1-808E-1729E5FF9A5C"); // Ideally this must not be hard coded but generated at client side, while adding new client // For integration tests only var inactiveClient = new Client(); inactiveClient.Id = "Tests-InactiveWebApp"; inactiveClient.AllowedOrigin = "*"; inactiveClient.ClientType = ClientType.JavaScript; inactiveClient.IsActive = false; inactiveClient.Name = " Website inactive"; inactiveClient.RefreshTokenLifeTime = 365 * 24 * 60; // 1 year inactiveClient.Secret = Encryptor.GetHash("DB7DDCC5-BDBD-4F39-88D5-6CC1D58AD792"); var nativeActiveClient = new Client(); nativeActiveClient.Id = "AndroidApp"; nativeActiveClient.AllowedOrigin = "*"; nativeActiveClient.ClientType = ClientType.NativeConfidential; nativeActiveClient.IsActive = true; nativeActiveClient.Name = "Android App"; nativeActiveClient.RefreshTokenLifeTime = 180 * 24 * 60; // 6 months nativeActiveClient.Secret = Encryptor.GetHash(Guid.NewGuid().ToString()); context.Clients.AddOrUpdate(c => c.Id, activeClient); context.Clients.AddOrUpdate(c => c.Id, inactiveClient); context.Clients.AddOrUpdate(c => c.Id, nativeActiveClient); context.SaveChanges(); #endregion }
public AppContext(AppRoles appRole) { AppRole = appRole; }
public static bool IsInRole(this IPrincipal user, AppRoles role) { return(user.IsInRole(role.ToString())); }
public void GetAll_Returns_1DistinctRole() { var roles = AppRoles.GetAll(); Assert.AreEqual(1, roles.Distinct().Count()); }
public async Task <IActionResult> GetRoles() { await Task.CompletedTask; return(ResponseHelper.Ok(AppRoles.Get())); }