public void processPendingOperations()
{
for (int i = 0; i < pendingOperations.Count; ++i)
{
EntityOperation operation = pendingOperations[i];
switch (operation.type)
{
case EntityOperation.Type.Add: addEntityInternal(operation.entity); break;
case EntityOperation.Type.Remove: removeEntityInternal(operation.entity); break;
case EntityOperation.Type.RemoveAll:
while (entities.Count > 0)
{
removeEntityInternal(entities[0]);
}
break;
default:
throw new ArgumentException("Unexpected EntityOperation type");
}
entityOperationPool.free(operation);
}
pendingOperations.Clear();
}
public void Before(EntityOperation operation, EntityOperationContext context)
{
if (operation.IsEntity(Notification.ENTITY) && operation is EntityUpdate)
{
var update = operation as EntityUpdate;
if (update.IsCreate())
{
update.Set("Date", DateTime.Now);
var sender = update.GetRelationUpdate(User.ENTITY, Roles.Sender);
if (sender == null)
{
update.Attach(User.ENTITY, Roles.Sender, _securityService.CurrentUser.Id);
}
else
{
sender.Id = _securityService.CurrentUser.Id;
}
context.Set <bool>(CTXKEY_CREATENOTIFICATION, true);
}
if (update.ContainsProperty("Body"))
{
var text = System.Web.HttpUtility.HtmlEncode(update.Get <string>("Body"));
var newText = HtmlProcessor.ProcessEncodedHtml(text);
update.Set("Body", newText);
}
}
}
public InspectionResult Inspect(EntityOperation operation)
{
if (operation.IsEntity(Notification.ENTITY) && operation is EntityUpdate)
{
var update = operation as EntityUpdate;
if (update.IsCreate())
{
return(InspectionResult.Allow);
}
else if (update.PropertyUpdates.Count == 1 && (update.ContainsProperty("Received") || update.ContainsProperty("Archived")))
{
EntityQuery2 q = new EntityQuery2(Notification.ENTITY, update.Id.Value);
q.Include(User.ENTITY, Roles.Recipient);
var recipient = _repository.Read(q).GetSingleRelation(User.ENTITY, Roles.Recipient);
if (recipient != null && recipient.Entity.Id == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
}
else if (update.PropertyUpdates.Count == 1 && update.ContainsProperty("ArchivedSent"))
{
EntityQuery2 q = new EntityQuery2(Notification.ENTITY, update.Id.Value);
q.Include(User.ENTITY, Roles.Sender);
var sender = _repository.Read(q).GetSingleRelation(User.ENTITY, Roles.Sender);
if (sender != null && sender.Entity.Id == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
}
}
return(InspectionResult.None);
}
public void After(EntityOperation operation, EntityOperationContext context, EntityOperationResult result)
{
if (!result.Success)
{
return;
}
}
public void After(EntityOperation operation, EntityOperationContext context, EntityOperationResult result)
{
if (operation.IsEntity(Notification.ENTITY) &&
operation is EntityUpdate &&
context.Get <bool>(CTXKEY_CREATENOTIFICATION) &&
result.Success)
{
var update = operation as EntityUpdate;
var method = ReplyMethods.ByNotification;//default
if (update.ContainsProperty("Method"))
{
method = update.Get <ReplyMethods>("Method");
}
var recipientUpdate = update.GetRelationUpdate(User.ENTITY, Roles.Recipient);
var attachments = update.GetMultipleRelationUpdates(NbuLibrary.Core.Domain.File.ENTITY, Roles.Attachment);
if (attachments != null)
{
foreach (var att in attachments)
{
_fileService.GrantAccess(att.Id.Value, FileAccessType.Read, new User(recipientUpdate.Id.Value));
}
}
var recipientQuery = new EntityQuery2(User.ENTITY, recipientUpdate.Id.Value);
recipientQuery.AddProperty("Email");
var recipient = _repository.Read(recipientQuery);
var to = recipient.GetData <string>("Email");
var body = update.Get <string>("Body");
var subject = update.Get <string>("Subject");
}
}
public async Task <RedirectResult> IssueToken(string code, string state)
{
// Oauth認証時に格納したユーザデータを取得
NameValueCollection data = _userData;
// ===========================
// GitHubアクセストークン発行
// ===========================
var request = new OauthTokenRequest(ConfigurationManager.AppSettings["client_id"], ConfigurationManager.AppSettings["client_secret"], code);
var token = await _githubClient.Oauth.CreateAccessToken(request);
// ============================================
// slackユーザとGitHubアクセストークンの紐付け
// ============================================
var entityOperationUser = new EntityOperation <UserEntity>();
//作成or更新を行うユーザエンティティ作成
var entity = new UserEntity(data["user_id"], data["user_name"], token.AccessToken);
//エンティティを操作変数を用いて作成or更新
entityOperationUser.InsertOrUpdateEntityResult(entity, "user");
return(Redirect("https://" + data["team_domain"] + ".slack.com/messages"));
}
/// <summary>
/// GitHubクライアントにアクセストークンセット
/// </summary>
/// <param name="userId"></param>
/// <param name="userName"></param>
/// <param name="gitHub"></param>
/// <returns></returns>
public GitHubClient SetCredencial(string userId, string userName, GitHubClient gitHub)
{
// クレデンシャル情報に適当な値を入れ、認証エラーが起きるようにする
github.Credentials = new Credentials("aaaaaaaaaaaaaa");
EntityOperation <UserEntity> entityOperation = new EntityOperation <UserEntity>();
//検索操作を行う変数を生成
TableOperation retrieveOperation = TableOperation.Retrieve <UserEntity>(userId, userName);
//RowKeyがlabelのEntityを取得するクエリ
TableQuery <UserEntity> query = new TableQuery <UserEntity>().Where(TableQuery.GenerateFilterCondition("PartitionKey", QueryComparisons.Equal, userId));
//Entityリストから
var entityList = StorageOperation.GetTableIfNotExistsCreate("user").ExecuteQuery(query);
// Entityリストが空じゃなかったら
if (entityList.Count() != 0)
{
// Entityリストをリスト形式に直す
List <UserEntity> userEntityList = entityList.ToList();
// Entityは一つしか取得されないため、リストの0番目を取得する
UserEntity userEntity = userEntityList[0];
// Entityのクレデンシャル情報をセットする
github.Credentials = new Credentials(userEntity.AccessToken);
}
return(github);
}
private void AppyLogicAfter(EntityOperation operation, EntityOperationContext context, EntityOperationResult result)
{
foreach (var logic in _logics)
{
logic.After(operation, context, result);
}
}
private void AppyLogicBefore(EntityOperation operation, EntityOperationContext context)
{
foreach (var logic in _logics)
{
logic.Before(operation, context);
}
}
public void Before(EntityOperation operation, EntityOperationContext context)
{
var update = operation as EntityUpdate;
if (update != null)
{
if (operation.IsEntity(EntityConsts.Issue))
{
if (update.IsCreate() && !update.ContainsProperty("Year"))
{
update.Set("Year", DateTime.Now.Year);
}
if (update.ContainsProperty("Sent"))//TODO: mymagazines issue send (sent flag used)
{
context.Set <bool>(CTXKEY_SEND_ISSUE, true);
}
}
else if (operation.IsEntity(EntityConsts.Magazine) && update.ContainsProperty("IsActive") && update.Id.HasValue)
{
if (update.Get <bool>("IsActive") == false)
{
var q = new EntityQuery2(EntityConsts.Magazine, update.Id.Value);
q.AddProperty("IsActive");
var magazine = _repository.Read(q);
context.Set <bool>(CTXKEY_ISACTIVEOLD, magazine.GetData <bool>("IsActive"));
}
}
}
}
public UserPermissionsForm(User user, EntityOperation operation)
{
InitializeComponent();
_user = user;
_unassignedPermissions = new Dictionary <string, object>();
_assignedPermissions = new Dictionary <string, object>();
_operation = operation;
}
public CustomerForm(
Customer customer,
EntityOperation operation,
PropertyValueExists propertyValueExists)
{
InitializeComponent();
_customer = customer;
_operation = operation;
_propertyValueExists = propertyValueExists;
}
public UserForm(
User user,
EntityOperation operation,
PropertyValueExists propertyValueExists)
{
InitializeComponent();
_user = user;
_operation = operation;
_propertyValueExists = propertyValueExists;
}
public OperationResolution Resolve(EntityOperation operation)
{
if (_securityService.CurrentUser.UserType == UserTypes.Admin)
{
return(OperationResolution.Allowed);
}
else
{
return(OperationResolution.None);
}
}
public User(int userId, EnvironmentRole role, EntityOperation operation)
{
if (userId < 1)
{
throw new RequestException($"Parameter '{nameof(userId)}' isn't correct value");
}
UserId = userId;
Role = role;
Operation = operation;
}
public InspectionResult Inspect(EntityOperation operation)
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, NomenclatureModule.Id, Permissions.Manage))
{
var em = _domainService.Domain.Entities[operation.Entity];
if (em.IsNomenclature)
{
return(InspectionResult.Allow);
}
}
return(InspectionResult.None);
}
public void addEntity(Entity entity, bool delayed)
{
if (delayed)
{
EntityOperation operation = entityOperationPool.obtain();
operation.entity = entity;
operation.type = EntityOperation.Type.Add;
pendingOperations.Add(operation);
}
else
{
addEntityInternal(entity);
}
}
// GET api/<controller>
public async Task <RedirectResult> Get(string code, string state)
{
//stateに相違がある場合はセキュリティエラー
if (state != LoginDialog.csrf)
{
throw new InvalidOperationException("SECURITY FAIL!");
}
//tokenのリクエストを作成
var request = new OauthTokenRequest(ConfigurationManager.AppSettings["client_id"], ConfigurationManager.AppSettings["client_secret"], code);
//リクエストを送信
var token = await GitHubDialog.github.Oauth.CreateAccessToken(request);
//ユーザエンティティの操作変数作成
EntityOperation <UserEntity> entityOperation_Template = new EntityOperation <UserEntity>();
//作成or更新を行うユーザエンティティ作成
UserEntity entity = new UserEntity(GitHubDialog.activity.From.Id, GitHubDialog.activity.From.Name, token.AccessToken);
//エンティティを操作変数を用いて作成or更新
TableResult result = entityOperation_Template.InsertOrUpdateEntityResult(entity, "user");
#region 未使用API送信
////API送信用ウェブクライアント
//using (WebClient wc = new WebClient())
//{
// //必要なクエリ情報を作成し、格納
// NameValueCollection nvc = new NameValueCollection();
// nvc.Add("client_id", ConfigurationManager.AppSettings["client_id"]);
// nvc.Add("client_secret", ConfigurationManager.AppSettings["client_secret"]);
// nvc.Add("code", code);
// nvc.Add("state", state);
// wc.QueryString = nvc;
// //データを送信し、また受信する
// byte[] response = wc.UploadValues("https://github.com/login/oauth/access_token", nvc);
// //文字列化した受信バイトデータをNameValueCollectionに換装
// nvc = HttpUtility.ParseQueryString(wc.Encoding.GetString(response));
// GitHubDialog.accessToken = nvc.Get("access_token");
// return Redirect("https://slack.com");
//}
#endregion
return(Redirect("https://" + GitHubDialog.channelName + ".slack.com"));
}
private void NotifyChanged(ApplicationUser currentUser,
ICollection <Goal> goals,
EntityOperation operation,
bool wholeHierarchy = false)
{
_entityStateQueue.EnqueueIds(currentUser.Id, goals.Select(x => x.Id),
nameof(Goal), operation);
if (wholeHierarchy)
{
goals.TraverseTree(g => g.ChildGoals, g =>
{
_entityStateQueue.EnqueueIds(currentUser.Id, g.ChildGoals.Select(x => x.Id),
nameof(Goal), operation);
});
}
}
public JsonResult EntityUpdate(EntityOperation entOperation)
{
EntitytDto entitydto = entOperation.entity;
string operation = entOperation.Operation;
ChatEntity entity = new ChatEntity();
bool changed = false;
entity.UpdatedDate = DateTime.UtcNow;
try
{
if (operation == "a")
{
entity.EntityName = entitydto.EntityName;
entity.EntityDescription = entitydto.EntityDescription;
entity.EntityType = entitydto.EntityType;
entity.ChatIntentId = entitydto.ChatIntentId;
entity.UpdatedDate = DateTime.Now;
db.ChatEntity.Add(entity);
}
else if (operation == "u")
{
entity = db.ChatEntity.Where(x => x.ChatEntityId == entitydto.ChatEntityId).FirstOrDefault();
entity.EntityName = entitydto.EntityName;
entity.EntityDescription = entitydto.EntityDescription;
entity.EntityType = entitydto.EntityType;
entity.ChatIntentId = entitydto.ChatIntentId;
entity.UpdatedDate = DateTime.Now;
}
else
{
entity = db.ChatEntity.Where(x => x.ChatEntityId == entitydto.ChatEntityId).FirstOrDefault();
db.ChatEntity.Attach(entity);
db.ChatEntity.Remove(entity);
}
changed = true;
db.SaveChanges();
return(Json(changed, JsonRequestBehavior.AllowGet));
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return(Json(changed, JsonRequestBehavior.AllowGet));
}
}
public void Before(EntityOperation operation, EntityOperationContext context)
{
if (!operation.IsEntity(Inquery.EntityType))
{
return;
}
if (operation is EntityUpdate)
{
var update = operation as EntityUpdate;
if (_securityService.CurrentUser.UserType == UserTypes.Customer && update.IsCreate())
{
update.Attach(User.ENTITY, RelationConsts.Customer, _securityService.CurrentUser.Id);
}
else if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
{
bool attach = false;
if (update.IsCreate())
{
attach = true;
}
else
{
var q = new EntityQuery2(User.ENTITY);
q.WhereRelated(new RelationQuery(Inquery.EntityType, RelationConsts.ProcessedBy, update.Id.Value));
var user = _repository.Read(q);
if (user == null)
{
attach = true;
}
else if (user.Id != _securityService.CurrentUser.Id)
{
update.Detach(User.ENTITY, RelationConsts.ProcessedBy, user.Id);
attach = true;
}
}
if (attach)
{
update.Attach(User.ENTITY, RelationConsts.ProcessedBy, _securityService.CurrentUser.Id);
}
}
}
}
public InspectionResult Inspect(EntityOperation operation)
{
if (operation.IsEntity(User.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserManagement))
{
return(InspectionResult.Allow);
}
if (operation is EntityUpdate)
{
var update = operation as EntityUpdate;
if (update.ContainsProperty("RecoveryCode"))
{
return(InspectionResult.Deny); //Only users with UserManagement permission can access this property
}
}
if (operation.Id.HasValue && _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation))
{
EntityQuery2 query = new EntityQuery2("User", operation.Id.Value);
query.AddProperty("isActive");
var e = _repository.Read(query);
if (e.GetData <bool>("IsActive") == false)
{
return(InspectionResult.Allow);
}
}
else if (operation is EntityUpdate)
{
var update = operation as EntityUpdate;
if (update.Id.HasValue &&
update.Id.Value == _securityService.CurrentUser.Id &&
!update.ContainsProperty("IsActive")) //TODO: allowing the user to edit his data and relations
{
return(InspectionResult.Allow);
}
}
}
return(InspectionResult.None);
}
public void removeEntity(Entity entity, bool delayed)
{
if (delayed)
{
if (entity.isScheduledForRemoval())
{
return;
}
entity.ScheduledForRemoval = true;
EntityOperation operation = entityOperationPool.obtain();
operation.entity = entity;
operation.type = EntityOperation.Type.Remove;
pendingOperations.Add(operation);
}
else
{
removeEntityInternal(entity);
}
}
private bool RunInspection(EntityOperation operation)
{
int allow = 0;
foreach (var inspector in _inspectors)
{
var result = inspector.Inspect(operation);
if (result == InspectionResult.Allow)
{
allow++;
}
else if (result == InspectionResult.Deny)
{
return(false);
}
}
return(allow > 0);
}
public void removeAllEntities(bool delayed)
{
if (delayed)
{
foreach (var entity in entities)
{
entity.ScheduledForRemoval = true;
}
EntityOperation operation = entityOperationPool.obtain();
operation.type = EntityOperation.Type.RemoveAll;
pendingOperations.Add(operation);
}
else
{
while (entities.Count > 0)
{
removeEntity(entities[0], false);
}
}
}
public void Before(EntityOperation operation, EntityOperationContext context)
{
if (operation is EntityUpdate && operation.IsEntity(User.ENTITY))
{
var update = operation as EntityUpdate;
if (update.IsCreate() && !update.ContainsProperty("Password")) //generate random password
{
update.Set("Password", GenerateRandomPassword());
}
if (update.ContainsProperty("password"))
{
var newPassword = update.PropertyUpdates["password"] as string;
context.Set <string>(CTXKEY_PASSWORD_UPDATE, newPassword);
string hash = null;
using (SHA1 sha1 = SHA1.Create())
{
hash = Convert.ToBase64String(sha1.ComputeHash(Encoding.UTF8.GetBytes(newPassword)));
}
update.Set("password", hash);
update.Set("FailedLoginsCount", 0);
}
if (update.ContainsProperty("RecoveryCode"))
{
context.Set <bool>(CTXKEY_USER_PASSWORDRECOVERY, true);
}
if (update.IsCreate())
{
context.Set <bool>(CTXKEY_USER_CREATION, true);
}
else if (update.Id.Value == _securityService.CurrentUser.Id)
{
context.Set <int>(CTXKEY_UPDATE_PROFILE, _securityService.CurrentUser.Id);
}
}
}
public InspectionResult Inspect(EntityOperation operation)
{
if (operation.IsEntity(NbuLibrary.Core.Domain.File.ENTITY) && operation is EntityUpdate)
{
var update = operation as EntityUpdate;
if (update.IsCreate() && _securityService.HasModulePermission(_securityService.CurrentUser, FilesModule.Id, Permissions.Upload))
{
return(InspectionResult.Allow);
}
else if ((_securityService.HasModulePermission(_securityService.CurrentUser, FilesModule.Id, Permissions.ManageOwn) || _securityService.HasModulePermission(_securityService.CurrentUser, FilesModule.Id, Permissions.ManageAll)) &&
_fileService.HasAccess(_securityService.CurrentUser, update.Id.Value, FileAccessType.Owner))
{
return(InspectionResult.Allow);
}
else if (_securityService.HasModulePermission(_securityService.CurrentUser, FilesModule.Id, Permissions.ManageAll) &&
_fileService.HasAccess(_securityService.CurrentUser, update.Id.Value, FileAccessType.Full))
{
return(InspectionResult.Allow);
}
}
else if (operation.IsEntity(NbuLibrary.Core.Domain.File.ENTITY) && operation is EntityDelete)
{
//TODO: file delete permission
if (_fileService.HasAccess(_securityService.CurrentUser, operation.Id.Value, FileAccessType.Owner))
{
return(InspectionResult.Allow);
}
}
else if (operation.IsEntity(User.ENTITY) && operation is EntityUpdate)
{
var update = operation as EntityUpdate;
if (update.ContainsProperty("DiskUsageLimit") && _securityService.CurrentUser.UserType != UserTypes.Admin)
{
return(InspectionResult.Deny);
}
}
return(InspectionResult.None);
}
public InspectionResult Inspect(EntityOperation operation)
{
if (operation.IsEntity(EntityConsts.Magazine) || operation.IsEntity(EntityConsts.Issue))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian &&
_securityService.HasModulePermission(_securityService.CurrentUser, MyMagazinesModule.Id, Permissions.Use) &&
operation is EntityUpdate)
{
return(InspectionResult.Allow);
}
}
else if (operation is EntityUpdate && operation.IsEntity(User.ENTITY))
{
var update = operation as EntityUpdate;
if (update.IsCreate() &&
_securityService.CurrentUser.UserType == UserTypes.Librarian &&
_securityService.HasModulePermission(_securityService.CurrentUser, MyMagazinesModule.Id, Permissions.Use))
{
return(InspectionResult.Allow);
}
}
return(InspectionResult.None);
}
public static EntityOperation CreateOperation(CyanEntity entity,
string method,
string resource,
params Tuple<string, string>[] headers)
{
if (string.IsNullOrEmpty(method))
throw new ArgumentNullException("method");
if (string.IsNullOrEmpty(resource))
throw new ArgumentNullException("resource");
if (headers == null)
headers = new Tuple<string, string>[0];
var ret = new EntityOperation
{
entity = entity,
method = method,
resource = resource,
headers = headers
};
return ret;
}
public void After(EntityOperation operation, EntityOperationContext context, EntityOperationResult result)
{
if (!result.Success)
{
return;
}
if (!operation.IsEntity(User.ENTITY))
{
return;
}
var update = operation as EntityUpdate;
if (update == null)
{
return;
}
if (context.Get <bool>(CTXKEY_USER_PASSWORDRECOVERY))
{
var user = new User(_repository.Read(new EntityQuery2(update.Entity, update.Id.Value)
{
AllProperties = true
}));
var template = _templateService.Get(new Guid(NotificationTemplates.USER_PASSWORDRECOVERY));
string subject = null, body = null;
Dictionary <string, Entity> templateContext = new Dictionary <string, Entity>(StringComparer.InvariantCultureIgnoreCase);
templateContext.Add("User", user);
_templateService.Render(template, templateContext, out subject, out body);
//TODO: async execution
_notificationService.SendEmail(user.Email, subject, body, null);
}
if (context.Get <bool>(CTXKEY_USER_CREATION))
{
var user = new User(_repository.Read(new EntityQuery2(update.Entity, update.Id.Value)
{
AllProperties = true
}));
var pwd = context.Get <string>(CTXKEY_PASSWORD_UPDATE);
user.SetData <String>("Password", pwd);
var template = _templateService.Get(new Guid(NotificationTemplates.USER_CREATED));
string subject = null, body = null;
Dictionary <string, Entity> templateContext = new Dictionary <string, Entity>(StringComparer.InvariantCultureIgnoreCase);
templateContext.Add("User", user);
_templateService.Render(template, templateContext, out subject, out body);
//TODO: async execution
_notificationService.SendEmail(user.Email, subject, body, null);
if (update.ContainsProperty("IsActive") && update.Get <bool>("IsActive"))
{
SendUserActivationEmail(user);
}
}
else if (update.ContainsProperty("IsActive") && update.Get <bool>("IsActive"))
{
var user = new User(_repository.Read(new EntityQuery2(update.Entity, update.Id.Value)
{
AllProperties = true
}));
SendUserActivationEmail(user);
}
else if (context.Get <int>(CTXKEY_UPDATE_PROFILE) > 0)
{
if (update.ContainsRelation("UserGroup", "UserGroup") ||
update.ContainsProperty("FacultyNumber") ||
update.ContainsProperty("CardNumber"))
{
var user = new User(context.Get <int>(CTXKEY_UPDATE_PROFILE));
user.IsActive = false;
_repository.Update(user);
_securityService.Logout();
result.Data.Add("account_warning_logged_out", true);
}
if (update.ContainsProperty("Email"))
{
_securityService.UpdateCurrentUserEmail(update.Get <string>("Email"));
result.Data.Add("account_event_email_changed", update.Get <string>("Email"));
}
}
}
public GlobalServerSettingsForm(EntityOperation operation)
{
InitializeComponent();
_operation = operation;
}
