private bool _ValidCall(Type t, MethodInfo method, ISecureSession session, IModel model, string url, Hashtable parameters) { List <ASecurityCheck> checks = new List <ASecurityCheck>(); lock (_typeChecks) { if (_typeChecks.ContainsKey(t)) { checks.AddRange(_typeChecks[t]); } } if (method != null) { lock (_methodChecks) { if (_methodChecks.ContainsKey(t)) { if (_methodChecks[t].ContainsKey(method)) { checks.AddRange(_methodChecks[t][method]); } } } } foreach (ASecurityCheck asc in checks) { if (!asc.HasValidAccess(session, model, url, parameters)) { return(false); } } return(true); }
internal static void LocateMethod(Hashtable formData, List <MethodInfo> methods, ISecureSession session, out MethodInfo method, out object[] pars) { method = null; pars = null; int idx = -1; if (formData == null || formData.Count == 0) { foreach (MethodInfo mi in methods) { if (mi.GetParameters().Length == 0 || UsesSecureSession(mi, out idx)) { method = mi; pars = (idx == -1 ? new object[] { } : new object[] { session }); return; } } } else { foreach (MethodInfo m in methods) { bool useSession = UsesSecureSession(m, out idx); if (m.GetParameters().Length == formData.Count || (useSession && m.GetParameters().Length == formData.Count + 1)) { pars = new object[formData.Count + (useSession ? 1 : 0)]; bool isMethod = true; int index = 0; foreach (ParameterInfo pi in m.GetParameters()) { if (index == idx) { pars[idx] = session; index++; } else { if (formData.ContainsKey(pi.Name)) { pars[index] = _ConvertObjectToType(formData[pi.Name], pi.ParameterType); } else { isMethod = false; break; } index++; } } if (isMethod) { method = m; return; } } } } }
public static List <mPerson> Search(string q, ISecureSession session, int pageStartIndex, int pageSize, out int totalPages) { System.Diagnostics.Debug.WriteLine(((SessionManager)session).Start); List <mPerson> ret = new List <mPerson>(); totalPages = 0; if (q != null) { q = q.ToLower(); List <mPerson> matches = new List <mPerson>(); for (int x = 0; x < _persons.Count; x++) { if (_persons[x].FirstName.ToLower().Contains(q) || _persons[x].LastName.ToLower().Contains(q)) { matches.Add(_persons[x]); } } totalPages = (int)Math.Ceiling((decimal)matches.Count / (decimal)pageSize); for (int x = 0; x < pageSize; x++) { if (pageStartIndex + x >= matches.Count) { break; } ret.Add(matches[pageStartIndex + x]); } } return(ret); }
public TemplatePostHandler( IRepository<Template> templates, ISecureSession<Token> secureSession) { _templates = templates; _secureSession = secureSession; }
public SchedulePostHandler( IRepository<ScheduleFile> schedules, ISecureSession<Token> secureSession) { _schedules = schedules; _secureSession = secureSession; }
private static void PrepareTargetFolder(Deployment settings, ISecureSession userAndPasswordSecureSession) { if (settings.CleanDeploymentDestination && userAndPasswordSecureSession.Sftp.Exists(settings.Settings.DestinationPath)) { Log.Verbose("The destination folder already exists. We are going to delete it."); userAndPasswordSecureSession.Ssh.DeleteExisting(settings.Settings.DestinationPath); } }
public void Dispose() { if (session != null) { session.Dispose(); session = null; } }
public IndexGetHandler( ISecureSession<Token> secureSession, DashboardGetHandler dashboard, ISystemInfo systemInfo) { _secureSession = secureSession; _dashboard = dashboard; _systemInfo = systemInfo; }
public AuthorizationBehavior( IOutputWriter writer, IActionBehavior actionBehavior, ISecureSession<Token> secureSession) { _writer = writer; _actionBehavior = actionBehavior; _secureSession = secureSession; }
private static Task SyncFiles(DirectoryInfo source, Deployment settings, ISecureSession userAndPasswordSecureSession) { Log.Information("Deploying files..."); PrepareTargetFolder(settings, userAndPasswordSecureSession); var synchronizer = new SshFolderSynchronizer(userAndPasswordSecureSession.Sftp); return(synchronizer.Sync(source, settings.Settings.DestinationPath)); }
public DashboardGetHandler( ISecureSession<Token> secureSession, ISystemInfo systemInfo, IRepository<ScheduleFile> schedules, IRepository<Batch> batches) { _secureSession = secureSession; _systemInfo = systemInfo; _schedules = schedules; _batches = batches; }
public AjaxAuthorizationBehavior( IOutputWriter writer, IActionBehavior actionBehavior, ISecureSession<Token> secureSession, IWebServer webServer) { _writer = writer; _actionBehavior = actionBehavior; _secureSession = secureSession; _webServer = webServer; }
public static mPerson Load(string id, ISecureSession session) { System.Diagnostics.Debug.WriteLine(((SessionManager)session).Start); mPerson ret = null; foreach (mPerson per in _persons) { if (id == per.id) { ret = per; break; } } return(ret); }
public bool Delete(ISecureSession session) { System.Diagnostics.Debug.WriteLine(((SessionManager)session).Start); bool ret = false; for (int x = 0; x < _persons.Count; x++) { if (_persons[x].id == this.id) { _persons.RemoveAt(x); ret = true; break; } } return(ret); }
public async Task ProcessRequest(HttpContext context, ISecureSession session) { string url = Utility.CleanURL(Utility.BuildURL(context)); RequestMethods method = (RequestMethods)Enum.Parse(typeof(RequestMethods), context.Request.Method.ToUpper()); string formData = new StreamReader(context.Request.Body).ReadToEnd(); bool found = false; foreach (IRequestHandler handler in _Handlers) { if (handler.HandlesRequest(url, method)) { found = true; try { await handler.HandleRequest(url, method, formData, context, session, new IsValidCall(_ValidCall)); } catch (CallNotFoundException cnfe) { context.Response.ContentType = "text/text"; context.Response.StatusCode = 400; await context.Response.WriteAsync(cnfe.Message); } catch (InsecureAccessException iae) { context.Response.ContentType = "text/text"; context.Response.StatusCode = 403; await context.Response.WriteAsync(iae.Message); } catch (Exception e) { context.Response.ContentType = "text/text"; context.Response.StatusCode = 500; await context.Response.WriteAsync("Error"); } } } if (!found) { context.Response.ContentType = "text/text"; context.Response.StatusCode = 404; await context.Response.WriteAsync("Not Found"); } }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, Hashtable formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { if (!securityCheck.Invoke(_method.DeclaringType, _method, session, null, url, formData)) { throw new InsecureAccessException(); } context.Response.ContentType = "text/json"; context.Response.StatusCode = 200; ParameterInfo[] pars = _method.GetParameters(); object[] opars = new object[] { }; if (pars.Length > 0) { opars = new object[pars.Length]; if (_usesSession) { opars[_sessionIndex] = session; } if (pars.Length > 1 || !_usesSession) { Match m = _reg.Match(url); foreach (int x in _groupIndexes.Keys) { opars[x] = _ConvertParameterValue(m.Groups[_groupIndexes[x] + 1].Value, pars[x].ParameterType); } } } object ret = _method.Invoke(null, opars); if (_isPaged) { return(context.Response.WriteAsync(JSON.JsonEncode(new Hashtable() { { "response", ret }, { "TotalPages", opars[opars.Length - 1] } }))); } else { return(context.Response.WriteAsync(JSON.JsonEncode(ret))); } }
public static IModel InvokeLoad(MethodInfo mi, string id, ISecureSession session) { List <object> pars = new List <object>(); ParameterInfo[] mpars = mi.GetParameters(); if (mpars.Length == 1) { pars.Add(id); } else { if (mpars[0].ParameterType == typeof(string)) { pars.AddRange(new object[] { id, session }); } else { pars.AddRange(new object[] { session, id }); } } return((IModel)mi.Invoke(null, pars.ToArray())); }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, string formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { sMethodPatterns?patt = null; lock (_patterns) { foreach (sMethodPatterns smp in _patterns) { if (smp.IsValid(url)) { patt = smp; break; } } } if (patt.HasValue) { return(patt.Value.HandleRequest(url, method, formData, context, session, securityCheck)); } throw new CallNotFoundException(); }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, string formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { Match m = _reg.Match(url); string id = m.Groups[1].Value; string smethod = m.Groups[2].Value; IModel model = (IModel)_loadMethod.Invoke(null, new object[] { id }); if (model == null) { throw new CallNotFoundException("Model Not Found"); } MethodInfo mi; object[] pars; Utility.LocateMethod(formData, _methods[smethod], out mi, out pars); if (mi == null) { throw new CallNotFoundException("Unable to locate requested method to invoke"); } else { if (!securityCheck.Invoke(mi.DeclaringType, mi, session, model, url, (Hashtable)JSON.JsonDecode(formData))) { throw new InsecureAccessException(); } context.Response.ContentType = "text/json"; context.Response.StatusCode = 200; try { if (mi.ReturnType == typeof(void)) { mi.Invoke(model, pars); return(context.Response.WriteAsync("")); } else { return(context.Response.WriteAsync(JSON.JsonEncode(mi.Invoke(model, pars)))); } } catch (Exception ex) { throw new Exception("Execution Error"); } } }
public abstract bool HasValidAccess(ISecureSession session, IModel model, string url, Hashtable parameters);
public override bool HasValidAccess(ISecureSession session, IModel model, string url, Hashtable parameters) { return(session != null); }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, Hashtable formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { MethodInfo mi = null; lock (_methods) { if (_methods.ContainsKey(url)) { mi = _methods[url]; } } if (mi != null) { if (!securityCheck.Invoke(mi.DeclaringType, mi, session, null, url, null)) { throw new InsecureAccessException(); } context.Response.ContentType = "text/json"; context.Response.StatusCode = 200; return(context.Response.WriteAsync(JSON.JsonEncode(mi.Invoke(null, (mi.GetParameters().Length == 1 ? new object[] { session } : new object[] { }))))); } else { throw new CallNotFoundException(); } }
public static List <mPerson> LoadAll(ISecureSession session) { System.Diagnostics.Debug.WriteLine(((SessionManager)session).Start); return(_persons); }
public void Dispose() { if(session!=null) { session.Dispose(); session=null; } }
public UserDeleteService(IRepository<User> users, ISecureSession<Token> secureSession) { _users = users; _secureSession = secureSession; }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, string formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { if (!HandlesRequest(url, method)) { throw new CallNotFoundException(); } else { Type model = null; if (_types != null) { foreach (Type t in _types) { foreach (ModelJSFilePath mjsfp in t.GetCustomAttributes(typeof(ModelJSFilePath), false)) { if (mjsfp.IsMatch(url)) { model = t; break; } } } if (model != null) { if (!securityCheck.Invoke(model, null, session, null, url, null)) { throw new InsecureAccessException(); } } } string ret = null; context.Response.ContentType = "text/javascript"; context.Response.StatusCode = 200; lock (_cache) { if (_cache.ContainsKey(url)) { ret = _cache[url]; } } if (ret == null && model != null) { WrappedStringBuilder builder = new WrappedStringBuilder(url.ToLower().EndsWith(".min.js")); foreach (IJSGenerator gen in _generators) { gen.GeneratorJS(ref builder, url.ToLower().EndsWith(".min.js"), model); } ret = builder.ToString(); lock (_cache) { if (!_cache.ContainsKey(url)) { _cache.Add(url, ret); } } } return(context.Response.WriteAsync(ret)); } }
public SecureConnection() { provider = SessionProviderFactory.GetProvider(); session = provider.CreateClientSession(Protocol.AutoDetect); }
public UserPostHandler(IRepository<User> users, IUserFactory userFactory, ISecureSession<Token> secureSession) { _users = users; _userFactory = userFactory; _secureSession = secureSession; }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, string formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { IModel model = null; lock (_loadMethods) { if (_loadMethods.ContainsKey(url.Substring(0, url.LastIndexOf("/")))) { model = (IModel)_loadMethods[url.Substring(0, url.LastIndexOf("/"))].Invoke(null, new object[] { url.Substring(url.LastIndexOf("/") + 1) }); } } if (model == null) { throw new CallNotFoundException("Model Not Found"); } else { MethodInfo mi = null; lock (_deleteMethods) { if (_deleteMethods.ContainsKey(url.Substring(0, url.LastIndexOf("/")))) { mi = _deleteMethods[url.Substring(0, url.LastIndexOf("/"))]; } } if (mi != null) { if (!securityCheck(mi.DeclaringType, mi, session, model, url, null)) { throw new UnauthorizedAccessException(); } else { context.Response.ContentType = "text/json"; context.Response.StatusCode = 200; return(context.Response.WriteAsync(JSON.JsonEncode(mi.Invoke(model, new object[] { })))); } } else { throw new CallNotFoundException("Method Not Found"); } } }
public UserUpdateService(IRepository<User> userRepository, ISecureSession<Token> secureSession) { _userRepository = userRepository; _secureSession = secureSession; }
public async Task ProcessRequest(HttpContext context, ISecureSession session) { string url = Utility.CleanURL(Utility.BuildURL(context)); RequestMethods method = (RequestMethods)Enum.Parse(typeof(RequestMethods), context.Request.Method.ToUpper()); Hashtable formData = new Hashtable(); if (context.Request.ContentType != null && ( context.Request.ContentType == "application/x-www-form-urlencoded" || context.Request.ContentType.StartsWith("multipart/form-data") )) { foreach (string key in context.Request.Form.Keys) { if (key.EndsWith(":json")) { if (context.Request.Form[key].Count > 1) { ArrayList al = new ArrayList(); foreach (string str in context.Request.Form[key]) { al.Add(JSON.JsonDecode(str)); } formData.Add(key.Substring(0, key.Length - 5), al); } else { formData.Add(key.Substring(0, key.Length - 5), JSON.JsonDecode(context.Request.Form[key][0])); } } else { if (context.Request.Form[key].Count > 1) { ArrayList al = new ArrayList(); foreach (string str in context.Request.Form[key]) { al.Add(str); } formData.Add(key, al); } else { formData.Add(key, context.Request.Form[key][0]); } } } } else { string tmp = await new StreamReader(context.Request.Body).ReadToEndAsync(); if (tmp != "") { formData = (Hashtable)JSON.JsonDecode(tmp); } } bool found = false; foreach (IRequestHandler handler in _Handlers) { if (handler.HandlesRequest(url, method)) { found = true; try { await handler.HandleRequest(url, method, formData, context, session, new IsValidCall(_ValidCall)); } catch (CallNotFoundException cnfe) { context.Response.ContentType = "text/text"; context.Response.StatusCode = 400; await context.Response.WriteAsync(cnfe.Message); } catch (InsecureAccessException iae) { context.Response.ContentType = "text/text"; context.Response.StatusCode = 403; await context.Response.WriteAsync(iae.Message); } catch (Exception e) { context.Response.ContentType = "text/text"; context.Response.StatusCode = 500; await context.Response.WriteAsync("Error"); } } } if (!found) { context.Response.ContentType = "text/text"; context.Response.StatusCode = 404; await context.Response.WriteAsync("Not Found"); } }
public PublicPostHandler(ISecureSession<Token> secureSession) { _secureSession = secureSession; }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, Hashtable formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { sModelListCall?mlc = null; lock (_calls) { foreach (sModelListCall call in _calls) { if (call.IsValid(url)) { mlc = call; break; } } } if (mlc.HasValue) { return(mlc.Value.HandleRequest(url, method, formData, context, session, securityCheck)); } throw new CallNotFoundException(); }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, Hashtable formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { if (!HandlesRequest(url, method)) { throw new CallNotFoundException(); } else { List <Type> models = new List <Type>(); if (_types != null) { foreach (Type t in _types) { foreach (ModelJSFilePath mjsfp in t.GetCustomAttributes(typeof(ModelJSFilePath), false)) { if (mjsfp.IsMatch(url)) { models.Add(t); } } } foreach (Type model in models) { if (!securityCheck.Invoke(model, null, session, null, url, null)) { throw new InsecureAccessException(); } } } DateTime modDate = DateTime.MinValue; foreach (Type model in models) { try { FileInfo fi = new FileInfo(model.Assembly.Location); if (fi.Exists) { modDate = new DateTime(Math.Max(modDate.Ticks, fi.LastWriteTime.Ticks)); } } catch (Exception e) { } } if (modDate == DateTime.MinValue) { modDate = RequestHandler.StartTime; } if (context.Request.Headers.ContainsKey("If-Modified-Since")) { DateTime lastModified = DateTime.Parse(context.Request.Headers["If-Modified-Since"]); if (modDate.ToString() == lastModified.ToString()) { context.Response.StatusCode = 304; return(Task.CompletedTask); } } string ret = null; context.Response.ContentType = "text/javascript"; context.Response.StatusCode = 200; lock (_cache) { if (_cache.ContainsKey(url)) { ret = _cache[url]; } } if (ret == null && models.Count > 0) { WrappedStringBuilder builder = new WrappedStringBuilder(url.ToLower().EndsWith(".min.js")); foreach (IBasicJSGenerator gen in _oneTimeInitialGenerators) { gen.GeneratorJS(ref builder); } foreach (Type model in models) { foreach (IJSGenerator gen in _instanceGenerators) { gen.GeneratorJS(ref builder, model); } foreach (IJSGenerator gen in _globalGenerators) { gen.GeneratorJS(ref builder, model); } } foreach (IBasicJSGenerator gen in _oneTimeFinishGenerators) { gen.GeneratorJS(ref builder); } ret = builder.ToString(); lock (_cache) { if (!_cache.ContainsKey(url)) { _cache.Add(url, ret); } } } context.Response.Headers.Add("Last-Modified", modDate.ToUniversalTime().ToString("R")); context.Response.Headers.Add("Cache-Control", "public"); return(context.Response.WriteAsync(ret)); } }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, string formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { MethodInfo mi = null; lock (_methods) { if (_methods.ContainsKey(url.Substring(0, url.LastIndexOf("/")))) { mi = _methods[url.Substring(0, url.LastIndexOf("/"))]; } } if (mi != null) { if (!securityCheck.Invoke(mi.DeclaringType, mi, session, null, url, new System.Collections.Hashtable() { { "id", url.Substring(url.LastIndexOf("/") + 1) } })) { throw new InsecureAccessException(); } context.Response.ContentType = "text/json"; context.Response.StatusCode = 200; return(context.Response.WriteAsync(JSON.JsonEncode(mi.Invoke(null, new object[] { url.Substring(url.LastIndexOf("/") + 1) })))); } throw new CallNotFoundException(); }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, string formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { IModel model = null; lock (_loadMethods) { if (_loadMethods.ContainsKey(url.Substring(0, url.LastIndexOf("/")))) { if (!securityCheck.Invoke(_loadMethods[url.Substring(0, url.LastIndexOf("/"))].DeclaringType, _loadMethods[url.Substring(0, url.LastIndexOf("/"))], session, null, url, new Hashtable() { { "id", url.Substring(0, url.LastIndexOf("/")) } })) { throw new InsecureAccessException(); } model = (IModel)_loadMethods[url.Substring(0, url.LastIndexOf("/"))].Invoke(null, new object[] { url.Substring(url.LastIndexOf("/") + 1) }); } } if (model == null) { throw new CallNotFoundException("Model Not Found"); } else { MethodInfo mi = null; lock (_updateMethods) { if (_updateMethods.ContainsKey(url.Substring(0, url.LastIndexOf("/")))) { mi = _updateMethods[url.Substring(0, url.LastIndexOf("/"))]; } } if (mi != null) { if (!securityCheck.Invoke(mi.DeclaringType, mi, session, model, url, (Hashtable)JSON.JsonDecode(formData))) { throw new InsecureAccessException(); } context.Response.ContentType = "text/json"; context.Response.StatusCode = 200; Utility.SetModelValues(formData, ref model, false); return(context.Response.WriteAsync(JSON.JsonEncode(mi.Invoke(model, new object[] { })))); } throw new CallNotFoundException(); } }
private static void GiveExecutablePermission(CustomizableSettings settings, ISecureSession userAndPasswordSecureSession) { var executable = GetExecutableName(settings); userAndPasswordSecureSession.Ssh.RunCommand($"chmod +x {executable}"); }
public Task HandleRequest(string url, RequestHandler.RequestMethods method, Hashtable formData, HttpContext context, ISecureSession session, IsValidCall securityCheck) { IModel model = null; lock (_constructors) { if (_constructors.ContainsKey(url)) { model = (IModel)_constructors[url].Invoke(new object[] { }); } } if (model == null) { throw new CallNotFoundException("Model Not Found"); } else { MethodInfo mi = null; lock (_saveMethods) { if (_saveMethods.ContainsKey(url)) { mi = _saveMethods[url]; } } if (mi != null) { if (!securityCheck.Invoke(mi.DeclaringType, mi, session, null, url, formData)) { throw new InsecureAccessException(); } Utility.SetModelValues(formData, ref model, true); if ((bool)mi.Invoke(model, (mi.GetParameters().Length == 1 ? new object[] { session } : new object[] { }))) { context.Response.ContentType = "text/json"; context.Response.StatusCode = 200; return(context.Response.WriteAsync(JSON.JsonEncode(new Hashtable() { { "id", model.id } }))); } throw new Exception("Failed"); } throw new CallNotFoundException(); } }
public bool Save(ISecureSession session) { System.Diagnostics.Debug.WriteLine(((SessionManager)session).Start); _persons.Add(this); return(true); }