/// <summary>
/// Delivers the trace data to the underlying file.
/// </summary>
/// <param name="eventCache">The context information provided by <see cref="System.Diagnostics"/>.</param>
/// <param name="source">The name of the trace source that delivered the trace data.</param>
/// <param name="eventType">The type of event.</param>
/// <param name="id">The id of the event.</param>
/// <param name="data">The data to trace.</param>
public override void TraceData(TraceEventCache eventCache, string source, TraceEventType eventType, int id, object data)
{
if (header.Length > 0)
{
WriteLine(header);
}
if (data is LogEntry)
{
if (this.Formatter != null)
{
base.WriteLine(this.Formatter.Format(data as LogEntry));
}
else
{
base.TraceData(eventCache, source, eventType, id, data);
}
InstrumentationProvider.FireTraceListenerEntryWrittenEvent();
}
else
{
base.TraceData(eventCache, source, eventType, id, data);
}
if (footer.Length > 0)
{
WriteLine(footer);
}
}
/// <summary>
/// Evaluates the specified authority against the specified context.
/// </summary>
/// <param name="principal">Must be an <see cref="IPrincipal"/> object.</param>
/// <param name="ruleName">The name of the rule to evaluate.</param>
/// <returns><c>true</c> if the expression evaluates to true,
/// otherwise <c>false</c>.</returns>
public override bool Authorize(IPrincipal principal, string ruleName)
{
if (principal == null)
{
throw new ArgumentNullException("principal");
}
if (ruleName == null || ruleName.Length == 0)
{
throw new ArgumentNullException("ruleName");
}
InstrumentationProvider.FireAuthorizationCheckPerformed(principal.Identity.Name, ruleName);
BooleanExpression booleanExpression = GetParsedExpression(ruleName);
if (booleanExpression == null)
{
throw new InvalidOperationException(string.Format(Properties.Resources.AuthorizationRuleNotFoundMsg, ruleName));
}
bool result = booleanExpression.Evaluate(principal);
if (result == false)
{
InstrumentationProvider.FireAuthorizationCheckFailed(principal.Identity.Name, ruleName);
}
return(result);
}
/// <summary>
/// Checks a user's authorization against a given rule
/// </summary>
/// <param name="principal">The user to authorize</param>
/// <param name="context">The name of the rule to check</param>
/// <returns>boolean indicating whether the user is authorized</returns>
public override bool Authorize(System.Security.Principal.IPrincipal principal, string context)
{
if (principal == null)
{
throw new ArgumentNullException("principal");
}
if (context == null || context.Length == 0)
{
throw new ArgumentNullException("context");
}
//SecurityAuthorizationCheckEvent.Fire(principal.Identity.Name, context);
InstrumentationProvider.FireAuthorizationCheckPerformed(principal.Identity.Name, context);
DataTable dt = SqlHelper.ExecuteDataTable(CommandType.Text, "select * from tbOper where cnvcOperName='" + principal.Identity.Name + "'");
if (dt.Rows.Count == 0)
{
return(false);
}
Oper oper = new Oper(dt);
object objOperFunc = SqlHelper.ExecuteScalar(CommandType.Text, "select count(*) from tbOperFunc where cnnOperID=" + oper.cnnOperID + " and cnvcFuncCode='" + context + "'");
object objDeptFunc = SqlHelper.ExecuteScalar(CommandType.Text, "select count(*) from tbDeptFunc where cnnDeptID=" + oper.cnnDeptID + " and cnvcFuncCode='" + context + "'");
int iOperFunc = Convert.ToInt32(objOperFunc);
int iDeptFunc = Convert.ToInt32(objDeptFunc);
bool result = iOperFunc + iDeptFunc > 0 ? true : false;
if (result == false)
{
//SecurityAuthorizationFailedEvent.Fire(principal.Identity.Name, context);
InstrumentationProvider.FireAuthorizationCheckFailed(principal.Identity.Name, context);
}
return(result);
}
public void CanReadFromConfiguration()
{
InstrumentationProvider instrumentationProvider = ProviderFactory.GetInstance <InstrumentationFactory>(ProviderRepositoryFactory.Instance.Provider).GetDefaultProvider <InstrumentationProvider>();
Assert.AreEqual(instrumentationProvider.Name, "TestLogging");
Assert.AreEqual(instrumentationProvider.LogFileName, "test.log");
}
/// <summary>
/// <para>Encrypts a secret using the configured <c>SymmetricAlgorithm</c>.</para>
/// </summary>
/// <param name="plaintext"><para>The input to be encrypted. It is the responsibility of the caller to clear this
/// byte array when finished.</para></param>
/// <returns><para>The resulting cipher text.</para></returns>
/// <seealso cref="ISymmetricCryptoProvider.Encrypt"/>
public byte[] Encrypt(byte[] plaintext)
{
if (plaintext == null)
{
throw new ArgumentNullException("plainText");
}
if (plaintext.Length == 0)
{
throw new ArgumentException(Resources.ExceptionByteArrayValueMustBeGreaterThanZeroBytes, "plaintext");
}
byte[] output = null;
try
{
using (SymmetricCryptographer crypto = new SymmetricCryptographer(algorithmType, key))
{
output = crypto.Encrypt(plaintext);
}
}
catch (Exception e)
{
InstrumentationProvider.FireCyptographicOperationFailed(Resources.EncryptionFailed, e);
throw;
}
InstrumentationProvider.FireSymmetricEncryptionPerformed();
return(output);
}
public void TearDown()
{
InstrumentationProvider instrumentationProvider = ProviderFactory.GetInstance <InstrumentationFactory>(ProviderRepositoryFactory.Instance.Provider).GetDefaultProvider <InstrumentationProvider>();
FileInfo logFile = new FileInfo(instrumentationProvider.LogFileName);
logFile.Delete();
}
/// <summary>
/// Gets an existing Profile object from the cache.
/// </summary>
/// <param name="token">
/// Token identifying an existing cached entity.
/// </param>
/// <returns>A cached Profile object</returns>
public override object GetProfile(IToken token)
{
SecurityCacheItem item = GetSecurityCacheItem(token);
object profile = item == null ? null : item.Profile;
InstrumentationProvider.FireSecurityCacheReadPerformed(SecurityEntityType.Profile, token);
return(profile);
}
/// <summary>
/// Gets an existing IPrincipal object from the cache.
/// </summary>
/// <param name="token">
/// Token identifying an existing cached entity.
/// </param>
/// <returns>A cached IPrincipal object</returns>
public override IPrincipal GetPrincipal(IToken token)
{
SecurityCacheItem item = GetSecurityCacheItem(token);
IPrincipal principal = item == null ? null : item.Principal;
InstrumentationProvider.FireSecurityCacheReadPerformed(SecurityEntityType.Principal, token);
return(principal);
}
/// <summary>
/// Gets an existing IIdentity object from the cache.
/// </summary>
/// <param name="token">
/// Token identifying an existing cached entity.
/// </param>
/// <returns>A cached IIdentity object</returns>
public override IIdentity GetIdentity(IToken token)
{
SecurityCacheItem item = GetSecurityCacheItem(token);
IIdentity identity = item == null ? null : item.Identity;
InstrumentationProvider.FireSecurityCacheReadPerformed(SecurityEntityType.Identity, token);
return(identity);
}
public void CanLogEvent()
{
InstrumentationProvider instrumentationProvider = ProviderFactory.GetInstance <InstrumentationFactory>(ProviderRepositoryFactory.Instance.Provider).GetDefaultProvider <InstrumentationProvider>();
instrumentationProvider.WriteLog("test");
using (StreamReader fr = new StreamReader(instrumentationProvider.LogFileName))
{
Assert.AreEqual(fr.ReadLine(), "test");
}
}
/// <summary>
/// Evaluates the specified authority against the specified context that is either a task or operation in Authorization Manager. If the context is an operation it should be prefixed by "O".
/// </summary>
/// <param name="principal">Principal object containing a windows identity.</param>
/// <param name="context">Name of the task or operation to evaluate.</param>
/// <returns><strong>True</strong> if AzMan evaluates to true,
/// otherwise <strong>false</strong>.</returns>
public override bool Authorize(IPrincipal principal, string context)
{
if (principal == null)
{
throw new ArgumentNullException("principal");
}
if (context == null)
{
throw new ArgumentNullException("context");
}
WindowsIdentity winIdentity = principal.Identity as WindowsIdentity;
if (winIdentity == null)
{
throw new ArgumentException(Properties.Resources.WindowsIdentityOnly);
}
// INSTRUMENTATION
//SecurityAuthorizationCheckEvent.Fire(principal.Identity.Name, context);
string auditIdentifier = this.auditIdentifierPrefix + principal.Identity.Name + ":" + context;
bool result = false;
bool operation = false;
if (context.IndexOf(OperationContextPrefix) == 0)
{
operation = true;
context = context.Substring(OperationContextPrefix.Length);
}
if (operation)
{
string[] operations = new string[] { context };
result = CheckAccessOperations(auditIdentifier, winIdentity, operations);
}
else
{
string[] tasks = new string[] { context };
result = CheckAccessTasks(auditIdentifier, winIdentity, tasks);
}
InstrumentationProvider.FireAuthorizationCheckPerformed(principal.Identity.Name, context);
if (result == false)
{
InstrumentationProvider.FireAuthorizationCheckFailed(principal.Identity.Name, context);
}
return(result);
}
/// <summary>
/// Sends the traced object to its final destination through a <see cref="MessageQueue"/>.
/// </summary>
/// <param name="eventCache">The context information provided by <see cref="System.Diagnostics"/>.</param>
/// <param name="source">The name of the trace source that delivered the trace data.</param>
/// <param name="eventType">The type of event.</param>
/// <param name="id">The id of the event.</param>
/// <param name="data">The data to trace.</param>
public override void TraceData(TraceEventCache eventCache, string source, TraceEventType eventType, int id, object data)
{
if (data is LogEntry)
{
SendMessageToQueue(data as LogEntry);
InstrumentationProvider.FireTraceListenerEntryWrittenEvent();
}
else if (data is string)
{
Write(data as string);
}
else
{
base.TraceData(eventCache, source, eventType, id, data);
}
}
/// <summary>
/// Delivers the trace data as an email message.
/// </summary>
/// <param name="eventCache">The context information provided by <see cref="System.Diagnostics"/>.</param>
/// <param name="source">The name of the trace source that delivered the trace data.</param>
/// <param name="eventType">The type of event.</param>
/// <param name="id">The id of the event.</param>
/// <param name="data">The data to trace.</param>
public override void TraceData(TraceEventCache eventCache, string source, TraceEventType eventType, int id, object data)
{
if (data is LogEntry)
{
EmailMessage message = new EmailMessage(toAddress, fromAddress, subjectLineStarter, subjectLineEnder, smtpServer, smtpPort, data as LogEntry, this.Formatter);
message.Send();
InstrumentationProvider.FireTraceListenerEntryWrittenEvent();
}
else if (data is string)
{
Write(data);
}
else
{
base.TraceData(eventCache, source, eventType, id, data);
}
}
/// <summary>
/// Computes the hash value of plain text.
/// </summary>
/// <param name="plaintext">The input for which to compute the hash.</param>
/// <returns>The computed hash code.</returns>
public byte[] CreateHash(byte[] plaintext)
{
byte[] hash = null;
try
{
hash = CreateHashWithSalt(plaintext, null);
}
catch (Exception e)
{
InstrumentationProvider.FireCyptographicOperationFailed(Resources.HashCreationFailed, e);
throw;
}
InstrumentationProvider.FireHashOperationPerformed();
return(hash);
}
/// <summary>
/// Compares plain text input with a computed hash.
/// </summary>
/// <param name="plaintext">The input for which you want to compare the hash to.</param>
/// <param name="hashedtext">The hash value for which you want to compare the input to.</param>
/// <returns><c>true</c> if plainText hashed is equal to the hashedText. Otherwise, <c>false</c>.</returns>
public bool CompareHash(byte[] plaintext, byte[] hashedtext)
{
if (plaintext == null)
{
throw new ArgumentNullException("plainText");
}
if (hashedtext == null)
{
throw new ArgumentNullException("hashedText");
}
if (hashedtext.Length == 0)
{
throw new ArgumentException(Resources.ExceptionByteArrayValueMustBeGreaterThanZeroBytes, "hashedText");
}
bool result = false;
byte[] hashedPlainText = null;
byte[] salt = null;
try
{
try
{
salt = ExtractSalt(hashedtext);
hashedPlainText = CreateHashWithSalt(plaintext, salt);
}
finally
{
CryptographyUtility.ZeroOutBytes(salt);
}
result = CryptographyUtility.CompareBytes(hashedPlainText, hashedtext);
}
catch (Exception e)
{
InstrumentationProvider.FireCyptographicOperationFailed(Resources.HashComparisonFailed, e);
throw;
}
InstrumentationProvider.FireHashComparisonPerformed();
if (!result)
{
InstrumentationProvider.FireHashMismatchDetected();
}
return(result);
}
/// <summary>
/// Delivers the trace data to the underlying database.
/// </summary>
/// <param name="eventCache">The context information provided by <see cref="System.Diagnostics"/>.</param>
/// <param name="source">The name of the trace source that delivered the trace data.</param>
/// <param name="eventType">The type of event.</param>
/// <param name="id">The id of the event.</param>
/// <param name="data">The data to trace.</param>
public override void TraceData(TraceEventCache eventCache, string source, TraceEventType eventType, int id, object data)
{
if (data is LogEntry)
{
LogEntry logEntry = data as LogEntry;
if (ValidateParameters(logEntry))
{
ExecuteStoredProcedure(logEntry);
}
InstrumentationProvider.FireTraceListenerEntryWrittenEvent();
}
else if (data is string)
{
Write(data as string);
}
else
{
base.TraceData(eventCache, source, eventType, id, data);
}
}
/// <summary>
/// Formats the object to trace and forward the trace request to the wrapped listener with the formatted result.
/// </summary>
/// <remarks>
/// Formatting is only performed if the object to trace is a <see cref="LogEntry"/> and the formatter is set.
/// </remarks>
/// <param name="eventCache">The context information.</param>
/// <param name="source">The trace source.</param>
/// <param name="severity">The severity.</param>
/// <param name="id">The event id.</param>
/// <param name="data">The object to trace.</param>
public override void TraceData(TraceEventCache eventCache, string source, TraceEventType severity, int id, object data)
{
if (data is LogEntry)
{
if (this.Formatter != null)
{
this.slaveListener.TraceData(eventCache, source, severity, id, this.Formatter.Format(data as LogEntry));
}
else
{
this.slaveListener.TraceData(eventCache, source, severity, id, data);
}
InstrumentationProvider.FireTraceListenerEntryWrittenEvent();
}
else
{
this.slaveListener.TraceData(eventCache, source, severity, id, data);
}
}
/// <summary>
/// Evaluates the specified authority against the specified context.
/// </summary>
/// <param name="principal">Must be an <see cref="IPrincipal"/> object.</param>
/// <param name="ruleName">The name of the rule to evaluate.</param>
/// <returns><c>true</c> if the expression evaluates to true,
/// otherwise <c>false</c>.</returns>
public override bool Authorize(IPrincipal principal, string ruleName)
{
if (principal == null)
{
throw new ArgumentNullException("principal");
}
if (ruleName == null || ruleName.Length == 0)
{
throw new ArgumentNullException("ruleName");
}
//get the rules from the cache
if (m_CacheManager.ContainsKey(CACHEKEY))
{
GetAuthorizationRulesFromCache();
}
else
{
GetAuthorizationRules();
}
InstrumentationProvider.FireAuthorizationCheckPerformed(principal.Identity.Name, ruleName);
BooleanExpression booleanExpression = GetParsedExpression(ruleName);
if (booleanExpression == null)
{
throw new InvalidOperationException(string.Format("Authorization Rule Not Found", ruleName));
}
bool result = booleanExpression.Evaluate(principal);
if (result == false)
{
InstrumentationProvider.FireAuthorizationCheckFailed(principal.Identity.Name, ruleName);
}
return(result);
}
public override void TraceData(TraceEventCache eventCache, string source, TraceEventType eventType, int id, object data)
{
if ((Filter != null) && !Filter.ShouldTrace(eventCache, source, eventType, id, null, null, data, null))
{
return;
}
LogEntry entry = data as LogEntry;
if (entry != null)
{
WeblogEmailMessage message = new WeblogEmailMessage(_toAddress, _fromAddress, _subjectLineStarter, _subjectLineEnder, _smtpServer, _smtpPort, _enableSsl, _userName, _password, entry, Formatter);
message.Send();
InstrumentationProvider.FireTraceListenerEntryWrittenEvent();
}
else if (data is string)
{
Write(data);
}
else
{
base.TraceData(eventCache, source, eventType, id, data);
}
}
/// <summary>
/// Checks a user's authorization against a given rule
/// </summary>
/// <param name="principal">The user to authorize</param>
/// <param name="context">The name of the rule to check</param>
/// <returns>boolean indicating whether the user is authorized</returns>
public override bool Authorize(System.Security.Principal.IPrincipal principal, string context)
{
if (principal == null)
{
throw new ArgumentNullException("principal");
}
if (context == null || context.Length == 0)
{
throw new ArgumentNullException("context");
}
if (mgr == null)
{
mgr = new DbRulesManager(database);
}
//SecurityAuthorizationCheckEvent.Fire(principal.Identity.Name, context);
InstrumentationProvider.FireAuthorizationCheckPerformed(principal.Identity.Name, context);
BooleanExpression expression = GetParsedExpression(context, mgr);
if (expression == null)
{
//todo : better exception
throw new ApplicationException(String.Format("Authorization Rule {0} not found in the database.", context));
}
bool result = expression.Evaluate(principal);
if (result == false)
{
//SecurityAuthorizationFailedEvent.Fire(principal.Identity.Name, context);
InstrumentationProvider.FireAuthorizationCheckFailed(principal.Identity.Name, context);
}
return(result);
}
public static void InstallInstrumentationProvider(this MonoConnection connection, InstrumentationProvider provider)
{
var extension = (InstrumentationConnectionExtension)connection.ConnectionExtensions;
extension.InstrumentationProvider = provider;
}
