Esempio n. 1
0
        public override object Authenticate(IObjectSpace objectSpace)
        {
            Usuario usuario;

            if (autoLogin)
            {
                usuario = objectSpace.FindObject <Usuario>(new BinaryOperator("UserName", "admin"));

                _logonParameters.ObjectSpace   = objectSpace;
                _logonParameters.LoginUserName = usuario.UserName;
                _logonParameters.LoginEmpresa  = usuario.EmpresaPredeterminada;
            }
            else
            {
                if (_logonParameters.UsuarioActual() == null)
                {
                    throw new Exception(CaptionHelper.GetLocalizedText("Security", "UsuarioNotNull"));
                }

                if (_logonParameters.EmpresaActual() == null)
                {
                    throw new Exception(CaptionHelper.GetLocalizedText("Security", "EmpresaNotNull"));
                }

                if (!_logonParameters.UsuarioActual().ComparePassword(_logonParameters.Password))
                {
                    throw new AuthenticationException(_logonParameters.UsuarioActual().UserName,
                                                      SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.PasswordsAreDifferent));
                }

                usuario = objectSpace.GetObjectByKey <Usuario>(_logonParameters.UsuarioActualId);
            }

            return(usuario);
        }
Esempio n. 2
0
        /// <summary>
        /// Método de autenticação
        /// </summary>
        /// <param name="objectSpace">ObjectSpace</param>
        /// <returns>usuário autenticado</returns>
        public override object Authenticate(IObjectSpace objectSpace)
        {
            ObjectSpace objectSpaceComSessao = (ObjectSpace)objectSpace;

            parameters.UserName = ADUtil.GetUsuarioLogadoPeloWindows();

            WexAuthenticateAD ad = new WexAuthenticateAD(ADResources.ADServer);
            bool sucesso         = ad.IsAuthenticated(ADResources.ADDomain, parameters.UserName);

            Object usuario = null;

            if (sucesso)
            {
                if (objectSpaceComSessao != null)
                {
                    usuario = AoAutenticarUsuarioComSessao(objectSpaceComSessao.Session, parameters.UserName, ADResources.ExtEmail);
                }
                else
                {
                    usuario = AoAutenticarUsuario(parameters.UserName, ADResources.ExtEmail);
                }
            }
            else
            {
                throw new AuthenticationException(parameters.UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation));
            }

            return(usuario);
        }
Esempio n. 3
0
        protected override void ChangePassword(ChangePasswordParameters parameters)
        {
            Guard.ArgumentNotNull(parameters, "parameters");

            try
            {
                CustomChangePasswordEventArgs customChangePasswordEventArgs = new CustomChangePasswordEventArgs(parameters);

                CustomChangePassword?.Invoke(this, customChangePasswordEventArgs);

                if (!customChangePasswordEventArgs.Handled)
                {
                    if (!AuthenticatingEmployee.ComparePassword(parameters.OldPassword))
                    {
                        throw new Exception(String.Format("{0} {1}", SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.OldPasswordIsWrong), SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation)));
                    }

                    if (parameters.NewPassword != parameters.ConfirmPassword)
                    {
                        throw new Exception(String.Format("{0} {1}", SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.PasswordsAreDifferent), SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation)));
                    }

                    if (AuthenticatingEmployee.ComparePassword(parameters.NewPassword))
                    {
                        throw new Exception(String.Format("{0} {1}", SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.NewPasswordIsEqualToOldPassword), SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation)));
                    }

                    KeyValuePair <HttpStatusCode, string> result = MultiTenantHelper.SetPassword(AuthenticatingEmployee, AuthenticatingEmployee, parameters.NewPassword);

                    if (result.Key == HttpStatusCode.OK)
                    {
                        AuthenticatingEmployee.SetPassword(parameters.NewPassword);
                        AuthenticatingEmployee.ChangePasswordOnFirstLogon = false;
                        this.ObjectSpace.SetModified(AuthenticatingEmployee);
                        this.ObjectSpace.CommitChanges();
                    }

                    SecurityModule.TryUpdateLogonParameters(parameters.NewPassword);

                    if (!View.ObjectSpace.IsModified)
                    {
                        bool isCurrentUser = IsCurrentUser(View.ObjectSpace, View.CurrentObject);
                        if (isCurrentUser)
                        {
                            View.ObjectSpace.ReloadObject(View.CurrentObject);
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                ToastMessageHelper.ShowErrorMessage(this.Application, ex, InformationPosition.Bottom);
            }
            finally
            {
                parameters.ClearValues();
            }
        }
Esempio n. 4
0
        private object AuthenticateStandard(IObjectSpace objectSpace)
        {
            if (string.IsNullOrEmpty(logonParameters.UserName))
            {
                throw new ArgumentException(SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.UserNameIsEmpty));
            }
            var user = (IAuthenticationStandardUser)objectSpace.FindObject(UserType, new BinaryOperator("UserName", logonParameters.UserName));

            if (user == null || !user.ComparePassword(logonParameters.Password))
            {
                throw new AuthenticationException(logonParameters.UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation));
            }
            return(user);
        }
Esempio n. 5
0
        /// <summary>
        /// metodo de autenticação
        /// </summary>
        /// <param name="objectSpace">objeto de IObjectSpace</param>
        /// <returns>returna o usuario</returns>
        public override object Authenticate(IObjectSpace objectSpace)
        {
            ObjectSpace objectSpaceComSessao = (ObjectSpace)objectSpace;

            object user = null;

            WexAuthenticateAD ad = new WexAuthenticateAD(WexProject.Web.Properties.ADResources.ADServer);
            bool sucesso         = ad.IsAuthenticated(WexProject.Web.Properties.ADResources.ADDomain, parameters.UserName, parameters.Password);

            if (sucesso)
            {
                if (user == null)
                {
                    user = AoAutenticarUsuarioComSessao(objectSpaceComSessao.Session, parameters.UserName, WexProject.Web.Properties.ADResources.ExtEmail);
                }
            }
            else
            {
                throw new AuthenticationException(parameters.UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation));
            }

            /* O código a seguir foi implementado devido a urgência de uma solicitação,
             * o motivo de não estar implementado dentro dos padrões de código limpo e utilizando a devida segurança é que no momento não há tempo hábil dentro do cronograma do ciclo atual.
             * Obs: Posteiormente deve ser reimplementado para que esteja de acordo com os padrões de código e utilizando as devidas classes de segurança.
             */
            List <string> usuariosPermitidos = new List <string>();

            usuariosPermitidos.Add("acruz");
            usuariosPermitidos.Add("lbraga");
            usuariosPermitidos.Add("avieira");
            usuariosPermitidos.Add("lgavinho");
            usuariosPermitidos.Add("rgarcia");
            usuariosPermitidos.Add("amendes");
            usuariosPermitidos.Add("rcaetano");
            usuariosPermitidos.Add("roberto.garcia");
            usuariosPermitidos.Add("ana.horta");

            User usuario = (User)user;

            if (!usuariosPermitidos.Contains(usuario.UserName))
            {
                throw new AuthenticationException(parameters.UserName, "Usuário não autorizado.");
            }

            return(user);
        }
Esempio n. 6
0
        public override object Authenticate(IObjectSpace objectSpace)
        {
            if (string.IsNullOrEmpty(((XpandLogonParameters)LogonParameters).UserName))
            {
                throw new ArgumentException(SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.UserNameIsEmpty));
            }
            var user = (IAuthenticationStandardUser)objectSpace.FindObject(UserType, CriteriaOperator.Parse("UserName = ?",
                                                                                                            ((XpandLogonParameters)
                                                                                                             LogonParameters)
                                                                                                            .UserName));

            if (user == null || !user.ComparePassword(((XpandLogonParameters)LogonParameters).Password))
            {
                throw new AuthenticationException(((XpandLogonParameters)LogonParameters).UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation));
            }
            return(user);
        }
Esempio n. 7
0
 public override object Authenticate(DevExpress.ExpressApp.IObjectSpace objectSpace)
 {
     WinChangeDatabaseHelper.AuthenticatedUserLogonFailed = false;
     if (string.IsNullOrEmpty(AuthenticatedUserName))
     {
         return(base.Authenticate(objectSpace));
     }
     else
     {
         CustomLogonParametersForStandardAuthentication logonParameters = (CustomLogonParametersForStandardAuthentication)LogonParameters;
         object result = objectSpace.FindObject(UserType, new BinaryOperator("UserName", logonParameters.UserName));
         if (result == null)
         {
             WinChangeDatabaseHelper.AuthenticatedUserLogonFailed = true;
             WinChangeDatabaseHelper.SkipLogonDialog = false;
             throw new AuthenticationException(logonParameters.UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation));
         }
         AuthenticatedUserName = "";
         return(result);
     }
 }