protected void Page_Load(object sender, EventArgs e)
{
this.Label1.Text = WindowsIdentity.GetCurrent().Name;
NetSqlAzManAuthorizationContext ctx = new NetSqlAzManAuthorizationContext(
"data source=(local);Initial Catalog=NetSqlAzManStorage;User id=sa;password="******"Eidos",
"DB Persone",
this.Request.LogonUserIdentity,
false);
ctx.CheckSecurity(this);
}
/// <summary>
/// Determines whether the specified control name has access.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="controlName">Name of the control.</param>
/// <param name="itemName">Name of the item.</param>
/// <returns>
/// <c>true</c> if the specified control name has access; otherwise, <c>false</c>.
/// </returns>
protected internal bool HasAccess(NetSqlAzManAuthorizationContext context, string controlName, string itemName)
{
if (!String.IsNullOrEmpty(context._storageConnectionString))
{
if (context.StorageCache != null)
{
//Storage Cache
AuthorizationType auth = AuthorizationType.Neutral;
if (context._windowIdentity != null)
{
auth = context.StorageCache.CheckAccess(context.StoreName, context.ApplicationName, itemName, context._windowIdentity.GetUserBinarySSid(), context._windowIdentity.GetGroupsBinarySSid(), ValidFor.HasValue ? ValidFor.Value : DateTime.Now, OperationsOnly, ContextParameters);
}
else if (context._dbuserIdentity != null)
{
auth = context.StorageCache.CheckAccess(context.StoreName, context.ApplicationName, itemName, context._dbuserIdentity.CustomSid.StringValue, ValidFor.HasValue ? ValidFor.Value : DateTime.Now, OperationsOnly, ContextParameters);
}
return((auth == AuthorizationType.AllowWithDelegation) || (auth == AuthorizationType.Allow));
}
else
{
//Direct Access
using (SqlAzManStorage storage = new SqlAzManStorage(context._storageConnectionString))
{
AuthorizationType auth = AuthorizationType.Neutral;
if (context._windowIdentity != null)
{
auth = storage.CheckAccess(context.StoreName, context.ApplicationName, itemName, context._windowIdentity, ValidFor.HasValue ? ValidFor.Value : DateTime.Now, OperationsOnly, ContextParameters);
}
else if (context._dbuserIdentity != null)
{
auth = storage.CheckAccess(context.StoreName, context.ApplicationName, itemName, context._dbuserIdentity, ValidFor.HasValue ? ValidFor.Value : DateTime.Now, OperationsOnly, ContextParameters);
}
return((auth == AuthorizationType.AllowWithDelegation) || (auth == AuthorizationType.Allow));
}
}
}
else
{
throw new InvalidOperationException("NetSqlAzMan Storage connection string and NetSqlAzMan WCF Cache Service url cannot be both null");
}
}
private void Form2_Load(object sender, EventArgs e)
{
NetSqlAzManAuthorizationContext ctx = new NetSqlAzManAuthorizationContext(
"data source=(local);Initial Catalog=NetSqlAzManStorage;User id=sa;password="******"Eidos",
"DB Persone",
WindowsIdentity.GetCurrent(),
true);
var auth = ctx.StorageCache.CheckAccess("Eidos", "DB Persone", "Gestore", ctx.Storage.GetDBUser("John").CustomSid.StringValue, DateTime.Now, false);
MessageBox.Show(auth.ToString());
//Optionally you can intercept events before and after the Access Check
//ctx.BeforeCheckAccess += new BeforeCheckAccessHandler(NetSqlAzManAuthorizationContext_BeforeCheckAccess);
//ctx.AfterCheckAccess += new AfterCheckAccessHandler(NetSqlAzManAuthorizationContext_AfterCheckAccess);
//If using the Storage Cache … you can also invalidate the cache
//ctx.InvalidateCache();
ctx.CheckSecurity(this);
auth = ctx.Storage.CheckAccess("Eidos", "DB Persone", "Gestore", WindowsIdentity.GetCurrent(), DateTime.Now, false);
MessageBox.Show(auth.ToString());
}
/// <summary>
/// Determines whether the specified control name has access.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="controlName">Name of the control.</param>
/// <param name="itemName">Name of the item.</param>
/// <returns>
/// <c>true</c> if the specified control name has access; otherwise, <c>false</c>.
/// </returns>
protected internal bool HasAccess(NetSqlAzManAuthorizationContext context, string controlName, string itemName)
{
if (!String.IsNullOrEmpty(context._storageConnectionString))
{
if (context.StorageCache != null)
{
//Storage Cache
AuthorizationType auth = AuthorizationType.Neutral;
if (context._windowIdentity != null)
auth = context.StorageCache.CheckAccess(context.StoreName, context.ApplicationName, itemName, context._windowIdentity.GetUserBinarySSid(), context._windowIdentity.GetGroupsBinarySSid(), ValidFor.HasValue ? ValidFor.Value : DateTime.Now, OperationsOnly, ContextParameters);
else if (context._dbuserIdentity != null)
auth = context.StorageCache.CheckAccess(context.StoreName, context.ApplicationName, itemName, context._dbuserIdentity.CustomSid.StringValue, ValidFor.HasValue ? ValidFor.Value : DateTime.Now, OperationsOnly, ContextParameters);
return (auth == AuthorizationType.AllowWithDelegation) || (auth == AuthorizationType.Allow);
}
else
{
//Direct Access
using (SqlAzManStorage storage = new SqlAzManStorage(context._storageConnectionString))
{
AuthorizationType auth = AuthorizationType.Neutral;
if (context._windowIdentity != null)
auth = storage.CheckAccess(context.StoreName, context.ApplicationName, itemName, context._windowIdentity, ValidFor.HasValue ? ValidFor.Value : DateTime.Now, OperationsOnly, ContextParameters);
else if (context._dbuserIdentity != null)
auth = storage.CheckAccess(context.StoreName, context.ApplicationName, itemName, context._dbuserIdentity, ValidFor.HasValue ? ValidFor.Value : DateTime.Now, OperationsOnly, ContextParameters);
return (auth == AuthorizationType.AllowWithDelegation) || (auth == AuthorizationType.Allow);
}
}
}
else
{
throw new InvalidOperationException("NetSqlAzMan Storage connection string and NetSqlAzMan WCF Cache Service url cannot be both null");
}
}
