Esempio n. 1
0
        /// <summary>
        /// Add company with a system user
        /// </summary>
        /// <param name="name"></param>
        /// <param name="email"></param>
        public static void AddCompany(string name, string username, string email, string password)
        {
            if (name == null) {
                throw new ArgumentNullException("name");
            }

            if (username == null) {
                throw new ArgumentNullException("username");
            }

            if (email == null) {
                throw new ArgumentNullException("email");
            }

            if (string.IsNullOrEmpty(name)) {
                throw new ArgumentException("name");
            }

            if (string.IsNullOrEmpty(email)) {
                throw new ArgumentException("email");
            }

            // Check for duplicated email
            string emailLow = email.ToLowerInvariant();

            if (!Utils.IsValidEmail(email)) {
                throw new ArgumentException("email", "Invalid email address");
            }

            // Check if there is any system users that has this email.
            var dupEmail = Db.SQL<Simplified.Ring3.EmailAddress>("SELECT o FROM Simplified.Ring3.EmailAddress o WHERE o.EMail=? AND o.ToWhat IS Simplified.Ring3.SystemUser", emailLow).First;
            if (dupEmail != null) {
                throw new ArgumentException("email", "Duplicated email");
            }

            // Check for duplicated username
            var dupUserName = Db.SQL<Simplified.Ring3.SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.Username=?", username).First;
            if (dupUserName != null) {
                throw new ArgumentException("username", "Duplicated username");
            }

            Organization company = new Organization() { Name = name };

            Simplified.Ring3.SystemUser systemUser = new Simplified.Ring3.SystemUser();
            systemUser.WhatIs = company;
            systemUser.Username = username;
            SetPassword(systemUser, password);

            //// Add ability to also sign in with email
            //EmailAddress emailRel = new EmailAddress();
            //emailRel.SetToWhat(systemUser);
            //emailRel.EMail = emailLow;

            //emailRel = new EMailAddress();
            //emailRel.SetToWhat(company);
            //emailRel.EMail = emailLow;
            company.ImageURL = Utils.GetGravatarUrl(emailLow);
        }
Esempio n. 2
0
        /// <summary>
        /// Check is user has permission to invoke action on an application
        /// </summary>
        /// <param name="user"></param>
        /// <param name="action"></param>
        /// <param name="settings"></param>
        /// <returns></returns>
        public static bool Check(SystemUser user, ActionType action, Settings settings) {

            // TODO: check action type
            if (user == null) {
                //TODO: an anonymouse user can have access to some functions
                return false;
            }

            return false;
        }
        public static void AddUserToGroup(SystemUser User, string GroupName)
        {
            SystemUserGroup group = Db.SQL<SystemUserGroup>("SELECT g FROM Simplified.Ring3.SystemUserGroup g WHERE g.Name = ?", GroupName).First;

            if (group == null) {
                group = new SystemUserGroup() {
                    Name = GroupName
                };
            }

            AddUserToGroup(User, group);
        }
        /// <summary>
        /// Check is user has permission to invoke action
        /// </summary>
        /// <param name="user"></param>
        /// <param name="action"></param>
        /// <returns></returns>
        public static bool Check(SystemUser user, ActionType action) {

            if (user == null) {
                //TODO: an anonymouse user can have access to some functions
                return false;
            }

            if (action == ActionType.CreateOrganization) {
                // A system user may create organizations
                return true;
            }

            return false;   // Access denied
        }
        /// <summary>
        /// Check is user has permission to invoke action on an application
        /// </summary>
        /// <param name="user"></param>
        /// <param name="action"></param>
        /// <param name="application"></param>
        /// <returns></returns>
        public static bool Check(SystemUser user, ActionType action, Software application) {

            if (user == null) {
                //TODO: an anonymouse user can have access to some functions
                return false;
            }

            SoftwarePermission permission = Db.SQL<SoftwarePermission>("SELECT o FROM Warehouse.SoftwarePermission o WHERE o.User=? AND o.Software=?", user, application).First;
            if (permission != null) {
                // TODO: Add what kind of check, CanRead, CanUpdate or CanDelete
                return true;
            }
            return false;
        }
        public static void AddUserToGroup(SystemUser User, SystemUserGroup Group)
        {
            if (User == null) {
                throw new ArgumentNullException("User");
            }

            if (Group == null) {
                throw new ArgumentNullException("Group");
            }

            if (IsMemberOfGroup(User, Group)) {
                return;
            }

            SystemUserGroupMember member = new SystemUserGroupMember() {
                SystemUser = User,
                SystemUserGroup = Group
            };
        }
Esempio n. 7
0
        public static bool CanGetUri(SystemUser user, string uri, Request request)
        {
            // Check if there is any permission set for a url
            UriPermission per = Db.SQL<UriPermission>("SELECT o FROM  Simplified.Ring5.UriPermission o WHERE o.Uri=?", uri).First;
            if (per == null) {

                // TODO: Check if user is part of Admin group, then allow acces?

                // No permission configuration for this url = DENY ACCESS
                return false;
            }

            UriPermission permission = Helper.GetPermission(user, uri);
            if (permission != null) {
                return permission.CanGet;
            }

            return false;
        }
Esempio n. 8
0
        /// <summary>
        /// Add Person with a system user
        /// </summary>
        /// <param name="firstName"></param>
        /// <param name="lastname"></param>
        /// <param name="email"></param>
        public static Simplified.Ring3.SystemUser AddPerson(string firstName, string lastname, string username, string password)
        {
            if (firstName == null) {
                throw new ArgumentNullException("firstname");
            }

            if (lastname == null) {
                throw new ArgumentNullException("lastname");
            }

            if (username == null) {
                throw new ArgumentNullException("username");
            }

            //if (email == null) {
            //    throw new ArgumentNullException("email");
            //}

            if (string.IsNullOrEmpty(firstName)) {
                throw new ArgumentException("firstname");
            }

            if (string.IsNullOrEmpty(lastname)) {
                throw new ArgumentException("lastname");
            }

            //if (string.IsNullOrEmpty(email)) {
            //    throw new ArgumentException("email");
            //}

            // Validation

            // Check for duplicated email
            string usernameLow = username.ToLowerInvariant();

            //if (!Utils.IsValidEmail(email)) {
            //    throw new ArgumentException("email", "Invalid email address");
            //}

            // Check if there is any system users that has this email.
            //var dupEmail = Db.SQL<Simplified.Ring3.EmailAddress>("SELECT o FROM Simplified.Ring3.EmailAddress o WHERE o.EMail=? AND o.ToWhat IS Simplified.Ring3.SystemUser", emailLow).First;
            //if (dupEmail != null) {
            //    throw new ArgumentException("email", "Duplicated email");
            //}

            // Check for duplicated username
            var dupUserName = Db.SQL<Simplified.Ring3.SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.Username=?", username).First;
            if (dupUserName != null) {
                throw new ArgumentException("username", "Duplicated username");
            }

            Person person = new Person() { FirstName = firstName, LastName = lastname };
            Simplified.Ring3.SystemUser systemUser = new Simplified.Ring3.SystemUser();
            systemUser.WhatIs = person;
            systemUser.Username = username;
            SetPassword(systemUser, password);

            // Add ability to also sign in with email
            //EmailAddress emailRel = new EmailAddress();
            //emailRel.SetToWhat(systemUser);
            //emailRel.EMail = emailLow.ToLowerInvariant();

            person.ImageURL = Utils.GetGravatarUrl(usernameLow);

            return systemUser;
        }
Esempio n. 9
0
        /// <summary>
        /// Check if signed in user is an admin of the warehouse
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        static public bool IsAdmin(SystemUser user) {

            if (user == null) return false;

            return SystemUser.IsMemberOfGroup(user, Security.WarehouseAdminGroupName);
        }
Esempio n. 10
0
        /// <summary>
        /// Check if user is an admin
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        public static bool IsAdmin(SystemUser user)
        {
            if (user == null) return false;

            string allowedSystemUserGroup = "Admin (System Users)"; // TODO: Create playground keeper group?
            return SystemUser.IsMemberOfGroup(user, allowedSystemUserGroup);
        }
Esempio n. 11
0
        /// <summary>
        /// Signs in SystemUser without checking password
        /// </summary>
        /// <param name="systemUser">Instance of SystemUser to sign in</param>
        /// <returns>Newly created SystemUserSession</returns>
        public static SystemUserSession SignInSystemUser(SystemUser systemUser)
        {
            if (systemUser == null) {
                return null;
            }

            SystemUserSession userSession = null;

            Db.Transact(() => {
                SystemUserTokenKey token = new SystemUserTokenKey();

                token.Created = token.LastUsed = DateTime.UtcNow;
                token.Token = CreateAuthToken(systemUser.Username);
                token.User = systemUser;

                userSession = AssureSystemUserSession(token);
            });

            return userSession;
        }
Esempio n. 12
0
        /// <summary>
        /// Registers new SystemUser and creates related Person, EmailAddress, EmailAddressRelation objects. 
        /// NOTE: This method does no checks for username or email duplications, and does not commit changes!
        /// </summary>
        /// <param name="Username"></param>
        /// <param name="Email"></param>
        /// <param name="Password"></param>
        /// <returns>Newly created SystemUser instance</returns>
        public static SystemUser RegisterSystemUser(string Username, string Email, string Password)
        {
            string hash;
            string salt = Convert.ToBase64String(GenerateSalt(16));
            Person person = new Person();
            string relationTypeName = "Primary";
            EmailAddressRelationType type = Db.SQL<EmailAddressRelationType>("SELECT t FROM Simplified.Ring3.EmailAddressRelationType t WHERE t.Name = ?", relationTypeName).First;

            GeneratePasswordHash(Username.ToLower(), Password, salt, out hash);

            if (type == null) {
                type = new EmailAddressRelationType() {
                    Name = relationTypeName
                };
            }

            EmailAddress email = new EmailAddress() {
                Name = Email
            };

            EmailAddressRelation relation = new EmailAddressRelation() {
                ContactInfo = email,
                Somebody = person,
                ContactInfoRelationType = type
            };

            SystemUser user = new SystemUser() {
                Username = Username,
                WhoIs = person,
                Password = hash,
                PasswordSalt = salt
            };

            return user;
        }
Esempio n. 13
0
        public static bool IsMemberOfGroup(SystemUser User, SystemUserGroup Group)
        {
            if (User == null || Group == null) {
                return false;
            }

            SystemUserGroupMember group = Db.SQL<SystemUserGroupMember>("SELECT o FROM Simplified.Ring3.SystemUserGroupMember o WHERE o.SystemUser = ? AND o.SystemUserGroup = ?", User, Group).First;

            return group != null;
        }
Esempio n. 14
0
        public static bool IsMemberOfGroup(SystemUser User, string GroupName)
        {
            SystemUserGroup group = Db.SQL<SystemUserGroup>("SELECT g FROM Simplified.Ring3.SystemUserGroup g WHERE g.Name = ?", GroupName).First;

            return IsMemberOfGroup(User, group);
        }
Esempio n. 15
0
        private static UriPermission GetPermission(SystemUser user, string uri)
        {
            if (user == null || string.IsNullOrEmpty(uri)) {
                return null;
            }

            UriPermission permission = Db.SQL<UriPermission>("SELECT o.Permission FROM Simplified.Ring5.SystemUserUriPermission o WHERE o.Permission.Uri=? AND o.SystemUser=?", uri, user).First;
            if (permission != null) {
                return permission;
            }

            // Check user group
            var groups = Db.SQL<Simplified.Ring3.SystemUserGroupMember>("SELECT o FROM Simplified.Ring3.SystemUserGroupMember o WHERE o.SystemUser=?", user);
            foreach (var group in groups) {

                permission = GetPermissionFromGroup(group.SystemUserGroup, uri);
                if (permission != null) {
                    return permission;
                }
            }
            return null;
        }
Esempio n. 16
0
        //static public bool IsMemberOfAdminGroup(Simplified.Ring3.SystemUser user) {
        //    if (user == null) return false;
        //    Simplified.Ring3.SystemUser Group adminGroup = Db.SQL<Simplified.Ring3.SystemUser	Group>("SELECT o FROM Simplified.Ring3.SystemUser Group o WHERE o.Name=?", Program.AdminGroupName).First;
        //    return IsMemberOfGroup(user, adminGroup);
        //}
        public static bool IsMemberOfGroup(SystemUser user, SystemUserGroup basedOnGroup)
        {
            if (user == null) return false;
            if (basedOnGroup == null) return false;

            var groups = Db.SQL<SystemUserGroup>("SELECT o.SystemUserGroup FROM Simplified.Ring3.SystemUserGroupMember o WHERE o.SystemUser=?", user);
            foreach (var groupItem in groups) {

                bool flag = IsBasedOnGroup(groupItem, basedOnGroup);
                if (flag) {
                    return true;
                }
            }

            return false;
        }