/// <summary> /// Returns the TMS Permission of the user with the supplied WindowsIdentity /// </summary> /// <param name="windowsIdentity">The WindowsIdentity for the user which will either come from System.Security.Principal or System.ServiceModel.ServiceSecurityContext.Current</param> /// <returns>User Access Permission for the specified User</returns> public static Enumerations.PermissionType UserAccessPermission(WindowsIdentity windowsIdentity) { Enumerations.PermissionType userAccessPermission = Enumerations.PermissionType.None; // A Chassis User Permission Override does not exist string userName = windowsIdentity.Name; int backslashPos = userName.LastIndexOf(@"\"); string simpleUserName = backslashPos == -1 ? userName : userName.Substring(backslashPos + 1); // For speed, cache the User's Group membership Collections.CaseIgnoringSortedSetType userNetworkGroupCollection = UserAccessDetail.NetworkGroupsForUserName(simpleUserName); // Determine which Group of which the User is a member starting with the lowest Permission if (userNetworkGroupCollection.Contains(TmsPermissionNetworkGroupName[Enumerations.PermissionType.Read])) { userAccessPermission = Enumerations.PermissionType.Read; } else if ( userNetworkGroupCollection.Contains( TmsPermissionNetworkGroupName[Enumerations.PermissionType.Full])) { userAccessPermission = Enumerations.PermissionType.Full; } // A Chassis User Permission Override does not exist return(userAccessPermission); }
/// <summary> /// Determine whether the specified Network User is a member of the specified Network Group /// </summary> /// <param name="userSAMAccountName">The simple name (SAM Account Name) e.g. "corc1", of the User</param> /// <param name="groupCommonName">The Common Name of the Group</param> /// <returns>Whether the User is (true) or is not (false) a member of the specified Network Group</returns> internal bool UserIsNetworkGroupMember(string userSAMAccountName, string groupCommonName) { bool userIsNetworkGroupMember = false; if (_DefaultNamingContext != null) { // There is a Default Naming Context try { // Get the Group's Distinguished Name string groupDistinguishedName = DistinguishedNameFromCommonName(groupCommonName); if (groupDistinguishedName != null) { // Got Group Distinguished Name string userDistinguishedName = DistinguishedNameFromSAMAccountName(userSAMAccountName); Collections.CaseIgnoringSortedSetType userGroupDistinguishedNameCollection = NetworkGroupsForUser(LdapObjectPath(userDistinguishedName), true); if (userGroupDistinguishedNameCollection != null) { // Search returned a result userIsNetworkGroupMember = userGroupDistinguishedNameCollection.Contains(groupDistinguishedName); } // Search returned a result } // Got Group Distinguished Name } catch (Exception eek) { } } // There is a Default Naming Context return(userIsNetworkGroupMember); }
/// <summary> /// Produce the possible multiple values of the specified Attribute for the supplied object /// without performing recursion /// </summary> /// <param name="attributeName">The name of the Attribute</param> /// <param name="objectEntry">The Directory Entry for the Object</param> /// <param name="valuesCollection">A Collection of values of the specified Attribute</param> /// <param name="recursive">Whether the search should be recursive or not</param> /// <returns>A Collection of Values for the specified Attribute</returns> private Collections.CaseIgnoringSortedSetType AttributeValuesMultiString(string attributeName, DirectoryEntry objectEntry, Collections.CaseIgnoringSortedSetType valuesCollection, bool recursive) { PropertyValueCollection ValueCollection = objectEntry.Properties[attributeName]; IEnumerator enumerator = ValueCollection.GetEnumerator(); while (enumerator.MoveNext()) { if (enumerator.Current != null) { if (!valuesCollection.Contains(enumerator.Current.ToString())) { valuesCollection.Add(enumerator.Current.ToString()); if (recursive) { AttributeValuesMultiString(attributeName, LdapPrefix + enumerator.Current.ToString(), valuesCollection, true); } } } } return(valuesCollection); }