public async void ExecuteAddAclCommand(object parameter)
{
Busy = true;
BusyContent = "Adding ACL";
try
{
var identity = new IdentityDescriptionObject(SelectedIdentity.Mrn, SelectedIdentity.Name);
await Task.Factory.StartNew(() =>
{
var visService = new VisService();
visService.AuthorizeIdentities(Id, new List <IdentityDescriptionObject>
{
identity
});
});
AclList.Add(identity);
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
finally
{
Busy = false;
}
}
public async void ExecuteDeleteAclCommand(object parameter)
{
Busy = true;
BusyContent = "Deleting ACL";
try
{
await Task.Factory.StartNew(() =>
{
var visService = new VisService();
visService.RemoveAuthorization(Id, new List <IdentityDescriptionObject>
{
SelectedAcl
});
});
AclList.Remove(SelectedAcl);
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
finally
{
Busy = false;
}
}
void AutoDeny(bool success, Ip remoteIp)
{
if (_attackDb == null)
{
return;
}
//�f�[�^�x�[�X�ւ̓o�^
if (!_attackDb.IsInjustice(success, remoteIp))
{
return;
}
//�u���[�g�t�H�[�X�A�^�b�N
if (!AclList.Append(remoteIp))
{
return; //ACL�������ېݒ�(�u������v�ɐݒ肳��Ă���ꍇ�A�@�\���Ȃ�)
}
//�lj��ɐ��������ꍇ�A�I�v�V���������������
var d = (Dat)Conf.Get("acl");
var name = string.Format("AutoDeny-{0}", DateTime.Now);
var ipStr = remoteIp.ToString();
d.Add(true, string.Format("{0}\t{1}", name, ipStr));
Conf.Set("acl", d);
Conf.Save(Kernel.IniDb);
//OneOption.SetVal("acl", d);
//OneOption.Save(OptionIni.GetInstance());
Logger.Set(LogKind.Secure, null, 9000055, string.Format("{0},{1}", name, ipStr));
}
//bool CheckAuthList(string requestUri) {
// // 【注意 ショートファイル名でアクセスした場合の、認証の回避を考慮する必要がある】
// //AnsiString S = ExtractShortPathName(ShortNamePath);
// var authList = (Dat)this.Conf.Get("authList");
// foreach (var o in authList) {
// if (!o.Enable)
// continue;
// string uri = o.StrList[0];
// if (requestUri.IndexOf(uri) == 0) {
// return false;
// }
// }
// return true;
//}
void AutoDeny(bool success, Ip remoteIp)
{
if (_attackDb == null)
{
return;
}
//データベースへの登録
if (!_attackDb.IsInjustice(success, remoteIp))
{
return;
}
//ブルートフォースアタック
if (AclList.Append(remoteIp)) //ACL自動拒否設定(「許可する」に設定されている場合、機能しない)
//追加に成功した場合、オプションを書き換える
{
var d = (Dat)Conf.Get("acl");
var name = string.Format("AutoDeny-{0}", DateTime.Now);
var ipStr = remoteIp.ToString();
d.Add(true, string.Format("{0}\t{1}", name, ipStr));
Conf.Set("acl", d);
Conf.Save(Kernel.IniDb);
Logger.Set(LogKind.Secure, null, 9000055, string.Format("{0},{1}", name, ipStr));
}
else
{
Logger.Set(LogKind.Secure, null, 9000056, remoteIp.ToString());
}
}
void load_(WebpageInfo p)
{
//
//the business rules of inheritance are implemented by NavigationRole.IsUserAuthorized()
//using NavigationRole.GetAcl(); the rules are followed in the same way by this
//control, PageSecurity.ascx, and therefore there is a precarious coupling between
//the two. In the future we will encapsulate the ACL/IsPublic business rules.
//
bool isPublic;
NavigationRoleCollection acl = NavigationRole.GetAcl(p, true, out isPublic);
AclList.DataSource = acl;
AclList.DataBind();
IsPublic.Checked = isPublic;
if (!isPublic && p.IsPublic)
{
IsPublic.Enabled = false;
IsPublic.Text = "Public (inherited)";
}
else
{
IsPublic.Text = "Public";
}
//
//set help text
//
if (isPublic) //overrides role assignments
{
HelpText.Text = "<strong>All users,</strong> including anonymous/public users, can access the page.";
}
else if (acl.Count > 0)
{
HelpText.Text = "<strong>Access is restricted.</strong> Only the roles listed below have access to the page.";
}
else
{
HelpText.Text = "<strong>All logged-in users</strong> can access the page. Anonymous/public users cannot access the page.";
}
}
public void enableNum_0で_のみを許可する_を検証する(string aclStr, string ipStr, AclKind expected)
{
//setUp
int enableNum = 0; //enableNum=0 のみを許可する
Dat dat = new Dat(new CtrlType[] { CtrlType.TextBox, CtrlType.AddressV4 });
if (!dat.Add(true, string.Format("NAME\t{0}", aclStr)))
{
Assert.Fail("このエラーが発生したら、テストの実装に問題がある");
}
var ip = TestUtil.CreateIp(ipStr);
AclList sut = new AclList(dat, enableNum, new Logger());
//exercise
AclKind actual = sut.Check(ip);
//verify
Assert.That(actual, Is.EqualTo(expected));
}
//コンストラクタ
protected OneServer(Kernel kernel, Conf conf, OneBind oneBind)
: base(kernel.CreateLogger(conf.NameTag, true, null))
{
Kernel = kernel;
NameTag = conf.NameTag;
Conf = conf;
_oneBind = oneBind;
IsJp = kernel.IsJp();
//Ver6.1.6
Lang = new Lang(IsJp ? LangKind.Jp : LangKind.En, "Server" + conf.NameTag);
CheckLang();//定義のテスト
//テスト用
if (Conf == null)
{
var optionSample = new OptionSample(kernel, "");
Conf = new Conf(optionSample);
Conf.Set("port", 9990);
Conf.Set("multiple", 10);
Conf.Set("acl", new Dat(new CtrlType[0]));
Conf.Set("enableAcl", 1);
Conf.Set("timeOut", 3);
}
//テスト用
if (_oneBind == null)
{
var ip = new Ip(IpKind.V4Localhost);
_oneBind = new OneBind(ip, ProtocolKind.Tcp);
}
Logger = kernel.CreateLogger(conf.NameTag, (bool)Conf.Get("useDetailsLog"), this);
_multiple = (int)Conf.Get("multiple");
//DHCPにはACLが存在しない
if (NameTag != "Dhcp")
{
//ACLリスト 定義が無い場合は、aclListを生成しない
var acl = (Dat)Conf.Get("acl");
AclList = new AclList(acl, (int)Conf.Get("enableAcl"), Logger);
}
Timeout = (int)Conf.Get("timeOut");
}