private CustomIdentity PermissionFetch(Csla.Security.UsernameCriteria criteria) { CustomIdentity obj; using (var ctx = Csla.Data.ObjectContextManager <SecurityEntities> .GetManager("SecurityEntities")) { var q = (from r in ctx.ObjectContext.Users where r.Username == criteria.Username select r).FirstOrDefault(); if (q != null) { q.Roles.Load(); var roles = new List <string>(); var permissions = new List <string>(); foreach (var r in q.Roles) { roles.Add(r.Name); r.Permissions.Load(); foreach (var p in r.Permissions) { if (!permissions.Contains(p.Name)) { permissions.Add(p.Name); } } } obj = new CustomIdentity(q.Username, roles, permissions); } else { obj = new CustomIdentity(); } } return(obj); }
public void DataPortal_Create(Csla.Security.UsernameCriteria criteria) { RetrieverId = Guid.NewGuid(); CreatedUserId = Guid.Empty; WasSuccessful = false; using (var dalManager = DalFactory.GetDalManager()) { var customIdentityDal = dalManager.GetProvider <IUserDal>(); var result = customIdentityDal.AddUser(criteria); if (!result.IsSuccess) { Exception error = result.GetExceptionFromInfo(); if (error != null) { throw error; } else { throw new DataAccess.Exceptions.AddUserFailedException(result.Msg); } } CreatedUserId = result.Obj.Id; WasSuccessful = true; } }
public async Task AddUser() { #region Thinking var thinkingId = Guid.NewGuid(); History.Events.ThinkingAboutTargetEvent.Publish(thinkingId); #endregion var criteria = new Csla.Security.UsernameCriteria(NewUsername, NewPassword); try { var creator = await Business.NewUserCreator.CreateNewAsync(criteria); if (creator.WasSuccessful) { MessageBox.Show(string.Format(ViewViewModelResources.MessageNewUserAdded, NewUsername)); } else { MessageBox.Show(string.Format(ViewViewModelResources.ErrorMsgAddUserWasUnsuccessful, NewUsername)); } } finally { #region Thinked History.Events.ThinkedAboutTargetEvent.Publish(thinkingId); #endregion } }
public async Task TEST_ADD_20_RANDOM_USERS_RANDOM_PASSWORDS_MUST_CLEAN_SOLUTION_FIRST() { int numToDo = 20; int maxAttempts = 50; var creationAttempts = 0; var creationSuccesses = 0; var isAsyncComplete = false; var hasError = false; EnqueueConditional(() => isAsyncComplete); await Setup(); try { for (int i = 0; i < numToDo; i++) { string randomUsername = GenerateRandomUsername(); string randomPassword = GenerateRandomPassword(); var criteria = new Csla.Security.UsernameCriteria(randomUsername, randomPassword); try { creationAttempts++; var creator = await Business.NewUserCreator.CreateNewAsync(criteria); creationSuccesses++; } catch (Exception) { //Don't care about errors. //we just don't increment creationSuccesses } } } catch { hasError = true; } finally { EnqueueConditional(() => (creationSuccesses == numToDo) || (maxAttempts == creationAttempts)); EnqueueCallback( () => Assert.IsFalse(hasError), () => Assert.IsTrue(Csla.ApplicationContext.User.IsInRole(_TestRoleUser)), () => Assert.IsTrue(creationAttempts < maxAttempts), () => Assert.AreEqual(numToDo, creationSuccesses), () => Teardown() ); EnqueueTestComplete(); isAsyncComplete = true; } }
public CustomIdentity Fetch(Csla.Security.UsernameCriteria criteria) { if (string.IsNullOrEmpty(ConfigurationManager.AppSettings["CslaIsInRoleProvider"])) { return(DoFetch(criteria)); } else { return(PermissionFetch(criteria)); } }
public async void AddUser() { #region Thinking var thinkingId = Guid.NewGuid(); History.Events.ThinkingAboutTargetEvent.Publish(thinkingId); #endregion var criteria = new Csla.Security.UsernameCriteria(NewUsername, NewPassword); try { var result = await Business.NewUserCreator.CreateNewAsync(criteria); MessageBox.Show(string.Format(ViewViewModelResources.MessageNewUserAdded, NewUsername)); } catch (Exception ex) { } finally { #region Thinked History.Events.ThinkedAboutTargetEvent.Publish(thinkingId); #endregion } }
public Result <UserDto> AddUser(Csla.Security.UsernameCriteria criteria) { Result <UserDto> retResult = Result <UserDto> .Undefined(null); try { Common.CommonHelper.CheckAuthentication(); DalHelper.CheckAuthorizationToAddUser(); var userDto = AddUserImpl(criteria); if (userDto == null) { throw new Exception(); } retResult = Result <UserDto> .Success(userDto); } catch (Exception ex) { var wrapperEx = new Exceptions.AddUserFailedException(ex, criteria.Username); retResult = Result <UserDto> .FailureWithInfo(null, wrapperEx); } return(retResult); }
protected abstract UserDto AddUserImpl(Csla.Security.UsernameCriteria criteria);
public async Task TEST_LOGIN_ADMIN_ADD_USER_DELETE_USER_LOGOUT() { var newUserLoginWasSuccessful = false; //var newUserIsInUserRole = false; //ASSUME DELETED USER LOGIN IS SUCCESSFUL var deletedUserLoginWasSuccessful = true; Business.NewUserCreator creator = null; Business.DeleteUserReadOnly deleter = null; var isAsyncComplete = false; var hasError = false; EnqueueConditional(() => isAsyncComplete); await Setup(); try { //LOGIN AS THE ADMIN await UserPrincipal.LoginAsync(_TestValidUsernameAdmin, _TestValidPasswordAdmin); //CREATE THE USER var testNewUsername = "******"; var testNewUserPassword = "******"; var criteria = new Csla.Security.UsernameCriteria(testNewUsername, testNewUserPassword); creator = await Business.NewUserCreator.CreateNewAsync(criteria); //LOGOUT ADMIN UserPrincipal.Logout(); //LOGIN AS THE NEW USER await UserPrincipal.LoginAsync(testNewUsername, testNewUserPassword); //CONFIRM LOGIN newUserLoginWasSuccessful = Common.CommonHelper.CurrentUserIsAuthenticated(); //LOGOUT NEW USER UserPrincipal.Logout(); //LOG BACK IN AS ADMIN await UserPrincipal.LoginAsync(_TestValidUsernameAdmin, _TestValidPasswordAdmin); //DELETE THE USER deleter = await Business.DeleteUserReadOnly.CreateNewAsync(testNewUsername); //LOGOUT ADMIN AGAIN UserPrincipal.Logout(); //TRY TO LOG THE DELETED USER BACK IN, BUT SHOULD FAIL (BUT NOT THROW EXCEPTION) await UserPrincipal.LoginAsync(testNewUsername, testNewUserPassword); //THIS SHOULD BE FALSE. deletedUserLoginWasSuccessful = Common.CommonHelper.CurrentUserIsAuthenticated(); EnqueueTestComplete(); } catch { hasError = true; } finally { var adminRole = DataAccess.SeedData.Ton.AdminRoleText; EnqueueCallback( () => Assert.IsFalse(hasError), () => Assert.IsTrue(Csla.ApplicationContext.User.IsInRole(adminRole)), () => Assert.IsTrue(creator.WasSuccessful), () => Assert.IsTrue(deleter.WasSuccessful), () => Assert.IsFalse(deletedUserLoginWasSuccessful), () => Assert.IsFalse(Common.CommonHelper.CurrentUserIsAuthenticated()) ); EnqueueTestComplete(); Teardown(); isAsyncComplete = true; } }
public static async Task <NewUserCreator> CreateNewAsync(Csla.Security.UsernameCriteria criteria) { var result = await DataPortal.CreateAsync <NewUserCreator>(criteria); return(result); }
protected override UserDto AddUserImpl(Csla.Security.UsernameCriteria criteria) { var username = criteria.Username; var password = criteria.Password; UserDto retResult = null; //VALIDATE USERNAME bool usernameIsValid = CommonHelper.UsernameIsValid(username); if (!usernameIsValid) { throw new DataAccess.Exceptions.InvalidUsernameException(username); } //VALIDATE USER DOESN'T ALREADY EXIST if (SeedData.Ton.ContainsUsername(username)) { throw new DataAccess.Exceptions.UsernameAlreadyExistsException(username); } //VALIDATE PASSWORD bool passwordIsValid = CommonHelper.PasswordIsValid(password); if (!passwordIsValid) { throw new DataAccess.Exceptions.InvalidPasswordException(password); } //GENERATE UNIQUE SALT bool saltAlreadyExists = true; int salt = -1; Random r = new Random(DateTime.Now.Millisecond * DateTime.Now.Minute * DateTime.Now.Month); int maxTries = int.Parse(DalResources.MaxTriesGenerateSalt); int tries = 0; do { salt = r.Next(int.Parse(DataAccess.DalResources.MaxSaltValue)); saltAlreadyExists = SeedData.Ton.ContainsSalt(salt); tries++; if (tries > maxTries) { throw new DataAccess.Exceptions.GeneralDataAccessException("MaxTries for generating salt reached."); } } while (saltAlreadyExists); //GENERATE SALTEDHASHEDPASSWORD var saltedHashedPasswordObj = new Common.SaltedHashedPassword(password, salt); string saltedHashedPasswordString = saltedHashedPasswordObj.Value; //GET ROLEID FOR PLAIN USER (NOT ADMIN) var roleId = SeedData.Ton.UserRoleId; //CREATE ACTUAL USERDTO UserDto newUserDto = new UserDto() { Id = Guid.NewGuid(), Username = username, Salt = salt, SaltedHashedPasswordValue = saltedHashedPasswordString, RoleIds = new List <Guid>() { roleId } }; //ADD THE USER TO THE SEEDDATA (WE ARE IN THE MOCK DAL) SeedData.Ton.Users.Add(newUserDto); //ASSIGN SUCCESFUL RESULT WITH USERDTO retResult = newUserDto; //RETURN RESULT return(retResult); }
public async Task AddUser() { #region Thinking var thinkingId = Guid.NewGuid(); History.Events.ThinkingAboutTargetEvent.Publish(thinkingId); #endregion var criteria = new Csla.Security.UsernameCriteria(NewUsername, NewPassword); try { var creator = await Business.NewUserCreator.CreateNewAsync(criteria); if (creator.WasSuccessful) MessageBox.Show(string.Format(ViewViewModelResources.MessageNewUserAdded, NewUsername)); else MessageBox.Show(string.Format(ViewViewModelResources.ErrorMsgAddUserWasUnsuccessful, NewUsername)); } finally { #region Thinked History.Events.ThinkedAboutTargetEvent.Publish(thinkingId); #endregion } }
protected override UserDto AddUserImpl(Csla.Security.UsernameCriteria criteria) { var username = criteria.Username; var password = criteria.Password; //RECHECK AUTHORIZATION. DalHelper.CheckAuthorizationToAddUser(); //THIS FOR LOOP IS FOR RETRYING DUE TO EF DB DEADLOCK int maxTries = int.Parse(EfResources.MaxDeadlockAttempts); for (int i = 0; i < maxTries; i++) { try { using (var ctx = LearnLanguagesContextManager.Instance.GetManager()) { //VALIDATE USERNAME bool usernameIsValid = CommonHelper.UsernameIsValid(username); if (!usernameIsValid) { throw new DataAccess.Exceptions.InvalidUsernameException(username); } //VALIDATE USER DOESN'T ALREADY EXIST var alreadyExists = (from userData in ctx.ObjectContext.UserDatas where userData.Username == username select userData).Count() > 0; if (alreadyExists) { throw new DataAccess.Exceptions.UsernameAlreadyExistsException(username); } //VALIDATE PASSWORD bool passwordIsValid = CommonHelper.PasswordIsValid(password); if (!passwordIsValid) { throw new DataAccess.Exceptions.InvalidPasswordException(password); } //GENERATE UNIQUE SALT //bool saltAlreadyExists = true; int salt = -1; salt = EfHelper.GenerateNewUniqueSalt(ctx.ObjectContext); //Random r = new Random(DateTime.Now.Millisecond * DateTime.Now.Minute * DateTime.Now.Month); //int maxSaltTries = int.Parse(DalResources.MaxTriesGenerateSalt); //int tries = 0; //do //{ // salt = r.Next(int.Parse(DataAccess.DalResources.MaxSaltValue)); // saltAlreadyExists = (from userData in ctx.ObjectContext.UserDatas // where userData.Salt == salt // select userData).Count() > 0; // tries++; // if (tries > maxSaltTries) // throw new DataAccess.Exceptions.GeneralDataAccessException("MaxTries for generating salt reached."); //} while (saltAlreadyExists); //GENERATE SALTEDHASHEDPASSWORD var saltedHashedPasswordObj = new Common.SaltedHashedPassword(password, salt); string saltedHashedPasswordString = saltedHashedPasswordObj.Value; //GET ROLEID FOR PLAIN USER (NOT ADMIN) var userRoleData = (from roleData in ctx.ObjectContext.RoleDatas where roleData.Text == DalResources.RoleUser select roleData).First(); var roleId = userRoleData.Id; //CREATE NEW USERDATA var newUserData = ctx.ObjectContext.UserDatas.CreateObject(); //ASSIGN PROPERTIES newUserData.Username = username; newUserData.Salt = salt; newUserData.SaltedHashedPasswordValue = saltedHashedPasswordString; newUserData.RoleDatas.Add(userRoleData); //ADD TO CONTEXT ctx.ObjectContext.UserDatas.AddObject(newUserData); //SAVE CHANGES ctx.ObjectContext.SaveChanges(); //CREATE RETURN USERDTO var retUserDto = EfHelper.ToDto(newUserData); //RETURN IT, WE'RE DONE. return(retUserDto); } } catch (Exception ex) { if (ex is System.Data.EntityCommandExecutionException && ex.InnerException is System.Data.SqlClient.SqlException && ex.InnerException.Message.Contains("Rerun the transaction")) { //"Transaction (Process ID 55) was deadlocked on lock resources with another process and has been chosen as the deadlock victim. Rerun the transaction." //DO NOTHING IF THE ERROR IS A DEADLOCK. WE HAVE THIS IN A FOR LOOP THAT WILL RETRY UP TO A MAX NUMBER OF ATTEMPTS } else { #if DEBUG System.Diagnostics.Debugger.Break(); #endif //RETHROW THIS EXCEPTION throw; } } } //IF WE REACH THIS POINT, THEN WE HAVE TRIED OUR MAX TRIES AT BREAKING A SQL DEADLOCK. #if DEBUG //if (retRoles == null) System.Diagnostics.Debugger.Break(); #endif var errorMsg2 = string.Format(DalResources.ErrorMsgVeryBadException, DalResources.ErrorMsgVeryBadExceptionDetail_DeadlockRetriesExceededMaxTries); throw new Exceptions.VeryBadException(errorMsg2); }