internal static void AdditionalCheck(string userName, HTTPCheckRoles rolesAllowed)
{
HTTPBasicAuthenticationHeader header = HTTPBasicAuthenticationHeader.GetFromWCF();
if (string.Compare(header.UserName, userName, true) != 0)
{
UserEntity e = new CriticalResultsEntityManager().GetUser(userName);
User u = new User(e);
u.ResolveRoles();
bool ok = false;
foreach (Role r in u.Roles)
{
object robj = Enum.Parse(typeof(HTTPCheckRoles), r.Name, true);
if (robj != null)
{
if (((HTTPCheckRoles)robj | rolesAllowed)!=0)
{
ok=true;
break;
}
}
}
if (!ok)
{
throw new SecurityException();
}
}
}
public static bool CheckToken(string userName, string tokenValue, string ipAddress, string method, bool refreshToken, out HTTPCheckRoles role)
{
role = 0;
ExpireAllTokensForUser(userName);
CriticalResultsEntityManager manager = new CriticalResultsEntityManager();
TokenEntity[] tokens = manager.GetTokensForUser(userName);
foreach (TokenEntity token in tokens)
{
if (token.Token == new Guid(tokenValue) && token.Ipv4 == ipAddress)
{
if (refreshToken)
token.UpdatedTime = DateTime.Now;
manager.SaveChanges();
foreach (RoleEntity re in token.User.Roles)
{
object r = Enum.Parse(typeof(HTTPCheckRoles), re.Name, true);
if (r != null)
{
role |= (HTTPCheckRoles)r;
}
}
return true;
}
}
return false;
}
public HTTPBasicChecker(IOperationInvoker parent, bool refreshToken, bool json, HTTPCheckRoles Roles)
{
this.Json = json;
this.RefreshToken = refreshToken;
this.parent = parent;
this.Roles = Roles;
}
