internal static void AdditionalCheck(string userName, HTTPCheckRoles rolesAllowed) { HTTPBasicAuthenticationHeader header = HTTPBasicAuthenticationHeader.GetFromWCF(); if (string.Compare(header.UserName, userName, true) != 0) { UserEntity e = new CriticalResultsEntityManager().GetUser(userName); User u = new User(e); u.ResolveRoles(); bool ok = false; foreach (Role r in u.Roles) { object robj = Enum.Parse(typeof(HTTPCheckRoles), r.Name, true); if (robj != null) { if (((HTTPCheckRoles)robj | rolesAllowed)!=0) { ok=true; break; } } } if (!ok) { throw new SecurityException(); } } }
public static bool CheckToken(string userName, string tokenValue, string ipAddress, string method, bool refreshToken, out HTTPCheckRoles role) { role = 0; ExpireAllTokensForUser(userName); CriticalResultsEntityManager manager = new CriticalResultsEntityManager(); TokenEntity[] tokens = manager.GetTokensForUser(userName); foreach (TokenEntity token in tokens) { if (token.Token == new Guid(tokenValue) && token.Ipv4 == ipAddress) { if (refreshToken) token.UpdatedTime = DateTime.Now; manager.SaveChanges(); foreach (RoleEntity re in token.User.Roles) { object r = Enum.Parse(typeof(HTTPCheckRoles), re.Name, true); if (r != null) { role |= (HTTPCheckRoles)r; } } return true; } } return false; }
public HTTPBasicChecker(IOperationInvoker parent, bool refreshToken, bool json, HTTPCheckRoles Roles) { this.Json = json; this.RefreshToken = refreshToken; this.parent = parent; this.Roles = Roles; }