static public void NewCode(Page page, Int64 entityId, out String error) { error = ""; try { if (entityId == 0) { return; } String code = GenerateCode(6); using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString())) using (DbParameterCollection par = new DbParameterCollection()) { par.Add("@code", typeof(String)).Value = code; par.Add("@entity_id", typeof(Int64)).Value = entityId; db.ExecuteNonQuery("update entity set recovery_code = @code where deleted = 0 and id = @entity_id and (recovery_code is null or ltrim(rtrim(recovery_code)) = '')", CommandType.Text, par); db.AddUserLog(LogKey.User_NewRecoveryCode, null, "AutoService", UserLogLevel.Info, 0, 0, 0, 0, 0, entityId, 0, MessageResource.GetMessage("new_recovery_code") + " (" + code + ")", "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} "); } } catch (Exception ex) { error = MessageResource.GetMessage("internal_error"); Tools.Tool.notifyException(ex, page); return; } finally { } }
protected void Page_Load(object sender, EventArgs e) { Request.InputStream.Position = 0; try { JSONRequest req = JSON.GetRequest(Request.InputStream); using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString())) { ProxyConfig config = new ProxyConfig(); config.GetDBConfig(db.Connection, ((EnterpriseData)Page.Session["enterprise_data"]).Id, req.host); if (config.fqdn != null) //Encontrou o proxy { //Limpa os certificados para não enviar config.server_cert = ""; config.server_pkcs12_cert = ""; config.client_cert = ""; db.ExecuteNonQuery("update proxy set last_sync = getdate(), address = '" + Tools.Tool.GetIPAddress() + "', config = 0 where id = " + config.proxyID, System.Data.CommandType.Text, null); ReturnHolder.Controls.Add(new LiteralControl(config.ToJsonString())); } else { db.AddUserLog(LogKey.API_Error, DateTime.Now, "ProxyAPI", UserLogLevel.Warning, 0, ((EnterpriseData)Page.Session["enterprise_data"]).Id, 0, 0, 0, 0, 0, "Proxy not found " + req.host, req.ToString()); } } } catch (Exception ex) { Tools.Tool.notifyException(ex, this); //throw ex; } }
private void ImportDelete(ProxyConfig config, JsonGeneric jData, FileInfo f, JSONRequest req, IAMDatabase db) { Int32 resourceCol = jData.GetKeyIndex("resource"); Int32 sourceCol = jData.GetKeyIndex("source"); Int32 uriCol = jData.GetKeyIndex("uri"); Int32 entityIdCol = jData.GetKeyIndex("entityid"); Int32 identityIdCol = jData.GetKeyIndex("identityid"); if (resourceCol == -1) { TextLog.Log("Inbound", "\t[ImportDelete] Erro on find column 'resource' in " + f.Name + " enterprise " + req.enterpriseid + " and proxy " + req.host); return; } if (sourceCol == -1) { TextLog.Log("Inbound", "\t[ImportDelete] Erro on find column 'source' in " + f.Name + " enterprise " + req.enterpriseid + " and proxy " + req.host); return; } if (uriCol == -1) { TextLog.Log("Inbound", "\t[ImportDelete] Erro on find column 'uri' in " + f.Name + " enterprise " + req.enterpriseid + " and proxy " + req.host); return; } if (entityIdCol == -1) { TextLog.Log("Inbound", "\t[ImportDelete] Erro on find column 'entityId' in " + f.Name + " enterprise " + req.enterpriseid + " and proxy " + req.host); return; } if (identityIdCol == -1) { TextLog.Log("Inbound", "\t[ImportDelete] Erro on find column 'identityId' in " + f.Name + " enterprise " + req.enterpriseid + " and proxy " + req.host); return; } DateTime date = DateTime.Now; foreach (String[] dr in jData.data) { try { db.ExecuteNonQuery("update [identity] set deleted = 1, deleted_date = '" + date.ToString("o") + "' where id = " + dr[identityIdCol], CommandType.Text, null); } catch { } } #if DEBUG TextLog.Log("Inbound", "\t[ImportDelete] Changed " + jData.data.Count + " identities for deleted status in enterprise " + req.enterpriseid + " and proxy " + req.host); #endif jData = null; }
private void CheckSchedule(IAMDatabase db, Int64 scheduleId, Int64 resourcePluginId, Int64 resourceId, String jSonSchedule, DateTime next) { DateTime date = DateTime.Now; TimeSpan ts = date - new DateTime(1970, 01, 01); Schedule schedule = new Schedule(); try { schedule.FromJsonString(jSonSchedule); jSonSchedule = null; } catch { schedule.Dispose(); schedule = null; } if (schedule == null) { return; } //Check Start date TimeSpan stDateTs = next - new DateTime(1970, 01, 01); TextLog.Log("Dispatcher", "[" + resourceId + "] CheckSchedule> next " + next.ToString("yyyy-MM-dd HH:mm:ss")); TextLog.Log("Dispatcher", "[" + resourceId + "] CheckSchedule> Executa agora? " + (ts.TotalSeconds >= stDateTs.TotalSeconds)); if (ts.TotalSeconds >= stDateTs.TotalSeconds) //Data e hora atual maior ou igual a data que se deve iniciar { TextLog.Log("Dispatcher", "[" + resourceId + "] Starting execution"); try { using (IAMDeploy deploy = new IAMDeploy("Dispatcher", localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword)) deploy.DeployResourcePlugin(resourcePluginId); } catch (Exception ex) { TextLog.Log("Dispatcher", "[" + resourceId + "] Error on execution " + ex.Message); } finally { TextLog.Log("Dispatcher", "[" + resourceId + "] Execution completed"); //Agenda a próxima execução DateTime nextExecute = schedule.CalcNext(); db.ExecuteNonQuery("update resource_plugin_schedule set [next] = '" + nextExecute.ToString("yyyy-MM-dd HH:mm:ss") + "' where id = " + scheduleId, CommandType.Text, null); } } schedule.Dispose(); schedule = null; }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Boolean restart(IAMDatabase database, Dictionary <String, Object> parameters) { if (!parameters.ContainsKey("proxyid")) { Error(ErrorType.InvalidRequest, "Parameter proxyid is not defined.", "", null); return(false); } String proxy = parameters["proxyid"].ToString(); if (String.IsNullOrWhiteSpace(proxy)) { Error(ErrorType.InvalidRequest, "Parameter proxyid is not defined.", "", null); return(false); } Int64 proxyid = 0; try { proxyid = Int64.Parse(proxy); } catch { Error(ErrorType.InvalidRequest, "Parameter proxyid is not a long integer.", "", null); return(false); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@proxy_id", typeof(Int64)).Value = proxyid; DataTable dtProxy = database.ExecuteDataTable("select * from proxy p where (p.enterprise_id = @enterprise_id or p.enterprise_id = 0) and p.id = @proxy_id", CommandType.Text, par, null); if (dtProxy == null) { Error(ErrorType.InternalError, "", "", null); return(false); } if (dtProxy.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Proxy not found.", "", null); return(false); } database.ExecuteNonQuery("update proxy set restart = 1 where id = @proxy_id", CommandType.Text, par); database.AddUserLog(LogKey.Proxy_ResetRequest, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Proxy " + dtProxy.Rows[0]["name"] + " reset requested", ""); return(true); }
private void ImportRegistersStruct(ProxyConfig config, JsonGeneric jData, FileInfo f, JSONRequest req, IAMDatabase db) { Int32 resourcePluginCol = jData.GetKeyIndex("resource_plugin"); Int32 pkgCol = jData.GetKeyIndex("package"); if (resourcePluginCol == -1) { TextLog.Log("Inbound", "\t[ImportStruct] Erro on find column 'resource_plugin' in " + f.Name + " enterprise " + req.enterpriseid + " and proxy " + req.host); return; } if (pkgCol == -1) { TextLog.Log("Inbound", "\t[ImportStruct] Erro on find column 'package' in " + f.Name + " enterprise " + req.enterpriseid + " and proxy " + req.host); return; } //Realiza a importação no modelo BulkInsert por melhor desempenho do banco DataTable dtBulk = new DataTable(); dtBulk.Columns.Add(new DataColumn("date", typeof(DateTime))); dtBulk.Columns.Add(new DataColumn("file_name", typeof(String))); dtBulk.Columns.Add(new DataColumn("resource_plugin", typeof(Int64))); dtBulk.Columns.Add(new DataColumn("import_id", typeof(String))); dtBulk.Columns.Add(new DataColumn("package_id", typeof(String))); dtBulk.Columns.Add(new DataColumn("package", typeof(String))); foreach (String[] dr in jData.data) { PluginConnectorBaseImportPackageStruct pkg = JSON.DeserializeFromBase64 <PluginConnectorBaseImportPackageStruct>(dr[pkgCol]); dtBulk.Rows.Add(new Object[] { DateTime.Now, f.Name, dr[resourcePluginCol], pkg.importId, pkg.pkgId, JSON.Serialize2(pkg) }); } db.BulkCopy(dtBulk, "collector_imports_struct"); //Atualiza os registros importados deste arquivo para liberar o processamento //Isso avisa o sistema que estes registros estão livres para processamento db.ExecuteNonQuery("update collector_imports_struct set status = 'F' where [file_name] = '" + f.Name + "'", CommandType.Text, null); #if DEBUG TextLog.Log("Inbound", "\t[ImportStruct] Imported " + dtBulk.Rows.Count + " registers for enterprise " + req.enterpriseid + " and proxy " + req.host); #endif dtBulk.Dispose(); dtBulk = null; jData = null; }
public static void UpdateUri(Page page) { if (page.Session["Uri"] == null) { Int64 enterpriseId = 0; if ((page.Session["enterprise_data"]) != null && (page.Session["enterprise_data"] is EnterpriseData)) { enterpriseId = ((EnterpriseData)page.Session["enterprise_data"]).Id; } if (enterpriseId == 0) { return; } IAMDatabase database = new IAMDatabase(IAMDatabase.GetWebConnectionString()); try { Uri url = new Uri((page.Request.Params["HTTPS"].ToLower() == "on" ? "https://" : "http://") + page.Request.Params["HTTP_HOST"]); //Se for localhost ignora a requisição if (url.Host.ToLower() == "localhost") { return; } try { System.Net.IPAddress ip = System.Net.IPAddress.Parse(url.Host); //Se é IP (não ocorrer o exception), ignora a requisição return; } catch { } database.ExecuteNonQuery("update [enterprise] set last_uri = '" + url.AbsoluteUri + "' where id = " + enterpriseId); page.Session["Uri"] = url; } catch { page.Session["Uri"] = null; } } }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Boolean delete(IAMDatabase database, Dictionary <String, Object> parameters) { if (!parameters.ContainsKey("fieldid")) { Error(ErrorType.InvalidRequest, "Parameter fieldid is not defined.", "", null); return(false); } String field = parameters["fieldid"].ToString(); if (String.IsNullOrWhiteSpace(field)) { Error(ErrorType.InvalidRequest, "Parameter fieldid is not defined.", "", null); return(false); } Int64 fieldid = 0; try { fieldid = Int64.Parse(field); } catch { Error(ErrorType.InvalidRequest, "Parameter fieldid is not a long integer.", "", null); return(false); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@field_id", typeof(Int64)).Value = fieldid; DataTable dtField = database.ExecuteDataTable("select f.*, qty = (select COUNT(*) from resource_plugin rp with(nolock) where name_field_id = f.id or mail_field_id = f.id or login_field_id = f.id) + (select COUNT(*) from resource_plugin_mapping rpm with(nolock) where rpm.field_id = f.id) from field f with(nolock) where f.enterprise_id = @enterprise_id and f.id = @field_id", CommandType.Text, par, null); if (dtField == null) { Error(ErrorType.InternalError, "", "", null); return(false); } if (dtField.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Field not found.", "", null); return(false); } //Verifica se está sendo usado if ((Int32)dtField.Rows[0]["qty"] > 0) { Error(ErrorType.SystemError, "Field is being used and can not be deleted.", "", null); return(false); } database.ExecuteNonQuery("delete from field where id = @field_id", CommandType.Text, par); database.AddUserLog(LogKey.Field_Deleted, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Field " + dtField.Rows[0]["name"] + " deleted", ""); return(true); }
private void CheckSchedule(IAMDatabase db, Int64 scheduleId, Int64 reportId, String jSonSchedule, DateTime next) { DateTime date = DateTime.Now; TimeSpan ts = date - new DateTime(1970, 01, 01); Schedule schedule = new Schedule(); try { schedule.FromJsonString(jSonSchedule); } catch { schedule = null; } if (schedule == null) { return; } //Check Start date TimeSpan stDateTs = next - new DateTime(1970, 01, 01); if (ts.TotalSeconds >= stDateTs.TotalSeconds) //Data e hora atual maior ou igual a data que se deve iniciar { TextLog.Log("Report", "[" + reportId + "] Starting execution"); try { BuildReport(reportId); } catch (Exception ex) { TextLog.Log("Report", "[" + reportId + "] Error on execution " + ex.Message); } finally { TextLog.Log("Report", "[" + reportId + "] Execution completed"); //Agenda a próxima execução DateTime calcNext = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, schedule.TriggerTime.Hour, schedule.TriggerTime.Minute, 0); DateTime nextExecute = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, DateTime.Now.Hour, DateTime.Now.Minute, 0); switch (schedule.Trigger) { case ScheduleTtiggers.Dialy: calcNext = calcNext.AddDays(1); break; case ScheduleTtiggers.Monthly: calcNext = calcNext.AddMonths(1); break; case ScheduleTtiggers.Annually: calcNext = calcNext.AddYears(1); break; } //TextLog.Log("PluginStarter", "Calc 1 " + calcNext.ToString("yyyy-MM-dd HH:mm:ss")); if (schedule.Repeat > 0) { if (nextExecute.AddMinutes(schedule.Repeat).CompareTo(calcNext) < 0) { nextExecute = nextExecute.AddMinutes(schedule.Repeat); //TextLog.Log("PluginStarter", "Calc 2 " + nextExecute.ToString("yyyy-MM-dd HH:mm:ss")); } else { nextExecute = calcNext; } } else { nextExecute = calcNext; } db.ExecuteNonQuery("update report_schedule set [next] = '" + nextExecute.ToString("yyyy-MM-dd HH:mm:ss") + "' where id = " + scheduleId, CommandType.Text, null); } } }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Boolean deleteuser(IAMDatabase database, Dictionary <String, Object> parameters) { if (!parameters.ContainsKey("roleid")) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(false); } String role = parameters["roleid"].ToString(); if (String.IsNullOrWhiteSpace(role)) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(false); } Int64 roleid = 0; try { roleid = Int64.Parse(role); } catch { Error(ErrorType.InvalidRequest, "Parameter roleid is not a long integer.", "", null); return(false); } String user = parameters["userid"].ToString(); if (String.IsNullOrWhiteSpace(user)) { Error(ErrorType.InvalidRequest, "Parameter userid is not defined.", "", null); return(false); } Int64 userid = 0; try { userid = Int64.Parse(user); } catch { Error(ErrorType.InvalidRequest, "Parameter userid is not a long integer.", "", null); return(false); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@role_id", typeof(Int64)).Value = roleid; par.Add("@entity_id", typeof(Int64)).Value = userid; DataTable dtUsers = database.ExecuteDataTable("select c.enterprise_id, r.name as role_name, ir.*, i.entity_id from role r inner join context c with(nolock) on c.id = r.context_id left join identity_role ir on r.id = ir.role_id left join [identity] i with(nolock) on ir.identity_id = i.id and i.entity_id = @entity_id where c.enterprise_id = @enterprise_id and r.id = @role_id", CommandType.Text, par, null); if (dtUsers == null) { Error(ErrorType.InternalError, "", "", null); return(false); } if (dtUsers.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Role not found.", "", null); return(false); } foreach (DataRow dr in dtUsers.Rows) { if ((dr["identity_id"] != DBNull.Value) && (dr["entity_id"] != DBNull.Value)) { database.AddUserLog(LogKey.User_IdentityRoleUnbind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, (Int64)dr["entity_id"], (Int64)dr["identity_id"], "Identity unbind to role " + dr["role_name"], ""); database.ExecuteNonQuery("delete from identity_role where role_id = @role_id and identity_id = " + dr["identity_id"], CommandType.Text, par); database.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + dr["entity_id"] + ")", CommandType.Text, null, null); } } return(true); }
protected void Page_Load(object sender, EventArgs e) { WebJsonResponse ret = null; try { Int64 enterpriseID = ((EnterpriseData)Page.Session["enterprise_data"]).Id; Int64 entityId = 0; String err = ""; String password = Tools.Tool.TrataInjection(Request["password"]); String password2 = Request["password2"]; if ((password == null) || (password == "")) { ret = new WebJsonResponse("", MessageResource.GetMessage("type_password"), 3000, true); } else if ((password2 == null) || (password2 == "")) { ret = new WebJsonResponse("", MessageResource.GetMessage("type_password_confirm"), 3000, true); } else if (password != password2) { ret = new WebJsonResponse("", MessageResource.GetMessage("password_not_equal"), 3000, true); } else { Int64 enterpriseId = 0; if ((Page.Session["enterprise_data"]) != null && (Page.Session["enterprise_data"] is EnterpriseData) && (((EnterpriseData)Page.Session["enterprise_data"]).Id != null)) { enterpriseId = ((EnterpriseData)Page.Session["enterprise_data"]).Id; } String code = ""; if (Session["entityId"] != null) { entityId = (Int64)Session["entityId"]; } if (Session["userCode"] != null) { code = Session["userCode"].ToString(); } if ((entityId > 0) && (code != "")) { using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString())) { UserPasswordStrength usrCheck = new UserPasswordStrength(db.Connection, entityId); UserPasswordStrengthResult check = usrCheck.CheckPassword(password); if (check.HasError) { if (check.NameError) { ret = new WebJsonResponse("", MessageResource.GetMessage("password_name_part"), 3000, true); } else { String txt = "* " + MessageResource.GetMessage("number_char") + ": " + (!check.LengthError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />"; txt += "* " + MessageResource.GetMessage("uppercase") + ": " + (!check.UpperCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />"; txt += "* " + MessageResource.GetMessage("lowercase") + ": " + (!check.LowerCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />"; txt += "* " + MessageResource.GetMessage("numbers") + ": " + (!check.DigitError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />"; txt += "* " + MessageResource.GetMessage("symbols") + ": " + (!check.SymbolError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")); ret = new WebJsonResponse("", MessageResource.GetMessage("password_complexity") + ": <br />" + txt, 5000, true); } } else { DataTable c = db.Select("select * from entity where deleted = 0 and id = " + entityId + " and recovery_code = '" + code + "'"); if ((c != null) && (c.Rows.Count > 0)) { using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(db.Connection, enterpriseId)) using (CryptApi cApi = new CryptApi(sk.ServerCert, Encoding.UTF8.GetBytes(password))) db.ExecuteNonQuery("update entity set password = '******', recovery_code = null, last_login = getdate(), change_password = getdate(), must_change_password = 0 where id = " + entityId, CommandType.Text, null); db.AddUserLog(LogKey.User_PasswordChanged, null, "AutoService", UserLogLevel.Info, 0, enterpriseId, 0, 0, 0, entityId, 0, "Password changed through recovery code", "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} "); //Cria o pacote com os dados atualizados deste usuário //Este processo vija agiliar a aplicação das informações pelos plugins db.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + entityId + ")", CommandType.Text, null); String html = ""; html += "<div class=\"login_form\">"; html += "<ul>"; html += " <li class=\"title\">"; html += " <strong>" + MessageResource.GetMessage("password_changed_sucessfully") + "</strong>"; html += " </li>"; html += " <li>"; html += " <p style=\"width:100%;padding:0 0 5px 0;color:#000;\">" + MessageResource.GetMessage("password_changed_text") + "</p>"; html += " </li>"; html += " <li>"; html += " <span class=\"forgot\"> <a href=\"/\">" + MessageResource.GetMessage("return_default") + "</a></span>"; html += " </li>"; html += "</ul> "; html += "</div>"; ret = new WebJsonResponse("#recover_container", html); } else { ret = new WebJsonResponse("", MessageResource.GetMessage("invalid_code"), 3000, true); } } } } else { ret = new WebJsonResponse("", MessageResource.GetMessage("invalid_session"), 3000, true); } } } catch (Exception ex) { Tools.Tool.notifyException(ex); throw ex; } if (ret != null) { ReturnHolder.Controls.Add(new LiteralControl(ret.ToJSON())); } }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Boolean adduser(IAMDatabase database, Dictionary <String, Object> parameters) { if (!parameters.ContainsKey("containerid")) { Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null); return(false); } String role = parameters["containerid"].ToString(); if (String.IsNullOrWhiteSpace(role)) { Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null); return(false); } String userid = parameters["userid"].ToString(); if (String.IsNullOrWhiteSpace(userid)) { Error(ErrorType.InvalidRequest, "Parameter userid is not defined.", "", null); return(false); } Int64 containerid = 0; try { containerid = Int64.Parse(role); } catch { Error(ErrorType.InvalidRequest, "Parameter containerid is not a long integer.", "", null); return(false); } List <Int64> users = new List <Int64>(); String[] t = userid.Split(",".ToCharArray()); foreach (String u in t) { try { Int64 tmp = Int64.Parse(u); users.Add(tmp); } catch { Error(ErrorType.InvalidRequest, "Parameter users is not a long integer.", "", null); return(false); } } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@container_id", typeof(Int64)).Value = containerid; DataTable dtUsers = database.ExecuteDataTable("select c.*, c1.enterprise_id, c1.name context_name, entity_qty = (select COUNT(distinct e.id) from entity e with(nolock) inner join entity_container ec with(nolock) on e.id = ec.entity_id where ec.container_id = c.id) from container c with(nolock) inner join context c1 with(nolock) on c1.id = c.context_id where c1.enterprise_id = @enterprise_id and c.id = @container_id order by c.name", CommandType.Text, par, null); if (dtUsers == null) { Error(ErrorType.InternalError, "", "", null); return(false); } if (dtUsers.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Container not found.", "", null); return(false); } try { SqlTransaction trans = (SqlTransaction)database.BeginTransaction(); foreach (Int64 u in users) { DbParameterCollection par2 = new DbParameterCollection(); par2.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par2.Add("@container_id", typeof(Int64)).Value = containerid; par2.Add("@entity_id", typeof(Int64)).Value = u; //Select all old containers DataTable drContainers = database.ExecuteDataTable("select c.* from entity_container e inner join container c on c.id = e.container_id where e.entity_id = @entity_id", CommandType.Text, par2, trans); if ((drContainers != null) && (drContainers.Rows.Count > 0)) { foreach (DataRow dr in drContainers.Rows) { if ((Int64)dr["id"] == containerid) { database.AddUserLog(LogKey.User_ContainerRoleUnbind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, u, 0, "Identity unbind to container " + dr["name"].ToString(), "", Acl.EntityId, trans); } } } DataTable dtRet = database.ExecuteDataTable("sp_insert_entity_to_container", CommandType.StoredProcedure, par2, trans); if ((dtRet != null) && (dtRet.Rows.Count > 0)) { database.AddUserLog(LogKey.User_ContainerRoleBind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, u, 0, "Identity bind to container " + dtRet.Rows[0]["name"].ToString(), "", Acl.EntityId, trans); database.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + u + ")", CommandType.Text, null, trans); } } database.Commit(); } catch (Exception ex) { database.Rollback(); Error(ErrorType.InvalidRequest, "Error on bind user to container", ex.Message, null); return(false); } return(true); }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Boolean delete(IAMDatabase database, Dictionary <String, Object> parameters) { if (!parameters.ContainsKey("containerid")) { Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null); return(false); } String container = parameters["containerid"].ToString(); if (String.IsNullOrWhiteSpace(container)) { Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null); return(false); } Int64 containerid = 0; try { containerid = Int64.Parse(container); } catch { Error(ErrorType.InvalidRequest, "Parameter containerid is not a long integer.", "", null); return(false); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@container_id", typeof(Int64)).Value = containerid; DataTable dtUsers = database.ExecuteDataTable("select c.*, entity_qty = (select COUNT(distinct e.id) from entity e with(nolock) inner join entity_container ec with(nolock) on e.id = ec.entity_id where ec.container_id = c.id), chield_qty = (select COUNT(distinct chield.id) from container chield with(nolock) where chield.parent_id = c.id) from container c with(nolock) inner join context c1 with(nolock) on c1.id = c.context_id where c1.enterprise_id = @enterprise_id and c.id = @container_id order by c.name", CommandType.Text, par, null); if (dtUsers == null) { Error(ErrorType.InternalError, "", "", null); return(false); } if (dtUsers.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Container not found.", "", null); return(false); } if ((Int32)dtUsers.Rows[0]["entity_qty"] > 0) { Error(ErrorType.InvalidRequest, "Container is not empty.", "", null); return(false); } if ((Int32)dtUsers.Rows[0]["chield_qty"] > 0) { Error(ErrorType.InvalidRequest, "Container has chield containers.", "", null); return(false); } database.ExecuteNonQuery("delete from container where id = @container_id", CommandType.Text, par); database.AddUserLog(LogKey.Context_Deleted, null, "API", UserLogLevel.Error, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Container " + dtUsers.Rows[0]["name"] + " deleted", ""); return(true); }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Dictionary <String, Object> change(IAMDatabase database, Dictionary <String, Object> parameters) { Dictionary <String, Object> result = new Dictionary <String, Object>(); if (!parameters.ContainsKey("roleid")) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(null); } String role = parameters["roleid"].ToString(); if (String.IsNullOrWhiteSpace(role)) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(null); } Int64 roleid = 0; try { roleid = Int64.Parse(role); } catch { Error(ErrorType.InvalidRequest, "Parameter roleid is not a long integer.", "", null); return(null); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@role_id", typeof(Int64)).Value = roleid; DataTable dtSysRole = database.ExecuteDataTable("select r.*, entity_qty = (select COUNT(distinct e.id) from sys_entity_role er inner join entity e with(nolock) on e.id = er.entity_id where er.role_id = r.id) from sys_role r WHERE r.enterprise_id = @enterprise_id and r.id = @role_id order by r.name", CommandType.Text, par, null); if (dtSysRole == null) { Error(ErrorType.InternalError, "", "", null); return(null); } if (dtSysRole.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "System role not found.", "", null); return(null); } List <String> log = new List <String>(); String updateSQL = ""; Boolean update = false; if (parameters["name"] != null) { String name = parameters["name"].ToString(); if (!String.IsNullOrWhiteSpace(name)) { par.Add("@name", typeof(String)).Value = name; if (updateSQL != "") { updateSQL += ", "; } updateSQL += " name = @name"; update = true; log.Add("Name changed from '" + dtSysRole.Rows[0]["name"] + "' to '" + name + "'"); } } if ((parameters["enterprise_admin"] != null) && (parameters["enterprise_admin"] is Boolean)) { par.Add("@enterprise_admin", typeof(Boolean)).Value = (Boolean)parameters["enterprise_admin"]; if (updateSQL != "") { updateSQL += ", "; } updateSQL += " ea = @enterprise_admin"; update = true; log.Add("Enterprise admin changed from '" + (Boolean)dtSysRole.Rows[0]["ea"] + "' to '" + (Boolean)parameters["enterprise_admin"] + "'"); } if (update) { updateSQL = "update sys_role set " + updateSQL + " where id = @role_id"; database.ExecuteNonQuery(updateSQL, CommandType.Text, par); database.AddUserLog(LogKey.SystemRole_Changed, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "System role changed", String.Join("\r\n", log)); } return(get(database, parameters)); }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Boolean deleteuser(IAMDatabase database, Dictionary <String, Object> parameters) { if (!parameters.ContainsKey("roleid")) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(false); } String role = parameters["roleid"].ToString(); if (String.IsNullOrWhiteSpace(role)) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(false); } Int64 roleid = 0; try { roleid = Int64.Parse(role); } catch { Error(ErrorType.InvalidRequest, "Parameter roleid is not a long integer.", "", null); return(false); } String user = parameters["userid"].ToString(); if (String.IsNullOrWhiteSpace(user)) { Error(ErrorType.InvalidRequest, "Parameter userid is not defined.", "", null); return(false); } Int64 userid = 0; try { userid = Int64.Parse(user); } catch { Error(ErrorType.InvalidRequest, "Parameter userid is not a long integer.", "", null); return(false); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@role_id", typeof(Int64)).Value = roleid; par.Add("@entity_id", typeof(Int64)).Value = userid; DataTable dtSysRole = database.ExecuteDataTable("select *, entity_qty = (select COUNT(distinct e.id) from sys_entity_role er inner join entity e with(nolock) on e.id = er.entity_id where er.role_id = r.id), last_admin = case when r.ea = 1 and not exists (select 1 from sys_role r1 where r1.enterprise_id = r.enterprise_id and r1.ea = 1 and r1.id <> r.id) then cast(1 as bit) else cast(0 as bit) end from sys_role r WHERE r.enterprise_id = @enterprise_id and r.id = @role_id and r.sa = 0", CommandType.Text, par, null); if (dtSysRole == null) { Error(ErrorType.InternalError, "", "", null); return(false); } if (dtSysRole.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "System role not found.", "", null); return(false); } DataTable dtSysRoleUsers = database.ExecuteDataTable("select e.id entity_id, r.* from entity e with(nolock) inner join sys_entity_role er on e.id = er.entity_id inner join sys_role r on r.id = er.role_id WHERE r.enterprise_id = @enterprise_id and r.id = @role_id", CommandType.Text, par, null); if (dtSysRoleUsers == null) { Error(ErrorType.InternalError, "", "", null); return(false); } if (dtSysRoleUsers.Rows.Count > 0) { if ((Boolean)dtSysRole.Rows[0]["last_admin"] && ((Int32)dtSysRole.Rows[0]["entity_qty"] == 1)) { Error(ErrorType.SystemError, "Entity " + dtSysRoleUsers.Rows[0]["name"] + " is a last user on a system role and this role is the last role with enterprise admin permission, can not be delete this user.", "", null); return(false); } database.ExecuteNonQuery("delete from sys_entity_role where role_id = @role_id and entity_id = @entity_id", CommandType.Text, par); foreach (DataRow dr in dtSysRoleUsers.Rows) { if (dr["entity_id"] != DBNull.Value) { database.AddUserLog(LogKey.User_SystemRoleUnbind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, (Int64)dr["entity_id"], 0, "Entity unbind to system role " + dtSysRole.Rows[0]["name"], ((Boolean)dtSysRole.Rows[0]["ea"] ? "Enterprise admin" : "")); } } } return(true); }
private void WatchdogTimerCallback(Object o) { IAMDatabase db = null; try { //check if we need to stop any service db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword); db.openDB(); db.Timeout = 600; //Limpa status lixo db.ExecuteNonQuery("delete from service_status where last_status < DATEADD(day,-15,getdate())"); //seleciona os servicos comproblema ou parados DataTable dtServices = db.Select("select * from service_status where started_at is null or last_status < DATEADD(hour,-1,getdate()) or case when started_at is null then cast(getdate() as date) else cast(started_at as date) end <> cast(getdate() as date)"); if (dtServices != null && dtServices.Rows.Count > 0) { foreach (DataRow dr in dtServices.Rows) { String svcName = dr["service_name"].ToString(); if (svcName.ToLower().IndexOf("watchdog") >= 0) { continue; } TextLog.Log("Watchdog", "Killing service '" + svcName + "'"); Killall(svcName); Killall("IAM" + svcName); } } db.closeDB(); } catch { } finally { if (db != null) { db.Dispose(); } db = null; } try { ServiceController[] services = ServiceController.GetServices(); foreach (ServiceController service in ServiceController.GetServices()) { try { switch (service.ServiceName.ToLower()) { case "iambackup": case "iamdispatcher": case "iamengine": case "iaminbound": case "iamreport": case "iamproxy": case "iammultiproxy": case "iammessenger": case "iamworkflowprocessor": StartupState stMode = StartMode(service.ServiceName); switch (stMode) { case StartupState.Automatic: if ((service.Status.Equals(ServiceControllerStatus.Stopped)) || (service.Status.Equals(ServiceControllerStatus.StopPending))) { TextLog.Log("Watchdog", "Starting service '" + service.DisplayName + "'"); service.Start(); try { db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword); db.openDB(); db.Timeout = 600; db.AddUserLog(LogKey.Watchdog, null, "Watchdog", UserLogLevel.Warning, 0, 0, 0, 0, 0, 0, 0, "Starting service '" + service.DisplayName + "'"); db.closeDB(); } catch { } finally { if (db != null) { db.Dispose(); } db = null; } } break; default: TextLog.Log("Watchdog", "Unknow action for service start mode '" + stMode.ToString() + "' for service '" + service.DisplayName + "'"); break; } break; } } catch (Exception ex) { TextLog.Log("Watchdog", "Erro ao processar o controle do serviço '" + service.DisplayName + "': " + ex.Message); } } } catch (Exception ex) { TextLog.Log("Watchdog", "Erro ao processar o controle dos serviços: " + ex.Message); } }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Dictionary <String, Object> change(IAMDatabase database, Dictionary <String, Object> parameters) { Dictionary <String, Object> result = new Dictionary <String, Object>(); if (!parameters.ContainsKey("enterpriseid")) { Error(ErrorType.InvalidRequest, "Parameter enterpriseid is not defined.", "", null); return(null); } String enterprise = parameters["enterpriseid"].ToString(); if (String.IsNullOrWhiteSpace(enterprise)) { Error(ErrorType.InvalidRequest, "Parameter enterpriseid is not defined.", "", null); return(null); } Int64 enterpriseid = 0; try { enterpriseid = Int64.Parse(enterprise); } catch { Error(ErrorType.InvalidRequest, "Parameter enterpriseid is not a long integer.", "", null); return(null); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = enterpriseid; DataTable dtEnterprise = database.ExecuteDataTable("select * from enterprise where id = @enterprise_id", CommandType.Text, par, null); if (dtEnterprise == null) { Error(ErrorType.InternalError, "", "", null); return(null); } if (dtEnterprise.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Enterprise not found.", "", null); return(null); } List <String> hosts = new List <String>(); Dictionary <String, String> pgValues = new Dictionary <string, string>(); Uri pluginUri = null; String updateSQL = "update enterprise set "; String updateFields = ""; Boolean update = false; Boolean updateHosts = false; Boolean updateAuthPars = false; foreach (String key in parameters.Keys) { switch (key.ToLower()) { case "name": String name = parameters["name"].ToString(); if (!String.IsNullOrWhiteSpace(name)) { par.Add("@name", typeof(String)).Value = name; if (updateFields != "") { updateFields += ", "; } updateFields += "name = @name"; update = true; } else { Error(ErrorType.InvalidRequest, "Parameter name is empty.", "", null); return(null); } break; case "auth_plugin": String auth_plugin = parameters["auth_plugin"].ToString(); if (!String.IsNullOrWhiteSpace(auth_plugin)) { try { Uri tmp = new Uri(auth_plugin); if (tmp.Scheme.ToLower() != "auth") { throw new Exception(); } } catch { Error(ErrorType.InvalidRequest, "Parameter auth_plugin is not a valid uri.", "", null); return(null); } try { AuthBase plugin = AuthBase.GetPlugin(new Uri(auth_plugin)); if (plugin == null) { throw new Exception(); } } catch { Error(ErrorType.InvalidRequest, MessageResource.GetMessage("invalid_auth_service"), "", null); break; } par.Add("@auth_plugin", typeof(String)).Value = auth_plugin; if (updateFields != "") { updateFields += ", "; } updateFields += "auth_plugin = @auth_plugin"; update = true; } else { Error(ErrorType.InvalidRequest, "Parameter auth_plugin is empty.", "", null); return(null); } break; case "fqdn_alias": if (parameters[key] is ArrayList) { updateHosts = true; List <Object> ht = new List <Object>(); ht.AddRange(((ArrayList)parameters[key]).ToArray()); foreach (String host in ht) { if (!String.IsNullOrWhiteSpace(host)) { try { Uri tmp = new Uri("http://" + host); hosts.Add(host); } catch { Error(ErrorType.InvalidRequest, "Parameter fqdn_alias->" + host + " is not a valid hostname.", "", null); return(null); } } } } break; case "auth_paramters": if (parameters[key] is Dictionary <String, Object> ) { if (!parameters.ContainsKey("auth_plugin")) { Error(ErrorType.InvalidRequest, "Parameter auth_plugin is not defined.", "", null); return(null); } if (String.IsNullOrWhiteSpace(parameters["auth_plugin"].ToString())) { Error(ErrorType.InvalidRequest, "Parameter auth_plugin is not defined.", "", null); return(null); } try { Uri tmp = new Uri(parameters["auth_plugin"].ToString()); if (tmp.Scheme.ToLower() != "auth") { throw new Exception(); } } catch { Error(ErrorType.InvalidRequest, "Parameter auth_plugin is not a valid uri.", "", null); return(null); } AuthBase plugin = null; try { plugin = AuthBase.GetPlugin(new Uri(parameters["auth_plugin"].ToString())); if (plugin == null) { throw new Exception(); } } catch { Error(ErrorType.InvalidRequest, MessageResource.GetMessage("invalid_auth_service"), "", null); break; } pluginUri = plugin.GetPluginId(); updateAuthPars = true; Dictionary <String, Object> p1 = (Dictionary <String, Object>)parameters[key]; AuthConfigFields[] fields = plugin.GetConfigFields(); foreach (AuthConfigFields f in fields) { String value = ""; if (p1.ContainsKey(f.Key)) { value = p1[f.Key].ToString(); } if (!String.IsNullOrEmpty(value)) { pgValues.Add(f.Key, value); } if (f.Required && !pgValues.ContainsKey(f.Key)) { Error(ErrorType.InvalidRequest, MessageResource.GetMessage("required_field") + " " + f.Name, "", null); break; } } } break; } } if (update) { updateSQL += updateFields + " where id = @enterprise_id"; database.ExecuteNonQuery(updateSQL, CommandType.Text, par); } if (updateHosts) { foreach (String host in hosts) { if (!String.IsNullOrWhiteSpace(host)) { DbParameterCollection par1 = new DbParameterCollection(); par1.Add("@enterprise_id", typeof(Int64)).Value = enterpriseid; par1.Add("@fqdn", typeof(String)).Value = host; database.ExecuteNonQuery("insert into enterprise_fqdn_alias (enterprise_id, fqdn) select @enterprise_id, @fqdn where not exists (select 1 from enterprise_fqdn_alias where enterprise_id = @enterprise_id and fqdn = @fqdn) ", CommandType.Text, par1); } } database.ExecuteNonQuery("delete from enterprise_fqdn_alias where enterprise_id = @enterprise_id " + (hosts.Count > 0 ? " and fqdn not in ('" + String.Join("', '", hosts) + "')" : ""), CommandType.Text, par); } if (updateAuthPars) { database.ExecuteNonQuery("delete from enterprise_auth_par where enterprise_id = @enterprise_id and plugin = '" + pluginUri.AbsoluteUri + "'", CommandType.Text, par); foreach (String key in pgValues.Keys) { if (!String.IsNullOrWhiteSpace(pgValues[key])) { DbParameterCollection par1 = new DbParameterCollection(); par1.Add("@enterprise_id", typeof(Int64)).Value = enterpriseid; par1.Add("@plugin", typeof(String)).Value = pluginUri.AbsoluteUri; par1.Add("@key", typeof(String)).Value = key; par1.Add("@value", typeof(String)).Value = pgValues[key]; database.ExecuteNonQuery("insert into enterprise_auth_par (enterprise_id, plugin,[key],[value]) VALUES(@enterprise_id, @plugin, @key, @value)", CommandType.Text, par1); } } } //Atualiza a busca com os dados atualizados return(get(database, parameters)); }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Dictionary <String, Object> changepermissions(IAMDatabase database, Dictionary <String, Object> parameters) { Dictionary <String, Object> result = new Dictionary <String, Object>(); if (!parameters.ContainsKey("roleid")) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(null); } String role = parameters["roleid"].ToString(); if (String.IsNullOrWhiteSpace(role)) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(null); } Int64 roleid = 0; try { roleid = Int64.Parse(role); } catch { Error(ErrorType.InvalidRequest, "Parameter roleid is not a long integer.", "", null); return(null); } if (!parameters.ContainsKey("permissions")) { Error(ErrorType.InvalidRequest, "Parameter permissions is not defined.", "", null); return(null); } if (!(parameters["permissions"] is ArrayList)) { Error(ErrorType.InvalidRequest, "Parameter permissions is invalid.", "", null); return(null); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@role_id", typeof(Int64)).Value = roleid; DataTable dtSysRole = database.ExecuteDataTable("select r.*, entity_qty = (select COUNT(distinct e.id) from sys_entity_role er inner join entity e with(nolock) on e.id = er.entity_id where er.role_id = r.id) from sys_role r WHERE r.enterprise_id = @enterprise_id and r.id = @role_id order by r.name", CommandType.Text, par, null); if (dtSysRole == null) { Error(ErrorType.InternalError, "", "", null); return(null); } if (dtSysRole.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "System role not found.", "", null); return(null); } SqlTransaction trans = (SqlTransaction)database.BeginTransaction(); try { List <String> log = new List <String>(); List <String> perList = new List <String>(); List <Object> lst = new List <Object>(); lst.AddRange(((ArrayList)parameters["permissions"]).ToArray()); foreach (String p in lst) { try { Int64 permissionid = Int64.Parse(p); //Verifica se a permissão existe DataTable dtP = database.ExecuteDataTable("select p.*, m.name module_name, sm.name submodule_name, sm.[api_module] + '.' + p.[key] api_key from sys_permission p inner join sys_sub_module sm on sm.id = p.submodule_id inner join sys_module m on m.id = sm.module_id WHERE p.id = " + p, CommandType.Text, null, trans); if ((dtP == null) || (dtP.Rows.Count == 0)) { Error(ErrorType.InvalidRequest, "Permission '" + p + "' not found.", "", null); return(null); } database.ExecuteNonQuery("insert into sys_role_permission (role_id, permission_id) select @role_id, " + dtP.Rows[0]["id"] + " WHERE not exists(select 1 from sys_role_permission where role_id = @role_id and permission_id = " + dtP.Rows[0]["id"] + ")", CommandType.Text, par, trans); perList.Add(dtP.Rows[0]["id"].ToString()); log.Add("Permission linked: " + dtP.Rows[0]["module_name"] + " => " + dtP.Rows[0]["api_key"]); } catch { Error(ErrorType.InvalidRequest, "Permission '" + p + "' is not a long integer.", "", null); return(null); } } //Exclui todas as outras não listadas database.ExecuteNonQuery("delete from sys_role_permission WHERE role_id = @role_id and permission_id not in (" + String.Join(",", perList) + ")", CommandType.Text, par, trans); database.AddUserLog(LogKey.SystemRolePermission_Changed, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "System role permissions changed", String.Join("\r\n", log), trans); trans.Commit(); trans = null; } finally { if (trans != null) { trans.Rollback(); } } Dictionary <String, Object> parR = new Dictionary <string, object>(); parR.Add("roleid", roleid); parR.Add("permissions", true); return(get(database, parR)); }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Dictionary <String, Object> change(IAMDatabase database, Dictionary <String, Object> parameters) { Dictionary <String, Object> result = new Dictionary <String, Object>(); if (!parameters.ContainsKey("containerid")) { Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null); return(null); } String container = parameters["containerid"].ToString(); if (String.IsNullOrWhiteSpace(container)) { Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null); return(null); } Int64 containerid = 0; try { containerid = Int64.Parse(container); } catch { Error(ErrorType.InvalidRequest, "Parameter containerid is not a long integer.", "", null); return(null); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@container_id", typeof(Int64)).Value = containerid; DataTable dtUsers = database.ExecuteDataTable("select c.* from container c with(nolock) inner join context c1 with(nolock) on c1.id = c.context_id where c1.enterprise_id = @enterprise_id and c.id = @container_id order by c.name", CommandType.Text, par, null); if (dtUsers == null) { Error(ErrorType.InternalError, "", "", null); return(null); } if (dtUsers.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Container not found.", "", null); return(null); } String updateSQL = "update container set "; String updateFields = ""; Boolean update = false; foreach (String key in parameters.Keys) { switch (key.ToLower()) { case "name": String name = parameters["name"].ToString(); if (!String.IsNullOrWhiteSpace(name)) { par.Add("@name", typeof(String)).Value = name; if (updateFields != "") { updateFields += ", "; } updateFields += "name = @name"; update = true; } else { Error(ErrorType.InvalidRequest, "Parameter name is empty.", "", null); return(null); } break; case "parentid": Int64 parentid = 0; if (parameters.ContainsKey("parentid")) { try { parentid = Int64.Parse(parameters["parentid"].ToString()); } catch { Error(ErrorType.InvalidRequest, "Parameter parentid is not a long integer.", "", null); return(null); } } if (parentid > 0) { if (parentid == (Int64)dtUsers.Rows[0]["context_id"]) { Error(ErrorType.InvalidRequest, "Parent container can not be this container", "", null); return(null); } DataTable dtPar = database.ExecuteDataTable("select * from [container] c with(nolock) where c.id = " + parentid + " and c.context_id = " + dtUsers.Rows[0]["context_id"]); if ((dtPar == null) || (dtPar.Rows.Count == 0)) { Error(ErrorType.InvalidRequest, "Parent container is not a chield of this context", "", null); return(null); } } par.Add("@parent_id", typeof(Int64)).Value = parentid; if (updateFields != "") { updateFields += ", "; } updateFields += "parent_id = @parent_id"; update = true; break; } } if (update) { updateSQL += updateFields + " where id = @container_id"; database.ExecuteNonQuery(updateSQL, CommandType.Text, par); } //Atualiza a busca com os dados atualizados return(get(database, parameters)); }
private void WorkflowTimer(Object state) { if (executing) { return; } executing = true; startTime = DateTime.Now; try { IAMDatabase db = null; try { db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword); db.openDB(); db.Timeout = 900; DataTable dtRequests = db.ExecuteDataTable("select id, workflow_id from [st_workflow_request] r with(nolock) where r.deployed = 0 order by r.create_date"); if ((dtRequests != null) && (dtRequests.Rows.Count > 0)) { try { TextLog.Log("WorkflowProcessor", "Starting workflow processor timer"); foreach (DataRow dr in dtRequests.Rows) { try { WorkflowRequest request = new WorkflowRequest((Int64)dr["id"]); request.GetInicialData(db); WorkflowConfig workflow = new WorkflowConfig(); workflow.GetDatabaseData(db, (Int64)dr["workflow_id"]); switch (request.Status) { case WorkflowRequestStatus.Deny: case WorkflowRequestStatus.Expired: case WorkflowRequestStatus.UserCanceled: //Somente atualiza como deployed, para não ficar verificando db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); continue; break; case WorkflowRequestStatus.Waiting: //Verifica escalation DateTime escalation = request.ActivityCreated.AddDays(request.Activity.EscalationDays); DateTime expired = request.ActivityCreated.AddDays(request.Activity.ExpirationDays); if (expired.CompareTo(DateTime.Now) < 0) { request.SetStatus(db, WorkflowRequestStatus.Escalated, request.UserId); db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); } else if (escalation.CompareTo(DateTime.Now) < 0) { request.SetStatus(db, WorkflowRequestStatus.Escalated, request.UserId); db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); } break; case WorkflowRequestStatus.Escalated: //Verifica escalation DateTime expired2 = request.ActivityCreated.AddDays(request.Activity.ExpirationDays); if (expired2.CompareTo(DateTime.Now) < 0) { request.SetStatus(db, WorkflowRequestStatus.Expired, request.UserId); db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); } break; case WorkflowRequestStatus.Approved: //Somente executa alguma ação quando não há mais nenhuma atividade a ser executada if (request.NextActivity == null) { switch (workflow.AccessType) { case WorkflowAccessType.RoleGrant: WorkflowAccessRoleGrant rg = (WorkflowAccessRoleGrant)workflow.Access; //Seleciona todas as identidades do usuário e adiciona na role DataTable drIdent = db.ExecuteDataTable("select i.* from [identity] i with(nolock) inner join resource_plugin rp with(nolock) on i.resource_plugin_id = rp.id where rp.enable_import = 1 and rp.permit_add_entity = 1 and i.entity_id = " + request.UserId); if ((drIdent == null) || (drIdent.Rows.Count == 0)) { using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = "No inbound identity found for allow access"; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } else { //Lista o nome e id de todas as roles que serão utilizadas List <String> roleList = new List <String>(); foreach (Int64 r in rg.Roles) { roleList.Add(r.ToString()); } DataTable drRoles = db.ExecuteDataTable("select * from [role] where id in (" + String.Join(",", roleList) + ")"); if ((drRoles == null) || (drRoles.Rows.Count == 0)) { using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = "No role found for allow access"; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } else { String roleNames = ""; //Adiciona as roles foreach (DataRow dr2 in drIdent.Rows) { foreach (DataRow drRole in drRoles.Rows) { DbParameterCollection par = new DbParameterCollection(); par.Add("@identity_id", typeof(Int64)).Value = dr2["id"]; par.Add("@role_id", typeof(Int64)).Value = drRole["id"]; Boolean added = db.ExecuteScalar <Boolean>("sp_insert_identity_role", CommandType.StoredProcedure, par); if (added) { roleNames += drRole["name"] + Environment.NewLine; } } } if (roleNames != null) { db.AddUserLog(LogKey.User_IdentityRoleBind, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, request.UserId, 0, "Entity bind to roles by workflow access request", roleNames); } using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = "Entity bind to roles"; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } } db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); break; } } break; case WorkflowRequestStatus.Revoked: //Remove as permissões dadas switch (workflow.AccessType) { case WorkflowAccessType.RoleGrant: WorkflowAccessRoleGrant rg = (WorkflowAccessRoleGrant)workflow.Access; //Lista o nome e id de todas as roles que serão utilizadas List <String> roleList = new List <String>(); foreach (Int64 r in rg.Roles) { roleList.Add(r.ToString()); } String log = ""; DataTable drRoles = db.ExecuteDataTable("select distinct ir.*, r.name role_name from [role] r with(nolock) inner join identity_role ir with(nolock) on ir.role_id = r.id inner join [identity] i with(nolock) on ir.identity_id = i.id where i.entity_id = " + request.UserId + " and r.id in (" + String.Join(",", roleList) + ")"); if ((drRoles != null) && (drRoles.Rows.Count > 0)) { foreach (DataRow dr2 in drRoles.Rows) { log += "Identity unbind to role " + dr2["role_name"] + Environment.NewLine; db.AddUserLog(LogKey.User_IdentityRoleUnbind, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, request.UserId, (Int64)dr2["identity_id"], "Identity unbind to role " + dr2["role_name"]); db.ExecuteNonQuery("delete from identity_role where identity_id = " + dr2["identity_id"] + " and role_id = " + dr2["role_id"], CommandType.Text, null); } using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = log; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } else { using (DbParameterCollection par2 = new DbParameterCollection()) { par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId; par2.Add("@status", typeof(String)).Value = (Int32)request.Status; par2.Add("@description", typeof(String)).Value = "No permission to remove"; par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId; par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy; db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null); } } db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]); break; } break; case WorkflowRequestStatus.UnderReview: //Nada break; } } catch (Exception ex) { db.AddUserLog(LogKey.Workflow, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, 0, 0, "Workflow proccess error", ex.Message); } } } finally { if (db != null) { db.Dispose(); } TextLog.Log("WorkflowProcessor", "Finishing workflow processor timer"); } } db.closeDB(); } finally { if (db != null) { db.Dispose(); } } } catch (Exception ex) { TextLog.Log("WorkflowProcessor", "Error on message timer " + ex.Message); } finally { executing = false; last_status = ""; startTime = new DateTime(1970, 1, 1); } }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Boolean deleteallusers(IAMDatabase database, Dictionary <String, Object> parameters) { if (!parameters.ContainsKey("containerid")) { Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null); return(false); } String role = parameters["containerid"].ToString(); if (String.IsNullOrWhiteSpace(role)) { Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null); return(false); } Int64 containerid = 0; try { containerid = Int64.Parse(role); } catch { Error(ErrorType.InvalidRequest, "Parameter containerid is not a long integer.", "", null); return(false); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@container_id", typeof(Int64)).Value = containerid; DataTable dtUsers = database.ExecuteDataTable("select c.*, e.entity_id from entity_container e inner join container c on c.id = e.container_id inner join context c1 on c.context_id = c1.id where c1.enterprise_id = @enterprise_id and e.container_id = @container_id", CommandType.Text, par, null); if (dtUsers == null) { Error(ErrorType.InternalError, "", "", null); return(false); } if (dtUsers.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Container not found.", "", null); return(false); } database.ExecuteNonQuery("delete from entity_container where container_id = @container_id", CommandType.Text, par); foreach (DataRow dr in dtUsers.Rows) { if (dr["entity_id"] != DBNull.Value) { database.AddUserLog(LogKey.User_ContainerRoleUnbind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, (Int64)dr["entity_id"], 0, "Identity unbind to container " + dr["name"], ""); database.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + dr["entity_id"] + ")", CommandType.Text, null, null); } } return(true); }
public static LoginResult Grant(String service, String ticket, Boolean renew) { if (String.IsNullOrEmpty(ticket)) { return(new LoginResult(false, MessageResource.GetMessage("invalid_ticket"))); } DbParameterCollection par = null; using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString())) { try { par = new DbParameterCollection();; par.Add("@tgc", typeof(String), ticket.Length).Value = ticket.Trim(); par.Add("@svc", typeof(String), service.Length).Value = service.TrimEnd("/".ToCharArray()).Replace("https://", "//").Replace("http://", "//").Trim(); Int64 userId = 0; //Realiza a busca pelo ticket no mesmo serviço DataTable dt = db.ExecuteDataTable("select * from [cas_entity_ticket] t inner join [cas_service] s on t.service_id = s.id where t.expire_date > getdate() " + (renew ? " and create_by_credentials = 1 " : "") + " and s.service_uri = @svc and t.grant_ticket = @tgc", CommandType.Text, par); if ((dt != null) && (dt.Rows.Count > 0)) { //Atualiza a expiração //DB.ExecuteSQL("update cas_entity_ticket set expire_date = dateadd(day,1,getdate()) where entity_id = " + l.Id + " and service_id = " + tmp.Rows[0]["service_id"].ToString(), null, CommandType.Text); userId = (Int64)dt.Rows[0]["entity_id"]; } else { //Realiza a busca do ticket em outro serviço //Se existir copia o ticket para o serviço atual dt = db.ExecuteDataTable("select * from [cas_entity_ticket] t inner join [cas_service] s on t.service_id = s.id where t.expire_date > getdate() " + (renew ? " and create_by_credentials = 1 " : "") + " and t.grant_ticket = @tgc", CommandType.Text, par); if ((dt != null) && (dt.Rows.Count > 0)) { par.Add("@entity_id", typeof(Int64)).Value = (Int64)dt.Rows[0]["entity_id"]; par.Add("@grant_ticket", typeof(String), dt.Rows[0]["grant_ticket"].ToString().Length).Value = dt.Rows[0]["grant_ticket"].ToString().Trim(); par.Add("@long_ticket", typeof(String), dt.Rows[0]["long_ticket"].ToString().Length).Value = dt.Rows[0]["long_ticket"].ToString().Trim(); //Cria o ticket db.ExecuteNonQuery("insert into cas_entity_ticket ([entity_id],[service_id],[grant_ticket],[long_ticket],[create_by_credentials]) select @entity_id, s.id, @grant_ticket, @long_ticket, 0 from cas_service s where s.service_uri = @svc", CommandType.Text, par); userId = (Int64)dt.Rows[0]["entity_id"]; } else { return(new LoginResult(false, MessageResource.GetMessage("invalid_ticket"))); } } if (userId > 0) { LoginData l = new LoginData(); DataTable dtEntity = db.ExecuteDataTable("select distinct l.id, l.alias, l.full_name, l.login, l.enterprise_id, l.password, l.must_change_password, s.id as service_id, s.service_uri, et.grant_ticket, et.long_ticket from vw_entity_logins l inner join dbo.cas_entity_ticket et on et.entity_id = l.id inner join cas_service s on l.enterprise_id = s.enterprise_id and et.service_id = s.id where et.grant_ticket = @tgc and s.service_uri = @svc", CommandType.Text, par); if ((dtEntity != null) && (dtEntity.Rows.Count > 0)) { l.Alias = dtEntity.Rows[0]["alias"].ToString(); l.FullName = dtEntity.Rows[0]["full_name"].ToString(); l.Login = dtEntity.Rows[0]["login"].ToString(); l.Id = (Int64)dtEntity.Rows[0]["id"]; l.EnterpriseId = (Int64)dtEntity.Rows[0]["enterprise_id"]; l.CASGrantTicket = dtEntity.Rows[0]["grant_ticket"].ToString(); l.CASLongTicket = dtEntity.Rows[0]["long_ticket"].ToString(); return(new LoginResult(true, "User OK", (Boolean)dtEntity.Rows[0]["must_change_password"], l)); } } return(new LoginResult(false, MessageResource.GetMessage("invalid_ticket"))); } catch (Exception ex) { return(new LoginResult(false, "Internal error")); } finally { par = null; } } return(new LoginResult(false, MessageResource.GetMessage("invalid_ticket"))); }
protected void Page_Load(object sender, EventArgs e) { if (!EnterpriseIdentify.Identify(Page, false, true)) //Se houver falha na identificação da empresa finaliza a resposta { Page.Response.Status = "403 Access denied"; Page.Response.StatusCode = 403; Page.Response.End(); return; } else { String proxyName = ""; String version = ""; Int32 pid = 0; try { proxyName = Request.Headers["X-SAFEID-PROXY"]; } catch { } try { version = Request.Headers["X-SAFEID-VERSION"]; } catch { } try { pid = Int32.Parse(Request.Headers["X-SAFEID-PID"]); } catch { } if (String.IsNullOrEmpty(proxyName)) { Page.Response.Status = "403 Access denied"; Page.Response.StatusCode = 403; Page.Response.End(); return; } Int32 files = 0; Int32 rConfig = 0; Int32 fetch = 0; Boolean restart = false; try { using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString())) using (ServerDBConfig c = new ServerDBConfig(db.Connection)) { ProxyConfig config = new ProxyConfig(); config.GetDBConfig(db.Connection, ((EnterpriseData)Page.Session["enterprise_data"]).Id, proxyName); if (config.fqdn != null) //Encontrou o proxy { DirectoryInfo outDir = null; outDir = new DirectoryInfo(Path.Combine(c.GetItem("outboundFiles"), config.proxyID + "_" + config.proxy_name)); if (!outDir.Exists) { outDir.Create(); } files = outDir.GetDirectories().Length; if (config.forceDownloadConfig) { rConfig++; } //Verifica fetch try { fetch = db.ExecuteScalar <Int32>("select COUNT(*) from resource_plugin_fetch f with(nolock) inner join resource_plugin rp with(nolock) on rp.id = f.resource_plugin_id inner join resource r with(nolock) on r.id = rp.resource_id where f.response_date is null and proxy_id = " + config.proxyID, System.Data.CommandType.Text, null); } catch { } try { restart = db.ExecuteScalar <Boolean>("select restart from proxy where id = " + config.proxyID, System.Data.CommandType.Text, null); } catch { } try { db.ExecuteNonQuery("update proxy set restart = 0 where id = " + config.proxyID, System.Data.CommandType.Text, null); } catch { restart = false; } db.ExecuteNonQuery("update proxy set last_sync = getdate(), pid = " + pid + ", address = '" + Tools.Tool.GetIPAddress() + "', config = 0, version = '" + version + "' where id = " + config.proxyID, System.Data.CommandType.Text, null); } else { db.AddUserLog(LogKey.API_Error, DateTime.Now, "ProxyAPI", UserLogLevel.Warning, 0, ((EnterpriseData)Page.Session["enterprise_data"]).Id, 0, 0, 0, 0, 0, "Proxy not found " + proxyName); Page.Response.Status = "403 Access denied"; Page.Response.StatusCode = 403; return; } } } catch (Exception ex) { Tools.Tool.notifyException(ex, this); //throw ex; } Page.Response.HeaderEncoding = Encoding.UTF8; ReturnHolder.Controls.Add(new LiteralControl("{\"config\":" + rConfig + ",\"files\":" + files + ",\"fetch\":" + fetch + ",\"restart\":" + (restart ? "1" : "0") + "}")); } }
static public LoginResult Grant(Page page, String username, String password) { try { if ((username == null) || (username.Trim() == "") || (username == password) || (username.Trim() == "")) { return(new LoginResult(false, MessageResource.GetMessage("valid_username_pwd"))); } Int64 enterpriseId = 0; if ((page.Session["enterprise_data"]) != null && (page.Session["enterprise_data"] is EnterpriseData)) { enterpriseId = ((EnterpriseData)page.Session["enterprise_data"]).Id; } String svc = page.Request.QueryString["service"].TrimEnd("/".ToCharArray()).Replace("https://", "//").Replace("http://", "//").Trim(); DbParameterCollection par = new DbParameterCollection();; par.Add("@login", typeof(String), username.Length).Value = username; par.Add("@svc", typeof(String), svc.Length).Value = svc; using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString())) { DataTable tmp = db.ExecuteDataTable("select distinct l.id, l.alias, l.full_name, l.login, l.enterprise_id, l.password, l.must_change_password, s.id as service_id, c.service_uri, c.grant_ticket, c.long_ticket from vw_entity_logins l inner join cas_service s on l.enterprise_id = s.enterprise_id left join (select * from cas_entity_ticket c1 inner join cas_service s on s.id = c1.service_id) c on l.id = c.entity_id and c.service_uri = @svc where l.deleted = 0 and l.locked = 0 and (l.login = @login or l.value = @login) and s.service_uri = @svc", CommandType.Text, par); if ((tmp != null) && (tmp.Rows.Count > 0)) { foreach (DataRow dr in tmp.Rows) { using (SqlConnection conn = IAMDatabase.GetWebConnection()) using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(conn, enterpriseId)) using (CryptApi cApi = CryptApi.ParsePackage(sk.ServerPKCS12Cert, Convert.FromBase64String(dr["password"].ToString()))) if (Encoding.UTF8.GetString(cApi.clearData) == password) { //Realiza o login LoginData l = new LoginData(); l.Alias = tmp.Rows[0]["alias"].ToString(); l.FullName = tmp.Rows[0]["full_name"].ToString(); l.Login = tmp.Rows[0]["login"].ToString(); l.Id = (Int64)tmp.Rows[0]["id"]; l.EnterpriseId = (Int64)tmp.Rows[0]["enterprise_id"]; l.CASGrantTicket = CASTicket.Generate(); l.CASLongTicket = CASTicket.Generate(); if (tmp.Rows[0]["grant_ticket"] != DBNull.Value) { l.CASGrantTicket = tmp.Rows[0]["grant_ticket"].ToString(); } if (tmp.Rows[0]["long_ticket"] != DBNull.Value) { l.CASLongTicket = tmp.Rows[0]["long_ticket"].ToString(); } try { page.Response.Cookies.Remove("TGC-SafeID"); page.Response.Cookies.Remove("TGT-SafeID"); } catch { } try { //Adiciona o cookie do TGC HttpCookie cookie = new HttpCookie("TGC-SafeID"); //cookie.Domain = page.Request.Url.Host; cookie.Path = "/cas"; cookie.Value = l.CASGrantTicket; DateTime dtNow = DateTime.Now; TimeSpan tsMinute = new TimeSpan(30, 0, 0, 0); cookie.Expires = dtNow + tsMinute; //Adiciona o cookie page.Response.Cookies.Add(cookie); } catch { } try { //Adiciona o cookie do TGC HttpCookie cookie = new HttpCookie("TGT-SafeID"); //cookie.Domain = page.Request.Url.Host; cookie.Path = "/cas"; cookie.Value = l.CASLongTicket; DateTime dtNow = DateTime.Now; TimeSpan tsMinute = new TimeSpan(30, 0, 0, 0); cookie.Expires = dtNow + tsMinute; //Adiciona o cookie page.Response.Cookies.Add(cookie); } catch { } db.ExecuteNonQuery("update entity set last_login = getdate() where id = " + l.Id, CommandType.Text, null); if (tmp.Rows[0]["service_uri"] == DBNull.Value) { db.ExecuteNonQuery("insert into cas_entity_ticket ([entity_id],[service_id],[grant_ticket],[long_ticket],[create_by_credentials]) VALUES (" + l.Id + ", " + tmp.Rows[0]["service_id"].ToString() + ", '" + l.CASGrantTicket + "', '" + l.CASLongTicket + "',1)", CommandType.Text, null); } else { db.ExecuteNonQuery("update cas_entity_ticket set grant_ticket = '" + l.CASGrantTicket + "', long_ticket = '" + l.CASLongTicket + "', expire_date = dateadd(day,1,getdate()), create_by_credentials = 1 where entity_id = " + l.Id + " and service_id = " + tmp.Rows[0]["service_id"].ToString(), CommandType.Text, null); } db.AddUserLog(LogKey.User_Logged, null, "CAS", UserLogLevel.Info, 0, 0, 0, 0, 0, l.Id, 0, MessageResource.GetMessage("user_logged") + " " + Tools.Tool.GetIPAddress(), "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} "); return(new LoginResult(true, "User OK", (Boolean)tmp.Rows[0]["must_change_password"], l)); break; } else { db.AddUserLog(LogKey.User_WrongPassword, null, "CAS", UserLogLevel.Info, 0, 0, 0, 0, 0, (Int64)tmp.Rows[0]["id"], 0, MessageResource.GetMessage("user_wrong_password") + " " + Tools.Tool.GetIPAddress(), "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} "); } } return(new LoginResult(false, MessageResource.GetMessage("valid_username_pwd"))); } else { db.AddUserLog(LogKey.User_WrongUserAndPassword, null, "CAS", UserLogLevel.Info, 0, 0, 0, 0, 0, 0, 0, MessageResource.GetMessage("user_wrong_password") + " " + Tools.Tool.GetIPAddress(), "{ \"username\":\"" + username.Replace("'", "").Replace("\"", "") + "\", \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} "); return(new LoginResult(false, MessageResource.GetMessage("valid_username_pwd"))); } } } catch (Exception ex) { Tools.Tool.notifyException(ex, page); return(new LoginResult(false, "Internal error")); } finally { } }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Dictionary <String, Object> change(IAMDatabase database, Dictionary <String, Object> parameters) { Dictionary <String, Object> result = new Dictionary <String, Object>(); if (!parameters.ContainsKey("roleid")) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(null); } String role = parameters["roleid"].ToString(); if (String.IsNullOrWhiteSpace(role)) { Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null); return(null); } Int64 roleid = 0; try { roleid = Int64.Parse(role); } catch { Error(ErrorType.InvalidRequest, "Parameter roleid is not a long integer.", "", null); return(null); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@role_id", typeof(Int64)).Value = roleid; DataTable dtUsers = database.ExecuteDataTable("select r.*, c.enterprise_id, entity_qty = (select COUNT(distinct i.entity_id) from identity_role ir inner join [identity] i with(nolock) on ir.identity_id = i.id where ir.role_id = r.id) from role r inner join context c with(nolock) on c.id = r.context_id where c.enterprise_id = @enterprise_id and r.id = @role_id order by r.name", CommandType.Text, par, null); if (dtUsers == null) { Error(ErrorType.InternalError, "", "", null); return(null); } if (dtUsers.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Role not found.", "", null); return(null); } List <String> log = new List <String>(); String updateSQL = "update role set "; Boolean update = false; if (parameters["name"] != null) { String name = parameters["name"].ToString(); if (!String.IsNullOrWhiteSpace(name)) { par.Add("@name", typeof(String)).Value = name; updateSQL += "name = @name"; update = true; log.Add("Name changed from '" + dtUsers.Rows[0]["name"] + "' to '" + name + "'"); } } if (update) { updateSQL += " where id = @role_id"; database.ExecuteNonQuery(updateSQL, CommandType.Text, par); database.AddUserLog(LogKey.Role_Changed, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Role changed", String.Join("\r\n", log)); } //Atualiza a busca com os dados atualizados dtUsers = database.ExecuteDataTable("select r.*, c.enterprise_id, entity_qty = (select COUNT(distinct i.entity_id) from identity_role ir inner join [identity] i with(nolock) on ir.identity_id = i.id where ir.role_id = r.id) from role r inner join context c with(nolock) on c.id = r.context_id where c.enterprise_id = @enterprise_id and r.id = @role_id order by r.name", CommandType.Text, par, null); DataRow dr1 = dtUsers.Rows[0]; Dictionary <string, object> newItem = new Dictionary <string, object>(); newItem.Add("enterprise_id", dr1["enterprise_id"]); newItem.Add("role_id", dr1["id"]); newItem.Add("parent_id", dr1["parent_id"]); newItem.Add("context_id", dr1["context_id"]); newItem.Add("name", dr1["name"]); newItem.Add("entity_qty", dr1["entity_qty"]); newItem.Add("create_date", (dr1["create_date"] != DBNull.Value ? (Int32)((((DateTime)dr1["create_date"]) - new DateTime(1970, 1, 1)).TotalSeconds) : 0)); result.Add("info", newItem); return(result); }
private void startInstall() { Application.DoEvents(); Boolean success = false; txtCheckConfig.Text = "Iniciando instalação" + Environment.NewLine; IAMDatabase db = null; try { txtCheckConfig.Text += "Definindo variáveis de ambiente: "; Application.DoEvents(); DirectoryInfo appDir = new DirectoryInfo(Environment.CurrentDirectory); try { appDir = new DirectoryInfo(args[0]); } catch { } txtCheckConfig.Text += "OK" + Environment.NewLine; txtCheckConfig.Text += "\tDiretório de execução: " + appDir.FullName + Environment.NewLine; Application.DoEvents(); txtCheckConfig.Text += "Conectando no banco de dados: "; Application.DoEvents(); if (txtDatabase.Text.Trim().ToLower() == "master") { throw new Exception("Não pode ser utilizado a base de dados Master"); } db = new IAMDatabase(txtDbServer.Text, txtDatabase.Text, txtUsername.Text, txtPassword.Text); db.openDB(); txtCheckConfig.Text += "OK" + Environment.NewLine; Application.DoEvents(); //############################## //Estrutura de dados txtCheckConfig.Text += "Criando estrutura de dados: "; Application.DoEvents(); //Verifica se a base de dados está sendo utilizada Int64 tableCount = db.ExecuteScalar <Int64>("SELECT cast(COUNT(*) as bigint) FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = 'dbo'"); if (tableCount > 0) { if (MessageBox.Show("A base de dados " + txtDatabase.Text + " contém " + tableCount + " tabelas e aparentemente está sendo utilizado por outra aplicação.\r\n\r\nDeseja continuar a instalação nesta base?", "Deseja continuar a instalação?", MessageBoxButtons.YesNo, MessageBoxIcon.Question, MessageBoxDefaultButton.Button2) == System.Windows.Forms.DialogResult.No) { throw new Exception("Cancelado pelo usuário"); } } Object trans = db.BeginTransaction(); try { using (IAMDbInstall dbCreate = new IAMDbInstall(db)) dbCreate.Create(trans); db.Commit(); } catch (Exception ex) { db.Rollback(); throw ex; } txtCheckConfig.Text += "OK" + Environment.NewLine; Application.DoEvents(); //############################## //Verificvando existência de outras empresas txtCheckConfig.Text += "Verificando configuração existente: "; Int64 enterpriseCount = db.ExecuteScalar <Int64>("SELECT cast(COUNT(*) as bigint) FROM enterprise"); if (enterpriseCount > 0) { throw new Exception("Base de dados com informações de outras empresas."); } txtCheckConfig.Text += "OK" + Environment.NewLine; Application.DoEvents(); //############################## //Atualizando Base de dados txtCheckConfig.Text += "Atualizando base de dados: "; try { using (IAM.GlobalDefs.Update.IAMDbUpdate updt = new IAM.GlobalDefs.Update.IAMDbUpdate(txtDbServer.Text, txtDatabase.Text, txtUsername.Text, txtPassword.Text)) updt.Update(); txtCheckConfig.Text += "OK" + Environment.NewLine; Application.DoEvents(); } catch (Exception ex) { throw new Exception("Falha ao atualizar o banco de dados: " + ex.Message); } //############################## //Finalizando instalação txtCheckConfig.Text += "Configurando diretórios: "; Application.DoEvents(); db.ExecuteNonQuery("delete from server_config where data_name = 'pluginFolder'; insert into server_config (data_name, data_value) values ('pluginFolder','" + Path.Combine(appDir.FullName, "IAMServer\\Plugins") + "')"); db.ExecuteNonQuery("delete from server_config where data_name = 'inboundFiles'; insert into server_config (data_name, data_value) values ('inboundFiles','" + Path.Combine(appDir.FullName, "IAMServer\\In") + "')"); db.ExecuteNonQuery("delete from server_config where data_name = 'outboundFiles'; insert into server_config (data_name, data_value) values ('outboundFiles','" + Path.Combine(appDir.FullName, "IAMServer\\Out") + "')"); txtCheckConfig.Text += "OK" + Environment.NewLine; Application.DoEvents(); //############################## //Certificados e chaves de instalação txtCheckConfig.Text += "Gerando chave de instalação: "; Application.DoEvents(); using (ServerKey2 sk = new ServerKey2(db.Connection)) sk.RenewCert(db.Connection); txtCheckConfig.Text += "OK" + Environment.NewLine; Application.DoEvents(); //############################## //Criando a empresa txtCheckConfig.Text += "Criando empresa: "; Application.DoEvents(); Creator creator = new Creator(db, txtName.Text.Trim(), txtUri.Text.Trim(), "pt-BR"); creator.BuildCertificates(); creator.Commit(); txtCheckConfig.Text += "OK" + Environment.NewLine; Application.DoEvents(); //############################## //Criando a empresa txtCheckConfig.Text += "Criando arquivos de configuração: "; Application.DoEvents(); FileInfo serverFile = new FileInfo(Path.Combine(appDir.FullName, "IAMServer\\server.conf")); if (serverFile.Exists) { serverFile.Delete(); } WriteToFile(serverFile, "sqlserver=" + txtDbServer.Text.Trim() + Environment.NewLine); WriteToFile(serverFile, "sqldb=" + txtDatabase.Text.Trim() + Environment.NewLine); WriteToFile(serverFile, "sqlusername="******"sqlpassword="******"enginemaxthreads=30" + Environment.NewLine); //Web.config FileInfo webConfigFile = new FileInfo(Path.Combine(appDir.FullName, "IAMServer\\web\\web.config")); if (webConfigFile.Exists) { XmlDocument doc = new XmlDocument(); doc.Load(webConfigFile.FullName); //get root element System.Xml.XmlElement Root = doc.DocumentElement; XmlNode connectionStringsNode = Root["connectionStrings"]; foreach (XmlNode cs in connectionStringsNode.ChildNodes) { Boolean update = false; foreach (XmlAttribute att in cs.Attributes) { if (att.Name.ToLower() == "name" && att.Value.ToLower() == "iamdatabase") { update = true; } } if (update) { foreach (XmlAttribute att in cs.Attributes) { if (att.Name.ToLower() == "connectionstring") { att.Value = db.ConnectionString; } } } } doc.Save(webConfigFile.FullName); doc = null; } txtCheckConfig.Text += "OK" + Environment.NewLine; Application.DoEvents(); success = true; } catch (Exception ex) { success = false; txtCheckConfig.Text += "ERRO" + Environment.NewLine; txtCheckConfig.Text += "\t" + ex.Message + Environment.NewLine; Application.DoEvents(); return; } finally { if (db != null) { db.Dispose(); } if (!success) { txtCheckConfig.Text += Environment.NewLine + "PROCESSO ABORTADO!!!" + Environment.NewLine; btnBack.Enabled = true; btnBack.Visible = true; btnNext.Text = "&Avançar >"; btnCancel.Enabled = true; } else { txtCheckConfig.Text += Environment.NewLine + "Instalação realizada com sucesso." + Environment.NewLine; btnCancel.Text = "Finalizar"; btnCancel.Enabled = true; btnNext.Visible = false; step = WizardStep.Installed; } //Localiza e remove todos os arquivos .cer e .pfx deste diretório try { List <FileInfo> files = new List <FileInfo>(); try { files.AddRange(new DirectoryInfo(Environment.CurrentDirectory).GetFiles("*.cer")); files.AddRange(new DirectoryInfo(Environment.CurrentDirectory).GetFiles("*.pfx")); } catch { } try { System.Reflection.Assembly asm = System.Reflection.Assembly.GetAssembly(this.GetType()); files.AddRange(new DirectoryInfo(Path.GetDirectoryName(asm.Location)).GetFiles("*.cer")); files.AddRange(new DirectoryInfo(Path.GetDirectoryName(asm.Location)).GetFiles("*.pfx")); } catch { } foreach (FileInfo f in files) { try { f.Delete(); } catch { } } } catch { } } }
protected void Page_Load(object sender, EventArgs e) { String html = ""; String error = ""; LoginData login = LoginUser.LogedUser(this); if (login == null) { Response.Redirect(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath + "login2/", false); } else { html += "<form id=\"serviceLogin\" name=\"serviceLogin\" method=\"post\" action=\"" + Session["ApplicationVirtualPath"] + "login2/changepassword/\"><div class=\"login_form\">"; if (Request.HttpMethod == "POST") { try { String password = Tools.Tool.TrataInjection(Request["password"]); String password2 = Request["password2"]; if ((password == null) || (password == "")) { error = MessageResource.GetMessage("type_password"); } else if ((password2 == null) || (password2 == "")) { error = MessageResource.GetMessage("type_password_confirm"); } else if (password != password2) { error = MessageResource.GetMessage("password_not_equal"); } else { Int64 enterpriseId = 0; if ((Page.Session["enterprise_data"]) != null && (Page.Session["enterprise_data"] is EnterpriseData) && (((EnterpriseData)Page.Session["enterprise_data"]).Id != null)) { enterpriseId = ((EnterpriseData)Page.Session["enterprise_data"]).Id; } using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString())) { UserPasswordStrength usrCheck = new UserPasswordStrength(db.Connection, login.Id); UserPasswordStrengthResult check = usrCheck.CheckPassword(password); if (check.HasError) { if (check.NameError) { error = MessageResource.GetMessage("password_name_part"); } else { String txt = "* " + MessageResource.GetMessage("number_char") + ": " + (!check.LengthError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />"; txt += "* " + MessageResource.GetMessage("uppercase") + ": " + (!check.UpperCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />"; txt += "* " + MessageResource.GetMessage("lowercase") + ": " + (!check.LowerCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />"; txt += "* " + MessageResource.GetMessage("numbers") + ": " + (!check.DigitError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />"; txt += "* " + MessageResource.GetMessage("symbols") + ": " + (!check.SymbolError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")); error = MessageResource.GetMessage("password_complexity") + ": <br />" + txt; } } else { DataTable c = db.Select("select * from entity where deleted = 0 and id = " + login.Id); if ((c != null) && (c.Rows.Count > 0)) { //Verifica a senha atual using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(db.Connection, enterpriseId)) using (CryptApi cApi = CryptApi.ParsePackage(sk.ServerPKCS12Cert, Convert.FromBase64String(c.Rows[0]["password"].ToString()))) { using (SqlConnection conn1 = IAMDatabase.GetWebConnection()) using (EnterpriseKeyConfig sk1 = new EnterpriseKeyConfig(conn1, enterpriseId)) using (CryptApi cApi1 = new CryptApi(sk.ServerCert, Encoding.UTF8.GetBytes(password))) { DbParameterCollection pPar = new DbParameterCollection(); String b64 = Convert.ToBase64String(cApi1.ToBytes()); pPar.Add("@password", typeof(String), b64.Length).Value = b64; db.ExecuteNonQuery("update entity set password = @password, change_password = getdate() , recovery_code = null, must_change_password = 0 where id = " + login.Id, CommandType.Text, pPar); } db.AddUserLog(LogKey.User_PasswordChanged, null, "AutoService", UserLogLevel.Info, 0, enterpriseId, 0, 0, 0, login.Id, 0, "Password changed through logged user", "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} "); //Cria o pacote com os dados atualizados deste usuário //Este processo visa agiliar a aplicação das informações pelos plugins db.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + login.Id + ")", CommandType.Text, null); //Mata a sessão //Session.Abandon(); Response.Redirect(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath + "login2/passwordchanged/", false); } } else { error = MessageResource.GetMessage("internal_error"); } } } } } catch (Exception ex) { Tools.Tool.notifyException(ex); error = MessageResource.GetMessage("internal_error") + ": " + ex.Message; } } html += " <ul>"; html += " <li>"; html += " <p style=\"width:270px;padding:0 0 20px 0;color:#000;\">" + MessageResource.GetMessage("password_expired_text") + "</p>"; html += " </li>"; html += " <li>"; html += " <span class=\"inputWrap\">"; html += " <input type=\"password\" id=\"password\" tabindex=\"1\" name=\"password\" value=\"\" style=\"\" placeholder=\""+ MessageResource.GetMessage("new_password") + "\" onkeyup=\"cas.passwordStrength('#password');\" onfocus=\"$('#password').addClass('focus');\" onblur=\"$('#password').removeClass('focus');\" />"; html += " <span id=\"ph_passwordIcon\" onclick=\"$('#password').focus();\"></span>"; html += " </span>"; html += " </li>"; html += " <li>"; html += " <span class=\"inputWrap\">"; html += " <input type=\"password\" id=\"password2\" tabindex=\"1\" name=\"password2\" value=\"\" style=\"\" placeholder=\""+ MessageResource.GetMessage("new_password_confirm") + "\" onfocus=\"$('#password2').addClass('focus');\" onblur=\"$('#password2').removeClass('focus');\" />"; html += " <span id=\"ph_passwordIcon\" onclick=\"$('#password2').focus();\"></span>"; html += " </span>"; html += " </li>"; html += " <li>"; html += " <div id=\"passwordStrength\"><span>" + MessageResource.GetMessage("password_strength") + ": " + MessageResource.GetMessage("unknow") + "</span><div class=\"bar\"></div></div>"; html += " </li>"; if (error != "") { html += " <li><div class=\"error-box\">" + error + "</div>"; } html += " <li>"; html += " <span class=\"forgot\"> <a href=\"" + Session["ApplicationVirtualPath"] + "logout/\">" + MessageResource.GetMessage("cancel") + "</a> </span>"; html += " <button tabindex=\"4\" id=\"submitBtn\" class=\"action button floatright\">" + MessageResource.GetMessage("change_password") + "</button>"; html += " </li>"; html += " </ul>"; html += "</div></form>"; holderContent.Controls.Add(new LiteralControl(html)); } }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Boolean delete(IAMDatabase database, Dictionary <String, Object> parameters) { if (!parameters.ContainsKey("workflowid")) { Error(ErrorType.InvalidRequest, "Parameter workflowid is not defined.", "", null); return(false); } String plugin = parameters["workflowid"].ToString(); if (String.IsNullOrWhiteSpace(plugin)) { Error(ErrorType.InvalidRequest, "Parameter workflowid is not defined.", "", null); return(false); } Int64 workflowid = 0; try { workflowid = Int64.Parse(plugin); } catch { Error(ErrorType.InvalidRequest, "Parameter workflowid is not a long integer.", "", null); return(false); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@plugin_id", typeof(Int64)).Value = workflowid; DataTable dtPlugin = database.ExecuteDataTable("select p.*, resource_plugin_qty = (select COUNT(distinct rp1.plugin_id) from resource_plugin rp1 where rp1.plugin_id = p.id) from plugin p with(nolock) where p.enterprise_id = @enterprise_id and p.id = @plugin_id", CommandType.Text, par, null); if (dtPlugin == null) { Error(ErrorType.InternalError, "", "", null); return(false); } if (dtPlugin.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Plugin not found.", "", null); return(false); } //Verifica se está sendo usado if ((Int32)dtPlugin.Rows[0]["resource_plugin_qty"] > 0) { Error(ErrorType.SystemError, "Plugin is being used and can not be deleted.", "", null); return(false); } //Localiza o arquivo físico FileInfo assemblyFile = null; try { DirectoryInfo pluginsDir = null; pluginsDir = new DirectoryInfo(database.GetDBConfig("pluginFolder")); if (pluginsDir.Exists) { assemblyFile = new FileInfo(Path.Combine(pluginsDir.FullName, dtPlugin.Rows[0]["assembly"].ToString())); } } catch { assemblyFile = null; } if ((assemblyFile == null) || (!assemblyFile.Exists)) { Error(ErrorType.SystemError, "Plugin physical file not found.", "", null); return(false); } SqlTransaction trans = (SqlTransaction)database.BeginTransaction(); try { database.ExecuteNonQuery("delete from plugin where id = @plugin_id", CommandType.Text, par, trans); database.AddUserLog(LogKey.Plugin_Deleted, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Plugin " + dtPlugin.Rows[0]["name"] + " deleted", "", trans); assemblyFile.Delete(); trans.Commit(); } catch { trans.Rollback(); Error(ErrorType.SystemError, "Fail on delete physical file", "", null); return(false); } return(true); }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Dictionary <String, Object> change(IAMDatabase database, Dictionary <String, Object> parameters) { Dictionary <String, Object> result = new Dictionary <String, Object>(); if (!parameters.ContainsKey("fieldid")) { Error(ErrorType.InvalidRequest, "Parameter fieldid is not defined.", "", null); return(null); } String field = parameters["fieldid"].ToString(); if (String.IsNullOrWhiteSpace(field)) { Error(ErrorType.InvalidRequest, "Parameter fieldid is not defined.", "", null); return(null); } Int64 fieldid = 0; try { fieldid = Int64.Parse(field); } catch { Error(ErrorType.InvalidRequest, "Parameter fieldid is not a long integer.", "", null); return(null); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@field_id", typeof(Int64)).Value = fieldid; DataTable dtField = database.ExecuteDataTable("select * from field with(nolock) where enterprise_id = @enterprise_id and id = @field_id", CommandType.Text, par, null); if (dtField == null) { Error(ErrorType.InternalError, "", "", null); return(null); } if (dtField.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Field not found.", "", null); return(null); } List <String> log = new List <String>(); String updateSQL = ""; Boolean update = false; foreach (String key in parameters.Keys) { switch (key) { case "name": String name = parameters["name"].ToString(); if ((!String.IsNullOrWhiteSpace(name)) && (name != (String)dtField.Rows[0]["name"])) { DbParameterCollection par2 = new DbParameterCollection(); par2.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par2.Add("@field_name", typeof(String)).Value = name; DataTable dtF1 = database.ExecuteDataTable("select * from field with(nolock) where enterprise_id = @enterprise_id and name = @field_name", CommandType.Text, par2, null); if ((dtF1 != null) && (dtF1.Rows.Count > 0)) { Error(ErrorType.InvalidRequest, "Field with the same name already exists.", "", null); return(null); } par.Add("@name", typeof(String)).Value = name; if (updateSQL != "") { updateSQL += ", "; } updateSQL += " name = @name"; update = true; log.Add("Name changed from '" + dtField.Rows[0]["name"] + "' to '" + name + "'"); } break; case "data_type": String data_type = parameters["data_type"].ToString(); if ((!String.IsNullOrWhiteSpace(data_type)) && (data_type != (String)dtField.Rows[0]["data_type"])) { switch (data_type.ToLower()) { case "string": case "datetime": case "numeric": break; default: Error(ErrorType.InvalidRequest, "Data type is not recognized.", "", null); return(null); break; } par.Add("@data_type", typeof(String)).Value = data_type; if (updateSQL != "") { updateSQL += ", "; } updateSQL += " data_type = @data_type"; update = true; log.Add("Data type changed from '" + dtField.Rows[0]["data_type"] + "' to '" + data_type + "'"); } break; case "public_field": Boolean public_field = true; try { public_field = Boolean.Parse(parameters["public_field"].ToString()); } catch (Exception ex) { Error(ErrorType.InvalidRequest, "Parameter public_field is not a boolean.", "", null); return(null); } if (public_field != (Boolean)dtField.Rows[0]["public"]) { par.Add("@public_field", typeof(Boolean)).Value = public_field; if (updateSQL != "") { updateSQL += ", "; } updateSQL += " [public] = @public_field"; update = true; log.Add("Changed to a " + (public_field ? "" : "non ") + "field"); } break; case "user_field": Boolean user_field = true; try { user_field = Boolean.Parse(parameters["user_field"].ToString()); } catch (Exception ex) { Error(ErrorType.InvalidRequest, "Parameter user_field is not a boolean.", "", null); return(null); } if (user_field != (Boolean)dtField.Rows[0]["user"]) { par.Add("@user_field", typeof(Boolean)).Value = user_field; if (updateSQL != "") { updateSQL += ", "; } updateSQL += " [user] = @user_field"; update = true; log.Add("Changed to " + (user_field ? "an" : "a non ") + "user editable field"); } break; } } if (update) { updateSQL = "update field set " + updateSQL + " where id = @field_id"; database.ExecuteNonQuery(updateSQL, CommandType.Text, par); database.AddUserLog(LogKey.Field_Changed, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Field changed", String.Join("\r\n", log)); } //Atualiza a busca com os dados atualizados dtField = database.ExecuteDataTable("select * from field with(nolock) where enterprise_id = @enterprise_id and id = @field_id", CommandType.Text, par, null); DataRow dr1 = dtField.Rows[0]; Dictionary <string, object> newItem = new Dictionary <string, object>(); newItem.Add("enterprise_id", dr1["enterprise_id"]); newItem.Add("field_id", dr1["id"]); newItem.Add("data_type", dr1["data_type"]); newItem.Add("name", dr1["name"]); newItem.Add("public_field", dr1["public"]); newItem.Add("user_field", dr1["user"]); result.Add("info", newItem); return(result); }
/// <summary> /// Método privado para processamento do método 'user.resetpassword' /// </summary> /// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param> /// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param> private Dictionary <String, Object> change(IAMDatabase database, Dictionary <String, Object> parameters) { Dictionary <String, Object> result = new Dictionary <String, Object>(); if (!parameters.ContainsKey("workflowid")) { Error(ErrorType.InvalidRequest, "Parameter workflowid is not defined.", "", null); return(null); } String plugin = parameters["workflowid"].ToString(); if (String.IsNullOrWhiteSpace(plugin)) { Error(ErrorType.InvalidRequest, "Parameter workflowid is not defined.", "", null); return(null); } Int64 workflowid = 0; try { workflowid = Int64.Parse(plugin); } catch { Error(ErrorType.InvalidRequest, "Parameter workflowid is not a long integer.", "", null); return(null); } DbParameterCollection par = new DbParameterCollection(); par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId; par.Add("@workflow_id", typeof(Int64)).Value = workflowid; DataTable dtPlugin = database.ExecuteDataTable("select w.id, request_qty = (select COUNT(*) from st_workflow_request wr with(nolock) where wr.workflow_id = w.id) from st_workflow w with(nolock) inner join context c with(nolock) on c.id = w.context_id where c.enterprise_id = @enterprise_id and w.id = @workflow_id", CommandType.Text, par, null); if (dtPlugin == null) { Error(ErrorType.InternalError, "", "", null); return(null); } if (dtPlugin.Rows.Count == 0) { Error(ErrorType.InvalidRequest, "Workflow not found.", "", null); return(null); } String updateSQL = "update st_workflow set "; String updateFields = ""; Boolean update = false; Boolean disableTrigger = true; foreach (String key in parameters.Keys) { switch (key.ToLower()) { case "name": String name = parameters["name"].ToString(); if (!String.IsNullOrWhiteSpace(name)) { par.Add("@name", typeof(String)).Value = name; if (updateFields != "") { updateFields += ", "; } updateFields += "name = @name"; update = true; } else { Error(ErrorType.InvalidRequest, "Parameter name is empty.", "", null); return(null); } break; } } if (update) { updateSQL += updateFields + " where id = @workflow_id"; Object trans = database.BeginTransaction(); try { //Desabilita a trigger para evitar a criação de um novo workflow //Os campos alterados não interferem no funcionamento if (disableTrigger) { database.ExecuteNonQuery("DISABLE TRIGGER st_WorkflowUpdate ON st_workflow", CommandType.Text, null, trans); } database.ExecuteNonQuery(updateSQL, CommandType.Text, par, trans); if (disableTrigger) { database.ExecuteNonQuery("ENABLE TRIGGER st_WorkflowUpdate ON st_workflow", CommandType.Text, null, trans); } database.Commit(); } catch (Exception ex) { database.Rollback(); Error(ErrorType.InternalError, "Error updating workflow", ex.Message, null); return(null); } } //Atualiza a busca com os dados atualizados return(get(database, parameters)); }