public static void ValidateCanEditFlowById(NodeVisit visit, string flowId) { if (!visit.IsFlowPermittedById(flowId, FlowRoleType.Modify)) { ThrowInsuficientPrivileges(); } }
public void Delete(ConfigItem item, NodeVisit visit) { ValidateByRole(visit, SystemRoleType.Admin); if (!item.IsEditable) { throw new InvalidOperationException("The item cannot be saved since it is not editable."); } lock (_lockObject) { TransactionTemplate.Execute(delegate { _configDao.Delete(item.Id); lock (_lockObject) { if (_configItems.ContainsKey(item.Id.ToUpper())) { _configItems.Remove(item.Id.ToUpper()); } } ActivityManager.LogAudit(NodeMethod.None, null, visit, "{0} deleted configuration value: {1}.", visit.Account.NaasAccount, item.ToString()); return(null); }); } }
public static void ValidateCanViewFlowByName(NodeVisit visit, string flowName) { if (!visit.IsFlowPermittedByName(flowName, FlowRoleType.View)) { ThrowInsuficientPrivileges(); } }
public IList <ScheduledItemExecuteStatus> GetScheduledItemExecuteStatus(NodeVisit visit) { ValidateByRole(visit, SystemRoleType.Program); IList <ScheduledItemExecuteStatus> scheduledItemExecuteStatus = _scheduleDao.GetScheduledItemExecuteStatus(); return(FilterSchedulesForUser(visit, scheduledItemExecuteStatus)); }
public void Remove(UserAccount instance, NodeVisit visit) { try { ValidateByRole(visit, SystemRoleType.Admin); if (!CanRemoveUser(instance.NaasAccount, visit)) { throw new InvalidOperationException(string.Format("The user \"{0}\" cannot be removed from the node", instance.NaasAccount)); } TransactionTemplate.Execute(delegate { _accountDao.Delete(instance); ActivityManager.LogAudit(NodeMethod.None, null, visit, "{0} removed account: {1}.", visit.Account.NaasAccount, instance.ToString()); return(null); }); } catch (Exception e) { ActivityManager.LogError(NodeMethod.None, null, e, visit, "{0} failed to remove user account: {1}.", visit.Account.NaasAccount, instance.ToString()); throw; } }
public IList <DataFlow> GetFlows(NodeVisit visit, bool loadDataServices) { ValidateByRole(visit, SystemRoleType.Program); IList <DataFlow> flows = GetAllDataFlows(loadDataServices, false); return(FilterFlowsForUser(visit, flows)); }
public IList <DataFlow> GetProtectedFlows(NodeVisit visit, bool loadDataServices) { ValidateByRole(visit, SystemRoleType.Program); IList <DataFlow> flows = _flowDao.GetAllProtectedDataFlows(loadDataServices); return(FilterFlowsForUser(visit, flows)); }
public UserAccount Get(string username, NodeVisit visit) { try { if (visit != null) { ValidateByRole(visit, SystemRoleType.Program); } UserAccount account = _accountDao.GetByName(username); if (account == null) { throw new ArgumentException(string.Format("The user \"{0}\" was not found in the database", username)); } ActivityManager.LogAudit(NodeMethod.None, null, visit, "{0} got user account: {1}.", (visit != null) ? visit.Account.NaasAccount : null, account.ToString()); return(account); } catch (Exception e) { ActivityManager.LogError(NodeMethod.None, null, e, visit, "{0} failed to get user account: {1}.", (visit != null) ? visit.Account.NaasAccount : null, username); throw; } }
public IDictionary <string, SimpleListDisplayInfo> GetListInfo(NodeVisit visit) { ValidateByRole(visit, SystemRoleType.Program); Dictionary <string, SimpleListDisplayInfo> dict = new Dictionary <string, SimpleListDisplayInfo>(); IList <SimpleFlowNotification> flowNotifications = _notificationDao.GetAllSimpleFlowNotificationsForUsername(visit.Account.NaasAccount); if (!CollectionUtils.IsNullOrEmpty(flowNotifications)) { foreach (SimpleFlowNotification flowNotification in flowNotifications) { dict.Add(flowNotification.FlowCode, new SimpleListDisplayInfo(flowNotification.FlowCode, flowNotification.FlowDescription, flowNotification.NotificationType)); } } // Add in any missing flows IList <DataFlow> flows = _flowDao.GetAllDataFlows(false, false); if (!CollectionUtils.IsNullOrEmpty(flows)) { foreach (DataFlow flow in flows) { if (!dict.ContainsKey(flow.FlowName)) { dict.Add(flow.FlowName, new SimpleListDisplayInfo(flow.FlowName, flow.Description, NotificationType.None)); } } } FilterFlowsForUser(visit, dict); return(dict); }
public Activity GetActivityEntries(Activity activity, NodeVisit visit) { LogicAuditBaseManager.ValidateByRole(visit, SystemRoleType.Program); activity.Entries = _activityDao.GetActivityEntries(activity.Id); return(activity); }
public void Visit(AstNode node, NodeVisit cb) { if (node == null) { return; } //else VisitInfoTable[node.Key].Visit.Perform(node, cb); }
public void Visit(AstNode node, NodeVisit cb) { if (node == null) { return; } //else CurrentPolicy.Visit(node, cb); }
public string LogAudit(NodeMethod method, string flowName, string operation, string transactionId, NodeVisit visit, string messageFormat, params object[] args) { Activity activity = new Activity(method, flowName, operation, ActivityType.Audit, transactionId, (visit == null) ? string.Empty : visit.IP, messageFormat, args); activity.ModifiedById = (visit == null) ? AccountManager.AdminAccount.Id : visit.Account.Id; return(Log(activity)); }
/// <summary> /// Make a generic Endpoint visit /// </summary> /// <typeparam name="T"></typeparam> /// <param name="visit"></param> /// <returns>Activity</returns> protected void AuthenticateEndpointActivity(AuthEndpointVisit visit, ActivityType activityType, NodeMethod method, out NodeVisit nodeVisit, out string userToken, out Activity activity) { if (visit == null) { throw new ArgumentNullException("visit"); } activity = new Activity(method, null, null, activityType, null, visit.IP, "Visit from endpoint version {0} for method {1}.", visit.Version, method.ToString()); UserAccount userAccount = AccountManager.GetByName(visit.Credentials.UserName); if ((userAccount != null) && !userAccount.IsActive) { var message = string.Format("The user account \"{0}\" is not active on this node.", visit.Credentials.UserName); activity.AppendFormat(message); throw new ArgumentException(message); } activity.AppendFormat("Attempting to authenticate {0} from IP {1} using {2}.", visit.Credentials.UserName, visit.IP, visit.AuthMethod); // Get a token or fail trying userToken = AuthProvider.AuthenticateUser(visit.Credentials, visit.IP, visit.AuthMethod); activity.AppendFormat("Successfully authenticated {0} with user token {1}.", visit.Credentials.UserName, userToken); //Always returns an account bool wasCreated; userAccount = AccountManager.GetOrCreate(visit.Credentials.UserName, true, out wasCreated); //Update the activity to created by the current user activity.ModifiedById = userAccount.Id; IDictionary <string, string> flowsIdToNameMap = _flowManager.GetAllFlowsIdToNameMap(); nodeVisit = new NodeVisit(userAccount, visit.IP, flowsIdToNameMap); if (wasCreated) { activity.AppendFormat("Successfully created local user account for {0}.", visit.Credentials.UserName); } else { activity.AppendFormat("Successfully got local user account for {0}.", visit.Credentials.UserName); } }
public string LogError(NodeMethod method, string flowName, string operation, ActivityType type, Exception exception, NodeVisit visit, string messageFormat, params object[] args) { Activity activity = new Activity(method, flowName, operation, type, null, (visit == null) ? string.Empty : visit.IP, messageFormat, args); activity.ModifiedById = (visit == null) ? AccountManager.AdminAccount.Id : visit.Account.Id; activity.AppendFormat("EXCEPTION: {0}", ExceptionUtils.GetDeepExceptionMessage(exception)); return(Log(activity)); }
internal static bool CanEditAnyFlow() { NodeVisit adminVisit = VisitHelper.GetVisit(); if ((adminVisit != null) && (adminVisit.Account != null)) { return(adminVisit.CanEditAnyFlow()); } return(false); }
internal static bool CanViewFlowByName(string flowName) { NodeVisit adminVisit = VisitHelper.GetVisit(); if ((adminVisit != null) && (adminVisit.Account != null)) { return(adminVisit.IsFlowPermittedByName(flowName, FlowRoleType.View)); } return(false); }
internal static string GetCurrentUsername() { NodeVisit visit = VisitHelper.GetVisit(); if ((visit != null) && (visit.Account != null)) { return(visit.Account.NaasAccount); } return(null); }
internal static bool CanEditFlowById(string flowId) { NodeVisit adminVisit = VisitHelper.GetVisit(); if ((adminVisit != null) && (adminVisit.Account != null)) { return(adminVisit.IsFlowPermittedById(flowId, FlowRoleType.Modify)); } return(false); }
public int Compare(NodeVisit x, NodeVisit y) { var result = x.EstimatedArrivalAtDestination.CompareTo(y.EstimatedArrivalAtDestination); if (result == 0) { result = network.GetNodeId(x.Node).CompareTo(network.GetNodeId(y.Node)); } return(result); }
public void Delete(DataProviderInfo instance, NodeVisit visit) { ValidateByRole(visit, SystemRoleType.Admin); TransactionTemplate.Execute(delegate { _dataProviderDao.Delete(instance); ActivityManager.LogAudit(NodeMethod.None, null, visit, "{0} deleted data source: {1}.", visit.Account.NaasAccount, instance.ToString()); return(null); }); }
public DataService GetService(string serviceId, NodeVisit visit) { ValidateByRole(visit, SystemRoleType.Program); DataService service = _serviceDao.GetDataService(serviceId); if (service != null) { ValidateCanViewFlowById(visit, service.FlowId); } return(service); }
public ScheduledItem RunNow(string scheduleId, NodeVisit visit) { ValidateByRole(visit, SystemRoleType.Program); ScheduledItem item = _scheduleDao.GetScheduledItem(scheduleId); if (item == null) { throw new ArgumentException(string.Format("Cannot load a schedule with id \"{0}\"", scheduleId)); } return(RunNow(item, visit)); }
public UserAccount GetOrCreateUser(string username, NodeVisit visit, out NaasUserInfo naasUserInfo) { ValidateByRole(visit, SystemRoleType.Admin); bool wasCreated; UserAccount userAccount = _accountManager.GetOrCreate(username, true, out wasCreated); naasUserInfo = _naasManager.GetNaasUserInfo(username); return(userAccount); }
public void DeleteFlow(DataFlow instance, NodeVisit visit) { ValidateCanEditFlowById(visit, instance.Id); TransactionTemplate.Execute(delegate { _flowDao.Delete(instance); ActivityManager.LogAudit(NodeMethod.None, instance.FlowName, visit, "{0} deleted data flow: {1}.", visit.Account.NaasAccount, instance.ToString()); return(null); }); }
public int DeleteActivities(ActivitySearchParams search, NodeVisit visit) { LogicAuditBaseManager.ValidateByRole(visit, SystemRoleType.Admin); bool addFlowIsNullQuery; if (!FilterSearchParamsForVisit(search, visit, out addFlowIsNullQuery)) { return(0); } return(_activityDao.DeleteActivities(search, addFlowIsNullQuery)); }
public bool UserExistsInNAAS(string userName, NodeVisit visit, out string affiliate, out bool canDelete, out bool canRemove) { canRemove = CanRemoveUser(userName, visit); if (_naasManager.UserExists(userName, out affiliate, out canDelete)) { if (canDelete) { canDelete = CanDeleteUser(userName, visit); } return(true); } return(false); }
public void Delete(ScheduledItem instance, NodeVisit visit) { ValidateCanEditFlowById(visit, instance.FlowId); string flowName = _flowManager.GetDataFlowNameById(instance.FlowId); TransactionTemplate.Execute(delegate { _scheduleDao.Delete(instance.Id); ActivityManager.LogAudit(NodeMethod.None, flowName, instance.Name, visit, "{0} deleted scheduled item: {1}.", visit.Account.NaasAccount, instance.ToString()); return(null); }); }
/// <summary> /// Validate that the input admin visitor has at least minimumRole permissions. Throw an /// UnauthorizedAccessException() if visitor is not validated. /// </summary> public static void ValidateByRole(NodeVisit visit, SystemRoleType minimumRole) { if (visit == null) { throw new ArgumentException("Input visit is null."); } if ((visit.Account == null) || string.IsNullOrEmpty(visit.Account.Id) || ((visit.Account.Role != SystemRoleType.Admin) && ((Int32)visit.Account.Role) < ((Int32)minimumRole))) { ThrowInsuficientPrivileges(); } }
protected IList <ScheduledItemExecuteStatus> FilterSchedulesForUser(NodeVisit visit, IList <ScheduledItemExecuteStatus> schedules) { if (!CollectionUtils.IsNullOrEmpty(schedules)) { for (int i = schedules.Count - 1; i >= 0; --i) { ScheduledItemExecuteStatus schedule = schedules[i]; if (!CanUserViewFlowById(visit, schedule.FlowId)) { schedules.RemoveAt(i); } } } return(schedules); }