/// <summary>
/// Crea un nuevo usuario.
/// </summary>
/// <param name="pUser">UsuarioBE a crear</param>
/// <returns>UserId del nuevo usuario.</returns>
public void Create(User pUser)
{
//TODO: Ver tema de nuevo GUID para el usuario
//Guid wUserGUID = Guid.NewGuid();
MembershipCreateStatus pStatus = MembershipCreateStatus.UserRejected;
// se inserta en las membership el nuevo usuario
User wNewUser = FwkMembership.CreateUser(pUser.UserName, pUser.Password, pUser.Email,
pUser.QuestionPassword, pUser.AnswerPassword,
pUser.IsApproved, out pStatus, _ProviderName);
// se inserta el usuario custom
if (pStatus == MembershipCreateStatus.Success)
{
//UsersDAC.Create(pUser, CustomParameters, _ProviderName, pCustomUserTable);
// Se insertan los roles
if (pUser.Roles != null)
{
RolList roleList = pUser.GetRolList();
FwkMembership.CreateRolesToUser(roleList, pUser.UserName, _ProviderName);
}
pUser.ProviderId = wNewUser.ProviderId;
wNewUser = null;
}
else
{
TechnicalException te = new TechnicalException(string.Format(Fwk.Security.Properties.Resource.User_Created_Error_Message, pUser.UserName, pStatus));
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4008";
throw te;
}
}
/// <summary>
/// Retorba las lista de usuarios y roles desde la expresion de la regla
/// </summary>
/// <param name="wexpression"></param>
/// <param name="assignedRoleList"></param>
/// <param name="excludeUserList"></param>
public static void BuildRolesAndUsers_FromRuleExpression(string wexpression, out RolList assignedRoleList, out UserList excludeUserList)
{
Rol wRol;
User wUser;
assignedRoleList = new RolList();
excludeUserList = new UserList();
StringBuilder exp = new StringBuilder(wexpression);
exp.Replace("R:", string.Empty);
exp.Replace("I:", string.Empty);
exp.Replace("(", string.Empty);
exp.Replace(")", string.Empty);
exp.Replace("AND", string.Empty);
String[] wArray = exp.ToString().Split(new string[] { "NOT" }, StringSplitOptions.RemoveEmptyEntries);
if (wArray.Length > 0)
{
foreach (string str in wArray[0].Split(new string[] { "OR" }, StringSplitOptions.RemoveEmptyEntries))
{
wRol = new Rol(str.Trim());
assignedRoleList.Add(wRol);
}
}
if (wArray.Length > 1)
{
foreach (string str in wArray[1].Split(new string[] { "OR" }, StringSplitOptions.RemoveEmptyEntries))
{
wUser = new User(str.Trim());
excludeUserList.Add(wUser);
}
}
}
private void usersGrid1_OnUserChange(User user, RolList roles)
{
if (usersGrid1.CurrentUser == null)
{
btnRemove.Enabled = false;
btnUpdate.Enabled = false;
return;
}
lblRolesByUser.Text = "User roles " + usersGrid1.CurrentUser.UserName;
txtEmail.Text = usersGrid1.CurrentUser.Email;
txtUserName.Text = usersGrid1.CurrentUser.UserName;
txtQuest.Text = usersGrid1.CurrentUser.QuestionPassword;
txtAnsw.Text = usersGrid1.CurrentUser.AnswerPassword;
chkApproved.Checked = usersGrid1.CurrentUser.IsApproved;
txtComments.Text = usersGrid1.CurrentUser.Comment;
btnRemove.Enabled = true;
btnUpdate.Enabled = true;
if (usersGrid1.CurrentUser.IsApproved)
{
btnApprove.Text = "DisApprove";
}
else
{
btnApprove.Text = "Approve";
}
using (new WaitCursorHelper(this))
{
grdRoles1.DataSource = roles;
}
}
void CreeateUser_No_Service(User pUserBe)
{
String strErrorResut = String.Empty;
CreateUserReq req = new CreateUserReq();
CreateUserRes res = new CreateUserRes();
CreateUserService svc = new CreateUserService();
req.SecurityProviderName = SecurityProviderName;
try
{
RolList roles = FwkMembership.GetAllRoles(SecurityProviderName);
if (roles.Count >= 2)
{
pUserBe.Roles = new String[2];
pUserBe.Roles[0] = roles[0].RolName;
pUserBe.Roles[1] = roles[1].RolName;
}
req.BusinessData.User = pUserBe;
res = svc.Execute(req);
}
catch (Exception ex)
{
strErrorResut = Fwk.Exceptions.ExceptionHelper.GetAllMessageException(ex);
}
Assert.AreEqual <String>(strErrorResut, string.Empty, strErrorResut);
pUserBe.UserId = res.BusinessData.UserId;
}
/// <summary>
/// Asigna roles a un usuario
/// </summary>
/// <param name="pRolList">Lista de roles</param>
/// <param name="userName">Usuario</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void CreateRolesToUser(RolList pRolList, String userName, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
try
{
Roles.Providers[wProvider.Name].AddUsersToRoles(new string[] { userName }, pRolList.GetArrayNames());
//foreach (Rol rol in pRolList)
//{
// if (!Roles.Providers[providerName].IsUserInRole(userName, rol.RolName))
// {
// //Roles.AddUserToRoles(userName, new string[] { rol.RolName });
// Roles.Providers[providerName].AddUsersToRoles(new string[] { userName }, new string[] { rol.RolName });
// }
//}
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
/// <summary>
/// Obtiene la informacion de un usuario y junto a sus roles
/// </summary>
/// <param name="userName">Nombre de usuario</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
/// <returns></returns>
public static User GetUserAnRoles(String userName, string providerName)
{
User wUser = FwkMembership.GetUser(userName, providerName);
RolList userRoles = FwkMembership.GetRolesForUser(userName, providerName);
wUser.Roles = userRoles.GetArrayNames();
return(wUser);
}
/// <summary>
/// Agrega un rol a la expresion de la regla.- Modifica Expression
/// </summary>
/// <param name="pRol"></param>
/// <param name="pRule"></param>
public static void Rule_AppenRol(Rol pRol, FwkAuthorizationRule pRule)
{
RolList rollistAux = null;
UserList userList = null;
BuildRolesAndUsers_FromRuleExpression(pRule.Expression, out rollistAux, out userList);
//Agregar el rol a la regla
rollistAux.Add(pRol);
pRule.SetExpression(BuildRuleExpression(rollistAux, userList));
}
public void Initialize()
{
try
{
rolesList = FwkMembership.GetAllRoles(frmAdmin.Provider.Name);
}
catch (Exception ex)
{
base.MessageViewInfo.Show(ex);
return;
}
grdUsers.DataSource = rolesList;
grdUsers.Refresh();
}
/// <summary>
/// Asigna una lista de roles a un usuario
/// </summary>
/// <param name="pRolList">Lista de roles que se desea asignar</param>
/// <param name="pUserName">nombre de usuario</param>
public static void CreateRolesToUser(RolList pRolList, string pUserName)
{
AssignRolesToUserReq req = new AssignRolesToUserReq();
req.BusinessData.Username = pUserName;
req.BusinessData.RolList = pRolList;
AssignRolesToUserRes res = req.ExecuteService <AssignRolesToUserReq, AssignRolesToUserRes>(WrapperSecurityProvider, req);
if (res.Error != null)
{
throw Fwk.Exceptions.ExceptionHelper.ProcessException(res.Error);
}
}
/// <summary>
/// Obtiene todos los Roles
/// The GetAllRoles method calls the RoleProvider.GetAllRoles method of the role provider to get a list of all the roles from the data source for an application.
/// Only the roles for the application that is specified in the ApplicationName property are retrieved.
/// </summary>
/// <param name="providerName">Nombre del proveedor de membership</param>
/// <returns>RolList con todos los roles</returns>
public static RolList GetAllRoles(string providerName)
{
Rol r;
RolList wRoleList = new RolList();
if (string.IsNullOrEmpty(providerName))
providerName = GetSqlMembershipProvider(providerName).Name;
try
{
foreach (string s in GetRoleProvider(providerName).GetAllRoles())
{
r = new Rol(s);
wRoleList.Add(r);
}
}
catch (TechnicalException err)
{
throw err;
}
catch (System.NullReferenceException)
{
TechnicalException te = new TechnicalException(string.Format(Fwk.Security.Properties.Resource.RuleProvider_NotExist, providerName));
ExceptionHelper.SetTechnicalException<FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
catch (System.Configuration.Provider.ProviderException pe)
{
TechnicalException te = new TechnicalException(
String.Format("El proveedor SqlMembership {0} lanzo el siguiente error: {1}", providerName, pe.Message)
);
ExceptionHelper.SetTechnicalException<FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
catch (Exception ex)
{
TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException<FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
return wRoleList;
}
/// <summary>
/// Obtiene todos los Roles
/// The GetAllRoles method calls the RoleProvider.GetAllRoles method of the role provider to get a list of all the roles from the data source for an application.
/// Only the roles for the application that is specified in the ApplicationName property are retrieved.
/// </summary>
/// <param name="providerName">Nombre del proveedor de membership</param>
/// <returns>RolList con todos los roles</returns>
public static RolList GetAllRoles(string providerName)
{
Rol r;
RolList wRoleList = new RolList();
if (string.IsNullOrEmpty(providerName))
{
providerName = GetSqlMembershipProvider(providerName).Name;
}
try
{
foreach (string s in GetRoleProvider(providerName).GetAllRoles())
{
r = new Rol(s);
wRoleList.Add(r);
}
}
catch (TechnicalException err)
{
throw err;
}
catch (System.NullReferenceException)
{
TechnicalException te = new TechnicalException(string.Format(Fwk.Security.Properties.Resource.RuleProvider_NotExist, providerName));
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
catch (System.Configuration.Provider.ProviderException pe)
{
TechnicalException te = new TechnicalException(
String.Format("El proveedor SqlMembership {0} lanzo el siguiente error: {1}", providerName, pe.Message)
);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
catch (Exception ex)
{
TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
return(wRoleList);
}
/// <summary>
/// Quita un rol de la expresion de la regla.- Modifica Expression
/// </summary>
/// <param name="pRol"></param>
/// <param name="pRule"></param>
public static void RemoveRol_From_Rule(Rol pRol, FwkAuthorizationRule pRule)
{
RolList rollistAux = null;
UserList userList = null;
BuildRolesAndUsers_FromRuleExpression(pRule.Expression, out rollistAux, out userList);
//Quitar el rol a la regla si es que existe en la regla
if (rollistAux.Any <Rol>(r => r.RolName.Equals(pRol.RolName)))
{
rollistAux.Remove(rollistAux.First <Rol>(r => r.RolName.Equals(pRol.RolName)));
pRule.SetExpression(BuildRuleExpression(rollistAux, userList));
}
}
public void Initialize()
{
try
{
rolesList = FwkMembership.GetAllRoles(frmAdmin.Provider.Name);
}
catch (Exception ex)
{
base.MessageViewInfo.Show(ex);
return;
}
grdUsers.DataSource = rolesList;
grdUsers.Refresh();
}
/// <summary>
/// Quita una array de Usuarios de una lista de Roles
/// </summary>
/// <param name="pUsersName">Array de Nombres</param>
/// <param name="pRolList">Lista de Roles</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void RemoveUsersFromRoles(String[] pUsersName, RolList pRolList, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
try
{
Roles.Providers[wProvider.Name].RemoveUsersFromRoles(pUsersName, pRolList.GetArrayNames());
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
void MachRolesGrid(RolList roles)
{
lstBoxRoles.UnCheckAll();
RolList list = (RolList)((System.Windows.Forms.BindingSource)(lstBoxRoles.DataSource)).List;
foreach (Rol lstRol in list)
{
if (roles.Any(p => p.RolName.Equals(lstRol.RolName)))
{
int i = lstBoxRoles.FindItem(lstRol);
object odj = lstBoxRoles.GetItem(i);
lstBoxRoles.SetItemChecked(i, true);
}
}
}
/// <summary>
/// Actualiza los datos del usuario.
/// </summary>
/// <param name="pUser">Usuario que se desea actualizar.</param>
/// <param name="userName">Nombre no modificado del usuario.- El nuevo nombre de usuario en caso de modifucacion va en el parametro pUser </param>
public void Update(User pUser, string userName)
{
Validate(pUser, false);
// Actualizacion del usuario de las membership
FwkMembership.UpdateUser(pUser, userName, _ProviderName);
// Se actualizan los roles que posee el usuario
if (pUser.Roles != null)
{
RolList usrRoles = FwkMembership.GetRolesForUser(pUser.UserName, _ProviderName);
FwkMembership.RemoveUserFromRoles(pUser.UserName, usrRoles, _ProviderName);
RolList newRolList = pUser.GetRolList();
FwkMembership.CreateRolesToUser(newRolList, pUser.UserName, _ProviderName);
}
}
/// <summary>
/// Crea un nuevo usuario. Se le saco el static para poder hacer referencia a this.
/// </summary>
/// <param name="pUser">Usuario</param>
/// <param name="pPassword">Password</param>
/// <param name="pMail">Mail del usuario</param>
internal static void CreateUser(User pUser, RolList pRolList)
{
CreateUserReq req = new CreateUserReq();
req.BusinessData.User = pUser;
req.BusinessData.User.Roles = pRolList.GetArrayNames();
CreateUserRes res = _ClientServiceBase.ExecuteService <CreateUserReq, CreateUserRes>(WrapperSecurityProvider, req);
if (res.Error != null)
{
throw Fwk.Exceptions.ExceptionHelper.ProcessException(res.Error);
}
//pUser.UserId = response.BusinessData.NewUserId;
}
public override GetUserInfoByParamsRes Execute(GetUserInfoByParamsReq pServiceRequest)
{
GetUserInfoByParamsRes wRes = new GetUserInfoByParamsRes();
UserBC userBC = new UserBC(pServiceRequest.ContextInformation.AppId, pServiceRequest.SecurityProviderName);
RolList wRolList = new RolList();
User wUser = new User();
userBC.GetUserByParams(pServiceRequest.BusinessData.UserName, out wUser, out wRolList);
wRes.BusinessData.UserInfo = wUser;
wRes.BusinessData.RolList = wRolList;
return(wRes);
}
//TODO: usar scripts
static void RulesApendRol(Rol pRol, FwkAuthorizationRuleList pRulesList)
{
RolList rollistAux = new RolList();
UserList userListAux = new UserList();;
foreach (FwkAuthorizationRule rule in pRulesList)
{
rollistAux.Clear();
userListAux.Clear();
Fwk.Security.FwkMembership.BuildRolesAndUsers_FromRuleExpression(rule.Expression, out rollistAux, out userListAux);
///Agregar el rol a la regla
rollistAux.Add(pRol);
rule.Expression = Fwk.Security.FwkMembership.BuildRuleExpression(rollistAux, userListAux);
}
}
public static IActionResult View(IActionResult value, params string[] RolList)
{
CurrentView = value;
IActionResult view = null;
try
{
if (LogUser == null || !LogUser.id.HasValue)
{
view = new RedirectResult("/Login");
}
else if (SessionActiva())
{
view = new RedirectResult("/Login/LockScreen");
}
else
{
UserRoles = UserRoles ?? new List <Roles>();
if (RolList.Count() > 0)
{
if (UserRoles.Where(x => RolList.Contains(x.name)).Count() <= 0)
{
//view = new ViewResult() { ViewName = "Home", ViewData = new ViewDataDictionary() { { "error", "No tiene permisos suficientes" } } };
view = new RedirectToActionResult("Acceso", "Generales", new { Mensaje = "No tiene permisos suficientes" });
//throw new Exception("No tiene permisos suficientes");
}
else
{
LastMove = DateTime.Now;
}
}
}
if (view == null)
{
view = value;
}
}
catch (Exception e)
{
view = new RedirectToActionResult("Index", "Generales", new { Mensaje = e.Message });
}
return(view);
}
/// <summary>
/// Elimina el primer rol
/// </summary>
/// <param name="user"></param>
void RemoveUserFromRole_NO_Service(string user)
{
RolList roles = FwkMembership.GetAllRoles(SecurityProviderName);
RemoveUserFromRoleReq req = new RemoveUserFromRoleReq();
RemoveUserFromRoleService svc = new RemoveUserFromRoleService();
req.BusinessData.UserName = user;
req.BusinessData.RolName = roles[0].RolName;
try
{
RemoveUserFromRoleRes res = svc.Execute(req);
}
catch (Exception ex)
{
base.StrExceptionMessage = Fwk.Exceptions.ExceptionHelper.GetAllMessageException(ex);
}
Assert.AreEqual <String>(base.StrExceptionMessage, String.Empty, base.StrExceptionMessage);
}
private void btnAsignarRoles_Click(object sender, EventArgs e)
{
if (usersGrid1.CurrentUser == null)
{
return;
}
RolList wNewRolList = new RolList();
using (new WaitCursorHelper(this))
{
foreach (object obj in lstBoxRoles.CheckedItems)
{
wNewRolList.Add((Rol)obj);
}
try
{
if (selectedRolList != null)
{
FwkMembership.RemoveUserFromRoles(usersGrid1.CurrentUser.UserName, selectedRolList, frmAdmin.Provider.Name);
selectedRolList = null;
}
FwkMembership.CreateRolesToUser(wNewRolList, usersGrid1.CurrentUser.UserName, frmAdmin.Provider.Name);
selectedRolList = wNewRolList;
}
catch (Exception ex)
{
if (((Fwk.Exceptions.TechnicalException)ex).InnerException != null)
{
MessageBox.Show(((Fwk.Exceptions.TechnicalException)ex).InnerException.Message);
}
else
{
MessageBox.Show(ex.Message);
}
}
bindingSourceUserRole.DataSource = FwkMembership.GetRolesForUser(usersGrid1.CurrentUser.UserName, frmAdmin.Provider.Name);
NewSecurityInfoCreatedHandler();
}
}
/// <summary>
/// Actualiza un usuario
/// </summary>
/// <param name="pUser">User</param>
internal static void UpdateUser(User pUser, RolList pRolList)
{
UpdateUserReq req = new UpdateUserReq();
req.BusinessData.UsersBE = pUser;
req.BusinessData.RolList = pRolList;
req.BusinessData.PasswordOnly = false;
if (!string.IsNullOrEmpty(pUser.Password))
{
req.BusinessData.ChangePassword = new ChangePassword();
req.BusinessData.ChangePassword.New = pUser.Password;
req.BusinessData.ChangePassword.Old = string.Empty;
}
UpdateUserRes res = req.ExecuteService <UpdateUserReq, UpdateUserRes>(WrapperSecurityProvider, req);
if (res.Error != null)
{
throw Fwk.Exceptions.ExceptionHelper.ProcessException(res.Error);
}
}
//TODO: usar scripts
static void RulesRemoveRol(Rol pRol, FwkAuthorizationRuleList pRulesList)
{
RolList rollistAux = new RolList();
UserList userListAux = new UserList();
foreach (FwkAuthorizationRule rule in pRulesList)
{
rollistAux.Clear();
userListAux.Clear();
Fwk.Security.FwkMembership.BuildRolesAndUsers_FromRuleExpression(rule.Expression, out rollistAux, out userListAux);
///Agregar el rol a la regla
if (rollistAux.Any <Rol>(r => r.RolName.Equals(pRol.RolName)))
{
rollistAux.Remove(rollistAux.First <Rol>(r => r.RolName.Equals(pRol.RolName)));
rule.Expression = Fwk.Security.FwkMembership.BuildRuleExpression(rollistAux, userListAux);
}
}
}
public static RolList GetAllRoles_FullInfo(string applicationName, string connectionStringName)
{
RolList wRolList = null;
Rol wRol = null;
try
{
Guid wApplicationId = GetApplication(applicationName, connectionStringName);
using (Fwk.Security.RuleProviderDataContext dc = new Fwk.Security.RuleProviderDataContext(System.Configuration.ConfigurationManager.ConnectionStrings[connectionStringName].ConnectionString))
{
var roles = from s in dc.aspnet_Roles where s.ApplicationId == wApplicationId select s;
wRolList = new RolList();
foreach (aspnet_Role aspnet_rol in roles)
{
wRol = new Rol();
wRol.Description = aspnet_rol.Description;
wRol.RolName = aspnet_rol.RoleName;
wRolList.Add(wRol);
}
}
return wRolList;
}
catch (TechnicalException tx)
{ throw tx; }
catch (Exception ex)
{
TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException<FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
/// <summary>
///
/// </summary>
/// <param name="ruleName"></param>
public void Populate(string ruleName)
{
txtRuleName.Text = ruleName;
_CurrentRule = FwkMembership.GetRule(ruleName, frmAdmin.Provider.Name);
txtRuleExpression.Text = _CurrentRule.Expression;
_AssignedRolList = new RolList();
_ExcludeUserList = new UserList();
FwkMembership.BuildRolesAndUsers_FromRuleExpression(_CurrentRule.Expression, out _AssignedRolList, out _ExcludeUserList);
txtRuleExpression.Text = FwkMembership.BuildRuleExpression(_AssignedRolList, _ExcludeUserList);
grdAssignedRoles.DataSource = null;
grdAssignedRoles.DataSource = _AssignedRolList;
grdUserExcluded.DataSource = null;
grdUserExcluded.DataSource = _AssignedRolList;
grdUserExcluded.Refresh();
grdAssignedRoles.Refresh();
}
public static RolList GetAllRoles_FullInfo(string applicationName, string connectionStringName)
{
RolList wRolList = null;
Rol wRol = null;
try
{
Guid wApplicationId = GetApplication(applicationName, connectionStringName);
using (Fwk.Security.RuleProviderDataContext dc = new Fwk.Security.RuleProviderDataContext(System.Configuration.ConfigurationManager.ConnectionStrings[connectionStringName].ConnectionString))
{
var roles = from s in dc.aspnet_Roles where s.ApplicationId == wApplicationId select s;
wRolList = new RolList();
foreach (aspnet_Role aspnet_rol in roles)
{
wRol = new Rol();
wRol.Description = aspnet_rol.Description;
wRol.RolName = aspnet_rol.RoleName;
wRolList.Add(wRol);
}
}
return(wRolList);
}
catch (TechnicalException tx)
{ throw tx; }
catch (Exception ex)
{
TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
public override AuthenticateUserRes Execute(AuthenticateUserReq pServiceRequest)
{
AuthenticateUserRes wRes = new AuthenticateUserRes();
UserBC wUserBC = new UserBC(pServiceRequest.ContextInformation.AppId, pServiceRequest.SecurityProviderName);
RolList wRolList = new RolList();
User wUser = new User();
switch (pServiceRequest.BusinessData.AuthenticationMode)
{
case AuthenticationModeEnum.ASPNETMemberShips:
{
wUserBC.AuthenticateUser(pServiceRequest.BusinessData.UserName,
pServiceRequest.BusinessData.Password,
out wUser);
wRolList = FwkMembership.GetRolesForUser(pServiceRequest.BusinessData.UserName, pServiceRequest.SecurityProviderName);
break;
}
case AuthenticationModeEnum.LDAP:
case AuthenticationModeEnum.FingerPrint:
case AuthenticationModeEnum.Mixed:
case AuthenticationModeEnum.WindowsIntegrated:
{
throw new Fwk.Exceptions.FunctionalException("Metodo de autenticacion no soportado por el servicio de autenticacion ASPNETMemberShips");
}
}
if (wUser.MustChangePassword == null)
{
wUser.MustChangePassword = false;
}
wRes.BusinessData.UserInfo = wUser;
wRes.BusinessData.UserInfo.Roles = wRolList.GetArrayNames();
wRes.BusinessData.UserInfo.AuthenticationMode = pServiceRequest.BusinessData.AuthenticationMode;
return(wRes);
}
/// <summary>
/// Quita a un usuario de una lista de Roles
/// </summary>
/// <param name="userName">Nombre de Usuario</param>
/// <param name="pRolList">Lista de Nombres de Roles</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void RemoveUserFromRoles(String userName, RolList pRolList, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
try
{
foreach (Rol rol in pRolList)
{
if (Roles.Providers[wProvider.Name].IsUserInRole(userName, rol.RolName))
{
//Roles.RemoveUserFromRoles(userName, new string[] { rol.RolName });
Roles.Providers[wProvider.Name].RemoveUsersFromRoles(new string[] { userName }, pRolList.GetArrayNames());
}
}
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException <FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
private void btnAsignarRoles_Click(object sender, EventArgs e)
{
if (usersGrid1.CurrentUser == null) return;
RolList wNewRolList = new RolList();
using (new WaitCursorHelper(this))
{
foreach (object obj in lstBoxRoles.CheckedItems)
{
wNewRolList.Add((Rol)obj);
}
try
{
if (selectedRolList != null)
{
FwkMembership.RemoveUserFromRoles(usersGrid1.CurrentUser.UserName, selectedRolList, frmAdmin.Provider.Name);
selectedRolList = null;
}
FwkMembership.CreateRolesToUser(wNewRolList, usersGrid1.CurrentUser.UserName, frmAdmin.Provider.Name);
selectedRolList = wNewRolList;
}
catch (Exception ex)
{
if (((Fwk.Exceptions.TechnicalException)ex).InnerException != null)
MessageBox.Show(((Fwk.Exceptions.TechnicalException)ex).InnerException.Message);
else
MessageBox.Show(ex.Message);
}
bindingSourceUserRole.DataSource = FwkMembership.GetRolesForUser(usersGrid1.CurrentUser.UserName, frmAdmin.Provider.Name);
NewSecurityInfoCreatedHandler();
}
}
/// <summary>
/// Crea un nuevo usuario. Se le saco el static para poder hacer referencia a this.
/// </summary>
/// <param name="pUser">Usuario</param>
/// <param name="pPassword">Password</param>
/// <param name="pMail">Mail del usuario</param>
internal static void CreateUser(User pUser, RolList pRolList)
{
CreateUserReq req = new CreateUserReq();
req.BusinessData.User = pUser;
req.BusinessData.User.Roles = pRolList.GetArrayNames();
CreateUserRes res = _ClientServiceBase.ExecuteService<CreateUserReq, CreateUserRes>(WrapperSecurityProvider,req);
if (res.Error != null)
throw Fwk.Exceptions.ExceptionHelper.ProcessException(res.Error);
//pUser.UserId = response.BusinessData.NewUserId;
}
public override AuthenticateUserRes Execute(AuthenticateUserReq pServiceRequest)
{
AuthenticateUserRes wRes = new AuthenticateUserRes();
UserBC wUserBC = new UserBC(pServiceRequest.ContextInformation.AppId, pServiceRequest.SecurityProviderName);
RolList wRolList = new RolList();
User wUser = new User();
switch (pServiceRequest.BusinessData.AuthenticationMode)
{
case AuthenticationModeEnum.LDAP:
//Se debe validar el usuario en LDAP contra el dominio seleccionado
//wRes.BusinessData.UserInfo = wUserBC.AuthenticateUser(pServiceRequest.BusinessData.UserName, pServiceRequest.BusinessData.Password, pServiceRequest.BusinessData.Domain, pServiceRequest.BusinessData.SiteName);
if (wUserBC.AuthenticateUser_AD(pServiceRequest.BusinessData.UserName,
pServiceRequest.BusinessData.Password,
pServiceRequest.BusinessData.Domain)
== Fwk.Security.ActiveDirectory.LoginResult.LOGIN_OK)
{
wUserBC.GetUserByParams(pServiceRequest.BusinessData.UserName, out wUser, out wRolList);
}
// Cuando es autenticación de windows, nunca debe pedir que cambie el password
wRes.BusinessData.UserInfo.MustChangePassword = false;
break;
case AuthenticationModeEnum.Mixed:
//utiliza autenticación mixta. Valida contra el usuario de memberships
///wRes.BusinessData.UserInfo = wUserBC.AuthenticateUser(pServiceRequest.BusinessData.UserName, pServiceRequest.BusinessData.Password, pServiceRequest.BusinessData.SiteName);
//utiliza autenticación mixta. Valida contra el usuario de bigbang
wUserBC.AuthenticateUser(pServiceRequest.BusinessData.UserName,
pServiceRequest.BusinessData.Password,
out wUser);
wRolList = FwkMembership.GetRolesForUser(pServiceRequest.BusinessData.UserName, pServiceRequest.SecurityProviderName);
break;
case AuthenticationModeEnum.WindowsIntegrated:
// el modo de autenticación es integrada de windows (usuario por defecto o validación LDAP)
if (pServiceRequest.BusinessData.IsEnvironmentUser)
{
// el usuario se toma por defecto del environment por tanto se recupera el user info sin necesidad de validar
// El usuario se toma por defecto del environment por tanto se recupera el user info sin necesidad de validar
wUserBC.GetUserByParams(pServiceRequest.BusinessData.UserName, out wUser, out wRolList);
}
else
{
//Se debe validar el usuario en LDAP contra el dominio seleccionado
//wRes.BusinessData.UserInfo = wUserBC.AuthenticateUser(pServiceRequest.BusinessData.UserName, pServiceRequest.BusinessData.Password, pServiceRequest.BusinessData.Domain, pServiceRequest.BusinessData.SiteName);
if (wUserBC.AuthenticateUser_AD(pServiceRequest.BusinessData.UserName,
pServiceRequest.BusinessData.Password,
pServiceRequest.BusinessData.Domain)
== Fwk.Security.ActiveDirectory.LoginResult.LOGIN_OK)
{
wUserBC.GetUserByParams(pServiceRequest.BusinessData.UserName, out wUser, out wRolList);
}
}
// Cuando es autenticación de windows, nunca debe pedir que cambie el password de las memberships
wRes.BusinessData.UserInfo.MustChangePassword = false;
break;
default:
throw new NotImplementedException("Modo de autenticación no implementado");
}
if (wUser.MustChangePassword == null)
{
wUser.MustChangePassword = false;
}
wRes.BusinessData.UserInfo = wUser;
wRes.BusinessData.UserInfo.Roles = wRolList.GetArrayNames();
wRes.BusinessData.UserInfo.AuthenticationMode = pServiceRequest.BusinessData.AuthenticationMode;
return(wRes);
}
private void usersGrid1_OnUserChange(User user, RolList roles)
{
lblSelectedUser.Text = user.UserName;
selectedRolList = roles;
MachRolesGrid(roles);
}
void MachRolesGrid(RolList roles)
{
lstBoxRoles.UnCheckAll();
RolList list = (RolList)((System.Windows.Forms.BindingSource)(lstBoxRoles.DataSource)).List;
foreach (Rol lstRol in list)
{
if (roles.Any(p => p.RolName.Equals(lstRol.RolName)))
{
int i = lstBoxRoles.FindItem(lstRol);
object odj = lstBoxRoles.GetItem(i);
lstBoxRoles.SetItemChecked(i, true);
}
}
}
/// <summary>
/// Actualiza la lista de Roles y Reglas._
/// AllRolList
/// FwkAuthorizationRuleList
/// </summary>
public static void RefreshSecurity()
{
_AllRolList = GetAllRoles(string.Empty);
_FwkAuthorizationRuleList = SearchAllRules();
}
//TODO: usar scripts
static void RulesApendRol(Rol pRol, FwkAuthorizationRuleList pRulesList)
{
RolList rollistAux = new RolList();
UserList userListAux = new UserList(); ;
foreach (FwkAuthorizationRule rule in pRulesList)
{
rollistAux.Clear();
userListAux.Clear();
Fwk.Security.FwkMembership.BuildRolesAndUsers_FromRuleExpression(rule.Expression, out rollistAux, out userListAux);
///Agregar el rol a la regla
rollistAux.Add(pRol);
rule.Expression = Fwk.Security.FwkMembership.BuildRuleExpression(rollistAux, userListAux);
}
}
public void RemoveUsersFromRoles(String[] usersName, RolList rolList)
{
FwkMembership.RemoveUsersFromRoles(usersName, rolList, ProviderName);
}
/// <summary>
/// Obtiene la informacion de un usuario y su Custom de un usuario, junto a sus roles
/// </summary>
/// <param name="pUserName"></param>
/// <param name="pRolList"></param>
/// <returns></returns>
public void GetUserByParams(String pUserName, out User pUser, out RolList pRolList)
{
pUser = FwkMembership.GetUser(pUserName, _ProviderName);
pRolList = FwkMembership.GetRolesForUser(pUserName, _ProviderName);
}
public void AssignRolesToUser(RolList rolList, String userName)
{
FwkMembership.CreateRolesToUser(rolList, userName, ProviderName);
}
public void RemoveUserFromRoles(String userName, RolList rolList)
{
FwkMembership.RemoveUserFromRoles(userName, rolList, ProviderName);
}
/// <summary>
/// Actualiza un usuario
/// </summary>
/// <param name="pUser">User</param>
internal static void UpdateUser(User pUser, RolList pRolList)
{
UpdateUserReq req = new UpdateUserReq();
req.BusinessData.UsersBE = pUser;
req.BusinessData.RolList = pRolList;
req.BusinessData.PasswordOnly = false;
if (!string.IsNullOrEmpty(pUser.Password))
{
req.BusinessData.ChangePassword = new ChangePassword();
req.BusinessData.ChangePassword.New = pUser.Password;
req.BusinessData.ChangePassword.Old = string.Empty;
}
UpdateUserRes res = req.ExecuteService<UpdateUserReq, UpdateUserRes>(WrapperSecurityProvider,req);
if (res.Error != null)
{
throw Fwk.Exceptions.ExceptionHelper.ProcessException(res.Error);
}
}
/// <summary>
/// Asigna una lista de roles a un usuario
/// </summary>
/// <param name="pRolList">Lista de roles que se desea asignar</param>
/// <param name="pUserName">nombre de usuario</param>
public static void CreateRolesToUser(RolList pRolList, string pUserName)
{
AssignRolesToUserReq req = new AssignRolesToUserReq();
req.BusinessData.Username = pUserName;
req.BusinessData.RolList = pRolList;
AssignRolesToUserRes res = req.ExecuteService<AssignRolesToUserReq, AssignRolesToUserRes>(WrapperSecurityProvider,req);
if (res.Error != null)
throw Fwk.Exceptions.ExceptionHelper.ProcessException(res.Error);
}
/// <summary>
/// Actualiza la lista de Roles y Reglas._
/// AllRolList
/// FwkAuthorizationRuleList
/// </summary>
public static void RefreshSecurity()
{
_AllRolList = GetAllRoles(string.Empty);
_FwkAuthorizationRuleList = SearchAllRules();
}
//TODO: usar scripts
static void RulesRemoveRol(Rol pRol, FwkAuthorizationRuleList pRulesList)
{
RolList rollistAux = new RolList();
UserList userListAux = new UserList();
foreach (FwkAuthorizationRule rule in pRulesList)
{
rollistAux.Clear();
userListAux.Clear();
Fwk.Security.FwkMembership.BuildRolesAndUsers_FromRuleExpression(rule.Expression, out rollistAux, out userListAux);
///Agregar el rol a la regla
if (rollistAux.Any<Rol>(r => r.RolName.Equals(pRol.RolName)))
{
rollistAux.Remove(rollistAux.First<Rol>(r => r.RolName.Equals(pRol.RolName)));
rule.Expression = Fwk.Security.FwkMembership.BuildRuleExpression(rollistAux, userListAux);
}
}
}
/// <summary>
/// Asigna roles a un usuario
/// </summary>
/// <param name="pRolList">Lista de roles</param>
/// <param name="userName">Usuario</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void CreateRolesToUser(RolList pRolList, String userName, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
try
{
Roles.Providers[wProvider.Name].AddUsersToRoles(new string[] { userName }, pRolList.GetArrayNames());
//foreach (Rol rol in pRolList)
//{
// if (!Roles.Providers[providerName].IsUserInRole(userName, rol.RolName))
// {
// //Roles.AddUserToRoles(userName, new string[] { rol.RolName });
// Roles.Providers[providerName].AddUsersToRoles(new string[] { userName }, new string[] { rol.RolName });
// }
//}
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException<FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
/// <summary>
///
/// </summary>
/// <param name="ruleName"></param>
public void Populate(string ruleName)
{
txtRuleName.Text = ruleName;
_CurrentRule = FwkMembership.GetRule(ruleName, frmAdmin.Provider.Name);
txtRuleExpression.Text = _CurrentRule.Expression;
_AssignedRolList = new RolList();
_ExcludeUserList = new UserList();
FwkMembership.BuildRolesAndUsers_FromRuleExpression(_CurrentRule.Expression, out _AssignedRolList, out _ExcludeUserList);
txtRuleExpression.Text = FwkMembership.BuildRuleExpression(_AssignedRolList, _ExcludeUserList);
grdAssignedRoles.DataSource = null;
grdAssignedRoles.DataSource = _AssignedRolList;
grdUserExcluded.DataSource = null;
grdUserExcluded.DataSource = _AssignedRolList;
grdUserExcluded.Refresh();
grdAssignedRoles.Refresh();
}
/// <summary>
/// Quita a un usuario de una lista de Roles
/// </summary>
/// <param name="userName">Nombre de Usuario</param>
/// <param name="pRolList">Lista de Nombres de Roles</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void RemoveUserFromRoles(String userName, RolList pRolList, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
try
{
foreach (Rol rol in pRolList)
{
if (Roles.Providers[wProvider.Name].IsUserInRole(userName, rol.RolName))
//Roles.RemoveUserFromRoles(userName, new string[] { rol.RolName });
Roles.Providers[wProvider.Name].RemoveUsersFromRoles(new string[] { userName }, pRolList.GetArrayNames());
}
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException<FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
/// <summary>
/// Quita una array de Usuarios de una lista de Roles
/// </summary>
/// <param name="pUsersName">Array de Nombres</param>
/// <param name="pRolList">Lista de Roles</param>
/// <param name="providerName">Nombre del proveedor de membership</param>
public static void RemoveUsersFromRoles(String[] pUsersName, RolList pRolList, string providerName)
{
SqlMembershipProvider wProvider = GetSqlMembershipProvider(providerName);
try
{
Roles.Providers[wProvider.Name].RemoveUsersFromRoles(pUsersName, pRolList.GetArrayNames());
}
catch (Exception ex)
{
Fwk.Exceptions.TechnicalException te = new TechnicalException(Fwk.Security.Properties.Resource.MembershipSecurityGenericError, ex);
ExceptionHelper.SetTechnicalException<FwkMembership>(te);
te.ErrorId = "4000";
throw te;
}
}
/// <summary>
/// Retorba las lista de usuarios y roles desde la expresion de la regla
/// </summary>
/// <param name="wexpression"></param>
/// <param name="assignedRoleList"></param>
/// <param name="excludeUserList"></param>
public static void BuildRolesAndUsers_FromRuleExpression(string wexpression, out RolList assignedRoleList, out UserList excludeUserList)
{
Rol wRol;
User wUser;
assignedRoleList = new RolList();
excludeUserList = new UserList();
StringBuilder exp = new StringBuilder(wexpression);
exp.Replace("R:", string.Empty);
exp.Replace("I:", string.Empty);
exp.Replace("(", string.Empty);
exp.Replace(")", string.Empty);
exp.Replace("AND", string.Empty);
String[] wArray = exp.ToString().Split(new string[] { "NOT" }, StringSplitOptions.RemoveEmptyEntries);
if (wArray.Length > 0)
{
foreach (string str in wArray[0].Split(new string[] { "OR" }, StringSplitOptions.RemoveEmptyEntries))
{
wRol = new Rol(str.Trim());
assignedRoleList.Add(wRol);
}
}
if (wArray.Length > 1)
{
foreach (string str in wArray[1].Split(new string[] { "OR" }, StringSplitOptions.RemoveEmptyEntries))
{
wUser = new User(str.Trim());
excludeUserList.Add(wUser);
}
}
}
public void AssignRolesToUser(RolList rolList, String userName)
{
FwkMembership.CreateRolesToUser(rolList, userName, ProviderName);
}
private void usersGrid1_OnUserChange(User user, RolList roles)
{
if (usersGrid1.CurrentUser == null)
{
btnRemove.Enabled = false;
btnUpdate.Enabled = false;
return;
}
lblRolesByUser.Text = "User roles " + usersGrid1.CurrentUser.UserName;
txtEmail.Text = usersGrid1.CurrentUser.Email;
txtUserName.Text = usersGrid1.CurrentUser.UserName;
txtQuest.Text = usersGrid1.CurrentUser.QuestionPassword;
txtAnsw.Text = usersGrid1.CurrentUser.AnswerPassword;
chkApproved.Checked = usersGrid1.CurrentUser.IsApproved;
txtComments.Text = usersGrid1.CurrentUser.Comment;
btnRemove.Enabled = true;
btnUpdate.Enabled = true;
if (usersGrid1.CurrentUser.IsApproved)
btnApprove.Text = "DisApprove";
else
btnApprove.Text = "Approve";
using (new WaitCursorHelper(this))
{
grdRoles1.DataSource = roles;
}
}
