private static async Task CreatePermissionsAsync(IServiceProvider serviceProvider,
IConfiguration configuration)
{
var permissionsService = serviceProvider.GetRequiredService <IPermissionsService>();
var securityAppSettings = new SecurityAppSettings();
configuration.Bind(nameof(SecurityAppSettings), securityAppSettings);
foreach (var permissionSetting in securityAppSettings.DefaultPermissions)
{
var permissionKeyValue = permissionSetting.Split(',');
var resource = permissionKeyValue[0];
var resourceFields = resource.Split(':');
var module = resourceFields[0];
var type = resourceFields[1];
var action = permissionKeyValue[1];
var role = permissionKeyValue[2];
var found = await permissionsService.AllowedAsync(module, type, action, role, false);
if (!found)
{
var permission = new Permission()
{
Module = module,
Type = type,
Action = action,
Role = role
};
await permissionsService.AddAsync(permission);
}
}
}
public bool IsAdminInConfig(string username)
{
var securityAppSettings = new SecurityAppSettings();
_configuration.Bind(nameof(SecurityAppSettings), securityAppSettings);
var adminUsers = (from ru in securityAppSettings.DefaultRoleUsers
where ru.Role == Roles.Admin
select ru.Users).FirstOrDefault();
return(adminUsers.Contains(username));
}
private void ReadPasswordPolicy(UserResetPasswordModel Model)
{
Model.MinimumLength = SecurityAppSettings.GetIntValue(SecurityAppSettings.Key.PasswordMinimumLength);
Model.MaximumLength = SecurityAppSettings.GetIntValue(SecurityAppSettings.Key.PasswordMaximumLength);
Model.UseSymbols = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseSymbols);
Model.UseNumeric = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseNumbers);
Model.UseLowerCase = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseLowerCase);
Model.UseUpperCase = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseUpperCase);
Model.UseUserIdInPassword = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseUserIdInPassword);
Model.UseUserNameInPassword = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseUserNameInPassword);
Model.NumberOfTypesRequiredInPassword = SecurityAppSettings.GetIntValue(SecurityAppSettings.Key.NumberOfTypesRequiredInPassword);
Model.Symbols = SecurityAppSettings.GetStringValue(SecurityAppSettings.Key.Symbols);
}
public PasswordGenerator()
{
this.Minimum = DefaultMinimum = SecurityAppSettings.GetIntValue(SecurityAppSettings.Key.PasswordMinimumLength);
this.Maximum = DefaultMaximum = SecurityAppSettings.GetIntValue(SecurityAppSettings.Key.PasswordMaximumLength);
this.ConsecutiveCharacters = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.ConsecutiveCharacters);
this.RepeatCharacters = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.RepeatCharacters);
this.Symbols = SecurityAppSettings.GetStringValue(SecurityAppSettings.Key.Symbols);
this.UseSymbols = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseSymbols);
this.UseNumeric = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseNumbers);
this.UseLowerCase = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseLowerCase);
this.UseUpperCase = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseUpperCase);
this.Exclusions = null;
rng = new RNGCryptoServiceProvider();
}
public async Task LoadSettingsAsync(IConfiguration configuration)
{
var contentAppSettings = new ContentAppSettings();
configuration.Bind(nameof(ContentAppSettings), contentAppSettings);
await LoadSettingsAsync(contentAppSettings.PageSizeSettings);
await LoadSettingsAsync(contentAppSettings.RoleWeightSettings);
var siteAppSettings = new SiteAppSettings();
configuration.Bind(nameof(SiteAppSettings), siteAppSettings);
await LoadSettingsAsync(siteAppSettings.SidebarMenuSettings);
var securityAppSettings = new SecurityAppSettings();
configuration.Bind(nameof(SecurityAppSettings), securityAppSettings);
await LoadSettingsAsync(securityAppSettings.PermissionSettings);
await LoadSettingsAsync(securityAppSettings.RoleUserSettings);
}
private static async Task CreateUserRolesAsync(IServiceProvider serviceProvider,
IConfiguration configuration)
{
var userManager = serviceProvider.GetRequiredService <UserManager <ApplicationUser> >();
var roleManager = serviceProvider.GetRequiredService <RoleManager <IdentityRole> >();
foreach (var role in Roles.All)
{
IdentityResult roleResult;
var roleCheck = await roleManager.RoleExistsAsync(role);
if (!roleCheck)
{
roleResult = await roleManager.CreateAsync(new IdentityRole(role));
}
}
var securityAppSettings = new SecurityAppSettings();
configuration.Bind(nameof(SecurityAppSettings), securityAppSettings);
var roleUsersArray = securityAppSettings.DefaultRoleUsers;
foreach (var roleUsers in roleUsersArray)
{
foreach (var userName in roleUsers.Users)
{
ApplicationUser user = await userManager.FindByNameAsync(userName);
if (user != null)
{
var inRole = await userManager.IsInRoleAsync(user, roleUsers.Role);
if (!inRole)
{
await userManager.AddToRoleAsync(user, roleUsers.Role);
}
}
}
}
}
private bool HasSymbol(string password)
{
bool result = false;
result = System.Text.RegularExpressions.Regex.IsMatch(password, @"[" + SecurityAppSettings.GetStringValue(SecurityAppSettings.Key.Symbols).Replace(" ", "") + "]");
if (result)//Validates if password has only allowed characters.
{
foreach (char character in password.ToCharArray())
{
if (Char.IsPunctuation(character))
{
if (!System.Text.RegularExpressions.Regex.IsMatch(character.ToString(), @"[" + SecurityAppSettings.GetStringValue(SecurityAppSettings.Key.Symbols).Replace(" ", "") + "]"))
{
return(false);
}
}
}
}
return(result);
}
public void InsertOrganizationInfo(OrganizationBO OrganizationBO, UserBO UserBO)
{
bool success;
OrganizationBO.OrganizationKey = Epi.Web.Enter.Common.Security.Cryptography.Encrypt(OrganizationBO.OrganizationKey);
InsertCombination InsertStatus = new InsertCombination();
// Check if the user Exists
var User = this.OrganizationDao.GetUserByEmail(UserBO);
string tempPassword = string.Empty;
if (User != null)
{
if (string.IsNullOrEmpty(User.EmailAddress))
{
UserBO.ResetPassword = true;
success = this.OrganizationDao.InsertOrganization(OrganizationBO, UserBO);
}
else
{
success = this.OrganizationDao.InsertOrganization(OrganizationBO, User.UserId, UserBO.Role);
}
if (success)
{
InsertStatus = InsertCombination.ExistingUserNewOrg;
}
}
else
{
string KeyForUserPasswordSalt = SecurityAppSettings.GetStringValue(SecurityAppSettings.Key.KeyForUserPasswordSalt);
PasswordHasher PasswordHasher = new Web.Enter.Common.Security.PasswordHasher(KeyForUserPasswordSalt);
string salt = PasswordHasher.CreateSalt(UserBO.EmailAddress);
UserBO.ResetPassword = true;
PasswordGenerator PassGen = new PasswordGenerator();
tempPassword = PassGen.Generate();
UserBO.PasswordHash = PasswordHasher.HashPassword(salt, tempPassword);// "PassWord1");
success = this.OrganizationDao.InsertOrganization(OrganizationBO, UserBO);
if (success)
{
InsertStatus = InsertCombination.NewUserNewOrg;
}
}
var OrgKey = Epi.Web.Enter.Common.Security.Cryptography.Decrypt(OrganizationBO.OrganizationKey);
if (success && InsertStatus != InsertCombination.None)
{
Email email = new Email();
StringBuilder Body = new StringBuilder();
if (InsertStatus == InsertCombination.ExistingUserNewOrg)
{
Body.Append("Your account has now been created for organization - " + OrganizationBO.Organization + ".\n");
Body.Append("\nOrganization Key: " + OrgKey);
Body.Append("\n\nPlease click the link below to launch Epi Info™ Cloud Data Capture. \n" + AppSettings.GetStringValue(AppSettings.Key.BaseURL) + "\n\nThank you.");
}
else
{
Body.Append("Welcome to Epi Info™ Cloud Data Capture. \nYour account has now been created for oganization - " + OrganizationBO.Organization + ".");
if (AppSettings.GetStringValue(AppSettings.Key.WindowAuthentication).ToUpper() == "NO")
{
Body.Append("\n\nEmail: " + UserBO.EmailAddress + "\nPassword: "******"\nOrganization Key: " + OrgKey);
Body.Append("\n\nPlease click the link below to launch the Epi Info™ Cloud Data Capture and log in with your email and temporary password. You will then be asked to create a new password. \n" + AppSettings.GetStringValue(AppSettings.Key.BaseURL));
//Add email and temporary password for new user.
}
//Body.Append("\n" + AppSettings.GetStringValue(AppSettings.Key.BaseURL));
if (InsertStatus == InsertCombination.NewUserNewOrg)
{
Body.Append("\n\nPlease follow the steps below in order to start publishing forms to the web using Epi Info™ 7.");
Body.Append("\n\tStep 1: Download and install the latest version of Epi Info™ 7 from:" + AppSettings.GetStringValue(AppSettings.Key.EpiInfoDownloadURL));
Body.Append("\n\tStep 2: On the Main Menu, click on “Tools” and select “Options”");
Body.Append("\n\tStep 3: On the Options dialog, click on the “Cloud Data Capture” Tab.");
Body.Append("\n\tStep 4: On the Cloud Data Capture tab, enter the following information.");
Body.Append("\n\t\t-Endpoint Address:" + AppSettings.GetStringValue(AppSettings.Key.EndpointAddress) + "\n\t\t-Connect using Windows Authentication: " + AppSettings.GetStringValue(AppSettings.Key.WindowAuthentication));
Body.Append("\n\t\t-Binding Protocol:" + AppSettings.GetStringValue(AppSettings.Key.BindingProtocol));
Body.Append("\n\tStep 5:Click “OK’ button.");
Body.Append("\nOrganization key provided here is to be used in Epi Info™ 7 during publish process.");
Body.Append("\n\nPlease contact the system administrator for any questions.");
}
email.Body = Body.ToString();
email.To = new List <string>();
email.To.Add(UserBO.EmailAddress);
success = SendEmail(email, EmailCombinationEnum.InsertOrganization);
}
}
public string Generate()
{
// Pick random length between minimum and maximum
int pwdLength = GetCryptographicRandomNumber(this.Minimum, this.Maximum);
StringBuilder pwdBuffer = new StringBuilder();
pwdBuffer.Capacity = this.Maximum;
// Generate random characters
char lastCharacter, nextCharacter;
if (true == this.UseSymbols)
{
passwordArrary = new string(pwdCharArray) + SecurityAppSettings.GetStringValue(SecurityAppSettings.Key.Symbols);
pwdCharArray = passwordArrary.ToCharArray();
}
// Initial dummy character flag
lastCharacter = nextCharacter = '\n';
for (int i = 0; i < pwdLength; i++)
{
//nextCharacter = GetRandomCharacter(new string(pwdCharArray));
if (UseLowerCase && !lowerExists)//&& !lowerExists)
{
nextCharacter = GetRandomCharacter(lowercasealph);
lowerExists = true;
}
else if (UseUpperCase && !upperExists)
{
nextCharacter = GetRandomCharacter(uppercasealph);
upperExists = true;
}
else if (UseSymbols && !symbolExists)
{
nextCharacter = GetRandomCharacter(SecurityAppSettings.GetStringValue(SecurityAppSettings.Key.Symbols));
symbolExists = true;
}
else if (UseNumeric && !numericExists)
{
nextCharacter = GetRandomCharacter(numeric);
numericExists = true;
}
if (false == this.ConsecutiveCharacters)
{
while (lastCharacter == nextCharacter)
{
nextCharacter = GetRandomCharacter(new string(pwdCharArray));
}
}
if (false == this.RepeatCharacters)
{
string temp = pwdBuffer.ToString();
int duplicateIndex = temp.IndexOf(nextCharacter);
while (-1 != duplicateIndex)
{
nextCharacter = GetRandomCharacter(new string(pwdCharArray));
duplicateIndex = temp.IndexOf(nextCharacter);
}
}
if ((null != this.Exclusions))
{
while (-1 != this.Exclusions.IndexOf(nextCharacter))
{
nextCharacter = GetRandomCharacter(new string(pwdCharArray));
}
}
pwdBuffer.Append(nextCharacter);
lastCharacter = nextCharacter;
}
if (null != pwdBuffer)
{
return(pwdBuffer.ToString());
}
else
{
return(String.Empty);
}
}
private string ReadSalt()
{
return(SecurityAppSettings.GetStringValue(SecurityAppSettings.Key.KeyForUserPasswordSalt));
}
