public static bool IsInRole(WindowsBuiltInRole Role)
{
WindowsIdentity Ident = WindowsIdentity.GetCurrent();
WindowsPrincipal Principal = new WindowsPrincipal(Ident);
return(Principal.IsInRole(Role));
}
private bool IsInRole(CachedResult cachedResult, WindowsBuiltInRole role, DateTime SystemTimeUtcNow,
Action <string> logDebug, bool isOAuthNull, bool isGlobalAdmin, Action <string, Exception> logWarnException)
{
try
{
var authorizationGroups = cachedResult.AuthorizationGroups.Value;
switch (role)
{
case WindowsBuiltInRole.Administrator:
return(IsAdministratorNoCache(authorizationGroups));
case WindowsBuiltInRole.BackupOperator:
return(IsBackupOperatorNoCache(authorizationGroups));
default:
throw new NotSupportedException(role.ToString());
}
}
catch (Exception e)
{
logWarnException("Could not determine whatever user is admin or not, assuming not", e);
return(false);
}
}
public bool UserInSystemRole(WindowsBuiltInRole role)
{
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
return(principal.IsInRole(role));
}
public static bool IsInRole(this IPrincipal principal, AnonymousUserAccessMode mode, WindowsBuiltInRole role)
{
if (principal == null || principal.Identity == null | principal.Identity.IsAuthenticated == false)
{
if (mode == AnonymousUserAccessMode.Admin)
return true;
return false;
}
var databaseAccessPrincipal = principal as PrincipalWithDatabaseAccess;
var windowsPrincipal = databaseAccessPrincipal == null ? principal as WindowsPrincipal : databaseAccessPrincipal.Principal;
if (windowsPrincipal != null)
{
var current = WindowsIdentity.GetCurrent();
var windowsIdentity = ((WindowsIdentity)windowsPrincipal.Identity);
// if the request was made using the same user as RavenDB is running as,
// we consider this to be an administrator request
if (current != null && current.User == windowsIdentity.User)
return true;
if (windowsPrincipal.IsInRole(role))
return true;
if (windowsIdentity.User == null)
return false; // we aren't sure who this use is, probably anonymous?
// we still need to make this check, to by pass UAC non elevated admin issue
return cachingRoleFinder.IsInRole(windowsIdentity, role);
}
return principal.IsInRole(WindowsBuiltInRoleToGroupConverter(role));
}
static bool requestedExecutionLevel(WindowsBuiltInRole role)
{
using (var identity = WindowsIdentity.GetCurrent()) {
var principal = new WindowsPrincipal(identity);
return(principal.IsInRole(role));
}
}
public virtual bool IsInRole(WindowsBuiltInRole role)
{
if ((role < WindowsBuiltInRole.Administrator) || (role > WindowsBuiltInRole.Replicator))
{
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", new object[] { (int)role }), "role");
}
return(this.IsInRole((int)role));
}
public virtual bool IsInRole(WindowsBuiltInRole role)
{
if ((role < WindowsBuiltInRole.Administrator) || (role > WindowsBuiltInRole.Replicator))
{
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", new object[] { (int) role }), "role");
}
return this.IsInRole((int) role);
}
/// <summary>
/// Determines whether the current user belongs to the specified role.
/// </summary>
/// <param name="role">The role for which to check membership.</param>
/// <returns>
/// <c>true</c> if the current user is a member of the specified role; otherwise, <c>false</c>.
/// </returns>
public bool IsInRole(WindowsBuiltInRole role)
{
if (IsWindowsPrincipal)
{
return(((WindowsPrincipal)Thread.CurrentPrincipal).IsInRole(role));
}
return(Thread.CurrentPrincipal.IsInRole(role.ToString()));
}
internal bool IsInRole(WindowsBuiltInRole role)
{
if (this.windowsIdentity != null)
{
WindowsPrincipal principal = new WindowsPrincipal(this.windowsIdentity);
return(principal.IsInRole(role));
}
return(false);
}
internal bool IsInRole(WindowsBuiltInRole role)
{
if (this.windowsIdentity != null)
{
WindowsPrincipal principal = new WindowsPrincipal(this.windowsIdentity);
return principal.IsInRole(role);
}
return false;
}
public virtual bool IsInRole(WindowsBuiltInRole role)
{
if (role < WindowsBuiltInRole.Administrator || role > WindowsBuiltInRole.Replicator)
{
throw new ArgumentException(SR.Format(SR.Arg_EnumIllegalVal, (int)role), nameof(role));
}
return(IsInRole((int)role));
}
public virtual bool IsInRole(WindowsBuiltInRole role)
{
if (role < WindowsBuiltInRole.Administrator || role > WindowsBuiltInRole.Replicator)
{
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)role), "role");
}
Contract.EndContractBlock();
return(IsInRole((int)role));
}
public static bool IsInRole(WindowsBuiltInRole role) {
try {
var user = WindowsIdentity.GetCurrent();
var principal = new WindowsPrincipal(user);
return principal.IsInRole(role);
}
catch (Exception) {
return false;
}
}
/// <summary>
/// Asserts that the current windows identity is in <param name="role"/>.
/// </summary>
public static void WindowsIsInRole(WindowsBuiltInRole role)
{
WindowsPrincipal principal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
Assert.IsTrue(
principal.IsInRole(WindowsBuiltInRole.Administrator),
"User {0} is not in role {0}",
principal.Identity.Name,
role
);
}
internal void VerifySessionIsElevated()
{
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal securityPrincipal = new WindowsPrincipal(identity);
WindowsBuiltInRole Admin = WindowsBuiltInRole.Administrator;
if (securityPrincipal.IsInRole(Admin) == false)
{
throw new RemoteAppServiceException("This cmdlet must be run in an elevated Powershell session", ErrorCategory.InvalidOperation);
}
}
private static string WindowsBuiltInRoleToGroupConverter(WindowsBuiltInRole role)
{
switch (role)
{
case WindowsBuiltInRole.Administrator:
return "Administrators";
case WindowsBuiltInRole.BackupOperator:
return "BackupOperators";
default:
throw new NotSupportedException(role.ToString());
}
}
public bool IsInRole(WindowsIdentity windowsIdentity, WindowsBuiltInRole role)
{
CachedResult value;
if (cache.TryGetValue(windowsIdentity.User, out value) && (SystemTime.UtcNow - value.Timestamp) <= maxDuration)
{
Interlocked.Increment(ref value.Usage);
return(IsInRole(value, role));
}
var cachedResult = new CachedResult
{
Usage = value == null ? 1 : value.Usage + 1,
AuthorizationGroups = new Lazy <IList <Principal> >(() => GetUserAuthorizationGroups(windowsIdentity.Name)),
Timestamp = SystemTime.UtcNow
};
cache.AddOrUpdate(windowsIdentity.User, cachedResult, (_, __) => cachedResult);
if (cache.Count > CacheMaxSize)
{
foreach (var source in cache
.Where(x => (SystemTime.UtcNow - x.Value.Timestamp) > maxDuration))
{
CachedResult ignored;
cache.TryRemove(source.Key, out ignored);
if (log.IsDebugEnabled)
{
log.Debug("Removing expired {0} from cache", source.Key);
}
}
if (cache.Count > CacheMaxSize)
{
foreach (var source in cache
.OrderByDescending(x => x.Value.Usage)
.ThenBy(x => x.Value.Timestamp)
.Skip(CacheMaxSize))
{
if (source.Key == windowsIdentity.User)
{
continue; // we don't want to remove the one we just added
}
CachedResult ignored;
cache.TryRemove(source.Key, out ignored);
if (log.IsDebugEnabled)
{
log.Debug("Removing least used {0} from cache", source.Key);
}
}
}
}
return(IsInRole(cachedResult, role));
}
public bool IsInRole(BuiltInRole role)
{
ValidateBuiltInRoleEnumValue(role, "role");
TypeConverter converter = TypeDescriptor.GetConverter(typeof(BuiltInRole));
if (this.IsWindowsPrincipal())
{
WindowsBuiltInRole role2 = (WindowsBuiltInRole)converter.ConvertTo(role, typeof(WindowsBuiltInRole));
return(((WindowsPrincipal)this.InternalPrincipal).IsInRole(role2));
}
return(this.InternalPrincipal.IsInRole(converter.ConvertToString(role)));
}
public static bool HasRole(WindowsBuiltInRole role)
{
bool isElevated;
using (var identity = WindowsIdentity.GetCurrent())
{
var principal = new WindowsPrincipal(identity);
isElevated = principal.IsInRole(role);
}
return(isElevated);
}
/// <summary>
/// Internal overload of IsInRole() taking a WindowsBuiltInRole enum value
/// </summary>
internal bool IsInRole(WindowsBuiltInRole role)
{
if (null != WindowsIdentity)
{
// Get Windows Principal for this identity
WindowsPrincipal windowsPrincipal = new WindowsPrincipal(WindowsIdentity);
return(windowsPrincipal.IsInRole(role));
}
else
{
return(false);
}
}
public bool IsInRole(WindowsIdentity windowsIdentity, WindowsBuiltInRole role, DateTime SystemTimeUtcNow,
Action <string> logDebug, bool isOAuthNull, bool isGlobalAdmin, Action <string, Exception> logWarnException)
{
CachedResult value;
if (cache.TryGetValue(windowsIdentity.User, out value) && (SystemTimeUtcNow - value.Timestamp) <= maxDuration)
{
Interlocked.Increment(ref value.Usage);
return(IsInRole(value, role, SystemTimeUtcNow, logDebug, isOAuthNull, isGlobalAdmin, logWarnException));
}
var cachedResult = new CachedResult
{
Usage = value == null ? 1 : value.Usage + 1,
AuthorizationGroups = new Lazy <IList <Principal> >(() => GetUserAuthorizationGroups(windowsIdentity.Name)),
Timestamp = SystemTimeUtcNow
};
cache.AddOrUpdate(windowsIdentity.User, cachedResult, (_, __) => cachedResult);
if (cache.Count > CacheMaxSize)
{
foreach (var source in cache
.Where(x => (SystemTimeUtcNow - x.Value.Timestamp) > maxDuration))
{
CachedResult ignored;
cache.TryRemove(source.Key, out ignored);
string exceptionString = String.Format("Removing expired {0} from cache", source.Key);
logDebug(exceptionString);
}
if (cache.Count > CacheMaxSize)
{
foreach (var source in cache
.OrderByDescending(x => x.Value.Usage)
.ThenBy(x => x.Value.Timestamp)
.Skip(CacheMaxSize))
{
if (source.Key == windowsIdentity.User)
{
continue; // we don't want to remove the one we just added
}
CachedResult ignored;
cache.TryRemove(source.Key, out ignored);
string exceptionString = String.Format("Removing expired {0} from cache", source.Key);
logDebug(exceptionString);
}
}
}
return(IsInRole(cachedResult, role, SystemTimeUtcNow,
logDebug, isOAuthNull, isGlobalAdmin, logWarnException));
}
public bool IsInRole(WindowsIdentity windowsIdentity, WindowsBuiltInRole role)
{
if (EnvironmentUtils.RunningOnPosix == false)
{
return(cachingRoleFinder.IsInRole(windowsIdentity, role, SystemTime.UtcNow, s => log.Debug(s),
false,
false,
log.WarnException));
}
else
{
throw new FeatureNotSupportedOnPosixException("IsInRole is not supported when running on posix");
}
}
private static string WindowsBuiltInRoleToGroupConverter(WindowsBuiltInRole role)
{
switch (role)
{
case WindowsBuiltInRole.Administrator:
return("Administrators");
case WindowsBuiltInRole.BackupOperator:
return("BackupOperators");
default:
throw new NotSupportedException(role.ToString());
}
}
/// <summary>Determines whether the current principal belongs to the Windows user group with the specified <see cref="T:System.Security.Principal.WindowsBuiltInRole" />.</summary>
/// <returns>true if the current principal is a member of the specified Windows user group; otherwise, false.</returns>
/// <param name="role">One of the <see cref="T:System.Security.Principal.WindowsBuiltInRole" /> values. </param>
/// <exception cref="T:System.ArgumentException">
/// <paramref name="role" /> is not a valid <see cref="T:System.Security.Principal.WindowsBuiltInRole" /> value.</exception>
/// <PermissionSet>
/// <IPermission class="System.Security.Permissions.ReflectionPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="MemberAccess" />
/// </PermissionSet>
public virtual bool IsInRole(WindowsBuiltInRole role)
{
if (!WindowsPrincipal.IsPosix)
{
return(this.IsInRole((int)role));
}
if (role != WindowsBuiltInRole.Administrator)
{
return(false);
}
string role2 = "root";
return(this.IsInRole(role2));
}
public ObservatoryIdentity(string UserName, string Password)
{
if (IsValidNameAndPassword(UserName, Password))
{
_nameValue = UserName;
_authenticatedValue = true;
_roleValue = WindowsBuiltInRole.Administrator;
}
else
{
_nameValue = "";
_authenticatedValue = false;
_roleValue = WindowsBuiltInRole.Guest;
}
}
public bool IsUserInRole(string username, WindowsBuiltInRole role)
{
if (username == null)
{
throw new ArgumentNullException("username");
}
username = username.Trim();
WindowsIdentity currentWindowsIdentityAndCheckName = this.GetCurrentWindowsIdentityAndCheckName(username);
if (username.Length < 1)
{
return(false);
}
WindowsPrincipal principal = new WindowsPrincipal(currentWindowsIdentityAndCheckName);
return(principal.IsInRole(role));
}
/// <summary>
/// Verify that current user connected with process is in specified role
/// </summary>
/// <param name="windowsRoleToCheck">Windows role to check</param>
/// <returns>Returns true if user is in role</returns>
public static bool CurrentUserInRole(WindowsBuiltInRole windowsRoleToCheck)
{
//Recupero l'identità dell'utente corrente
WindowsIdentity identity = WindowsIdentity.GetCurrent();
//Se l'oggetto è nullo, emetto eccezione
if (identity == null)
{
throw new NullReferenceException("Unable to identify current Windows identity.");
}
//Recupero l'istanza del principal
var principal = new WindowsPrincipal(identity);
//Ritorno la verifica dell'utente corrente sul ruolo
return(principal.IsInRole(windowsRoleToCheck));
}
/// <summary>
/// Determine whether or not an account is in a system role
/// </summary>
/// <param name="strAccountName">Account name to check</param>
/// <param name="identity">Windows identity to check against</param>
/// <returns></returns>
protected bool IsInSystemRole(string strAccountName, WindowsIdentity identity)
{
// Create Windows Principle
WindowsPrincipal principal = new WindowsPrincipal(identity);
strAccountName = (strAccountName.Split('\\').Length > 1) ? strAccountName.Split('\\')[1] : strAccountName;
strAccountName = (strAccountName.Split('/').Length > 1) ? strAccountName.Split('/')[1] : strAccountName;
strAccountName = strAccountName.Trim();
WindowsBuiltInRole role = strAccountName == "Administrator" || strAccountName == "Administrators" ? WindowsBuiltInRole.Administrator : WindowsBuiltInRole.Guest;
role = strAccountName == "User" || strAccountName == "Users" ? WindowsBuiltInRole.User : role;
// Check User Belongs To Role
bool boolIsInRole = principal.IsInRole(role);
return(boolIsInRole);
}
public static bool VerifyWindowsUserForRole(string nodeName,string userName, string password,WindowsBuiltInRole role)
{
bool isAdministrator = false;
IntPtr token;
try
{
LogonUser(userName, nodeName, password, 3, 0, out token);
WindowsIdentity identity = new WindowsIdentity(token);
WindowsPrincipal principal = new WindowsPrincipal(identity);
if (principal.IsInRole(role))
{
isAdministrator = true;
}
}
catch (Exception ex)
{
}
return isAdministrator;
}
public virtual bool IsInRole(WindowsBuiltInRole role)
{
if (Environment.IsUnix)
{
// right now we only map Administrator == root
string group = null;
switch (role)
{
case WindowsBuiltInRole.Administrator:
group = "root";
break;
default:
return(false);
}
return(IsInRole(group));
}
else
{
return(IsInRole((int)role));
}
}
public static bool IsUserRole(WindowsBuiltInRole WBIRole = WindowsBuiltInRole.Administrator, bool bShowExceptionMessage = true)
{
bool bIsAdmin = false;
try
{
WindowsIdentity WIdentity = WindowsIdentity.GetCurrent();
WindowsPrincipal WPrincipal = new WindowsPrincipal(WIdentity);
bIsAdmin = WPrincipal.IsInRole(WBIRole);
}
catch
{
bIsAdmin = false;
}
if (!bShowExceptionMessage)
{
MessageBox.Show("You do not have sufficient permissions to run this program, it might not work, try to run it as Administartor !");
}
return(bIsAdmin);
}
private bool IsInRole(CachedResult cachedResult, WindowsBuiltInRole role)
{
try
{
var authorizationGroups = cachedResult.AuthorizationGroups.Value;
switch (role)
{
case WindowsBuiltInRole.Administrator:
return(IsAdministratorNoCache(authorizationGroups));
case WindowsBuiltInRole.BackupOperator:
return(IsBackupOperatorNoCache(authorizationGroups));
default:
throw new NotSupportedException(role.ToString());
}
}
catch (Exception e)
{
log.WarnException("Could not determine whatever user is admin or not, assuming not", e);
return(false);
}
}
public static Boolean IsWho(WindowsBuiltInRole role)
{
bool isWho;
try
{
//get the currently logged in user
WindowsIdentity user = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(user);
Log.WriteLine(user.Name);
isWho = principal.IsInRole(role);
}
catch (UnauthorizedAccessException ex)
{
isWho = false;
Log.WriteLine("UnauthorizedAccessException:" + ex.Message);
}
catch (Exception ex)
{
isWho = false;
Log.WriteLine("Exception:" + ex.Message);
}
return(isWho);
}
/// <summary>
/// Asserts that the current windows identity is in <param name="role"/>.
/// </summary>
public static void WindowsIsInRole(WindowsBuiltInRole role)
{
WindowsPrincipal principal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
Assert.IsTrue(
principal.IsInRole(WindowsBuiltInRole.Administrator),
"User {0} is not in role {0}",
principal.Identity.Name,
role
);
}
public virtual bool IsInRole(WindowsBuiltInRole role)
{
}
public virtual bool IsInRole(WindowsBuiltInRole role)
{
if (role < WindowsBuiltInRole.Administrator || role > WindowsBuiltInRole.Replicator)
throw new ArgumentException(SR.Format(SR.Arg_EnumIllegalVal, (int)role), "role");
Contract.EndContractBlock();
return IsInRole((int)role);
}
public bool IsInRole(WindowsIdentity windowsIdentity, WindowsBuiltInRole role)
{
CachedResult value;
if (cache.TryGetValue(windowsIdentity.User, out value) && (SystemTime.UtcNow - value.Timestamp) <= maxDuration)
{
Interlocked.Increment(ref value.Usage);
return IsInRole(value, role);
}
var cachedResult = new CachedResult
{
Usage = value == null ? 1 : value.Usage + 1,
AuthorizationGroups = new Lazy<IList<Principal>>(() => GetUserAuthorizationGroups(windowsIdentity.Name)),
Timestamp = SystemTime.UtcNow
};
cache.AddOrUpdate(windowsIdentity.User, cachedResult, (_, __) => cachedResult);
if (cache.Count > CacheMaxSize)
{
foreach (var source in cache
.Where(x => (SystemTime.UtcNow - x.Value.Timestamp) > maxDuration))
{
CachedResult ignored;
cache.TryRemove(source.Key, out ignored);
log.Debug("Removing expired {0} from cache", source.Key);
}
if (cache.Count > CacheMaxSize)
{
foreach (var source in cache
.OrderByDescending(x => x.Value.Usage)
.ThenBy(x => x.Value.Timestamp)
.Skip(CacheMaxSize))
{
if (source.Key == windowsIdentity.User)
continue; // we don't want to remove the one we just added
CachedResult ignored;
cache.TryRemove(source.Key, out ignored);
log.Debug("Removing least used {0} from cache", source.Key);
}
}
}
return IsInRole(cachedResult, role);
}
private bool IsInRole(CachedResult cachedResult, WindowsBuiltInRole role)
{
try
{
var authorizationGroups = cachedResult.AuthorizationGroups.Value;
switch (role)
{
case WindowsBuiltInRole.Administrator:
return IsAdministratorNoCache(authorizationGroups);
case WindowsBuiltInRole.BackupOperator:
return IsBackupOperatorNoCache(authorizationGroups);
default:
throw new NotSupportedException(role.ToString());
}
}
catch (Exception e)
{
log.WarnException("Could not determine whatever user is admin or not, assuming not", e);
return false;
}
}
/// <summary>
/// Internal overload of IsInRole() taking a WindowsBuiltInRole enum value
/// </summary>
internal bool IsInRole(WindowsBuiltInRole role)
{
if (null != WindowsIdentity)
{
// Get Windows Principal for this identity
WindowsPrincipal windowsPrincipal = new WindowsPrincipal(WindowsIdentity);
return windowsPrincipal.IsInRole(role);
}
else
{
return false;
}
}
public bool IsInRole (WindowsBuiltInRole role) {
return default(bool);
}
public virtual bool IsInRole (WindowsBuiltInRole role)
{
if (Environment.IsUnix) {
// right now we only map Administrator == root
string group = null;
switch (role) {
case WindowsBuiltInRole.Administrator:
group = "root";
break;
default:
return false;
}
return IsInRole (group);
}
else {
return IsInRole ((int) role);
}
}
public virtual bool IsInRole(WindowsBuiltInRole role)
{
return false;
}
public virtual new bool IsInRole(WindowsBuiltInRole role)
{
return default(bool);
}
internal bool IsInRole(WindowsBuiltInRole role) => this.windowsIdentity != null && new WindowsPrincipal(this.windowsIdentity).IsInRole(role);
public virtual bool IsInRole (WindowsBuiltInRole role) {
if (role < WindowsBuiltInRole.Administrator || role > WindowsBuiltInRole.Replicator)
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)role), "role");
Contract.EndContractBlock();
return IsInRole((int) role);
}
public static bool IsInRole(this IPrincipal principal, AnonymousUserAccessMode mode, WindowsBuiltInRole role)
{
if (principal == null || principal.Identity == null || principal.Identity.IsAuthenticated == false)
{
if (mode == AnonymousUserAccessMode.Admin)
{
return(true);
}
return(false);
}
var databaseAccessPrincipal = principal as PrincipalWithDatabaseAccess;
var windowsPrincipal = databaseAccessPrincipal == null ? principal as WindowsPrincipal : databaseAccessPrincipal.Principal;
if (windowsPrincipal != null)
{
var current = WindowsIdentity.GetCurrent();
var windowsIdentity = ((WindowsIdentity)windowsPrincipal.Identity);
// if the request was made using the same user as RavenDB is running as,
// we consider this to be an administrator request
if (current != null && current.User == windowsIdentity.User)
{
return(true);
}
if (windowsPrincipal.IsInRole(role))
{
return(true);
}
if (windowsIdentity.User == null)
{
return(false); // we aren't sure who this user is, probably anonymous?
}
// we still need to make this check, to by pass UAC non elevated admin issue
return(cachingRoleFinder.IsInRole(windowsIdentity, role));
}
var oauthPrincipal = principal as OAuthPrincipal;
if (oauthPrincipal != null)
{
if (role != WindowsBuiltInRole.Administrator)
{
return(false);
}
return(oauthPrincipal.IsGlobalAdmin());
}
var oneTimeTokenPrincipal = principal as OneTimeTokenPrincipal;
return(oneTimeTokenPrincipal != null && oneTimeTokenPrincipal.IsAdministratorInAnonymouseMode);
}
/// <summary>
/// Determines whether the specified user is in a given role
/// </summary>
/// <param name="username">The username.</param>
/// <param name="password">The password.</param>
/// <param name="role">The role.</param>
/// <param name="remoteComputer">Can be used to execute on a remote computer.</param>
/// <returns></returns>
public static bool IsInRole(string username = null, string password = null, WindowsBuiltInRole role = WindowsBuiltInRole.Administrator, string remoteComputer = null)
{
WindowsIdentity identity;
if (!string.IsNullOrWhiteSpace(username) && !string.IsNullOrWhiteSpace(password))
{
var token = Login(username, password, remoteComputer);
if (token == IntPtr.Zero) return false; //login failed
identity = new WindowsIdentity(token);
using (identity.Impersonate())
{
var p = new WindowsPrincipal(identity);
return p.IsInRole(role);
}
}
identity = WindowsIdentity.GetCurrent();
if (identity == null) throw new NullReferenceException("Current Windows Identity is Null");
WindowsPrincipal principal = new WindowsPrincipal(identity);
return principal.IsInRole(role);
}
public virtual bool IsInRole(WindowsBuiltInRole role);
/// <summary>
/// Determines whether the current user belongs to the specified role.
/// </summary>
/// <param name="role">The role for which to check membership.</param>
/// <returns>
/// <c>true</c> if the current user is a member of the specified role; otherwise, <c>false</c>.
/// </returns>
public bool IsInRole(WindowsBuiltInRole role)
{
if (IsWindowsPrincipal)
return ((WindowsPrincipal)Thread.CurrentPrincipal).IsInRole(role);
return Thread.CurrentPrincipal.IsInRole(role.ToString());
}
