/// <summary> /// Checks if the specified user is allowed to access this partition. /// </summary> /// <returns></returns> public static bool IsUserAccessAllowed(this ServerPartition partition, CustomPrincipal user) { Platform.CheckForNullReference(user, "user cannot be null"); // If user has the "access all" token, return true if (user.IsInRole(ClearCanvas.Enterprise.Common.AuthorityTokens.DataAccess.AllPartitions)) return true; // If user belongs to any data access authority group which can access the partition, return true var isAllowed = user.Credentials.DataAccessAuthorityGroups != null && user.Credentials.DataAccessAuthorityGroups.Any(g => partition.IsAuthorityGroupAllowed(g.ToString())); return isAllowed; }
public SessionInfo Login(string userName, string password, string appName) { if (string.IsNullOrEmpty(userName)) { throw new ArgumentException(SR.UserIDIsEmpty); } if (string.IsNullOrEmpty(password)) { throw new ArgumentException(SR.PasswordIsEmpty); } Platform.CheckForEmptyString(password, "password"); Platform.CheckForEmptyString(appName, "appName"); SessionInfo session = null; Platform.GetService( delegate(IAuthenticationService service) { try { var request = new InitiateSessionRequest(userName, appName, Dns.GetHostName(), password) { GetAuthorizations = true }; InitiateSessionResponse response = service.InitiateSession(request); if (response != null) { var credentials = new LoginCredentials { UserName = userName, DisplayName = response.DisplayName, SessionToken = response.SessionToken, Authorities = response.AuthorityTokens, DataAccessAuthorityGroups = response.DataGroupOids, EmailAddress = response.EmailAddress }; var user = new CustomPrincipal(new CustomIdentity(userName, response.DisplayName), credentials); Thread.CurrentPrincipal = user; session = new SessionInfo(user); session.User.WarningMessages = response.WarningMessages; // Note: need to insert into the cache before calling SessionInfo.Validate() SessionCache.Instance.AddSession(response.SessionToken.Id, session); session.Validate(); Platform.Log(LogLevel.Info, "{0} has successfully logged in.", userName); } } catch (FaultException <PasswordExpiredException> ex) { throw ex.Detail; } catch (FaultException <UserAccessDeniedException> ex) { throw ex.Detail; } catch (FaultException <RequestValidationException> ex) { throw ex.Detail; } } ); return(session); }
private static string GetDataAccessSubCriteriaCacheID(CustomPrincipal principal) { return DataAccessSubCriteriaPrefix + principal.SessionTokenId; }
public SessionInfo Login(string userName, string password, string appName) { if (string.IsNullOrEmpty(userName)) throw new ArgumentException(SR.UserIDIsEmpty); if (string.IsNullOrEmpty(password)) throw new ArgumentException(SR.PasswordIsEmpty); Platform.CheckForEmptyString(password, "password"); Platform.CheckForEmptyString(appName, "appName"); SessionInfo session = null; Platform.GetService( delegate(IAuthenticationService service) { try { var request = new InitiateSessionRequest(userName, appName, Dns.GetHostName(), password) { GetAuthorizations = true }; InitiateSessionResponse response = service.InitiateSession(request); if (response != null) { var credentials = new LoginCredentials { UserName = userName, DisplayName = response.DisplayName, SessionToken = response.SessionToken, Authorities = response.AuthorityTokens, DataAccessAuthorityGroups = response.DataGroupOids, EmailAddress = response.EmailAddress }; var user = new CustomPrincipal(new CustomIdentity(userName, response.DisplayName),credentials); Thread.CurrentPrincipal = user; session = new SessionInfo(user); session.User.WarningMessages = response.WarningMessages; // Note: need to insert into the cache before calling SessionInfo.Validate() SessionCache.Instance.AddSession(response.SessionToken.Id, session); session.Validate(); Platform.Log(LogLevel.Info, "{0} has successfully logged in.", userName); } } catch (FaultException<PasswordExpiredException> ex) { throw ex.Detail; } catch(FaultException<UserAccessDeniedException> ex) { throw ex.Detail; } catch (FaultException<RequestValidationException> ex) { throw ex.Detail; } } ); return session; }
public SessionInfo(CustomPrincipal user) { _user = user; }