/// <summary>
/// Returns the TMS Permission of the user with the supplied WindowsIdentity
/// </summary>
/// <param name="windowsIdentity">The WindowsIdentity for the user which will either come from System.Security.Principal or System.ServiceModel.ServiceSecurityContext.Current</param>
/// <returns>User Access Permission for the specified User</returns>
public static Enumerations.PermissionType UserAccessPermission(WindowsIdentity windowsIdentity)
{
Enumerations.PermissionType userAccessPermission = Enumerations.PermissionType.None;
// A Chassis User Permission Override does not exist
string userName = windowsIdentity.Name;
int backslashPos = userName.LastIndexOf(@"\");
string simpleUserName = backslashPos == -1 ? userName : userName.Substring(backslashPos + 1);
// For speed, cache the User's Group membership
Collections.CaseIgnoringSortedSetType userNetworkGroupCollection = UserAccessDetail.NetworkGroupsForUserName(simpleUserName);
// Determine which Group of which the User is a member starting with the lowest Permission
if (userNetworkGroupCollection.Contains(TmsPermissionNetworkGroupName[Enumerations.PermissionType.Read]))
{
userAccessPermission = Enumerations.PermissionType.Read;
}
else if (
userNetworkGroupCollection.Contains(
TmsPermissionNetworkGroupName[Enumerations.PermissionType.Full]))
{
userAccessPermission = Enumerations.PermissionType.Full;
}
// A Chassis User Permission Override does not exist
return(userAccessPermission);
}
/// <summary>
/// Determine whether the specified Network User is a member of the specified Network Group
/// </summary>
/// <param name="userSAMAccountName">The simple name (SAM Account Name) e.g. "corc1", of the User</param>
/// <param name="groupCommonName">The Common Name of the Group</param>
/// <returns>Whether the User is (true) or is not (false) a member of the specified Network Group</returns>
internal bool UserIsNetworkGroupMember(string userSAMAccountName, string groupCommonName)
{
bool userIsNetworkGroupMember = false;
if (_DefaultNamingContext != null)
{
// There is a Default Naming Context
try
{
// Get the Group's Distinguished Name
string groupDistinguishedName = DistinguishedNameFromCommonName(groupCommonName);
if (groupDistinguishedName != null)
{
// Got Group Distinguished Name
string userDistinguishedName = DistinguishedNameFromSAMAccountName(userSAMAccountName);
Collections.CaseIgnoringSortedSetType userGroupDistinguishedNameCollection = NetworkGroupsForUser(LdapObjectPath(userDistinguishedName), true);
if (userGroupDistinguishedNameCollection != null)
{
// Search returned a result
userIsNetworkGroupMember = userGroupDistinguishedNameCollection.Contains(groupDistinguishedName);
} // Search returned a result
} // Got Group Distinguished Name
}
catch (Exception eek)
{
}
} // There is a Default Naming Context
return(userIsNetworkGroupMember);
}
/// <summary>
/// Produce the possible multiple values of the specified Attribute for the supplied object
/// without performing recursion
/// </summary>
/// <param name="attributeName">The name of the Attribute</param>
/// <param name="objectEntry">The Directory Entry for the Object</param>
/// <param name="valuesCollection">A Collection of values of the specified Attribute</param>
/// <param name="recursive">Whether the search should be recursive or not</param>
/// <returns>A Collection of Values for the specified Attribute</returns>
private Collections.CaseIgnoringSortedSetType AttributeValuesMultiString(string attributeName, DirectoryEntry objectEntry, Collections.CaseIgnoringSortedSetType valuesCollection, bool recursive)
{
PropertyValueCollection ValueCollection = objectEntry.Properties[attributeName];
IEnumerator enumerator = ValueCollection.GetEnumerator();
while (enumerator.MoveNext())
{
if (enumerator.Current != null)
{
if (!valuesCollection.Contains(enumerator.Current.ToString()))
{
valuesCollection.Add(enumerator.Current.ToString());
if (recursive)
{
AttributeValuesMultiString(attributeName, LdapPrefix + enumerator.Current.ToString(), valuesCollection, true);
}
}
}
}
return(valuesCollection);
}
