public void RemoveAuthorizedUser(string name) { var usr = AuthorizedUsers.FirstOrDefault((m) => m.User.UserName == name); if (usr != null) { AuthorizedUsers.Remove(usr); } }
public AccessLevel Authorize(string objectType, ref DataFilter dataFilter) { List <Object> objects = new List <Object>(); //ISession session = null; try { //session = NHibernateSessionManager.Instance.GetSession( // _nhSettings["AppDataPath"], _nhSettings["Scope"]); //if (session != null) //{ if (_keyRing != null && _keyRing["UserName"] != null) { string userName = _keyRing["UserName"].ToString(); userName = userName.Substring(userName.IndexOf('\\') + 1).ToLower(); _logger.Debug("Authorizing user [" + userName + "]"); if (userName == "anonymous") { return(AccessLevel.Delete); } AuthorizedUsers authUsers = Utility.Read <AuthorizedUsers>(_authorizationPath, true); if (authUsers != null) { foreach (string authUser in authUsers) { if (authUser.ToLower() == userName) { return(AccessLevel.Delete); } } } } else { _logger.Error("KeyRing is empty."); return(AccessLevel.AccessDenied); } //} } finally { //if (session != null) // session.Close(); } return(AccessLevel.AccessDenied); }
public IActionResult Authorize(AuthorizationModel authorizationModel) { try { var client = new RestClient(authorizationServicePaths.ServiceUrl); var request = new RestRequest(authorizationServicePaths.Method, DataFormat.Json); request.AddJsonBody(authorizationModel); var response = client.Post(request); if (!response.IsSuccessful) { throw new Exception("Authorization service error. Please try letter"); } var authorizationResponse = JsonConvert.DeserializeObject <AuthorizationResponseModel>(response.Content); if (authorizationResponse == null) { throw new Exception("Authorization service messeging error. Please try letter"); } if (authorizationResponse.IsAuthorized) { UpdateUsers(); var loginedUser = AuthorizedUsers.FirstOrDefault(u => u.Login == authorizationModel.Login); if (loginedUser != null) { return(Ok(loginedUser)); } var user = new AuthorizedUser { Login = authorizationModel.Login, Token = Guid.NewGuid().ToString(), Role = authorizationResponse.Role, TokenExpirationTime = DateTime.UtcNow.AddMinutes(tokenLifetimeMinutes) }; AuthorizedUsers.Add(user); return(Ok(user)); } throw new Exception(authorizationResponse.IsKnownUser ? "Incorrect password. Please try again" : "Unknown user. Please change login and try again"); } catch (Exception exception) { return(BadRequest(exception)); } }
public IActionResult CheckToken(TokenModel tokenModel) { try { UpdateUsers(); return(Ok(AuthorizedUsers.Any(u => u.Token == tokenModel.Token))); } catch (Exception exception) { return(BadRequest(exception)); } }
/// <summary> ///为文件夹添加users,IIS_IUSRS用户组的完全控制权限 /// </summary> /// <param name="dirPath"></param> public static void AddSecurityControll2Folder(string dirPath, AuthorizedUsers user) { //获取文件夹信息 DirectoryInfo dir = new DirectoryInfo(dirPath); //获得该文件夹的所有访问权限 System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All); //设定文件ACL继承 InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit; //添加IIS_IUSRS用户组的访问权限规则 完全控制权限 FileSystemAccessRule fileSystemAccessRule = new FileSystemAccessRule(EnumHelper.GetDescription(user), FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow); bool isModified = false; dirSecurity.ModifyAccessRule(AccessControlModification.Add, fileSystemAccessRule, out isModified); //设置访问权限 dir.SetAccessControl(dirSecurity); }
public void AddAuthorizedUser(ApplicationUser user, WallAccessPermissionLevels level) { var usr = AuthorizedUsers.FirstOrDefault((m) => m.User.UserName == user.UserName); if (usr != null) { usr.PermissionLevel = level; } else { AuthorizedUsers.Add(new WallUserReferenceModel() { PermissionLevel = level, User = user }); } }
public IActionResult GetFacultyStatistics() { try { return(Ok(new HomeDataModel { CurrentOnline = AuthorizedUsers.Count(), FacultyStatistics = FactoryConcentrator.StudentAttendanceFactory.GetStatisticsByFaculties( CurrentLanguage, DateTime.Today.AddDays(-30), DateTime.Today) })); } catch (Exception exception) { return(BadRequest(exception)); } }
public static User FromEntities(this AuthorizedUsers User) { return(User == null ? null : new User { Id = User.UserId, Username = User.UserName, Name = User.UserName, Email = User.Email, Division = User.Division, GroupContact = new GroupContact { Code = User.ReferTo }, CanAddTicketComments = User.AddComments == "Y", CanAssignTicket = User.AllowAssignTo == "Y", CanAccessAdmin = User.AllowSecurity == "Y", CanCloseTicket = User.AllowCloseTicket == "Y", CanSearchTickets = User.AllowSearchTickets == "Y", CanViewUnassigned = User.AllowViewUnassigned == "Y", GetsNotificationOnAssignment = User.NotifyWhenAssigned == "Y", DaysReminderNotification = User.ReminderDelayDays, CanViewOnlyDeptTickets = User.AllowOnlyDeptTickets == "Y" }); }
private Result Delete(AuthorizedUsers user) { var result = new Result(); try { if (string.IsNullOrEmpty(user.UserId)) { throw new Exception("UserId is required to delete."); } cusRelContext.Entry(user).State = EntityState.Deleted; var count = SaveChanges(); if (count > 0) { result.SetOK(); } } catch (Exception e) { result.SetFail(e); } return(result); }
public async Task <IHttpActionResult> RegisterExternal([FromBody] RegisterExternalBindingModel model) { try { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken); if (verifiedAccessToken == null) { return(BadRequest("Invalid Provider or External Access Token")); } var user = await AuthenticationRepository.FindAsync(new UserLoginInfo(model.Provider, verifiedAccessToken.UserId)); var hasRegistered = user != null; if (hasRegistered) { return(BadRequest("External user is already registered")); } var alias = model.Alias.Replace(" ", string.Empty); user = new IdentityUser { UserName = model.Email, Email = model.Email }; var result = await AuthenticationRepository.CreateAsync(user); if (!result.Succeeded) { return(GetErrorResult(result)); } var newAlias = alias; if (DataRepository.Find <Member>(m => m.Alias == alias) != null) { newAlias = newAlias + model.Email.GetHashCode(); } var info = new ExternalLoginInfo { DefaultUserName = newAlias, Email = model.Email, Login = new UserLoginInfo(model.Provider, model.ExternalAccessToken) }; result = await AuthenticationRepository.AddLoginAsync(user.Id, info.Login); if (!result.Succeeded) { return(GetErrorResult(result)); } var member = CreateNewMember(model, newAlias, user); lock (LockObject) { if (!AuthorizedUsers.ContainsKey(model.ExternalAccessToken)) { AuthorizedUsers.Add(model.ExternalAccessToken, user); } } var memberResult = new Result <Member> { Data = member }; return(Ok(memberResult)); } catch (Exception ex) { Log.Error(ex); return(BadRequest("Internal Failure")); } }
internal static bool IsAuthorized(IIdentity user) { var externalLogin = ExternalLoginData.FromIdentity(user as ClaimsIdentity); return(externalLogin != null && AuthorizedUsers.ContainsKey(externalLogin.ProviderKey)); }
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null) { try { var redirectUri = ""; if (error != null) { if (error == "access_denied") { return(Redirect(RedirectUrl)); } return(BadRequest(Uri.EscapeDataString(error))); } if (!User.Identity.IsAuthenticated) { return(new ChallengeResult(provider, this)); } var token = ValidateClientAndRedirectUri(ref redirectUri); if (string.IsNullOrWhiteSpace(token)) { return(BadRequest(token)); } var externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity); if (externalLogin == null) { return(InternalServerError()); } if (externalLogin.LoginProvider != provider) { Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie); return(new ChallengeResult(provider, this)); } var member = new Member(); var user = await AuthenticationRepository.FindAsync(new UserLoginInfo(externalLogin.LoginProvider, externalLogin.ProviderKey)); if (user != null) { member = DataRepository.Queryable <Member>().FirstOrDefault(x => x.AspNetUserId == user.Id); if (member == null || member.Id == Constants.NotFound) { member = new Member { Email = externalLogin.EmailAddress, PlainName = externalLogin.UserName }; } lock (LockObject) { if (!AuthorizedUsers.ContainsKey(externalLogin.ProviderKey)) { AuthorizedUsers.Add(externalLogin.ProviderKey, user); } } var verifiedAccessToken = await VerifyExternalAccessToken(provider, externalLogin.ProviderKey); if (verifiedAccessToken == null) { return(BadRequest("Invalid Provider or External Access Token")); } var currentUtc = new SystemClock().UtcNow; var expiresUtc = currentUtc.Add(TimeSpan.FromHours(3.0)); Authentication.SignIn( new AuthenticationProperties() { AllowRefresh = true, ExpiresUtc = expiresUtc, IssuedUtc = currentUtc, IsPersistent = true }, User.Identity as ClaimsIdentity); } else { member.Alias = externalLogin.UserName; member.Email = externalLogin.EmailAddress ?? Constants.NotSet; member.PlainName = externalLogin.UserName; } member.ProviderKey = externalLogin.ProviderKey; lock (LockObject) { if (!AuthenticatedMembers.ContainsKey(token)) { AuthenticatedMembers.Add(token, member); } } if (string.IsNullOrEmpty(redirectUri)) { return(Ok(member)); } return(Redirect(redirectUri)); } catch (Exception ex) { Log.Error(ex); var result = new Result <bool>(); result.Status.Code = Controller.StatusCode.NotAuthorized; return(Ok(result)); } }
// ============================================================= #region Save Entities public int AddOrUpdateUser(AuthorizedUsers User) { context.AuthorizedUsers.AddOrUpdate(User); return(SaveChanges()); }