public AuthorizationServices(int userId, string requiredRight) { _userServices = new UserServices(); _cloneDeployUser = _userServices.GetUser(userId); _currentUserRights = _userServices.GetUserRights(userId).Select(right => right.Right).ToList(); _requiredRight = requiredRight; }
public ActionResultDTO UpdateUser(CloneDeployUserEntity user) { var u = GetUser(user.Id); if (u == null) { return new ActionResultDTO { ErrorMessage = "User Not Found", Id = 0 } } ; var validationResult = ValidateUser(user, false); var actionResult = new ActionResultDTO(); if (validationResult.Success) { _uow.UserRepository.Update(user, user.Id); _uow.Save(); actionResult.Success = true; actionResult.Id = user.Id; } else { actionResult.ErrorMessage = validationResult.ErrorMessage; } return(actionResult); }
public ActionResultDTO ChangePassword(CloneDeployUserEntity user) { user.Id = _userId; var result = _userServices.UpdateUser(user); if (result == null) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound)); } return(result); }
protected void btnSubmit_Click(object sender, EventArgs e) { if (!chkldap.Checked) { if (txtUserPwd.Text != txtUserPwdConfirm.Text) { EndUserMessage = "Passwords Did Not Match"; return; } if (string.IsNullOrEmpty(txtUserPwd.Text)) { EndUserMessage = "Passwords Cannot Be Empty"; return; } } else { //Create a local random db pass, should never actually be possible to use. txtUserPwd.Text = new Guid().ToString(); txtUserPwdConfirm.Text = txtUserPwd.Text; } var user = new CloneDeployUserEntity { Name = txtUserName.Text, Membership = ddluserMembership.Text, Salt = Utility.CreateSalt(64), Email = txtEmail.Text, Token = txtToken.Text, NotifyLockout = chkLockout.Checked ? 1 : 0, NotifyError = chkError.Checked ? 1 : 0, NotifyComplete = chkComplete.Checked ? 1 : 0, NotifyImageApproved = chkApproved.Checked ? 1 : 0, NotifyServerStatusChange = chkSecServer.Checked ? 1: 0, IsLdapUser = chkldap.Checked ? 1 : 0, UserGroupId = -1 }; user.Password = Utility.CreatePasswordHash(txtUserPwd.Text, user.Salt); var result = Call.CloneDeployUserApi.Post(user); if (!result.Success) { EndUserMessage = result.ErrorMessage; } else { EndUserMessage = "Successfully Created User"; Response.Redirect("~/views/users/edit.aspx?userid=" + result.Id); } }
public ActionResultDTO Put(int id, CloneDeployUserEntity tObject) { Request.Method = Method.PUT; Request.AddJsonBody(tObject); Request.Resource = string.Format("api/{0}/Put/{1}", Resource, id); var response = _apiRequest.Execute <ActionResultDTO>(Request); if (response.Id == 0) { response.Success = false; } return(response); }
protected override void OnInit(EventArgs e) { base.OnInit(e); Call = new APICall(); var currentUser = Session["CloneDeployUser"]; if (currentUser == null) { HttpContext.Current.Session.Abandon(); FormsAuthentication.SignOut(); Response.Redirect("~/?session=expired", true); } CloneDeployCurrentUser = (CloneDeployUserEntity)currentUser; }
private ValidationResultDTO ValidateUser(CloneDeployUserEntity user, bool isNewUser) { var validationResult = new ValidationResultDTO { Success = true }; if (string.IsNullOrEmpty(user.Name) || !user.Name.All(c => char.IsLetterOrDigit(c) || c == '_')) { validationResult.Success = false; validationResult.ErrorMessage = "User Name Is Not Valid"; return(validationResult); } if (isNewUser) { if (string.IsNullOrEmpty(user.Password)) { validationResult.Success = false; validationResult.ErrorMessage = "Password Is Not Valid"; return(validationResult); } if (_uow.UserRepository.Exists(h => h.Name == user.Name)) { validationResult.Success = false; validationResult.ErrorMessage = "This User Already Exists"; return(validationResult); } } else { var originalUser = _uow.UserRepository.GetById(user.Id); if (originalUser.Name != user.Name) { if (_uow.UserRepository.Exists(h => h.Name == user.Name)) { validationResult.Success = false; validationResult.ErrorMessage = "This User Already Exists"; return(validationResult); } } } return(validationResult); }
public ActionResultDTO AddUser(CloneDeployUserEntity user) { var validationResult = ValidateUser(user, true); var actionResult = new ActionResultDTO(); if (validationResult.Success) { _uow.UserRepository.Insert(user); _uow.Save(); actionResult.Success = true; actionResult.Id = user.Id; } else { actionResult.ErrorMessage = validationResult.ErrorMessage; } return(actionResult); }
public ActionResultDTO Post(CloneDeployUserEntity user) { return(_userServices.AddUser(user)); }
public ValidationResultDTO GlobalLogin(string userName, string password, string loginType) { var validationResult = new ValidationResultDTO { ErrorMessage = "Incorrect Username Or Password", Success = false }; var auditLog = new AuditLogEntity(); var auditLogService = new AuditLogServices(); auditLog.ObjectId = -1; auditLog.ObjectName = userName; auditLog.Ip = IpServices.GetIPAddress(); auditLog.UserId = -1; auditLog.ObjectType = "User"; auditLog.AuditType = AuditEntry.Type.FailedLogin; //Check if user exists in Clone Deploy var user = _userServices.GetUser(userName); if (user == null) { //Check For a first time LDAP User Group Login if (SettingServices.GetSettingValue(SettingStrings.LdapEnabled) == "1") { foreach (var ldapGroup in _userGroupServices.GetLdapGroups()) { if (new LdapServices().Authenticate(userName, password, ldapGroup.GroupLdapName)) { //user is a valid ldap user via ldap group that has not yet logged in. //Add the user and allow login. var cdUser = new CloneDeployUserEntity { Name = userName, Salt = Utility.CreateSalt(64), Token = Utility.GenerateKey(), IsLdapUser = 1 }; //Create a local random db pass, should never actually be possible to use. cdUser.Password = Utility.CreatePasswordHash(Utility.GenerateKey(), cdUser.Salt); if (_userServices.AddUser(cdUser).Success) { //add user to group var newUser = _userServices.GetUser(userName); _userGroupServices.AddNewGroupMember(ldapGroup.Id, newUser.Id); auditLog.UserId = newUser.Id; auditLog.ObjectId = newUser.Id; validationResult.Success = true; auditLog.AuditType = AuditEntry.Type.SuccessfulLogin; break; } } } } auditLogService.AddAuditLog(auditLog); return(validationResult); } if (_userLockoutServices.AccountIsLocked(user.Id)) { _userLockoutServices.ProcessBadLogin(user.Id); validationResult.ErrorMessage = "Account Is Locked"; auditLog.UserId = user.Id; auditLog.ObjectId = user.Id; auditLogService.AddAuditLog(auditLog); return(validationResult); } //Check against AD if (user.IsLdapUser == 1 && SettingServices.GetSettingValue(SettingStrings.LdapEnabled) == "1") { //Check if user is authenticated against an ldap group if (user.UserGroupId != -1) { //user is part of a group, is the group an ldap group? var userGroup = _userGroupServices.GetUserGroup(user.UserGroupId); if (userGroup != null) { if (userGroup.IsLdapGroup == 1) { //the group is an ldap group //make sure user is still in that ldap group if (new LdapServices().Authenticate(userName, password, userGroup.GroupLdapName)) { validationResult.Success = true; } else { //user is either not in that group anymore, not in the directory, or bad password validationResult.Success = false; if (new LdapServices().Authenticate(userName, password)) { //password was good but user is no longer in the group //delete the user _userServices.DeleteUser(user.Id); } } } else { //the group is not an ldap group //still need to check creds against directory if (new LdapServices().Authenticate(userName, password)) { validationResult.Success = true; } } } else { //group didn't exist for some reason //still need to check creds against directory if (new LdapServices().Authenticate(userName, password)) { validationResult.Success = true; } } } else { //user is not part of a group, check creds against directory if (new LdapServices().Authenticate(userName, password)) { validationResult.Success = true; } } } else if (user.IsLdapUser == 1 && SettingServices.GetSettingValue(SettingStrings.LdapEnabled) != "1") { //prevent ldap user from logging in with local pass if ldap auth gets turned off validationResult.Success = false; } //Check against local DB else { var hash = Utility.CreatePasswordHash(password, user.Salt); if (user.Password == hash) { validationResult.Success = true; } } if (validationResult.Success) { auditLog.AuditType = AuditEntry.Type.SuccessfulLogin; auditLog.UserId = user.Id; auditLog.ObjectId = user.Id; auditLogService.AddAuditLog(auditLog); _userLockoutServices.DeleteUserLockouts(user.Id); return(validationResult); } auditLog.AuditType = AuditEntry.Type.FailedLogin; auditLog.UserId = user.Id; auditLog.ObjectId = user.Id; auditLogService.AddAuditLog(auditLog); _userLockoutServices.ProcessBadLogin(user.Id); return(validationResult); }