예제 #1
0
        public GroupFullResult CreateGroup(string vaultId, string groupName, string userId)
        {
            var parms = new Dictionary <string, object>
            {
                { "name", groupName },
                { "policy", EncodeHelper.EncodeToBase64("[{\"Activities\": \"CRUD\", \"Resources\": [\"Vault::.*\", \"Vault::" + vaultId + "\", \"Vault::" + vaultId + "::Schema::.*\", \"Vault::" + vaultId + "::Document::.*\", \"Vault::" + vaultId + "::Blob::.*\", \"Vault::" + vaultId + "::Search::.*\"]}]") },
                { "user_ids", userId }
            };

            try
            {
                var result = WebHelper.MultipartFormDataPost <GroupFullResult>(BaseUrl + "groups", parms, this.apiKey);

                return(result);
            }
            catch (WebException exception)
            {
                if (exception.Status == WebExceptionStatus.ProtocolError)
                {
                    return(this.GetGroupByName(groupName));
                }
                else
                {
                    throw;
                }
            }
        }
예제 #2
0
        public ServiceResponse <UserItem> Impersonate(Guid u)
        {
            if (!base.IsFactStaff)
            {
                throw new Exception("Not Authorized");
            }

            var currentUser = base.Email;

            this.Logout();

            DateTime startTime        = DateTime.Now;
            var      userFacade       = this.Container.GetInstance <UserFacade>();
            var      auditLogFacade   = this.Container.GetInstance <AuditLogFacade>();
            var      trueVaultManager = this.Container.GetInstance <TrueVaultManager>();

            try
            {
                var user = userFacade.GetById(u);

                if (user == null)
                {
                    return(new ServiceResponse <UserItem>
                    {
                    });
                }

                var token = trueVaultManager.GetAccessToken(user.DocumentLibraryUserId);

                if (token.Result != TrueVaultManager.Success)
                {
                    throw new Exception("Cannot log into True Vault");
                }

                var userItem = ModelConversions.Convert(user, true, true);
                userItem.DocumentLibraryAccessToken = EncodeHelper.EncodeToBase64(token.User.Access_token + ":");

                var identity = this.GenerateUserIdentity(user, "", userItem.DocumentLibraryAccessToken, currentUser, true);

                this.AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
                this.AuthenticationManager.SignIn(new AuthenticationProperties {
                    IsPersistent = true
                }, identity);

                auditLogFacade.AddAuditLog(currentUser, base.IPAddress, $"User Impersonation as {user.EmailAddress}");

                base.LogMessage("Impersonate", DateTime.Now - startTime);

                return(new ServiceResponse <UserItem>
                {
                    Item = userItem
                });
            }
            catch (Exception ex)
            {
                return(base.HandleException <UserItem>(ex));
            }
        }
예제 #3
0
        public ServiceResponse <UserItem> Login(LoginViewModel model)
        {
            DateTime startTime        = DateTime.Now;
            var      userFacade       = this.Container.GetInstance <UserFacade>();
            var      auditLogFacade   = this.Container.GetInstance <AuditLogFacade>();
            var      trueVaultManager = this.Container.GetInstance <TrueVaultManager>();
            var      userManager      = this.Container.GetInstance <UserManager>();

            try
            {
                var user = userFacade.Login(model.UserName, model.Password);

                if (user == null || user.Item1 == null)
                {
                    auditLogFacade.AddAuditLog(base.Email, base.IPAddress, "Login Attempt - Failed");

                    return(new ServiceResponse <UserItem>
                    {
                    });
                }
                else if (user.Item2)
                {
                    return(new ServiceResponse <UserItem>
                    {
                        HasError = true,
                        Message = "Password Expired"
                    });
                }

                var token = trueVaultManager.GetAccessToken(user.Item1.DocumentLibraryUserId);

                if (token.Result != TrueVaultManager.Success)
                {
                    throw new Exception("Cannot log into True Vault");
                }

                var userItem = ModelConversions.Convert(user.Item1, true, true);
                userItem.Code = EncryptionHelper.Encrypt(user.Item1.Id.ToString(), "code", true);
                userItem.DocumentLibraryAccessToken = EncodeHelper.EncodeToBase64(token.User.Access_token + ":");

                var identity = this.GenerateUserIdentity(user.Item1, userItem.Code, userItem.DocumentLibraryAccessToken);

                this.AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
                this.AuthenticationManager.SignIn(new AuthenticationProperties {
                    IsPersistent = true
                }, identity);

                auditLogFacade.AddAuditLog(model.UserName, base.IPAddress, "Login Attempt - Successful");

                base.LogMessage("Login", DateTime.Now - startTime);

                return(new ServiceResponse <UserItem>
                {
                    Item = userItem
                });
            }
            catch (Exception ex)
            {
                return(base.HandleException <UserItem>(ex));
            }
        }