/// <summary>
/// Initializes a new instance of the <see cref="AccessCheckService" /> class.
/// </summary>
/// <param name="bus">The bus.</param>
/// <param name="accessPermissions">The access permissions.</param>
public AccessCheckService(IBus bus, IAccessPermissionCollection accessPermissions)
{
Contract.Requires(bus != null);
Contract.Requires(accessPermissions != null);
_bus = bus;
_accessPermissions = accessPermissions;
}
public async Task Update(IAccessPermissionCollection accessPermissions)
{
// NOTE: this is temporary quick solution
// Normally it should be replaced with an implementation of partial updates based on MS Sync Framework
var biometricInfo = await _listUsersBiometricRequest.Request(ListCommand.WithoutParameters);
var biometricInfoMap = biometricInfo.Users.ToDictionary(x => x.UserName);
Func <string, UserHash> getHash = x =>
{
var hash = biometricInfoMap.ContainsKey(x) ? biometricInfoMap[x].BiometricHash : null;
return(new UserHash(x, hash));
};
// add user permissions
var accessRights = await _listAccessRightsRequest.Request(ListCommand.WithoutParameters);
foreach (var userAccessRights in accessRights.UserAccessRights)
{
var userName = userAccessRights.UserName;
var userHash = getHash(userName);
userAccessRights.PermanentAccessRules.ForEach(
rule =>
{
var permission = new PermanentUserAccess(rule.AccessPointId, userHash);
accessPermissions.AddOrUpdatePermission(permission);
});
userAccessRights.ScheduledAccessRules.ForEach(
rule =>
{
var permission = new ScheduledUserAccess(rule.AccessPointId, userHash, WeeklySchedule.Convert(rule.WeeklySchedule));
accessPermissions.AddOrUpdatePermission(permission);
});
}
// add user group permissions
foreach (var groupRights in accessRights.UserGroupAccessRights)
{
var groupName = groupRights.UserGroupName;
var usersInGroupResult = await _listUsersInGroupRequest.Request(ListCommand.ListUsersInGroup(groupName));
var userHashes = usersInGroupResult.Users.Select(x => getHash(x.UserName)).ToArray();
groupRights.PermanentAccessRules.ForEach(
rule =>
{
var permission = new PermanentGroupAccess(rule.AccessPointId, groupName, userHashes);
accessPermissions.AddOrUpdatePermission(permission);
});
groupRights.ScheduledAccessRules.ForEach(
rule =>
{
var permission = new ScheduledGroupAccess(rule.AccessPointId, groupName, userHashes, WeeklySchedule.Convert(rule.WeeklySchedule));
accessPermissions.AddOrUpdatePermission(permission);
});
}
}
public EventConsumer(IAccessPermissionCollection accessPermissions, IAccessPermissionService service)
{
Contract.Requires(accessPermissions != null);
Contract.Requires(service != null);
_accessPermissions = accessPermissions;
_service = service;
}
public UpdateUserHashVisitor(IAccessPermissionCollection accessPermissions, string userName, string oldHash, string newHash)
{
Contract.Requires(accessPermissions != null);
Contract.Requires(!string.IsNullOrWhiteSpace(userName));
_accessPermissions = accessPermissions;
_userName = userName;
_oldHash = oldHash;
_newHash = newHash;
}
public void Save(IAccessPermissionCollection accessPermissions)
{
// NOTE: this is temporary quick solution
// Normally permissions should be saved in protected storage, for instance in secured database or encrypted file
try
{
var formatter = new BinaryFormatter();
using (var stream = new FileStream(StorageFileName, FileMode.Create))
{
var array = accessPermissions.ToArray();
formatter.Serialize(stream, array);
}
}
catch (Exception e)
{
Log.Error("An error occurred while saving permissions to cache", e);
}
}
public void Load(IAccessPermissionCollection accessPermissions)
{
if (!File.Exists(StorageFileName))
{
return;
}
// NOTE: this is temporary quick solution
// Normally permissions should be saved in protected storage, for instance in secured database or encrypted file
try
{
var formatter = new BinaryFormatter();
using (var stream = new FileStream(StorageFileName, FileMode.Open))
{
var deserialized = formatter.Deserialize(stream) as IAccessPermission[];
deserialized.ForEach(accessPermissions.AddOrUpdatePermission);
}
}
catch (Exception e)
{
Log.Error("An error occurred while loading permissions from cache", e);
}
}
public Task Update(IAccessPermissionCollection accessPermissions)
{
Contract.Requires(accessPermissions != null);
Contract.Ensures(Contract.Result <Task>() != null);
return(null);
}
public void Save(IAccessPermissionCollection accessPermissions)
{
Contract.Requires(accessPermissions != null);
}
