protected void btnBrowseDBUser_Click(object sender, EventArgs e) { try { IAzManDBUser[] selectedDBUsers = (IAzManDBUser[])this.Session["selectedDBUsers"]; if (selectedDBUsers.Length > 1) { this.ShowError("Please choose only one DB User"); } if (selectedDBUsers.Length == 1) { this.wid = null; this.dbuser = selectedDBUsers[0]; this.txtDBUser.Text = this.dbuser.UserName; } this.rbDBUser.Checked = true; this.txtWindowsUser.Text = String.Empty; } catch (Exception ex) { this.ShowError(ex.Message); } finally { this.Session["selectedDBUsers"] = null; } }
/// <summary> /// Check Access from your Application [FOR Windows Users ONLY]. /// </summary> /// <param name="dbUserName">DB Username</param> private void CheckAccessPermissionsForDBUsers(string dbUserName) { // REMBER: // Modify dbo.GetDBUsers Table-Function to customize DB User list. // USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Readers //Sql Storage connection string string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password"; //Create an instance of SqlAzManStorage class IAzManStorage storage = new SqlAzManStorage(sqlConnectionString); //Retrieve DB User identity from dbo.GetDBUsers Table-Function IAzManDBUser dbUser = storage.GetDBUser(dbUserName); AuthorizationType auth = storage.CheckAccess("My Store", "My Application", "My Operation", dbUser, DateTime.Now, true); switch (auth) { case AuthorizationType.AllowWithDelegation: //Yes, I can ... and I can delegate break; case AuthorizationType.Allow: //Yes, I can break; case AuthorizationType.Neutral: case AuthorizationType.Deny: //No, I cannot break; } }
private void btnBrowseDBUser_Click(object sender, EventArgs e) { try { this.rbDBUser.Checked = true; frmDBUsersList frm = new frmDBUsersList(); frm.application = this.application; DialogResult dr = frm.ShowDialog(this); if (dr == DialogResult.OK) { if (frm.selectedDBUsers.Length > 1) { this.ShowError(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg80"), Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10")); } if (frm.selectedDBUsers.Length == 1) { this.wid = null; this.dbuser = frm.selectedDBUsers[0]; this.txtDBUser.Text = this.dbuser.UserName; } } } catch (Exception ex) { this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10")); } finally { this.FormValidate(); } }
private void SaveRecord() { _Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted); foreach (ListViewItem item in lvwStoreGroups.Items) { #region update checked items only, not selected if (item.Checked) { _SelectedItems.Add(item); #region 立即 save IAzManDBUser dbUser = _Storage.GetDBUser(item.SubItems[0].Text); IAzManAuthorization auth = _AuthItem.CreateAuthorization( new SqlAzManSID(dbUser.CustomSid.ToString(), this._CurrentOwnerSidWhereDefined == WhereDefined.Database), this._CurrentOwnerSidWhereDefined, new SqlAzManSID(dbUser.CustomSid.ToString(), true), WhereDefined.Database, AuthorizationType.Neutral, null, null); #endregion } #endregion } _Storage.CommitTransaction(); }
private void btnBrowseWindowsUser_Click(object sender, EventArgs e) { string userName = String.Empty; try { this.rbWindowsUser.Checked = true; ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, false, true, false); /*Application.DoEvents();*/ if (res != null) { if (res.Length > 1) { this.ShowError(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg20"), Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10")); } if (res.Length == 1) { userName = res[0].UPN; this.wid = new WindowsIdentity(userName); this.txtWindowsUser.Text = userName; this.dbuser = null; } } } catch (Exception ex) { this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10")); } finally { this.FormValidate(); } }
private void SaveRecord() { try { _Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted); foreach (ListViewItem item in lvwStoreGroups.Items) { #region update checked items only, not selected if (item.Checked) { _SelectedItems.Add(item); #region 立即 save IAzManDBUser dbUser = _Storage.GetDBUser(item.SubItems[0].Text); _StoreGroup.CreateStoreGroupMember(dbUser.CustomSid, WhereDefined.Database, _IsMember); #endregion } #endregion } _Storage.CommitTransaction(); } catch (Exception ex) { _Storage.RollBackTransaction(); throw (ex); } }
/// <summary> /// Determines whether [is in group] [the specified windows identity]. /// </summary> /// <param name="dbUser">The db user.</param> /// <returns> /// <c>true</c> if [is in group] [the specified windows identity]; otherwise, <c>false</c>. /// </returns> public bool IsInGroup(IAzManDBUser dbUser) { if (dbUser == null) { throw new ArgumentNullException("dbUser"); } return(this.isAMemberOfGroup(false, this.sid.BinaryValue, this.Store.Storage.Mode == NetSqlAzManMode.Developer, DirectoryServicesUtils.rootDsePath, dbUser.CustomSid.BinaryValue, 0)); }
/// <summary> /// Initializes the context. /// </summary> /// <param name="storageConnectionString">The storage connection string.</param> /// <param name="storeName">Name of the store.</param> /// <param name="applicationName">Name of the application.</param> /// <param name="dbUserIdentity">The db user identity.</param> /// <param name="useStorageCache">if set to <c>true</c> [use storage cache].</param> public NetSqlAzManAuthorizationContext(string storageConnectionString, string storeName, string applicationName, IAzManDBUser dbUserIdentity, bool useStorageCache) { this.StorageConnectionString = storageConnectionString; this.StoreName = storeName; this.ApplicationName = applicationName; this.DBUserIdentity = dbUserIdentity; this.UseStorageCache = useStorageCache; }
private void cmdCheckAccess_Click(object sender, EventArgs e) { if (txtUser.Tag != null) { _DbUser = (IAzManDBUser)txtUser.Tag; GetDetails(_DbUser); } }
protected void Button2_Click(object sender, EventArgs e) { IAzManStorage storage = new SqlAzManStorage("data source=(local);Initial Catalog=NetSqlAzManStorage;user id=sa;password="******"Andrea"); UserPermissionCache cache = new UserPermissionCache(storage, "Store Stress Test", "Application0", andrea, true, true); Session["cache"] = cache; }
protected void btnCheckAccessTest_Click(object sender, EventArgs e) { try { NTAccount nta = (NTAccount)(this.Request.LogonUserIdentity.User.Translate(typeof(NTAccount))); string currentUpnName = nta.Value; if (currentUpnName.IndexOf('\\') != -1) { currentUpnName = currentUpnName.Substring(currentUpnName.IndexOf('\\') + 1); } if (String.IsNullOrEmpty(this.txtWindowsUser.Text) && this.rbWindowsUser.Checked) { this.txtWindowsUser.Text = currentUpnName; } if (this.rbWindowsUser.Checked) { this.dbuser = null; if (this.txtWindowsUser.Text == currentUpnName) { //Current Windows User this.wid = this.Request.LogonUserIdentity; } else { //Kerberos Protocol Transition this.wid = new WindowsIdentity(this.txtWindowsUser.Text); } } else if (this.rbDBUser.Checked && !String.IsNullOrEmpty(this.txtDBUser.Text)) { this.wid = null; this.dbuser = this.application.GetDBUser(this.txtDBUser.Text); } this.txtDetails.Text = String.Empty; this.WriteLineDetailMessage("Check Access Test started at " + DateTime.Now.ToString()); this.WriteLineDetailMessage(String.Empty); this.WriteIdentityDetails(); this.WriteLineDetailMessage(String.Empty); this.WriteDetailMessage("Building Items Hierarchy ..."); this.RefreshItemsHierarchy(); this.WriteLineDetailMessage("Done."); this.WriteLineDetailMessage(String.Empty); TreeNode applicationTreeNode = this.itemsHierarchyTreeView.Nodes[0].ChildNodes[0].ChildNodes[0]; foreach (TreeNode itemTreeNode in applicationTreeNode.ChildNodes) { this.checkAccessTest(itemTreeNode); } this.WriteLineDetailMessage(String.Empty); this.WriteLineDetailMessage("Check Access Test finished at " + DateTime.Now.ToString()); } catch (Exception ex) { this.ShowError(ex.Message); } }
/// <summary> /// Checks the Store access [FOR DB Users ONLY]. /// </summary> /// <param name="dbUser">The db user.</param> /// <param name="validFor">The valid for.</param> /// <param name="contextParameters">The context parameters.</param> /// <returns> /// [true] for access allowd, [false] otherwise. /// </returns> public bool CheckStoreAccess(IAzManDBUser dbUser, DateTime validFor, params KeyValuePair <string, object>[] contextParameters) { foreach (IAzManApplication application in this.GetApplications()) { if (application.CheckApplicationAccess(dbUser, validFor, contextParameters) == true) { return(true); } } return(false); }
/// <summary> /// Constructor that builds a hierarchical menu based upon authorization right of the user /// in the given store. /// </summary> /// <param name="store">String that represents the store that the menu is built upon.</param> /// <param name="user">User name.</param> /// <param name="baseUrl">Base url for generated menu urls.</param> /// <param name="menuUrl">Base url for menu resolved.</param> /// <param name="displayFullMenu">Whether to display full menu</param> public PemsMenu(string store, string user, string baseUrl, string menuUrl, bool displayFullMenu) { _displayFullMenu = displayFullMenu; _storage = new SqlAzManStorage(connectionString: ConfigurationManager.ConnectionStrings[Constants.Security.RbacConnectionStringName].ConnectionString); _dbUser = _storage.GetDBUser(user); _baseUrl = baseUrl; _store = store; _menuUrl = menuUrl; // Create the menu GetMenu(); }
/// <summary> /// Initializes a new instance of the <see cref="UserPermissionCache"/> class. /// </summary> /// <param name="storage">The storage.</param> /// <param name="storeName">Name of the store.</param> /// <param name="applicationName">Name of the application.</param> /// <param name="dbUser">The db user.</param> /// <param name="retrieveAttributes">if set to <c>true</c> [retrieve attributes].</param> /// <param name="multiThreadBuild">if set to <c>true</c> [multi thread build].</param> /// <param name="contextParameters">The context parameters.</param> public UserPermissionCache(IAzManStorage storage, string storeName, string applicationName, IAzManDBUser dbUser, bool retrieveAttributes, bool multiThreadBuild, params KeyValuePair <string, object>[] contextParameters) : this(storage, storeName, applicationName, retrieveAttributes, contextParameters) { this.dbUser = dbUser; if (multiThreadBuild) { this.buildApplicationCacheMultiThread(); } else { this.buildApplicationCache(); } }
/// <summary> /// Gets the DB users. /// </summary> /// <returns></returns> public IAzManDBUser[] GetDBUsers() { var dtDBUsers = this.db.GetDBUsersEx(this.name, null, null, null); IAzManDBUser[] result = new IAzManDBUser[dtDBUsers.Rows.Count]; int i = 0; foreach (DataRow row in dtDBUsers.Rows) { result[i++] = new SqlAzManDBUser(row); } return(result); }
private void GetDetails(IAzManDBUser dbUser) { txtDetails.Text = String.Format(@" Check Access Test started at {0} Identity Details: Name: {1}Custom Sid: {2} ", DateTime.Now.ToString(), dbUser.UserName + "\t", dbUser.CustomSid); txtDetails.Text += "Member of these Store Groups:" + Environment.NewLine; foreach (IAzManStoreGroup storeGroup in _Application.Store.GetStoreGroups()) { if (storeGroup.IsInGroup(dbUser)) { txtDetails.Text += storeGroup.Name + Environment.NewLine; } } txtDetails.Text += "Member of these Application Groups:" + Environment.NewLine; foreach (IAzManApplicationGroup applicationGroup in _Application.GetApplicationGroups()) { if (applicationGroup.IsInGroup(dbUser)) { txtDetails.Text += applicationGroup.Name + Environment.NewLine; } } #region Load Hierarchy(); txtDetails.Text += Environment.NewLine; txtDetails.Text += "Building Items Hierarchy ..."; tvwResults.Nodes.Clear(); BuildApplicationsTreeView(); tvwResults.ExpandAll(); txtDetails.Text += "Done." + Environment.NewLine + Environment.NewLine; #endregion #region Check Access TreeNode applicationTreeNode = tvwResults.Nodes[0].Nodes[0]; foreach (TreeNode itemTreeNode in applicationTreeNode.Nodes) { CheckNodeAccess(itemTreeNode); } txtDetails.Text += Environment.NewLine; txtDetails.Text += "Check Access Test finished at " + DateTime.Now.ToString(); #endregion }
private void rbCheckedChanged() { if (this.rbWindowsUser.Checked) { this.txtWindowsUser.Enabled = true; this.txtDBUser.Enabled = false; } else { this.txtDBUser.Enabled = false; this.txtWindowsUser.Enabled = false; } this.txtWindowsUser.Text = String.Empty; this.txtDBUser.Text = String.Empty; this.cache = null; this.wid = null; this.dbuser = null; }
private DataRow AddDBUserDataRow(IAzManDBUser member) { DataRow dr = this.dtAuthorizations.NewRow(); dr["Owner"] = this.currentOwnerName; dr["OwnerSID"] = this.currentOwnerSid; dr["Name"] = member.UserName; dr["MemberType"] = this.RenderMemberType(MemberType.DatabaseUser, member.CustomSid); dr["MemberTypeEnum"] = MemberType.DatabaseUser; dr["ObjectSID"] = member.CustomSid.StringValue; dr["WhereDefined"] = WhereDefined.Database.ToString(); dr["WhereDefinedEnum"] = WhereDefined.Database; dr["AuthorizationType"] = this.RenderAuthorizationType(AuthorizationType.Neutral); dr["AuthorizationTypeEnum"] = AuthorizationType.Neutral; dr["ValidFrom"] = DBNull.Value; dr["ValidTo"] = DBNull.Value; this.dtAuthorizations.Rows.Add(dr); return(dr); }
/// <summary> /// Retrive a complete Authorization for the current user and populate the string array /// from .NetSqlAzMan store /// </summary> /// <param name="userName">User name identifying the current user</param> /// <returns>Array of strings containing all of the permissions from .NetSqlAzMan store</returns> private bool CheckAccess(IAzManDBUser dbUser, string app, string role, IAzManStorage storage) { var result = false; //IAzManDBUser dbUser = storage.GetDBUser(dbUserName); AuthorizationType auth = storage.CheckAccess("CATS", app, role, dbUser, DateTime.Now, false); switch (auth) { case AuthorizationType.AllowWithDelegation: case AuthorizationType.Allow: result = true; break; case AuthorizationType.Neutral: case AuthorizationType.Deny: result = false; break; } return(result); }
private void rbCheckedChanged() { if (this.rbWindowsUser.Checked) { this.txtWindowsUser.ReadOnly = false; this.txtWindowsUser.BackColor = SystemColors.Window; this.txtDBUser.BackColor = SystemColors.Control; this.txtWindowsUser.Text = String.Empty; } else { this.txtWindowsUser.ReadOnly = true; this.txtWindowsUser.BackColor = SystemColors.Control; this.txtDBUser.BackColor = SystemColors.Window; } this.txtWindowsUser.Text = String.Empty; this.txtDBUser.Text = String.Empty; this.cache = null; this.wid = null; this.dbuser = null; }
private void DBUserList_FormClosed(object sender, FormClosedEventArgs e) { var form = (DBUsersList)sender; if (form.SelectedItems != null) { if (form.SelectedItems.Count > 0) { var item = form.SelectedItems[0]; if (item != null) { IAzManDBUser dbUser = _Application.GetDBUser(item.SubItems[0].Text); txtUser.Tag = dbUser; txtUser.Text = dbUser.UserName; txtDetails.Text = String.Empty; tvwResults.Nodes.Clear(); } } } }
private void btnCheckAccessTest_Click(object sender, EventArgs e) { try { NTAccount nta = (NTAccount)(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User.Translate(typeof(NTAccount))); string currentUpnName = nta.Value; if (currentUpnName.IndexOf('\\') != -1) { currentUpnName = currentUpnName.Substring(currentUpnName.IndexOf('\\') + 1); } if (this.rbWindowsUser.Checked && !String.IsNullOrEmpty(this.txtWindowsUser.Text)) { this.dbuser = null; if (this.txtWindowsUser.Text == currentUpnName) { //Current Windows User this.wid = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()); } else { //Kerberos Protocol Transition this.wid = new WindowsIdentity(this.txtWindowsUser.Text); } } else if (this.rbDBUser.Checked && !String.IsNullOrEmpty(this.txtDBUser.Text)) { this.wid = null; this.dbuser = this.application.GetDBUser(this.txtDBUser.Text); } this.HourGlass(true); this.txtDetails.Text = String.Empty; this.btnCheckAccessTest.Enabled = this.btnClose.Enabled = this.btnBrowseWindowsUser.Enabled = this.btnBrowseDBUser.Enabled = this.rbWindowsUser.Enabled = this.rbDBUser.Enabled = false; this.WriteLineDetailMessage(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg30") + " " + DateTime.Now.ToString()); this.WriteLineDetailMessage(String.Empty); this.WriteIdentityDetails(); this.WriteLineDetailMessage(String.Empty); this.WriteDetailMessage(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg40")); this.checkAccessTestTreeView.BeginUpdate(); this.RefreshItemsHierarchy(); this.checkAccessTestTreeView.EndUpdate(); Application.DoEvents(); this.WriteLineDetailMessage(Globalization.MultilanguageResource.GetString("Done_Msg10")); this.WriteLineDetailMessage(String.Empty); TreeNode applicationTreeNode = this.checkAccessTestTreeView.Nodes[0].Nodes[0].Nodes[0]; Boolean turboMode = this.application.Items.Count>50; Hashtable resultCache = new Hashtable(); Hashtable attributesCache = new Hashtable(); if (turboMode) this.checkAccessTestTreeView.BeginUpdate(); foreach (TreeNode itemTreeNode in applicationTreeNode.Nodes) { this.checkAccessTest(itemTreeNode, turboMode, resultCache, attributesCache); } if (turboMode) this.checkAccessTestTreeView.EndUpdate(); this.WriteLineDetailMessage(String.Empty); this.WriteLineDetailMessage(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg50") + " " + DateTime.Now.ToString()); } catch (Exception ex) { this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10")); } finally { this.btnCheckAccessTest.Enabled = this.btnClose.Enabled = this.btnBrowseWindowsUser.Enabled = this.btnBrowseDBUser.Enabled = this.rbWindowsUser.Enabled = this.rbDBUser.Enabled = true; this.HourGlass(false); } }
/// <summary> /// Retrive a complete Authorization for the current user and populate the string array /// from .NetSqlAzMan store /// </summary> /// <param name="userName">User name identifying the current user</param> /// <returns>Array of strings containing all of the permissions from .NetSqlAzMan store</returns> private bool CheckAccess(IAzManDBUser dbUser, string app, string role, IAzManStorage storage) { var result = false; //IAzManDBUser dbUser = storage.GetDBUser(dbUserName); AuthorizationType auth = storage.CheckAccess("CATS", app, role, dbUser, DateTime.Now, false); switch (auth) { case AuthorizationType.AllowWithDelegation: case AuthorizationType.Allow: result = true; break; case AuthorizationType.Neutral: case AuthorizationType.Deny: result = false; break; } return result; }
private AuthorizationType internalCheckAccess(string StoreName, string ApplicationName, string ItemName, IAzManDBUser dbUser, DateTime ValidFor, bool OperationsOnly, bool retrieveAttributes, out List<KeyValuePair<string, string>> attributes, params KeyValuePair<string, object>[] contextParameters) { int userGroupsCount = 0; SqlConnection conn = new SqlConnection(this.db.Connection.ConnectionString); conn.Open(); System.Data.SqlClient.SqlCommand cmd = conn.CreateCommand(); cmd.CommandText = "dbo.netsqlazman_DirectCheckAccess"; cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@STORENAME", StoreName); cmd.Parameters.AddWithValue("@APPLICATIONNAME", ApplicationName); cmd.Parameters.AddWithValue("@ITEMNAME", ItemName); cmd.Parameters.AddWithValue("@OPERATIONSONLY", OperationsOnly); cmd.Parameters.AddWithValue("@TOKEN", dbUser.CustomSid.BinaryValue); cmd.Parameters.AddWithValue("@USERGROUPSCOUNT", (object)userGroupsCount); cmd.Parameters.AddWithValue("@VALIDFOR", ValidFor); cmd.Parameters.AddWithValue("@LDAPPATH", DirectoryServicesUtils.rootDsePath); cmd.Parameters.AddWithValue("@RETRIEVEATTRIBUTES", retrieveAttributes); System.Data.SqlClient.SqlParameter pAuthorizationType = new System.Data.SqlClient.SqlParameter("@AUTHORIZATION_TYPE", (object)0); pAuthorizationType.Direction = System.Data.ParameterDirection.InputOutput; cmd.Parameters.Add(pAuthorizationType); //BizRule Check CallBack SqlDataAdapter checkAccessPartialResultsDataAdapter = new SqlDataAdapter(cmd); DataSet checkAccessResults = new DataSet(); try { checkAccessPartialResultsDataAdapter.Fill(checkAccessResults); } catch (SqlException sqlex) { if (sqlex.Message.StartsWith("Store not found", StringComparison.CurrentCultureIgnoreCase)) { throw SqlAzManException.StoreNotFoundException(StoreName, sqlex); } else if (sqlex.Message.StartsWith("Application not found", StringComparison.CurrentCultureIgnoreCase)) { throw SqlAzManException.ApplicationNotFoundException(ApplicationName, StoreName, sqlex); } else if (sqlex.Message.StartsWith("Item not found", StringComparison.CurrentCultureIgnoreCase)) { throw SqlAzManException.ItemNotFoundException(ItemName, StoreName, ApplicationName, sqlex); } else { throw SqlAzManException.GenericException(sqlex); } } finally { conn.Close(); } DataTable checkAccessPartialResultsDataTable = checkAccessResults.Tables[0]; DataTable checkAccessAttributesDataTable = (retrieveAttributes ? checkAccessResults.Tables[1] : new DataTable()); AuthorizationType result; if (checkAccessPartialResultsDataTable.Select("BizRuleId IS NOT NULL").Length == 0) { //No business rules to check ... just return check access authorizationType result = (AuthorizationType)((int)pAuthorizationType.Value); } else { //Transform DataRows into a Hierarchical Tree of Node(s) IAzManApplication application = this[StoreName][ApplicationName]; ItemNode itemNode = this.buildTreeOfNodes(application, checkAccessPartialResultsDataTable, ItemName); //Execute Biz Rules and Cut Nodes that returns false Hashtable ctxParameters = new Hashtable(); if (contextParameters != null) { foreach (KeyValuePair<string, object> kv in contextParameters) { ctxParameters.Add(kv.Key, kv.Value); } } itemNode = this.executeBizRules(itemNode, dbUser.CustomSid, ctxParameters); //Compute final CheckAccess authorizationType result = this.computeCheckAccessResult(itemNode, ref checkAccessAttributesDataTable); if (result == AuthorizationType.Deny || result == AuthorizationType.Neutral) { checkAccessAttributesDataTable = new DataTable(); //no attributes } } if (retrieveAttributes) { //Populate Attributes authorizationType attributes = new List<KeyValuePair<string, string>>(checkAccessAttributesDataTable.Rows.Count); foreach (DataRow dr in checkAccessAttributesDataTable.Rows) { KeyValuePair<string, string> kvp = new KeyValuePair<string, string>((string)dr[0], (string)dr[1]); if (!attributes.Contains(kvp)) { attributes.Add(kvp); } } } else { attributes = new List<KeyValuePair<string, string>>(); } return result; }
/// <summary> /// Gets the DB users. /// </summary> /// <returns></returns> public IAzManDBUser[] GetDBUsers() { var dtDBUsers = this.db.GetDBUsersEx(null, null, null, null); IAzManDBUser[] result = new IAzManDBUser[dtDBUsers.Rows.Count]; for (int i = 0; i < dtDBUsers.Rows.Count; i++) { result[i] = new SqlAzManDBUser(dtDBUsers.Rows[i]); } return result; }
/// <summary> /// Gets a value indicating whether the specified user is in the specified role for the configured applicationName. /// </summary> /// <param name="username">The user name to search for.</param> /// <param name="roleName">The role to search in.</param> /// <returns> /// true if the specified user is in the specified role for the configured applicationName; otherwise, false. /// </returns> public override bool IsUserInRole(string username, string roleName) { if (this.userLookupType == "LDAP") { WindowsIdentity wid = null; if (String.Compare(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).Name, this.getFQUN(username), true) == 0) { wid = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()); } if (wid == null) { wid = new WindowsIdentity(this.getUpn(this.getFQUN(username))); //Kerberos Protocol Transition: Works in W2K3 native domain only } if (!this.useWCFCacheService) { return((from t in this.storageCache.GetAuthorizedItems(this.storeName, this.applicationName, wid.GetUserBinarySSid(), wid.GetGroupsBinarySSid(), DateTime.Now) where t.Type == ItemType.Role && (t.Authorization == AuthorizationType.Allow || t.Authorization == AuthorizationType.AllowWithDelegation) && t.Name.Equals(roleName, StringComparison.CurrentCultureIgnoreCase) select t).Count() > 0); } else { using (NetSqlAzManWCFCacheService.CacheServiceClient csc = new NetSqlAzManWCFCacheService.CacheServiceClient()) { try { return((from t in csc.GetAuthorizedItemsForWindowsUsers(this.storeName, this.applicationName, wid.GetUserBinarySSid(), wid.GetGroupsBinarySSid(), DateTime.Now, null) where t.Type == NetSqlAzManWCFCacheService.ItemType.Role && (t.Authorization == NetSqlAzManWCFCacheService.AuthorizationType.Allow || t.Authorization == NetSqlAzManWCFCacheService.AuthorizationType.AllowWithDelegation) && t.Name.Equals(roleName, StringComparison.CurrentCultureIgnoreCase) select t).Count() > 0); } finally { ((IDisposable)csc).Dispose(); } } } } else { using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString)) { IAzManApplication application = storage[this.storeName][this.applicationName]; IAzManDBUser dbUser = application.GetDBUser(username); if (!this.useWCFCacheService) { return((from t in this.storageCache.GetAuthorizedItems(this.storeName, this.applicationName, dbUser.CustomSid.StringValue, DateTime.Now) where t.Type == ItemType.Role && (t.Authorization == AuthorizationType.Allow || t.Authorization == AuthorizationType.AllowWithDelegation) && t.Name.Equals(roleName, StringComparison.CurrentCultureIgnoreCase) select t).Count() > 0); } else { using (NetSqlAzManWCFCacheService.CacheServiceClient csc = new NetSqlAzManWCFCacheService.CacheServiceClient()) { try { return((from t in csc.GetAuthorizedItemsForDatabaseUsers(this.storeName, this.applicationName, dbUser.CustomSid.StringValue, DateTime.Now, null) where t.Type == NetSqlAzManWCFCacheService.ItemType.Role && (t.Authorization == NetSqlAzManWCFCacheService.AuthorizationType.Allow || t.Authorization == NetSqlAzManWCFCacheService.AuthorizationType.AllowWithDelegation) && t.Name.Equals(roleName, StringComparison.CurrentCultureIgnoreCase) select t).Count() > 0); } finally { ((IDisposable)csc).Dispose(); } } } } } }
private DataRow AddDBUserDataRow(IAzManDBUser member) { DataRow dr = this.dtAuthorizations.NewRow(); dr["Owner"] = this.currentOwnerName; dr["OwnerSID"] = this.currentOwnerSid; dr["Name"] = member.UserName; dr["MemberType"] = this.RenderMemberType(MemberType.DatabaseUser, member.CustomSid); dr["MemberTypeEnum"] = MemberType.DatabaseUser; dr["ObjectSID"] = member.CustomSid.StringValue; dr["WhereDefined"] = WhereDefined.Database.ToString(); dr["WhereDefinedEnum"] = WhereDefined.Database; dr["AuthorizationType"] = this.RenderAuthorizationType(AuthorizationType.Neutral); dr["AuthorizationTypeEnum"] = AuthorizationType.Neutral; dr["ValidFrom"] = DBNull.Value; dr["ValidTo"] = DBNull.Value; this.dtAuthorizations.Rows.Add(dr); return dr; }
public ActionResult Login(LoginModel model, string returnUrl) { // Check if the supplied credentials are correct. ViewBag.HasError = false; ViewBag.returnUrl = returnUrl; // Create logger instance to record activities var log = new Logger(); try { if (_userAccountService.Authenticate(model.UserName, model.Password)) { FormsAuthentication.SetAuthCookie(model.UserName, true); // Will be refactored var user = _userAccountService.GetUserDetail(model.UserName); user.LogginDate = DateTime.Now; user.NumberOfLogins += 1; // Session["USER_PROFILE"] = user; _userAccountService.UpdateUser(user); // Add user information to session variable to avoid frequent trip to the databas var service = (IUserAccountService)DependencyResolver.Current.GetService(typeof(IUserAccountService)); var userInfo = service.GetUserInfo(model.UserName); Session["USER_INFO"] = userInfo; Session["USER_PROFILE"] = service.GetUserDetail(model.UserName); // Before trying to go and look for user permissions, check if the user is logged in or not //// Load user permissions IAzManStorage storage = new SqlAzManStorage(ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString); IAzManDBUser dbUser = storage.GetDBUser(user.UserName); // Early Warning user permissions UserPermissionCache earlyWarningPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.EARLY_WARNING, dbUser, true, false); Session[CatsGlobals.EARLY_WARNING_PERMISSIONS] = earlyWarningPermissionCache; //PSNP user permission UserPermissionCache psnpPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.PSNP, dbUser, true, false); Session[CatsGlobals.PSNP_PERMISSIONS] = psnpPermissionCache; // Logistics user permissions UserPermissionCache logisticsPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.LOGISTICS, dbUser, true, false); Session[CatsGlobals.LOGISTICS_PERMISSIONS] = logisticsPermissionCache; // Procurement user permissions UserPermissionCache procurementPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.PROCUREMENT, dbUser, true, false); Session[CatsGlobals.PROCUREMENT_PERMISSIONS] = procurementPermissionCache; // Hub user permissions UserPermissionCache hubPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.HUB, dbUser, true, false); Session[CatsGlobals.HUB_PERMISSIONS] = hubPermissionCache; // Regional user permissions UserPermissionCache regionalPermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.REGION, dbUser, true, false); Session[CatsGlobals.REGION_PERMISSIONS] = regionalPermissionCache; // Regional user permissions UserPermissionCache financePermissionCache = new UserPermissionCache(storage, CatsGlobals.CATS, CatsGlobals.FINANCE, dbUser, true, false); Session[CatsGlobals.FINANCE_PERMISSIONS] = financePermissionCache; // Whatever permission we are going to have! _log.Info("Logged in User: "******"Administrator", "Manage User Account"); //service.GetUserPermissions(model.UserName, "CATS", "Finance"); return(RedirectToLocal(returnUrl)); } } catch (UserNotFoundException unfe) { log.LogAllErrorsMesseges(unfe, _log); ViewBag.HasError = true; ViewBag.Error = unfe.ToString(); ViewBag.ErrorMessage = "Your user name is not registered as a user on CATS. Please contact your system administrator."; } catch (DisabledUserException due) { log.LogAllErrorsMesseges(due, _log); ViewBag.HasError = true; ViewBag.Error = due.ToString(); ViewBag.ErrorMessage = "Your user account is disabled. Please contact your system administrator."; } catch (UnmatchingUsernameAndPasswordException uuape) { log.LogAllErrorsMesseges(uuape, _log); ViewBag.HasError = true; ViewBag.Error = uuape.ToString(); ViewBag.ErrorMessage = "The user name and password you provided do not match. Please try again with a correct combination."; } catch (Exception exception) { log.LogAllErrorsMesseges(exception, _log); ViewBag.HasError = true; ViewBag.Error = exception.ToString(); ViewBag.ErrorMessage = "Login failed. Try logging in with the right user name and password."; ModelState.AddModelError("", exception.Message); } return(View()); }
/// <summary> /// Determines whether [is in group] [the specified windows identity]. /// </summary> /// <param name="dbUser">The db user.</param> /// <returns> /// <c>true</c> if [is in group] [the specified windows identity]; otherwise, <c>false</c>. /// </returns> public bool IsInGroup(IAzManDBUser dbUser) { if (dbUser == null) throw new ArgumentNullException("dbUser"); return this.isAMemberOfGroup(true, this.sid.BinaryValue, this.application.Store.Storage.Mode == NetSqlAzManMode.Developer, DirectoryServicesUtils.rootDsePath, dbUser.CustomSid.BinaryValue, 0); }
private bool isInFilter(IAzManDBUser dbuser, string fieldName, string filterOperator, string fieldValue) { if (fieldValue.Trim() == String.Empty) { return(true); } //Left Value string leftValue = String.Empty; if (String.Compare(fieldName, "Name", true) == 0) { leftValue = dbuser.UserName; } else if (String.Compare(fieldName, "Custom Sid", true) == 0) { leftValue = dbuser.CustomSid.StringValue; } else { foreach (var customColumn in dbuser.CustomColumns) { if (String.Compare(fieldName, customColumn.Key, true) == 0) { leftValue = customColumn.Value.ToString(); break; } } } //Right Value string rightValue = fieldValue.Trim(); //Operator if (filterOperator == "Is" && String.Compare(leftValue, rightValue, true) == 0) { return(true); } if (filterOperator == "Is not" && String.Compare(leftValue, rightValue, true) != 0) { return(true); } if (filterOperator == "Starts with" && leftValue.StartsWith(rightValue, StringComparison.CurrentCultureIgnoreCase)) { return(true); } if (filterOperator == "Ends with" && leftValue.EndsWith(rightValue, StringComparison.CurrentCultureIgnoreCase)) { return(true); } if (filterOperator == "Does not start with" && !leftValue.StartsWith(rightValue, StringComparison.CurrentCultureIgnoreCase)) { return(true); } if (filterOperator == "Does not end with" && !leftValue.EndsWith(rightValue, StringComparison.CurrentCultureIgnoreCase)) { return(true); } if (filterOperator == "Contains" && leftValue.IndexOf(rightValue, StringComparison.CurrentCultureIgnoreCase) != -1) { return(true); } if (filterOperator == "Does not contain" && leftValue.IndexOf(rightValue, StringComparison.CurrentCultureIgnoreCase) == -1) { return(true); } //otherwise return(false); }
private bool isInFilter(IAzManDBUser dbuser, string fieldName, string filterOperator, string fieldValue) { if (fieldValue.Trim() == String.Empty) return true; //Left Value string leftValue = String.Empty; if (String.Compare(fieldName, "Name", true) == 0) leftValue = dbuser.UserName; else if (String.Compare(fieldName, "Custom Sid", true) == 0) leftValue = dbuser.CustomSid.StringValue; else { foreach (var customColumn in dbuser.CustomColumns) { if (String.Compare(fieldName, customColumn.Key, true) == 0) { leftValue = customColumn.Value.ToString(); break; } } } //Right Value string rightValue = fieldValue.Trim(); //Operator if (filterOperator == "Is" && String.Compare(leftValue, rightValue, true) == 0) return true; if (filterOperator == "Is not" && String.Compare(leftValue, rightValue, true) != 0) return true; if (filterOperator == "Starts with" && leftValue.StartsWith(rightValue, StringComparison.CurrentCultureIgnoreCase)) return true; if (filterOperator == "Ends with" && leftValue.EndsWith(rightValue, StringComparison.CurrentCultureIgnoreCase)) return true; if (filterOperator == "Does not start with" && !leftValue.StartsWith(rightValue, StringComparison.CurrentCultureIgnoreCase)) return true; if (filterOperator == "Does not end with" && !leftValue.EndsWith(rightValue, StringComparison.CurrentCultureIgnoreCase)) return true; if (filterOperator == "Contains" && leftValue.IndexOf(rightValue, StringComparison.CurrentCultureIgnoreCase)!=-1) return true; if (filterOperator == "Does not contain" && leftValue.IndexOf(rightValue, StringComparison.CurrentCultureIgnoreCase) == -1) return true; //otherwise return false; }
/// <summary> /// Checks the Application access [FOR DB Users ONLY]. /// </summary> /// <param name="dbUser">The db user.</param> /// <param name="validFor">The valid for.</param> /// <param name="contextParameters">The context parameters.</param> /// <returns> /// [true] for access allowd, [false] otherwise. /// </returns> public bool CheckApplicationAccess(IAzManDBUser dbUser, DateTime validFor, params KeyValuePair<string, object>[] contextParameters) { foreach (IAzManItem item in this.GetItems()) { AuthorizationType auth = item.CheckAccess(dbUser, validFor, contextParameters); if (auth == AuthorizationType.AllowWithDelegation || auth == AuthorizationType.Allow) { return true; } } return false; }
private void btnCheckAccessTest_Click(object sender, EventArgs e) { try { NTAccount nta = (NTAccount)(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User.Translate(typeof(NTAccount))); string currentUpnName = nta.Value; if (currentUpnName.IndexOf('\\') != -1) { currentUpnName = currentUpnName.Substring(currentUpnName.IndexOf('\\') + 1); } if (this.rbWindowsUser.Checked && !String.IsNullOrEmpty(this.txtWindowsUser.Text)) { this.dbuser = null; if (this.txtWindowsUser.Text == currentUpnName) { //Current Windows User this.wid = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()); } else { //Kerberos Protocol Transition this.wid = new WindowsIdentity(this.txtWindowsUser.Text); } } else if (this.rbDBUser.Checked && !String.IsNullOrEmpty(this.txtDBUser.Text)) { this.wid = null; this.dbuser = this.application.GetDBUser(this.txtDBUser.Text); } this.HourGlass(true); this.txtDetails.Text = String.Empty; this.btnCheckAccessTest.Enabled = this.btnClose.Enabled = this.btnBrowseWindowsUser.Enabled = this.btnBrowseDBUser.Enabled = this.rbWindowsUser.Enabled = this.rbDBUser.Enabled = false; this.WriteLineDetailMessage(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg30") + " " + DateTime.Now.ToString()); this.WriteLineDetailMessage(String.Empty); this.WriteIdentityDetails(); this.WriteLineDetailMessage(String.Empty); this.WriteDetailMessage(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg40")); this.checkAccessTestTreeView.BeginUpdate(); this.RefreshItemsHierarchy(); this.checkAccessTestTreeView.EndUpdate(); Application.DoEvents(); this.WriteLineDetailMessage(Globalization.MultilanguageResource.GetString("Done_Msg10")); this.WriteLineDetailMessage(String.Empty); TreeNode applicationTreeNode = this.checkAccessTestTreeView.Nodes[0].Nodes[0].Nodes[0]; Boolean turboMode = this.application.Items.Count > 50; Hashtable resultCache = new Hashtable(); Hashtable attributesCache = new Hashtable(); if (turboMode) { this.checkAccessTestTreeView.BeginUpdate(); } foreach (TreeNode itemTreeNode in applicationTreeNode.Nodes) { this.checkAccessTest(itemTreeNode, turboMode, resultCache, attributesCache); } if (turboMode) { this.checkAccessTestTreeView.EndUpdate(); } this.WriteLineDetailMessage(String.Empty); this.WriteLineDetailMessage(Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg50") + " " + DateTime.Now.ToString()); } catch (Exception ex) { this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("frmCheckAccessTest_Msg10")); } finally { this.btnCheckAccessTest.Enabled = this.btnClose.Enabled = this.btnBrowseWindowsUser.Enabled = this.btnBrowseDBUser.Enabled = this.rbWindowsUser.Enabled = this.rbDBUser.Enabled = true; this.HourGlass(false); } }
/// <summary> /// Checks the access [FOR DB Users only]. /// </summary> /// <param name="StoreName">Name of the store.</param> /// <param name="ApplicationName">Name of the application.</param> /// <param name="ItemName">Name of the itemName.</param> /// <param name="dbUser">The db user.</param> /// <param name="ValidFor">The valid for.</param> /// <param name="OperationsOnly">if set to <c>true</c> [operations only].</param> /// <param name="attributes">The attributes readed.</param> /// <param name="contextParameters">The context parameters.</param> /// <returns>AuthorizationType</returns> public AuthorizationType CheckAccess(string StoreName, string ApplicationName, string ItemName, IAzManDBUser dbUser, DateTime ValidFor, bool OperationsOnly, out List<KeyValuePair<string, string>> attributes, params KeyValuePair<string, object>[] contextParameters) { return this.internalCheckAccess(StoreName, ApplicationName, ItemName, dbUser, ValidFor, OperationsOnly, true, out attributes, contextParameters); }
/// <summary> /// Creates the delegation [DB Users]. /// </summary> /// <param name="delegatingUser">The delegating user.</param> /// <param name="delegateUser">The delegate user.</param> /// <param name="authorizationType">Type of the authorization.</param> /// <param name="validFrom">The valid from.</param> /// <param name="validTo">The valid to.</param> /// <returns>IAzManAuthorization</returns> public IAzManAuthorization CreateDelegateAuthorization(IAzManDBUser delegatingUser, IAzManSid delegateUser, RestrictedAuthorizationType authorizationType, DateTime? validFrom, DateTime? validTo) { //DateTime range check if (validFrom.HasValue && validTo.HasValue) { if (validFrom.Value > validTo.Value) throw new InvalidOperationException("ValidFrom cannot be greater then ValidTo if supplied."); } string delegatedName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(delegateUser.StringValue, out delegatedName, out isLocal); //Check if user has AllowWithDelegation permission on this Item. if (this.CheckAccess(delegatingUser, DateTime.Now) != AuthorizationType.AllowWithDelegation) { string msg = String.Format("Create Delegate permission deny for user '{0}' ({1}) to user '{2}' ({3}).", delegatingUser.UserName, delegatingUser.CustomSid.StringValue, delegatedName, delegateUser.StringValue); throw new SqlAzManException(msg); } WhereDefined sidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP; if (this.application.Store.Storage.Mode == NetSqlAzManMode.Administrator && sidWhereDefined == WhereDefined.Local) { throw new SqlAzManException("Cannot create a Delegate defined on local in Administrator Mode"); } IAzManSid owner = delegatingUser.CustomSid; string ownerName = delegatingUser.UserName; WhereDefined ownerSidWhereDefined = WhereDefined.Database; int? authorizationId = 0; this.db.CreateDelegate(this.itemId, owner.BinaryValue, (byte)ownerSidWhereDefined, delegateUser.BinaryValue, (byte)sidWhereDefined, (byte)authorizationType, (validFrom.HasValue ? validFrom.Value : new DateTime?()), (validTo.HasValue ? validTo.Value : new DateTime?()), ref authorizationId); IAzManAuthorization result = new SqlAzManAuthorization(this.db, this, authorizationId.Value, owner, ownerSidWhereDefined, delegateUser, sidWhereDefined, (AuthorizationType)authorizationType, validFrom, validTo, this.ens); this.raiseDelegateCreated(this, result); if (this.ens != null) this.ens.AddPublisher(result); return result; }
/// <summary> /// Removes the delegate [DB Users]. /// </summary> /// <param name="delegatingUser">The delegating user.</param> /// <param name="delegateUser">The delegate user.</param> /// <param name="authorizationType">Type of the authorization.</param> public void DeleteDelegateAuthorization(IAzManDBUser delegatingUser, IAzManSid delegateUser, RestrictedAuthorizationType authorizationType) { string delegatedName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(delegateUser.StringValue, out delegatedName, out isLocal); //Check if user has AllowWithDelegation permission on this Item. if (this.CheckAccess(delegatingUser, DateTime.Now) != AuthorizationType.AllowWithDelegation) { string msg = String.Format("Remove Delegate permission deny for user '{0}' ({1}) to user '{2}' ({3}).", delegatingUser.UserName, delegatingUser.CustomSid.StringValue, delegatedName, delegateUser.StringValue); throw new SqlAzManException(msg); } WhereDefined memberWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP; if (this.application.Store.Storage.Mode == NetSqlAzManMode.Administrator && memberWhereDefined == WhereDefined.Local) { throw new SqlAzManException("Cannot remove Delegates defined on local in Administrator Mode"); } IAzManSid owner = delegatingUser.CustomSid; string ownerName = delegatingUser.UserName; foreach (IAzManAuthorization auth in this.GetAuthorizations(owner, delegateUser)) { if ((byte)auth.AuthorizationType == (byte)authorizationType) { int affectedRecords = db.DeleteDelegate(auth.AuthorizationId, owner.BinaryValue); if (affectedRecords != 0) this.raiseDelegateDeleted(this, delegatingUser.CustomSid, delegateUser, authorizationType); } } }
/// <summary> /// Checks the access in async way [FOR DB Users ONLY]. /// </summary> /// <param name="dbUser">The db user.</param> /// <param name="validFor">The valid for.</param> /// <param name="callBack">The call back.</param> /// <param name="stateObject">The state object.</param> /// <param name="contextParameters">The context parameters.</param> /// <returns>AuthorizationType</returns> /// <remarks> /// <para>Remeber to: </para> /// <para>1) add "Asynchronous Processing=true" in the Storage Connection String</para> /// <para>2) Storage Connection must be manually opened and closed.</para> /// </remarks> public IAsyncResult BeginCheckAccess(IAzManDBUser dbUser, DateTime validFor, AsyncCallback callBack, object stateObject, params KeyValuePair<string, object>[] contextParameters) { List<KeyValuePair<string, string>> attributes; return this.BeginCheckAccess(dbUser, validFor, callBack, stateObject, out attributes, contextParameters); }
/// <summary> /// Initializes a new instance of the <see cref="UserPermissionCache"/> class. /// </summary> /// <param name="storage">The storage.</param> /// <param name="storeName">Name of the store.</param> /// <param name="applicationName">Name of the application.</param> /// <param name="dbUser">The db user.</param> /// <param name="retrieveAttributes">if set to <c>true</c> [retrieve attributes].</param> /// <param name="multiThreadBuild">if set to <c>true</c> [multi thread build].</param> /// <param name="contextParameters">The context parameters.</param> public UserPermissionCache(IAzManStorage storage, string storeName, string applicationName, IAzManDBUser dbUser, bool retrieveAttributes, bool multiThreadBuild, params KeyValuePair<string, object>[] contextParameters) : this(storage, storeName, applicationName, retrieveAttributes, contextParameters) { this.dbUser = dbUser; if (multiThreadBuild) this.buildApplicationCacheMultiThread(); else this.buildApplicationCache(); }
/// <summary> /// Checks the access in async way [FOR DB Users ONLY]. /// </summary> /// <param name="dbUser">The db user.</param> /// <param name="validFor">The valid for.</param> /// <param name="callBack">The call back.</param> /// <param name="stateObject">The state object.</param> /// <param name="attributes">The attributes readed.</param> /// <param name="contextParameters">The context parameters.</param> /// <returns>AuthorizationType</returns> /// <remarks> /// <para>Remeber to: </para> /// <para>1) add "Asynchronous Processing=true" in the Storage Connection String</para> /// <para>2) Storage Connection must be manually opened and closed.</para> /// </remarks> public IAsyncResult BeginCheckAccess(IAzManDBUser dbUser, DateTime validFor, AsyncCallback callBack, object stateObject, out List<KeyValuePair<string, string>> attributes, params KeyValuePair<string, object>[] contextParameters) { return this.application.Store.Storage.BeginCheckAccess(this.application.Store.Name, this.application.Name, this.name, dbUser, validFor, (this.itemType == ItemType.Operation ? true : false), callBack, stateObject, out attributes, contextParameters); }
/// <summary> /// Checks the access [FOR Windows Users only]. /// </summary> /// <param name="dbUser">The db user.</param> /// <param name="validFor">The valid for.</param> /// <param name="contextParameters">The context parameters.</param> /// <returns>AuthorizationType</returns> public AuthorizationType CheckAccess(IAzManDBUser dbUser, DateTime validFor, params KeyValuePair<string, object>[] contextParameters) { List<KeyValuePair<string, string>> attributes; return this.CheckAccess(dbUser, validFor, out attributes, contextParameters); }
/// <summary> /// Checks the access [FOR Windows Users only]. /// </summary> /// <param name="dbUser">The db user.</param> /// <param name="validFor">The valid for.</param> /// <param name="attributes">The attributes readed.</param> /// <param name="contextParameters">The context parameters.</param> /// <returns>AuthorizationType</returns> public AuthorizationType CheckAccess(IAzManDBUser dbUser, DateTime validFor, out List<KeyValuePair<string, string>> attributes, params KeyValuePair<string, object>[] contextParameters) { return this.application.Store.Storage.CheckAccess(this.application.Store.Name, this.application.Name, this.name, dbUser, validFor, this.itemType == ItemType.Operation, out attributes, contextParameters); }
/// <summary> /// Gets the DB users. /// </summary> /// <returns></returns> public IAzManDBUser[] GetDBUsers() { var dtDBUsers = this.db.GetDBUsersEx(this.store.Name, this.name, null, null); IAzManDBUser[] result = new IAzManDBUser[dtDBUsers.Rows.Count]; int i = 0; foreach (DataRow row in dtDBUsers.Rows) { result[i++] = new SqlAzManDBUser(row); } return result; }
/// <summary> /// Checks the access in async way [ONLY FOR DB Users]. /// </summary> /// <param name="StoreName">Name of the store.</param> /// <param name="ApplicationName">Name of the application.</param> /// <param name="ItemName">Name of the itemName.</param> /// <param name="dbUser">The db user.</param> /// <param name="ValidFor">The valid for.</param> /// <param name="OperationsOnly">if set to <c>true</c> [operations only].</param> /// <param name="callBack">The call back.</param> /// <param name="stateObject">The state object.</param> /// <param name="attributes">The attributes readed.</param> /// <param name="contextParameters">The context parameters.</param> /// <returns>AuthorizationType</returns> /// <remarks> /// <para>Remeber to: </para> /// <para>1) add "Asynchronous Processing=true" in the Storage Connection String</para> /// <para>2) Storage Connection must be manually opened and closed.</para> /// </remarks> public IAsyncResult BeginCheckAccess(string StoreName, string ApplicationName, string ItemName, IAzManDBUser dbUser, DateTime ValidFor, bool OperationsOnly, AsyncCallback callBack, object stateObject, out List<KeyValuePair<string, string>> attributes, params KeyValuePair<string, object>[] contextParameters) { this.asyncCheckAccessForDBUsers = new AsyncCheckAccessForDBUsers(this.CheckAccess); return this.asyncCheckAccessForDBUsers.BeginInvoke(StoreName, ApplicationName, ItemName, dbUser, ValidFor, OperationsOnly, out attributes, contextParameters, callBack, stateObject); }