/// <override></override> public bool IsGranted <TSecurityDomainObject>(Permission permission, SecurityAccess access, IEnumerable <TSecurityDomainObject> securityDomainObjects) where TSecurityDomainObject : ISecurityDomainObject { bool result = true; bool collectionIsEmpty = true; foreach (TSecurityDomainObject s in securityDomainObjects) { if (collectionIsEmpty) { collectionIsEmpty = false; } if (!IsGranted(permission, s)) { result = false; break; } } if (collectionIsEmpty) { result = CouldBeGranted(permission, access); } return(result); }
public void SetPermissions(char domain, Permission permissions, SecurityAccess access) { AssertValidDomainQualifier(domain); AssertDomainPermissionSet(permissions); domainPermissionSetsModify[domain - 'A'] = (access == SecurityAccess.Modify) ? permissions : Permission.None; domainPermissionSetsView[domain - 'A'] = permissions; }
/// <summary> /// Removes permissions from the given role. /// </summary> /// <remarks>Security domain independent permissions are checked against the role permissions.</remarks> public void RemovePermissions(string roleName, Permission permissions, SecurityAccess access) { if (roleName == null) { throw new ArgumentNullException("role"); } GetRole(roleName, true).RemovePermissions(permissions, access); }
/// <override></override> public bool IsGranted(Permission permission, SecurityAccess access, ISecurityDomainObject securityDomainObject) { if (securityDomainObject == null) { throw new ArgumentNullException("shape"); } return(IsGranted(permission, access, securityDomainObject.SecurityDomainName)); }
/// <summary> /// Delete an Item /// </summary> /// <param name="item">The Item to delete</param> public override void DeleteItem(Item item) { if (item != null) { Configuration.Instance.DeleteItemConfiguration(SensorMonitorDefinition.SensorMonitorPluginId, item); SecurityAccess.UnregisterItem(item); } }
public void RemovePermissions(Permission permissions, SecurityAccess access) { AssertGeneralPermissionSet(permissions); if (access == SecurityAccess.View) { generalPermissionSetView &= ~permissions; } generalPermissionSetModify &= ~permissions; }
public DomainUser(int userID) : base(userID) { SecurityRoles.Add(new Role { RoleNumber = 0, RoleTitle = "None", RoleDescription = "Unknown Role" }); SecurityAccess.Add(new Access { AccessNumber = 0, AccessTitle = "None", AccessDescription = "No Access" }); }
public void SetPermissions(Permission permissions, SecurityAccess access) { AssertGeneralPermissionSet(permissions); if (access == SecurityAccess.Modify) { generalPermissionSetModify = permissions; } generalPermissionSetView = permissions; }
public static void SetCheckState(Panel panel, Permission permission, SecurityAccess access, bool value) { string name = string.Format("chk{0}{1}", access, GetPermissionString(permission)); CheckBox chk = (CheckBox)panel.Controls[name]; if (chk.Checked != value) { chk.Checked = value; } }
public void RemovePermissions(char domain, Permission permissions, SecurityAccess access) { AssertValidDomainQualifier(domain); AssertDomainPermissionSet(permissions); if (access == SecurityAccess.View) { domainPermissionSetsView[domain - 'A'] &= ~permissions; } domainPermissionSetsModify[domain - 'A'] &= ~permissions; }
/// <summary> /// Create a new Item /// </summary> /// <param name="parentItem">The parent for the new Item</param> /// <param name="suggestedFQID">A suggested FQID for the new Item</param> public override Item CreateItem(Item parentItem, FQID suggestedFQID) { CurrentItem = new SensorItem(suggestedFQID, "Enter a name", parentItem); if (_userControl != null) { _userControl.FillContent(CurrentItem); } Configuration.Instance.SaveItemConfiguration(SensorMonitorDefinition.SensorMonitorPluginId, CurrentItem); SecurityAccess.RegisterItem(CurrentItem); return(CurrentItem); }
private bool CouldBeGranted(Permission permission, SecurityAccess access) { for (char dom = 'A'; dom <= 'Z'; ++dom) { if (IsGranted(permission, access, dom)) { return(true); } } return(false); }
private void permissionCheckBox_CheckedChanged(object sender, EventArgs e) { CheckBox chkBox = sender as CheckBox; if (chkBox != null) { // Find out which permission has changed Permission permission = Permission.None; foreach (Permission p in Enum.GetValues(typeof(Permission))) { if (chkBox.Name.Contains(SecurityDemoHelper.GetPermissionString(p))) { permission = p; break; } } // Check if the permission is set char domainName = (char)cboDomain.SelectedItem; SecurityAccess access = chkBox.Name.Contains("View") ? SecurityAccess.View : SecurityAccess.Modify; bool permissionGranted = owner.SecurityManager.IsGranted(permission, access, domainName); // Update only if the granted state changed if (permissionGranted != chkBox.Checked) { StandardRole role = (StandardRole)cboUser.SelectedItem; // Set General or Domain permissions if (permission == Permission.Designs || permission == Permission.Security || permission == Permission.Templates) { if (chkBox.Checked) { owner.SecurityManager.AddPermissions(role, permission, access); } else { owner.SecurityManager.RemovePermissions(role, permission, access); } } else { if (chkBox.Checked) { owner.SecurityManager.AddPermissions(domainName, role, permission, access); } else { owner.SecurityManager.RemovePermissions(domainName, role, permission, access); } } UpdateSecurityControls(); } } }
private IntPtr pSD = IntPtr.Zero; // LPSECURITY_DESCRIPTOR /// <summary> /// Constructor. /// </summary> /// <param name="access">The type of descriptor to create.</param> public SecurityAttributes(SecurityAccess access) { #if WINFULL switch (access) { case SecurityAccess.Unrestricted: pSD = Marshal.AllocHGlobal(new IntPtr(WinApi.SECURITY_DESCRIPTOR_MIN_LENGTH)); if (pSD == IntPtr.Zero) { throw new Exception("Security descriptor cannot be allocated."); } if (!WinApi.InitializeSecurityDescriptor(pSD, WinApi.SECURITY_DESCRIPTOR_REVISION)) { Marshal.FreeHGlobal(pSD); pSD = IntPtr.Zero; throw new Exception("Security descriptor cannot be initialized."); } if (!WinApi.SetSecurityDescriptorDacl(pSD, true, IntPtr.Zero, false)) { Marshal.FreeHGlobal(pSD); pSD = IntPtr.Zero; throw new Exception("Cannot set the discretionary ACL."); } WinApi.SECURITY_ATTRIBUTES sa; sa = new WinApi.SECURITY_ATTRIBUTES(pSD); pSA = Marshal.AllocHGlobal(sizeof(WinApi.SECURITY_ATTRIBUTES)); if (pSA == IntPtr.Zero) { throw new Exception("Security attributes cannot be allocated."); } Marshal.StructureToPtr(sa, pSA, false); break; case SecurityAccess.CurrentAccount: pSA = IntPtr.Zero; pSD = IntPtr.Zero; break; default: Assertion.Fail("Unexpected security access type."); break; } #endif // WINFULL }
/// <summary> /// Delete an Item /// </summary> /// <param name="item">The Item to delete</param> public override void DeleteItem(Item item) { if (item != null) { Configuration.Instance.DeleteItemConfiguration(SensorMonitorDefinition.SensorMonitorPluginId, item); SecurityAccess.UnregisterItem(item); //Send message to get the Sensor Tree display updated with the Sensor's parent node (The controller) updated EnvironmentManager.Instance.SendMessage( new VideoOS.Platform.Messaging.Message(VideoOS.Platform.Messaging.MessageId.System.ApplicationRefreshTreeViewCommand) { Data = SensorMonitorDefinition.SensorMonitorSensorKind }); } }
public bool IsGranted(Permission permissions, SecurityAccess access) { AssertGeneralPermissionSet(permissions); Permission userPermissions = permissions & GeneralPermissions; if (access == SecurityAccess.Modify) { return((generalPermissionSetModify & userPermissions) == userPermissions); } else { return((generalPermissionSetView & userPermissions) == userPermissions); } }
/// <summary> /// Create a new Item /// </summary> /// <param name="parentItem">The parent for the new Item</param> /// <param name="suggestedFQID">A suggested FQID for the new Item</param> public override Item CreateItem(Item parentItem, FQID suggestedFQID) { CurrentItem = new Item(suggestedFQID, "Enter a name"); if (_userControl != null) { _userControl.FillContent(CurrentItem); } Configuration.Instance.SaveItemConfiguration(SensorMonitorDefinition.SensorMonitorPluginId, CurrentItem); SecurityAccess.RegisterItem(CurrentItem); //Send message to get the Sensor Tree display updated with the Sensors parent node (The controller) updated EnvironmentManager.Instance.SendMessage( new VideoOS.Platform.Messaging.Message(VideoOS.Platform.Messaging.MessageId.System.ApplicationRefreshTreeViewCommand) { Data = SensorMonitorDefinition.SensorMonitorSensorKind }); return(CurrentItem); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { Guid key; if (TryGetKey(filterContext.HttpContext, out key)) { SecurityAccess access = SecurityService.CheckAccess(key); if (access.Status == AccessStatus.Success) { base.OnActionExecuting(filterContext); return; } } filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Unauthorized); }
public bool IsGranted(Permission permissions, SecurityAccess access, char domain) { AssertValidDomainQualifier(domain); Permission userPermissions = permissions & GeneralPermissions; Permission shapePermissions = permissions & ShapePermissions; if (access == SecurityAccess.Modify) { return((generalPermissionSetModify & userPermissions) == userPermissions && (domainPermissionSetsModify[domain - 'A'] & shapePermissions) == shapePermissions); } else { return((generalPermissionSetView & userPermissions) == userPermissions && (domainPermissionSetsView[domain - 'A'] & shapePermissions) == shapePermissions); } }
/// <summary> /// Asynchronously sends a key generation request to the emitter.io service. /// </summary> /// <param name="secretKey">The secret key for this request.</param> /// <param name="channel">The target channel for the requested key.</param> /// <param name="securityAccess">The security access of the requested key.</param> /// <param name="ttl">The number of seconds for which this key will be usable.</param> public void GenerateKey(string secretKey, string channel, SecurityAccess securityAccess, int ttl, KeygenHandler handler) { // Prepare the request var request = new KeygenRequest(); request.Key = secretKey; request.Channel = channel; request.Type = securityAccess; request.Ttl = ttl; // Register the handler this.KeygenHandlers[channel] = handler; //this.Client.Subscribe(new string[] { "emitter/keygen/" }, new byte[] { 0 }); // Serialize and publish the request this.Publish("emitter/", "keygen/", Encoding.UTF8.GetBytes(request.ToJson())); }
//------------------------------------------------------------------------------------- /// <summary> /// Метод объединения (сложения) наборов доступов. /// </summary> /// <param name="ia">Добавляемый набор доступов.</param> public void Join(SecurityItemAccess ia) { if(ia.Browse != SecurityAccess.Browse) this.Browse = ia.Browse; if(ia.Level1 != SecurityAccess.Browse) this.Level1 = ia.Level1; if(ia.Level2 != SecurityAccess.Browse) this.Level2 = ia.Level2; if(ia.Level3 != SecurityAccess.Browse) this.Level3 = ia.Level3; }
/// <ToBeCompleted></ToBeCompleted> protected bool IsGranted(IPropertyController controller, Permission permissions, SecurityAccess access, object instance) { if (instance is ISecurityDomainObject) return controller.Project.SecurityManager.IsGranted(permissions, access, (ISecurityDomainObject) instance); else return controller.Project.SecurityManager.IsGranted(permissions, access); }
//------------------------------------------------------------------------------------- /// <summary> /// Сбрасывает набор поступов в неопределенное состояние. /// </summary> public void Reset() { browse = SecurityAccess.NotSet; L1 = SecurityAccess.NotSet; L2 = SecurityAccess.NotSet; L3 = SecurityAccess.NotSet; }
//------------------------------------------------------------------------------------- /// <summary> /// Метод инициализации набора доступов из указанного набора. /// </summary> /// <param name="ia">Набор, из которого проводится инициализация.</param> public void InitFrom(SecurityItemAccess ia) { if(Browse == SecurityAccess.NotSet && (ia.Browse == SecurityAccess.Set || ia.Browse == SecurityAccess.Browse)) this.Browse = SecurityAccess.Browse; if(Level1 == SecurityAccess.NotSet && (ia.Level1 == SecurityAccess.Set || ia.Level1 == SecurityAccess.Browse)) this.Level1 = SecurityAccess.Browse; if(Level2 == SecurityAccess.NotSet && (ia.Level2 == SecurityAccess.Set || ia.Level2 == SecurityAccess.Browse)) this.Level2 = SecurityAccess.Browse; if(Level3 == SecurityAccess.NotSet && (ia.Level3 == SecurityAccess.Set || ia.Level3 == SecurityAccess.Browse)) this.Level3 = SecurityAccess.Browse; }
public static void SetCheckState(Panel panel, Permission permission, SecurityAccess access, bool value) { string name = string.Format("chk{0}{1}", access, GetPermissionString(permission)); CheckBox chk = (CheckBox)panel.Controls[name]; if (chk.Checked != value) chk.Checked = value; }
public static bool GetCheckState(Panel panel, Permission permission, SecurityAccess access) { string name = string.Format("chk{0}{1}", access, permission); return ((CheckBox)panel.Controls[name]).Checked; }
/// <summary> /// Removes permissions from the given domain and role. /// </summary> /// <remarks>Security domain dependent permissions are checked against the role's domain permissions.</remarks> public void RemovePermissions(char domain, StandardRole role, Permission permissions, SecurityAccess access) { string roleName = GetRoleName(role); RemovePermissions(domain, roleName, permissions, access); }
/// <override></override> public bool IsGranted(Permission permission, SecurityAccess access) { return(currentUserRole.IsGranted(permission, access)); }
/// <summary> /// Redefines the permissions of the given domain and role. /// </summary> /// <remarks>Security domain dependent permissions are checked against the role's domain permissions.</remarks> public void SetPermissions(char domain, string roleName, Permission permissions, SecurityAccess access) { if (roleName == null) { throw new ArgumentNullException("role"); } GetRole(roleName, true).SetPermissions(domain, permissions, access); }
/// <ToBeCompleted></ToBeCompleted> protected bool IsGranted(IPropertyController controller, Permission permissions, SecurityAccess access, object instance) { if (instance is ISecurityDomainObject) { return(controller.Project.SecurityManager.IsGranted(permissions, access, (ISecurityDomainObject)instance)); } else { return(controller.Project.SecurityManager.IsGranted(permissions, access)); } }
/// <summary> /// Redefines the permissions of the given role. /// </summary> /// <remarks>Security domain independent permissions are checked against the role permissions.</remarks> public void SetPermissions(StandardRole role, Permission permissions, SecurityAccess access) { string roleName = GetRoleName(role); SetPermissions(roleName, permissions, access); }
private object TriggerReceiver(VideoOS.Platform.Messaging.Message message, FQID dest, FQID sender) { try { if (dest != null && dest.Kind == _kind) { string userSID = ""; if (sender != null && sender.Kind == Kind.User) { userSID = sender.ObjectIdString; // Get hold of the user executing the command } String command = message.Data as String; Item item = GetItem(dest); if (command != null && item != null) { if (command == "POWEROFF") { EnvironmentManager.Instance.Log(false, "SensorMonitor", "SensorMonitor- Building poweroff Event " + command, null); if (userSID == null) { SecurityAccess.CheckPermission(item, command); } else { SecurityAccess.CheckPermission(item, command, userSID); } if (_downItems.Contains(item.FQID.ObjectId) == false) { _downItems.Add(item.FQID.ObjectId); } Item controller = GetItem(dest); if (controller.Properties.ContainsKey("RelatedEventFQID") && controller.Properties.ContainsKey("RelatedFQID")) { FQID cameraFqid = new FQID(controller.Properties["RelatedFQID"]); FQID eventFqid = new FQID(controller.Properties["RelatedEventFQID"]); Message mes = new Message(MessageId.Control.TriggerCommand, cameraFqid); EnvironmentManager.Instance.PostMessage(mes, eventFqid, cameraFqid); } FQID cameraFQID = null; if (item.Properties.ContainsKey("RelatedFQID")) { cameraFQID = new FQID(item.Properties["RelatedFQID"]); } EventHeader eventHeader = new EventHeader() { ID = Guid.NewGuid(), Class = "Operational", Type = "Power", Timestamp = DateTime.Now, Message = ControllerDownMessage, Name = item.Name, Source = new EventSource { FQID = item.FQID, Name = item.Name }, CustomTag = "<My><MiniXml>With no data-1</MiniXml></My>" }; AnalyticsEvent eventData = new AnalyticsEvent { EventHeader = eventHeader, }; if (cameraFQID != null) { eventData.ReferenceList = new ReferenceList(); eventData.ReferenceList.Add(new Reference() { FQID = cameraFQID }); // Ensure that camera will be presented in the preview } EnvironmentManager.Instance.SendMessage(new VideoOS.Platform.Messaging.Message(MessageId.Server.NewEventCommand) { Data = eventData, RelatedFQID = cameraFQID }); EventServerControl.Instance.ItemStatusChanged(item); } if (command == "POWERON") { EnvironmentManager.Instance.Log(false, "SensorMonitor", "SensorMonitor- Building poweron Event " + command, null); if (userSID == null) { SecurityAccess.CheckPermission(item, command); } else { SecurityAccess.CheckPermission(item, command, userSID); } EnvironmentManager.Instance.Log(false, "SensorMonitor", "SensorMonitor- Building poweron event ", null); if (_downItems.Contains(item.FQID.ObjectId)) { _downItems.Remove(item.FQID.ObjectId); } FQID cameraFQID = null; if (item.Properties.ContainsKey("RelatedFQID")) { cameraFQID = new FQID(item.Properties["RelatedFQID"]); } EventHeader eventHeader = new EventHeader { ID = Guid.NewGuid(), Class = "Operational", Type = "Power", Timestamp = DateTime.Now, Message = ControllerUpMessage, Name = item.Name, Source = new EventSource { FQID = item.FQID, Name = item.Name }, CustomTag = "<My><MiniXml>With no data-2</MiniXml></My>" }; AnalyticsEvent eventData = new AnalyticsEvent { EventHeader = eventHeader, }; if (cameraFQID != null) { eventData.ReferenceList = new ReferenceList(); eventData.ReferenceList.Add(new Reference() { FQID = cameraFQID }); // Ensure that camera will be presented in the preview } EnvironmentManager.Instance.SendMessage(new VideoOS.Platform.Messaging.Message(MessageId.Server.NewEventCommand) { Data = eventData, RelatedFQID = cameraFQID }); EventServerControl.Instance.ItemStatusChanged(item); } if (command == "STARTREC") { EnvironmentManager.Instance.Log(false, "SensorMonitor", "SensorMonitor- Building start recording Event " + command, null); Item controller = GetItem(dest); if (controller.Properties.ContainsKey("RelatedFQID")) { FQID fqid = new FQID(controller.Properties["RelatedFQID"]); EnvironmentManager.Instance.SendMessage( new VideoOS.Platform.Messaging.Message(MessageId.Control.StartRecordingCommand), fqid); EventHeader eventHeader = new EventHeader { ID = Guid.NewGuid(), Class = "Operationel", Type = "UserCommand", Timestamp = DateTime.Now, Message = StartRecordingMessage, Name = item.Name, Source = new EventSource { FQID = item.FQID, Name = item.Name }, CustomTag = "<My><MiniXml>With no data-3</MiniXml></My>" }; AnalyticsEvent eventData = new AnalyticsEvent { EventHeader = eventHeader, }; eventData.ReferenceList = new ReferenceList(); eventData.ReferenceList.Add(new Reference() { FQID = fqid }); // Ensure that camera will be presented in the preview // We inform the rest of the Event Server, that this command has been issued (In case there is a AlarmDefinition that matches) EnvironmentManager.Instance.SendMessage(new VideoOS.Platform.Messaging.Message(MessageId.Server.NewEventCommand) { Data = eventData, RelatedFQID = fqid }); } } if (command == "STOPREC") { EnvironmentManager.Instance.Log(false, "SensorMonitor", "SensorMonitor- Building stop recording Event " + command, null); Item controller = GetItem(dest); if (controller.Properties.ContainsKey("RelatedFQID")) { FQID fqid = new FQID(controller.Properties["RelatedFQID"]); EnvironmentManager.Instance.SendMessage( new VideoOS.Platform.Messaging.Message(MessageId.Control.StopRecordingCommand), fqid); EventHeader eventHeader = new EventHeader { ID = Guid.NewGuid(), Class = "Operationel", Type = "UserCommand", Timestamp = DateTime.Now, Message = StopRecordingMessage, Name = item.Name, Source = new EventSource { FQID = item.FQID, Name = item.Name }, CustomTag = "<My><MiniXml>With no data-3</MiniXml></My>" }; AnalyticsEvent eventData = new AnalyticsEvent { EventHeader = eventHeader, }; eventData.ReferenceList = new ReferenceList(); eventData.ReferenceList.Add(new Reference() { FQID = fqid }); // Ensure that camera will be presented in the preview // We inform the rest of the Event Server, that this command has been issued (In case there is a AlarmDefinition that matches) EnvironmentManager.Instance.SendMessage(new VideoOS.Platform.Messaging.Message(MessageId.Server.NewEventCommand) { Data = eventData, RelatedFQID = fqid }); } } if (command == "TRIGGEREVENT") { EnvironmentManager.Instance.Log(false, "SensorMonitor", "SensorMonitor- Building trigger Event " + command, null); Item controller = GetItem(dest); if (controller.Properties.ContainsKey("RelatedEventFQID") && controller.Properties.ContainsKey("RelatedFQID")) { FQID cameraFqid = new FQID(controller.Properties["RelatedFQID"]); FQID eventFqid = new FQID(controller.Properties["RelatedEventFQID"]); Message mes = new Message(MessageId.Control.TriggerCommand, cameraFqid); EnvironmentManager.Instance.PostMessage(mes, eventFqid, cameraFqid); } } } } } catch (NotAuthorizedMIPException) { throw; } catch (Exception ex) { EnvironmentManager.Instance.Log(false, "SensorMonitor", "SensorMonitor-9 " + ex.Message, new [] { ex }); //User not authorized to perform the action } return(null); }
/// <override></override> public bool IsGranted(Permission permission, SecurityAccess access, char domainName) { return(currentUserRole.IsGranted(permission, access, domainName)); }
/// <summary> /// Asynchronously sends a key generation request to the emitter.io service. /// </summary> /// <param name="secretKey">The secret key for this request.</param> /// <param name="channel">The target channel for the requested key.</param> /// <param name="securityAccess">The security access of the requested key.</param> public void GenerateKey(string secretKey, string channel, SecurityAccess securityAccess, KeygenHandler handler) { this.GenerateKey(secretKey, channel, securityAccess, 0, handler); }
public static void UpdatePermissionTableCtrls(RoleBasedSecurityManager securityManager, TableLayoutPanel panel, char securityDomain, SecurityAccess access) { bool isGranted = false; foreach (Permission permission in Enum.GetValues(typeof(Permission))) { switch (permission) { case Permission.All: case Permission.None: break; case Permission.Designs: case Permission.Security: case Permission.Templates: { isGranted = securityManager.IsGranted(permission, access); SetCheckState(panel, permission, access, isGranted); } break; case Permission.Connect: case Permission.Data: case Permission.Delete: case Permission.Insert: case Permission.Layout: case Permission.Present: { isGranted = (securityDomain != NoDomain) ? securityManager.IsGranted(permission, access, securityDomain) : false; SetCheckState(panel, permission, access, isGranted); } break; default: Debug.Fail("Unhandled Permission!"); break; } } }
public static bool GetCheckState(Panel panel, Permission permission, SecurityAccess access) { string name = string.Format("chk{0}{1}", access, permission); return(((CheckBox)panel.Controls[name]).Checked); }