public async Task <SecurityDescriptorTargetsViewModel> CreateViewModelAsync(IList <SecurityDescriptorTarget> model) { var item = new SecurityDescriptorTargetsViewModel(model, factory, dialogCoordinator, eventPublisher.Invoke(), logger, directory, computerTargetProvider, effectiveAccessFactory, shellExecuteProvider); await item.Initialization; return(item); }
public EffectiveAccessViewModel(IAuthorizationInformationBuilder authorizationBuilder, IDialogCoordinator dialogCoordinator, IDirectory directory, SecurityDescriptorTargetsViewModel targets, ILogger <EffectiveAccessViewModel> logger, IComputerTargetProvider computerTargetProvider) { this.authorizationBuilder = authorizationBuilder; this.dialogCoordinator = dialogCoordinator; this.directory = directory; this.targets = targets; this.computerTargetProvider = computerTargetProvider; this.logger = logger; }
public void Merge(SecurityDescriptorTargetsViewModel newTargets, bool merge, bool overwriteExisting) { foreach (var newTarget in newTargets.ViewModels) { newTarget.Model.LastModified = DateTime.UtcNow; newTarget.Model.LastModifiedBy = WindowsIdentity.GetCurrent().User.ToString(); newTarget.Model.Created = newTarget.Model.LastModified; newTarget.Model.CreatedBy = newTarget.Model.LastModifiedBy; if (!merge) { Execute.OnUIThread(() => this.Targets.ViewModels.Add(newTarget)); this.Targets.Model.Add(newTarget.Model); continue; } var existingTarget = this.Targets.ViewModels.FirstOrDefault(t => t.IsModePermission && string.Equals(t.Target, newTarget.Target, StringComparison.OrdinalIgnoreCase)); if (existingTarget == null) { Execute.OnUIThread(() => this.Targets.ViewModels.Add(newTarget)); this.Targets.Model.Add(newTarget.Model); continue; } existingTarget.Model.LastModified = newTarget.Model.LastModified; existingTarget.Model.LastModifiedBy = newTarget.Model.LastModifiedBy; if (string.IsNullOrWhiteSpace(existingTarget.JitAuthorizingGroup) || overwriteExisting) { if (!string.IsNullOrWhiteSpace(newTarget.JitAuthorizingGroup)) { existingTarget.JitAuthorizingGroup = newTarget.JitAuthorizingGroup; } } if (existingTarget.JitExpireMinutes == 0 || overwriteExisting) { if (newTarget.JitExpireMinutes > 0) { existingTarget.JitExpireAfter = newTarget.JitExpireAfter; } } if (existingTarget.LapsExpireMinutes == 0 || overwriteExisting) { if (newTarget.LapsExpireMinutes > 0) { existingTarget.LapsExpireAfter = newTarget.LapsExpireAfter; } } if (string.IsNullOrWhiteSpace(existingTarget.Description) || overwriteExisting) { if (!string.IsNullOrWhiteSpace(newTarget.Description)) { existingTarget.Description = newTarget.Description; } } if (overwriteExisting && newTarget.Notifications.SuccessSubscriptions.Count > 0) { existingTarget.Notifications.SuccessSubscriptions.Clear(); existingTarget.Notifications.Model.OnSuccess.Clear(); } foreach (var notification in newTarget.Notifications.SuccessSubscriptions) { if (existingTarget.Notifications.SuccessSubscriptions.All(t => t.Id != notification.Id)) { existingTarget.Notifications.SuccessSubscriptions.Add(notification); existingTarget.Notifications.Model.OnSuccess.Add(notification.Id); } } if (overwriteExisting && newTarget.Notifications.FailureSubscriptions.Count > 0) { existingTarget.Notifications.FailureSubscriptions.Clear(); existingTarget.Notifications.Model.OnFailure.Clear(); } foreach (var notification in newTarget.Notifications.FailureSubscriptions) { if (existingTarget.Notifications.FailureSubscriptions.All(t => t.Id != notification.Id)) { existingTarget.Notifications.FailureSubscriptions.Add(notification); existingTarget.Notifications.Model.OnFailure.Add(notification.Id); } } RawSecurityDescriptor existingrsd = new RawSecurityDescriptor(existingTarget.SecurityDescriptor); RawSecurityDescriptor newrsd = new RawSecurityDescriptor(newTarget.SecurityDescriptor); CommonSecurityDescriptor existingsd = new CommonSecurityDescriptor(false, false, existingrsd); CommonSecurityDescriptor newsd = new CommonSecurityDescriptor(false, false, newrsd); foreach (var ace in newsd.DiscretionaryAcl.OfType <CommonAce>()) { existingsd.DiscretionaryAcl.AddAccess((AccessControlType)ace.AceType, ace.SecurityIdentifier, ace.AccessMask, ace.InheritanceFlags, ace.PropagationFlags); } existingTarget.SecurityDescriptor = existingsd.GetSddlForm(AccessControlSections.All); } }
public EffectiveAccessViewModel CreateViewModel(SecurityDescriptorTargetsViewModel targets) { return(new EffectiveAccessViewModel(authorizationBuilder, dialogCoordinator, directory, targets, logger, computerTargetProvider)); }