/// <summary>
/// Checks the access an account has with an organization..
/// </summary>
/// <param name="name">The organization name.</param>
/// <param name="accountId">The account identifier.</param>
/// <param name="allowAdmin">if set to <c>true</c> allow admin.</param>
/// <param name="allowWrite">if set to <c>true</c> allow write.</param>
/// <param name="allowRead">if set to <c>true</c> allow read.</param>
public void CheckAccess(
DomainLabel name,
EmailAddress accountId,
out bool allowAdmin,
out bool allowWrite,
out bool allowRead)
{
allowAdmin = false;
allowWrite = false;
allowRead = false;
if (name == null)
{
throw new ArgumentNullException("name");
}
if (accountId == null)
{
throw new ArgumentNullException("accountId");
}
CloudTable orgMemberTable = this.GetOrganizationMembershipTable();
TableOperation getOrgMember = TableOperation.Retrieve<OrganizationMembershipEntity>(
name.ToString(),
accountId.ToString());
TableResult result = orgMemberTable.Execute(getOrgMember);
OrganizationMembershipEntity entity = result.Result as OrganizationMembershipEntity;
if (entity != null)
{
allowRead = true;
allowWrite = entity.AllowWrite;
allowAdmin = entity.AllowAdmin;
}
}
/// <summary>
/// Initializes a new instance of the <see cref="OAuth2Code"/> class.
/// </summary>
/// <param name="accountId">The account identifier.</param>
/// <param name="applicationName">Name of the application.</param>
/// <param name="expires">The expires.</param>
/// <param name="hash">The hash.</param>
private OAuth2Code(EmailAddress accountId, DomainLabel applicationName, DateTime expires, byte[] hash)
: base(hash)
{
this.accountId = accountId;
this.applicationName = applicationName;
this.expires = expires;
}
/// <summary>
/// Sets the current questions labels.
/// </summary>
/// <param name="varlabel"></param>
/// <param name="domain"></param>
/// <param name="topic"></param>
/// <param name="content"></param>
/// <param name="product"></param>
public void SetLabels(string varlabel, DomainLabel domain, TopicLabel topic, ContentLabel content, ProductLabel product)
{
CurrentQuestion.VarName.VarLabel = varlabel;
CurrentQuestion.VarName.Domain = domain;
CurrentQuestion.VarName.Topic = topic;
CurrentQuestion.VarName.Content = content;
CurrentQuestion.VarName.Product = product;
}
/// <summary>
/// Checks the account has read access to the organization.
/// </summary>
/// <param name="name">The name.</param>
/// <param name="accountId">The account identifier.</param>
/// <returns>whether or not the account has read access.</returns>
public bool CheckReadAccess(
DomainLabel name,
EmailAddress accountId)
{
bool allowAdmin = false;
bool allowWrite = false;
bool allowRead = false;
this.CheckAccess(name, accountId, out allowAdmin, out allowWrite, out allowRead);
return allowRead;
}
// GET: /Platform/iDepartment/Edit/5
/// <summary>
/// </summary>
/// <param name="id">
/// </param>
/// <returns>
/// </returns>
public async Task <IActionResult> EditAsync(string id)
{
var item = new DomainLabel();
if (!string.IsNullOrEmpty(id))
{
item = await _iDomainLabelService.FindAsync(id);
}
return(View(item));
}
public async Task <IActionResult> EditAsync(string id, DomainLabel collection)
{
if (!ModelState.IsValid)
{
return(View(collection));
}
await _iDomainLabelService.SaveAsync(id, collection);
await _unitOfWork.CommitAsync();
return(new EditSuccessResult(id));
}
/// <summary>
/// Authorizes the application.
/// </summary>
/// <param name="accountId">The account identifier.</param>
/// <param name="applicationName">Name of the application.</param>
public void AuthorizeApplication(EmailAddress accountId, DomainLabel applicationName)
{
if (accountId == null)
{
throw new ArgumentNullException("accountId");
}
if (applicationName == null)
{
throw new ArgumentNullException("applicationName");
}
CloudTable authorizeTable = this.GetAuthorizedApplicationsTable();
AuthorizedApplicationEntity entity = new AuthorizedApplicationEntity(
accountId.ToString(),
applicationName.ToString());
TableOperation op = TableOperation.InsertOrMerge(entity);
authorizeTable.Execute(op);
}
public void DomainLabel_CompareTest()
{
DomainLabel target = DomainLabel.Parse("B-B-COM");
Assert.IsTrue(target > null);
Assert.IsFalse(target < null);
Assert.IsTrue(null < target);
Assert.IsFalse(null > target);
Assert.IsTrue(target.CompareTo(null) > 0);
DomainLabel lesser = DomainLabel.Parse("A-B-COM");
DomainLabel greater = DomainLabel.Parse("C-B-COM");
Assert.IsTrue(target > lesser);
Assert.IsTrue(target < greater);
Assert.IsTrue(target.CompareTo(lesser) > 0);
Assert.IsTrue(target.CompareTo(greater) < 0);
DomainLabel equal = DomainLabel.Parse("b-b-com");
Assert.IsTrue(target >= equal);
Assert.IsTrue(target <= equal);
Assert.IsFalse(target > equal);
Assert.IsFalse(target < equal);
Assert.AreEqual(0, target.CompareTo(equal));
// test sorting.
DomainLabel[] list = new DomainLabel[]
{
equal,
lesser,
null,
greater,
target
};
Array.Sort(list);
Assert.AreEqual(null, list[0]);
Assert.AreEqual(lesser, list[1]);
Assert.AreEqual(target, list[2]);
Assert.AreEqual(equal, list[3]);
Assert.AreEqual(greater, list[4]);
}
/// <summary>
/// Generates the code based on parameters.
/// </summary>
/// <param name="accountId">The account identifier.</param>
/// <param name="applicationName">Name of the application.</param>
/// <param name="expires">The expires.</param>
/// <param name="secret">The secret.</param>
/// <returns>A new instance of the OAuth2Code class.</returns>
public static OAuth2Code Generate(
EmailAddress accountId,
DomainLabel applicationName,
DateTime expires,
SecureString secret)
{
return new OAuth2Code(
accountId,
applicationName,
expires,
GetHash(ComputeBytes(accountId, applicationName, expires), secret));
}
/// <summary>
/// Creates an application.
/// </summary>
/// <param name="name">The name of the application.</param>
/// <param name="friendlyName">The friendly name of the application.</param>
/// <param name="organizationName">The organization that owns the application.</param>
/// <param name="clientId">the client id.</param>
/// <param name="clientSecret">the client secret.</param>
/// <param name="homePageUrl">The home page URL.</param>
/// <param name="authorizationCallbackUrl">The authorization callback URL.</param>
/// <param name="accountId">The user creating the application.</param>
/// <remarks>
/// This call assumes the user has been already authorized to create the application.
/// </remarks>
public void CreateApplication(
DomainLabel name,
string friendlyName,
DomainLabel organizationName,
string clientId,
string clientSecret,
Uri homePageUrl,
Uri authorizationCallbackUrl,
EmailAddress accountId)
{
if (!ValidateApplicationName(name))
{
throw new ArgumentOutOfRangeException("name");
}
if (string.IsNullOrWhiteSpace(friendlyName))
{
throw new ArgumentOutOfRangeException("friendlyName");
}
if (organizationName == null)
{
throw new ArgumentNullException("organizationName");
}
if (accountId == null)
{
throw new ArgumentNullException("accountId");
}
if (string.IsNullOrWhiteSpace(clientId))
{
throw new ArgumentOutOfRangeException("clientId");
}
if (string.IsNullOrWhiteSpace(clientSecret))
{
throw new ArgumentOutOfRangeException("clientSecret");
}
if (homePageUrl == null)
{
throw new ArgumentNullException("homePageUrl");
}
if (authorizationCallbackUrl == null)
{
throw new ArgumentNullException("authorizationCallbackUrl");
}
CloudTable appTable = this.GetApplicationTable();
CloudTable appByClientIdTable = this.GetApplicationNameByClientIdTable();
CloudTable orgAppsTable = this.GetOrganizationApplicationsTable();
if (FindExistingApplication(appTable, name.ToString()) != null)
{
throw new InvalidOperationException("Application already exists.");
}
ApplicationEntity appEntity = new ApplicationEntity(name.ToString())
{
FriendlyName = friendlyName,
OrganizationId = organizationName.ToString(),
ClientId = clientId,
ClientSecret = clientSecret,
CreatedByAccountId = accountId.ToString(),
CreatedTime = DateTime.UtcNow,
HomePageUrl = homePageUrl.ToString(),
AuthorizationCallbackUrl = authorizationCallbackUrl.ToString()
};
appEntity.LastModifiedByAccountId = appEntity.CreatedByAccountId;
appEntity.LastModifiedTime = appEntity.CreatedTime;
OrganizationApplicationEntity orgAppEntity = new OrganizationApplicationEntity(
organizationName.ToString(),
name.ToString());
ApplicationNameByClientIdEntity appByClientIdEntity = new ApplicationNameByClientIdEntity(
clientId)
{
ApplicationName = name.ToString()
};
TableOperation insertAppByClientId = TableOperation.InsertOrMerge(appByClientIdEntity);
appByClientIdTable.Execute(insertAppByClientId);
TableOperation insertOrgApp = TableOperation.InsertOrMerge(orgAppEntity);
orgAppsTable.Execute(insertOrgApp);
TableOperation insertApp = TableOperation.Insert(appEntity);
appTable.Execute(insertApp);
}
/// <summary>
/// Validates the format and length of the name.
/// </summary>
/// <param name="name">the name to validate.</param>
/// <returns>whether or not the name is a valid name.</returns>
private static bool ValidateApplicationName(DomainLabel name)
{
if (name == null)
{
return false;
}
if (name.ToString().Length > MaxNameLength)
{
return false;
}
return true;
}
/// <summary>
/// Determines whether is application authorized by the specified account identifier.
/// </summary>
/// <param name="accountId">The account identifier.</param>
/// <param name="applicationName">Name of the application.</param>
/// <returns>Whether the user has authorized the application.</returns>
public bool IsApplicationAuthorized(EmailAddress accountId, DomainLabel applicationName)
{
if (accountId == null)
{
throw new ArgumentNullException("accountId");
}
if (applicationName == null)
{
throw new ArgumentNullException("applicationName");
}
CloudTable authorizeTable = this.GetAuthorizedApplicationsTable();
TableOperation op = TableOperation.Retrieve<AuthorizedApplicationEntity>(
accountId.ToString(),
applicationName.ToString());
TableResult result = authorizeTable.Execute(op);
return (result.Result as AuthorizedApplicationEntity) != null;
}
/// <summary>
/// Gets the applications of the given organization.
/// </summary>
/// <param name="organizationName">Name of the organization.</param>
/// <returns>List of application records.</returns>
public IEnumerable<OrganizationApplicationInfo> GetApplicationsOfOrganization(
DomainLabel organizationName)
{
if (organizationName == null)
{
throw new ArgumentNullException("organizationName");
}
CloudTable appTable = this.GetApplicationTable();
CloudTable orgAppsTable = this.GetOrganizationApplicationsTable();
TableQuery<OrganizationApplicationEntity> orgAppsQuery =
new TableQuery<OrganizationApplicationEntity>().Where(
TableQuery.GenerateFilterCondition("PartitionKey", QueryComparisons.Equal, organizationName.ToString()));
List<string> appNames = new List<string>();
foreach (OrganizationApplicationEntity accountMember in orgAppsTable.ExecuteQuery(orgAppsQuery))
{
appNames.Add(accountMember.RowKey);
}
List<OrganizationApplicationInfo> results = new List<OrganizationApplicationInfo>();
foreach (string appName in appNames)
{
TableOperation getApp = TableOperation.Retrieve<ApplicationEntity>(appName, string.Empty);
TableResult getAppResult = appTable.Execute(getApp);
ApplicationEntity app = getAppResult.Result as ApplicationEntity;
if (app != null)
{
results.Add(new OrganizationApplicationInfo
{
ApplicationName = DomainLabel.Parse(app.PartitionKey),
FriendlyName = app.FriendlyName
});
}
}
return results;
}
/// <summary>
/// Gets the application.
/// </summary>
/// <param name="applicationName">Name of the application.</param>
/// <returns>application info.</returns>
/// <remarks>
/// This assumes the caller will filter results for what a user is authorized to do.
/// </remarks>
public ApplicationInfo GetApplication(DomainLabel applicationName)
{
if (applicationName == null)
{
throw new ArgumentNullException("applicationName");
}
CloudTable appTable = this.GetApplicationTable();
ApplicationEntity entity = FindExistingApplication(appTable, applicationName.ToString());
if (entity == null)
{
return null;
}
return new ApplicationInfo
{
Name = applicationName,
FriendlyName = entity.FriendlyName,
OrganizationName = DomainLabel.Parse(entity.OrganizationId),
ClientId = entity.ClientId,
ClientSecret = entity.ClientSecret,
HomePageUrl = new Uri(entity.HomePageUrl),
AuthorizationCallbackUrl = new Uri(entity.AuthorizationCallbackUrl)
};
}
/// <summary>
/// Gets information about an organization on behalf of a given account id.
/// </summary>
/// <param name="name">name of the organization.</param>
/// <returns>organization info or null if the organization does not exist.</returns>
public OrganizationInfo GetOrganization(
DomainLabel name)
{
CloudTable orgTable = this.GetOrganizationTable();
OrganizationEntity orgEntity = FindExistingOrganization(orgTable, name.ToString());
if (orgEntity == null)
{
return null;
}
return new OrganizationInfo
{
Name = name,
FriendlyName = orgEntity.FriendlyName,
CreatedBy = EmailAddress.Parse(orgEntity.CreatedByAccountId),
CreatedTime = orgEntity.CreatedTime,
LastModifiedBy = EmailAddress.Parse(orgEntity.LastModifiedByAccountId),
LastModifiedTime = orgEntity.LastModifiedTime
};
}
/// <summary>
/// Processes the get application.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="accountId">The logged in user.</param>
/// <param name="name">The app name.</param>
private void ProcessGetApplication(HttpContext context, EmailAddress accountId, DomainLabel name)
{
ApplicationInfo appInfo = this.store.GetApplication(name);
if (appInfo == null)
{
context.Response.StatusCode = (int)System.Net.HttpStatusCode.NotFound;
return;
}
ApplicationDisplayInfo displayInfo = new ApplicationDisplayInfo
{
Name = appInfo.Name.ToString(),
FriendlyName = appInfo.FriendlyName,
OrganizationName = appInfo.OrganizationName.ToString(),
ClientId = appInfo.ClientId,
HomePageUrl = appInfo.HomePageUrl.ToString(),
AuthorizationCallbackUrl = appInfo.AuthorizationCallbackUrl.ToString()
};
if (this.orgStore.CheckReadAccess(appInfo.OrganizationName, accountId))
{
displayInfo.ClientSecret = appInfo.ClientSecret;
}
context.Response.ContentType = "application/json";
ApplicationDisplayInfoSerializer.WriteObject(context.Response.OutputStream, displayInfo);
context.Response.StatusCode = (int)System.Net.HttpStatusCode.OK;
}
/// <summary>
/// Gets info about the members of an organization.
/// </summary>
/// <param name="name">the name of the organization.</param>
/// <returns>A list of membership info.</returns>
public IEnumerable<OrganizationMembershipInfo> GetOrganizationMemberships(
DomainLabel name)
{
CloudTable orgMemberTable = this.GetOrganizationMembershipTable();
TableQuery<OrganizationMembershipEntity> accountMemberQuery =
new TableQuery<OrganizationMembershipEntity>().Where(
TableQuery.GenerateFilterCondition("PartitionKey", QueryComparisons.Equal, name.ToString()));
List<OrganizationMembershipInfo> result = new List<OrganizationMembershipInfo>();
foreach (OrganizationMembershipEntity entity in orgMemberTable.ExecuteQuery(accountMemberQuery))
{
OrganizationMembershipInfo info = new OrganizationMembershipInfo
{
AccountId = EmailAddress.Parse(entity.RowKey),
AllowAdmin = entity.AllowAdmin,
AllowWrite = entity.AllowWrite
};
result.Add(info);
}
return result;
}
/// <summary>
/// Processes a get request for organization members.
/// </summary>
/// <param name="context">the http context.</param>
/// <param name="accountId">the logged in user.</param>
/// <param name="name">the name of the organization.</param>
private void ProcessGetOrganizationMembers(
HttpContext context,
EmailAddress accountId,
DomainLabel name)
{
var result =
from e in this.store.GetOrganizationMemberships(name)
select new OrganizationMembershipDisplayInfo
{
AccountId = e.AccountId.ToString(),
AllowAdmin = e.AllowAdmin,
AllowWrite = e.AllowWrite
};
context.Response.ContentType = "application/json";
OrganizationMembershipSerializer.WriteObject(context.Response.OutputStream, result.ToArray());
context.Response.StatusCode = (int)System.Net.HttpStatusCode.OK;
}
/// <summary>
/// Processes a get request for organization applications.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="accountId">The logged in user.</param>
/// <param name="name">The name of the organization.</param>
private void ProcessGetOrganizationApplications(
HttpContext context,
EmailAddress accountId,
DomainLabel name)
{
var result =
from e in this.appStore.GetApplicationsOfOrganization(name)
select new OrganizationApplicationDisplayInfo
{
ApplicationName = e.ApplicationName.ToString(),
ApplicationFriendlyName = e.FriendlyName
};
context.Response.ContentType = "application/json";
OrganizationApplicationSerializer.WriteObject(context.Response.OutputStream, result.ToArray());
context.Response.StatusCode = (int)System.Net.HttpStatusCode.OK;
}
/// <summary>
/// Processes a get request for an organization.
/// </summary>
/// <param name="context">the http context.</param>
/// <param name="accountId">the logged in user.</param>
/// <param name="name">the name of the organization.</param>
private void ProcessGetOrganization(HttpContext context, EmailAddress accountId, DomainLabel name)
{
OrganizationInfo orgInfo = this.store.GetOrganization(name);
if (orgInfo == null)
{
context.Response.StatusCode = (int)System.Net.HttpStatusCode.NotFound;
return;
}
GetOrganizationResponse response = new GetOrganizationResponse
{
Name = orgInfo.Name.ToString(),
FriendlyName = orgInfo.FriendlyName,
CreatedBy = orgInfo.CreatedBy.ToString(),
CreatedTime = orgInfo.CreatedTime,
LastModifiedBy = orgInfo.LastModifiedBy.ToString(),
LastModifiedTime = orgInfo.LastModifiedTime
};
context.Response.ContentType = "application/json";
GetOrganizationResponseSerializer.WriteObject(context.Response.OutputStream, response);
context.Response.StatusCode = (int)System.Net.HttpStatusCode.OK;
}
/// <summary>
/// Processes the deauthorize application.
/// </summary>
/// <param name="context">The HTTP context.</param>
/// <param name="accountId">The account identifier.</param>
/// <param name="appName">Name of the application.</param>
private void ProcessDeauthorizeApplication(HttpContext context, EmailAddress accountId, DomainLabel appName)
{
this.store.DeauthorizeApplication(accountId, appName);
context.Response.SuppressContent = true;
context.Response.StatusCode = (int)System.Net.HttpStatusCode.OK;
}
/// <summary>
/// Computes the bytes.
/// </summary>
/// <param name="accountId">The account identifier.</param>
/// <param name="applicationName">Name of the application.</param>
/// <param name="expires">The expires.</param>
/// <returns>the body of the token.</returns>
private static byte[] ComputeBytes(
EmailAddress accountId,
DomainLabel applicationName,
DateTime expires)
{
byte[] encodedAccountId = Encoding.UTF8.GetBytes(accountId.ToString());
byte[] encodedAppName = Encoding.UTF8.GetBytes(applicationName.ToString());
byte[] raw = new byte[encodedAccountId.Length + encodedAppName.Length + 2 + SizeOfLong];
Array.Copy(encodedAccountId, 0, raw, 0, encodedAccountId.Length);
raw[encodedAccountId.Length] = 0;
Array.Copy(encodedAppName, 0, raw, encodedAccountId.Length + 1, encodedAppName.Length);
raw[encodedAccountId.Length + encodedAppName.Length + 1] = 0;
long expiresBinary = expires.ToBinary();
for (int i = 0; i < SizeOfLong; i++)
{
byte value = unchecked((byte)(expiresBinary >> (8 * i)));
raw[encodedAccountId.Length + encodedAppName.Length + 2 + i] = value;
}
return raw;
}
void ReleaseDesignerOutlets()
{
if (BtnAdd != null)
{
BtnAdd.Dispose();
BtnAdd = null;
}
if (BtnClose != null)
{
BtnClose.Dispose();
BtnClose = null;
}
if (DomainComboBox != null)
{
DomainComboBox.Dispose();
DomainComboBox = null;
}
if (GroupsTableView != null)
{
GroupsTableView.Dispose();
GroupsTableView = null;
}
if (MainTableView != null)
{
MainTableView.Dispose();
MainTableView = null;
}
if (MemberTypeComboBox != null)
{
MemberTypeComboBox.Dispose();
MemberTypeComboBox = null;
}
if (NameTextString != null)
{
NameTextString.Dispose();
NameTextString = null;
}
if (SearchButton != null)
{
SearchButton.Dispose();
SearchButton = null;
}
if (WarningLabel != null)
{
WarningLabel.Dispose();
WarningLabel = null;
}
if (MemberTypeLabel != null)
{
MemberTypeLabel.Dispose();
MemberTypeLabel = null;
}
if (DomainLabel != null)
{
DomainLabel.Dispose();
DomainLabel = null;
}
}
/// <summary>
/// Creates a new organization.
/// </summary>
/// <param name="name">The name of the organization.</param>
/// <param name="friendlyName">the friendly name.</param>
/// <param name="accountId">the account creating the organization who will be an admin.</param>
public void CreateOrganization(
DomainLabel name,
string friendlyName,
EmailAddress accountId)
{
if (!ValidateOrganizationName(name))
{
throw new ArgumentOutOfRangeException("name");
}
if (string.IsNullOrWhiteSpace(friendlyName))
{
throw new ArgumentOutOfRangeException("friendlyName");
}
if (accountId == null)
{
throw new ArgumentNullException("accountId");
}
CloudTable orgTable = this.GetOrganizationTable();
CloudTable orgMemberTable = this.GetOrganizationMembershipTable();
CloudTable accountMemberTable = this.GetAccountMembershipTable();
OrganizationEntity existing = FindExistingOrganization(orgTable, name.ToString());
if (existing != null)
{
throw new InvalidOperationException("Organization already exists.");
}
AccountMembershipEntity accountMember = new AccountMembershipEntity()
{
PartitionKey = accountId.ToString(),
RowKey = name.ToString()
};
OrganizationMembershipEntity orgMember = new OrganizationMembershipEntity()
{
PartitionKey = name.ToString(),
RowKey = accountId.ToString(),
AllowAdmin = true,
AllowWrite = true
};
OrganizationEntity org = new OrganizationEntity()
{
PartitionKey = name.ToString(),
RowKey = string.Empty,
FriendlyName = friendlyName,
CreatedByAccountId = accountId.ToString(),
CreatedTime = DateTime.UtcNow
};
org.LastModifiedByAccountId = org.CreatedByAccountId;
org.LastModifiedTime = org.CreatedTime;
TableOperation insertAccountMember = TableOperation.InsertOrReplace(accountMember);
TableOperation insertOrgMember = TableOperation.InsertOrReplace(orgMember);
TableOperation insertOrg = TableOperation.InsertOrReplace(org);
accountMemberTable.Execute(insertAccountMember);
orgMemberTable.Execute(insertOrgMember);
orgTable.Execute(insertOrg);
}
