private void LicTimer(Object oData)
{
using (IAMDatabase db2 = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword))
using (ServerKey2 sk = new ServerKey2(db2.Connection))
try
{
db2.openDB();
TimeSpan ts = sk.ServerCert.NotAfter - DateTime.Now;
if (ts.TotalDays < 60)
{
db2.AddUserLog(LogKey.Certificate_Error, null, "Engine", UserLogLevel.Fatal, 0, 0, 0, 0, 0, 0, 0, "Server certificate will expire in " + sk.ServerCert.NotAfter.ToString("yyyy-MM-dd") + ", please renew", sk.ServerInstallationKey.AbsoluteUri);
}
else if (ts.TotalDays < 180)
{
db2.AddUserLog(LogKey.Certificate_Error, null, "Engine", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Server certificate will expire in " + sk.ServerCert.NotAfter.ToString("yyyy-MM-dd") + ", please renew", sk.ServerInstallationKey.AbsoluteUri);
}
else if (ts.TotalDays < 360)
{
db2.AddUserLog(LogKey.Certificate_Error, null, "Engine", UserLogLevel.Warning, 0, 0, 0, 0, 0, 0, 0, "Server certificate will expire in " + sk.ServerCert.NotAfter.ToString("yyyy-MM-dd") + ", please renew", sk.ServerInstallationKey.AbsoluteUri);
}
db2.closeDB();
}
catch { }
}
static public void NewCode(Page page, Int64 entityId, out String error)
{
error = "";
try
{
if (entityId == 0)
{
return;
}
String code = GenerateCode(6);
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
using (DbParameterCollection par = new DbParameterCollection())
{
par.Add("@code", typeof(String)).Value = code;
par.Add("@entity_id", typeof(Int64)).Value = entityId;
db.ExecuteNonQuery("update entity set recovery_code = @code where deleted = 0 and id = @entity_id and (recovery_code is null or ltrim(rtrim(recovery_code)) = '')", CommandType.Text, par);
db.AddUserLog(LogKey.User_NewRecoveryCode, null, "AutoService", UserLogLevel.Info, 0, 0, 0, 0, 0, entityId, 0, MessageResource.GetMessage("new_recovery_code") + " (" + code + ")", "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} ");
}
}
catch (Exception ex)
{
error = MessageResource.GetMessage("internal_error");
Tools.Tool.notifyException(ex, page);
return;
}
finally
{
}
}
protected void Page_Load(object sender, EventArgs e)
{
Request.InputStream.Position = 0;
try
{
JSONRequest req = JSON.GetRequest(Request.InputStream);
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
{
ProxyConfig config = new ProxyConfig();
config.GetDBConfig(db.Connection, ((EnterpriseData)Page.Session["enterprise_data"]).Id, req.host);
if (config.fqdn != null) //Encontrou o proxy
{
//Limpa os certificados para não enviar
config.server_cert = "";
config.server_pkcs12_cert = "";
config.client_cert = "";
db.ExecuteNonQuery("update proxy set last_sync = getdate(), address = '" + Tools.Tool.GetIPAddress() + "', config = 0 where id = " + config.proxyID, System.Data.CommandType.Text, null);
ReturnHolder.Controls.Add(new LiteralControl(config.ToJsonString()));
}
else
{
db.AddUserLog(LogKey.API_Error, DateTime.Now, "ProxyAPI", UserLogLevel.Warning, 0, ((EnterpriseData)Page.Session["enterprise_data"]).Id, 0, 0, 0, 0, 0, "Proxy not found " + req.host, req.ToString());
}
}
}
catch (Exception ex) {
Tools.Tool.notifyException(ex, this);
//throw ex;
}
}
protected void Page_Load(object sender, EventArgs e)
{
WebJsonResponse ret = null;
//if (Request.HttpMethod == "POST")
//{
if (!EnterpriseIdentify.Identify(this, true)) //Se houver falha na identificação da empresa finaliza a resposta
{
return;
}
try
{
if ((RouteData.Values["module"] == null) || (RouteData.Values["module"].ToString() == ""))
{
ret = new WebJsonResponse("", MessageResource.GetMessage("invalid_module"), 3000, true);
}
else
{
LoadPage("/_admin/chartdata/" + RouteData.Values["module"] + ".aspx");
}
}
catch (Exception ex)
{
if ((ex is HttpException) && (((HttpException)ex).GetHttpCode() == 404))
{
ret = new WebJsonResponse("", MessageResource.GetMessage("not_implemented"), 3000, true);
}
else
{
ret = new WebJsonResponse("", MessageResource.GetMessage("api_error"), 3000, true);
}
try
{
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
db.AddUserLog(LogKey.API_Error, null, "AdminAPI", UserLogLevel.Error, 0, (((Page.Session["enterprise_data"]) != null && (Page.Session["enterprise_data"] is EnterpriseData) && (((EnterpriseData)Page.Session["enterprise_data"]).Id != null)) ? ((EnterpriseData)Page.Session["enterprise_data"]).Id : 0), 0, 0, 0, 0, 0, "API error: " + ex.Message, "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} ");
}
catch { }
Tools.Tool.notifyException(ex, this);
}
/*}
* else
* {
* ret = new WebJsonResponse("", MessageResource.GetMessage("invalid_http_method"), 3000, true);
* }*/
if (ret != null)
{
Retorno.Controls.Add(new LiteralControl(ret.ToJSON()));
}
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Boolean restart(IAMDatabase database, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("proxyid"))
{
Error(ErrorType.InvalidRequest, "Parameter proxyid is not defined.", "", null);
return(false);
}
String proxy = parameters["proxyid"].ToString();
if (String.IsNullOrWhiteSpace(proxy))
{
Error(ErrorType.InvalidRequest, "Parameter proxyid is not defined.", "", null);
return(false);
}
Int64 proxyid = 0;
try
{
proxyid = Int64.Parse(proxy);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter proxyid is not a long integer.", "", null);
return(false);
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@proxy_id", typeof(Int64)).Value = proxyid;
DataTable dtProxy = database.ExecuteDataTable("select * from proxy p where (p.enterprise_id = @enterprise_id or p.enterprise_id = 0) and p.id = @proxy_id", CommandType.Text, par, null);
if (dtProxy == null)
{
Error(ErrorType.InternalError, "", "", null);
return(false);
}
if (dtProxy.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Proxy not found.", "", null);
return(false);
}
database.ExecuteNonQuery("update proxy set restart = 1 where id = @proxy_id", CommandType.Text, par);
database.AddUserLog(LogKey.Proxy_ResetRequest, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Proxy " + dtProxy.Rows[0]["name"] + " reset requested", "");
return(true);
}
protected void Page_Load(object sender, EventArgs e)
{
/*
* if ((Page.Request.Url.Host.ToLower() == "127.0.0.1") || (Page.Request.Url.Host.ToLower() == "localhost"))
* {
* //Validação diferenciada em caso de requisição vinda de loopback
* //Pois o proprio servidor pode estar requisitando a API
* //Neste caso a empresa deve seve verificar se a empresa ja foi identificada nessa sessão
*
* if ((Page.Session["enterprise_data"] == null) || !(Page.Session["enterprise_data"] is EnterpriseData))
* {
* Page.Response.Status = "403 Access denied";
* Page.Response.StatusCode = 403;
* Page.Response.End();
* return;
* }
*
* }
* else
* {*/
if (!EnterpriseIdentify.Identify(Page, false, true)) //Se houver falha na identificação da empresa finaliza a resposta
{
Page.Response.Status = "403 Access denied";
Page.Response.StatusCode = 403;
Page.Response.End();
return;
}
//}
using (IAMDatabase database = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
{
ExecutionLog eLogs = new ExecutionLog(delegate(Boolean success, Int64 enterpriseId, String method, AccessControl acl, String jRequest, String jResponse)
{
//Para efeitos de teste vou sempre retornar true
//return true;
LoginData login = null;
if ((Session["login"] != null) && (Session["login"] is LoginData))
{
login = (LoginData)Session["login"];
}
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
db.AddUserLog(LogKey.Debug, null, "API", UserLogLevel.Debug, 0, enterpriseId, 0, 0, 0, (login != null ? login.Id : 0), 0, "API Call (" + method + "). Result success? " + success, "{\"Request\":" + jRequest + ", \"Response\":" + jResponse + "}");
});
WebPageAPI.Execute(database, this, eLogs);
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Request.HttpMethod == "POST")
{
if (!EnterpriseIdentify.Identify(this, true)) //Se houver falha na identificação da empresa finaliza a resposta
{
return;
}
//ResourceManager rm = new ResourceManager("Resources.Strings", System.Reflection.Assembly.Load("App_GlobalResources"));
//CultureInfo ci = Thread.CurrentThread.CurrentCulture;
try
{
JSONRequest req = JSON.GetRequest(Request.InputStream);
if ((req.request == null) || (req.request.Trim() == ""))
{
ReturnHolder.Controls.Add(new LiteralControl(JSON.GetResponse(false, "Request is empty", "")));
return;
}
LoadPage("/proxy/methods/" + req.request.Trim() + ".aspx");
}
catch (Exception ex)
{
if ((ex is HttpException) && (((HttpException)ex).GetHttpCode() == 404))
{
ReturnHolder.Controls.Add(new LiteralControl(JSON.GetResponse(false, MessageResource.GetMessage("not_implemented"), "")));
}
else
{
ReturnHolder.Controls.Add(new LiteralControl(JSON.GetResponse(false, MessageResource.GetMessage("api_error"), "")));
}
try
{
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
db.AddUserLog(LogKey.API_Error, null, "ProxyAPI", UserLogLevel.Error, 0, (((Page.Session["enterprise_data"]) != null && (Page.Session["enterprise_data"] is EnterpriseData) && (((EnterpriseData)Page.Session["enterprise_data"]).Id != null)) ? ((EnterpriseData)Page.Session["enterprise_data"]).Id : 0), 0, 0, 0, 0, 0, "Proxy API error: " + ex.Message, Tools.Tool.getExceptionText(ex, this));
}
catch { }
}
}
else
{
ReturnHolder.Controls.Add(new LiteralControl(JSON.GetResponse(false, "Invalid http method", "")));
}
}
/// <summary>
/// Método utilizado para execução interna através da console de administração
/// </summary>
/// <param name="conn">Conexão com banco de dados MS-SQL</param>
/// <param name="page">Página na qual a requisição foi iniciada</param>
/// <param name="jRequest">Texto no formato JSON da requisição</param>
public static String ExecuteLocal(DbBase database, Page page, String jRequest, ExecutionLog logDelegate)
{
try
{
ExecutionLog eLogs = new ExecutionLog(delegate(Boolean success, Int64 enterpriseIdLog, String method, AccessControl acl, String jRequestLog, String jResponseLog)
{
if (!success)
{
using (IAMDatabase db = (IAMDatabase)database)
db.AddUserLog(LogKey.Debug, null, "API", UserLogLevel.Debug, 0, enterpriseIdLog, 0, 0, 0, 0, 0, "API Call (" + method + "). Result success? " + success, "{\"Request\":" + jRequestLog + ", \"Response\":" + jResponseLog + "}", 0, null);
}
if (logDelegate != null)
{
logDelegate(success, enterpriseIdLog, method, acl, jRequestLog, jResponseLog);
}
});
Int64 enterpriseId = 0;
if ((page.Session["enterprise_data"]) != null && (page.Session["enterprise_data"] is EnterpriseData))
{
enterpriseId = ((EnterpriseData)page.Session["enterprise_data"]).Id;
}
CJSONrpc jsonRpc = new CJSONrpc(database, jRequest, enterpriseId);
ExternalAccessControl eAuth = GetDelegateInstance(database, page, enterpriseId);
jsonRpc.ExternalAccessControl += eAuth;
jsonRpc.ExecutionLog += eLogs;
String ret = jsonRpc.Execute();
jsonRpc.ExternalAccessControl -= eAuth;
jsonRpc.ExecutionLog -= eLogs;
eAuth = null;
return(ret);
}
catch (Exception ex)
{
return(null);
}
finally
{
}
}
private void ReportTimer(Object state)
{
if (executing)
{
return;
}
executing = true;
//TextLog.Log("Report", "Starting report timer");
try
{
//IAMDeploy deploy = new IAMDeploy("report", localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword);
//deploy.DeployAll();
IAMDatabase db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword);
db.openDB();
DataTable dtS = db.Select("select * from report_schedule");
try
{
//Processa um a um dos agendamentos
foreach (DataRow dr in dtS.Rows)
{
CheckSchedule(db, (Int64)dr["id"], (Int64)dr["report_id"], dr["schedule"].ToString(), (DateTime)dr["next"]);
}
}
catch (Exception ex)
{
TextLog.Log("Report", "\tError on report timer schedule: " + ex.Message);
db.AddUserLog(LogKey.Report, null, "Report", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Error on report scheduler", ex.Message);
}
db.closeDB();
}
catch (Exception ex1)
{
TextLog.Log("Report", "\tError on report timer: " + ex1.Message);
}
finally
{
//TextLog.Log("Report", "\tScheduled for new report process in 60 seconds");
//TextLog.Log("Report", "Finishing report timer");
executing = false;
}
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Boolean delete(IAMDatabase database, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("fieldid"))
{
Error(ErrorType.InvalidRequest, "Parameter fieldid is not defined.", "", null);
return(false);
}
String field = parameters["fieldid"].ToString();
if (String.IsNullOrWhiteSpace(field))
{
Error(ErrorType.InvalidRequest, "Parameter fieldid is not defined.", "", null);
return(false);
}
Int64 fieldid = 0;
try
{
fieldid = Int64.Parse(field);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter fieldid is not a long integer.", "", null);
return(false);
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@field_id", typeof(Int64)).Value = fieldid;
DataTable dtField = database.ExecuteDataTable("select f.*, qty = (select COUNT(*) from resource_plugin rp with(nolock) where name_field_id = f.id or mail_field_id = f.id or login_field_id = f.id) + (select COUNT(*) from resource_plugin_mapping rpm with(nolock) where rpm.field_id = f.id) from field f with(nolock) where f.enterprise_id = @enterprise_id and f.id = @field_id", CommandType.Text, par, null);
if (dtField == null)
{
Error(ErrorType.InternalError, "", "", null);
return(false);
}
if (dtField.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Field not found.", "", null);
return(false);
}
//Verifica se está sendo usado
if ((Int32)dtField.Rows[0]["qty"] > 0)
{
Error(ErrorType.SystemError, "Field is being used and can not be deleted.", "", null);
return(false);
}
database.ExecuteNonQuery("delete from field where id = @field_id", CommandType.Text, par);
database.AddUserLog(LogKey.Field_Deleted, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Field " + dtField.Rows[0]["name"] + " deleted", "");
return(true);
}
static public void usersTextReport(IAMDatabase db, DataTable dtS, List <MailAddress> recipents)
{
StringBuilder errors = new StringBuilder();
DataTable dtU = db.Select("select e.*, c.name context_name from entity e inner join context c on c.id = e.context_id where e.deleted = 0 and c.enterprise_id = " + dtS.Rows[0]["enterprise_id"] + " order by c.name, e.full_name");
if ((dtU == null) || (dtU.Rows.Count == 0))
{
return;
}
DataTable dtUsers = new DataTable();
dtUsers.Columns.Add("context_name", typeof(String));
dtUsers.Columns.Add("full_name", typeof(String));
dtUsers.Columns.Add("login", typeof(String));
dtUsers.Columns.Add("create_date", typeof(DateTime));
dtUsers.Columns.Add("last_login", typeof(DateTime));
dtUsers.Columns.Add("locked", typeof(String));
Dictionary <String, String> title = new Dictionary <string, string>();
title.Add("context_name", "Contexto");
title.Add("full_name", "Nome completo");
title.Add("login", "Login");
title.Add("create_date", "Data de criação");
title.Add("last_login", "Ultimo login");
title.Add("locked", "Bloqueado");
List <Int64> fields = new List <Int64>();
DataTable dtF = db.Select("select distinct f.id, f.name, rp.[order] from report_mapping rp inner join field f on rp.field_id = f.id order by rp.[order], f.name");
if ((dtF != null) && (dtF.Rows.Count > 0))
{
foreach (DataRow dr in dtF.Rows)
{
fields.Add((Int64)dr["id"]);
dtUsers.Columns.Add("f_" + dr["id"], typeof(String));
title.Add("f_" + dr["id"], dr["name"].ToString());
}
}
DataTable dtUsers2 = dtUsers.Clone();
String fieldFilter = String.Join(",", fields);
DateTime dateRef = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day).AddDays(-1);
foreach (DataRow dU in dtU.Rows)
{
try
{
DataRow newItem = dtUsers.NewRow();
newItem["context_name"] = dU["context_name"];
newItem["full_name"] = dU["full_name"];
newItem["login"] = dU["login"];
newItem["create_date"] = dU["create_date"];
newItem["last_login"] = (dU["last_login"] == DBNull.Value ? DBNull.Value : dU["last_login"]);
newItem["locked"] = (((Boolean)dU["locked"]) ? "Y" : "N");
if (fields.Count > 0)
{
//Primeiro realiza a busca e preenchimento dos dados da entidade
try
{
DataTable dtUserData = db.Select("select efe.field_id, efe.value from [entity] e inner join entity_field efe on efe.entity_id = e.id where e.id = " + dU["id"] + " group by efe.field_id, efe.value");
foreach (DataRow dUD in dtUserData.Rows)
{
if (newItem["f_" + dUD["field_id"]] == DBNull.Value)
{
newItem["f_" + dUD["field_id"]] = dUD["value"];
}
}
}
catch { }
//Primeiro realiza a busca e preenchimento dos dados com as informações dos plugins de entrada
try
{
DataTable dtUserData = db.Select("select ife.field_id, ife.value from [identity] i inner join identity_field ife on ife.identity_id = i.id inner join resource_plugin rp on i.resource_plugin_id = rp.id where rp.enable_import = 1 and rp.permit_add_entity = 1 and i.entity_id = " + dU["id"] + " and ife.field_id in (" + fieldFilter + ") and not exists (select 1 from identity_block_inheritance bi where bi.identity_id = i.id) group by ife.field_id, ife.value");
foreach (DataRow dUD in dtUserData.Rows)
{
if (newItem["f_" + dUD["field_id"]] == DBNull.Value)
{
newItem["f_" + dUD["field_id"]] = dUD["value"];
}
}
}
catch { }
//Depois com os outros plugins
try
{
DataTable dtUserData = db.Select("select ife.field_id, ife.value from [identity] i inner join identity_field ife on ife.identity_id = i.id where i.entity_id = " + dU["id"] + " and ife.field_id in (" + fieldFilter + ") and not exists (select 1 from identity_block_inheritance bi where bi.identity_id = i.id) group by ife.field_id, ife.value");
foreach (DataRow dUD in dtUserData.Rows)
{
if (newItem["f_" + dUD["field_id"]] == DBNull.Value)
{
newItem["f_" + dUD["field_id"]] = dUD["value"];
}
}
}
catch { }
}
dtUsers.Rows.Add(newItem.ItemArray);
//Caso a criação seja do dia anterior ou deste dia inclui na segunda tabela tb.
if (((DateTime)dU["create_date"]).CompareTo(dateRef) == 1)
{
dtUsers2.Rows.Add(newItem.ItemArray);
}
}
catch (Exception ex)
{
errors.AppendLine("Error processing registry: " + ex.Message);
}
}
if (errors.ToString() != "")
{
db.AddUserLog(LogKey.Report, null, "Report", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Report error", errors.ToString());
}
ReportBase rep1 = new ReportBase(dtUsers, title);
ReportBase rep2 = new ReportBase(dtUsers2, title);
List <Attachment> atts = new List <Attachment>();
try
{
using (MemoryStream ms1 = new MemoryStream(Encoding.UTF8.GetBytes(rep1.GetTXT())))
using (MemoryStream ms2 = new MemoryStream(Encoding.UTF8.GetBytes(rep1.GetXML("Usuários", ""))))
using (MemoryStream ms3 = new MemoryStream(Encoding.UTF8.GetBytes(rep2.GetTXT())))
using (MemoryStream ms4 = new MemoryStream(Encoding.UTF8.GetBytes(rep2.GetXML("Usuários", ""))))
{
atts.Add(new Attachment(ms1, "all.txt"));
//atts.Add(new Attachment(ms2, "all.xls"));
atts.Add(new Attachment(ms3, "created.txt"));
//atts.Add(new Attachment(ms4, "created.xls"));
sendEmail(db, dtS.Rows[0]["title"].ToString(), recipents, dtUsers2.Rows.Count + " criados deste " + dateRef.ToString("yyyy-MM-dd HH:mm:ss"), false, atts);
}
}
catch (Exception ex)
{
db.AddUserLog(LogKey.Report, DateTime.Now, "Report", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Erro sending report", ex.Message);
}
/*
* DataTable created = db.Select("select * from vw_entity_mails where create_date between CONVERT(datetime, convert(varchar(10),DATEADD(DAY, -1, GETDATE()),120) + ' 00:00:00', 120) and CONVERT(datetime, convert(varchar(10),getdate(),120) + ' 23:59:59', 120) order by context_name, full_name");
* DataTable all = db.Select("select * from vw_entity_mails order by context_name, full_name");
* Dictionary<String, String> title = new Dictionary<string, string>();
* title.Add("context_name", "Contexto");
* title.Add("full_name", "Nome completo");
* title.Add("login", "Login");
* title.Add("create_date", "Data de criação");
* title.Add("last_login", "Ultimo login");
* title.Add("mail", "E-mail");
* title.Add("locked", "Bloqueado");
*
* ReportBase rep1 = new ReportBase(created, title);
* ReportBase rep2 = new ReportBase(all, title);
*
* List<Attachment> atts = new List<Attachment>();
*
* using (MemoryStream ms1 = new MemoryStream(Encoding.UTF8.GetBytes(rep1.GetTXT())))
* using (MemoryStream ms2 = new MemoryStream(Encoding.UTF8.GetBytes(rep1.GetXML("Usuários", ""))))
* using (MemoryStream ms3 = new MemoryStream(Encoding.UTF8.GetBytes(rep2.GetTXT())))
* using (MemoryStream ms4 = new MemoryStream(Encoding.UTF8.GetBytes(rep2.GetXML("Usuários", ""))))
* {
* atts.Add(new Attachment(ms1, "created.txt"));
* atts.Add(new Attachment(ms2, "created.xls"));
* atts.Add(new Attachment(ms3, "all.txt"));
* atts.Add(new Attachment(ms4, "all.xls"));
*
* sendEmail(db, "Listagem de usuários em " + DateTime.Now.ToString("dd/MM/yyyy"), recipents, created.Rows.Count + " usuários criados de " + DateTime.Now.AddDays(-1).ToString("dd/MM/yyyy") + " até " + DateTime.Now.ToString("dd/MM/yyyy"), false, atts);
* }*/
}
private void BuildReport(Int64 reportId)
{
IAMDatabase db = null;
try
{
db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword);
db.openDB();
DataTable dtS = db.Select("select * from report where id = " + reportId);
if ((dtS == null) || (dtS.Rows.Count == 0))
{
return;
}
//Chega as propriedades básicas do report
List <MailAddress> recipents = new List <MailAddress>();
if ((dtS.Rows[0]["recipient"] != DBNull.Value) && (!String.IsNullOrWhiteSpace((String)dtS.Rows[0]["recipient"])))
{
String[] tTo = dtS.Rows[0]["recipient"].ToString().Split(",;".ToCharArray());
foreach (String s in tTo)
{
try
{
if (!String.IsNullOrWhiteSpace(s))
{
recipents.Add(new MailAddress(s));
}
}
catch { }
}
}
if (recipents.Count == 0)
{
throw new Exception("No valid email informed in recipient");
}
switch (dtS.Rows[0]["type"].ToString().ToLower())
{
case "audit":
auditReport(db, dtS, recipents);
break;
case "integrity":
integrityTextReport(db, dtS, recipents);
break;
default:
usersTextReport(db, dtS, recipents);
break;
}
}
catch (Exception ex)
{
TextLog.Log("Report", "\tError building report: " + ex.Message);
try
{
db.AddUserLog(LogKey.Report, DateTime.Now, "Report", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Erro building report", ex.Message);
}
catch { }
}
finally
{
if (db != null)
{
db.Dispose();
}
}
}
private void TmrCallback(Object sender)
{
if (executing)
{
return;
}
executing = true;
TextLog.Log("Engine", "Time access control", "Starting processor timer");
IAMDatabase db = null;
try
{
db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword);
db.openDB();
db.Timeout = 600;
//Seleciona as entidades/identidades vinculadas a um resource x plugin que tenha controle de acesso por horário
DataTable dtRegs = db.Select("select i.id, i.temp_locked, e.id entity_id, r.name resource_name from entity e with(nolock) inner join [identity] i with(nolock) on e.id = i.entity_id inner join resource_plugin rp with(nolock) on i.resource_plugin_id = rp.id and i.resource_plugin_id = rp.id inner join resource r with(nolock) on rp.resource_id = r.id inner join resource_plugin_role_time_acl acl with(nolock) on acl.resource_plugin_id = rp.id inner join role r1 with(nolock) on r1.id = acl.role_id inner join identity_role ir with(nolock) on ir.identity_id = i.id and ir.role_id = r1.id where r.enabled = 1 and rp.enabled = 1 group by i.id, i.temp_locked, e.id, r.name");
if ((dtRegs == null) || (dtRegs.Rows.Count == 0))
{
TextLog.Log("Engine", "Time access control", "\t0 registers to process");
return;
}
foreach (DataRow dr in dtRegs.Rows)
{
try
{
using (EntityTimeControl eAcl = new EntityTimeControl(db, (Int64)dr["id"]))
{
StringBuilder tLog = new StringBuilder();
EntityTimeControl.ProccessLog log = new EntityTimeControl.ProccessLog(delegate(String text)
{
tLog.AppendLine(text);
#if DEBUG
TextLog.Log("Engine", "Time access control", text);
#endif
});
eAcl.OnLog += log;
eAcl.Process((Boolean)dr["temp_locked"]);
eAcl.OnLog -= log;
if ((Boolean)dr["temp_locked"] != eAcl.Locked)
{
db.AddUserLog((eAcl.Locked ? LogKey.User_TempLocked : LogKey.User_TempUnlocked), null, "Engine", UserLogLevel.Info, 0, 0, 0, 0, 0, Int64.Parse(dr["entity_id"].ToString()), Int64.Parse(dr["id"].ToString()), "Identity of resource " + dr["resource_name"] + (eAcl.Locked ? " locked by the time profile" : " unlocked by the time profile"), tLog.ToString());
}
tLog.Clear();
tLog = null;
}
}
catch (Exception ex) {
TextLog.Log("Engine", "Time access control", "\tError on time control processor " + ex.Message);
}
}
Console.WriteLine("");
}
catch (Exception ex)
{
db.AddUserLog(LogKey.Import, null, "Engine", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Error on time control processor", ex.Message);
TextLog.Log("Engine", "Time access control", "\tError on time control processor timer " + ex.Message);
}
finally
{
TextLog.Log("Engine", "Time access control", "Finishing processor timer");
if (db != null)
{
db.closeDB();
}
executing = false;
}
}
private void WatchdogTimerCallback(Object o)
{
IAMDatabase db = null;
try
{
//check if we need to stop any service
db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword);
db.openDB();
db.Timeout = 600;
//Limpa status lixo
db.ExecuteNonQuery("delete from service_status where last_status < DATEADD(day,-15,getdate())");
//seleciona os servicos comproblema ou parados
DataTable dtServices = db.Select("select * from service_status where started_at is null or last_status < DATEADD(hour,-1,getdate()) or case when started_at is null then cast(getdate() as date) else cast(started_at as date) end <> cast(getdate() as date)");
if (dtServices != null && dtServices.Rows.Count > 0)
{
foreach (DataRow dr in dtServices.Rows)
{
String svcName = dr["service_name"].ToString();
if (svcName.ToLower().IndexOf("watchdog") >= 0)
{
continue;
}
TextLog.Log("Watchdog", "Killing service '" + svcName + "'");
Killall(svcName);
Killall("IAM" + svcName);
}
}
db.closeDB();
}
catch { }
finally
{
if (db != null)
{
db.Dispose();
}
db = null;
}
try
{
ServiceController[] services = ServiceController.GetServices();
foreach (ServiceController service in ServiceController.GetServices())
{
try
{
switch (service.ServiceName.ToLower())
{
case "iambackup":
case "iamdispatcher":
case "iamengine":
case "iaminbound":
case "iamreport":
case "iamproxy":
case "iammultiproxy":
case "iammessenger":
case "iamworkflowprocessor":
StartupState stMode = StartMode(service.ServiceName);
switch (stMode)
{
case StartupState.Automatic:
if ((service.Status.Equals(ServiceControllerStatus.Stopped)) || (service.Status.Equals(ServiceControllerStatus.StopPending)))
{
TextLog.Log("Watchdog", "Starting service '" + service.DisplayName + "'");
service.Start();
try
{
db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword);
db.openDB();
db.Timeout = 600;
db.AddUserLog(LogKey.Watchdog, null, "Watchdog", UserLogLevel.Warning, 0, 0, 0, 0, 0, 0, 0, "Starting service '" + service.DisplayName + "'");
db.closeDB();
}
catch { }
finally
{
if (db != null)
{
db.Dispose();
}
db = null;
}
}
break;
default:
TextLog.Log("Watchdog", "Unknow action for service start mode '" + stMode.ToString() + "' for service '" + service.DisplayName + "'");
break;
}
break;
}
}
catch (Exception ex)
{
TextLog.Log("Watchdog", "Erro ao processar o controle do serviço '" + service.DisplayName + "': " + ex.Message);
}
}
}
catch (Exception ex)
{
TextLog.Log("Watchdog", "Erro ao processar o controle dos serviços: " + ex.Message);
}
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Boolean delete(IAMDatabase database, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("workflowid"))
{
Error(ErrorType.InvalidRequest, "Parameter workflowid is not defined.", "", null);
return(false);
}
String plugin = parameters["workflowid"].ToString();
if (String.IsNullOrWhiteSpace(plugin))
{
Error(ErrorType.InvalidRequest, "Parameter workflowid is not defined.", "", null);
return(false);
}
Int64 workflowid = 0;
try
{
workflowid = Int64.Parse(plugin);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter workflowid is not a long integer.", "", null);
return(false);
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@plugin_id", typeof(Int64)).Value = workflowid;
DataTable dtPlugin = database.ExecuteDataTable("select p.*, resource_plugin_qty = (select COUNT(distinct rp1.plugin_id) from resource_plugin rp1 where rp1.plugin_id = p.id) from plugin p with(nolock) where p.enterprise_id = @enterprise_id and p.id = @plugin_id", CommandType.Text, par, null);
if (dtPlugin == null)
{
Error(ErrorType.InternalError, "", "", null);
return(false);
}
if (dtPlugin.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Plugin not found.", "", null);
return(false);
}
//Verifica se está sendo usado
if ((Int32)dtPlugin.Rows[0]["resource_plugin_qty"] > 0)
{
Error(ErrorType.SystemError, "Plugin is being used and can not be deleted.", "", null);
return(false);
}
//Localiza o arquivo físico
FileInfo assemblyFile = null;
try
{
DirectoryInfo pluginsDir = null;
pluginsDir = new DirectoryInfo(database.GetDBConfig("pluginFolder"));
if (pluginsDir.Exists)
{
assemblyFile = new FileInfo(Path.Combine(pluginsDir.FullName, dtPlugin.Rows[0]["assembly"].ToString()));
}
}
catch
{
assemblyFile = null;
}
if ((assemblyFile == null) || (!assemblyFile.Exists))
{
Error(ErrorType.SystemError, "Plugin physical file not found.", "", null);
return(false);
}
SqlTransaction trans = (SqlTransaction)database.BeginTransaction();
try
{
database.ExecuteNonQuery("delete from plugin where id = @plugin_id", CommandType.Text, par, trans);
database.AddUserLog(LogKey.Plugin_Deleted, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Plugin " + dtPlugin.Rows[0]["name"] + " deleted", "", trans);
assemblyFile.Delete();
trans.Commit();
}
catch {
trans.Rollback();
Error(ErrorType.SystemError, "Fail on delete physical file", "", null);
return(false);
}
return(true);
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Boolean adduser(IAMDatabase database, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("roleid"))
{
Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null);
return(false);
}
String role = parameters["roleid"].ToString();
if (String.IsNullOrWhiteSpace(role))
{
Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null);
return(false);
}
String userid = parameters["userid"].ToString();
if (String.IsNullOrWhiteSpace(userid))
{
Error(ErrorType.InvalidRequest, "Parameter userid is not defined.", "", null);
return(false);
}
Int64 roleid = 0;
try
{
roleid = Int64.Parse(role);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter roleid is not a long integer.", "", null);
return(false);
}
List <Int64> users = new List <Int64>();
String[] t = userid.Split(",".ToCharArray());
foreach (String u in t)
{
try
{
Int64 tmp = Int64.Parse(u);
users.Add(tmp);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter users is not a long integer.", "", null);
return(false);
}
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@role_id", typeof(Int64)).Value = roleid;
DataTable dtUsers = database.ExecuteDataTable("select r.*, c.enterprise_id, entity_qty = (select COUNT(distinct i.entity_id) from identity_role ir inner join [identity] i with(nolock) on ir.identity_id = i.id where ir.role_id = r.id) from role r inner join context c with(nolock) on c.id = r.context_id where c.enterprise_id = @enterprise_id and r.id = @role_id order by r.name", CommandType.Text, par, null);
if (dtUsers == null)
{
Error(ErrorType.InternalError, "", "", null);
return(false);
}
if (dtUsers.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Role not found.", "", null);
return(false);
}
foreach (Int64 u in users)
{
DbParameterCollection par2 = new DbParameterCollection();
par2.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par2.Add("@role_id", typeof(Int64)).Value = roleid;
par2.Add("@entity_id", typeof(Int64)).Value = u;
DataTable dtRet = database.ExecuteDataTable("sp_insert_entity_to_role", CommandType.StoredProcedure, par2);
if ((dtRet != null) && (dtRet.Rows.Count > 0))
{
database.AddUserLog(LogKey.User_IdentityRoleBind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, u, (Int64)dtRet.Rows[0]["identity_id"], "Identity bind to role " + dtRet.Rows[0]["role_name"].ToString(), "");
}
}
return(true);
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Dictionary <String, Object> change(IAMDatabase database, Dictionary <String, Object> parameters)
{
Dictionary <String, Object> result = new Dictionary <String, Object>();
if (!parameters.ContainsKey("roleid"))
{
Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null);
return(null);
}
String role = parameters["roleid"].ToString();
if (String.IsNullOrWhiteSpace(role))
{
Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null);
return(null);
}
Int64 roleid = 0;
try
{
roleid = Int64.Parse(role);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter roleid is not a long integer.", "", null);
return(null);
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@role_id", typeof(Int64)).Value = roleid;
DataTable dtUsers = database.ExecuteDataTable("select r.*, c.enterprise_id, entity_qty = (select COUNT(distinct i.entity_id) from identity_role ir inner join [identity] i with(nolock) on ir.identity_id = i.id where ir.role_id = r.id) from role r inner join context c with(nolock) on c.id = r.context_id where c.enterprise_id = @enterprise_id and r.id = @role_id order by r.name", CommandType.Text, par, null);
if (dtUsers == null)
{
Error(ErrorType.InternalError, "", "", null);
return(null);
}
if (dtUsers.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Role not found.", "", null);
return(null);
}
List <String> log = new List <String>();
String updateSQL = "update role set ";
Boolean update = false;
if (parameters["name"] != null)
{
String name = parameters["name"].ToString();
if (!String.IsNullOrWhiteSpace(name))
{
par.Add("@name", typeof(String)).Value = name;
updateSQL += "name = @name";
update = true;
log.Add("Name changed from '" + dtUsers.Rows[0]["name"] + "' to '" + name + "'");
}
}
if (update)
{
updateSQL += " where id = @role_id";
database.ExecuteNonQuery(updateSQL, CommandType.Text, par);
database.AddUserLog(LogKey.Role_Changed, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Role changed", String.Join("\r\n", log));
}
//Atualiza a busca com os dados atualizados
dtUsers = database.ExecuteDataTable("select r.*, c.enterprise_id, entity_qty = (select COUNT(distinct i.entity_id) from identity_role ir inner join [identity] i with(nolock) on ir.identity_id = i.id where ir.role_id = r.id) from role r inner join context c with(nolock) on c.id = r.context_id where c.enterprise_id = @enterprise_id and r.id = @role_id order by r.name", CommandType.Text, par, null);
DataRow dr1 = dtUsers.Rows[0];
Dictionary <string, object> newItem = new Dictionary <string, object>();
newItem.Add("enterprise_id", dr1["enterprise_id"]);
newItem.Add("role_id", dr1["id"]);
newItem.Add("parent_id", dr1["parent_id"]);
newItem.Add("context_id", dr1["context_id"]);
newItem.Add("name", dr1["name"]);
newItem.Add("entity_qty", dr1["entity_qty"]);
newItem.Add("create_date", (dr1["create_date"] != DBNull.Value ? (Int32)((((DateTime)dr1["create_date"]) - new DateTime(1970, 1, 1)).TotalSeconds) : 0));
result.Add("info", newItem);
return(result);
}
//public static PluginConnectorBaseDeployPackage GetPackage(IAMDatabase db, Int64 proxyId, Int64 resourceId, Int64 pluginId, Int64 entityId, Int64 identityId, Boolean passwordAfterLogin, DateTime? lastChangePassword, String deploy_password_hash)
public static PluginConnectorBaseDeployPackage GetPackage(IAMDatabase db, Int64 proxyId, Int64 resourcePluginId, Int64 entityId, Int64 identityId, Boolean passwordAfterLogin, DateTime?lastChangePassword, String deploy_password_hash, Boolean useSalt, Boolean saltOnEnd, String salt)
{
PluginConnectorBaseDeployPackage pkg = new PluginConnectorBaseDeployPackage();
List <String> deployInfo = new List <string>();//"Identity addedd in deploy package with ";
String deployText = "";
deployText = "Package ID: " + pkg.pkgId + Environment.NewLine;
try
{
String sql = "select e.*, c.enterprise_id, rp.plugin_id, i.id identity_id, i.temp_locked, c.name context_name, e1.name enterprise_name, block_inheritance = case when exists (select 1 from identity_block_inheritance bi with(nolock) where bi.identity_id = i.id) then cast(1 as bit) else cast(0 as bit) end from entity e with(nolock) inner join context c with(nolock) on c.id = e.context_id inner join [identity] i with(nolock) on i.entity_id = e.id inner join resource_plugin rp with(nolock) on rp.id = i.resource_plugin_id inner join enterprise e1 with(nolock) on c.enterprise_id = e1.id where e.id = " + entityId + " and i.id = " + identityId;
if (identityId == 0)
{
sql = "select e.*, c.enterprise_id, rp.plugin_id, cast(0 as bigint) identity_id, cast(0 as bit) as temp_locked, c.name context_name, e1.name enterprise_name, cast(0 as bit) as block_inheritance from entity e with(nolock) inner join context c with(nolock) on c.id = e.context_id cross join resource_plugin rp with(nolock) inner join enterprise e1 with(nolock) on c.enterprise_id = e1.id where e.id = " + entityId;
}
DataTable dtEnt = db.Select(sql);
if ((dtEnt == null) || (dtEnt.Rows.Count == 0))
{
throw new Exception("Entity/Identity not found");
}
//DataTable dtPlugin = db.Select("select p.* from plugin p where p.id = " + pluginId);
DataTable dtPlugin = db.Select("select distinct p.*, rp.resource_id from plugin p inner join resource_plugin rp on rp.plugin_id = p.id inner join resource r on rp.resource_id = r.id inner join entity e on e.context_id = r.context_id where rp.id = " + resourcePluginId + " and e.id = " + entityId);
if ((dtPlugin == null) || (dtPlugin.Rows.Count == 0))
{
throw new Exception("Plugin not found or not linked in the same context of entity");
}
if ((Boolean)dtEnt.Rows[0]["block_inheritance"])
{
throw new Exception("Inheritance blocked");
}
Int64 resourceId = (Int64)dtPlugin.Rows[0]["resource_id"];
Int64 pluginId = (Int64)dtPlugin.Rows[0]["id"];
//Define as pripriedades gerais
pkg.registryId = dtEnt.Rows[0]["id"] + "-" + DateTime.Now.ToString("yyyyMMddHHmmss");
pkg.entityId = entityId;
pkg.identityId = identityId;
pkg.fullName = new FullName(dtEnt.Rows[0]["full_name"].ToString());
pkg.login = dtEnt.Rows[0]["login"].ToString();
pkg.lastChangePassword = (lastChangePassword.HasValue ? lastChangePassword.Value.ToString("o") : null);
pkg.locked = (Boolean)dtEnt.Rows[0]["locked"];
pkg.temp_locked = (Boolean)dtEnt.Rows[0]["temp_locked"];
pkg.mustChangePassword = (Boolean)dtEnt.Rows[0]["must_change_password"];
pkg.deleted = (Boolean)dtEnt.Rows[0]["deleted"];
pkg.enterprise = dtEnt.Rows[0]["enterprise_name"].ToString();
pkg.context = dtEnt.Rows[0]["context_name"].ToString();
if ((Boolean)dtEnt.Rows[0]["deleted"])
{
db.AddUserLog(LogKey.User_Deploy, null, "Deploy", UserLogLevel.Info, proxyId, 0, 0, resourceId, pluginId, (Int64)dtEnt.Rows[0]["id"], (Int64)dtEnt.Rows[0]["identity_id"], "Deploy to delete identity");
}
//Container
pkg.container = "";
try
{
DataTable dtUserContainer = db.Select("select top 1 c.* from [container] c with(nolock) inner join entity_container ec with(nolock) on c.id = ec.container_id where ec.entity_id = " + entityId);
if ((dtUserContainer != null) && (dtUserContainer.Rows.Count > 0))
{
List <String> path = new List <string>();
path.Add(dtUserContainer.Rows[0]["name"].ToString());
if ((Int64)dtUserContainer.Rows[0]["parent_id"] > 0)
{
DataTable dtContainers = db.Select("select c.* from container c with(nolock)");
if ((dtContainers != null) || (dtContainers.Rows.Count > 0))
{
Func <Int64, Boolean> chields = null;
chields = new Func <Int64, Boolean>(delegate(Int64 root)
{
foreach (DataRow dr in dtContainers.Rows)
{
if (((Int64)dr["id"] == root))
{
path.Add(dr["name"].ToString());
chields((Int64)dr["parent_id"]);
break;
}
}
return(true);
});
chields((Int64)dtUserContainer.Rows[0]["parent_id"]);
}
}
path.Reverse();
pkg.container = "\\" + String.Join("\\", path);
}
}
catch { }
//Senha
pkg.password = "";
if ((dtEnt.Rows[0]["password"] != DBNull.Value) && (dtEnt.Rows[0]["password"].ToString().Trim() != ""))
{
//Este recurso x plugin só permite o deploy da SENHA após o primeiro login
if ((!passwordAfterLogin) || ((passwordAfterLogin) && (dtEnt.Rows[0]["last_login"] != DBNull.Value)))
{
try
{
String pwd = "";
using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(db.Connection, (Int64)dtEnt.Rows[0]["enterprise_id"]))
using (CryptApi cApi = CryptApi.ParsePackage(sk.ServerPKCS12Cert, Convert.FromBase64String(dtEnt.Rows[0]["password"].ToString())))
pwd = Encoding.UTF8.GetString(cApi.clearData);
//Verifica se usará SALT
if (useSalt)
{
if (!String.IsNullOrWhiteSpace(salt))
{
if (saltOnEnd)
{
deployInfo.Add("password + SALT");
pwd = pwd + salt.Trim();
}
else
{
deployInfo.Add("SALT + password");
pwd = salt.Trim() + pwd;
}
}
else
{
deployInfo.Add("salt is empty");
}
}
else
{
deployInfo.Add("no salt");
}
if (!String.IsNullOrEmpty(deploy_password_hash))
{
switch (deploy_password_hash.ToLower())
{
case "md5":
using (MD5 hAlg = MD5.Create())
pkg.password = ComputeHash(hAlg, pwd).ToUpper();
pkg.hash_alg = HashAlg.MD5;
deployInfo.Add("MD5 password");
break;
case "sha1":
using (SHA1 hAlg = SHA1.Create())
pkg.password = ComputeHash(hAlg, pwd).ToUpper();
pkg.hash_alg = HashAlg.SHA1;
deployInfo.Add("SHA1 password");
break;
case "sha256":
using (SHA256 hAlg = SHA256.Create())
pkg.password = ComputeHash(hAlg, pwd).ToUpper();
pkg.hash_alg = HashAlg.SHA256;
deployInfo.Add("SHA256 password");
break;
case "sha512":
using (SHA512 hAlg = SHA512.Create())
pkg.password = ComputeHash(hAlg, pwd).ToUpper();
pkg.hash_alg = HashAlg.SHA512;
deployInfo.Add("SHA512 password");
break;
default:
//Nenhum algoritmo de hash
pkg.password = pwd;
pkg.hash_alg = HashAlg.None;
deployInfo.Add("clear text password");
break;
}
}
else
{
pkg.password = pwd;
pkg.hash_alg = HashAlg.None;
deployInfo.Add("clear text password");
}
deployText += "User password added in deploy" + Environment.NewLine;
//db.AddUserLog(LogKey.User_Deploy, null, "Deploy", UserLogLevel.Info, proxyId, 0, 0, resourceId, pluginId, (Int64)dtEnt.Rows[0]["id"], (Int64)dtEnt.Rows[0]["identity_id"], "User password added in deploy");
}
catch (Exception ex)
{
deployInfo.Add("no password");
deployText += "User password not deployed because a erro on decrypt password: "******"Deploy", UserLogLevel.Warning, proxyId, 0, 0, resourceId, pluginId, (Int64)dtEnt.Rows[0]["id"], (Int64)dtEnt.Rows[0]["identity_id"], "User password not deployed because a erro on decrypt password: "******"no password");
deployText += "User password not deployed because the user is not logged in yet" + Environment.NewLine;
//db.AddUserLog(LogKey.User_Deploy, null, "Deploy", UserLogLevel.Debug, proxyId, 0, 0, resourceId, pluginId, (Int64)dtEnt.Rows[0]["id"], (Int64)dtEnt.Rows[0]["identity_id"], "User password not deployed because the user is not logged in yet");
}
}
else
{
deployInfo.Add("no password");
deployText += "User password is empty and not deployed" + Environment.NewLine;
//db.AddUserLog(LogKey.User_Deploy, null, "Deploy", UserLogLevel.Debug, proxyId, 0, 0, resourceId, pluginId, (Int64)dtEnt.Rows[0]["id"], (Int64)dtEnt.Rows[0]["identity_id"], "User password is empty and not deployed");
}
//Busca todas as propriedades com o mapping deste plugin, porém com dados vindos exclusivos da entidade
DataTable dtEntField = db.Select("select pf.data_name, efe.value, pf.data_type from entity_field efe inner join entity e on efe.entity_id = e.id inner join (select m.field_id, m.data_name, f.data_type from resource_plugin rp inner join resource r on rp.resource_id = r.id inner join resource_plugin_mapping m on m.resource_plugin_id = rp.id and m.is_password = 0 inner join field f on m.field_id = f.id where rp.id = " + resourcePluginId + ") pf on pf.field_id = efe.field_id where e.id = " + pkg.entityId + " group by pf.data_name, efe.value, pf.data_type");
if ((dtEntField != null) && (dtEntField.Rows.Count > 0))
{
foreach (DataRow drEf in dtEntField.Rows)
{
if (!pkg.entiyData.Exists(d => (d.dataName == drEf["data_name"].ToString())))
{
pkg.entiyData.Add(new PluginConnectorBasePackageData(drEf["data_name"].ToString(), ConvertoToString(dtEntField.Columns["value"], drEf), drEf["data_type"].ToString()));
}
}
}
//Busca todas as propriedades com o mapping deste plugin, porém com dados vindos dos plugins de entrada
//Exclui os itens de nome e senha por ja terem sido colocados acima
dtEntField = db.Select("select pf.data_name, ife.value, pf.data_type, rp.priority from identity_field ife inner join [identity] i on ife.identity_id = i.id inner join entity e on i.entity_id = e.id inner join resource_plugin rp on i.resource_plugin_id = rp.id inner join (select m.field_id, m.data_name, f.data_type from resource_plugin rp inner join resource r on rp.resource_id = r.id inner join resource_plugin_mapping m on m.resource_plugin_id = rp.id and m.is_password = 0 inner join field f on m.field_id = f.id where rp.id = " + resourcePluginId + ") pf on pf.field_id = ife.field_id where rp.enable_import = 1 and i.entity_id = " + pkg.entityId + " and not exists (select 1 from identity_block_inheritance bi where bi.identity_id = i.id) group by pf.data_name, ife.value, pf.data_type, rp.priority order by rp.priority desc, pf.data_name");
if ((dtEntField != null) && (dtEntField.Rows.Count > 0))
{
foreach (DataRow drEf in dtEntField.Rows)
{
if (!pkg.importsPluginData.Exists(d => (d.dataName == drEf["data_name"].ToString())))
{
pkg.importsPluginData.Add(new PluginConnectorBasePackageData(drEf["data_name"].ToString(), ConvertoToString(dtEntField.Columns["value"], drEf), drEf["data_type"].ToString()));
}
}
}
//Busca todas as propriedades vinculadas a este identity
//Exclui os itens de nome e senha por ja terem sido colocados acima
dtEntField = db.Select("select m.data_name, ife.value, f.data_type from identity_field ife inner join [identity] i on ife.identity_id = i.id inner join entity e on i.entity_id = e.id inner join resource_plugin rp on rp.id = i.resource_plugin_id and ife.field_id <> rp.name_field_id inner join resource r on r.context_id = e.context_id and rp.resource_id = r.id inner join resource_plugin_mapping m on m.resource_plugin_id = rp.id and m.field_id = ife.field_id and m.is_password = 0 inner join field f on ife.field_id = f.id where i.entity_id = " + pkg.entityId + " and i.id = " + identityId + " group by m.data_name, ife.value, f.data_type");
if ((dtEntField != null) && (dtEntField.Rows.Count > 0))
{
foreach (DataRow drEf in dtEntField.Rows)
{
pkg.pluginData.Add(new PluginConnectorBasePackageData(drEf["data_name"].ToString(), ConvertoToString(dtEntField.Columns["value"], drEf), drEf["data_type"].ToString()));
}
}
//Busca todas as propriedades vinculadas aos outras identity
//Exclui os itens de nome e senha por ja terem sido colocados acima
dtEntField = db.Select("select m.data_name, ife.value, f.data_type from identity_field ife inner join [identity] i on ife.identity_id = i.id inner join entity e on i.entity_id = e.id inner join resource_plugin rp on rp.id = i.resource_plugin_id and ife.field_id <> rp.name_field_id inner join resource r on r.context_id = e.context_id and rp.resource_id = r.id inner join resource_plugin_mapping m on m.resource_plugin_id = rp.id and m.field_id = ife.field_id and m.is_password = 0 inner join field f on ife.field_id = f.id where i.entity_id = " + pkg.entityId + " and i.id <> " + identityId + " and not exists (select 1 from identity_block_inheritance bi where bi.identity_id = i.id) group by m.data_name, ife.value, f.data_type");
if ((dtEntField != null) && (dtEntField.Rows.Count > 0))
{
foreach (DataRow drEf in dtEntField.Rows)
{
pkg.properties.Add(new PluginConnectorBasePackageData(drEf["data_name"].ToString(), ConvertoToString(dtEntField.Columns["value"], drEf), drEf["data_type"].ToString()));
}
}
//Busca todas as propriedades (independente do identity) usando o mapping deste plugin
//Exclui o senha por ja tere sido colocado acima
dtEntField = db.Select("select pf.data_name, ife.value, pf.data_type from identity_field ife inner join [identity] i on ife.identity_id = i.id inner join entity e on i.entity_id = e.id inner join (select m.field_id, m.data_name, f.data_type from resource_plugin rp inner join resource r on rp.resource_id = r.id inner join resource_plugin_mapping m on m.resource_plugin_id = rp.id and m.is_password = 0 inner join field f on m.field_id = f.id where rp.id = " + resourcePluginId + ") pf on pf.field_id = ife.field_id where i.entity_id = " + pkg.entityId + " and not exists (select 1 from identity_block_inheritance bi where bi.identity_id = i.id) group by pf.data_name, ife.value, pf.data_type");
if ((dtEntField != null) && (dtEntField.Rows.Count > 0))
{
foreach (DataRow drEf in dtEntField.Rows)
{
pkg.properties.Add(new PluginConnectorBasePackageData(drEf["data_name"].ToString(), ConvertoToString(dtEntField.Columns["value"], drEf), drEf["data_type"].ToString()));
}
}
//Busca todas as propriedades da tabela entity_field (exclusiva para dados manuais) usando o mapping deste plugin
//Exclui o senha por ja tere sido colocado acima
dtEntField = db.Select("select pf.data_name, efe.value, pf.data_type from entity_field efe inner join entity e on efe.entity_id = e.id inner join (select m.field_id, m.data_name, f.data_type from resource_plugin rp inner join resource r on rp.resource_id = r.id inner join resource_plugin_mapping m on m.resource_plugin_id = rp.id and m.is_password = 0 inner join field f on m.field_id = f.id where rp.id = " + resourcePluginId + ") pf on pf.field_id = efe.field_id where efe.entity_id = " + pkg.entityId + " group by pf.data_name, efe.value, pf.data_type");
if ((dtEntField != null) && (dtEntField.Rows.Count > 0))
{
foreach (DataRow drEf in dtEntField.Rows)
{
pkg.properties.Add(new PluginConnectorBasePackageData(drEf["data_name"].ToString(), ConvertoToString(dtEntField.Columns["value"], drEf), drEf["data_type"].ToString()));
}
}
//Busca somente as propriedades marcadas como ID ou Unique property
//Exclui os itens de nome e senha por ja terem sido colocados acima
dtEntField = db.Select("select m.data_name, ife.value, f.data_type from identity_field ife inner join [identity] i on ife.identity_id = i.id inner join entity e on i.entity_id = e.id inner join resource_plugin rp on rp.id = i.resource_plugin_id and ife.field_id <> rp.name_field_id inner join resource r on r.context_id = e.context_id and rp.resource_id = r.id inner join resource_plugin_mapping m on m.resource_plugin_id = rp.id and m.field_id = ife.field_id and m.is_password = 0 and (m.is_unique_property = 1 or m.is_unique_property = 1) inner join field f on ife.field_id = f.id where i.entity_id = " + pkg.entityId + " and not exists (select 1 from identity_block_inheritance bi where bi.identity_id = i.id) group by m.data_name, ife.value, f.data_type");
if ((dtEntField != null) && (dtEntField.Rows.Count > 0))
{
foreach (DataRow drEf in dtEntField.Rows)
{
pkg.ids.Add(new PluginConnectorBasePackageData(drEf["data_name"].ToString(), ConvertoToString(dtEntField.Columns["value"], drEf), drEf["data_type"].ToString()));
}
}
//RBAC
//Ações das roles desta identity para este resource x plugin
DataTable dtRoleAction = db.Select("select i.id identity_id, r.* from [identity] i inner join [entity] e on e.id = i.entity_id inner join identity_role ir on ir.identity_id = i.id inner join (select rp.id resource_plugin_id, rp.plugin_id, rp.resource_id, r.name role_name, rpa.id action_id, rpa.role_id, rpa.action_key, rpa.action_add_value, rpa.action_del_value, rpa.additional_data from resource_plugin rp inner join resource_plugin_role rpr on rpr.resource_plugin_id = rp.id inner join resource_plugin_role_action rpa on rpa.resource_plugin_id = rp.id inner join [role] r on r.id = rpa.role_id and r.id = rpr.role_id) r on r.role_id = ir.role_id where r.resource_plugin_id = " + resourcePluginId + " AND e.id = " + entityId);
if ((dtRoleAction != null) && (dtRoleAction.Rows.Count > 0))
{
foreach (DataRow drR in dtRoleAction.Rows)
{
pkg.pluginAction.Add(new PluginConnectorBaseDeployPackageAction(PluginActionType.Add, drR["role_name"].ToString(), drR["action_key"].ToString(), drR["action_add_value"].ToString(), (drR["additional_data"] != DBNull.Value ? drR["additional_data"].ToString() : null)));
//db.AddUserLog(LogKey.Role_Deploy, null, "Deploy", UserLogLevel.Info, proxyId, 0, 0, resourceId, pluginId, (Int64)dtEnt.Rows[0]["id"], (Int64)dtEnt.Rows[0]["identity_id"], "Role: " + drR["role_name"].ToString());
deployInfo.Add("role " + drR["role_name"].ToString());
deployText += "role " + drR["role_name"].ToString() + Environment.NewLine;
}
}
db.AddUserLog(LogKey.Role_Deploy, null, "Deploy", UserLogLevel.Info, proxyId, 0, 0, resourceId, pluginId, (Int64)dtEnt.Rows[0]["id"], (Int64)dtEnt.Rows[0]["identity_id"], "Identity addedd in deploy package with: " + String.Join(", ", deployInfo), deployText);
}
finally
{
if (deployInfo != null)
{
deployInfo.Clear();
}
deployInfo = null;
deployText = "";
}
return(pkg);
}
private void BuildBackup()
{
StringBuilder bkpLog = new StringBuilder();
IAMDatabase db = null;
try
{
db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword);
db.openDB();
bkpLog.AppendLine("Listando tabelas da base de dados...");
DataTable dtS = db.Select("select TABLE_NAME from information_schema.tables where TABLE_TYPE = 'BASE TABLE' order by TABLE_NAME");
if ((dtS == null) || (dtS.Rows.Count == 0))
{
bkpLog.AppendLine("Listagem de tabelas vazia ou nula");
throw new Exception("Table list is null or empty");
}
bkpLog.AppendLine(dtS.Rows.Count + " tabelas");
FileInfo bkpFile = new FileInfo(Path.Combine(Path.Combine(basePath, "Backup"), "bkp-" + DateTime.Now.ToString("yyyy-MM-dd-HH-mm") + ".iambkp"));
if (!bkpFile.Directory.Exists)
{
bkpFile.Directory.Create();
}
bkpLog.AppendLine("Criando arquivo de backup: " + bkpFile.FullName);
using (SqliteBase exportDB = new SqliteBase(bkpFile))
{
foreach (DataRow drSrc in dtS.Rows)
{
String tableName = drSrc["TABLE_NAME"].ToString();
bkpLog.AppendLine("Exportando tabela: " + tableName);
Console.WriteLine(tableName);
DataTable dtSchema = db.GetSchema(tableName);
StringBuilder createCmd = new StringBuilder();
createCmd.AppendLine("DROP TABLE IF EXISTS [" + tableName.ToLower() + "];");
/*
* CREATE TABLE [Events] (
* id INTEGER PRIMARY KEY AUTOINCREMENT,
* test_id TEXT NOT NULL,
* date datetime not null DEFAULT (datetime('now','localtime')),
* event_text TEXT NULL
* );*/
List <String> columns = new List <string>();
bkpLog.AppendLine("Criando estrutura da tabela");
try
{
foreach (DataColumn dc in dtSchema.Columns)
{
if (dc.DataType.Equals(typeof(Int32)) || dc.DataType.Equals(typeof(Int64)))
{
columns.Add("[" + dc.ColumnName + "] INTEGER NULL");
}
else if (dc.DataType.Equals(typeof(DateTime)))
{
columns.Add("[" + dc.ColumnName + "] datetime NULL");
}
else
{
columns.Add("[" + dc.ColumnName + "] TEXT NULL");
}
}
}
catch (Exception ex)
{
bkpLog.AppendLine("Erro ao listar as colunas da tabela '" + tableName + "': " + ex.Message);
TextLog.Log("Backup", "\tErro ao listar as colunas da tabela '" + tableName + "': " + ex.Message);
throw ex;
}
try
{
createCmd.AppendLine("CREATE TABLE [" + tableName.ToLower() + "] (");
createCmd.AppendLine(String.Join(", " + Environment.NewLine, columns));
createCmd.AppendLine(");");
exportDB.ExecuteNonQuery(createCmd.ToString());
}
catch (Exception ex)
{
bkpLog.AppendLine("Erro ao criando tabela '" + tableName + "': " + ex.Message);
TextLog.Log("Backup", "\tErro ao criando tabela '" + tableName + "': " + ex.Message);
throw ex;
}
//Copiando dados das tabelas
try
{
bkpLog.AppendLine("Copiando dados");
if (tableName.ToLower() == "logs")
{
DataTable dtSrcData = db.ExecuteDataTable("select l.* from [logs] l with(nolock) inner join [entity_timeline] et with(nolock) on et.log_id = l.id");
exportDB.BulkCopy(dtSrcData, tableName.ToLower());
}
else if (tableName.ToLower() == "entity")
{
DataTable dtSrcData = db.ExecuteDataTable("select * from [" + tableName + "] with(nolock)");
exportDB.BulkCopy(dtSrcData, tableName.ToLower());
}
else
{
DataTable dtSrcData = db.ExecuteDataTable("select * from [" + tableName + "] with(nolock)");
exportDB.BulkCopy(dtSrcData, tableName.ToLower());
}
}
catch (Exception ex)
{
bkpLog.AppendLine("Erro copiando dados da tabela '" + tableName + "': " + ex.Message);
TextLog.Log("Backup", "\tErro copiando dados da tabela '" + tableName + "': " + ex.Message);
//throw ex;
}
}
//No final de todo o processo atualiza as senhas como cleartext
try
{
bkpLog.AppendLine("Atualizando as senhas das entidades");
DataTable dtEnt = db.ExecuteDataTable("select id from [enterprise] with(nolock)");
foreach (DataRow drEnt in dtEnt.Rows)
{
using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(db.Connection, (Int64)drEnt["id"]))
{
DataTable dtSrcData = db.ExecuteDataTable("select e.id, e.password, c.enterprise_id from [entity] e with(nolock) inner join [context] c with(nolock) on e.context_id = c.id where c.enterprise_id = " + drEnt["id"]);
//Atualiza senha em clear text de cada usu[ario
foreach (DataRow drUser in dtSrcData.Rows)
{
try
{
using (CryptApi cApi = CryptApi.ParsePackage(sk.ServerPKCS12Cert, Convert.FromBase64String(drUser["password"].ToString())))
{
exportDB.ExecuteNonQuery("update entity set password = '******' where id = " + drUser["id"]);
}
}
catch (Exception ex)
{
bkpLog.AppendLine("Erro decriptografando a senha da entidade '" + drUser["id"] + "': " + ex.Message);
TextLog.Log("Backup", "\tErro decriptografando a senha da entidade '" + drUser["id"] + "': " + ex.Message);
//throw ex;
}
}
}
}
}
catch (Exception ex)
{
bkpLog.AppendLine("Erro atualizando as senhas para cleartext: " + ex.Message);
TextLog.Log("Backup", "\tErro atualizando as senhas para cleartext: " + ex.Message);
//throw ex;
}
}
db.AddUserLog(LogKey.Backup, DateTime.Now, "Backup", UserLogLevel.Info, 0, 0, 0, 0, 0, 0, 0, "Backup realizado com sucesso", bkpLog.ToString());
}
catch (Exception ex)
{
TextLog.Log("Backup", "\tError building backup: " + ex.Message);
bkpLog.AppendLine("Error building backup: " + ex.Message);
try
{
db.AddUserLog(LogKey.Backup, DateTime.Now, "Backup", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Backup finalizado com erro", bkpLog.ToString());
}
catch { }
}
finally
{
if (bkpLog != null)
{
bkpLog = null;
}
if (db != null)
{
db.Dispose();
}
}
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Boolean delete(IAMDatabase database, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("containerid"))
{
Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null);
return(false);
}
String container = parameters["containerid"].ToString();
if (String.IsNullOrWhiteSpace(container))
{
Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null);
return(false);
}
Int64 containerid = 0;
try
{
containerid = Int64.Parse(container);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter containerid is not a long integer.", "", null);
return(false);
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@container_id", typeof(Int64)).Value = containerid;
DataTable dtUsers = database.ExecuteDataTable("select c.*, entity_qty = (select COUNT(distinct e.id) from entity e with(nolock) inner join entity_container ec with(nolock) on e.id = ec.entity_id where ec.container_id = c.id), chield_qty = (select COUNT(distinct chield.id) from container chield with(nolock) where chield.parent_id = c.id) from container c with(nolock) inner join context c1 with(nolock) on c1.id = c.context_id where c1.enterprise_id = @enterprise_id and c.id = @container_id order by c.name", CommandType.Text, par, null);
if (dtUsers == null)
{
Error(ErrorType.InternalError, "", "", null);
return(false);
}
if (dtUsers.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Container not found.", "", null);
return(false);
}
if ((Int32)dtUsers.Rows[0]["entity_qty"] > 0)
{
Error(ErrorType.InvalidRequest, "Container is not empty.", "", null);
return(false);
}
if ((Int32)dtUsers.Rows[0]["chield_qty"] > 0)
{
Error(ErrorType.InvalidRequest, "Container has chield containers.", "", null);
return(false);
}
database.ExecuteNonQuery("delete from container where id = @container_id", CommandType.Text, par);
database.AddUserLog(LogKey.Context_Deleted, null, "API", UserLogLevel.Error, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Container " + dtUsers.Rows[0]["name"] + " deleted", "");
return(true);
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Dictionary <String, Object> newfilter(SqlConnection sqlConnection, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("name"))
{
Error(ErrorType.InvalidRequest, "Parameter name is not defined.", "", null);
return(null);
}
String name = parameters["name"].ToString();
if (String.IsNullOrWhiteSpace(name))
{
Error(ErrorType.InvalidRequest, "Parameter name is not defined.", "", null);
return(null);
}
DbParameterCollection par2 = new DbParameterCollection();
par2.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par2.Add("@filter_name", typeof(String), name.Length).Value = name;
DataTable dtF1 = ExecuteDataTable(sqlConnection, "select * from filters with(nolock) where enterprise_id = @enterprise_id and name = @filter_name", CommandType.Text, par2, null);
if ((dtF1 != null) && (dtF1.Rows.Count > 0))
{
Error(ErrorType.InvalidRequest, "Filter with the same name already exists.", "", null);
return(null);
}
List <String> log = new List <String>();
Boolean updateName = false;
Boolean updateConditions = false;
FilterRule filterData = getFilterData(sqlConnection, "", parameters, log, out updateName, out updateConditions);
if (filterData == null)
{
return(null);
}
if (String.IsNullOrEmpty(filterData.FilterName))
{
Error(ErrorType.InvalidRequest, "Parameter name is not defined.", "", null);
return(null);
}
if (filterData.FilterGroups.Count == 0)
{
Error(ErrorType.InvalidRequest, "Filter conditions is empty.", "", null);
return(null);
}
DataTable dtFilter = null;
SqlTransaction trans = sqlConnection.BeginTransaction();
try
{
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@filter_name", typeof(String)).Value = filterData.FilterName;
dtFilter = ExecuteDataTable(sqlConnection, "sp_new_filter", CommandType.StoredProcedure, par, trans);
if ((dtFilter == null) && (dtFilter.Rows.Count == 0))
{
Error(ErrorType.InvalidRequest, "Error on insert filter.", "", null);
return(null);
}
if (updateConditions && filterData.FilterGroups.Count > 0)
{
foreach (FilterGroup g in filterData.FilterGroups)
{
foreach (FilterCondition f in g.FilterRules)
{
DbParameterCollection p2 = new DbParameterCollection();
p2.Add("@filter_id", typeof(Int64)).Value = (Int64)dtFilter.Rows[0]["id"];
p2.Add("@group_id", typeof(String)).Value = g.GroupId;
p2.Add("@group_selector", typeof(String)).Value = g.Selector.ToString();
p2.Add("@field_id", typeof(String)).Value = f.FieldId;
p2.Add("@text", typeof(String)).Value = f.DataString;
p2.Add("@condition", typeof(String)).Value = f.ConditionType.ToString();
p2.Add("@selector", typeof(String)).Value = f.Selector.ToString();
log.Add("Condition inserted: group = " + g.GroupId + ", condition = " + f.ToString());
ExecuteNonQuery(sqlConnection, "insert into filters_conditions ([filter_id] ,[group_id] ,[group_selector] ,[field_id] ,[text] ,[condition] ,[selector]) VALUES (@filter_id,@group_id,@group_selector,@field_id,@text,@condition,@selector)", CommandType.Text, p2, trans);
}
}
log.Add("");
}
using (IAMDatabase db = new IAMDatabase(sqlConnection))
db.AddUserLog(LogKey.Filter_Inserted, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Filter added", String.Join("\r\n", log), acl.EntityId, trans);
trans.Commit();
trans = null;
}
catch (Exception ex)
{
Error(ErrorType.InvalidRequest, "Error on insert filter", "", null);
return(null);
}
finally
{
//Saída sem aviso, ou seja, erro
if (trans != null)
{
trans.Rollback();
}
}
Dictionary <String, Object> parameters2 = new Dictionary <string, object>();
parameters2.Add("filterid", dtFilter.Rows[0]["id"]);
return(get(sqlConnection, parameters2));
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Boolean adduser(IAMDatabase database, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("containerid"))
{
Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null);
return(false);
}
String role = parameters["containerid"].ToString();
if (String.IsNullOrWhiteSpace(role))
{
Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null);
return(false);
}
String userid = parameters["userid"].ToString();
if (String.IsNullOrWhiteSpace(userid))
{
Error(ErrorType.InvalidRequest, "Parameter userid is not defined.", "", null);
return(false);
}
Int64 containerid = 0;
try
{
containerid = Int64.Parse(role);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter containerid is not a long integer.", "", null);
return(false);
}
List <Int64> users = new List <Int64>();
String[] t = userid.Split(",".ToCharArray());
foreach (String u in t)
{
try
{
Int64 tmp = Int64.Parse(u);
users.Add(tmp);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter users is not a long integer.", "", null);
return(false);
}
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@container_id", typeof(Int64)).Value = containerid;
DataTable dtUsers = database.ExecuteDataTable("select c.*, c1.enterprise_id, c1.name context_name, entity_qty = (select COUNT(distinct e.id) from entity e with(nolock) inner join entity_container ec with(nolock) on e.id = ec.entity_id where ec.container_id = c.id) from container c with(nolock) inner join context c1 with(nolock) on c1.id = c.context_id where c1.enterprise_id = @enterprise_id and c.id = @container_id order by c.name", CommandType.Text, par, null);
if (dtUsers == null)
{
Error(ErrorType.InternalError, "", "", null);
return(false);
}
if (dtUsers.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Container not found.", "", null);
return(false);
}
try
{
SqlTransaction trans = (SqlTransaction)database.BeginTransaction();
foreach (Int64 u in users)
{
DbParameterCollection par2 = new DbParameterCollection();
par2.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par2.Add("@container_id", typeof(Int64)).Value = containerid;
par2.Add("@entity_id", typeof(Int64)).Value = u;
//Select all old containers
DataTable drContainers = database.ExecuteDataTable("select c.* from entity_container e inner join container c on c.id = e.container_id where e.entity_id = @entity_id", CommandType.Text, par2, trans);
if ((drContainers != null) && (drContainers.Rows.Count > 0))
{
foreach (DataRow dr in drContainers.Rows)
{
if ((Int64)dr["id"] == containerid)
{
database.AddUserLog(LogKey.User_ContainerRoleUnbind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, u, 0, "Identity unbind to container " + dr["name"].ToString(), "", Acl.EntityId, trans);
}
}
}
DataTable dtRet = database.ExecuteDataTable("sp_insert_entity_to_container", CommandType.StoredProcedure, par2, trans);
if ((dtRet != null) && (dtRet.Rows.Count > 0))
{
database.AddUserLog(LogKey.User_ContainerRoleBind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, u, 0, "Identity bind to container " + dtRet.Rows[0]["name"].ToString(), "", Acl.EntityId, trans);
database.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + u + ")", CommandType.Text, null, trans);
}
}
database.Commit();
}
catch (Exception ex)
{
database.Rollback();
Error(ErrorType.InvalidRequest, "Error on bind user to container", ex.Message, null);
return(false);
}
return(true);
}
/*[{"data_name":"id","field_id":"16","data_type":"string","value":"110059940913696826169"},{"data_name":"lastLoginTime","field_id":"14","data_type":"datetime","value":"1969- 12-31T22:00:00.0000000- 02:00"},{"data_name":"creationTime","field_id":"12","data_type":"datetime","value":"2013-12- 05T06:01:54.0000000- 02:00"},{"data_name":"primaryEmail","field_id":"4","data_type":"string","value":"*****@*****.**"},{"data_name":"fullname","field_id":"1","data_type":"string","value":"Adriana Aparecida Goll Tenorio"}] [{"data_name":"id","field_id":"16","data_type":"string","value":"110059940913696826169"},{"data_name":"lastLoginTime","field_id":"14","data_type":"datetime","value":"1969- 12-31T22:00:00.0000000- 02:00"},{"data_name":"creationTime","field_id":"12","data_type":"datetime","value":"2013-12- 05T06:01:54.0000000- 02:00"},{"data_name":"primaryEmail","field_id":"4","data_type":"string","value":"*****@*****.**"},{"data_name":"fullname","field_id":"1","data_type":"string","value":"Adriana Aparecida Goll Tenorio"}]*/
static public void auditReport(IAMDatabase db, DataTable dtS, List <MailAddress> recipents)
{
Int64 enterpriseId = (Int64)dtS.Rows[0]["enterprise_id"];
List <FileInfo> files = new List <FileInfo>();
StringBuilder body = new StringBuilder();
DataTable dtContext = db.Select("select distinct c.* from context c with(nolock) where c.enterprise_id = " + enterpriseId + " order by name");
if ((dtContext != null) && (dtContext.Rows.Count > 0))
{
foreach (DataRow drC in dtContext.Rows)
{
PDFReport report = new PDFReport(dtS.Rows[0]["title"].ToString() + " - " + drC["name"], "SafeTrend - SafeID v1.0");
body.AppendLine(dtS.Rows[0]["title"].ToString() + " - " + drC["name"]);
FileInfo tmpFile = new FileInfo(Path.Combine(Path.GetTempPath(), "audit-" + DateTime.Now.ToString("yyyyMMdd") + "-" + drC["id"] + "-" + DateTime.Now.ToString("hhmmssfffff") + ".pdf"));
if (tmpFile.Exists)
{
tmpFile.Delete();
}
body.AppendLine(" Arquivo: " + tmpFile.Name);
Int64 erroCount = 0;
DataTable dtResource = db.Select("select distinct r.* from resource r with(nolock) inner join resource_plugin rp with(nolock) on rp.resource_id = r.id inner join context c with(nolock) on c.id = r.context_id where c.id = " + drC["id"] + " order by name");
if ((dtResource != null) && (dtResource.Rows.Count > 0))
{
foreach (DataRow drR in dtResource.Rows)
{
DataTable dtRP = db.Select("select distinct rp.*, p.name plugin_name, p.scheme, p.id plugin_id from resource r with(nolock) inner join resource_plugin rp with(nolock) on rp.resource_id = r.id inner join plugin p with(nolock) on rp.plugin_id = p.id where r.id = " + drR["id"] + " order by p.name");
if ((dtRP != null) && (dtRP.Rows.Count > 0))
{
report.AddH1("Recurso " + drR["name"]);
foreach (DataRow drRP in dtRP.Rows)
{
report.AddH2("Plugin " + drRP["plugin_name"]);
PluginConfig pluginConfig = new PluginConfig(db.Connection, drRP["scheme"].ToString(), (Int64)drRP["plugin_id"], (Int64)drRP["id"]);
DataTable dtAudit = db.Select("select * from audit_identity a where resource_plugin_id = " + drRP["id"] + " and update_date >= DATEADD(day,-15,getdate()) order by full_name");
if ((dtAudit != null) && (dtAudit.Rows.Count > 0))
{
Int64 count = 1;
foreach (DataRow drAudit in dtAudit.Rows)
{
erroCount++;
try
{
report.AddParagraph(String.Format("{0:0000}. {1}", count, drAudit["full_name"].ToString()), 1, 3, true);
switch (drAudit["event"].ToString().ToLower())
{
case "not_exists":
report.AddParagraph("Problema encontrado: Usuário inexistente no SafeID", 2, 3, false);
break;
case "locked":
report.AddParagraph("Problema encontrado: Usuário inexistente no SafeID e não pode ser inserido pois está com status de bloqueado.", 2, 3, false);
break;
case "input_filter_empty":
report.AddParagraph("Problema encontrado: Informação para identificação não encontrado.", 2, 3, false);
break;
default:
report.AddParagraph("Problema encontrado: desconhecido", 2, 3, false);
break;
}
report.AddParagraph("Registrio criado em " + MessageResource.FormatDate((DateTime)drAudit["create_date"], false) + " e atualizado em " + MessageResource.FormatDate((DateTime)drAudit["update_date"], false), 2, 3, false);
List <FieldItem> fields = JSON.Deserialize <List <FieldItem> >(drAudit["fields"].ToString());
List <String> keys = new List <string>();
List <String> others = new List <string>();
foreach (FieldItem fi in fields)
{
foreach (PluginConfigMapping m in pluginConfig.mapping)
{
if ((m.data_name.ToLower() == fi.data_name.ToLower()))
{
if (m.is_id || m.is_unique_property)
{
if (!keys.Contains(m.field_name + " = " + fi.value))
{
keys.Add(m.field_name + " = " + fi.value);
}
}
else
{
if (!others.Contains(m.field_name + " = " + fi.value))
{
others.Add(m.field_name + " = " + fi.value);
}
}
}
}
}
report.AddParagraph("Identificadores: ", 2, 3, false);
for (Int32 c = 0; c < keys.Count; c++)
{
report.AddParagraph(keys[c], 3, (c == keys.Count - 1 ? 3 : 0), false);
}
report.AddParagraph("Outros dados: ", 2, 3, false);
for (Int32 c = 0; c < others.Count; c++)
{
report.AddParagraph(others[c], 3, (c == others.Count - 1 ? 6 : 0), false);
}
}
catch (Exception ex)
{
report.AddParagraph("Erro processando informação: " + ex.Message, 1, 0, false);
}
count++;
}
}
else
{
report.AddParagraph("Nenhuma inconsistência encontrada", 1, 0, false);
}
}
}
else
{
report.AddH1("Recurso " + drR["name"], false);
report.AddParagraph("Nenhum plugin vinculado a este recurso.");
}
//select distinct rp.* from resource r with(nolock) inner join resource_plugin rp with(nolock) on rp.resource_id = r.id where r.id = 1
}
}
body.AppendLine(" Inconsistências reportadas: " + erroCount);
//Salva e envia o relatório
report.SaveToFile(tmpFile.FullName);
files.Add(new FileInfo(tmpFile.FullName));
body.AppendLine("");
}
}
List <Attachment> atts = new List <Attachment>();
foreach (FileInfo f in files)
{
atts.Add(new Attachment(f.FullName));
}
try
{
sendEmail(db, dtS.Rows[0]["title"].ToString(), recipents, body.ToString(), false, atts);
}
catch (Exception ex)
{
db.AddUserLog(LogKey.Report, DateTime.Now, "Report", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Erro sending report", ex.Message);
}
//Exclui os arquivos temporários
foreach (FileInfo f in files)
{
try
{
f.Delete();
}
catch { }
}
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Boolean deleteallusers(IAMDatabase database, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("containerid"))
{
Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null);
return(false);
}
String role = parameters["containerid"].ToString();
if (String.IsNullOrWhiteSpace(role))
{
Error(ErrorType.InvalidRequest, "Parameter containerid is not defined.", "", null);
return(false);
}
Int64 containerid = 0;
try
{
containerid = Int64.Parse(role);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter containerid is not a long integer.", "", null);
return(false);
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@container_id", typeof(Int64)).Value = containerid;
DataTable dtUsers = database.ExecuteDataTable("select c.*, e.entity_id from entity_container e inner join container c on c.id = e.container_id inner join context c1 on c.context_id = c1.id where c1.enterprise_id = @enterprise_id and e.container_id = @container_id", CommandType.Text, par, null);
if (dtUsers == null)
{
Error(ErrorType.InternalError, "", "", null);
return(false);
}
if (dtUsers.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Container not found.", "", null);
return(false);
}
database.ExecuteNonQuery("delete from entity_container where container_id = @container_id", CommandType.Text, par);
foreach (DataRow dr in dtUsers.Rows)
{
if (dr["entity_id"] != DBNull.Value)
{
database.AddUserLog(LogKey.User_ContainerRoleUnbind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, (Int64)dr["entity_id"], 0, "Identity unbind to container " + dr["name"], "");
database.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + dr["entity_id"] + ")", CommandType.Text, null, null);
}
}
return(true);
}
static public void integrityTextReport(IAMDatabase db, DataTable dtS, List <MailAddress> recipents)
{
StringBuilder errors = new StringBuilder();
DataTable dtL = db.Select("select l.text from logs l where text like 'Integrity check error: Multiplus entities%' and l.date >= DATEADD(day,-1,getdate()) and l.enterprise_id = " + dtS.Rows[0]["enterprise_id"] + " group by l.text");
if (dtL == null)
{
return;
}
DataTable dtErrors = new DataTable();
dtErrors.Columns.Add("text", typeof(String));
Dictionary <String, String> title = new Dictionary <string, string>();
title.Add("text", "Texto");
List <String> duplicatedEntities = new List <String>();
foreach (DataRow dU in dtL.Rows)
{
try
{
DataRow newItem = dtErrors.NewRow();
newItem["text"] = dU["text"];
dtErrors.Rows.Add(newItem.ItemArray);
//Captura somente os IDs das entidades
Regex rex = new Regex(@"\((.*?)\)");
Match m = rex.Match(dU["text"].ToString());
if (m.Success)
{
String[] entities = m.Groups[1].Value.Replace(" ", "").Split(",".ToCharArray());
duplicatedEntities.AddRange(entities);
}
}
catch (Exception ex)
{
errors.AppendLine("Error processing registry: " + ex.Message);
}
}
Dictionary <String, String> title2 = new Dictionary <string, string>();
title2.Add("id", "Entity ID");
title2.Add("login", "Login");
title2.Add("full_name", "Nome Completo");
title2.Add("change_password", "Ultima troca de senha");
title2.Add("last_login", "Ultimo Login ");
DataTable dtUsr = new DataTable();
dtUsr.Columns.Add("id", typeof(Int64));
dtUsr.Columns.Add("login", typeof(String));
dtUsr.Columns.Add("full_name", typeof(String));
dtUsr.Columns.Add("change_password", typeof(DateTime));
dtUsr.Columns.Add("last_login", typeof(DateTime));
//select e.id, e.login, e.full_name, e.change_password, e.last_login from entity e where id in (10583, 13065) order by e.full_name
DataTable dtU = db.Select("select e.id, e.login, e.full_name, e.change_password, e.last_login from entity e where id in (" + String.Join(",", duplicatedEntities) + ") order by e.full_name");
if (errors.ToString() != "")
{
db.AddUserLog(LogKey.Report, null, "Report", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Report error", errors.ToString());
}
ReportBase rep1 = new ReportBase(dtErrors, title);
List <Attachment> atts = new List <Attachment>();
try
{
using (MemoryStream ms1 = new MemoryStream(Encoding.UTF8.GetBytes(rep1.GetTXT())))
{
atts.Add(new Attachment(ms1, "integrity-check.txt"));
if (dtU != null)
{
ReportBase rep2 = new ReportBase(dtU, title2);
using (MemoryStream ms2 = new MemoryStream(Encoding.UTF8.GetBytes(rep2.GetTXT())))
{
atts.Add(new Attachment(ms2, "integrity-users.txt"));
sendEmail(db, dtS.Rows[0]["title"].ToString(), recipents, dtL.Rows.Count + " erros de integridade", false, atts);
}
}
else
{
sendEmail(db, dtS.Rows[0]["title"].ToString(), recipents, dtL.Rows.Count + " erros de integridade", false, atts);
}
}
}
catch (Exception ex)
{
db.AddUserLog(LogKey.Report, DateTime.Now, "Report", UserLogLevel.Error, 0, 0, 0, 0, 0, 0, 0, "Erro sending report", ex.Message);
}
}
protected void Page_Load(object sender, EventArgs e)
{
WebJsonResponse ret = null;
try
{
Int64 enterpriseID = ((EnterpriseData)Page.Session["enterprise_data"]).Id;
Int64 entityId = 0;
String err = "";
String password = Tools.Tool.TrataInjection(Request["password"]);
String password2 = Request["password2"];
if ((password == null) || (password == ""))
{
ret = new WebJsonResponse("", MessageResource.GetMessage("type_password"), 3000, true);
}
else if ((password2 == null) || (password2 == ""))
{
ret = new WebJsonResponse("", MessageResource.GetMessage("type_password_confirm"), 3000, true);
}
else if (password != password2)
{
ret = new WebJsonResponse("", MessageResource.GetMessage("password_not_equal"), 3000, true);
}
else
{
Int64 enterpriseId = 0;
if ((Page.Session["enterprise_data"]) != null && (Page.Session["enterprise_data"] is EnterpriseData) && (((EnterpriseData)Page.Session["enterprise_data"]).Id != null))
{
enterpriseId = ((EnterpriseData)Page.Session["enterprise_data"]).Id;
}
String code = "";
if (Session["entityId"] != null)
{
entityId = (Int64)Session["entityId"];
}
if (Session["userCode"] != null)
{
code = Session["userCode"].ToString();
}
if ((entityId > 0) && (code != ""))
{
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
{
UserPasswordStrength usrCheck = new UserPasswordStrength(db.Connection, entityId);
UserPasswordStrengthResult check = usrCheck.CheckPassword(password);
if (check.HasError)
{
if (check.NameError)
{
ret = new WebJsonResponse("", MessageResource.GetMessage("password_name_part"), 3000, true);
}
else
{
String txt = "* " + MessageResource.GetMessage("number_char") + ": " + (!check.LengthError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("uppercase") + ": " + (!check.UpperCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("lowercase") + ": " + (!check.LowerCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("numbers") + ": " + (!check.DigitError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("symbols") + ": " + (!check.SymbolError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail"));
ret = new WebJsonResponse("", MessageResource.GetMessage("password_complexity") + ": <br />" + txt, 5000, true);
}
}
else
{
DataTable c = db.Select("select * from entity where deleted = 0 and id = " + entityId + " and recovery_code = '" + code + "'");
if ((c != null) && (c.Rows.Count > 0))
{
using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(db.Connection, enterpriseId))
using (CryptApi cApi = new CryptApi(sk.ServerCert, Encoding.UTF8.GetBytes(password)))
db.ExecuteNonQuery("update entity set password = '******', recovery_code = null, last_login = getdate(), change_password = getdate(), must_change_password = 0 where id = " + entityId, CommandType.Text, null);
db.AddUserLog(LogKey.User_PasswordChanged, null, "AutoService", UserLogLevel.Info, 0, enterpriseId, 0, 0, 0, entityId, 0, "Password changed through recovery code", "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} ");
//Cria o pacote com os dados atualizados deste usuário
//Este processo vija agiliar a aplicação das informações pelos plugins
db.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + entityId + ")", CommandType.Text, null);
String html = "";
html += "<div class=\"login_form\">";
html += "<ul>";
html += " <li class=\"title\">";
html += " <strong>" + MessageResource.GetMessage("password_changed_sucessfully") + "</strong>";
html += " </li>";
html += " <li>";
html += " <p style=\"width:100%;padding:0 0 5px 0;color:#000;\">" + MessageResource.GetMessage("password_changed_text") + "</p>";
html += " </li>";
html += " <li>";
html += " <span class=\"forgot\"> <a href=\"/\">" + MessageResource.GetMessage("return_default") + "</a></span>";
html += " </li>";
html += "</ul> ";
html += "</div>";
ret = new WebJsonResponse("#recover_container", html);
}
else
{
ret = new WebJsonResponse("", MessageResource.GetMessage("invalid_code"), 3000, true);
}
}
}
}
else
{
ret = new WebJsonResponse("", MessageResource.GetMessage("invalid_session"), 3000, true);
}
}
}
catch (Exception ex)
{
Tools.Tool.notifyException(ex);
throw ex;
}
if (ret != null)
{
ReturnHolder.Controls.Add(new LiteralControl(ret.ToJSON()));
}
}
protected void Page_Load(object sender, EventArgs e)
{
String html = "";
String error = "";
LoginData login = LoginUser.LogedUser(this);
if (login == null)
{
Response.Redirect(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath + "login2/", false);
}
else
{
html += "<form id=\"serviceLogin\" name=\"serviceLogin\" method=\"post\" action=\"" + Session["ApplicationVirtualPath"] + "login2/changepassword/\"><div class=\"login_form\">";
if (Request.HttpMethod == "POST")
{
try
{
String password = Tools.Tool.TrataInjection(Request["password"]);
String password2 = Request["password2"];
if ((password == null) || (password == ""))
{
error = MessageResource.GetMessage("type_password");
}
else if ((password2 == null) || (password2 == ""))
{
error = MessageResource.GetMessage("type_password_confirm");
}
else if (password != password2)
{
error = MessageResource.GetMessage("password_not_equal");
}
else
{
Int64 enterpriseId = 0;
if ((Page.Session["enterprise_data"]) != null && (Page.Session["enterprise_data"] is EnterpriseData) && (((EnterpriseData)Page.Session["enterprise_data"]).Id != null))
{
enterpriseId = ((EnterpriseData)Page.Session["enterprise_data"]).Id;
}
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
{
UserPasswordStrength usrCheck = new UserPasswordStrength(db.Connection, login.Id);
UserPasswordStrengthResult check = usrCheck.CheckPassword(password);
if (check.HasError)
{
if (check.NameError)
{
error = MessageResource.GetMessage("password_name_part");
}
else
{
String txt = "* " + MessageResource.GetMessage("number_char") + ": " + (!check.LengthError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("uppercase") + ": " + (!check.UpperCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("lowercase") + ": " + (!check.LowerCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("numbers") + ": " + (!check.DigitError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("symbols") + ": " + (!check.SymbolError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail"));
error = MessageResource.GetMessage("password_complexity") + ": <br />" + txt;
}
}
else
{
DataTable c = db.Select("select * from entity where deleted = 0 and id = " + login.Id);
if ((c != null) && (c.Rows.Count > 0))
{
//Verifica a senha atual
using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(db.Connection, enterpriseId))
using (CryptApi cApi = CryptApi.ParsePackage(sk.ServerPKCS12Cert, Convert.FromBase64String(c.Rows[0]["password"].ToString())))
{
using (SqlConnection conn1 = IAMDatabase.GetWebConnection())
using (EnterpriseKeyConfig sk1 = new EnterpriseKeyConfig(conn1, enterpriseId))
using (CryptApi cApi1 = new CryptApi(sk.ServerCert, Encoding.UTF8.GetBytes(password)))
{
DbParameterCollection pPar = new DbParameterCollection();
String b64 = Convert.ToBase64String(cApi1.ToBytes());
pPar.Add("@password", typeof(String), b64.Length).Value = b64;
db.ExecuteNonQuery("update entity set password = @password, change_password = getdate() , recovery_code = null, must_change_password = 0 where id = " + login.Id, CommandType.Text, pPar);
}
db.AddUserLog(LogKey.User_PasswordChanged, null, "AutoService", UserLogLevel.Info, 0, enterpriseId, 0, 0, 0, login.Id, 0, "Password changed through logged user", "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} ");
//Cria o pacote com os dados atualizados deste usuário
//Este processo visa agiliar a aplicação das informações pelos plugins
db.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + login.Id + ")", CommandType.Text, null);
//Mata a sessão
//Session.Abandon();
Response.Redirect(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath + "login2/passwordchanged/", false);
}
}
else
{
error = MessageResource.GetMessage("internal_error");
}
}
}
}
}
catch (Exception ex)
{
Tools.Tool.notifyException(ex);
error = MessageResource.GetMessage("internal_error") + ": " + ex.Message;
}
}
html += " <ul>";
html += " <li>";
html += " <p style=\"width:270px;padding:0 0 20px 0;color:#000;\">" + MessageResource.GetMessage("password_expired_text") + "</p>";
html += " </li>";
html += " <li>";
html += " <span class=\"inputWrap\">";
html += " <input type=\"password\" id=\"password\" tabindex=\"1\" name=\"password\" value=\"\" style=\"\" placeholder=\""+ MessageResource.GetMessage("new_password") + "\" onkeyup=\"cas.passwordStrength('#password');\" onfocus=\"$('#password').addClass('focus');\" onblur=\"$('#password').removeClass('focus');\" />";
html += " <span id=\"ph_passwordIcon\" onclick=\"$('#password').focus();\"></span>";
html += " </span>";
html += " </li>";
html += " <li>";
html += " <span class=\"inputWrap\">";
html += " <input type=\"password\" id=\"password2\" tabindex=\"1\" name=\"password2\" value=\"\" style=\"\" placeholder=\""+ MessageResource.GetMessage("new_password_confirm") + "\" onfocus=\"$('#password2').addClass('focus');\" onblur=\"$('#password2').removeClass('focus');\" />";
html += " <span id=\"ph_passwordIcon\" onclick=\"$('#password2').focus();\"></span>";
html += " </span>";
html += " </li>";
html += " <li>";
html += " <div id=\"passwordStrength\"><span>" + MessageResource.GetMessage("password_strength") + ": " + MessageResource.GetMessage("unknow") + "</span><div class=\"bar\"></div></div>";
html += " </li>";
if (error != "")
{
html += " <li><div class=\"error-box\">" + error + "</div>";
}
html += " <li>";
html += " <span class=\"forgot\"> <a href=\"" + Session["ApplicationVirtualPath"] + "logout/\">" + MessageResource.GetMessage("cancel") + "</a> </span>";
html += " <button tabindex=\"4\" id=\"submitBtn\" class=\"action button floatright\">" + MessageResource.GetMessage("change_password") + "</button>";
html += " </li>";
html += " </ul>";
html += "</div></form>";
holderContent.Controls.Add(new LiteralControl(html));
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!EnterpriseIdentify.Identify(Page, false, true)) //Se houver falha na identificação da empresa finaliza a resposta
{
Page.Response.Status = "403 Access denied";
Page.Response.StatusCode = 403;
Page.Response.End();
return;
}
else
{
String proxyName = "";
String version = "";
Int32 pid = 0;
try
{
proxyName = Request.Headers["X-SAFEID-PROXY"];
}
catch { }
try
{
version = Request.Headers["X-SAFEID-VERSION"];
}
catch { }
try
{
pid = Int32.Parse(Request.Headers["X-SAFEID-PID"]);
}
catch { }
if (String.IsNullOrEmpty(proxyName))
{
Page.Response.Status = "403 Access denied";
Page.Response.StatusCode = 403;
Page.Response.End();
return;
}
Int32 files = 0;
Int32 rConfig = 0;
Int32 fetch = 0;
Boolean restart = false;
try
{
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
using (ServerDBConfig c = new ServerDBConfig(db.Connection))
{
ProxyConfig config = new ProxyConfig();
config.GetDBConfig(db.Connection, ((EnterpriseData)Page.Session["enterprise_data"]).Id, proxyName);
if (config.fqdn != null) //Encontrou o proxy
{
DirectoryInfo outDir = null;
outDir = new DirectoryInfo(Path.Combine(c.GetItem("outboundFiles"), config.proxyID + "_" + config.proxy_name));
if (!outDir.Exists)
{
outDir.Create();
}
files = outDir.GetDirectories().Length;
if (config.forceDownloadConfig)
{
rConfig++;
}
//Verifica fetch
try
{
fetch = db.ExecuteScalar <Int32>("select COUNT(*) from resource_plugin_fetch f with(nolock) inner join resource_plugin rp with(nolock) on rp.id = f.resource_plugin_id inner join resource r with(nolock) on r.id = rp.resource_id where f.response_date is null and proxy_id = " + config.proxyID, System.Data.CommandType.Text, null);
}
catch { }
try
{
restart = db.ExecuteScalar <Boolean>("select restart from proxy where id = " + config.proxyID, System.Data.CommandType.Text, null);
}
catch { }
try
{
db.ExecuteNonQuery("update proxy set restart = 0 where id = " + config.proxyID, System.Data.CommandType.Text, null);
}
catch {
restart = false;
}
db.ExecuteNonQuery("update proxy set last_sync = getdate(), pid = " + pid + ", address = '" + Tools.Tool.GetIPAddress() + "', config = 0, version = '" + version + "' where id = " + config.proxyID, System.Data.CommandType.Text, null);
}
else
{
db.AddUserLog(LogKey.API_Error, DateTime.Now, "ProxyAPI", UserLogLevel.Warning, 0, ((EnterpriseData)Page.Session["enterprise_data"]).Id, 0, 0, 0, 0, 0, "Proxy not found " + proxyName);
Page.Response.Status = "403 Access denied";
Page.Response.StatusCode = 403;
return;
}
}
}
catch (Exception ex)
{
Tools.Tool.notifyException(ex, this);
//throw ex;
}
Page.Response.HeaderEncoding = Encoding.UTF8;
ReturnHolder.Controls.Add(new LiteralControl("{\"config\":" + rConfig + ",\"files\":" + files + ",\"fetch\":" + fetch + ",\"restart\":" + (restart ? "1" : "0") + "}"));
}
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Dictionary <String, Object> change(IAMDatabase database, Dictionary <String, Object> parameters)
{
Dictionary <String, Object> result = new Dictionary <String, Object>();
if (!parameters.ContainsKey("fieldid"))
{
Error(ErrorType.InvalidRequest, "Parameter fieldid is not defined.", "", null);
return(null);
}
String field = parameters["fieldid"].ToString();
if (String.IsNullOrWhiteSpace(field))
{
Error(ErrorType.InvalidRequest, "Parameter fieldid is not defined.", "", null);
return(null);
}
Int64 fieldid = 0;
try
{
fieldid = Int64.Parse(field);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter fieldid is not a long integer.", "", null);
return(null);
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@field_id", typeof(Int64)).Value = fieldid;
DataTable dtField = database.ExecuteDataTable("select * from field with(nolock) where enterprise_id = @enterprise_id and id = @field_id", CommandType.Text, par, null);
if (dtField == null)
{
Error(ErrorType.InternalError, "", "", null);
return(null);
}
if (dtField.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Field not found.", "", null);
return(null);
}
List <String> log = new List <String>();
String updateSQL = "";
Boolean update = false;
foreach (String key in parameters.Keys)
{
switch (key)
{
case "name":
String name = parameters["name"].ToString();
if ((!String.IsNullOrWhiteSpace(name)) && (name != (String)dtField.Rows[0]["name"]))
{
DbParameterCollection par2 = new DbParameterCollection();
par2.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par2.Add("@field_name", typeof(String)).Value = name;
DataTable dtF1 = database.ExecuteDataTable("select * from field with(nolock) where enterprise_id = @enterprise_id and name = @field_name", CommandType.Text, par2, null);
if ((dtF1 != null) && (dtF1.Rows.Count > 0))
{
Error(ErrorType.InvalidRequest, "Field with the same name already exists.", "", null);
return(null);
}
par.Add("@name", typeof(String)).Value = name;
if (updateSQL != "")
{
updateSQL += ", ";
}
updateSQL += " name = @name";
update = true;
log.Add("Name changed from '" + dtField.Rows[0]["name"] + "' to '" + name + "'");
}
break;
case "data_type":
String data_type = parameters["data_type"].ToString();
if ((!String.IsNullOrWhiteSpace(data_type)) && (data_type != (String)dtField.Rows[0]["data_type"]))
{
switch (data_type.ToLower())
{
case "string":
case "datetime":
case "numeric":
break;
default:
Error(ErrorType.InvalidRequest, "Data type is not recognized.", "", null);
return(null);
break;
}
par.Add("@data_type", typeof(String)).Value = data_type;
if (updateSQL != "")
{
updateSQL += ", ";
}
updateSQL += " data_type = @data_type";
update = true;
log.Add("Data type changed from '" + dtField.Rows[0]["data_type"] + "' to '" + data_type + "'");
}
break;
case "public_field":
Boolean public_field = true;
try
{
public_field = Boolean.Parse(parameters["public_field"].ToString());
}
catch (Exception ex)
{
Error(ErrorType.InvalidRequest, "Parameter public_field is not a boolean.", "", null);
return(null);
}
if (public_field != (Boolean)dtField.Rows[0]["public"])
{
par.Add("@public_field", typeof(Boolean)).Value = public_field;
if (updateSQL != "")
{
updateSQL += ", ";
}
updateSQL += " [public] = @public_field";
update = true;
log.Add("Changed to a " + (public_field ? "" : "non ") + "field");
}
break;
case "user_field":
Boolean user_field = true;
try
{
user_field = Boolean.Parse(parameters["user_field"].ToString());
}
catch (Exception ex)
{
Error(ErrorType.InvalidRequest, "Parameter user_field is not a boolean.", "", null);
return(null);
}
if (user_field != (Boolean)dtField.Rows[0]["user"])
{
par.Add("@user_field", typeof(Boolean)).Value = user_field;
if (updateSQL != "")
{
updateSQL += ", ";
}
updateSQL += " [user] = @user_field";
update = true;
log.Add("Changed to " + (user_field ? "an" : "a non ") + "user editable field");
}
break;
}
}
if (update)
{
updateSQL = "update field set " + updateSQL + " where id = @field_id";
database.ExecuteNonQuery(updateSQL, CommandType.Text, par);
database.AddUserLog(LogKey.Field_Changed, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, 0, 0, "Field changed", String.Join("\r\n", log));
}
//Atualiza a busca com os dados atualizados
dtField = database.ExecuteDataTable("select * from field with(nolock) where enterprise_id = @enterprise_id and id = @field_id", CommandType.Text, par, null);
DataRow dr1 = dtField.Rows[0];
Dictionary <string, object> newItem = new Dictionary <string, object>();
newItem.Add("enterprise_id", dr1["enterprise_id"]);
newItem.Add("field_id", dr1["id"]);
newItem.Add("data_type", dr1["data_type"]);
newItem.Add("name", dr1["name"]);
newItem.Add("public_field", dr1["public"]);
newItem.Add("user_field", dr1["user"]);
result.Add("info", newItem);
return(result);
}
/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Boolean deleteuser(IAMDatabase database, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("roleid"))
{
Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null);
return(false);
}
String role = parameters["roleid"].ToString();
if (String.IsNullOrWhiteSpace(role))
{
Error(ErrorType.InvalidRequest, "Parameter roleid is not defined.", "", null);
return(false);
}
Int64 roleid = 0;
try
{
roleid = Int64.Parse(role);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter roleid is not a long integer.", "", null);
return(false);
}
String user = parameters["userid"].ToString();
if (String.IsNullOrWhiteSpace(user))
{
Error(ErrorType.InvalidRequest, "Parameter userid is not defined.", "", null);
return(false);
}
Int64 userid = 0;
try
{
userid = Int64.Parse(user);
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter userid is not a long integer.", "", null);
return(false);
}
DbParameterCollection par = new DbParameterCollection();
par.Add("@enterprise_id", typeof(Int64)).Value = this._enterpriseId;
par.Add("@role_id", typeof(Int64)).Value = roleid;
par.Add("@entity_id", typeof(Int64)).Value = userid;
DataTable dtUsers = database.ExecuteDataTable("select c.enterprise_id, r.name as role_name, ir.*, i.entity_id from role r inner join context c with(nolock) on c.id = r.context_id left join identity_role ir on r.id = ir.role_id left join [identity] i with(nolock) on ir.identity_id = i.id and i.entity_id = @entity_id where c.enterprise_id = @enterprise_id and r.id = @role_id", CommandType.Text, par, null);
if (dtUsers == null)
{
Error(ErrorType.InternalError, "", "", null);
return(false);
}
if (dtUsers.Rows.Count == 0)
{
Error(ErrorType.InvalidRequest, "Role not found.", "", null);
return(false);
}
foreach (DataRow dr in dtUsers.Rows)
{
if ((dr["identity_id"] != DBNull.Value) && (dr["entity_id"] != DBNull.Value))
{
database.AddUserLog(LogKey.User_IdentityRoleUnbind, null, "API", UserLogLevel.Info, 0, this._enterpriseId, 0, 0, 0, (Int64)dr["entity_id"], (Int64)dr["identity_id"], "Identity unbind to role " + dr["role_name"], "");
database.ExecuteNonQuery("delete from identity_role where role_id = @role_id and identity_id = " + dr["identity_id"], CommandType.Text, par);
database.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + dr["entity_id"] + ")", CommandType.Text, null, null);
}
}
return(true);
}
