Exemplo n.º 1
0
        /// <summary>
        /// Remove Authorization Delegate
        /// </summary>
        private void RemoveDelegate()
        {
            // USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Users

            //Sql Storage connection string
            string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
            //Create an instance of SqlAzManStorage class
            IAzManStorage     storage = new SqlAzManStorage(sqlConnectionString);
            IAzManStore       mystore = storage.GetStore("My Store"); //or storage["My Store"]
            IAzManApplication myapp   = mystore.GetApplication("My Application");
            IAzManItem        myop    = myapp.GetItem("My Operation");
            //Retrieve current user identity (delegating user)
            WindowsIdentity userIdentity = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()); //for Windows Applications
            //WindowsIdentity userIdentity = this.Request.LogonUserIdentity; //for ASP.NET Applications
            //Retrieve delegate user Login
            NTAccount delegateUserLogin = new NTAccount("DOMAIN", "delegateuseraccount");
            //Retrieve delegate user SID
            SecurityIdentifier delegateSID            = (SecurityIdentifier)delegateUserLogin.Translate(typeof(SecurityIdentifier));
            IAzManSid          delegateNetSqlAzManSID = new SqlAzManSID(delegateSID);
            //Estabilish delegate authorization (only Allow or Deny)
            RestrictedAuthorizationType delegateAuthorization = RestrictedAuthorizationType.Allow;

            //Remove delegate and all custom attributes
            myop.DeleteDelegateAuthorization(userIdentity, delegateNetSqlAzManSID, delegateAuthorization);
        }
Exemplo n.º 2
0
        public bool AddRole(string user, string application, string role)
        {
            const string store = "CATS";

            string            connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString;
            IAzManStorage     storage          = new SqlAzManStorage(connectionString);
            IAzManStore       mystore          = storage.GetStore(store); //or storage["My Store"]
            IAzManApplication myapp            = mystore.GetApplication(application);

            //mystore.GetApplications();
            IAzManItem azManRole = myapp.GetItem(role);

            IAzManAuthorization dele = azManRole.CreateAuthorization(
                mystore.GetDBUser("Admin").CustomSid,
                WhereDefined.Database,
                mystore.GetDBUser(user).CustomSid,
                WhereDefined.Database,
                AuthorizationType.AllowWithDelegation,
                null,
                null
                );

            //IAzManAuthorization del = azManRole.CreateDelegateAuthorization(mystore.GetDBUser("Admin"),mystore.GetDBUser(user).CustomSid,RestrictedAuthorizationType.Allow, null,null);

            return(true);
        }
Exemplo n.º 3
0
        private void SaveRecord()
        {
            _Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
            foreach (ListViewItem item in lvwItemList.Items)
            {
                #region update checked items only, not selected
                if (item.Checked)
                {
                    _SelectedItems.Add(item);

                    #region 立即 save
                    try
                    {
                        IAzManItem member = _Application.GetItem(item.SubItems[0].Text);

                        _AuthItem.AddMember(member);
                    }
                    catch (Exception ex)
                    {
                        //throw (ex);
                        MessageBox.Show(ex.Message, "Error Found", MessageBoxButtons.OK, MessageBoxIcon.Error, new EventHandler(ErrorPrompt));
                        //MessageBox.Show(ex.Message, "Error Found");
                    }
                    #endregion
                }
                #endregion
            }
            _Storage.CommitTransaction();
            MessageBox.Show("Error Found");
        }
Exemplo n.º 4
0
        private void SetHirearchy(IAzScope azScope, IAzApplication azApplication, string taskName, IAzManApplication application)
        {
            IAzTask azTask = null;

            if (azScope == null)
            {
                azTask = azApplication.OpenTask(taskName, null);
            }
            else
            {
                azTask = azScope.OpenTask(taskName, null);
            }

            if (azTask != null)
            {
                IAzManItem item = application.GetItem(taskName);
                //SubTasks
                object[] azSubTasks = azTask.Tasks as object[];
                if (azSubTasks != null)
                {
                    foreach (string azSubTask in azSubTasks)
                    {
                        IAzManItem subItem = application.GetItem(azSubTask);
                        var        members = item.GetMembers();
                        if (members == null || members.Where(t => t.ItemId == subItem.ItemId).Count() == 0)
                        {
                            item.AddMember(subItem);
                        }
                        this.SetHirearchy(azScope, azApplication, azSubTask, application);
                    }
                }
                //SubOperations
                object[] azSubOperations = azTask.Operations as object[];
                if (azSubOperations != null)
                {
                    foreach (string azSubOperation in azSubOperations)
                    {
                        IAzManItem subItem = application.GetItem(azSubOperation);
                        var        members = item.GetMembers();
                        if (members == null || members.Where(t => t.ItemId == subItem.ItemId).Count() == 0)
                        {
                            item.AddMember(subItem);
                        }
                    }
                }
            }
        }
        /// <summary>
        /// Adds the specified user names to the specified roles for the configured applicationName.
        /// </summary>
        /// <param name="usernames">A string array of user names to be added to the specified roles.</param>
        /// <param name="roleNames">A string array of the role names to add the specified user names to.</param>
        public override void AddUsersToRoles(string[] usernames, string[] roleNames)
        {
            using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString))
            {
                try
                {
                    storage.OpenConnection();
                    storage.BeginTransaction();
                    IAzManApplication application = storage[this.storeName][this.applicationName];
                    foreach (string roleName in roleNames)
                    {
                        IAzManItem role = application.GetItem(roleName);
                        if (role.ItemType != ItemType.Role)
                        {
                            throw new ArgumentException(String.Format("{0} must be a Role.", roleName));
                        }

                        foreach (string username in usernames)
                        {
                            IAzManSid    owner        = new SqlAzManSID(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User);
                            WhereDefined whereDefined = WhereDefined.LDAP;
                            if (this.userLookupType == "LDAP")
                            {
                                string    fqun      = this.getFQUN(username);
                                NTAccount ntaccount = new NTAccount(fqun);
                                if (ntaccount == null)
                                {
                                    throw SqlAzManException.UserNotFoundException(username, null);
                                }
                                IAzManSid sid = new SqlAzManSID(((SecurityIdentifier)(ntaccount.Translate(typeof(SecurityIdentifier)))));
                                if (sid == null)
                                {
                                    throw SqlAzManException.UserNotFoundException(username, null);
                                }
                                role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.LDAP, AuthorizationType.Allow, null, null);
                            }
                            else
                            {
                                var       dbuser = application.GetDBUser(username);
                                IAzManSid sid    = dbuser.CustomSid;
                                role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.Database, AuthorizationType.Allow, null, null);
                            }
                        }
                    }
                    storage.CommitTransaction();
                    //Rebuild StorageCache
                    this.InvalidateCache(false);
                }
                catch
                {
                    storage.RollBackTransaction();
                    throw;
                }
                finally
                {
                    storage.CloseConnection();
                }
            }
        }
Exemplo n.º 6
0
        private void SetHirearchy(IAzScope azScope, IAzApplication azApplication, string taskName, IAzManApplication application)
        {
            IAzTask azTask = null;

            if (azScope == null)
            {
                azTask = azApplication.OpenTask(taskName, null);
            }
            else
            {
                azTask = azScope.OpenTask(taskName, null);
            }

            IAzManItem item = application.GetItem(taskName);

            if (azTask != null)
            {
                //SubTasks
                object[] azSubTasks = azTask.Tasks as object[];
                if (azSubTasks != null)
                {
                    foreach (string azSubTask in azSubTasks)
                    {
                        IAzManItem subItem = application.GetItem(azSubTask);
                        item.AddMember(subItem);
                        //this.SetHirearchy(azScope, azApplication, azSubTask, application);
                    }
                }
                //SubOperations
                object[] azSubOperations = azTask.Operations as object[];
                if (azSubOperations != null)
                {
                    foreach (string azSubOperation in azSubOperations)
                    {
                        IAzManItem subItem = application.GetItem(azSubOperation);
                        item.AddMember(subItem);
                    }
                }
            }
        }
Exemplo n.º 7
0
        private void EditRecord()
        {
            if (listView.SelectedItem != null)
            {
                var item = listView.SelectedItem;

                // 由 IAzManApplication 改為 IAzManItem
                Session["selectedObject"] = _Application.GetItem(item.Text.Trim());

                var editTask = new Forms.Definition.TaskEdit();
                editTask.FormClosed += Task_FormClosed;
                editTask.ShowDialog();
            }
        }
Exemplo n.º 8
0
        private void Common_DeleteRecord(ListView listview)
        {
            if (listview.SelectedItem != null)
            {
                var item = listview.SelectedItem;

                try
                {
                    _Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);

                    IAzManItem member = _Application.GetItem(item.SubItems[0].Text);
                    _Task.RemoveMember(member);

                    _Storage.CommitTransaction();
                }
                catch { }
            }
        }
 /// <summary>
 /// Removes the specified user names from the specified roles for the configured applicationName.
 /// </summary>
 /// <param name="usernames">A string array of user names to be removed from the specified roles.</param>
 /// <param name="roleNames">A string array of role names to remove the specified user names from.</param>
 public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
 {
     using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString))
     {
         try
         {
             storage.OpenConnection();
             storage.BeginTransaction();
             IAzManApplication application = storage[this.storeName][this.applicationName];
             foreach (string roleName in roleNames)
             {
                 IAzManItem role = application.GetItem(roleName);
                 if (role.ItemType != ItemType.Role)
                 {
                     throw new ArgumentException(String.Format("{0} must be a Role.", roleName));
                 }
                 foreach (IAzManAuthorization auth in role.GetAuthorizations())
                 {
                     string displayName;
                     auth.GetMemberInfo(out displayName);
                     foreach (string username in usernames)
                     {
                         if (String.Compare(this.getFQUN(username), displayName, true) == 0)
                         {
                             auth.Delete();
                         }
                     }
                 }
             }
             storage.CommitTransaction();
             //Rebuild StorageCache
             this.InvalidateCache(false);
         }
         catch
         {
             storage.RollBackTransaction();
             throw;
         }
         finally
         {
             storage.CloseConnection();
         }
     }
 }
Exemplo n.º 10
0
        /// <summary>
        /// Navigate through NetSqlAzMan DOM (Document Object Model)
        /// </summary>
        private void NetSqlAzMan_DOM_Sample()
        {
            // USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Readers

            //Sql Storage connection string
            string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password";
            //Create an instance of SqlAzManStorage class
            IAzManStorage     storage = new SqlAzManStorage(sqlConnectionString);
            IAzManStore       mystore = storage.GetStore("My Store"); //or storage["My Store"]
            IAzManApplication myapp   = mystore.GetApplication("My Application");
            IAzManItem        myop    = myapp.GetItem("My Operation");

            IAzManAuthorization[] auths = myop.GetAuthorizations();
            foreach (IAzManAuthorization auth in auths)
            {
                IAzManAttribute <IAzManAuthorization>[] attrs = auth.GetAttributes();
                foreach (IAzManAttribute <IAzManAuthorization> attr in attrs)
                {
                    string attrKey   = attr.Key;
                    string attrValue = attr.Value;
                    //do something
                }
            }
        }
Exemplo n.º 11
0
        private void ImportFromAzMan(string azManStorePath, string netSqlAzManStoreName)
        {
            Microsoft.Interop.Security.AzRoles.AzAuthorizationStore azstore = null;
            string tempFileName = Path.Combine(Environment.GetEnvironmentVariable("temp", EnvironmentVariableTarget.Machine), String.Format("AzMan{0}.xml", Guid.NewGuid()));

            try
            {
                this.storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted);
                string      storeDescription = String.Format("Store imported from AzMan Store:" + " ({0}) - {1}", azManStorePath, DateTime.Now.ToString());
                IAzManStore store            = this.storage.CreateStore(netSqlAzManStoreName, storeDescription);
                azstore = new AzAuthorizationStoreClass();
                if (this.rbtStoreFile.Checked)
                {
                    this.FileUpload1.SaveAs(tempFileName);
                    azManStorePath = String.Format("msxml://{0}", tempFileName);
                }
                azstore.Initialize(2, azManStorePath, null);
                #region Store Groups
                //Store Groups
                foreach (IAzApplicationGroup azStoreGroup in azstore.ApplicationGroups)
                {
                    //Store Groups Definition
                    if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
                    {
                        //Basic
                        store.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), azStoreGroup.Name, azStoreGroup.Description, String.Empty, GroupType.Basic);
                    }
                    else if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_LDAP_QUERY)
                    {
                        //LDap
                        store.CreateStoreGroup(SqlAzManSID.NewSqlAzManSid(), azStoreGroup.Name, azStoreGroup.Description, azStoreGroup.LdapQuery, GroupType.LDapQuery);
                    }
                }
                //Store Groups Members
                foreach (IAzApplicationGroup azStoreGroup in azstore.ApplicationGroups)
                {
                    if (azStoreGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
                    {
                        //Basic
                        IAzManStoreGroup storeGroup = store.GetStoreGroup(azStoreGroup.Name);
                        //Store Group Members - Members Store Group
                        object[] azStoreGroupMembers = azStoreGroup.AppMembers as object[];
                        if (azStoreGroupMembers != null)
                        {
                            foreach (string azStoreGroupMember in azStoreGroupMembers)
                            {
                                IAzManStoreGroup member = store.GetStoreGroup(azStoreGroupMember);
                                storeGroup.CreateStoreGroupMember(member.SID, WhereDefined.Store, true);
                            }
                        }
                        //Store Group Non-Members - Non-Members Store Group
                        object[] azStoreGroupNonMembers = azStoreGroup.AppNonMembers as object[];
                        if (azStoreGroupNonMembers != null)
                        {
                            foreach (string azStoreGroupNonMember in azStoreGroupNonMembers)
                            {
                                IAzManStoreGroup nonMember = store.GetStoreGroup(azStoreGroupNonMember);
                                storeGroup.CreateStoreGroupMember(nonMember.SID, WhereDefined.Store, false);
                            }
                        }
                        //Store Group Members - Windows NT Account
                        object[] azStoreGroupWindowsMembers = azStoreGroup.Members as object[];
                        if (azStoreGroupWindowsMembers != null)
                        {
                            foreach (string azStoreWindowsMember in azStoreGroupWindowsMembers)
                            {
                                IAzManSid sid = new SqlAzManSID(azStoreWindowsMember);

                                string memberName;
                                bool   isLocal;
                                DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
                                storeGroup.CreateStoreGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, true);
                            }
                        }
                        //Store Group NonMembers - Windows NT Account
                        object[] azStoreGroupWindowsNonMembers = azStoreGroup.NonMembers as object[];
                        if (azStoreGroupWindowsNonMembers != null)
                        {
                            foreach (string azStoreWindowsNonMember in azStoreGroupWindowsNonMembers)
                            {
                                IAzManSid sid = new SqlAzManSID(azStoreWindowsNonMember);
                                string    memberName;
                                bool      isLocal;
                                DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
                                storeGroup.CreateStoreGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, false);
                            }
                        }
                    }
                }
                #endregion Store Groups
                #region Applications
                //Applications
                foreach (IAzApplication azApplication in azstore.Applications)
                {
                    IAzManApplication application = store.CreateApplication(azApplication.Name, azApplication.Description);
                    #region Application Groups
                    //Store Groups
                    foreach (IAzApplicationGroup azApplicationGroup in azApplication.ApplicationGroups)
                    {
                        //Application Groups Definition
                        if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
                        {
                            //Basic
                            application.CreateApplicationGroup(SqlAzManSID.NewSqlAzManSid(), azApplicationGroup.Name, azApplicationGroup.Description, String.Empty, GroupType.Basic);
                        }
                        else if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_LDAP_QUERY)
                        {
                            //LDap
                            application.CreateApplicationGroup(SqlAzManSID.NewSqlAzManSid(), azApplicationGroup.Name, azApplicationGroup.Description, azApplicationGroup.LdapQuery, GroupType.LDapQuery);
                        }
                    }
                    //Application Groups Members
                    foreach (IAzApplicationGroup azApplicationGroup in azApplication.ApplicationGroups)
                    {
                        if (azApplicationGroup.Type == (int)tagAZ_PROP_CONSTANTS.AZ_GROUPTYPE_BASIC)
                        {
                            //Basic
                            IAzManApplicationGroup applicationGroup = application.GetApplicationGroup(azApplicationGroup.Name);
                            //Application Group Members - Members Group
                            object[] azStoreGroupMembers = azApplicationGroup.AppMembers as object[];
                            if (azStoreGroupMembers != null)
                            {
                                foreach (string azGroupMember in azStoreGroupMembers)
                                {
                                    IAzManStoreGroup storemember;
                                    try
                                    {
                                        storemember = store.GetStoreGroup(azGroupMember);
                                    }
                                    catch (SqlAzManException)
                                    {
                                        storemember = null;
                                    }
                                    IAzManApplicationGroup appmember;
                                    try
                                    {
                                        appmember = application.GetApplicationGroup(azGroupMember);
                                    }
                                    catch (SqlAzManException)
                                    {
                                        appmember = null;
                                    }
                                    if (storemember != null)
                                    {
                                        applicationGroup.CreateApplicationGroupMember(storemember.SID, WhereDefined.Store, true);
                                    }
                                    else
                                    {
                                        applicationGroup.CreateApplicationGroupMember(appmember.SID, WhereDefined.Application, true);
                                    }
                                }
                            }
                            //Application Group Non-Members - Non-Members Group
                            object[] azStoreGroupNonMembers = azApplicationGroup.AppNonMembers as object[];
                            if (azStoreGroupNonMembers != null)
                            {
                                foreach (string azGroupNonMember in azStoreGroupNonMembers)
                                {
                                    IAzManStoreGroup storenonMember;
                                    try
                                    {
                                        storenonMember = store.GetStoreGroup(azGroupNonMember);
                                    }
                                    catch (SqlAzManException)
                                    {
                                        storenonMember = null;
                                    }
                                    IAzManApplicationGroup appnonMember;
                                    try
                                    {
                                        appnonMember = application.GetApplicationGroup(azGroupNonMember);
                                    }
                                    catch (SqlAzManException)
                                    {
                                        appnonMember = null;
                                    }
                                    if (storenonMember != null)
                                    {
                                        applicationGroup.CreateApplicationGroupMember(storenonMember.SID, WhereDefined.Store, false);
                                    }
                                    else
                                    {
                                        applicationGroup.CreateApplicationGroupMember(appnonMember.SID, WhereDefined.Application, false);
                                    }
                                }
                            }
                            //Application Group Members - Windows NT Account
                            object[] azApplicationGroupWindowsMembers = azApplicationGroup.Members as object[];
                            if (azApplicationGroupWindowsMembers != null)
                            {
                                foreach (string azApplicationWindowsMember in azApplicationGroupWindowsMembers)
                                {
                                    IAzManSid sid = new SqlAzManSID(azApplicationWindowsMember);
                                    string    memberName;
                                    bool      isLocal;
                                    DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
                                    applicationGroup.CreateApplicationGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, true);
                                }
                            }
                            //Application Group NonMembers - Windows NT Account
                            object[] azApplicationGroupWindowsNonMembers = azApplicationGroup.NonMembers as object[];
                            if (azApplicationGroupWindowsNonMembers != null)
                            {
                                foreach (string azApplicationWindowsNonMember in azApplicationGroupWindowsNonMembers)
                                {
                                    IAzManSid sid = new SqlAzManSID(azApplicationWindowsNonMember);
                                    string    memberName;
                                    bool      isLocal;
                                    DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
                                    applicationGroup.CreateApplicationGroupMember(sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, false);
                                }
                            }
                        }
                    }
                    #endregion Application Groups
                    //Without Scopes
                    IAzTasks tasks = azApplication.Tasks as IAzTasks;
                    if (tasks != null)
                    {
                        foreach (IAzTask azTask in tasks)
                        {
                            if (azTask.IsRoleDefinition == 1)
                            {
                                IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Role);
                            }
                            else
                            {
                                IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Task);
                            }
                        }
                    }
                    IAzOperations operations = azApplication.Operations as IAzOperations;
                    if (operations != null)
                    {
                        foreach (IAzOperation azOperation in operations)
                        {
                            application.CreateItem(azOperation.Name, azOperation.Description, ItemType.Operation);
                        }
                    }
                    //Build Item Hierarchy
                    if (tasks != null)
                    {
                        foreach (IAzTask azTask in tasks)
                        {
                            this.SetHirearchy(null, azApplication, azTask.Name, application);
                        }
                    }
                    //Scopes
                    foreach (IAzScope azScope in azApplication.Scopes)
                    {
                        azApplication.OpenScope(azScope.Name, null);
                        IAzTasks tasksOfScope = azScope.Tasks as IAzTasks;
                        if (tasksOfScope != null)
                        {
                            foreach (IAzTask azTask in tasksOfScope)
                            {
                                if (azTask.IsRoleDefinition == 1)
                                {
                                    IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Role);
                                }
                                else
                                {
                                    IAzManItem item = application.CreateItem(azTask.Name, azTask.Description, ItemType.Task);
                                }
                            }
                        }
                        //Build Item Hierarchy
                        if (tasksOfScope != null)
                        {
                            foreach (IAzTask azTask in tasksOfScope)
                            {
                                this.SetHirearchy(azScope, azApplication, azTask.Name, application);
                            }
                        }
                    }
                    //Authorizations on Roles without Scopes
                    AuthorizationType defaultAuthorization = AuthorizationType.AllowWithDelegation;
                    IAzRoles          azRoles = azApplication.Roles;
                    foreach (IAzRole azRole in azRoles)
                    {
                        IAzManItem item;
                        try
                        {
                            item = application.GetItem(azRole.Name);
                        }
                        catch (SqlAzManException)
                        {
                            item = null;
                        }
                        if (item == null)
                        {
                            item = application.CreateItem(azRole.Name, azRole.Description, ItemType.Role);
                        }
                        //Store & Application Groups Authorizations
                        foreach (string member in (object[])azRole.AppMembers)
                        {
                            IAzManStoreGroup storeGroup;
                            try
                            {
                                storeGroup = application.Store.GetStoreGroup(member);
                            }
                            catch (SqlAzManException)
                            {
                                storeGroup = null;
                            }
                            IAzManApplicationGroup applicationGroup;
                            try
                            {
                                applicationGroup = application.GetApplicationGroup(member);
                            }
                            catch (SqlAzManException)
                            {
                                applicationGroup = null;
                            }
                            if (storeGroup != null)
                            {
                                item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, storeGroup.SID, WhereDefined.Store, defaultAuthorization, null, null);
                            }
                            else if (applicationGroup != null)
                            {
                                item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, applicationGroup.SID, WhereDefined.Application, defaultAuthorization, null, null);
                            }
                        }
                        //Windows Users & Groups Authorizations
                        foreach (string sSid in (object[])azRole.Members)
                        {
                            IAzManSid sid = new SqlAzManSID(sSid);
                            string    memberName;
                            bool      isLocal;
                            DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
                            item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, defaultAuthorization, null, null);
                        }
                    }
                    //Authorizations on Roles with Scopes
                    foreach (IAzScope azScope in azApplication.Scopes)
                    {
                        IAzRoles azRolesWithScopes = azScope.Roles;
                        foreach (IAzRole azRole in azRolesWithScopes)
                        {
                            IAzManItem item;
                            try
                            {
                                item = application.GetItem(azRole.Name);
                            }
                            catch (SqlAzManException)
                            {
                                item = null;
                            }
                            if (item == null)
                            {
                                item = application.CreateItem(azRole.Name, azRole.Description, ItemType.Role);
                            }
                            //Store & Application Groups Authorizations
                            foreach (string member in (object[])azRole.AppMembers)
                            {
                                IAzManStoreGroup storeGroup;
                                try
                                {
                                    storeGroup = application.Store.GetStoreGroup(member);
                                }
                                catch (SqlAzManException)
                                {
                                    storeGroup = null;
                                }
                                IAzManApplicationGroup applicationGroup;
                                try
                                {
                                    applicationGroup = application.GetApplicationGroup(member);
                                }
                                catch (SqlAzManException)
                                {
                                    applicationGroup = null;
                                }
                                if (storeGroup != null)
                                {
                                    item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, storeGroup.SID, WhereDefined.Store, defaultAuthorization, null, null);
                                }
                                else if (applicationGroup != null)
                                {
                                    item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, applicationGroup.SID, WhereDefined.Application, defaultAuthorization, null, null);
                                }
                            }
                            //Windows Users & Groups Authorizations
                            foreach (string sSid in (object[])azRole.Members)
                            {
                                IAzManSid sid = new SqlAzManSID(sSid);
                                string    memberName;
                                bool      isLocal;
                                DirectoryServicesWebUtils.GetMemberInfo(sid.StringValue, out memberName, out isLocal);
                                item.CreateAuthorization(this.currentOwnerSid, this.currentOwnerSidWhereDefined, sid, isLocal ? WhereDefined.Local : WhereDefined.LDAP, defaultAuthorization, null, null);
                            }
                        }
                    }
                    //try
                    //{
                    //    azstore.CloseApplication(azApplication.Name, 0);
                    //}
                    //catch
                    //{
                    //    //PorkAround: COM Is a mistery
                    //}
                }
                #endregion Applications
                if (storage.TransactionInProgress)
                {
                    storage.CommitTransaction();
                }
            }
            catch
            {
                if (storage.TransactionInProgress)
                {
                    storage.RollBackTransaction();
                }
                throw;
            }
            finally
            {
                if (azstore != null)
                {
                    System.Runtime.InteropServices.Marshal.ReleaseComObject(azstore);
                    File.Delete(tempFileName);
                    azstore = null;
                }
            }
        }
        private void SetHirearchy(IAzScope azScope, IAzApplication azApplication, string taskName, IAzManApplication application)
        {
            IAzTask azTask = null;
            if (azScope == null)
                azTask = azApplication.OpenTask(taskName, null);
            else
                azTask = azScope.OpenTask(taskName, null);

            IAzManItem item = application.GetItem(taskName);
            if (azTask != null)
            {
                //SubTasks
                object[] azSubTasks = azTask.Tasks as object[];
                if (azSubTasks != null)
                {
                    foreach (string azSubTask in azSubTasks)
                    {
                        IAzManItem subItem = application.GetItem(azSubTask);
                        item.AddMember(subItem);
                        //this.SetHirearchy(azScope, azApplication, azSubTask, application);
                    }
                }
                //SubOperations
                object[] azSubOperations = azTask.Operations as object[];
                if (azSubOperations != null)
                {
                    foreach (string azSubOperation in azSubOperations)
                    {
                        IAzManItem subItem = application.GetItem(azSubOperation);
                        item.AddMember(subItem);
                    }
                }
            }
        }
Exemplo n.º 13
0
        private void SetHirearchy(IAzScope azScope, IAzApplication azApplication, string taskName, IAzManApplication application)
        {
            IAzTask azTask = null;
            if (azScope == null)
                azTask = azApplication.OpenTask(taskName, null);
            else
                azTask = azScope.OpenTask(taskName, null);

            if (azTask != null)
            {
                IAzManItem item = application.GetItem(taskName);
                //SubTasks
                object[] azSubTasks = azTask.Tasks as object[];
                if (azSubTasks != null)
                {
                    foreach (string azSubTask in azSubTasks)
                    {
                        IAzManItem subItem = application.GetItem(azSubTask);
                        var members = item.GetMembers();
                        if (members == null || members.Where(t => t.ItemId == subItem.ItemId).Count() == 0)
                            item.AddMember(subItem);
                        this.SetHirearchy(azScope, azApplication, azSubTask, application);
                    }
                }
                //SubOperations
                object[] azSubOperations = azTask.Operations as object[];
                if (azSubOperations != null)
                {
                    foreach (string azSubOperation in azSubOperations)
                    {
                        IAzManItem subItem = application.GetItem(azSubOperation);
                        var members = item.GetMembers();
                        if (members == null || members.Where(t => t.ItemId == subItem.ItemId).Count() == 0)
                            item.AddMember(subItem);
                    }
                }
            }
        }
Exemplo n.º 14
0
 private ItemNode buildTreeOfNodes(IAzManApplication application, DataTable checkAccessPartialResultsDataTable, string itemName)
 {
     DataRow dr = checkAccessPartialResultsDataTable.Select(String.Format("ItemName='{0}'", itemName.Replace("'", "''")))[0];
     int? bizRuleId = null;
     string bizRuleSource = null;
     byte? bizRuleLanguage = null;
     if (dr["BizRuleId"] != DBNull.Value)
     {
         bizRuleId = (int)dr["BizRuleId"];
         bizRuleSource = (string)dr["BizRuleSource"];
         bizRuleLanguage = (byte)dr["BizRuleLanguage"];
     }
     IAzManItem item = application.GetItem((string)dr["ItemName"]);
     ItemNode node = new ItemNode((int)dr["ItemId"], (string)dr["ItemName"], (ItemType)((byte)dr["ItemType"]), (AuthorizationType)((byte)dr["AuthorizationType"]), bizRuleId, bizRuleSource, bizRuleLanguage, item);
     IAzManItem[] parentItems = item.GetItemsWhereIAmAMember();
     foreach (IAzManItem parentItem in parentItems)
     {
         ItemNode parentItemNode = this.buildTreeOfNodes(application, checkAccessPartialResultsDataTable, parentItem.Name);
         node.parentItemNodes.Add(parentItem.Name, parentItemNode);
     }
     return node;
 }