public ActionResult Index()
{
NexusLdapService service = new NexusLdapService();
//string test = service.searchByLogin("martin.novak");
return(View());
}
public void RefreshGroups()
{
DBEntities context = COREobject.i.Context;
string groupADServer = WebConfigurationManager.AppSettings[$"Persona_AdGroupServer"];
NexusLdapService ldap = new NexusLdapService();
ldap.UseServer(groupADServer);
// get ADgroup_User from AD
List <ADgroup_User> rightsLdap = new List <ADgroup_User>();
foreach (ADgroup group in context.ADgroups.ToList())
{
// For ADGroup with added RoleForApplication remove UserRoles
if (!string.IsNullOrEmpty(group.RoleForApplication))
{
foreach (User_Role userRole in context.Users_Roles.ToList())
{
if (userRole.ApplicationId == group.ApplicationId && userRole.RoleName == group.RoleForApplication)
{
context.Users_Roles.Remove(userRole);
}
}
}
var ADapps = ldap.GetGroups(group.Name);
if (ADapps.Count() == 0)
{
continue;
}
foreach (JToken ADapp in ADapps) // should be only 1
{
foreach (JToken member in ADapp["member"])
{
// save user with groups
User user = AuthAD.getUserAndHisGroupsFromAD(identify: (string)member).Item1;
// Add UserRole according to ADGroup
if (!string.IsNullOrEmpty(group.RoleForApplication))
{
User_Role newUserRole = new User_Role();
newUserRole.UserId = user.Id;
newUserRole.RoleName = group.RoleForApplication;
newUserRole.ApplicationId = group.ApplicationId ?? 0;
newUserRole.ApplicationName = context.Applications.Find(group.ApplicationId ?? 0).Name;
context.Users_Roles.Add(newUserRole);
}
}
}
}
context.SaveChanges();
}
public void RefreshUsers()
{
DBEntities context = COREobject.i.Context;
NexusLdapService service = new NexusLdapService();
JToken ldapUsers = service.GetUsers();
foreach (JToken ldapUser in ldapUsers)
{
string username = (string)ldapUser["samaccountname"];
if (ldapUser["samaccountname"] == null)
{
continue;
}
if (context.Users.Any(u => u.UserName == username))
{
Logger.Log.Info($"SyncAD: skipping user {username}");
continue;
}
try
{
User user = new User
{
UserName = username,
DisplayName = string.IsNullOrWhiteSpace((string)ldapUser["displayname"]) ? username : (string)ldapUser["displayname"],
Email = (string)ldapUser["mail"],
Address = "",
Company = "",
Department = "",
Team = "",
Job = "",
WorkPhone = "",
MobilPhone = "",
LastLogin = (long)ldapUser["lastlogon"] != 0 ? DateTime.FromFileTime((long)ldapUser["lastlogon"]) : new DateTime(1970, 1, 1),
CurrentLogin = DateTime.UtcNow,
ModuleAccessPermission = new ModuleAccessPermission(),
AuthTypeId = Id,
localExpiresAt = DateTime.UtcNow.AddMonths(1)
};
context.Users.Add(user);
}
catch (Exception ex)
{
throw new Exception($"LDAP: error in creating user '{username}'", ex);
}
}
context.SaveChanges();
}
public ActionResult Groups()
{
JToken groups;
List <string> groupList = new List <string>();
NexusLdapService service = new NexusLdapService();
ViewBag.Result = "";
if (Request.HttpMethod == "POST")
{
string CN = Request.Form["query"];
groups = service.GetGroups(CN);
ViewBag.Result = groups.ToString();
}
return(View("~/Views/Nexus/LDAP/GroupList.cshtml"));
}
public ActionResult Search()
{
ViewBag.Result = String.Empty;
if (Request.HttpMethod == "POST")
{
string query = Request.Form["query"];
NexusLdapService service = new NexusLdapService();
JToken user = service.SearchByLogin(query);
if (user != null)
{
ViewBag.Result = user.ToString();
}
}
return(View("~/Views/Nexus/LDAP/Search.cshtml"));
}
public static void RefreshFromAD(Modules.CORE.CORE core)
{
// refresh all users
DBEntities context = core.Entitron.GetStaticTables();
//foreach(User user in context.Users.ToList())
//{
// core.Persona.RefreshUser(user);
//}
NexusLdapService ldap = new NexusLdapService();
ldap.UseServer(groupADServer);
// get ADgroup_User from AD
List <ADgroup_User> rightsLdap = new List <ADgroup_User>();
foreach (ADgroup group in context.ADgroups.ToList())
{
var ADapps = ldap.GetGroups(group.Name);
if (ADapps.Count() == 0)
{
continue;
}
foreach (JToken ADapp in ADapps) // should be only 1
{
foreach (JToken member in ADapp["member"])
{
// save user with groups
core.Persona.GetUser(identify: (string)member);
}
}
}
context.SaveChanges();
}
internal static (User, List <string>) getUserAndHisGroupsFromAD(string userName = null, string identify = null)
{
DBEntities context = COREobject.i.Context;
// split userName & domain
string serverName;
string onlyName = null;
// use userName
if (!string.IsNullOrWhiteSpace(userName))
{
int domainIndex = userName.IndexOf('\\');
serverName = null;
onlyName = userName;
if (domainIndex != -1)
{
serverName = userName.Substring(0, domainIndex).ToLower();
onlyName = userName.Substring(domainIndex + 1);
}
}
// use identify
else if (!string.IsNullOrWhiteSpace(identify))
{
serverName = getUserServer(identify);
}
// nothing
else
{
return(null, null);
}
// search in AD
NexusLdapService search = new NexusLdapService();
if (serverName != null)
{
search.UseServer(serverName);
}
JToken ldapResult = (onlyName != null)
? search.SearchByLogin(onlyName)
: search.SearchByIdentify(identify);
// no user found
if (ldapResult == null)
{
return(null, null);
}
// user attributes
User user = new User
{
UserName = userName ?? $"{getUserServer(identify).ToUpper()}\\{ldapResult["samaccountname"]}",
DisplayName = (string)ldapResult["displayname"],
Email = (string)ldapResult["mail"],
Address = "",
Company = "",
Department = "",
Team = "",
Job = (string)ldapResult["title"],
WorkPhone = "",
MobilPhone = "",
LastLogin = DateTime.FromFileTime((long)ldapResult["lastlogon"]),
CurrentLogin = DateTime.UtcNow,
ModuleAccessPermission = new ModuleAccessPermission(),
AuthTypeId = new MasterAD().Id,
localExpiresAt = DateTime.UtcNow
};
// groups
List <string> groupNames = new List <string>();
foreach (JToken group in ldapResult["memberof"])
{
string groupIdentify = (string)group;
int startI = groupIdentify.IndexOf("CN=") + 3;
int EndI = groupIdentify.IndexOf(',', startI);
groupNames.Add(groupIdentify.Substring(startI, EndI - startI));
}
return(user, groupNames);
}
