/// <summary>
/// Process a command line to grant a user a privilege
/// </summary>
/// <param name="commandLine"></param>et
/// <returns></returns>
public static string GrantPrivilege(
string commandLine)
{
if (UserInfo == null || !IsAdministrator(UserInfo.UserName))
{
return("You must be an administrator to grant privileges");
}
Lex lex = new Lex();
lex.OpenString(commandLine);
string priv = lex.Get();
string userName = lex.Get();
if (Lex.Eq(userName, "to"))
{
userName = lex.Get();
}
if (priv == "" || userName == "")
{
return("Syntax: GRANT privilege TO userid");
}
if (!PrivilegesMx.IsValidPrivilegeName(priv))
{
return(priv + " is not a valid privilege");
}
if (!UserExists(userName))
{
return("User " + userName + " doesn't exist");
}
GrantPrivilege(userName, priv);
return("Privilege granted");
}
/// <summary>
/// Set privileges that are stored as privs in Mobius user parameters
/// </summary>
/// <param name="ui"></param>
public static void SetUserParmPrivileges(UserInfo ui)
{
Dictionary <string, string> ups = UserObjectDao.GetUserParameters(ui.UserName);
string prefix = "Privilege";
foreach (string uoName in ups.Keys) // store other non-ad privileges
{
if (!Lex.StartsWith(uoName, prefix) || // Privilege user parm?
Lex.Ne(ups[uoName], "True"))
{
continue; // and granted?
}
string privName = uoName.Substring(prefix.Length);
if (!PrivilegesMx.IsValidPrivilegeName(privName))
{
continue;
}
if (Lex.Eq(privName, "Logon"))
{
continue; // ignore old Logon priv from database
}
ui.Privileges.SetPrivilege(privName, true);
}
if (!ups.ContainsKey("NAMEADDRESS")) // store user name and address in Mobius db if not there already
{
Security.CreateUser(ui);
}
return;
}
/// <summary>
/// Grant a privilege to a user
/// </summary>
/// <param name="userName"></param>
/// <param name="privilege"></param>
/// <returns></returns>
public static void GrantPrivilege(
string userName,
string privilege)
{
if (!PrivilegesMx.IsValidPrivilegeName(privilege))
{
throw new Exception("Not a valid privilege");
}
UserObjectDao.SetUserParameter(userName, "Privilege" + Lex.CapitalizeFirstLetters(privilege), "True"); // authorize by default
return;
}
/// <summary>
/// Revoke a privilege from a user
/// </summary>
/// <param name="userName"></param>
/// <param name="privilege"></param>
/// <returns></returns>
public static void RevokePrivilege(
string userName,
string privilege)
{
if (!HasPrivilege(userName, privilege))
{
throw new Exception("User doesn't have privilege");
}
if (!PrivilegesMx.IsValidPrivilegeName(privilege))
{
throw new Exception("Not a valid privilege");
}
UserObjectDao.SetUserParameter(userName, "Privilege" + privilege, "False");
return;
}
/// <summary>
/// Process command line to revoke a user privilege
/// </summary>
/// <param name="commandLine"></param>
/// <returns></returns>
public static string RevokePrivilege(
string commandLine)
{
if (UserInfo == null || !IsAdministrator(UserInfo.UserName))
{
return("You must be an administrator to revoke privileges");
}
Lex lex = new Lex();
lex.OpenString(commandLine);
string priv = lex.Get();
string userName = lex.Get();
if (Lex.Eq(userName, "from"))
{
userName = lex.Get();
}
if (priv == "" || userName == "")
{
return("Syntax: REVOKE privilege FROM userid");
}
if (!PrivilegesMx.IsValidPrivilegeName(priv))
{
return(priv + " is not a valid privilege");
}
if (!UserExists(userName))
{
return("User " + userName + " doesn't exist");
}
if (!HasPrivilege(userName, priv))
{
return("User " + userName + " doesn't have this privilege");
}
RevokePrivilege(userName, priv);
return("Privilege revoked");
}
