/// <summary>
/// Updates a device.
/// </summary>
/// <param name="deviceId">The id of the device to be updated.</param>
/// <param name="deviceInfo">The device containing the updated information.</param>
/// <returns>Returns the updated device.</returns>
public SecurityDeviceInfo UpdateDevice(string deviceId, SecurityDeviceInfo deviceInfo)
{
var id = Guid.Empty;
if (!Guid.TryParse(deviceId, out id))
{
throw new ArgumentException($"{nameof(deviceId)} must be a valid GUID");
}
if (id != deviceInfo.Id)
{
throw new ArgumentException($"Unable to update device using id: {id}, and id: {deviceInfo.Id}");
}
var securityRepository = ApplicationContext.Current.GetService <ISecurityRepositoryService>();
if (securityRepository == null)
{
throw new InvalidOperationException($"{nameof(ISecurityRepositoryService)} not found");
}
deviceInfo.Device.Policies.AddRange(deviceInfo.Policies.Select(p => new SecurityPolicyInstance(p.Policy, p.Grant)));
var updatedDevice = securityRepository.SaveDevice(deviceInfo.Device);
return(new SecurityDeviceInfo(updatedDevice));
}
public override object Update(object data)
{
if (data is SecurityDevice)
{
data = new SecurityDeviceInfo(data as SecurityDevice);
}
return(base.Update(data));
}
/// <summary>
/// Initializes a new instance of the <see cref="EditDeviceModel"/> class
/// with a specific <see cref="SecurityDeviceInfo"/> instance.
/// </summary>
/// <param name="securityDeviceInfo">The <see cref="SecurityDeviceInfo"/> instance.</param>
public EditDeviceModel(SecurityDeviceInfo securityDeviceInfo) : this()
{
this.Device = securityDeviceInfo.Device;
this.CreationTime = securityDeviceInfo.Device.CreationTime.DateTime;
this.Id = securityDeviceInfo.Device.Key.Value;
this.IsObsolete = securityDeviceInfo.Device.ObsoletionTime != null;
this.Name = securityDeviceInfo.Name;
this.DevicePolicies = securityDeviceInfo.Policies.Select(p => new PolicyViewModel(p)).OrderBy(q => q.Name).ToList();
this.Policies = this.DevicePolicies.Select(p => p.Id.ToString()).ToList();
}
/// <summary>
/// Converts an <see cref="EditDeviceModel"/> instance to a <see cref="SecurityDeviceInfo"/> instance.
/// </summary>
/// <param name="model">The model.</param>
/// <param name="deviceInfo">The device information.</param>
/// <returns>Returns the converted security device information instance.</returns>
protected SecurityDeviceInfo ToSecurityDeviceInfo(EditDeviceModel model, SecurityDeviceInfo deviceInfo)
{
deviceInfo.Device.Key = model.Id;
deviceInfo.Device.Name = model.Name;
var policyList = this.GetNewPolicies(model.Policies.Select(Guid.Parse));
deviceInfo.Policies.Clear();
deviceInfo.Policies.AddRange(policyList.Select(p => new SecurityPolicyInfo(p)
{
Grant = PolicyGrantType.Grant
}));
return(deviceInfo);
}
/// <summary>
/// Creates a device in the IMS.
/// </summary>
/// <param name="deviceInfo">The device to be created.</param>
/// <returns>Returns the newly created device.</returns>
public SecurityDeviceInfo CreateDevice(SecurityDeviceInfo deviceInfo)
{
var securityRepository = ApplicationContext.Current.GetService <ISecurityRepositoryService>();
if (securityRepository == null)
{
throw new InvalidOperationException($"{nameof(ISecurityRepositoryService)} not found");
}
deviceInfo.Device?.Policies.AddRange(deviceInfo.Policies.Select(p => new SecurityPolicyInstance(p.Policy, p.Grant)));
var createdDevice = securityRepository.CreateDevice(deviceInfo.Device);
return(new SecurityDeviceInfo(createdDevice));
}
public override object Create(object data, bool updateIfExists)
{
if (data is SecurityDevice)
{
data = new SecurityDeviceInfo(data as SecurityDevice);
}
var sde = data as SecurityDeviceInfo;
// If no policies then assign the ones from DEVICE
if (sde.Policies == null || sde.Policies.Count == 0 && sde.Entity?.Policies == null || sde.Entity.Policies.Count == 0)
{
var role = ApplicationServiceContext.Current.GetService <ISecurityRepositoryService>()?.GetRole("DEVICE");
var policies = ApplicationServiceContext.Current.GetService <IPolicyInformationService>()?.GetPolicies(role);
if (policies != null)
{
sde.Policies = policies.Select(o => new SecurityPolicyInfo(o)).ToList();
}
}
return(base.Create(data, updateIfExists));
}
/// <summary>
/// Initializes a new instance of the <see cref="DeviceViewModel"/> class
/// with a specific <see cref="SecurityDeviceInfo"/> instance.
/// </summary>
/// <param name="securityDeviceInfo">The <see cref="SecurityDeviceInfo"/> instance.</param>
public DeviceViewModel(SecurityDeviceInfo securityDeviceInfo) : base(securityDeviceInfo)
{
this.Name = securityDeviceInfo.Name;
}
public async Task <ActionResult> JoinRealmAsync(JoinRealmModel model)
{
HttpContext.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
this.Response.Cookies.Remove("access_token");
if (ModelState.IsValid)
{
model.Address = model.Address.HasTrailingBackSlash() ? model.Address.RemoveTrailingBackSlash() : model.Address;
model.Address = model.Address.HasTrailingForwardSlash() ? model.Address.RemoveTrailingForwardSlash() : model.Address;
Realm realm = unitOfWork.RealmRepository.Get(r => r.Address == model.Address && r.ObsoletionTime != null).AsEnumerable().SingleOrDefault();
// remove any leading or trailing spaces
model.Address = model.Address.Trim();
// HACK: the UrlAttribute class thinks that http://localhost is not a valid url...
if (model.Address.StartsWith("http://localhost"))
{
model.Address = model.Address.Replace("http://localhost", "http://127.0.0.1");
}
else if (model.Address.StartsWith("https://localhost"))
{
model.Address = model.Address.Replace("https://localhost", "https://127.0.0.1");
}
// is the user attempting to join a realm which they have already left?
if (realm != null)
{
realm.Map(model);
realm.ObsoletionTime = null;
unitOfWork.RealmRepository.Update(realm);
unitOfWork.Save();
}
else
{
realm = unitOfWork.RealmRepository.Create();
realm.Map(model);
realm.DeviceId = Environment.MachineName + "-" + Guid.NewGuid().ToString().ToUpper();
realm.DeviceSecret = Guid.NewGuid().ToString().ToUpper();
var activeRealms = unitOfWork.RealmRepository.AsQueryable().Where(r => r.ObsoletionTime == null).AsEnumerable();
foreach (var activeRealm in activeRealms)
{
activeRealm.ObsoletionTime = DateTime.UtcNow;
unitOfWork.RealmRepository.Update(activeRealm);
}
unitOfWork.RealmRepository.Add(realm);
unitOfWork.Save();
}
try
{
var result = await this.SignInManager.PasswordSignInAsync(model.Username, model.Password, false, false);
switch (result)
{
case SignInStatus.Success:
using (var amiServiceClient = new AmiServiceClient(new RestClientService(Constants.Ami, this.HttpContext, this.SignInManager.AccessToken)))
{
var synchronizers = amiServiceClient.GetRoles(r => r.Name == "SYNCHRONIZERS").CollectionItem.FirstOrDefault();
var device = amiServiceClient.GetRoles(r => r.Name == "DEVICE").CollectionItem.FirstOrDefault();
var securityUserInfo = new SecurityUserInfo
{
Password = realm.DeviceSecret,
Roles = new List <SecurityRoleInfo>
{
device,
synchronizers
},
UserName = realm.DeviceId,
User = new SecurityUser
{
Key = Guid.NewGuid(),
UserClass = UserClassKeys.ApplicationUser,
UserName = realm.DeviceId,
SecurityHash = Guid.NewGuid().ToString()
},
};
amiServiceClient.CreateUser(securityUserInfo);
var securityDeviceInfo = new SecurityDeviceInfo
{
Device = new SecurityDevice
{
DeviceSecret = realm.DeviceSecret,
Name = realm.DeviceId
}
};
amiServiceClient.CreateDevice(securityDeviceInfo);
}
MvcApplication.MemoryCache.Set(RealmConfig.RealmCacheKey, true, ObjectCache.InfiniteAbsoluteExpiration);
break;
default:
// always sign out the user when joining the realm
SignInManager.AuthenticationManager.SignOut();
var addedRealm = unitOfWork.RealmRepository.Get(r => r.Address == model.Address).FirstOrDefault();
if (addedRealm != null)
{
unitOfWork.RealmRepository.Delete(addedRealm.Id);
unitOfWork.Save();
}
ModelState.AddModelError("", Locale.IncorrectUsernameOrPassword);
return(View(model));
}
this.TempData["success"] = Locale.RealmJoinedSuccessfully;
return(RedirectToAction("Login", "Account"));
}
catch (Exception e)
{
Trace.TraceError($"Unable to join realm: {e}");
var addedRealm = unitOfWork.RealmRepository.Get(r => r.Address == model.Address).Single();
unitOfWork.RealmRepository.Delete(addedRealm.Id);
unitOfWork.Save();
}
finally
{
// always sign out the user when joining the realm
HttpContext.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
}
}
TempData["error"] = Locale.UnableToJoinRealm;
return(View(model));
}
/// <summary>
/// Updates a device.
/// </summary>
/// <param name="deviceId">The id of the device to be updated.</param>
/// <param name="deviceInfo">The device containing the updated information.</param>
/// <returns>Returns the updated device.</returns>
public SecurityDeviceInfo UpdateDevice(Guid deviceId, SecurityDeviceInfo deviceInfo)
{
return(this.Client.Put <SecurityDeviceInfo, SecurityDeviceInfo>($"SecurityDevice/{deviceId}", deviceInfo));
}
/// <summary>
/// Creates a device in the IMS.
/// </summary>
/// <param name="device">The device to be created.</param>
/// <returns>Returns the newly created device.</returns>
public SecurityDeviceInfo CreateDevice(SecurityDeviceInfo device)
{
return(this.Client.Post <SecurityDeviceInfo, SecurityDeviceInfo>("SecurityDevice", device));
}
/// <summary>
/// Updates a device.
/// </summary>
/// <param name="deviceId">The id of the device to be updated.</param>
/// <param name="deviceInfo">The device containing the updated information.</param>
/// <returns>Returns the updated device.</returns>
public SecurityDeviceInfo UpdateDevice(string deviceId, SecurityDeviceInfo deviceInfo)
{
return(this.Client.Put <SecurityDeviceInfo, SecurityDeviceInfo>($"device/{deviceId}", this.Client.Accept, deviceInfo));
}
/// <summary>
/// Initializes a new instance of the <see cref="SecurityViewModel"/> class
/// with a specific <see cref="SecurityDeviceInfo"/> instance.
/// </summary>
/// <param name="securityDeviceInfo">The <see cref="SecurityDeviceInfo"/> instance.</param>
protected SecurityViewModel(SecurityDeviceInfo securityDeviceInfo) : this(securityDeviceInfo.Device, securityDeviceInfo.Policies)
{
}
