Exemplo n.º 1
0
        /// <summary>
        /// Set password
        /// </summary>
        /// <param name="user"></param>
        /// <param name="password"></param>
        public static void SetPassword(Simplified.Ring3.SystemUser user, string password)
        {
            string hashedPassword;

            Helper.GeneratePasswordHash(user.Username.ToLower(), password, out hashedPassword);
            user.Password = hashedPassword;
        }
Exemplo n.º 2
0
        /// <summary>
        /// Add company with a system user
        /// </summary>
        /// <param name="name"></param>
        /// <param name="email"></param>
        public static void AddCompany(string name, string username, string email, string password)
        {
            if (name == null) {
                throw new ArgumentNullException("name");
            }

            if (username == null) {
                throw new ArgumentNullException("username");
            }

            if (email == null) {
                throw new ArgumentNullException("email");
            }

            if (string.IsNullOrEmpty(name)) {
                throw new ArgumentException("name");
            }

            if (string.IsNullOrEmpty(email)) {
                throw new ArgumentException("email");
            }

            // Check for duplicated email
            string emailLow = email.ToLowerInvariant();

            if (!Utils.IsValidEmail(email)) {
                throw new ArgumentException("email", "Invalid email address");
            }

            // Check if there is any system users that has this email.
            var dupEmail = Db.SQL<Simplified.Ring3.EmailAddress>("SELECT o FROM Simplified.Ring3.EmailAddress o WHERE o.EMail=? AND o.ToWhat IS Simplified.Ring3.SystemUser", emailLow).First;
            if (dupEmail != null) {
                throw new ArgumentException("email", "Duplicated email");
            }

            // Check for duplicated username
            var dupUserName = Db.SQL<Simplified.Ring3.SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.Username=?", username).First;
            if (dupUserName != null) {
                throw new ArgumentException("username", "Duplicated username");
            }

            Organization company = new Organization() { Name = name };

            Simplified.Ring3.SystemUser systemUser = new Simplified.Ring3.SystemUser();
            systemUser.WhatIs = company;
            systemUser.Username = username;
            SetPassword(systemUser, password);

            //// Add ability to also sign in with email
            //EmailAddress emailRel = new EmailAddress();
            //emailRel.SetToWhat(systemUser);
            //emailRel.EMail = emailLow;

            //emailRel = new EMailAddress();
            //emailRel.SetToWhat(company);
            //emailRel.EMail = emailLow;
            company.ImageURL = Utils.GetGravatarUrl(emailLow);
        }
Exemplo n.º 3
0
 /// <summary>
 /// Add System User as a Member of a SystemUserGroup
 /// </summary>
 /// <param name="user"></param>
 /// <param name="group"></param>
 public static void AddSystemUserToSystemUserGroup(Simplified.Ring3.SystemUser user, Simplified.Ring3.SystemUserGroup group)
 {
     Simplified.Ring3.SystemUserGroupMember systemUserGroupMember = new Simplified.Ring3.SystemUserGroupMember();
     systemUserGroupMember.WhatIs = user;
     systemUserGroupMember.ToWhat = group;
     //systemUserGroupMember.SetSystemUser(user);
     //systemUserGroupMember.SetToWhat(group);
     //group.AddMember(systemUser);
 }
Exemplo n.º 4
0
        /// <summary>
        /// Check is user has permission to invoke action on an application
        /// </summary>
        /// <param name="user"></param>
        /// <param name="action"></param>
        /// <param name="settings"></param>
        /// <returns></returns>
        public static bool Check(SystemUser user, ActionType action, Settings settings) {

            // TODO: check action type
            if (user == null) {
                //TODO: an anonymouse user can have access to some functions
                return false;
            }

            return false;
        }
Exemplo n.º 5
0
        /// <summary>
        /// Remove System User as a Member of a SystemUserGroup
        /// </summary>
        /// <param name="user"></param>
        /// <param name="group"></param>
        public static void RemoveSystemUserFromSystemUserGroup(Simplified.Ring3.SystemUser user, Simplified.Ring3.SystemUserGroup group)
        {
            var removeGroup = Db.SQL <Simplified.Ring3.SystemUserGroupMember>("SELECT o FROM Simplified.Ring3.SystemUserGroupMember o WHERE o.WhatIs=? AND o.ToWhat=?", user, group).First;

            if (removeGroup != null)
            {
                removeGroup.Delete();
            }

            //group.RemoveMember(user);
        }
Exemplo n.º 6
0
        public static void AddUserToGroup(SystemUser User, string GroupName)
        {
            SystemUserGroup group = Db.SQL<SystemUserGroup>("SELECT g FROM Simplified.Ring3.SystemUserGroup g WHERE g.Name = ?", GroupName).First;

            if (group == null) {
                group = new SystemUserGroup() {
                    Name = GroupName
                };
            }

            AddUserToGroup(User, group);
        }
Exemplo n.º 7
0
        /// <summary>
        /// Check is user has permission to invoke action on an application
        /// </summary>
        /// <param name="user"></param>
        /// <param name="action"></param>
        /// <param name="application"></param>
        /// <returns></returns>
        public static bool Check(SystemUser user, ActionType action, Software application) {

            if (user == null) {
                //TODO: an anonymouse user can have access to some functions
                return false;
            }

            SoftwarePermission permission = Db.SQL<SoftwarePermission>("SELECT o FROM Warehouse.SoftwarePermission o WHERE o.User=? AND o.Software=?", user, application).First;
            if (permission != null) {
                // TODO: Add what kind of check, CanRead, CanUpdate or CanDelete
                return true;
            }
            return false;
        }
        /// <summary>
        /// Check is user has permission to invoke action
        /// </summary>
        /// <param name="user"></param>
        /// <param name="action"></param>
        /// <returns></returns>
        public static bool Check(SystemUser user, ActionType action) {

            if (user == null) {
                //TODO: an anonymouse user can have access to some functions
                return false;
            }

            if (action == ActionType.CreateOrganization) {
                // A system user may create organizations
                return true;
            }

            return false;   // Access denied
        }
Exemplo n.º 9
0
        public static void AddUserToGroup(SystemUser User, SystemUserGroup Group)
        {
            if (User == null) {
                throw new ArgumentNullException("User");
            }

            if (Group == null) {
                throw new ArgumentNullException("Group");
            }

            if (IsMemberOfGroup(User, Group)) {
                return;
            }

            SystemUserGroupMember member = new SystemUserGroupMember() {
                SystemUser = User,
                SystemUserGroup = Group
            };
        }
Exemplo n.º 10
0
        public static bool CanGetUri(SystemUser user, string uri, Request request)
        {
            // Check if there is any permission set for a url
            UriPermission per = Db.SQL<UriPermission>("SELECT o FROM  Simplified.Ring5.UriPermission o WHERE o.Uri=?", uri).First;
            if (per == null) {

                // TODO: Check if user is part of Admin group, then allow acces?

                // No permission configuration for this url = DENY ACCESS
                return false;
            }

            UriPermission permission = Helper.GetPermission(user, uri);
            if (permission != null) {
                return permission.CanGet;
            }

            return false;
        }
Exemplo n.º 11
0
        /// <summary>
        /// Delete System user
        /// </summary>
        /// <param name="user"></param>
        public static void DeleteSystemUser(Simplified.Ring3.SystemUser user)
        {
            if (user == null)
            {
                throw new ArgumentNullException("user");
            }

            // Remove Email adresses associated to the system user
            //            Db.SlowSQL("DELETE FROM Simplified.Ring3.EmailAddress WHERE ToWhat=?", user);

            // Remove ResetPassword associated to the system user Sombody
            Db.SlowSQL("DELETE FROM Simplified.Ring6.ResetPassword WHERE User=?", user);

            // TODO: Should we also delete the Somebody (Person/Company)?

            // Remove system user group member (If system user is member of a system user group)
            Db.SlowSQL("DELETE FROM Simplified.Ring3.SystemUserGroupMember WHERE SystemUser=?", user);

            user.Delete();
        }
Exemplo n.º 12
0
        public static void Register()
        {
            string redirectPageHtml = "/useradmin/viewmodels/RedirectPage.html";

            Handle.GET("/useradmin/accessdenied", () => {
                return(new AccessDeniedPage());
            });

            // Create System user
            Handle.GET("/useradmin/admin/createuser", (Request request) => {
                MasterPage master = LauncherHooks.GetMaster();

                Json page;
                if (!Helper.TryNavigateTo("/UserAdmin/admin/createuser", request, redirectPageHtml, out page))
                {
                    master.CurrentPage = page;
                }
                else
                {
                    master.CurrentPage = new CreateUserPage()
                    {
                        Html = "/UserAdmin/viewmodels/partials/administrator/CreateUserPage.html", Uri = request.Uri
                    };
                }
                return(master);
            });

            // Get System users
            Handle.GET("/useradmin/admin/users", (Request request) => {
                MasterPage master = LauncherHooks.GetMaster();
                Json page;
                if (!Helper.TryNavigateTo("/useradmin/admin/users", request, redirectPageHtml, out page))
                {
                    master.CurrentPage = page;
                }
                else
                {
                    master.CurrentPage = new ListUsersPage()
                    {
                        Html = "/UserAdmin/viewmodels/partials/administrator/ListUsersPage.html", Uri = request.Uri
                    };
                }
                return(master);
            });


            Handle.GET("/UserAdmin/admin/users/{?}", (string userid, Request request) => {
                //return Db.Scope<Json>(() => {

                Json page;

                MasterPage master = LauncherHooks.GetMaster();

                if (!Helper.TryNavigateTo("/UserAdmin/admin/users/{?}", request, redirectPageHtml, out page))
                {
                    master.CurrentPage = page;
                    return(master);
                }

                // Get system user
                Simplified.Ring3.SystemUser user = Db.SQL <Simplified.Ring3.SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.ObjectID = ?", userid).First;

                if (user == null)
                {
                    // TODO: Return a "User not found" page
                    return(master);
                    //return (ushort)System.Net.HttpStatusCode.NotFound;
                }

                SystemUser systemUser      = Helper.GetCurrentSystemUser();
                SystemUserGroup adminGroup = Db.SQL <Simplified.Ring3.SystemUserGroup>("SELECT o FROM Simplified.Ring3.SystemUserGroup o WHERE o.Name = ?", Program.AdminGroupName).First;

                // Check if current user has permission to get this user instance
                if (Helper.IsMemberOfGroup(systemUser, adminGroup))
                {
                    if (user.WhoIs is Person)
                    {
                        master.CurrentPage = Db.Scope <string, Simplified.Ring3.SystemUser, Json>((uri, personUser) => {
                            return(new EditPersonPage()
                            {
                                Html = "/UserAdmin/viewmodels/partials/administrator/EditPersonPage.html",
                                Uri = uri,
                                Data = personUser
                            });
                        }, request.Uri, user);
                        return(master);
                    }
                    else if (user.WhoIs is Organization)
                    {
                        Db.Scope <string, Simplified.Ring3.SystemUser, Json>((uri, companyUser) => {
                            return(new EditCompanyPage()
                            {
                                Html = "/UserAdmin/viewmodels/partials/administrator/EditCompanyPage.html",
                                Uri = uri,
                                Data = companyUser
                            });
                        },
                                                                             request.Uri, user);
                    }
                }
                else if (user == systemUser)
                {
                    // User can edit it's self
                }
                else
                {
                    // No rights
                    // User trying to view another's users data

                    // User has no permission, redirect to app's root page
                    master.CurrentPage = new RedirectPage()
                    {
                        Html        = redirectPageHtml,
                        RedirectUrl = "/useradmin"
                    };
                    return(master);
                }

                return(master);
            });

            // Get System user
            //Handle.GET("/useradmin/admin/_users/{?}", (string userid, Request request) => {
            //    Json page;

            //    MasterPage master = LauncherHooks.GetMaster();

            //    if (!Helper.TryNavigateTo("/UserAdmin/admin/users/{?}", request, redirectPageHtml, out page)) {
            //        master.CurrentPage = page;
            //        return master;
            //    }

            //    // Get system user
            //    Simplified.Ring3.SystemUser user = Db.SQL<Simplified.Ring3.SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.ObjectID = ?", userid).First;

            //    if (user == null) {
            //        // TODO: Return a "User not found" page
            //        return master;
            //        //return (ushort)System.Net.HttpStatusCode.NotFound;
            //    }

            //    SystemUser systemUser = Helper.GetCurrentSystemUser();
            //    SystemUserGroup adminGroup = Db.SQL<Simplified.Ring3.SystemUserGroup>("SELECT o FROM Simplified.Ring3.SystemUserGroup o WHERE o.Name = ?", Program.AdminGroupName).First;

            //    // Check if current user has permission to get this user instance
            //    if (Helper.IsMemberOfGroup(systemUser, adminGroup)) {

            //        if (user.WhoIs is Person) {

            //            master.CurrentPage = Db.Scope<string, Simplified.Ring3.SystemUser, Json>((uri, personUser) => {
            //                return new EditPersonPage() {
            //                    Html = "/UserAdmin/viewmodels/partials/administrator/EditPersonPage.html",
            //                    Uri = uri,
            //                    Data = personUser
            //                };
            //            }, request.Uri, user);
            //            return master;



            //        }
            //        else if (user.WhoIs is Organization) {
            //            Db.Scope<string, Simplified.Ring3.SystemUser, Json>((uri, companyUser) => {
            //                return new EditCompanyPage() {
            //                    Html = "/UserAdmin/viewmodels/partials/administrator/EditCompanyPage.html",
            //                    Uri = uri,
            //                    Data = companyUser
            //                };
            //            },
            //            request.Uri, user);
            //        }
            //    }
            //    else if (user == systemUser) {
            //        // User can edit it's self
            //    }
            //    else {
            //        // No rights
            //        // User trying to view another's users data

            //        // User has no permission, redirect to app's root page
            //        master.CurrentPage = new RedirectPage() {
            //            Html = redirectPageHtml,
            //            RedirectUrl = "/useradmin"
            //        };
            //        return master;
            //    }

            //    return (ushort)System.Net.HttpStatusCode.NotFound;
            //});

            // Reset password
            Handle.GET("/useradmin/user/resetpassword?{?}", (string query, Request request) => {
                NameValueCollection queryCollection = HttpUtility.ParseQueryString(query);
                string token = queryCollection.Get("token");

                MasterPage master = LauncherHooks.GetMaster();

                if (token == null)
                {
                    // TODO:
                    master.CurrentPage = null; // (ushort)System.Net.HttpStatusCode.NotFound;
                    return(master);
                }

                // Retrive the resetPassword instance
                ResetPassword resetPassword = Db.SQL <Simplified.Ring6.ResetPassword>("SELECT o FROM Simplified.Ring6.ResetPassword o WHERE o.Token=? AND o.Expire>?", token, DateTime.UtcNow).First;

                if (resetPassword == null)
                {
                    // TODO: Show message "Reset token already used or expired"
                    master.CurrentPage = null; // (ushort)System.Net.HttpStatusCode.NotFound;
                    return(master);
                }

                if (resetPassword.User == null)
                {
                    // TODO: Show message "User deleted"
                    master.CurrentPage = null; // (ushort)System.Net.HttpStatusCode.NotFound;
                    return(master);
                }

                Simplified.Ring3.SystemUser systemUser = resetPassword.User;

                ResetPasswordPage page = new ResetPasswordPage()
                {
                    Html = "/UserAdmin/viewmodels/partials/user/ResetPasswordPage.html",
                    Uri  = "/useradmin/user/resetpassword"
                           //Uri = request.Uri // TODO:
                };

                page.resetPassword = resetPassword;

                if (systemUser.WhoIs != null)
                {
                    page.FullName = systemUser.WhoIs.FullName;
                }
                else
                {
                    page.FullName = systemUser.Username;
                }

                master.CurrentPage = page;

                return(master);
            });
        }
Exemplo n.º 13
0
        //static public bool IsMemberOfAdminGroup(Simplified.Ring3.SystemUser user) {
        //    if (user == null) return false;
        //    Simplified.Ring3.SystemUser Group adminGroup = Db.SQL<Simplified.Ring3.SystemUser	Group>("SELECT o FROM Simplified.Ring3.SystemUser Group o WHERE o.Name=?", Program.AdminGroupName).First;
        //    return IsMemberOfGroup(user, adminGroup);
        //}
        public static bool IsMemberOfGroup(SystemUser user, SystemUserGroup basedOnGroup)
        {
            if (user == null) return false;
            if (basedOnGroup == null) return false;

            var groups = Db.SQL<SystemUserGroup>("SELECT o.SystemUserGroup FROM Simplified.Ring3.SystemUserGroupMember o WHERE o.SystemUser=?", user);
            foreach (var groupItem in groups) {

                bool flag = IsBasedOnGroup(groupItem, basedOnGroup);
                if (flag) {
                    return true;
                }
            }

            return false;
        }
Exemplo n.º 14
0
        /// <summary>
        /// Add Person with a system user
        /// </summary>
        /// <param name="firstName"></param>
        /// <param name="lastname"></param>
        /// <param name="email"></param>
        public static Simplified.Ring3.SystemUser AddPerson(string firstName, string lastname, string username, string password)
        {
            if (firstName == null)
            {
                throw new ArgumentNullException("firstname");
            }

            if (lastname == null)
            {
                throw new ArgumentNullException("lastname");
            }

            if (username == null)
            {
                throw new ArgumentNullException("username");
            }

            //if (email == null) {
            //    throw new ArgumentNullException("email");
            //}

            if (string.IsNullOrEmpty(firstName))
            {
                throw new ArgumentException("firstname");
            }

            if (string.IsNullOrEmpty(lastname))
            {
                throw new ArgumentException("lastname");
            }

            //if (string.IsNullOrEmpty(email)) {
            //    throw new ArgumentException("email");
            //}

            // Validation

            // Check for duplicated email
            string usernameLow = username.ToLowerInvariant();

            //if (!Utils.IsValidEmail(email)) {
            //    throw new ArgumentException("email", "Invalid email address");
            //}

            // Check if there is any system users that has this email.
            //var dupEmail = Db.SQL<Simplified.Ring3.EmailAddress>("SELECT o FROM Simplified.Ring3.EmailAddress o WHERE o.EMail=? AND o.ToWhat IS Simplified.Ring3.SystemUser", emailLow).First;
            //if (dupEmail != null) {
            //    throw new ArgumentException("email", "Duplicated email");
            //}

            // Check for duplicated username
            var dupUserName = Db.SQL <Simplified.Ring3.SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.Username=?", username).First;

            if (dupUserName != null)
            {
                throw new ArgumentException("username", "Duplicated username");
            }

            Person person = new Person()
            {
                FirstName = firstName, LastName = lastname
            };

            Simplified.Ring3.SystemUser systemUser = new Simplified.Ring3.SystemUser();
            systemUser.WhatIs   = person;
            systemUser.Username = username;
            SetPassword(systemUser, password);

            // Add ability to also sign in with email
            //EmailAddress emailRel = new EmailAddress();
            //emailRel.SetToWhat(systemUser);
            //emailRel.EMail = emailLow.ToLowerInvariant();

            person.ImageURL = Utils.GetGravatarUrl(usernameLow);

            return(systemUser);
        }
Exemplo n.º 15
0
        /// <summary>
        /// Add company with a system user
        /// </summary>
        /// <param name="name"></param>
        /// <param name="email"></param>
        public static void AddCompany(string name, string username, string email, string password)
        {
            if (name == null)
            {
                throw new ArgumentNullException("name");
            }

            if (username == null)
            {
                throw new ArgumentNullException("username");
            }

            if (email == null)
            {
                throw new ArgumentNullException("email");
            }

            if (string.IsNullOrEmpty(name))
            {
                throw new ArgumentException("name");
            }

            if (string.IsNullOrEmpty(email))
            {
                throw new ArgumentException("email");
            }

            // Check for duplicated email
            string emailLow = email.ToLowerInvariant();

            if (!Utils.IsValidEmail(email))
            {
                throw new ArgumentException("email", "Invalid email address");
            }

            // Check if there is any system users that has this email.
            var dupEmail = Db.SQL <Simplified.Ring3.EmailAddress>("SELECT o FROM Simplified.Ring3.EmailAddress o WHERE o.EMail=? AND o.ToWhat IS Simplified.Ring3.SystemUser", emailLow).First;

            if (dupEmail != null)
            {
                throw new ArgumentException("email", "Duplicated email");
            }

            // Check for duplicated username
            var dupUserName = Db.SQL <Simplified.Ring3.SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.Username=?", username).First;

            if (dupUserName != null)
            {
                throw new ArgumentException("username", "Duplicated username");
            }

            Organization company = new Organization()
            {
                Name = name
            };

            Simplified.Ring3.SystemUser systemUser = new Simplified.Ring3.SystemUser();
            systemUser.WhatIs   = company;
            systemUser.Username = username;
            SetPassword(systemUser, password);

            //// Add ability to also sign in with email
            //EmailAddress emailRel = new EmailAddress();
            //emailRel.SetToWhat(systemUser);
            //emailRel.EMail = emailLow;

            //emailRel = new EMailAddress();
            //emailRel.SetToWhat(company);
            //emailRel.EMail = emailLow;
            company.ImageURL = Utils.GetGravatarUrl(emailLow);
        }
Exemplo n.º 16
0
        /// <summary>
        /// Add Person with a system user
        /// </summary>
        /// <param name="firstName"></param>
        /// <param name="lastname"></param>
        /// <param name="email"></param>
        public static Simplified.Ring3.SystemUser AddPerson(string firstName, string lastname, string username, string password)
        {
            if (firstName == null) {
                throw new ArgumentNullException("firstname");
            }

            if (lastname == null) {
                throw new ArgumentNullException("lastname");
            }

            if (username == null) {
                throw new ArgumentNullException("username");
            }

            //if (email == null) {
            //    throw new ArgumentNullException("email");
            //}

            if (string.IsNullOrEmpty(firstName)) {
                throw new ArgumentException("firstname");
            }

            if (string.IsNullOrEmpty(lastname)) {
                throw new ArgumentException("lastname");
            }

            //if (string.IsNullOrEmpty(email)) {
            //    throw new ArgumentException("email");
            //}

            // Validation

            // Check for duplicated email
            string usernameLow = username.ToLowerInvariant();

            //if (!Utils.IsValidEmail(email)) {
            //    throw new ArgumentException("email", "Invalid email address");
            //}

            // Check if there is any system users that has this email.
            //var dupEmail = Db.SQL<Simplified.Ring3.EmailAddress>("SELECT o FROM Simplified.Ring3.EmailAddress o WHERE o.EMail=? AND o.ToWhat IS Simplified.Ring3.SystemUser", emailLow).First;
            //if (dupEmail != null) {
            //    throw new ArgumentException("email", "Duplicated email");
            //}

            // Check for duplicated username
            var dupUserName = Db.SQL<Simplified.Ring3.SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.Username=?", username).First;
            if (dupUserName != null) {
                throw new ArgumentException("username", "Duplicated username");
            }

            Person person = new Person() { FirstName = firstName, LastName = lastname };
            Simplified.Ring3.SystemUser systemUser = new Simplified.Ring3.SystemUser();
            systemUser.WhatIs = person;
            systemUser.Username = username;
            SetPassword(systemUser, password);

            // Add ability to also sign in with email
            //EmailAddress emailRel = new EmailAddress();
            //emailRel.SetToWhat(systemUser);
            //emailRel.EMail = emailLow.ToLowerInvariant();

            person.ImageURL = Utils.GetGravatarUrl(usernameLow);

            return systemUser;
        }
Exemplo n.º 17
0
        private static UriPermission GetPermission(SystemUser user, string uri)
        {
            if (user == null || string.IsNullOrEmpty(uri)) {
                return null;
            }

            UriPermission permission = Db.SQL<UriPermission>("SELECT o.Permission FROM Simplified.Ring5.SystemUserUriPermission o WHERE o.Permission.Uri=? AND o.SystemUser=?", uri, user).First;
            if (permission != null) {
                return permission;
            }

            // Check user group
            var groups = Db.SQL<Simplified.Ring3.SystemUserGroupMember>("SELECT o FROM Simplified.Ring3.SystemUserGroupMember o WHERE o.SystemUser=?", user);
            foreach (var group in groups) {

                permission = GetPermissionFromGroup(group.SystemUserGroup, uri);
                if (permission != null) {
                    return permission;
                }
            }
            return null;
        }
Exemplo n.º 18
0
        /// <summary>
        /// Check if signed in user is an admin of the warehouse
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        static public bool IsAdmin(SystemUser user) {

            if (user == null) return false;

            return SystemUser.IsMemberOfGroup(user, Security.WarehouseAdminGroupName);
        }
Exemplo n.º 19
0
        /// <summary>
        /// Check if user is an admin
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        public static bool IsAdmin(SystemUser user)
        {
            if (user == null) return false;

            string allowedSystemUserGroup = "Admin (System Users)"; // TODO: Create playground keeper group?
            return SystemUser.IsMemberOfGroup(user, allowedSystemUserGroup);
        }
Exemplo n.º 20
0
        /// <summary>
        /// Signs in SystemUser without checking password
        /// </summary>
        /// <param name="systemUser">Instance of SystemUser to sign in</param>
        /// <returns>Newly created SystemUserSession</returns>
        public static SystemUserSession SignInSystemUser(SystemUser systemUser)
        {
            if (systemUser == null) {
                return null;
            }

            SystemUserSession userSession = null;

            Db.Transact(() => {
                SystemUserTokenKey token = new SystemUserTokenKey();

                token.Created = token.LastUsed = DateTime.UtcNow;
                token.Token = CreateAuthToken(systemUser.Username);
                token.User = systemUser;

                userSession = AssureSystemUserSession(token);
            });

            return userSession;
        }
Exemplo n.º 21
0
        /// <summary>
        /// Registers new SystemUser and creates related Person, EmailAddress, EmailAddressRelation objects. 
        /// NOTE: This method does no checks for username or email duplications, and does not commit changes!
        /// </summary>
        /// <param name="Username"></param>
        /// <param name="Email"></param>
        /// <param name="Password"></param>
        /// <returns>Newly created SystemUser instance</returns>
        public static SystemUser RegisterSystemUser(string Username, string Email, string Password)
        {
            string hash;
            string salt = Convert.ToBase64String(GenerateSalt(16));
            Person person = new Person();
            string relationTypeName = "Primary";
            EmailAddressRelationType type = Db.SQL<EmailAddressRelationType>("SELECT t FROM Simplified.Ring3.EmailAddressRelationType t WHERE t.Name = ?", relationTypeName).First;

            GeneratePasswordHash(Username.ToLower(), Password, salt, out hash);

            if (type == null) {
                type = new EmailAddressRelationType() {
                    Name = relationTypeName
                };
            }

            EmailAddress email = new EmailAddress() {
                Name = Email
            };

            EmailAddressRelation relation = new EmailAddressRelation() {
                ContactInfo = email,
                Somebody = person,
                ContactInfoRelationType = type
            };

            SystemUser user = new SystemUser() {
                Username = Username,
                WhoIs = person,
                Password = hash,
                PasswordSalt = salt
            };

            return user;
        }
Exemplo n.º 22
0
        public static bool IsMemberOfGroup(SystemUser User, SystemUserGroup Group)
        {
            if (User == null || Group == null) {
                return false;
            }

            SystemUserGroupMember group = Db.SQL<SystemUserGroupMember>("SELECT o FROM Simplified.Ring3.SystemUserGroupMember o WHERE o.SystemUser = ? AND o.SystemUserGroup = ?", User, Group).First;

            return group != null;
        }
Exemplo n.º 23
0
        public static bool IsMemberOfGroup(SystemUser User, string GroupName)
        {
            SystemUserGroup group = Db.SQL<SystemUserGroup>("SELECT g FROM Simplified.Ring3.SystemUserGroup g WHERE g.Name = ?", GroupName).First;

            return IsMemberOfGroup(User, group);
        }