Exemplo n.º 1
0
 public UserEntity()
 {
     GoogleIDNumber = "";
     BattlelogID = "";
     AccountEnabled = true;
     Permissions = new PermissionSetEntity();
     PartitionKey = Permissions.Namespace;
     RowKey = GoogleIDNumber;
 }
Exemplo n.º 2
0
 public UserEntity(string googleIDNumber, string email, string battlelogID, bool accountEnabled,
                   PermissionSetEntity permissions)
 {
     GoogleIDNumber = googleIDNumber;
     Email = email;
     BattlelogID = battlelogID;
     AccountEnabled = accountEnabled;
     Permissions = permissions;
     PartitionKey = permissions.Namespace;
     RowKey = GoogleIDNumber;
 }
Exemplo n.º 3
0
        /// <summary>
        /// Loads permissions for all plugins from the global config file.
        /// </summary>
        public void LoadPermissionsFromConfig()
        {
            var config = Resources.Permissions;
            var lines = config.Split(new string[] { Environment.NewLine }, StringSplitOptions.None);
            var permissionSets = new List<PermissionSetEntity>();
            var permissionSet = new PermissionSetEntity();
            foreach (var line in lines)
            {
                var split = line.Split(':');

                //If we don't have at least two tokens, gtfo
                if (split.Length <= 1) continue;

                //Isolate the label (NAMESPACE or PERMISSIONS)
                var label = split[0];

                //This ugly-ass line splits a string like "anonymous, admin" into a list of comma-split, trimmed entries.
                var parameters = split[1].Split(',').Select(p => p.Trim()).ToList();

                //Let's not discriminate - nAmEsPaCe works too
                if (label.Equals("NAMESPACE", StringComparison.OrdinalIgnoreCase))
                {
                    permissionSet.Namespace = parameters[0];
                }
                else if(label.Equals("PERMISSIONS", StringComparison.OrdinalIgnoreCase))
                {
                    permissionSet.PermissionSet = parameters;
                    permissionSets.Add(permissionSet);
                    permissionSet = new PermissionSetEntity();
                }
            }

            //Upload each permissionSet to Table Store
            foreach (var pSet in permissionSets)
            {
                RoleUtility.SetPermissionSetEntity(pSet);
            }
        }
Exemplo n.º 4
0
        /// <summary>
        /// Attemps to validate a user given his OpenID token as well as a PermissionSet
        /// Every permission in the permissionSet parameter must be present in the user's permission set for the function to return true
        /// In addition, the user record is updated according to the following rules:
        ///     1. The token is used to retrieve the GoogleIDNumber of the user
        ///     2. The GoogleIDNumber is used to retrieve the user from the database
        ///     3. If the entry does not exist, return false
        ///     3. If the email in the record does not match the email provided by the user parameter, the table is updated with the new email
        /// </summary>
        /// <param name="token">Google auth token</param>
        /// <param name="email">Email of the user to be validated</param>
        /// <param name="permissionSet">PermissionSet containing all permissions for which the user is to be validated</param>
        /// <param name="debugID">Debug parameter if we want to use our own ID</param>
        /// <returns></returns>
        public bool ValidateUser(string token, string email, PermissionSetEntity permissionSet, string debugID)
        {
            try
            {
                string userid = "";
                if (debugID.Equals(""))
                {
                    var request = WebRequest.Create("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=" + token);
                    request.Method = "GET";
                    using (var response = (HttpWebResponse) request.GetResponse())
                    {
                        using (var reader = new StreamReader(response.GetResponseStream()))
                        {
                            var js = new JavaScriptSerializer();
                            var obj = js.Deserialize<dynamic>(reader.ReadToEnd());
                            userid = obj["user_id"];
                        }
                    }
                }
                else
                {
                    userid = debugID;
                }

                var existingUser = RoleUtility.GetUserEntity(permissionSet.Namespace, userid);

                //Resharper is amazing - this returns false if any permissions are not found or the user is null, otherwise returns true
                var validated = existingUser != null && permissionSet.PermissionSet.All(permission => existingUser.Permissions.PermissionSet.Contains(permission));

                // If that GoogleIDNumber exists, check to make sure the emails match
                // If they don't, update the record with the new email
                if (existingUser != null)
                {
                    if (!existingUser.Email.Equals(email))
                    {
                        existingUser.Email = email;
                        RoleUtility.SetUserEntity(existingUser);
                    }
                }

                return validated;
            }
            catch (Exception e)
            {
                if (!(e is WebException))
                {
                    LogUtility.Log(GetType().Name, MethodBase.GetCurrentMethod().Name, e.Message);
                }
                return false;
            }
        }
Exemplo n.º 5
0
 public void SetPermissionSetEntity(PermissionSetEntity permissionSet)
 {
     var permissionSetEntity = GetPermissionSetEntity(permissionSet.Namespace);
     if (permissionSetEntity == null)
     {
         var insertOp = TableOperation.Insert(permissionSet);
         PermissionSetTable.Execute(insertOp);
     }
     else
     {
         try
         {
             permissionSetEntity.Namespace = permissionSet.Namespace;
             permissionSetEntity.PermissionSet = permissionSet.PermissionSet;
             var insertOrReplaceOperation = TableOperation.InsertOrReplace(permissionSetEntity);
             PermissionSetTable.Execute(insertOrReplaceOperation);
         }
         catch (Exception e)
         {
             LogUtility.Log(GetType().Name, MethodBase.GetCurrentMethod().Name, e.Message);
         }
     }
 }
Exemplo n.º 6
0
 public bool ValidateUser(string token, string email, PermissionSetEntity permissionSet, string debugID = "")
 {
     return PermissionsUtil.ValidateUser(token, email, permissionSet, debugID);
 }