Пример #1
0
 public CPGroup UpdateGroup(CPGroup group)
 {
     if (group == null)
     {
         return(null);
     }
     using (CPSecurityEntities context = new CPSecurityEntities())
     {
         var match = context.SecurityGroups.FirstOrDefault(g => g.GroupId == group.ID);
         if (match == null)
         {
             return(null);
         }
         match.GroupName  = group.Name;
         match.UserRights = (int)group.UserRights;
         try
         {
             context.SaveChanges();
         }
         catch (OptimisticConcurrencyException)
         {
             context.Refresh(RefreshMode.ClientWins, match);
             context.SaveChanges();
         }
         catch (ConstraintException)
         {
         }
         return(GetGroup(match.GroupName));
     }
 }
Пример #2
0
        public bool ChangePassword(string username, string oldPassword, string newPassword)
        {
            MembershipUser user = Membership.GetUser(username);

            if (user != null && user.ChangePassword(oldPassword, newPassword))
            {
                using (CPSecurityEntities context = new CPSecurityEntities())
                {
                    var match = context.SecurityUserProfiles.FirstOrDefault(p => p.UserName == username);
                    if (match != null)
                    {
                        match.PasswordExpired = false;
                        try
                        {
                            context.SaveChanges();
                        }
                        catch (OptimisticConcurrencyException)
                        {
                            context.Refresh(RefreshMode.ClientWins, match);
                            context.SaveChanges();
                        }
                    }
                }
                return(true);
            }
            return(false);
        }
Пример #3
0
 public bool RemoveUserFromGroups(string username, List <byte> groupIDs)
 {
     if (groupIDs == null || groupIDs.Count == 0)
     {
         return(true);
     }
     using (CPSecurityEntities context = new CPSecurityEntities())
     {
         foreach (var m in from m in context.SecurityGroupMemberships
                  where m.UserName == username && groupIDs.Contains(m.GroupId)
                  select m)
         {
             context.DeleteObject(m);
         }
         try
         {
             context.SaveChanges();
             return(true);
         }
         catch (ConstraintException)
         {
             return(false);
         }
     }
 }
Пример #4
0
 public bool AddUserToGroups(string username, List <byte> groupIDs)
 {
     using (CPSecurityEntities context = new CPSecurityEntities())
     {
         foreach (var id in (groupIDs ?? new List <byte>()).Except(from m in context.SecurityGroupMemberships
                                                                   where m.UserName == username
                                                                   select m.GroupId))
         {
             context.SecurityGroupMemberships.AddObject(new SecurityGroupMembership()
             {
                 UserName = username,
                 GroupId  = id
             });
         }
         try
         {
             context.SaveChanges();
             return(true);
         }
         catch (ConstraintException)
         {
             return(false);
         }
     }
 }
Пример #5
0
 /// <summary>
 /// Creates a new login token for authenticating a specific user for a specific application.
 /// </summary>
 /// <param name="username">The login name of the user requesting authentication.</param>
 /// <param name="applicationID">The unique identifier of the application requesting authentication.</param>
 /// <returns>A new login token if the specified user has access to the specified application; otherwise, null.</returns>
 public Token CreateToken(string username, byte applicationID)
 {
     using (CPSecurityEntities context = new CPSecurityEntities())
     {
         var app = context.SecuritySsoApplications.FirstOrDefault(a => a.ApplicationId == applicationID);
         if (app != null && HasUserRights(username, (CPUserRights)app.UserRights))
         {
             SecuritySsoToken token = new SecuritySsoToken()
             {
                 UserName = username,
                 SecuritySsoApplication = app
             };
             try
             {
                 context.SecuritySsoTokens.AddObject(token);
                 context.SaveChanges();
                 return(TokenFactory.CreateToken(token));
             }
             catch
             {
             }
         }
     }
     return(null);
 }
Пример #6
0
        /// <summary>
        /// Deletes a security user profile from the datastore.
        /// </summary>
        /// <param name="context">The datastore entity context to use.</param>
        /// <param name="username">The username of the profile to delete.</param>
        public static void DeleteSecurityUserProfile(this CPSecurityEntities context, string username)
        {
            var match = context.SecurityUserProfiles.FirstOrDefault(p => p.UserName == username);

            if (match != null)
            {
                try
                {
                    context.DeleteObject(match);
                    context.SaveChanges();
                }
                catch (OptimisticConcurrencyException)
                {
                    context.Refresh(RefreshMode.ClientWins, match);
                    context.DeleteObject(match);
                }
            }
        }
Пример #7
0
        /// <summary>
        /// Adds a new security user profile entity instance to the datastore.
        /// </summary>
        /// <param name="context">The datastore entity context to use.</param>
        /// <param name="username">The username for the new profile.</param>
        /// <param name="candidateID">The candidate ID for the new profile.</param>
        /// <param name="displayName">The display name for the profile.</param>
        /// <param name="type">The entity type of the CFB-registered contact used to create the profile.</param>
        /// <param name="committeeID">If not representing a candidate, the ID of the profile's committee.</param>
        /// <param name="electionCycle">If representing a treasurer, the election cycle for which the profile's committee is authorized.</param>
        /// <param name="liaisonID">If representing a liaison, the committee-relative liaison ID of the profile.</param>
        /// <param name="passwordExpired">Indicates whether or not the password on the newly created profile is to be expired.</param>
        /// <returns>A <see cref="SecurityUserProfile"/> instance representing the newly created profile that has been added to the datastore.</returns>
        public static SecurityUserProfile AddToSecurityUserProfiles(this CPSecurityEntities context, string username, string candidateID, string displayName = null, EntityType type = EntityType.Generic, char?committeeID = null, string electionCycle = null, byte?liaisonID = null, bool passwordExpired = true)
        {
            if (context == null || string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(candidateID))
            {
                return(null);
            }
            SecurityUserProfile profile = SecurityUserProfile.CreateSecurityUserProfile(username, candidateID, passwordExpired, (byte)type);

            profile.DisplayName = displayName;
            if (committeeID.HasValue)
            {
                profile.CfisCommitteeID = committeeID.Value.ToString();
            }
            profile.CfisCommitteeContactID = liaisonID.HasValue ? liaisonID.Value.ToString() : electionCycle;
            context.SecurityUserProfiles.AddObject(profile);
            context.SaveChanges();
            return(profile);
        }
Пример #8
0
        /// <summary>
        /// Checks whether or not a login token exists and is valid for authentication.
        /// </summary>
        /// <param name="tokenID">The unique identifier of the token to validate.</param>
        /// <returns>The login name of the user attempting to authenticate with the specified token, if valid; otherwise, null.</returns>
        /// <remarks>The login token is automatically discarded once validated.</remarks>
        public string ValidateToken(Guid tokenID)
        {
            string username = null;

            if (tokenID != null)
            {
                using (CPSecurityEntities context = new CPSecurityEntities())
                {
                    var token = context.SecuritySsoTokens.FirstOrDefault(t => t.TokenId == tokenID);
                    if (token != null)
                    {
                        if (DateTime.Now <= token.Created.Add(Properties.Settings.Default.TokenValidationWindow))
                        {
                            username = token.UserName;
                        }
                        context.DeleteObject(token);
                        context.SaveChanges();
                    }
                }
            }
            return(username);
        }
Пример #9
0
 public CPGroup CreateGroup(string groupName)
 {
     using (CPSecurityEntities context = new CPSecurityEntities())
     {
         if (!context.SecurityGroups.Any(g => g.GroupName == groupName))
         {
             SecurityGroup group = new SecurityGroup()
             {
                 GroupName = groupName
             };
             try
             {
                 context.SecurityGroups.AddObject(group);
                 context.SaveChanges();
                 return(CPGroupFactory.CreateGroup(group));
             }
             catch (ConstraintException)
             {
             }
         }
     }
     return(null);
 }
Пример #10
0
 public bool DeleteGroup(string groupName)
 {
     using (CPSecurityEntities context = new CPSecurityEntities())
     {
         var match = context.SecurityGroups.FirstOrDefault(g => g.GroupName == groupName);
         if (match == null)
         {
             return(true);
         }
         context.DeleteObject(match);
         try
         {
             return(context.SaveChanges() > 0);
         }
         catch (OptimisticConcurrencyException)
         {
             return(false);
         }
         catch (ConstraintException)
         {
             return(false);
         }
     }
 }
Пример #11
0
        public UpdateResult UpdateUser(CPUser user)
        {
            UpdateResultState state = UpdateResultState.Success;

            // .NET Membership properties
            MembershipUser muser = user == null ? null : Membership.GetUser(user.UserName);

            if (muser == null)
            {
                state |= UpdateResultState.MembershipUserNotFound;
            }
            else
            {
                bool dirty = false;
                if (muser.Email != user.Email)
                {
                    muser.Email = user.Email;
                    dirty       = true;
                }
                if (muser.IsApproved != user.Enabled)
                {
                    muser.IsApproved = user.Enabled;
                    dirty            = true;
                }
                if (muser.IsLockedOut && !user.LockedOut)
                {
                    muser.UnlockUser();
                    dirty = true;
                }
                if (dirty)
                {
                    try
                    {
                        Membership.UpdateUser(muser);
                    }
                    catch
                    {
                        state |= UpdateResultState.AspNetMembershipFailure;
                    }
                }

                // C-Access Security
                using (CPSecurityEntities context = new CPSecurityEntities())
                {
                    var match = context.SecurityUserProfiles.FirstOrDefault(u => u.UserName == user.UserName);
                    if (match == null)
                    {
                        state |= UpdateResultState.ProfileNotFound;
                    }
                    else
                    {
                        // basic properties
                        match.CandidateId            = user.Cid;
                        match.DisplayName            = user.DisplayName;
                        match.CfisType               = (byte)user.SourceType;
                        match.CfisCommitteeID        = user.SourceCommitteeID.HasValue ? user.SourceCommitteeID.Value.ToString() : null;
                        match.CfisCommitteeContactID = user.SourceLiaisonID.HasValue ? user.SourceLiaisonID.Value.ToString() : user.SourceElectionCycle;

                        // election cycles
                        var currentCycles = context.SecurityUserElectionCycles.Where(c => c.UserName == user.UserName);
                        var updateCycles  = user.ElectionCycles;
                        if (user.ImplicitElectionCycles == updateCycles.Any()) // implicit EC access requires both an empty EC collection AND a set flag
                        {
                            state |= UpdateResultState.ElectionCycleNotFound;
                        }
                        else
                        {
                            // delete old cycles
                            foreach (var cycle in currentCycles.Where(c => !updateCycles.Contains(c.ElectionCycle)))
                            {
                                context.SecurityUserElectionCycles.DeleteObject(cycle);
                            }
                            // add new cycles
                            foreach (var cycle in updateCycles.Except(currentCycles.Select(c => c.ElectionCycle)))
                            {
                                context.SecurityUserElectionCycles.AddObject(SecurityUserElectionCycle.CreateSecurityUserElectionCycle(user.UserName, cycle));
                            }
                        }

                        // save changes
                        try
                        {
                            context.SaveChanges();
                        }
                        catch (OptimisticConcurrencyException)
                        {
                            context.Refresh(RefreshMode.ClientWins, match);
                            context.SaveChanges();
                        }
                        catch (ConstraintException)
                        {
                            state |= UpdateResultState.ProfileFailure;
                        }
                    }
                }
            }
            return(new UpdateResult(GetUser(user.UserName), state));
        }