protected void Page_Load(object sender, EventArgs e) { this.item = (IAzManItem)this.Session["item"]; this.itemType = (ItemType)this.Session["itemType"]; this.application = this.item.Application; switch (this.itemType) { case ItemType.Role: this.setImage("Role_32x32.gif"); this.Text = "Roles list"; break; case ItemType.Task: this.setImage("Task_32x32.gif"); this.Text = "Tasks list"; break; case ItemType.Operation: this.setImage("Operation_32x32.gif"); this.Text = "Operations list"; break; } this.Description = this.Text; this.Title = this.Text; if (!Page.IsPostBack) { this.RefreshItemsList(); } }
private void Form_Load(object sender, EventArgs e) { _Storage = (IAzManStorage)Session["storage"]; if (Session["selectedObject"] as IAzManStore != null) { _Store = Session["selectedObject"] as IAzManStore; } if (Session["selectedObject"] as IAzManApplication != null) { _Application = Session["selectedObject"] as IAzManApplication; _Store = _Application.Store; } if (Session["selectedObject"] as IAzManItem != null) { _AzManItem = Session["selectedObject"] as IAzManItem; _Application = _AzManItem.Application; _Store = _Application.Store; } if (Session["selectedObject"] as IAzManApplicationGroup != null) { _ApplicationGroup = Session["selectedObject"] as IAzManApplicationGroup; _Application = _ApplicationGroup.Application; _Store = _Application.Store; } _Mode = String.IsNullOrEmpty(_AzManItem.BizRuleSource) ? Mode.Create : Mode.Update; SetAttributes(); SetToolBar(); LoadBizRule(); }
protected void btnRemoveTask_Click(object sender, EventArgs e) { for (int i = 0; i < this.dgTasks.Rows.Count; i++) { if (((System.Web.UI.WebControls.CheckBox) this.dgTasks.Rows[i].FindControl("chkSelect")).Checked) { string itemId = this.dgTasks.Rows[i].Cells[3].Text; foreach (ListViewItem lvi in this.lsvTasks.Items) { if (lvi.SubItems[1].Text == itemId) { if ((lvi.Tag as IAzManItem) != null) { IAzManItem lviTag = (IAzManItem)(lvi.Tag); this.MembersToRemove.Add(lviTag.Name); this.modified = true; } else if ((lvi.Tag as GenericMember) != null) { GenericMember lviTag = (GenericMember)(lvi.Tag); if (this.MembersToAdd.Contains(lviTag.Name)) { this.MembersToAdd.Remove(lviTag.Name); this.modified = true; } } } } } } this.RefreshItems(); }
private void raiseAuthorizationDeleted(IAzManItem ownerItem, IAzManSid owner, IAzManSid sid) { if (this.AuthorizationDeleted != null) { this.AuthorizationDeleted(ownerItem, owner, sid); } }
protected void btnCreateStore_Click(object sender, EventArgs e) { IAzManStorage storage = new SqlAzManStorage(ConfigurationManager.ConnectionStrings["NetSqlAzManStorage"].ConnectionString); storage.OpenConnection(); try { storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted); IAzManStore store = storage.CreateStore("Store Created Programmatically", "store description"); for (int i = 0; i < 10; i++) { IAzManApplication app = store.CreateApplication("App " + i.ToString(), "application description"); IAzManItem prevItem = null; for (int j = 0; j < 10; j++) { IAzManItem item = app.CreateItem("Item " + j.ToString(), "item description", ItemType.Operation); if (prevItem != null) { item.AddMember(prevItem); } prevItem = item; } } storage.CommitTransaction(); } catch { storage.RollBackTransaction(); throw; } finally { storage.CloseConnection(); } }
public ItemDefinitionScopeNode(IAzManItem item) : base(true) { this.item = item; // Create a message view for the Store node. MMC.MmcListViewDescription lvdItems = new MMC.MmcListViewDescription(); switch (this.item.ItemType) { case ItemType.Role: lvdItems.DisplayName = Globalization.MultilanguageResource.GetString("ListView_Msg30"); break; case ItemType.Task: lvdItems.DisplayName = Globalization.MultilanguageResource.GetString("ListView_Msg40"); break; case ItemType.Operation: lvdItems.DisplayName = Globalization.MultilanguageResource.GetString("ListView_Msg50"); break; } lvdItems.ViewType = typeof(ItemMembersListView); lvdItems.Options = MMC.MmcListViewOptions.AllowUserInitiatedModeChanges; this.ViewDescriptions.Clear(); this.ViewDescriptions.Add(lvdItems); this.ViewDescriptions.DefaultIndex = 0; this.RenderItemDefinitionScopeNode(); }
/// <summary> /// Removes a role from the data source for the configured applicationName. /// </summary> /// <param name="roleName">The name of the role to delete.</param> /// <param name="throwOnPopulatedRole">If true, throw an exception if roleName has one or more members and do not delete roleName.</param> /// <returns> /// true if the role was successfully deleted; otherwise, false. /// </returns> public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) { using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString)) { IAzManApplication application = storage[this.storeName][this.applicationName]; IAzManItem role = application[roleName]; if (role == null) { throw new ArgumentNullException("roleName"); } if (roleName.Trim() == String.Empty) { throw new ArgumentException("roleName parameter cannot be empty."); } if (role.ItemType != ItemType.Role) { throw new ArgumentException(String.Format("{0} must be a Role.", roleName), "roleName"); } if (throwOnPopulatedRole && application[roleName].GetMembers().Length > 0) { throw new ProviderException(String.Format("{0} has one or more members and cannot be deleted.", roleName)); } role.Delete(); //Rebuild StorageCache this.InvalidateCache(false); return(true); } }
private void Form_Load(object sender, EventArgs e) { _Storage = (IAzManStorage)Session["storage"]; if (Session["selectedObject"] as IAzManStore != null) { _Store = Session["selectedObject"] as IAzManStore; } if (Session["selectedObject"] as IAzManApplication != null) { _Application = Session["selectedObject"] as IAzManApplication; _Store = _Application.Store; } if (Session["selectedObject"] as IAzManItem != null) { _AuthItem = Session["selectedObject"] as IAzManItem; _Application = _AuthItem.Application; _Store = _Application.Store; } if (Session["selectedObject"] as IAzManApplicationGroup != null) { _ApplicationGroup = Session["selectedObject"] as IAzManApplicationGroup; _Application = _ApplicationGroup.Application; _Store = _Application.Store; } SetAttributes(); SetToolBar(); LoadList(); }
private void btnRemoveTask_Click(object sender, EventArgs e) { this.DialogResult = DialogResult.None; this.HourGlass(true); foreach (ListViewItem lvi in this.lsvTasks.CheckedItems) { if ((lvi.Tag as IAzManItem) != null) { IAzManItem lviTag = (IAzManItem)(lvi.Tag); this.MembersToRemove.Add(lviTag.Name); this.modified = true; } else if ((lvi.Tag as GenericMember) != null) { GenericMember lviTag = (GenericMember)(lvi.Tag); if (this.MembersToAdd.Contains(lviTag.Name)) { this.MembersToAdd.Remove(lviTag.Name); this.modified = true; } } } this.RefreshItems(); if (this.lsvTasks.Items.Count == 0 || this.lsvTasks.CheckedItems.Count == 0) { this.btnRemoveTask.Enabled = false; } this.HourGlass(false); }
/// <summary> /// Remove Authorization Delegate /// </summary> private void RemoveDelegate() { // USER MUST BE A MEMBER OF SQL DATABASE ROLE: NetSqlAzMan_Users //Sql Storage connection string string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=netsqlazmanuser;password=password"; //Create an instance of SqlAzManStorage class IAzManStorage storage = new SqlAzManStorage(sqlConnectionString); IAzManStore mystore = storage.GetStore("My Store"); //or storage["My Store"] IAzManApplication myapp = mystore.GetApplication("My Application"); IAzManItem myop = myapp.GetItem("My Operation"); //Retrieve current user identity (delegating user) WindowsIdentity userIdentity = ((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()); //for Windows Applications //WindowsIdentity userIdentity = this.Request.LogonUserIdentity; //for ASP.NET Applications //Retrieve delegate user Login NTAccount delegateUserLogin = new NTAccount("DOMAIN", "delegateuseraccount"); //Retrieve delegate user SID SecurityIdentifier delegateSID = (SecurityIdentifier)delegateUserLogin.Translate(typeof(SecurityIdentifier)); IAzManSid delegateNetSqlAzManSID = new SqlAzManSID(delegateSID); //Estabilish delegate authorization (only Allow or Deny) RestrictedAuthorizationType delegateAuthorization = RestrictedAuthorizationType.Allow; //Remove delegate and all custom attributes myop.DeleteDelegateAuthorization(userIdentity, delegateNetSqlAzManSID, delegateAuthorization); }
private void Form_Load(object sender, EventArgs e) { _Storage = (IAzManStorage)Session["storage"]; if (Session["selectedObject"] as IAzManStore != null) { _Store = Session["selectedObject"] as IAzManStore; } if (Session["selectedObject"] as IAzManApplication != null) { _Application = Session["selectedObject"] as IAzManApplication; _Store = _Application.Store; } if (Session["selectedObject"] as IAzManItem != null) { _AuthItem = Session["selectedObject"] as IAzManItem; _Application = _AuthItem.Application; _Store = _Application.Store; _Authorization = _AuthItem.GetAuthorization(_AuthorizationID); MemberType memberType = _Authorization.GetMemberInfo(out _DisplayName); } if (Session["selectedObject"] as IAzManApplicationGroup != null) { _ApplicationGroup = Session["selectedObject"] as IAzManApplicationGroup; _Application = _ApplicationGroup.Application; _Store = _Application.Store; } SetAttributes(); SetToolBar(); SetListView(); LoadList(); }
/// <summary> /// حذف نقش از کاربر /// </summary> public bool RemoveUserFromRole(string userName, string role) { fullUserName = GetUserNameWithoutDomain(userName) + _fullDomainName; try { WindowsIdentity wi = new WindowsIdentity(fullUserName); AzmanSid sid = new AzmanSid(wi); IAzManStorage storage = new SqlAzManStorage(_azManConnectionString); storage.OpenConnection(); //دریافت نقش IAzManItem itemRole = storage[_storageName][_applicationName][role]; //دریافت اطلاعات کاربرانی که با این نقش احراز هویت شده اند IAzManAuthorization[] authorizations = itemRole.GetAuthorizations(); var userAuth = authorizations.FirstOrDefault(a => a.SID.StringValue == sid.StringValue); if (userAuth != null) { userAuth.Delete(); } storage.CloseConnection(); result = true; } catch (Exception ex) { //log ex } return(result); }
private void Form_Load(object sender, EventArgs e) { _Storage = (IAzManStorage)Session["storage"]; if (Session["selectedObject"] as IAzManStore != null) { _Store = Session["selectedObject"] as IAzManStore; } if (Session["selectedObject"] as IAzManApplication != null) { _Application = Session["selectedObject"] as IAzManApplication; _Store = _Application.Store; } if (Session["selectedObject"] as IAzManItem != null) { _Task = Session["selectedObject"] as IAzManItem; _Application = _Task.Application; _Store = _Application.Store; } if (Session["selectedObject"] as IAzManApplicationGroup != null) { _ApplicationGroup = Session["selectedObject"] as IAzManApplicationGroup; _Application = _ApplicationGroup.Application; _Store = _Application.Store; } _Mode = (_Task == null) ? Mode.Create : Mode.Update; SetAttributes(); LoadTab(); }
public bool AddRole(string user, string application, string role) { const string store = "CATS"; string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString; IAzManStorage storage = new SqlAzManStorage(connectionString); IAzManStore mystore = storage.GetStore(store); //or storage["My Store"] IAzManApplication myapp = mystore.GetApplication(application); //mystore.GetApplications(); IAzManItem azManRole = myapp.GetItem(role); IAzManAuthorization dele = azManRole.CreateAuthorization( mystore.GetDBUser("Admin").CustomSid, WhereDefined.Database, mystore.GetDBUser(user).CustomSid, WhereDefined.Database, AuthorizationType.AllowWithDelegation, null, null ); //IAzManAuthorization del = azManRole.CreateDelegateAuthorization(mystore.GetDBUser("Admin"),mystore.GetDBUser(user).CustomSid,RestrictedAuthorizationType.Allow, null,null); return(true); }
/// <summary> /// افزودن نقش به کاربر /// </summary> public bool AddUserToRole(string userName, string roleName) { try { WindowsIdentity wi = new WindowsIdentity(GetUserNameWithoutDomain(userName) + _fullDomainName); AzmanSid sid = new AzmanSid(wi); IAzManStorage storage = new SqlAzManStorage(_azManConnectionString); storage.OpenConnection(); //اگر نقش مورد نظر در ای زد من تعریف شده بود if (RoleExists(roleName)) { IAzManItem itemRole = storage[_storageName][_applicationName][roleName]; //نقش به کاربر اختصاص داده شود IAzManAuthorization auth = itemRole.CreateAuthorization(sid, WhereDefined.LDAP, sid, WhereDefined.LDAP, AuthorizationType.Allow, null, null); } storage.CloseConnection(); result = true; } catch (Exception ex) { //log ex } return(result); }
/// <summary> /// Gets a list of users in the specified role for the configured applicationName. /// </summary> /// <param name="roleName">The name of the role to get the list of users for.</param> /// <returns> /// A string array containing the names of all the users who are members of the specified role for the configured applicationName. /// </returns> public override string[] GetUsersInRole(string roleName) { using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString)) { IAzManApplication application = storage[this.storeName][this.applicationName]; IAzManItem role = application[roleName]; if (role.ItemType != ItemType.Role) { throw new ArgumentException(String.Format("{0} must be a Role.", roleName), "roleName"); } IAzManAuthorization[] authz = role.GetAuthorizations(); List <string> users = new List <string>(); foreach (IAzManAuthorization auth in authz) { if (auth.AuthorizationType == AuthorizationType.Allow || auth.AuthorizationType == AuthorizationType.AllowWithDelegation) { if (auth.SidWhereDefined == WhereDefined.Local || auth.SidWhereDefined == WhereDefined.LDAP) { string displayName; auth.GetMemberInfo(out displayName); users.Add(displayName); } else if (auth.SidWhereDefined == WhereDefined.Database) { users.Add(application.GetDBUser(auth.SID).UserName); } } } return(users.ToArray()); } }
private void AddRole(TreeNode parent, IAzManItem item, TreeNode applicationNode) { TreeNode node = new TreeNode(item.Name, item.Name, this.getImageUrl("Role_16x16.gif")); node.ToolTip = item.Description; parent.ChildNodes.Add(node); foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Role) { this.AddRole(node, subItem, applicationNode); } } foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Task) { this.AddTask(node, subItem, applicationNode); } } foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Operation) { this.AddOperation(node, subItem, applicationNode); } } node.Collapse(); }
internal static SqlAzManException BizRuleException(IAzManItem item, Exception innerException) { SqlAzManException ex = new SqlAzManException(String.Format("BizRule Error. Store '{0}', Application '{1}', Item '{2}'.", item.Application.Store.Name, item.Application.Name, item.Name), innerException); addParameter(ex, item); return(ex); }
private void AddTask(TreeNode parent, IAzManItem item, TreeNode applicationNode) { TreeNode node = new TreeNode(item.Name, 4, 4); node.ToolTipText = item.Description; node.Tag = item; parent.Nodes.Add(node); foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Task) { this.AddTask(node, subItem, applicationNode); node.Expand(); /*Application.DoEvents();*/ } } foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Operation) { this.AddOperation(node, subItem, applicationNode); node.Expand(); /*Application.DoEvents();*/ } } }
/// <summary> /// بررسی وجود نقش برای کاربر /// </summary> public bool IsInRole(string userName, string roleName) { fullUserName = GetUserNameWithoutDomain(userName) + _fullDomainName; try { WindowsIdentity wi = new WindowsIdentity(fullUserName); AzmanSid sid = new AzmanSid(wi); var storage = new SqlAzManStorage(_azManConnectionString); storage.OpenConnection(); //اگر نقش مورد نظر موجود بود if (RoleExists(roleName)) { IAzManItem itemRole = storage[_storageName][_applicationName][roleName]; IAzManAuthorization[] authorizations = itemRole.GetAuthorizations(); //اگر کاربر با این نقش احراز هویت شده result = authorizations.Any(i => i.SID.StringValue == sid.StringValue); } storage.CloseConnection(); } catch (Exception ex) { //log ex } return(result); }
private void AddTask(TreeNode parent, IAzManItem item, TreeNode applicationNode) { Font font = new Font("Tahoma", 11, FontStyle.Regular, GraphicsUnit.Pixel); TreeNode node = new TreeNode() { Image = new IconResourceHandle(GlobalVars.Theme + ".16.mdi-clipboard-check-outline.png"), Label = item.Name, NodeFont = font, //Tag = Enums.AzManItemType.Application }; //TreeNode node = new TreeNode(item.Name, item.Name, this.getImageUrl("Task_16x16.gif")); //node.ToolTip = item.Description; parent.Nodes.Add(node); foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Task) { this.AddTask(node, subItem, applicationNode); } } if (item.Application.Store.Storage.Mode == NetSqlAzManMode.Developer) { foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Operation) { this.AddOperation(node, subItem, applicationNode); } } } node.Collapse(); }
private void AddTask(TreeNode parent, IAzManItem item, TreeNode applicationNode) { TreeNode node = new TreeNode(item.Name, item.Name, this.getImageUrl("Task_16x16.gif")); node.ToolTip = item.Description; parent.ChildNodes.Add(node); this.AddAuthorizations(node, item); foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Task) { this.AddTask(node, subItem, applicationNode); } } if (item.Application.Store.Storage.Mode == NetSqlAzManMode.Developer) { foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Operation) { this.AddOperation(node, subItem, applicationNode); } } } node.Collapse(); }
private void SaveRecord() { _Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted); foreach (ListViewItem item in lvwItemList.Items) { #region update checked items only, not selected if (item.Checked) { _SelectedItems.Add(item); #region 立即 save try { IAzManItem member = _Application.GetItem(item.SubItems[0].Text); _AuthItem.AddMember(member); } catch (Exception ex) { //throw (ex); MessageBox.Show(ex.Message, "Error Found", MessageBoxButtons.OK, MessageBoxIcon.Error, new EventHandler(ErrorPrompt)); //MessageBox.Show(ex.Message, "Error Found"); } #endregion } #endregion } _Storage.CommitTransaction(); MessageBox.Show("Error Found"); }
/// <summary> /// Adds the specified user names to the specified roles for the configured applicationName. /// </summary> /// <param name="usernames">A string array of user names to be added to the specified roles.</param> /// <param name="roleNames">A string array of the role names to add the specified user names to.</param> public override void AddUsersToRoles(string[] usernames, string[] roleNames) { using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString)) { try { storage.OpenConnection(); storage.BeginTransaction(); IAzManApplication application = storage[this.storeName][this.applicationName]; foreach (string roleName in roleNames) { IAzManItem role = application.GetItem(roleName); if (role.ItemType != ItemType.Role) { throw new ArgumentException(String.Format("{0} must be a Role.", roleName)); } foreach (string username in usernames) { IAzManSid owner = new SqlAzManSID(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User); WhereDefined whereDefined = WhereDefined.LDAP; if (this.userLookupType == "LDAP") { string fqun = this.getFQUN(username); NTAccount ntaccount = new NTAccount(fqun); if (ntaccount == null) { throw SqlAzManException.UserNotFoundException(username, null); } IAzManSid sid = new SqlAzManSID(((SecurityIdentifier)(ntaccount.Translate(typeof(SecurityIdentifier))))); if (sid == null) { throw SqlAzManException.UserNotFoundException(username, null); } role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.LDAP, AuthorizationType.Allow, null, null); } else { var dbuser = application.GetDBUser(username); IAzManSid sid = dbuser.CustomSid; role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.Database, AuthorizationType.Allow, null, null); } } } storage.CommitTransaction(); //Rebuild StorageCache this.InvalidateCache(false); } catch { storage.RollBackTransaction(); throw; } finally { storage.CloseConnection(); } } }
private AuthorizationType NetSqlAzManTestCheckAccess() { WindowsIdentity userIdentity = WindowsIdentity.GetCurrent(); IAzManStorage storage = new SqlAzManStorage(NetSqlAzManStorePath); IAzManItem item = storage["Store Test"]["Application Test"][this.txtItem.Text]; return(item.CheckAccess(userIdentity, DateTime.Now)); }
private ListViewItem CreateListViewItem(IAzManItem member) { ListViewItem lvi = new ListViewItem(); lvi.Tag = member; lvi.Text = member.Name; lvi.ImageIndex = 0; lvi.SubItems.Add(member.Description); return(lvi); }
protected void btnUndelegate_Click(object sender, EventArgs e) { NTAccount delegatedNTAccount = new NTAccount("ProductManager1"); SecurityIdentifier delegatedSid = (SecurityIdentifier)delegatedNTAccount.Translate(typeof(SecurityIdentifier)); IAzManItem item = this.application["Controllo del Budget"]; item.DeleteDelegateAuthorization(this.identity, new SqlAzManSID(delegatedSid), RestrictedAuthorizationType.Allow); this.btnDelegateForBudgetCheck.Enabled = true; this.btnUndelegate.Enabled = false; }
private ListViewItem CreateListViewItem(IAzManItem member) { ListViewItem lvi = new ListViewItem(); lvi.Tag = member; lvi.Text = member.Name; lvi.SubItems.Add(member.Description); lvi.SubItems.Add(member.ItemId.ToString()); return(lvi); }
private ListViewItem CreateListViewItem(string member, int itemId) { ListViewItem lvi = new ListViewItem(); IAzManItem item = this.item.Application.GetItem(member); lvi.Tag = new GenericMember(item.Name, item.Description); lvi.Text = member; lvi.SubItems.Add(item.Description); lvi.SubItems.Add(itemId.ToString()); return(lvi); }
protected void Page_Load(object sender, EventArgs e) { this.item = this.Session["selectedObject"] as IAzManItem; this.Text = String.Format("Item Attributes: {0}", this.item.Name); this.Title = this.Text; this.Description = this.Text; if (!Page.IsPostBack) { this.bindGridView(); } }
internal SqlAzManAuthorization(NetSqlAzManStorageDataContext db, IAzManItem item, int authorizationId, IAzManSid owner, WhereDefined ownerSidWhereDefined, IAzManSid sid, WhereDefined objectSidWhereDefined, AuthorizationType authorizationType, DateTime? validFrom, DateTime? validTo, SqlAzManENS ens) { this.db = db; this.authorizationId = authorizationId; this.item = item; this.owner = owner; this.ownerSidWhereDefined = ownerSidWhereDefined; this.sid = sid; this.sidWhereDefined = objectSidWhereDefined; this.authorizationType = authorizationType; this.validFrom = validFrom; this.validTo = validTo; this.ens = ens; }
public ItemAuthorizationScopeNode(IAzManItem item) : base(true) { this.item = item; // Create a message view for the Item node. MMC.MmcListViewDescription lvdItems = new MMC.MmcListViewDescription(); lvdItems.DisplayName = Globalization.MultilanguageResource.GetString("Menu_Msg30"); lvdItems.ViewType = typeof(AuthorizationsListView); lvdItems.Options = MMC.MmcListViewOptions.AllowUserInitiatedModeChanges; this.ViewDescriptions.Clear(); this.ViewDescriptions.Add(lvdItems); this.ViewDescriptions.DefaultIndex = 0; this.RenderItemAuthorizationScopeNode(); }
/// <summary> /// Adds the IAzManItem publisher. /// </summary> /// <param name="publisher">The publisher.</param> internal void AddPublisher(IAzManItem publisher) { publisher.ItemAttributeCreated += new AttributeCreatedDelegate<IAzManItem>(delegate(IAzManItem owner, IAzManAttribute<IAzManItem> attributeCreated) { if (this.ItemAttributeCreated != null) this.ItemAttributeCreated(owner, attributeCreated); }); publisher.AuthorizationCreated += new AuthorizationCreatedDelegate(delegate(IAzManItem item, IAzManAuthorization authorizationCreated) { if (this.AuthorizationCreated != null) this.AuthorizationCreated(item, authorizationCreated); }); publisher.DelegateCreated += new DelegateCreatedDelegate(delegate(IAzManItem item, IAzManAuthorization delegationCreated) { if (this.DelegateCreated != null) this.DelegateCreated(item, delegationCreated); }); publisher.DelegateDeleted += new DelegateDeletedDelegate(delegate(IAzManItem item, IAzManSid delegatingUserSid, IAzManSid delegatedUserSid, RestrictedAuthorizationType authorizationType) { if (this.DelegateDeleted != null) this.DelegateDeleted(item, delegatingUserSid, delegatedUserSid, authorizationType); }); publisher.ItemDeleted += new ItemDeletedDelegate(delegate(IAzManApplication applicationContainer, string itemName, ItemType itemType) { if (this.ItemDeleted != null) this.ItemDeleted(applicationContainer, itemName, itemType); }); publisher.ItemRenamed += new ItemRenamedDelegate(delegate(IAzManItem item, string oldName) { if (this.ItemRenamed!=null) this.ItemRenamed(item, oldName); }); publisher.ItemUpdated += new ItemUpdatedDelegate(delegate(IAzManItem item, string oldDescription) { if (this.ItemUpdated!=null) this.ItemUpdated(item, oldDescription); }); publisher.BizRuleUpdated += new BizRuleUpdatedDelegate(delegate(IAzManItem item, string oldBizRule) { if (this.BizRuleUpdated != null) this.BizRuleUpdated(item, oldBizRule); }); publisher.MemberAdded += new MemberAddedDelegate(delegate(IAzManItem item, IAzManItem member) { if (this.MemberAdded != null) this.MemberAdded(item, member); }); publisher.MemberRemoved += new MemberRemovedDelegate(delegate(IAzManItem item, IAzManItem member) { if (this.MemberRemoved != null) this.MemberRemoved(item, member); }); }
private void commitChanges() { try { if (this.item == null) { this.item = this.application.CreateItem(this.txtName.Text.Trim(), this.txtDescription.Text.Trim(), this.itemType); this.frmItemProperties_Load(this, EventArgs.Empty); } else { this.item.Application.Store.Storage.BeginTransaction(AzManIsolationLevel.ReadUncommitted); this.item.Rename(this.txtName.Text.Trim()); this.item.Update(this.txtDescription.Text.Trim()); //Members //Members To Add foreach (string member in this.MembersToAdd) { IAzManItem item = this.item.Application.GetItem(member); this.item.AddMember(item); } //Members To Remove foreach (string member in this.MembersToRemove) { IAzManItem item = this.item.Application.GetItem(member); this.item.RemoveMember(item); } this.MembersToAdd.Clear(); this.MembersToRemove.Clear(); this.modified = false; this.item.Application.Store.Storage.CommitTransaction(); } this.HourGlass(false); } catch { this.HourGlass(false); if (this.item!=null && this.item.Application.Store.Storage.TransactionInProgress) this.item.Application.Store.Storage.RollBackTransaction(); throw; } }
private void raiseItemUpdated(IAzManItem item, string oldDescription) { if (this.ItemUpdated != null) this.ItemUpdated(item, oldDescription); }
private void raiseBizRuleUpdated(IAzManItem item, string oldBizRule) { if (this.BizRuleUpdated != null) this.BizRuleUpdated(item, oldBizRule); }
private bool detectLoop(IAzManItem memberToAdd) { bool loopDetected = false; var membersOfItemToAdd = memberToAdd.Members; foreach (IAzManItem member in membersOfItemToAdd.Values) { if (member.Name == this.name) { return true; } else { if (this.detectLoop(member)) { loopDetected = true; } } } return loopDetected; }
private void raiseDelegateDeleted(IAzManItem item, IAzManSid delegatingUserSid, IAzManSid delegateUserSid, RestrictedAuthorizationType authorizationType) { if (this.DelegateDeleted != null) this.DelegateDeleted(item, delegatingUserSid, delegateUserSid, authorizationType); }
void ens_AuthorizationCreated(IAzManItem item, IAzManAuthorization authorizationCreated) { MessageBox.Show("created"); }
internal static SqlAzManException BizRuleException(IAzManItem item, Exception innerException) { SqlAzManException ex = new SqlAzManException(String.Format("BizRule Error. Store '{0}', Application '{1}', Item '{2}'.", item.Application.Store.Name, item.Application.Name, item.Name), innerException); addParameter(ex, item); return ex; }
private static void addParameter(SqlAzManException ex, IAzManItem item) { addParameter(ex, "Item name", item.Name); }
internal static SqlAzManException AttributeDuplicateException(string attributeKey, IAzManItem item, Exception innerException) { SqlAzManException ex = new SqlAzManException(String.Format("An Attribute with the same key name already exists: '{0}'. Store '{1}', Application '{2}', Item '{3}'.", attributeKey, item.Application.Store.Name, item.Application.Name, item.Name), innerException); addParameter(ex, "Attribute key", attributeKey); addParameter(ex, item); return ex; }
internal static SqlAzManException AuthorizationNotFoundException(int authorizationId, IAzManItem item, Exception innerException) { SqlAzManException ex = new SqlAzManException(String.Format("Authorization {0} not found. Store '{1}', Application '{2}', Item '{3}'.", authorizationId, item.Application.Store.Name, item.Application.Name, item.Name), innerException); addParameter(ex, "Store name", item.Application.Store.Name); addParameter(ex, "Application name", item.Application.Name); addParameter(ex, "Item name", item.Name); addParameter(ex, "Authorization id", authorizationId); return ex; }
/// <summary> /// Determines whether an Item can be a member of a parent Item. /// </summary> /// <param name="parentItem">The parent itemName.</param> /// <param name="childItem">The child itemName.</param> /// <returns> /// <c>true</c> if this instance [can be an itemName A son of] the specified parent itemName; otherwise, <c>false</c>. /// </returns> public static bool MembershipAllowed(IAzManItem parentItem, IAzManItem childItem) { //Parent Item switch (parentItem.ItemType) { case ItemType.Role: return true; //All child of all types are allowed. case ItemType.Task: switch (childItem.ItemType) { case ItemType.Task: case ItemType.Operation: return true; default: return false; } case ItemType.Operation: switch (childItem.ItemType) { case ItemType.Operation: return true; default: return false; } } return false; }
private void AddAuthorizations(TreeNode parent, IAzManItem item) { //Effective Permissions bool stop = false; AuthorizationType authType = AuthorizationType.AllowWithDelegation; while (true) { string imageType = String.Empty; string sAuthz = String.Empty; string sAuthType = String.Empty; switch (authType) { case AuthorizationType.AllowWithDelegation: sAuthType = "Allow With Delegation"; imageType = "AllowForDelegation.bmp"; break; case AuthorizationType.Allow: sAuthType = "Allow"; imageType = "Allow.bmp"; break; case AuthorizationType.Deny: sAuthType = "Deny"; imageType = "Deny.bmp"; break; //case AuthorizationType.Neutral: sAuthType = "Neutral"; imageType = "Neutral.bmp"; break; } if (this.userIdenities == null) { this.userIdenities = new List<WindowsIdentity>(); foreach (string userUpn in this.userUPNs) { try { WindowsIdentity winId = new WindowsIdentity(userUpn); this.userIdenities.Add(winId); } catch { //Invalid user (expired, locked, disabled, etc...) //Do not add } } } if (this.dbUserIdentities == null) { this.dbUserIdentities = new List<IAzManDBUser>(item.Application.Store.Storage.GetDBUsers()); } //Windows Users foreach (WindowsIdentity wid in this.userIdenities) { try { AuthorizationType effectiveAuthorization = this.storageCache.CheckAccess(item.Application.Store.Name, item.Application.Name, item.Name, wid.GetUserBinarySSid(), wid.GetGroupsBinarySSid(), DateTime.Now, false); if (effectiveAuthorization == authType) { sAuthz += wid.Name + ", "; } } catch { //Do nothing } } //DB Users foreach (IAzManDBUser did in this.dbUserIdentities) { try { AuthorizationType effectiveAuthorization = this.storageCache.CheckAccess(item.Application.Store.Name, item.Application.Name, item.Name, did.CustomSid.StringValue, DateTime.Now, false); if (effectiveAuthorization == authType) { sAuthz += did.UserName + ", "; } } catch { //Do nothing } } if (sAuthz.EndsWith(", ")) sAuthz = sAuthz.Remove(sAuthz.Length - 2); if (!String.IsNullOrEmpty(sAuthz)) { TreeNode imageNode = new TreeNode(sAuthType, sAuthType, this.getImageUrl(imageType)); parent.ChildNodes.Add(imageNode); TreeNode authzNode = new TreeNode(sAuthz, String.Empty); authzNode.SelectAction = TreeNodeSelectAction.None; imageNode.ChildNodes.Add(authzNode); } switch (authType) { case AuthorizationType.AllowWithDelegation: authType = AuthorizationType.Allow; break; case AuthorizationType.Allow: authType = AuthorizationType.Deny; break; case AuthorizationType.Deny: authType = AuthorizationType.Neutral; stop = true; break; //case AuthorizationType.Neutral: stop = true; break; } if (stop) break; } }
/// <summary> /// Adds the member. /// </summary> /// <param name="member">The member.</param> public void AddMember(IAzManItem member) { //Membership type check if (!SqlAzManItem.MembershipAllowed(this, member)) throw new SqlAzManException(String.Format("Membership not allowed. Cannot add an item of type {0} to an item of type {1}.", member.ItemType, this.itemType)); //Loop detection if (this.detectLoop(member)) throw new SqlAzManException(String.Format("Cannot add '{0}' as a member. A loop has been detected.", member.Name)); this.db.ItemsHierarchyInsert(member.ItemId, this.itemId, this.application.ApplicationId); //Update cached item members if (this.members != null && !this.members.ContainsKey(member.Name)) this.members.Add(member.Name, member); this.raiseMemberAdded(this, member); }
private void raiseItemRenamed(IAzManItem item, string oldName) { if (this.ItemRenamed != null) this.ItemRenamed(item, oldName); }
private void AddAuthorizations(TreeNode parent, IAzManItem item) { bool stop = false; AuthorizationType authType = AuthorizationType.AllowWithDelegation; IAzManAuthorization[] authz = new IAzManAuthorization[item.Authorizations.Count]; item.Authorizations.CopyTo(authz, 0); ; if (authz.Length > 0) { while (!stop) { string sAuthz = String.Empty; string imageType = String.Empty; string sAuthType = String.Empty; switch (authType) { case AuthorizationType.AllowWithDelegation: sAuthType = "Allow With Delegation"; imageType = "AllowForDelegation.bmp"; break; case AuthorizationType.Allow: sAuthType = "Allow"; imageType = "Allow.bmp"; break; case AuthorizationType.Deny: sAuthType = "Deny"; imageType = "Deny.bmp"; break; case AuthorizationType.Neutral: sAuthType = "Neutral"; imageType = "Neutral.bmp"; break; } foreach (IAzManAuthorization auth in authz) { if (auth.AuthorizationType == authType) { string displayName = String.Empty; MemberType mt = auth.GetMemberInfo(out displayName); sAuthz += displayName + ", "; } } if (sAuthz.EndsWith(", ")) sAuthz = sAuthz.Remove(sAuthz.Length - 2); if (!String.IsNullOrEmpty(sAuthz)) { TreeNode imageNode = new TreeNode(sAuthType, sAuthType, this.getImageUrl(imageType)); parent.ChildNodes.Add(imageNode); TreeNode authzNode = new TreeNode(sAuthz, sAuthz); imageNode.ChildNodes.Add(authzNode); } switch (authType) { case AuthorizationType.AllowWithDelegation: authType = AuthorizationType.Allow; break; case AuthorizationType.Allow: authType = AuthorizationType.Deny; break; case AuthorizationType.Deny: authType = AuthorizationType.Neutral; break; case AuthorizationType.Neutral: stop = true; break; } if (stop) break; } } }
private void raiseItemAttributeCreated(IAzManItem owner, IAzManAttribute<IAzManItem> attributeCreated) { if (this.ItemAttributeCreated != null) this.ItemAttributeCreated(owner, attributeCreated); }
private void raiseItemCreated(IAzManApplication application, IAzManItem itemCreated) { if (this.ItemCreated != null) this.ItemCreated(application, itemCreated); }
private void AddOperation(TreeNode parent, IAzManItem item, TreeNode applicationNode) { TreeNode node = new TreeNode(item.Name, item.Name, this.getImageUrl("Operation_16x16.gif")); node.ToolTip = item.Description; parent.ChildNodes.Add(node); foreach (IAzManItem subItem in item.Members.Values) { this.AddOperation(node, subItem, applicationNode); } node.Collapse(); }
private void raiseDelegateCreated(IAzManItem item, IAzManAuthorization delegationCreated) { if (this.DelegateCreated != null) this.DelegateCreated(item, delegationCreated); }
private void AddTask(TreeNode parent, IAzManItem item, TreeNode applicationNode) { TreeNode node = new TreeNode(item.Name, item.Name, this.getImageUrl("Task_16x16.gif")); node.ToolTip = item.Description; parent.ChildNodes.Add(node); foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Task) { this.AddTask(node, subItem, applicationNode); } } if (item.Application.Store.Storage.Mode == NetSqlAzManMode.Developer) { foreach (IAzManItem subItem in item.Members.Values) { if (subItem.ItemType == ItemType.Operation) { this.AddOperation(node, subItem, applicationNode); } } } node.Collapse(); }
private void raiseAuthorizationCreated(IAzManItem item, IAzManAuthorization authorizationCreated) { if (this.AuthorizationCreated != null) this.AuthorizationCreated(item, authorizationCreated); }
private void raiseMemberRemoved(IAzManItem item, IAzManItem member) { if (this.MemberRemoved != null) this.MemberRemoved(item, member); }
private bool FindMember(IAzManItem[] members, string name) { foreach (IAzManItem m in members) { if (m.Name == name) return true; } return false; }
private ListViewItem CreateListViewItem(IAzManItem member) { ListViewItem lvi = new ListViewItem(); lvi.Tag = member; lvi.Text = member.Name; lvi.ImageIndex = 0; lvi.SubItems.Add(member.Description); return lvi; }