internal GenericMember(string name, IAzManSid sid, WhereDefined whereDefined) { this.Name = name; this.sid = sid; this.WhereDefined = whereDefined; this.Description = String.Empty; }
/// <summary> /// Creates the store group member. /// </summary> /// <param name="sid">The object owner.</param> /// <param name="whereDefined">Where member is defined.</param> /// <param name="isMember">if set to <c>true</c> [is member].</param> /// <returns></returns> public IAzManStoreGroupMember CreateStoreGroupMember(IAzManSid sid, WhereDefined whereDefined, bool isMember) { if (this.groupType != GroupType.Basic) { throw new InvalidOperationException("Method not supported for LDAP Groups"); } if (this.store.Storage.Mode == NetSqlAzManMode.Administrator && whereDefined == WhereDefined.Local) { throw new SqlAzManException("Cannot create Store Group members defined on local in Administrator Mode"); } //Loop detection if (whereDefined == WhereDefined.Store) { IAzManStoreGroup storeGroupToAdd = this.store.GetStoreGroup(sid); if (this.detectLoop(storeGroupToAdd)) { throw new SqlAzManException(String.Format("Cannot add '{0}'. A loop has been detected.", storeGroupToAdd.Name)); } } int retV = this.db.StoreGroupMemberInsert(this.store.StoreId, this.storeGroupId, sid.BinaryValue, (byte)whereDefined, isMember); IAzManStoreGroupMember result = new SqlAzManStoreGroupMember(this.db, this, retV, sid, whereDefined, isMember, this.ens); this.raiseStoreGroupMemberCreated(this, result); if (this.ens != null) { this.ens.AddPublisher(result); } return(result); }
private void btnAddWindowsUsersAndGroups_Click(object sender, EventArgs e) { try { ADObject[] res = ((List <ADObject>) this.Session["selectedADObjects"]).ToArray(); this.Session["selectedADObjects"] = null; if (res != null) { List <DataRow> rowsAdded = new List <DataRow>(); foreach (ADObject o in res) { WhereDefined wd = WhereDefined.LDAP; if (!o.ADSPath.StartsWith("LDAP")) { wd = WhereDefined.Local; } string displayName = String.Empty; bool isAGroup = false; bool isLocal = false; GenericMember gm = null; DirectoryServicesWebUtils.GetMemberInfo(o.Sid, out displayName, out isAGroup, out isLocal); gm = new GenericMember(new SqlAzManSID(o.Sid), wd, AuthorizationType.Neutral, null, null); gm.Name = displayName; rowsAdded.Add(this.AddLDapDataRow(gm, isAGroup)); this.modified = true; } } this.saveSessionVariables(); this.bindGridView(); } catch (Exception ex) { this.ShowError(ex.Message); } }
private void btnMembersAddWindowsUsersAndGroups_Click(object sender, EventArgs e) { try { this.HourGlass(true); ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, this.applicationGroup.Application.Store.Storage.Mode == NetSqlAzManMode.Developer); /*Application.DoEvents();*/ if (res != null) { foreach (ADObject o in res) { if (!this.MembersToRemove.Remove(o.Sid) && !this.FindMember(this.applicationGroup.GetApplicationGroupMembers(), o.Sid) && !this.FindMember(this.MembersToAdd, o.Sid)) { WhereDefined wd = WhereDefined.LDAP; if (!o.ADSPath.StartsWith("LDAP")) { wd = WhereDefined.Local; } this.MembersToAdd.Add(new GenericMember(o.Name, new SqlAzManSID(o.Sid), wd)); this.modified = true; } } this.RefreshApplicationGroupProperties(); } this.HourGlass(false); } catch (Exception ex) { this.HourGlass(false); MessageBox.Show(ex.Message); } }
/// <summary> /// Updates the specified authorization type. /// </summary> /// <param name="owner">The owner Sid.</param> /// <param name="sid">The member Sid.</param> /// <param name="sidWhereDefined">The object owner where defined.</param> /// <param name="authorizationType">Type of the authorization.</param> /// <param name="validFrom">The valid from.</param> /// <param name="validTo">The valid to.</param> public void Update(IAzManSid owner, IAzManSid sid, WhereDefined sidWhereDefined, AuthorizationType authorizationType, DateTime?validFrom, DateTime?validTo) { if (this.owner.StringValue != owner.StringValue || this.sid.StringValue != sid.StringValue || this.sidWhereDefined != sidWhereDefined || this.authorizationType != authorizationType || this.validFrom != validFrom || this.validTo != validTo) { //DateTime range check if (validFrom.HasValue && validTo.HasValue) { if (validFrom.Value > validTo.Value) { throw new InvalidOperationException("ValidFrom cannot be greater then ValidTo if supplied."); } } SqlAzManSID oldOwner = new SqlAzManSID(this.owner.StringValue, this.ownerSidWhereDefined == WhereDefined.Database); SqlAzManSID oldSid = new SqlAzManSID(this.sid.StringValue, this.sidWhereDefined == WhereDefined.Database); WhereDefined oldOwnerSidWhereDefined = this.ownerSidWhereDefined; WhereDefined oldSidWhereDefined = this.SidWhereDefined; AuthorizationType oldAuthorizationType = this.AuthorizationType; DateTime? oldValidFrom = this.validFrom; DateTime? oldValidTo = this.validTo; string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(owner.StringValue, out memberName, out isLocal); WhereDefined ownerSidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP; this.db.AuthorizationUpdate(this.item.ItemId, owner.BinaryValue, (byte)ownerSidWhereDefined, sid.BinaryValue, (byte)sidWhereDefined, (byte)authorizationType, (validFrom.HasValue ? validFrom.Value : new DateTime?()), (validTo.HasValue ? validTo.Value : new DateTime?()), this.authorizationId, this.item.Application.ApplicationId); this.owner = new SqlAzManSID(owner.BinaryValue); this.ownerSidWhereDefined = ownerSidWhereDefined; this.sid = sid; this.sidWhereDefined = sidWhereDefined; this.authorizationType = authorizationType; this.validFrom = validFrom; this.validTo = validTo; this.raiseAuthorizationUpdated(this, oldOwner, oldOwnerSidWhereDefined, oldSid, oldSidWhereDefined, oldAuthorizationType, oldValidFrom, oldValidTo); } }
/// <summary> /// Adds the specified user names to the specified roles for the configured applicationName. /// </summary> /// <param name="usernames">A string array of user names to be added to the specified roles.</param> /// <param name="roleNames">A string array of the role names to add the specified user names to.</param> public override void AddUsersToRoles(string[] usernames, string[] roleNames) { using (IAzManStorage storage = new SqlAzManStorage(this.storageCache.ConnectionString)) { try { storage.OpenConnection(); storage.BeginTransaction(); IAzManApplication application = storage[this.storeName][this.applicationName]; foreach (string roleName in roleNames) { IAzManItem role = application.GetItem(roleName); if (role.ItemType != ItemType.Role) { throw new ArgumentException(String.Format("{0} must be a Role.", roleName)); } foreach (string username in usernames) { IAzManSid owner = new SqlAzManSID(((System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity) ?? WindowsIdentity.GetCurrent()).User); WhereDefined whereDefined = WhereDefined.LDAP; if (this.userLookupType == "LDAP") { string fqun = this.getFQUN(username); NTAccount ntaccount = new NTAccount(fqun); if (ntaccount == null) { throw SqlAzManException.UserNotFoundException(username, null); } IAzManSid sid = new SqlAzManSID(((SecurityIdentifier)(ntaccount.Translate(typeof(SecurityIdentifier))))); if (sid == null) { throw SqlAzManException.UserNotFoundException(username, null); } role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.LDAP, AuthorizationType.Allow, null, null); } else { var dbuser = application.GetDBUser(username); IAzManSid sid = dbuser.CustomSid; role.CreateAuthorization(owner, whereDefined, sid, WhereDefined.Database, AuthorizationType.Allow, null, null); } } } storage.CommitTransaction(); //Rebuild StorageCache this.InvalidateCache(false); } catch { storage.RollBackTransaction(); throw; } finally { storage.CloseConnection(); } } }
public frmItemAuthorizations() { InitializeComponent(); string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal); this.currentOwnerSidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP; this.dtAuthorizations = new DataTable(); DataColumn dcAuthorizationId = new DataColumn("AuthorizationID", typeof(int)); dcAuthorizationId.AutoIncrement = true; dcAuthorizationId.AutoIncrementSeed = -1; dcAuthorizationId.AutoIncrementStep = -1; dcAuthorizationId.AllowDBNull = false; dcAuthorizationId.Unique = true; DataColumn dcMemberTypeEnum = new DataColumn("MemberTypeEnum", typeof(MemberType)); DataColumn dcMemberType = new DataColumn("MemberType", typeof(Bitmap)); DataColumn dcOwner = new DataColumn("Owner", typeof(string)); DataColumn dcOwnerSid = new DataColumn("OwnerSID", typeof(string)); DataColumn dcName = new DataColumn("Name", typeof(string)); DataColumn dcObjectSid = new DataColumn("ObjectSID", typeof(string)); DataColumn dcWhereDefined = new DataColumn("WhereDefined", typeof(string)); DataColumn dcWhereDefinedEnum = new DataColumn("WhereDefinedEnum", typeof(WhereDefined)); DataColumn dcAuthorizationType = new DataColumn("AuthorizationType", typeof(Bitmap)); DataColumn dcAuthorizationTypeEnum = new DataColumn("AuthorizationTypeEnum", typeof(AuthorizationType)); DataColumn dcValidFrom = new DataColumn("ValidFrom", typeof(DateTime)); dcValidFrom.AllowDBNull = true; DataColumn dcValidTo = new DataColumn("ValidTo", typeof(DateTime)); dcValidTo.AllowDBNull = true; dcMemberType.Caption = Globalization.MultilanguageResource.GetString("DGColumn_10"); dcOwner.Caption = Globalization.MultilanguageResource.GetString("DGColumn_20"); dcOwnerSid.Caption = Globalization.MultilanguageResource.GetString("DGColumn_30"); dcName.Caption = Globalization.MultilanguageResource.GetString("DGColumn_40"); dcObjectSid.Caption = Globalization.MultilanguageResource.GetString("DGColumn_50"); dcWhereDefined.Caption = Globalization.MultilanguageResource.GetString("DGColumn_60"); dcAuthorizationType.Caption = Globalization.MultilanguageResource.GetString("DGColumn_70"); dcValidFrom.Caption = Globalization.MultilanguageResource.GetString("DGColumn_80"); dcValidTo.Caption = Globalization.MultilanguageResource.GetString("DGColumn_90"); this.dtAuthorizations.Columns.AddRange( new DataColumn[] { dcAuthorizationId, dcMemberType, dcName, dcAuthorizationType, dcWhereDefined, dcOwner, dcOwnerSid, dcValidFrom, dcValidTo, dcObjectSid, dcAuthorizationTypeEnum, dcWhereDefinedEnum, dcMemberTypeEnum, }); this.modified = false; }
internal GenericMember(IAzManSid sid, WhereDefined whereDefined, AuthorizationType authorizationType, DateTime? validFrom, DateTime? validTo) { this.sid = sid; this.WhereDefined = whereDefined; this.authorizationType = authorizationType; this.validFrom = validFrom; this.validTo = validTo; }
internal GenericMember(IAzManSid sid, WhereDefined whereDefined, AuthorizationType authorizationType, DateTime?validFrom, DateTime?validTo) { this.sid = sid; this.WhereDefined = whereDefined; this.authorizationType = authorizationType; this.validFrom = validFrom; this.validTo = validTo; }
internal SqlAzManStoreGroupMember(NetSqlAzManStorageDataContext db, IAzManStoreGroup storeGroup, int storeGroupMemberId, IAzManSid sid, WhereDefined whereDefined, bool isMember, SqlAzManENS ens) { this.db = db; this.storeGroup = storeGroup; this.storeGroupMemberId = storeGroupMemberId; this.sid = sid; this.whereDefined = whereDefined; this.isMember = isMember; this.ens = ens; }
internal SqlAzManAuthorization(NetSqlAzManStorageDataContext db, IAzManItem item, int authorizationId, IAzManSid owner, WhereDefined ownerSidWhereDefined, IAzManSid sid, WhereDefined objectSidWhereDefined, AuthorizationType authorizationType, DateTime?validFrom, DateTime?validTo, SqlAzManENS ens) { this.db = db; this.authorizationId = authorizationId; this.item = item; this.owner = owner; this.ownerSidWhereDefined = ownerSidWhereDefined; this.sid = sid; this.sidWhereDefined = objectSidWhereDefined; this.authorizationType = authorizationType; this.validFrom = validFrom; this.validTo = validTo; this.ens = ens; }
internal SqlAzManAuthorization(NetSqlAzManStorageDataContext db, IAzManItem item, int authorizationId, IAzManSid owner, WhereDefined ownerSidWhereDefined, IAzManSid sid, WhereDefined objectSidWhereDefined, AuthorizationType authorizationType, DateTime? validFrom, DateTime? validTo, SqlAzManENS ens) { this.db = db; this.authorizationId = authorizationId; this.item = item; this.owner = owner; this.ownerSidWhereDefined = ownerSidWhereDefined; this.sid = sid; this.sidWhereDefined = objectSidWhereDefined; this.authorizationType = authorizationType; this.validFrom = validFrom; this.validTo = validTo; this.ens = ens; }
private void loadSessionVariables() { if (this.Session["modified"] != null) { this.modified = (bool)this.Session["modified"]; } else { this.modified = false; } this.item = this.Session["selectedObject"] as IAzManItem; this.dtAuthorizations = this.Session["dtAuthorizations"] as DataTable; this.currentOwnerName = (string)this.Session["currentOwnerName"]; this.currentOwnerSid = this.Session["currentOwnerSid"] as IAzManSid; this.currentOwnerSidWhereDefined = (WhereDefined)this.Session["currentOwnerSidWhereDefined"]; }
private void btnAddWindowsUsersAndGroups_Click(object sender, EventArgs e) { try { this.HourGlass(true); ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, this.item.Application.Store.Storage.Mode == NetSqlAzManMode.Developer); /*Application.DoEvents();*/ if (res != null) { List <DataRow> rowsAdded = new List <DataRow>(); foreach (ADObject o in res) { WhereDefined wd = WhereDefined.LDAP; if (!o.ADSPath.StartsWith("LDAP")) { wd = WhereDefined.Local; } string displayName; bool isAGroup; bool isLocal; DirectoryServicesUtils.GetMemberInfo(o.Sid, out displayName, out isAGroup, out isLocal); GenericMember gm = new GenericMember(new SqlAzManSID(o.Sid), wd, AuthorizationType.Neutral, null, null); gm.Name = displayName; rowsAdded.Add(this.AddLDapDataRow(gm, isAGroup)); this.modified = true; } this.SelectDataGridViewRows(rowsAdded); } this.btnApply.Enabled = this.modified; //Adjust columns Width foreach (DataGridViewColumn dgvc in this.dgAuthorizations.Columns) { dgvc.Width = dgvc.GetPreferredWidth(DataGridViewAutoSizeColumnMode.AllCells, true); } this.HourGlass(false); } catch (Exception ex) { this.HourGlass(false); this.ShowError(ex.Message, Globalization.MultilanguageResource.GetString("frmItemAuthorizations_Msg10")); } finally { this.btnApply.Enabled = this.modified; } }
public static String GetWhereDefinedName(WhereDefined where) { switch (where) { case WhereDefined.Database: return("DB User"); case WhereDefined.LDAP: return("LDAP User"); case WhereDefined.Store: return("Store User"); case WhereDefined.Application: return("Application User"); case WhereDefined.Local: default: return("Local User"); } }
protected void btnNonMembersAddWindowsUsersAndGroup_Click(object sender, EventArgs e) { ADObject[] res = ((List <ADObject>) this.Session["selectedADObjects"]).ToArray(); this.Session["selectedADObjects"] = null; if (res != null) { foreach (ADObject o in res) { if (!this.NonMembersToRemove.Remove(o.Sid) && !this.FindMember(this.applicationGroup.GetApplicationGroupNonMembers(), new SqlAzManSID(o.Sid)) && !this.FindMember(this.NonMembersToAdd, new SqlAzManSID(o.Sid))) { WhereDefined wd = WhereDefined.LDAP; if (!o.ADSPath.StartsWith("LDAP")) { wd = WhereDefined.Local; } this.NonMembersToAdd.Add(new GenericMember(o.Name, new SqlAzManSID(o.Sid), wd)); this.modified = true; } } this.RefreshApplicationGroupProperties(); } }
private void btnNonMembersAddWindowsUsersAndGroup_Click(object sender, EventArgs e) { this.HourGlass(true); ADObject[] res = DirectoryServicesUtils.ADObjectPickerShowDialog(this, this.storeGroup.Store.Storage.Mode == NetSqlAzManMode.Developer); if (res != null) { foreach (ADObject o in res) { if (!this.NonMembersToRemove.Remove(o.Sid) && !this.FindMember(this.storeGroup.GetStoreGroupNonMembers(), new SqlAzManSID(o.Sid)) && !this.FindMember(this.NonMembersToAdd, new SqlAzManSID(o.Sid))) { WhereDefined wd = WhereDefined.LDAP; if (!o.ADSPath.StartsWith("LDAP")) { wd = WhereDefined.Local; } this.NonMembersToAdd.Add(new GenericMember(o.Name, new SqlAzManSID(o.Sid), wd)); this.modified = true; } } this.RefreshStoreGroupProperties(); } this.HourGlass(false); }
public frmImportFromAzMan() { InitializeComponent(); try { string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal); if (!isLocal) { this.currentOwnerSidWhereDefined = WhereDefined.LDAP; } else { this.currentOwnerSidWhereDefined = WhereDefined.Local; } } catch { this.currentOwnerSidWhereDefined = WhereDefined.LDAP; } }
protected void Page_Init(object sender, EventArgs e) { this.setImage("NetSqlAzMan_32x32.gif"); this.setOkHandler(new EventHandler(this.btnOk_Click)); this.currentOwnerSid = new SqlAzManSID(this.Request.LogonUserIdentity.User); try { string memberName; bool isLocal; DirectoryServicesWebUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal); if (!isLocal) { this.currentOwnerSidWhereDefined = WhereDefined.LDAP; } else { this.currentOwnerSidWhereDefined = WhereDefined.Local; } } catch { this.currentOwnerSidWhereDefined = WhereDefined.LDAP; } }
private void raiseAuthorizationUpdated(IAzManAuthorization authorization, IAzManSid oldOwner, WhereDefined oldOwnerSidWhereDefined, IAzManSid oldSid, WhereDefined oldSidWhereDefined, AuthorizationType oldAuthorizationType, DateTime? oldValidFrom, DateTime? oldValidTo) { if (this.AuthorizationUpdated != null) this.AuthorizationUpdated(authorization, oldOwner, oldOwnerSidWhereDefined, oldSid, oldSidWhereDefined, oldAuthorizationType, oldValidFrom, oldValidTo); }
private void loadSessionVariables() { if (this.Session["modified"] != null) this.modified = (bool)this.Session["modified"]; else this.modified = false; this.item = this.Session["selectedObject"] as IAzManItem; this.dtAuthorizations = this.Session["dtAuthorizations"] as DataTable; this.currentOwnerName = (string)this.Session["currentOwnerName"]; this.currentOwnerSid = this.Session["currentOwnerSid"] as IAzManSid; this.currentOwnerSidWhereDefined = (WhereDefined)this.Session["currentOwnerSidWhereDefined"]; }
protected void Page_Load(object sender, EventArgs e) { this.item = this.Session["selectedObject"] as IAzManItem; this.menuItem = Request["MenuItem"]; this.Text = "Item Authorizations"; this.Description = this.Text; this.Title = this.Text; this.currentOwnerName = this.Request.LogonUserIdentity.Name; this.currentOwnerSid = new SqlAzManSID(this.Request.LogonUserIdentity.User.Value); //this.showWaitPanelOnSubmit(this.pnlWait, this.pnlXXX); if (!this.Page.IsPostBack) { string memberName; bool isLocal; DirectoryServicesWebUtils.GetMemberInfo(this.currentOwnerSid.StringValue, out memberName, out isLocal); this.currentOwnerSidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP; this.saveSessionVariables(); this.loadSessionVariables(); this.dtAuthorizations = new DataTable(); DataColumn dcAuthorizationId = new DataColumn("AuthorizationID", typeof(int)); dcAuthorizationId.AutoIncrement = true; dcAuthorizationId.AutoIncrementSeed = -1; dcAuthorizationId.AutoIncrementStep = -1; dcAuthorizationId.AllowDBNull = false; dcAuthorizationId.Unique = true; DataColumn dcAttributesLink = new DataColumn("AttributesLink", typeof(string)); DataColumn dcMemberTypeEnum = new DataColumn("MemberTypeEnum", typeof(MemberType)); DataColumn dcMemberType = new DataColumn("MemberType", typeof(string)); DataColumn dcOwner = new DataColumn("Owner", typeof(string)); DataColumn dcOwnerSid = new DataColumn("OwnerSID", typeof(string)); DataColumn dcName = new DataColumn("Name", typeof(string)); DataColumn dcObjectSid = new DataColumn("ObjectSID", typeof(string)); DataColumn dcWhereDefined = new DataColumn("WhereDefined", typeof(string)); DataColumn dcWhereDefinedEnum = new DataColumn("WhereDefinedEnum", typeof(WhereDefined)); DataColumn dcAuthorizationType = new DataColumn("AuthorizationType", typeof(string)); DataColumn dcAuthorizationTypeEnum = new DataColumn("AuthorizationTypeEnum", typeof(AuthorizationType)); DataColumn dcValidFrom = new DataColumn("ValidFrom", typeof(DateTime)); dcValidFrom.AllowDBNull = true; DataColumn dcValidTo = new DataColumn("ValidTo", typeof(DateTime)); dcValidTo.AllowDBNull = true; dcMemberType.Caption = "Member Type"; dcOwner.Caption = "Owner"; dcOwnerSid.Caption = "Owner SID"; dcName.Caption = "Name"; dcObjectSid.Caption = "Object SID"; dcWhereDefined.Caption = "Where Defined"; dcAuthorizationType.Caption = "Authorization Type"; dcValidFrom.Caption = "Valid From"; dcValidTo.Caption = "Valid To"; this.dtAuthorizations.Columns.AddRange( new DataColumn[] { dcAuthorizationId, dcMemberType, dcName, dcAuthorizationType, dcWhereDefined, dcOwner, dcOwnerSid, dcValidFrom, dcValidTo, dcObjectSid, dcAuthorizationTypeEnum, dcWhereDefinedEnum, dcMemberTypeEnum, dcAttributesLink }); foreach (DataColumn dc in this.dtAuthorizations.Columns) { dc.AllowDBNull = true; } dcMemberType.AllowDBNull = false; dcAuthorizationType.AllowDBNull = false; this.modified = false; this.btnAddStoreGroups.Enabled = this.item.Application.Store.HasStoreGroups(); this.btnAddApplicationGroups.Enabled = this.item.Application.HasApplicationGroups(); //Prepare DataGridView this.dgAuthorizations.DataSource = this.dtAuthorizations; this.dgAuthorizations.DataBind(); this.RenderItemAuthorizations(); this.Text += " - " + this.item.Name; this.saveSessionVariables(); this.bindGridView(); } else { this.loadSessionVariables(); if (this.Session["selectedStoreGroups"] != null) { this.btnAddStoreGroups_Click(this, EventArgs.Empty); } if (this.Session["selectedApplicationGroups"] != null) { this.btnAddApplicationGroups_Click(this, EventArgs.Empty); } if (this.Session["selectedDBUsers"] != null) { this.btnAddDBUsers_Click(this, EventArgs.Empty); } if (this.Session["selectedADObjects"] != null) { this.btnAddWindowsUsersAndGroups_Click(this, EventArgs.Empty); } } }
/// <summary> /// Creates the authorization. /// </summary> /// <param name="owner">The owner owner.</param> /// <param name="ownerSidWhereDefined">The owner sid where defined.</param> /// <param name="sid">The object owner.</param> /// <param name="sidWhereDefined">The object owner where defined.</param> /// <param name="authorizationType">Type of the authorization.</param> /// <param name="validFrom">The valid from.</param> /// <param name="validTo">The valid to.</param> /// <returns></returns> public IAzManAuthorization CreateAuthorization(IAzManSid owner, WhereDefined ownerSidWhereDefined, IAzManSid sid, WhereDefined sidWhereDefined, AuthorizationType authorizationType, DateTime? validFrom, DateTime? validTo) { //DateTime range check if (validFrom.HasValue && validTo.HasValue) { if (validFrom.Value > validTo.Value) throw new InvalidOperationException("ValidFrom cannot be greater then ValidTo if supplied."); } if (this.application.Store.Storage.Mode == NetSqlAzManMode.Administrator && sidWhereDefined == WhereDefined.Local) { throw new SqlAzManException("Cannot create an Authorization on members defined on local in Administrator Mode"); } var existing = (from aut in this.db.Authorizations() where aut.ItemId == this.itemId && aut.OwnerSid == owner.BinaryValue && aut.OwnerSidWhereDefined == (byte)ownerSidWhereDefined && aut.ObjectSid == sid.BinaryValue && aut.AuthorizationType == (byte)authorizationType && aut.ValidFrom == validFrom && aut.ValidTo == validTo select aut).FirstOrDefault(); if (existing == null) { int id = this.db.AuthorizationInsert(this.itemId, owner.BinaryValue, (byte)ownerSidWhereDefined, sid.BinaryValue, (byte)sidWhereDefined, (byte)authorizationType, (validFrom.HasValue ? validFrom.Value : new DateTime?()), (validTo.HasValue ? validTo.Value : new DateTime?()), this.application.ApplicationId); IAzManAuthorization result = new SqlAzManAuthorization(this.db, this, id, owner, ownerSidWhereDefined, sid, sidWhereDefined, authorizationType, validFrom, validTo, this.ens); this.raiseAuthorizationCreated(this, result); if (this.ens != null) this.ens.AddPublisher(result); this.authorizations = null; //Force cache refresh return result; } else { IAzManAuthorization result = new SqlAzManAuthorization(this.db, this, existing.ItemId.Value, new SqlAzManSID(existing.OwnerSid.ToArray()), (WhereDefined)existing.OwnerSidWhereDefined, new SqlAzManSID(existing.ObjectSid.ToArray()), (WhereDefined)existing.ObjectSidWhereDefined, (AuthorizationType)existing.AuthorizationType.Value, existing.ValidFrom, existing.ValidTo, this.ens); return result; } }
/// <summary> /// Updates the specified authorization type. /// </summary> /// <param name="owner">The owner Sid.</param> /// <param name="sid">The member Sid.</param> /// <param name="sidWhereDefined">The object owner where defined.</param> /// <param name="authorizationType">Type of the authorization.</param> /// <param name="validFrom">The valid from.</param> /// <param name="validTo">The valid to.</param> public void Update(IAzManSid owner, IAzManSid sid, WhereDefined sidWhereDefined, AuthorizationType authorizationType, DateTime? validFrom, DateTime? validTo) { if (this.owner.StringValue != owner.StringValue || this.sid.StringValue != sid.StringValue || this.sidWhereDefined != sidWhereDefined || this.authorizationType != authorizationType || this.validFrom != validFrom || this.validTo != validTo) { //DateTime range check if (validFrom.HasValue && validTo.HasValue) { if (validFrom.Value > validTo.Value) throw new InvalidOperationException("ValidFrom cannot be greater then ValidTo if supplied."); } SqlAzManSID oldOwner = new SqlAzManSID(this.owner.StringValue, this.ownerSidWhereDefined == WhereDefined.Database); SqlAzManSID oldSid = new SqlAzManSID(this.sid.StringValue, this.sidWhereDefined == WhereDefined.Database); WhereDefined oldOwnerSidWhereDefined = this.ownerSidWhereDefined; WhereDefined oldSidWhereDefined = this.SidWhereDefined; AuthorizationType oldAuthorizationType = this.AuthorizationType; DateTime? oldValidFrom = this.validFrom; DateTime? oldValidTo = this.validTo; string memberName; bool isLocal; DirectoryServicesUtils.GetMemberInfo(owner.StringValue, out memberName, out isLocal); WhereDefined ownerSidWhereDefined = isLocal ? WhereDefined.Local : WhereDefined.LDAP; this.db.AuthorizationUpdate(this.item.ItemId, owner.BinaryValue, (byte)ownerSidWhereDefined, sid.BinaryValue, (byte)sidWhereDefined, (byte)authorizationType, (validFrom.HasValue ? validFrom.Value : new DateTime?()), (validTo.HasValue ? validTo.Value : new DateTime?()), this.authorizationId, this.item.Application.ApplicationId); this.owner = new SqlAzManSID(owner.BinaryValue); this.ownerSidWhereDefined = ownerSidWhereDefined; this.sid = sid; this.sidWhereDefined = sidWhereDefined; this.authorizationType = authorizationType; this.validFrom = validFrom; this.validTo = validTo; this.raiseAuthorizationUpdated(this, oldOwner, oldOwnerSidWhereDefined, oldSid, oldSidWhereDefined, oldAuthorizationType, oldValidFrom, oldValidTo); } }
/// <summary> /// Creates the application group member. /// </summary> /// <param name="sid">The object owner.</param> /// <param name="whereDefined">The where defined.</param> /// <param name="isMember">if set to <c>true</c> [is member].</param> public IAzManApplicationGroupMember CreateApplicationGroupMember(IAzManSid sid, WhereDefined whereDefined, bool isMember) { if (this.groupType != GroupType.Basic) throw new InvalidOperationException("Method not supported for LDAP Groups"); if (this.application.Store.Storage.Mode == NetSqlAzManMode.Administrator && whereDefined == WhereDefined.Local) { throw new SqlAzManException("Cannot create Application Group members defined on local in Administrator Mode"); } //Loop detection if (whereDefined == WhereDefined.Application) { IAzManApplicationGroup applicationGroupToAdd = this.application.GetApplicationGroup(sid); if (this.detectLoop(applicationGroupToAdd)) throw new SqlAzManException(String.Format("Cannot add '{0}'. A loop has been detected.", applicationGroupToAdd.Name)); } int retV = this.db.ApplicationGroupMemberInsert(this.applicationGroupId, sid.BinaryValue, (byte)whereDefined, isMember, this.application.ApplicationId); IAzManApplicationGroupMember result = new SqlAzManApplicationGroupMember(this.db, this, retV, sid, whereDefined, isMember, this.ens); this.raiseApplicationGroupMemberCreated(this, result); if (this.ens != null) this.ens.AddPublisher(result); return result; }
void SqlAzManENS_AuthorizationUpdated(IAzManAuthorization authorization, IAzManSid oldOwner, WhereDefined oldOwnerSidWhereDefined, IAzManSid oldSid, WhereDefined oldSidWhereDefined, AuthorizationType oldAuthorizationType, DateTime? oldValidFrom, DateTime? oldValidTo) { logging.WriteInfo(this, String.Format("ENS Event: {0}\r\n\r\nAuthorization: {1}\r\nOld Owner SID: {2}\r\nOld Owner SID Where Defined: {3}\r\nOld SID: {4}\r\nOld SID Where Defined: {5}\r\nOld Authorization Type: {6}\r\nOld Valid From: {7}\r\nOld Valid To: {8}\r\n", "AuthorizationUpdated", authorization.ToString(), oldOwner.ToString(), oldOwnerSidWhereDefined, oldSid.ToString(), oldSidWhereDefined, oldAuthorizationType, (oldValidFrom.HasValue ? oldValidFrom.Value.ToString() : ""), (oldValidTo.HasValue ? oldValidTo.Value.ToString() : ""))); }
private void raiseAuthorizationUpdated(IAzManAuthorization authorization, IAzManSid oldOwner, WhereDefined oldOwnerSidWhereDefined, IAzManSid oldSid, WhereDefined oldSidWhereDefined, AuthorizationType oldAuthorizationType, DateTime?oldValidFrom, DateTime?oldValidTo) { if (this.AuthorizationUpdated != null) { this.AuthorizationUpdated(authorization, oldOwner, oldOwnerSidWhereDefined, oldSid, oldSidWhereDefined, oldAuthorizationType, oldValidFrom, oldValidTo); } }