/// <summary>
/// Método privado para processamento do método 'user.resetpassword'
/// </summary>
/// <param name="sqlConnection">Conexão com o banco de dados MS-SQL</param>
/// <param name="parameters">Dicionário (String, Object) contendo todos os parâmetros necessários</param>
private Boolean accessrequestrevoke(IAMDatabase database, Dictionary <String, Object> parameters)
{
if (!parameters.ContainsKey("requestid"))
{
Error(ErrorType.InvalidRequest, "Parameter requestid is not defined.", "", null);
return(false);
}
Int64 requestid = 0;
try
{
requestid = Int64.Parse(parameters["requestid"].ToString());
}
catch
{
Error(ErrorType.InvalidRequest, "Parameter requestid is not a long integer.", "", null);
return(false);
}
WorkflowRequest req = new WorkflowRequest(requestid);
WorkflowRequestProccess proc = req.SetStatus(database, WorkflowRequestStatus.Revoked, Acl.EntityId);
if (!proc.Success)
{
Error(ErrorType.InvalidRequest, proc.Message, proc.Debug, null);
return(false);
}
else
{
return(true);
}
}
private void WorkflowTimer(Object state)
{
if (executing)
{
return;
}
executing = true;
startTime = DateTime.Now;
try
{
IAMDatabase db = null;
try
{
db = new IAMDatabase(localConfig.SqlServer, localConfig.SqlDb, localConfig.SqlUsername, localConfig.SqlPassword);
db.openDB();
db.Timeout = 900;
DataTable dtRequests = db.ExecuteDataTable("select id, workflow_id from [st_workflow_request] r with(nolock) where r.deployed = 0 order by r.create_date");
if ((dtRequests != null) && (dtRequests.Rows.Count > 0))
{
try
{
TextLog.Log("WorkflowProcessor", "Starting workflow processor timer");
foreach (DataRow dr in dtRequests.Rows)
{
try
{
WorkflowRequest request = new WorkflowRequest((Int64)dr["id"]);
request.GetInicialData(db);
WorkflowConfig workflow = new WorkflowConfig();
workflow.GetDatabaseData(db, (Int64)dr["workflow_id"]);
switch (request.Status)
{
case WorkflowRequestStatus.Deny:
case WorkflowRequestStatus.Expired:
case WorkflowRequestStatus.UserCanceled:
//Somente atualiza como deployed, para não ficar verificando
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
continue;
break;
case WorkflowRequestStatus.Waiting:
//Verifica escalation
DateTime escalation = request.ActivityCreated.AddDays(request.Activity.EscalationDays);
DateTime expired = request.ActivityCreated.AddDays(request.Activity.ExpirationDays);
if (expired.CompareTo(DateTime.Now) < 0)
{
request.SetStatus(db, WorkflowRequestStatus.Escalated, request.UserId);
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
}
else if (escalation.CompareTo(DateTime.Now) < 0)
{
request.SetStatus(db, WorkflowRequestStatus.Escalated, request.UserId);
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
}
break;
case WorkflowRequestStatus.Escalated:
//Verifica escalation
DateTime expired2 = request.ActivityCreated.AddDays(request.Activity.ExpirationDays);
if (expired2.CompareTo(DateTime.Now) < 0)
{
request.SetStatus(db, WorkflowRequestStatus.Expired, request.UserId);
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
}
break;
case WorkflowRequestStatus.Approved:
//Somente executa alguma ação quando não há mais nenhuma atividade a ser executada
if (request.NextActivity == null)
{
switch (workflow.AccessType)
{
case WorkflowAccessType.RoleGrant:
WorkflowAccessRoleGrant rg = (WorkflowAccessRoleGrant)workflow.Access;
//Seleciona todas as identidades do usuário e adiciona na role
DataTable drIdent = db.ExecuteDataTable("select i.* from [identity] i with(nolock) inner join resource_plugin rp with(nolock) on i.resource_plugin_id = rp.id where rp.enable_import = 1 and rp.permit_add_entity = 1 and i.entity_id = " + request.UserId);
if ((drIdent == null) || (drIdent.Rows.Count == 0))
{
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = "No inbound identity found for allow access";
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
else
{
//Lista o nome e id de todas as roles que serão utilizadas
List <String> roleList = new List <String>();
foreach (Int64 r in rg.Roles)
{
roleList.Add(r.ToString());
}
DataTable drRoles = db.ExecuteDataTable("select * from [role] where id in (" + String.Join(",", roleList) + ")");
if ((drRoles == null) || (drRoles.Rows.Count == 0))
{
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = "No role found for allow access";
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
else
{
String roleNames = "";
//Adiciona as roles
foreach (DataRow dr2 in drIdent.Rows)
{
foreach (DataRow drRole in drRoles.Rows)
{
DbParameterCollection par = new DbParameterCollection();
par.Add("@identity_id", typeof(Int64)).Value = dr2["id"];
par.Add("@role_id", typeof(Int64)).Value = drRole["id"];
Boolean added = db.ExecuteScalar <Boolean>("sp_insert_identity_role", CommandType.StoredProcedure, par);
if (added)
{
roleNames += drRole["name"] + Environment.NewLine;
}
}
}
if (roleNames != null)
{
db.AddUserLog(LogKey.User_IdentityRoleBind, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, request.UserId, 0, "Entity bind to roles by workflow access request", roleNames);
}
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = "Entity bind to roles";
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
}
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
break;
}
}
break;
case WorkflowRequestStatus.Revoked:
//Remove as permissões dadas
switch (workflow.AccessType)
{
case WorkflowAccessType.RoleGrant:
WorkflowAccessRoleGrant rg = (WorkflowAccessRoleGrant)workflow.Access;
//Lista o nome e id de todas as roles que serão utilizadas
List <String> roleList = new List <String>();
foreach (Int64 r in rg.Roles)
{
roleList.Add(r.ToString());
}
String log = "";
DataTable drRoles = db.ExecuteDataTable("select distinct ir.*, r.name role_name from [role] r with(nolock) inner join identity_role ir with(nolock) on ir.role_id = r.id inner join [identity] i with(nolock) on ir.identity_id = i.id where i.entity_id = " + request.UserId + " and r.id in (" + String.Join(",", roleList) + ")");
if ((drRoles != null) && (drRoles.Rows.Count > 0))
{
foreach (DataRow dr2 in drRoles.Rows)
{
log += "Identity unbind to role " + dr2["role_name"] + Environment.NewLine;
db.AddUserLog(LogKey.User_IdentityRoleUnbind, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, request.UserId, (Int64)dr2["identity_id"], "Identity unbind to role " + dr2["role_name"]);
db.ExecuteNonQuery("delete from identity_role where identity_id = " + dr2["identity_id"] + " and role_id = " + dr2["role_id"], CommandType.Text, null);
}
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = log;
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
else
{
using (DbParameterCollection par2 = new DbParameterCollection())
{
par2.Add("@workflow_request_id", typeof(Int64)).Value = request.RequestId;
par2.Add("@status", typeof(String)).Value = (Int32)request.Status;
par2.Add("@description", typeof(String)).Value = "No permission to remove";
par2.Add("@activity_id", typeof(Int64)).Value = request.Activity.ActivityId;
par2.Add("@executed_by_entity_id", typeof(Int64)).Value = request.LastExecutedBy;
db.ExecuteNonQuery("INSERT INTO [st_workflow_request_status]([workflow_request_id],[status],[description],[executed_by_entity_id],[activity_id])VALUES(@workflow_request_id,@status,@description,@executed_by_entity_id,@activity_id)", CommandType.Text, par2, null);
}
}
db.ExecuteNonQuery("update [st_workflow_request] set deployed = 1 where id = " + dr["id"]);
break;
}
break;
case WorkflowRequestStatus.UnderReview:
//Nada
break;
}
}
catch (Exception ex)
{
db.AddUserLog(LogKey.Workflow, null, "Workflow", UserLogLevel.Info, 0, 0, 0, 0, 0, 0, 0, "Workflow proccess error", ex.Message);
}
}
}
finally
{
if (db != null)
{
db.Dispose();
}
TextLog.Log("WorkflowProcessor", "Finishing workflow processor timer");
}
}
db.closeDB();
}
finally
{
if (db != null)
{
db.Dispose();
}
}
}
catch (Exception ex)
{
TextLog.Log("WorkflowProcessor", "Error on message timer " + ex.Message);
}
finally
{
executing = false;
last_status = "";
startTime = new DateTime(1970, 1, 1);
}
}
