public bool Authorize(string token)
{
if (token == SettingServices.GetSettingValue(SettingStrings.UniversalToken) &&
!string.IsNullOrEmpty(SettingServices.GetSettingValue(SettingStrings.UniversalToken)))
{
return(true);
}
var user = new UserServices().GetUserByToken(token);
if (user != null)
{
return(true);
}
return(false);
}
public string GroupCountUser(int userId)
{
var userServices = new UserServices();
if (userServices.GetUser(userId).Membership == "Administrator")
{
return(TotalCount());
}
var user = userServices.GetUser(userId);
if (user.GroupManagementEnabled == 1)
{
var userManagedGroups = userServices.GetUserGroupManagements(userId);
return(userManagedGroups.Count.ToString());
}
return(TotalCount());
}
public bool AddNewGroupMember(int userGroupId, int userId)
{
var user = new UserServices().GetUser(userId);
var userGroup = GetUserGroup(userGroupId);
user.Membership = userGroup.Membership;
user.UserGroupId = userGroup.Id;
user.GroupManagementEnabled = userGroup.GroupManagementEnabled;
user.ImageManagementEnabled = userGroup.ImageManagementEnabled;
new UserServices().UpdateUser(user);
var rights = GetUserGroupRights(userGroup.Id);
var groupManagement = GetUserGroupGroupManagements(userGroup.Id);
var imageManagement = GetUserGroupImageManagements(userGroup.Id);
var userRights =
rights.Select(right => new UserRightEntity {
UserId = user.Id, Right = right.Right
}).ToList();
_userServices.DeleteUserRights(user.Id);
new UserRightServices().AddUserRights(userRights);
var userGroupManagement =
groupManagement.Select(g => new UserGroupManagementEntity {
GroupId = g.GroupId, UserId = user.Id
})
.ToList();
_userServices.DeleteUserGroupManagements(user.Id);
new UserGroupManagementServices().AddUserGroupManagements(userGroupManagement);
var userImageManagement =
imageManagement.Select(g => new UserImageManagementEntity {
ImageId = g.ImageId, UserId = user.Id
})
.ToList();
_userServices.DeleteUserImageManagements(user.Id);
new UserImageManagementServices().AddUserImageManagements(userImageManagement);
return(true);
}
public List <GroupWithImage> SearchGroupsForUser(int userId, string searchString = "")
{
var userServices = new UserServices();
if (userServices.GetUser(userId).Membership == "Administrator")
{
return(SearchGroups(searchString));
}
var user = userServices.GetUser(userId);
if (user.GroupManagementEnabled == 0)
{
return(SearchGroups(searchString));
}
var userManagedGroups = userServices.GetUserGroupManagements(userId);
return
(userManagedGroups.Select(
groupManagement => _uow.GroupRepository.GetGroupWithImage(searchString, groupManagement.GroupId))
.Where(@group => @group != null)
.ToList());
}
public string CheckTaskAuth(string task, string token)
{
var userServices = new UserServices();
//only check ond and debug because web tasks can't even be started if user isn't authorized
if (task == "ond" && SettingServices.GetSettingValue(SettingStrings.OnDemand) != "Enabled")
{
log.Debug("A client tried to image with on demand mode, but it is not enabled on the server");
return("false");
}
if (task == "clobber" && SettingServices.GetSettingValue(SettingStrings.ClobberEnabled) != "1")
{
log.Debug("A client tried to image with clobber mode, but it is not enabled on the server");
return("false");
}
if (task == "ond" && SettingServices.GetSettingValue(SettingStrings.OnDemandRequiresLogin) == "No")
{
if (token == SettingServices.GetSettingValue(SettingStrings.UniversalToken) &&
!string.IsNullOrEmpty(SettingServices.GetSettingValue(SettingStrings.UniversalToken)))
{
return("true");
}
}
else if (task == "ond" && SettingServices.GetSettingValue(SettingStrings.OnDemandRequiresLogin) == "Yes")
{
var user = userServices.GetUserByToken(token);
if (user != null)
{
if (new AuthorizationServices(user.Id, AuthorizationStrings.AllowOnd).IsAuthorized())
{
return("true");
}
}
}
else if (task == "debug" && SettingServices.GetSettingValue(SettingStrings.DebugRequiresLogin) == "No")
{
if (token == SettingServices.GetSettingValue(SettingStrings.UniversalToken) &&
!string.IsNullOrEmpty(SettingServices.GetSettingValue(SettingStrings.UniversalToken)))
{
return("true");
}
}
else if (task == "debug" && SettingServices.GetSettingValue(SettingStrings.DebugRequiresLogin) == "Yes")
{
var user = userServices.GetUserByToken(token);
if (user != null)
{
if (new AuthorizationServices(user.Id, AuthorizationStrings.AllowDebug).IsAuthorized())
{
return("true");
}
}
}
else if (task == "clobber" && SettingServices.GetSettingValue(SettingStrings.ClobberRequiresLogin) == "No")
{
if (token == SettingServices.GetSettingValue(SettingStrings.UniversalToken) &&
!string.IsNullOrEmpty(SettingServices.GetSettingValue(SettingStrings.UniversalToken)))
{
return("true");
}
}
else if (task == "clobber" && SettingServices.GetSettingValue(SettingStrings.ClobberRequiresLogin) == "Yes")
{
var user = userServices.GetUserByToken(token);
if (user != null)
{
if (new AuthorizationServices(user.Id, AuthorizationStrings.ImageDeployTask).IsAuthorized())
{
return("true");
}
}
}
return("false");
}
public string OnDemandCheckIn(string mac, int objectId, string task, string userId, string computerId)
{
var checkIn = new CheckIn();
var computerServices = new ComputerServices();
if (userId != null) //on demand
{
//Check permissions
if (task.Contains("deploy"))
{
if (
!new AuthorizationServices(Convert.ToInt32(userId), AuthorizationStrings.ImageDeployTask)
.IsAuthorized())
{
checkIn.Result = "false";
checkIn.Message = "This User Is Not Authorized To Deploy Images";
return(JsonConvert.SerializeObject(checkIn));
}
}
if (task.Contains("upload"))
{
if (
!new AuthorizationServices(Convert.ToInt32(userId), AuthorizationStrings.ImageUploadTask)
.IsAuthorized())
{
checkIn.Result = "false";
checkIn.Message = "This User Is Not Authorized To Upload Images";
return(JsonConvert.SerializeObject(checkIn));
}
}
if (task.Contains("multicast"))
{
if (
!new AuthorizationServices(Convert.ToInt32(userId), AuthorizationStrings.ImageMulticastTask)
.IsAuthorized())
{
checkIn.Result = "false";
checkIn.Message = "This User Is Not Authorized To Multicast Images";
return(JsonConvert.SerializeObject(checkIn));
}
}
}
ComputerEntity computer = null;
if (computerId != "false")
{
computer = computerServices.GetComputer(Convert.ToInt32(computerId));
}
ImageProfileWithImage imageProfile;
var arguments = "";
if (task == "deploy" || task == "upload" || task == "clobber" || task == "ondupload" || task == "onddeploy" ||
task == "unregupload" || task == "unregdeploy" || task == "modelmatchdeploy")
{
imageProfile = new ImageProfileServices().ReadProfile(objectId);
arguments = new CreateTaskArguments(computer, imageProfile, task).Execute();
}
else //Multicast
{
var multicast = new ActiveMulticastSessionServices().GetFromPort(objectId);
imageProfile = new ImageProfileServices().ReadProfile(multicast.ImageProfileId);
arguments = new CreateTaskArguments(computer, imageProfile, task).Execute(objectId.ToString());
}
var imageDistributionPoint = new GetImageServer(computer, task).Run();
if (imageProfile.Image.Protected == 1 && (task == "upload" || task == "ondupload" || task == "unregupload"))
{
checkIn.Result = "false";
checkIn.Message = "This Image Is Protected";
return(JsonConvert.SerializeObject(checkIn));
}
if (imageProfile.Image.Environment == "")
{
imageProfile.Image.Environment = "linux";
}
checkIn.ImageEnvironment = imageProfile.Image.Environment;
if (imageProfile.Image.Environment == "winpe")
{
arguments += "dp_id=\"" + imageDistributionPoint + "\"\r\n";
}
else
{
arguments += " dp_id=\"" + imageDistributionPoint + "\"";
}
var activeTask = new ActiveImagingTaskEntity();
activeTask.Direction = task;
activeTask.UserId = Convert.ToInt32(userId);
activeTask.Type = task;
activeTask.DpId = imageDistributionPoint;
activeTask.Status = "1";
if (computer == null)
{
//Create Task for an unregistered on demand computer
var rnd = new Random(DateTime.Now.Millisecond);
var newComputerId = rnd.Next(-200000, -100000);
if (imageProfile.Image.Environment == "winpe")
{
arguments += "computer_id=" + newComputerId + "\r\n";
}
else
{
arguments += " computer_id=" + newComputerId;
}
activeTask.ComputerId = newComputerId;
activeTask.Arguments = mac;
}
else
{
//Create Task for a registered on demand computer
activeTask.ComputerId = computer.Id;
activeTask.Arguments = arguments;
}
new ActiveImagingTaskServices().AddActiveImagingTask(activeTask);
var auditLog = new AuditLogEntity();
switch (task)
{
case "ondupload":
case "unregupload":
case "upload":
auditLog.AuditType = AuditEntry.Type.OndUpload;
break;
default:
auditLog.AuditType = AuditEntry.Type.OndDeploy;
break;
}
try
{
auditLog.ObjectId = activeTask.ComputerId;
var user = new UserServices().GetUser(activeTask.UserId);
if (user != null)
{
auditLog.UserName = user.Name;
}
auditLog.ObjectName = computer != null ? computer.Name : mac;
auditLog.Ip = "";
auditLog.UserId = activeTask.UserId;
auditLog.ObjectType = "Computer";
auditLog.ObjectJson = JsonConvert.SerializeObject(activeTask);
new AuditLogServices().AddAuditLog(auditLog);
auditLog.ObjectId = imageProfile.ImageId;
auditLog.ObjectName = imageProfile.Image.Name;
auditLog.ObjectType = "Image";
new AuditLogServices().AddAuditLog(auditLog);
}
catch
{
//Do Nothing
}
checkIn.Result = "true";
checkIn.TaskArguments = arguments;
checkIn.TaskId = activeTask.Id.ToString();
return(JsonConvert.SerializeObject(checkIn));
}
public ActiveImagingTaskServices()
{
_uow = new UnitOfWork();
_userServices = new UserServices();
}
public AuthenticationServices()
{
_userServices = new UserServices();
_userGroupServices = new UserGroupServices();
_userLockoutServices = new UserLockoutServices();
}
public ActiveMulticastSessionServices()
{
_uow = new UnitOfWork();
_userServices = new UserServices();
}
public UserGroupServices()
{
_uow = new UnitOfWork();
_userServices = new UserServices();
}
