/// <summary>
/// Initializes a new instance of the <see cref="DbAuthenticationProvider"/> class
/// </summary>
/// <exception cref="AuthConfigurationException">Missing or invalid configuration at .config</exception>
public DbAuthenticationProvider()
{
AuthUtils.ValidateConfig(ConfigManager.Instance.Config.DBAuth, this.GetType());
AuthUtils.ValidateConfig(ConfigManager.Instance.Config.DBAuth.Authentication, this.GetType());
string connectionStringName = ConfigManager.Instance.Config.DBAuth.Authentication.ConnectionStringName;
if (string.IsNullOrEmpty(connectionStringName))
{
throw new AuthConfigurationException(Errors.DbAuthMissingConnectionStringName);
}
var connectionStringSettings = ConfigurationManager.ConnectionStrings[connectionStringName];
if (connectionStringSettings == null)
{
throw new AuthConfigurationException(Errors.DbAuthMissingConnectionStringName);
}
if (!AuthUtils.ValidateContains(this._selectQuery, DbConstants.UserMacro))
{
string invalidQuery = string.Format(
CultureInfo.CurrentCulture, Errors.DbAuthenticationInvalidSqlQuery, DbConstants.UserMacro);
throw new AuthConfigurationException(
string.Format(
CultureInfo.CurrentCulture,
Errors.DbAuthInvalidSqlQuery,
this.GetType().Name,
invalidQuery));
}
this._database = new Database(connectionStringSettings);
string userParam = this._database.BuildParameterName(DbConstants.UserParamName);
this._query = this._selectQuery.Replace(DbConstants.UserMacro, userParam);
}
/// <summary>
/// Check if the specified user with user name and password exists.
/// </summary>
/// <param name="user">
/// The <see cref="IUser"/> object that holds the user credentials
/// </param>
/// <returns>
/// True if the specified user with user name and password exists. Else false
/// </returns>
private bool Exists(IUser user)
{
object o = this._database.ExecuteScalar(this._query, new[] { this._database.CreateInParameter(DbConstants.UserParamName, DbType.String, user.UserName) });
if (o != null)
{
return(user.CheckPasswordEnc(AuthUtils.ConvertDBValue <string>(o)));
}
return(false);
}
/// <summary>
/// Initializes a new instance of the <see cref="DbAuthorizationProvider"/> class.
/// Initialize a new instance of the <see cref="DbAuthorizationProvider"/> class
/// </summary>
public DbAuthorizationProvider()
{
// check configuration
AuthUtils.ValidateConfig(ConfigManager.Instance.Config.DBAuth, this.GetType());
AuthUtils.ValidateConfig(ConfigManager.Instance.Config.DBAuth.Authorization, this.GetType());
string connectionStringName = ConfigManager.Instance.Config.DBAuth.Authorization.ConnectionStringName;
if (string.IsNullOrEmpty(connectionStringName))
{
connectionStringName = ConfigManager.Instance.Config.DBAuth.Authentication != null
? ConfigManager.Instance.Config.DBAuth.Authentication.ConnectionStringName
: null;
}
if (string.IsNullOrEmpty(connectionStringName))
{
throw new AuthConfigurationException(Errors.DbAuthMissingConnectionStringName);
}
var connectionStringSettings = ConfigurationManager.ConnectionStrings[connectionStringName];
if (connectionStringSettings == null)
{
throw new AuthConfigurationException(Errors.DbAuthMissingConnectionStringName);
}
this._selectQuery = ConfigManager.Instance.Config.DBAuth.Authorization.Sql;
if (
!AuthUtils.ValidateContains(
this._selectQuery,
DbConstants.UserMacro,
DbConstants.DataflowIdMacro,
DbConstants.DataflowVersionMacro,
DbConstants.DataflowAgencyIdMacro))
{
string missingMessage = string.Format(
CultureInfo.CurrentCulture,
Errors.DbAuthMissingConnectionStringName,
DbConstants.DataflowIdMacro,
DbConstants.DataflowVersionMacro,
DbConstants.DataflowAgencyIdMacro,
DbConstants.UserMacro);
throw new AuthConfigurationException(
string.Format(
CultureInfo.CurrentCulture, Errors.DbAuthInvalidSqlQuery, this.GetType().Name, missingMessage));
}
this._database = new Database(connectionStringSettings);
}
/// <summary>
/// Retrieve allowed dataflows for user from the database
/// </summary>
/// <param name="user">
/// The user
/// </param>
protected void RetrieveAllowedDataFlows(IUser user)
{
this._dataflowSet.Clear();
this._dataflowIdSet.Clear();
string userParam = this._database.BuildParameterName(DbConstants.UserParamName);
string sql =
this._selectQuery.Replace(DbConstants.UserMacro, userParam).Replace(
DbConstants.DataflowIdMacro, DbConstants.DataflowIdField).Replace(
DbConstants.DataflowVersionMacro, DbConstants.DataflowVersionField).Replace(
DbConstants.DataflowAgencyIdMacro, DbConstants.DataflowAgencyIdField);
using (DbCommand command = this._database.GetSqlStringCommand(sql))
{
this._database.AddInParameter(command, DbConstants.UserParamName, DbType.String, user.UserName);
using (IDataReader reader = this._database.ExecuteReader(command))
{
int idIdx = reader.GetOrdinal(DbConstants.DataflowIdField);
int versionIdx = reader.GetOrdinal(DbConstants.DataflowVersionField);
int agencyIdx = reader.GetOrdinal(DbConstants.DataflowAgencyIdField);
while (reader.Read())
{
IMaintainableRefObject dataflowRefBean = new MaintainableRefObjectImpl
{
MaintainableId = AuthUtils.ConvertDBValue <string>(reader.GetValue(idIdx)),
AgencyId = AuthUtils.ConvertDBValue <string>(reader.GetValue(agencyIdx)),
Version = AuthUtils.ConvertDBValue <string>(reader.GetValue(versionIdx))
};
if (!this._dataflowSet.ContainsKey(dataflowRefBean))
{
this._dataflowSet.Add(dataflowRefBean, dataflowRefBean.MaintainableId);
List <IMaintainableRefObject> dataflowRefBeans;
if (!this._dataflowIdSet.TryGetValue(dataflowRefBean.MaintainableId, out dataflowRefBeans))
{
dataflowRefBeans = new List <IMaintainableRefObject>();
this._dataflowIdSet.Add(dataflowRefBean.MaintainableId, dataflowRefBeans);
}
dataflowRefBeans.Add(dataflowRefBean);
}
}
}
}
}
/// <summary>
/// Initializes a new instance of the <see cref="NsiAuthModule"/> class.
/// Create a new instance of the <see cref="NsiAuthModule"/> class
/// </summary>
public NsiAuthModule()
{
_log.Debug("Starting SRI Authentication and dataflow authorization module.");
AuthUtils.ValidateConfig(ConfigManager.Instance.Config, this.GetType());
this._userCred = UserCredentialsFactory.Instance.CreateUserCredentials();
this._authentication = AuthenticationProviderFactory.Instance.CreateAuthenticationProvider();
this._realm = ConfigManager.Instance.Config.Realm;
string anonUser = ConfigManager.Instance.Config.AnonymousUser;
if (!string.IsNullOrEmpty(anonUser))
{
this._anonUser = UserFactory.Instance.CreateUser(this._realm);
if (this._anonUser != null)
{
this._anonUser.UserName = anonUser;
}
}
}
