/// <summary>
/// Change all the DateTime fields in the object which are marked as DateTimeKind.Unspecified to UTC
/// </summary>
/// <param name="obj"></param>
/// <param name="so"></param>
public static void GlobalizeObject(object obj, SessionObject so)
{
var cso = so as ConfiguredSessionObject;
if (obj == null || cso == null) return;
PropertyInfo[] properties = obj.GetType().GetProperties();
foreach (PropertyInfo prop in properties)
{
if (prop.PropertyType == typeof(DateTime))
{
var dt = (DateTime)prop.GetValue(obj, null);
if (dt != DateTime.MinValue && dt.Kind == DateTimeKind.Unspecified)
{
DateTime utc;
if (cso.RequiresTimeZoneConversion)
{
utc = cso.ToUtc(dt);
}
else
{
utc = DateTime.SpecifyKind(dt, DateTimeKind.Utc);
}
if (utc < TimeUtils.MinValue)
{
utc = TimeUtils.MinValue;
}
else if (utc > TimeUtils.MaxValue)
{
utc = TimeUtils.MaxValue;
}
prop.SetValue(obj, utc, null);
}
}
//if (prop.PropertyType == typeof(string) && prop.Name.Contains("TimeZone"))
//{
// string s = (string)prop.GetValue(obj, null);
// if (s.StartsWith("("))
// {
// prop.SetValue(obj, TimeUtils.GetTimeZoneID(s), null);
// }
//}
}
//if (obj is FullBusinessEntity)
//{
// var entity = (FullBusinessEntity)obj;
// EntityAttributes ea = entity.Attributes;
// if (ea != null && ea.HasAttributes)
// {
// //TODO look into this
// //foreach (object key in ea.Map.Keys)
// //{
// // ea.Map[key] = GlobalizeAttribute((string)ea.Map[key], cso);
// //}
// ea.UpdateAttributeString();
// }
//}
}
/// <summary>
/// Change timestamp from unspecified to utc.
/// </summary>
/// <param name="request"></param>
/// <param name="so"></param>
public static void Globalize(GetListByTimestampRequest request, SessionObject so)
{
var cso = (ConfiguredSessionObject)so;
if (cso.RequiresTimeZoneConversion)
{
request.TimeStamp = cso.ToUtc(request.TimeStamp);
}
}
public ConfiguredSessionObject(SessionObject session, SessionConfigGroup userCfg, LoginMode mode)
{
ApplicationID = session.ApplicationID;
SessionID = session.SessionID;
CRMID = session.CRMID;
SecurityEntityID = session.SecurityEntityID;
CompanyID = session.CompanyID;
Username = session.Username;
Password = session.Password;
Impersonation = session.Impersonation;
PermissionsList = session.PermissionsList;
Locale = userCfg.Locale;
EntityName = session.EntityName;
EntityType = session.EntityType;
TimeZoneKey = session.TimeZoneKey ?? "UTC";
EnableTimeZoneSelect = session.EnableTimeZoneSelect;
_configuration = userCfg;
Initialize(mode);
}
public SessionObject Clone()
{
//do a deep copy, fastest copy is just one on one
var res = new SessionObject();
res.Active = Active;
res.DateCreated = DateCreated;
res.DateModified = DateModified;
res.ApplicationID = ApplicationID;
res.SessionID = SessionID;
res.CRMID = CRMID;
res.SecurityEntityID = SecurityEntityID;
res.CompanyID = CompanyID;
res.EntityName = EntityName;
res.Username = Username;
res.Password = Password;
res.Impersonation = Impersonation;
res.EnableTimeZoneSelect = EnableTimeZoneSelect;
res.TimeZoneKey = TimeZoneKey;
res.PermissionsList = new List<Guid>(PermissionsList);
return res;
}
/// <summary>
/// Store a session in the cache.
/// </summary>
/// <param name="sessionObj">session to store, ID must not be Guid.Empty</param>
public void StoreSession(SessionObject sessionObj)
{
if (sessionObj.SessionID == Guid.Empty) throw new ArgumentException("StoreSession: SessionID must not be empty");
if (_Impl != null)
{
_Impl[sessionObj.SessionID.ToString()] = sessionObj;
}
}
/// <summary>
/// Check whether the authToken is in the permissions list. Throw SecurityException
/// if unauthorized.
/// </summary>
/// <param name="sessionID">identifies session that contains the permissions list</param>
/// <param name="authToken">token representing a requested permission</param>
/// <returns>the SessionObject that has the sessionID, if authorized, otherwise null.</returns>
public SessionObject CheckPermissions(Guid sessionID, Guid authToken)
{
var session = GetSession(sessionID);
if (session != null) return session;
// session not in cache
if (sessionID == SpecialSessionID) //HACK for Unit API
{
session = new SessionObject { SessionID = SpecialSessionID, TimeZoneKey = "UTC" };
StoreSession(session);
}
else
{
throw new SessionException(string.Format("NO_SESSION|sessionID:{0}", sessionID));
}
//if (session == null)
//{
// //TODO not in cache => load it and put in cache
//}
//if (!session.GrantedPermissions.Contains(authToken))
//{
// throw new SessionException("PERMISSION_DENIED|" + authToken);
//}
return session;
}
// Code below moved to Web Tier.
//public static void LocalizeAttributes(EntityAttributes ea, SessionObject so)
//{
// if (ea == null || !ea.HasAttributes) return;
// var cso = so as ConfiguredSessionObject;
// if (cso != null && cso.RequiresTimeZoneConversion)
// {
// var keyArray = new object[ea.Map.Keys.Count];
// ea.Map.Keys.CopyTo(keyArray, 0);
// foreach (object key in keyArray)
// {
// object val = ea.Map[key];
// if (val is string[])
// {
// var elems = (string[])val;
// for (int i = 0; i < elems.Length; i++)
// {
// elems[i] = LocalizeAttribute(elems[i], cso);
// }
// }
// else
// {
// ea.Map[key] = LocalizeAttribute((string)ea.Map[key], cso);
// }
// }
// ea.UpdateAttributeString();
// }
//}
//private static string LocalizeAttribute(string s, ConfiguredSessionObject cso)
//{
// if (s != null && s.Length == Formats.DateFmtLength && s[10] == 'T')
// {
// DateTime? dt = EntityAttributes.ParseDateTime(s);
// return dt.HasValue ? cso.FromUtc(dt.Value).ToString("s") : "INVALID";
// }
// return s;
//}
/// <summary>
/// Change all the DateTime fields in all the objects in the list if the are UTC, to preferred zone.
/// </summary>
/// <param name="list"></param>
/// <param name="so"></param>
public static void LocalizeObjectList(IList list, SessionObject so)
{
if (list == null) return;
var cso = so as ConfiguredSessionObject;
if (cso != null && cso.RequiresTimeZoneConversion)
{
foreach (object obj in list) LocalizeObject(obj, cso);
}
}
/// <summary>
/// Change all the DateTime fields which are UTC to the preferred zone
/// </summary>
/// <param name="obj"></param>
/// <param name="so"></param>
public static void LocalizeObject(object obj, SessionObject so)
{
if (obj == null)
{
return;
}
var cso = so as ConfiguredSessionObject;
if (cso != null && cso.RequiresTimeZoneConversion)
{
PropertyInfo[] properties = obj.GetType().GetProperties();
foreach (PropertyInfo prop in properties)
{
if (prop.PropertyType == typeof (DateTime))
{
var dt = (DateTime) prop.GetValue(obj, null);
if (dt.Kind == DateTimeKind.Utc)
{
DateTime local = cso.FromUtc(dt);
prop.SetValue(obj, local, null);
}
}
}
}
}
/// <summary>
/// Iterates thru the parameters of the request and converts every valid date in our standard date time format
/// to UTC. It interprets the date time strings as being in the configured time zone.
/// </summary>
/// <param name="request"></param>
/// <param name="so"></param>
public static void GlobalizeRequest(ParameterMessageBase request, SessionObject so)
{
var cso = so as ConfiguredSessionObject;
if (cso == null) return;
if (cso.RequiresTimeZoneConversion)
{
var list = new List<KeyValuePair<string, string>>();
foreach (string key in request.Keys)
{
string val = request[key];
DateTime dt;
if (DateTime.TryParseExact(val, "s", null, DateTimeStyles.None, out dt) ||
DateTime.TryParseExact(val, Formats.JsDateTimeFmt, null, DateTimeStyles.None, out dt))
{
DateTime utc = cso.ToUtc(dt);
list.Add(new KeyValuePair<string, string> { Key = key, Value = utc.ToString("s") });
}
}
foreach (var kv in list)
{
request[kv.Key] = kv.Value;
}
}
}
/// <summary>
/// Change all the DateTime fields in each object in the list which are marked as DateTimeKind.Unspecified to UTC
/// </summary>
/// <param name="list"></param>
/// <param name="so"></param>
public static void GlobalizeObjectList(IList list, SessionObject so)
{
var cso = so as ConfiguredSessionObject;
if (list == null || cso == null)
{
return;
}
if (cso.RequiresTimeZoneConversion)
{
foreach (object obj in list)
{
GlobalizeObject(obj, cso);
}
}
}
public GetItemResponse<SessionObject> GetSessionObject(SessionRequest request)
{
var response = new GetItemResponse<SessionObject>();
LogonLog logonLog = new LogonLog();
logonLog.ID = SequentialGuid.NewDbGuid();
logonLog.ApplicationID = request.ApplicationID;
logonLog.HostIPAddress = request.HostIPAddress;
logonLog.FailureCode = AuthenticationResult.Undefined;
logonLog.LoginUsername = request.Username.Truncate(50);
try
{
SessionObject sessionObj = null;
//look for session in cache, if exists return it.
sessionObj = SessionObjectCache.Instance.GetSession(request.SessionID);
if (sessionObj != null)
{
//we must clone otherwise wcf may mess up the channel
return new GetItemResponse<SessionObject>(sessionObj.Clone());
}
if (sessionObj == null)
{
if (request.SessionID != Guid.Empty)
{
_Log.InfoFormat("Session {0} not in cache", request.SessionID);
//log the session expiry - this must be a seperate log with a sepereate id see IM-4806
LogonLog expiryLog = new LogonLog();
expiryLog.ID = SequentialGuid.NewDbGuid();
expiryLog.ApplicationID = request.ApplicationID;
expiryLog.HostIPAddress = request.HostIPAddress;
expiryLog.FailureCode = AuthenticationResult.Undefined;
expiryLog.LoginUsername = request.Username.Truncate(50);
expiryLog.Logon = LogonType.SessionExpired;
expiryLog.SessionObjectID = request.SessionID;
expiryLog.SecurityEntityID = request.SecurityEntityID;
//companyid and userid are unknown
SaveLogonLog(new SaveRequest<LogonLog>(expiryLog));
}
SecurityEntity entity;
bool impersonation = false;
if (request.SecurityEntityID != Guid.Empty)
{
var seResponse = GetSecurityEntity(new IDRequest(request.SecurityEntityID));
ErrorHandler.Check(seResponse);
entity = seResponse.Item;
impersonation = true;
logonLog.Logon = LogonType.Impersonation;
if (entity != null)
{
logonLog.FailureCode = AuthenticationResult.Success;
logonLog.LoginUsername = entity.LoginUsername;
}
else
{
logonLog.FailureCode = AuthenticationResult.Undefined;
logonLog.LoginUsername = "******";
}
}
else
{
logonLog.FailureCode = Authenticate(request.Username, request.Password, request.Mode, request.EntityType, out entity);
logonLog.Logon = LogonType.UserLogon;
}
string msg = string.Format("SecurityEntity: {0} for `{1}` -> {2}/{3}", entity, request.Username, logonLog.Logon, logonLog.FailureCode);
_Log.Info(msg);
response.StatusMessage = msg;
if (entity == null)
{
response.Status = false;
logonLog.FailureCode = AuthenticationResult.SecurityEntityNotFound;
logonLog.Success = false;
logonLog.SessionObjectID = Guid.Empty;
logonLog.SecurityEntityID = Guid.Empty;
}
else
{
logonLog.CompanyID = entity.CompanyID;
logonLog.SecurityEntityID = entity.ID;
logonLog.UserID = entity.UserID;
if (logonLog.FailureCode == AuthenticationResult.Success)
{
var permissionList = GetSecurityPermissionList(request.ApplicationID, entity)
.ConvertAll<Guid>(permission => permission.SecurityObjectID);
// Check if this it is the Imarda Admin Console trying to log in thru the provioning service
// in that case Flags == 2, and the IAC login security object must be linked to the security entity of the user
if (request.Mode == LoginMode.IAC && !permissionList.Contains(AuthToken.ImardaAdminServiceLogin))
{
msg = string.Format("IAC login {0} failed, IAC permission for {1} not found", request.Username, entity);
_Log.Info(msg);
response.Status = false;
response.StatusMessage = msg;
logonLog.FailureCode = AuthenticationResult.IACPermissionNotFound;
logonLog.Success = false;
logonLog.SessionObjectID = Guid.Empty;
SaveLogonLog(new SaveRequest<LogonLog>(logonLog));
return response;
}
sessionObj = new SessionObject
{
ApplicationID = request.ApplicationID,
SessionID = Guid.NewGuid(),
CRMID = entity.CRMId,
SecurityEntityID = entity.ID,
CompanyID = entity.CompanyID,
Username = entity.LoginUsername,
Password = entity.LoginPassword,
PermissionsList = permissionList,
Impersonation = impersonation,
TimeZoneKey = entity.TimeZone,
EntityName = entity.EntityName,
EntityType = entity.EntityType,
EnableTimeZoneSelect = entity.EnableTimeZoneSelect,
};
logonLog.Success = true;
logonLog.SessionObjectID = sessionObj.SessionID;
SessionObjectCache.Instance.StoreSession(sessionObj);
_Log.InfoFormat("Store new session: {0}", sessionObj);
}
}
SaveLogonLog(new SaveRequest<LogonLog>(logonLog));
}
return new GetItemResponse<SessionObject>(sessionObj) {ErrorCode = logonLog.FailureCode.ToString()}; // StatusMessage = response.StatusMessage};
}
catch (Exception ex)
{
return ErrorHandler.Handle<GetItemResponse<SessionObject>>(ex);
}
}
