public void AssociateRoles(string username)
{
string store = "CATS";
string application = "Early Warning";
string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString;
IAzManStorage AzManStore = new NetSqlAzMan.SqlAzManStorage(connectionString);
NetSqlAzMan.Cache.StorageCache storage = new NetSqlAzMan.Cache.StorageCache(connectionString);
storage.BuildStorageCache(store, application);
//storage.GetAuthorizedItems()
// NetSqlAzMan.Cache.AuthorizedItem[] items = storage.GetAuthorizedItems(store, application, AzManStore.GetDBUser(username).CustomSid.StringValue, DateTime.Now);
//var users = new string[] {"Me"};
var roles = new string[] { "Create" };
AddUserToRoles("me", roles, store, application);
}
private void btnSerializeUserPermissionCache_Click(object sender, EventArgs e)
{
string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=sa;password="******"c:\\ser.xml");
xSer.Serialize(fs, sc);
fs.Close();
fs = File.Open("c:\\ser.xml", FileMode.Open);
StorageCache sc2 = (StorageCache)xSer.Deserialize(fs);
fs.Close();
AuthorizationType result = sc2.CheckAccess("Italferr", "CartaDeiServizi", "Visualizza Richiesta RAC", WindowsIdentity.GetCurrent().GetUserBinarySSid(), DateTime.Now, false);
MessageBox.Show(result.ToString());
//string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;user id=sa;password="******"Italferr", "CartaDeiServizi", WindowsIdentity.GetCurrent(), true, true);
//BinaryFormatter xSer = new BinaryFormatter();
//FileStream fs = File.Create("c:\\ser.xml");
//xSer.Serialize(fs, upc);
//fs.Close();
//fs = File.Open("c:\\ser.xml", FileMode.Open);
//UserPermissionCache upc2 = (UserPermissionCache)xSer.Deserialize(fs);
//fs.Close();
//AuthorizationType result = upc2.CheckAccess("Visualizza Richiesta RAC", DateTime.Now);
//MessageBox.Show(result.ToString());
}
private void btnCacheTest_Click(object sender, EventArgs e)
{
NetSqlAzMan.Cache.StorageCache sc = new StorageCache("data source=.;Initial Catalog=NetSqlAzManStorage;Integrated Security = SSPI;");
sc.BuildStorageCache("Eidos; Olsa", "Web Portal; db persone");
//DateTime dtStart = DateTime.Now;
//IAzManStorage storage = new SqlAzManStorage("data source=.;Initial Catalog=NetSqlAzManStorage;Integrated Security = SSPI;");
//NetSqlAzMan.Cache.UserPermissionCache userPermissionCache = new NetSqlAzMan.Cache.UserPermissionCache(storage, "Italferr", "CartaDeiServizi", WindowsIdentity.GetCurrent(), true, true);
//AuthorizationType auth = userPermissionCache.CheckAccess("My Operation", DateTime.Now);
//MessageBox.Show(((TimeSpan)(DateTime.Now-dtStart)).TotalMilliseconds.ToString());
}
private void btnACL_Click(object sender, EventArgs e)
{
try
{
//string[] users = DirectoryServicesUtils.GetAllDomainUsers();
//IAzManStorage storage = new SqlAzManStorage("data source=.;Initial Catalog=NetSqlAzManStorage;Integrated Security = SSPI;");
//IAzManDBUser dbUser1 = storage.GetDBUser(new SqlAzManSID(this.GetBytesFromInt32(1), true));
//IAzManDBUser dbUser2 = storage.GetDBUser(new SqlAzManSID(this.GetBytesFromInt32(2), true));
//AuthorizationType auth1 = storage.CheckAccess("Eidos", "DB Persone", "Accesso", dbUser1, DateTime.Now, false);
//AuthorizationType auth2 = storage.CheckAccess("Eidos", "DB Persone", "Accesso", dbUser1, DateTime.Now, false);
//string cs = "data source=(local);Initial Catalog=NetSqlAzManStorage;Integrated Security=SSPI";
string cs = "data source=.;Initial Catalog=NetSqlAzManStorage;Integrated Security=SSPI";
var ctx = new[] { new KeyValuePair<string, object>("Value1", "111"), new KeyValuePair<string, object>("Value2", "222") };
IAzManStorage storage = new SqlAzManStorage(cs);
//DateTime dt = new DateTime(2009, 05, 01);
//AuthorizationType authz = storage.CheckAccess("Eidos", "DB Persone", "Super utente senza dati retributivi", WindowsIdentity.GetCurrent(), dt, false);
//authz = upcTest.CheckAccess("Super utente senza dati retributivi", dt);
//MessageBox.Show(authz.ToString());
DateTime t1, t2;
////return;
t1 = DateTime.Now;
StorageCache sc = new StorageCache(cs);
sc.BuildStorageCache();
//t2 = DateTime.Now;
////MessageBox.Show((t2 - t1).TotalMilliseconds.ToString());
//t1 = DateTime.Now;
//UserPermissionCache uupc = new UserPermissionCache(storage, "Eidos", "DB Persone", WindowsIdentity.GetCurrent(), true, true);
t2 = DateTime.Now;
//MessageBox.Show((t2 - t1).TotalMilliseconds.ToString());
//return;
//t1 = DateTime.Now;
//UserPermissionCache upcTest = new UserPermissionCache(storage, "Eidos", "DB Persone", WindowsIdentity.GetCurrent(), true, true, ctx);
//t2 = DateTime.Now;
//MessageBox.Show((t2 - t1).TotalMilliseconds.ToString());
//t1 = DateTime.Now;
//for (int i = 0; i < 1000; i++)
//{
// upcTest.CheckAccess("Accesso", DateTime.Now);
//}
//t2 = DateTime.Now;
//MessageBox.Show((t2 - t1).TotalMilliseconds.ToString());
string ssid = WindowsIdentity.GetCurrent().GetUserBinarySSid();
string[] gsid = WindowsIdentity.GetCurrent().GetGroupsBinarySSid();
//t1 = DateTime.Now;
//for (int i = 0; i < 1000; i++)
//{
// sc.CheckAccess("Eidos", "DB Persone", "Gestore", ssid, gsid, DateTime.Now, false);
//}
//t2 = DateTime.Now;
//MessageBox.Show((t2 - t1).TotalMilliseconds.ToString());
//sr.CacheServiceClient csc = new NetSqlAzMan_WinTest.sr.CacheServiceClient();
//csc.Open();
//t1 = DateTime.Now;
////for (int i = 0; i < 1000; i++)
////{
////var aauu = csc.CheckAccessForWindowsUsersWithoutAttributesRetrieve("ZZEntDataSvcs", "CommissionFeeTax", "Editor", ssid, gsid, DateTime.Now, false, null);
//var aauu = sc.CheckAccess("Eidos", "DB Persone", "Accesso", ssid, gsid, DateTime.Now, false, null);
// //csc.GetAuthorizedItemsForWindowsUsers("Eidos", "DB Persone", ssid, gsid, DateTime.Now, null);
////}
//t2 = DateTime.Now;
////MessageBox.Show((t2 - t1).TotalMilliseconds.ToString());
//csc.Close();
//t1 = DateTime.Now;
//for (int i = 0; i < 1000; i++)
//{
// storage.CheckAccess("Eidos", "DB Persone", "Gestore", WindowsIdentity.GetCurrent(), DateTime.Now, false);
//}
//t2 = DateTime.Now;
//MessageBox.Show((t2 - t1).TotalMilliseconds.ToString());
//return;
//DateTime dt = DateTime.Now;
//foreach (string user in users)
//{
// WindowsIdentity win = new WindowsIdentity(user);
// sc.CheckAccess("Eidos", "DB Persone", "Gestore", win.GetUserBinarySSid(), win.GetGroupsBinarySSid(), DateTime.Now, false);
//}
//TimeSpan ts = DateTime.Now.Subtract(dt);
//var seconds = ts.TotalSeconds;
//
//upcTest.CheckAccess("Accesso", DateTime.Now);
List<KeyValuePair<string, string>> attributes1;
List<KeyValuePair<string, string>> attributes2;
List<KeyValuePair<string, string>> attributes3;
//int h;
foreach (var store in storage.Stores)
{
foreach (var application in store.Value.Applications)
{
UserPermissionCache upc = new UserPermissionCache(storage, store.Value.Name, application.Value.Name, WindowsIdentity.GetCurrent(), true, true, ctx);
foreach (var item in application.Value.Items)
{
this.textBox1.Text += String.Format("Store: {0}\tApplication: {1}\tItem: {2}\r\n", store.Key, application.Key, item.Key);
AuthorizationType auth1 = sc.CheckAccess(store.Value.Name, application.Value.Name, item.Value.Name, WindowsIdentity.GetCurrent().GetUserBinarySSid(), WindowsIdentity.GetCurrent().GetGroupsBinarySSid(), DateTime.Now, false, out attributes1, ctx);
AuthorizationType auth2 = storage.CheckAccess(store.Value.Name, application.Value.Name, item.Value.Name, WindowsIdentity.GetCurrent(), DateTime.Now, false, out attributes2, ctx);
AuthorizationType auth3 = upc.CheckAccess(item.Value.Name, DateTime.Now, out attributes3);
//if (item.Key == "Method1")
// h = 9;
this.detectedDifferences(auth1, attributes1, auth2, attributes2);
this.detectedDifferences(auth2, attributes2, auth3, attributes3);
this.detectedDifferences(auth1, attributes1, auth3, attributes3);
}
}
}
MessageBox.Show("Done");
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
/// <summary>
/// Initializes the provider.
/// </summary>
/// <param name="name">The friendly name of the provider.</param>
/// <param name="config">A collection of the name/value pairs representing the provider-specific attributes specified in the configuration for this provider.</param>
/// <exception cref="T:System.ArgumentNullException">The name of the provider is null.</exception>
/// <exception cref="T:System.InvalidOperationException">An attempt is made to call <see cref="M:System.Configuration.Provider.ProviderBase.Initialize(System.String,System.Collections.Specialized.NameValueCollection)"></see> on a provider after the provider has already been initialized.</exception>
/// <exception cref="T:System.ArgumentException">The name of the provider has a length of zero.</exception>
public override void Initialize(string name, NameValueCollection config)
{
if (config["connectionStringName"] == null)
throw new ArgumentNullException("connectionStringName", "Connection String parameter required.");
if (System.Configuration.ConfigurationManager.ConnectionStrings[config["connectionStringName"]] == null)
throw new ApplicationException(String.Format("Connection String name=\"{0}\" not found.", config["connectionStringName"]));
if (config["storeName"] == null)
throw new ArgumentNullException("storeName", "Store Name parameter required.");
if (config["applicationName"] == null)
throw new ArgumentNullException("applicationName", "Application Name parameter required.");
if (config["userLookupType"] == null)
throw new ArgumentNullException("userLookupType", "userLookupType Name parameter required.");
if (config["userLookupType"] != "LDAP" && config["userLookupType"] != "DB")
throw new ArgumentNullException("userLookupType", "userLookupType invalid parameter. Possible values: \"LDAP\", \"DB\".");
if (config["defaultDomain"] == null)
throw new ArgumentNullException("defaultDomain", "defaultDomain Name parameter required.");
base.Initialize(name, config);
this.storeName = config["storeName"];
this.applicationName = config["applicationName"];
this.useWCFCacheService = config["UseWCFCacheService"] == null ? false : Boolean.Parse(config["UseWCFCacheService"]);
this.storageCache = new StorageCache(System.Configuration.ConfigurationManager.ConnectionStrings[config["connectionStringName"]].ConnectionString);
this.InvalidateCache(true);
this.UserLookupType = config["userLookupType"];
this.DefaultDomain = config["defaultDomain"];
}
protected void Page_Load(object sender, EventArgs e)
{
this.storage = this.Session["storage"] as IAzManStorage;
if (this.Session["selectedObject"] as IAzManStore!=null)
{
IAzManStore store = ((IAzManStore)this.Session["selectedObject"]);
this.applications = new IAzManApplication[store.Applications.Count];
store.Applications.Values.CopyTo(this.applications, 0);
}
else
{
this.applications = new IAzManApplication[] { (IAzManApplication)this.Session["selectedObject"] };
}
this.Text = "Effective Permissions";
this.Description = String.Empty;
this.Title = this.Text;
this.reportMode(true);
//Build Storage Cache
this.storageCache = new StorageCache(this.applications[0].Store.Storage.ConnectionString);
this.storageCache.BuildStorageCache(this.applications[0].Store.Name);
//Get All Domain Users
this.userUPNs = NetSqlAzMan.DirectoryServices.DirectoryServicesUtils.GetAllDomainUsers();
string nowaitpanel = this.Request["nowaitpanel"];
if (String.IsNullOrEmpty(nowaitpanel))
{
if (!Page.IsPostBack)
{
this.showWaitPanelNow(this.pnlWait, this.itemsHierachyPanel);
this.RegisterEndClientScript("window.location='rptEffectivePermissions.aspx?nowaitpanel=true';");
}
}
else if (nowaitpanel == "true")
{
this.itemsHierachyPanel.Visible = true;
this.pnlWait.Visible = false;
if (!Page.IsPostBack)
{
this.buildApplicationsTreeView();
this.itemsHierarchyTreeView.ExpandAll();
}
}
}
public List<Role> GetUserPermissions(string userName, string store, string application)
{
//throw new NotImplementedException();
//string userSid = userId.ToString("X");
//string zeroes = string.Empty;
//for (int start = 0; start < 8 - userSid.Length; start++)
// zeroes += "0";
string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString;
IAzManStorage AzManStore = new SqlAzManStorage(connectionString);
StorageCache storage = new StorageCache(connectionString);
//storage.BuildStorageCache(store, application);
//new AuthorizedItem(){}
//AuthorizedItem[] items = storage.GetAuthorizedItems(store, application, AzManStore.GetDBUser(userName).CustomSid.StringValue, DateTime.Now);
//AuthorizedItem[] items = storage.GetAuthorizedItems("CATS", application, AzManStore.GetDBUser(userName).CustomSid.StringValue, DateTime.Now, null);
var allItems = storage.Storage.GetStore(store).GetApplication(application).Items;
////var d = CheckAccess(AzManStore.GetDBUser(userName), application, "EW Coordinator", AzManStore);
var roleItems = (
from t in allItems
where t.Value.ItemType == ItemType.Role
select t
);
var roles = new List<Role>();
foreach (var item in roleItems)
{
var r = new Role();
r.RoleName = item.Value.Name;
r.IsChecked = CheckAccess(AzManStore.GetDBUser(userName), application, item.Value.Name, AzManStore);
roles.Add(r);
}
//AuthorizedItem[] items = storage.GetAuthorizedItems();
//var f =(from t in items where t.Authorization == AuthorizationType.Allow && t.Type == ItemType.Role select new Role { RoleName = t.Name }).ToList();
return roles;
}
public void AssociateRoles(string username)
{
string store = "CATS";
string application = "Early Warning";
string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["CatsContext"].ConnectionString;
IAzManStorage AzManStore = new NetSqlAzMan.SqlAzManStorage(connectionString);
NetSqlAzMan.Cache.StorageCache storage = new NetSqlAzMan.Cache.StorageCache(connectionString);
storage.BuildStorageCache(store, application);
//storage.GetAuthorizedItems()
// NetSqlAzMan.Cache.AuthorizedItem[] items = storage.GetAuthorizedItems(store, application, AzManStore.GetDBUser(username).CustomSid.StringValue, DateTime.Now);
//var users = new string[] {"Me"};
var roles = new string[] { "Create" };
AddUserToRoles("me", roles, store, application);
}
/// <summary>
/// Prints the body.
/// </summary>
/// <param name="e">The <see cref="T:System.Drawing.Printing.PrintPageEventArgs"/> instance containing the event data.</param>
protected override bool PrintPageBody(PrintPageEventArgs e)
{
float parentStoreX;
float parentStoreY;
if (this.applications == null || this.applications.Length == 0)
{
return false;
}
//Build Storage Cache
this.storageCache = new StorageCache(this.applications[0].Store.Storage.ConnectionString);
this.storageCache.BuildStorageCache(this.applications[0].Store.Name);
//Get All Domain Users
this.userUPNs = NetSqlAzMan.DirectoryServices.DirectoryServicesUtils.GetAllDomainUsers();
base.SkipLines(e, 1);
if (!this.alreadyPrinted.Contains(this.applications[0].Store))
{
this.alreadyPrinted.Add(this.applications[0].Store);
base.WriteLineString("\t", Properties.Resources.Store_16x16, String.Format("{0}{1}", this.applications[0].Store.Name, (String.IsNullOrEmpty(this.applications[0].Store.Description) ? String.Empty : String.Format(" - {0}", this.applications[0].Store.Description))), e);
}
parentStoreX = base.lastX + Properties.Resources.Store_16x16.Size.Width / 2;
parentStoreY = base.lastY + Properties.Resources.Store_16x16.Size.Height + 3;
if (base.EOP) return true;
float parentApplicationX = 0.0F;
float parentApplicationY = 0.0F;
foreach (IAzManApplication app in this.applications)
{
if (!this.alreadyPrinted.Contains(app))
{
base.WriteLineString("\t\t", Properties.Resources.Application_16x16, String.Format("{0}{1}", app.Name, (String.IsNullOrEmpty(app.Description) ? String.Empty : String.Format(" - {0}", app.Description))), e);
parentApplicationX = base.lastX + Properties.Resources.Application_16x16.Width / 2;
parentApplicationY = base.lastY + Properties.Resources.Application_16x16.Height + 3;
this.currentY += 3;
e.Graphics.DrawLine(base.pen, e.Graphics.MeasureString("\t\t", this.font).Width + Properties.Resources.Application_16x16.Size.Width + 3, this.currentY, this.right, this.currentY);
this.currentY += 3;
this.alreadyPrinted.Add(app);
if (base.EOP) return true;
}
//Roles
foreach (IAzManItem role in app.Items.Values)
{
if (role.ItemType == ItemType.Role)
{
if (this.PrintItem(e, role, 3, parentApplicationX, parentApplicationY))
return true;
}
}
//Tasks
foreach (IAzManItem task in app.Items.Values)
{
if (task.ItemType == ItemType.Task)
{
if (this.PrintItem(e, task, 3, parentApplicationX, parentApplicationY))
return true;
}
}
//Operations
foreach (IAzManItem operation in app.Items.Values)
{
if (operation.ItemType == ItemType.Operation)
{
if (this.PrintItem(e, operation, 3, parentApplicationX, parentApplicationY))
return true;
}
}
}
return false;
}
private void checkAccessTest(TreeNode tn)
{
string sItemType = String.Empty;
if (tn.ImageUrl.EndsWith("Role_16x16.gif"))
sItemType = "Role";
else if (tn.ImageUrl.EndsWith("Task_16x16.gif"))
sItemType = "Task";
else
sItemType = "Operation";
AuthorizationType auth = AuthorizationType.Neutral;
string sAuth = String.Empty;
DateTime chkStart = DateTime.Now;
TimeSpan elapsedTime = TimeSpan.Zero;
DateTime chkEnd = DateTime.Now;
List<KeyValuePair<string, string>> attributes = null;
//Cache Build
if (this.chkCache.Checked && this.cache == null)
{
this.WriteDetailMessage("Building UserPermissionCache ...");
if (this.wid != null)
{
this.cache = new NetSqlAzMan.Cache.UserPermissionCache(this.application.Store.Storage, this.application.Store.Name, this.application.Name, this.wid, true, false);
}
else if (this.dbuser != null)
{
this.cache = new NetSqlAzMan.Cache.UserPermissionCache(this.application.Store.Storage, this.application.Store.Name, this.application.Name, this.dbuser, true, false);
}
chkEnd = DateTime.Now;
elapsedTime = (TimeSpan)chkEnd.Subtract(chkStart);
this.WriteLineDetailMessage(String.Format("[{0} mls.]\r\n", elapsedTime.TotalMilliseconds));
}
else if (this.chkStorageCache.Checked && this.storageCache == null)
{
this.WriteDetailMessage("Building StorageCache ...");
this.storageCache = new NetSqlAzMan.Cache.StorageCache(this.application.Store.Storage.ConnectionString);
this.storageCache.BuildStorageCache(this.application.Store.Name, this.application.Name);
chkEnd = DateTime.Now;
elapsedTime = (TimeSpan)chkEnd.Subtract(chkStart);
this.WriteLineDetailMessage(String.Format("[{0} mls.]\r\n", elapsedTime.TotalMilliseconds));
}
chkStart = DateTime.Now;
elapsedTime = TimeSpan.Zero;
this.WriteDetailMessage(String.Format("{0} {1} '{2}' ... ", "Check Access Test on", sItemType, tn.Text));
try
{
if (this.wid != null)
{
if (this.chkCache.Checked)
{
auth = this.cache.CheckAccess(tn.Text, !String.IsNullOrEmpty(this.dtValidFor.Text) ? Convert.ToDateTime(this.dtValidFor.Text) : DateTime.Now, out attributes);
}
else if (this.chkStorageCache.Checked)
{
auth = this.storageCache.CheckAccess(this.application.Store.Name, this.application.Name, tn.Text, this.wid.GetUserBinarySSid(), this.wid.GetGroupsBinarySSid(), !String.IsNullOrEmpty(this.dtValidFor.Text) ? Convert.ToDateTime(this.dtValidFor.Text) : DateTime.Now, false, out attributes);
}
else
{
auth = this.application.Store.Storage.CheckAccess(this.application.Store.Name, this.application.Name, tn.Text, this.wid, !String.IsNullOrEmpty(this.dtValidFor.Text) ? Convert.ToDateTime(this.dtValidFor.Text) : DateTime.Now, false, out attributes);
}
}
else if (this.dbuser != null)
{
if (this.chkCache.Checked)
{
auth = this.cache.CheckAccess(tn.Text, !String.IsNullOrEmpty(this.dtValidFor.Text) ? Convert.ToDateTime(this.dtValidFor.Text) : DateTime.Now, out attributes);
}
else if (this.chkStorageCache.Checked)
{
auth = this.storageCache.CheckAccess(this.application.Store.Name, this.application.Name, tn.Text, this.dbuser.CustomSid.StringValue, !String.IsNullOrEmpty(this.dtValidFor.Text) ? Convert.ToDateTime(this.dtValidFor.Text) : DateTime.Now, false, out attributes);
}
else
{
auth = this.application.Store.Storage.CheckAccess(this.application.Store.Name, this.application.Name, tn.Text, this.dbuser, !String.IsNullOrEmpty(this.dtValidFor.Text) ? Convert.ToDateTime(this.dtValidFor.Text) : DateTime.Now, false, out attributes);
}
}
chkEnd = DateTime.Now;
elapsedTime = (TimeSpan)chkEnd.Subtract(chkStart);
sAuth = "Neutral";
switch (auth)
{
case AuthorizationType.AllowWithDelegation:
sAuth = "Allow with Delegation";
break;
case AuthorizationType.Allow:
sAuth = "Allow";
break;
case AuthorizationType.Deny:
sAuth = "Deny";
break;
case AuthorizationType.Neutral:
sAuth = "Neutral";
break;
}
tn.ToolTip = sAuth;
this.WriteLineDetailMessage(String.Format("{0} [{1} mls.]", sAuth, elapsedTime.TotalMilliseconds));
if (attributes != null && attributes.Count > 0)
{
this.WriteLineDetailMessage(String.Format(" {0} attribute(s) found:", attributes.Count));
int attributeIndex = 0;
foreach (KeyValuePair<string, string> attr in attributes)
{
this.WriteLineDetailMessage(String.Format(" {0}) Key: {1} Value: {2}", ++attributeIndex, attr.Key, attr.Value));
}
}
}
catch (Exception ex)
{
sAuth = "Check Access Test Error";
this.WriteLineDetailMessage(String.Format("{0} [{1} mls.]", ex.Message, elapsedTime.TotalMilliseconds));
}
tn.Text = String.Format("{0} - ({1})", tn.Text, sAuth.ToUpper());
foreach (TreeNode tnChild in tn.ChildNodes)
{
this.checkAccessTest(tnChild);
}
}
