/// <summary>
/// Determine whether the specified Network User is a member of the specified Network Group
/// </summary>
/// <param name="userSAMAccountName">The simple name (SAM Account Name) e.g. "corc1", of the User</param>
/// <param name="groupCommonName">The Common Name of the Group</param>
/// <returns>Whether the User is (true) or is not (false) a member of the specified Network Group</returns>
internal bool UserIsNetworkGroupMember(string userSAMAccountName, string groupCommonName)
{
bool userIsNetworkGroupMember = false;
if (_DefaultNamingContext != null)
{
// There is a Default Naming Context
try
{
// Get the Group's Distinguished Name
string groupDistinguishedName = DistinguishedNameFromCommonName(groupCommonName);
if (groupDistinguishedName != null)
{
// Got Group Distinguished Name
string userDistinguishedName = DistinguishedNameFromSAMAccountName(userSAMAccountName);
Collections.CaseIgnoringSortedSetType userGroupDistinguishedNameCollection = NetworkGroupsForUser(LdapObjectPath(userDistinguishedName), true);
if (userGroupDistinguishedNameCollection != null)
{
// Search returned a result
userIsNetworkGroupMember = userGroupDistinguishedNameCollection.Contains(groupDistinguishedName);
} // Search returned a result
} // Got Group Distinguished Name
}
catch (Exception eek)
{
}
} // There is a Default Naming Context
return(userIsNetworkGroupMember);
}
/// <summary>
/// Produce a Collection of the simple names (Common Names)
/// of the Network Groups of which the specified User is a member
/// </summary>
/// <param name="userCommonName">The name (sAMAccountName) of the User</param>
/// <returns>A Collection of names (Common Names) of Groups of which the User is a member</returns>
internal Collections.CaseIgnoringSortedSetType NetworkGroupsForUserName(string userCommonName)
{
var userGroupsCommonNameCollection = new Collections.CaseIgnoringSortedSetType();
if (_DefaultNamingContext != null)
{
// There is a Default Naming Context
try
{
string userDistinguishedName = DistinguishedNameFromSAMAccountName(userCommonName);
if (userDistinguishedName != null)
{
// Got User distinguished Name
// Get a Collection of Groups of which the User is a member
Collections.CaseIgnoringSortedSetType userGroupDistinguishedNameCollection = NetworkGroupsForUser(LdapObjectPath(userDistinguishedName), true);
// Copy suitable details of the Collection of Group Distinguished Names to a Collection of Group Common Names
foreach (string groupDistinguishedName in userGroupDistinguishedNameCollection)
{
userGroupsCommonNameCollection.Add(CommonNameFromDistinguishedName(groupDistinguishedName));
}
} // Got User distinguished Name
}
catch (Exception eek)
{
}
} // There is a Default Naming Context
return(userGroupsCommonNameCollection);
}
/// <summary>
/// Return a Set of the Distinguished Names of all Users within the supplied Active Directory Group
/// </summary>
/// <param name="groupCommonName">The Common Name of the "group"</param>
/// <returns>A "Case Ignoring Sorted Set" of Distinguished Names of group members</returns>
internal Collections.CaseIgnoringSortedSetType NetworkDistinguishedNamesForGroupName(string groupCommonName)
{
Collections.CaseIgnoringSortedSetType groupUserDistinguishedNameCollection = new Collections.CaseIgnoringSortedSetType();
SearchResultCollection groupSearchResultCollection =
SearchResultCollectionFindAll("(&(cn=" + groupCommonName + ")(ObjectClass=group))");
if (groupSearchResultCollection != null)
{
// The search returned at least one result
foreach (SearchResult groupSearchResult in groupSearchResultCollection)
{
DirectoryEntry groupDirectoryEntry = groupSearchResult.GetDirectoryEntry();
Collections.CaseIgnoringSortedSetType entryGroupUserDistinguishedNameCollection = NetworkUsersInGroup(groupDirectoryEntry.Path, true);
foreach (string distinguishedName in entryGroupUserDistinguishedNameCollection)
{
groupUserDistinguishedNameCollection.Add(distinguishedName);
}
}
}
return(groupUserDistinguishedNameCollection);
}
private void btnExecute_Click(object sender, EventArgs e)
{
if (!String.IsNullOrEmpty(comboNetworkGroupList.Text))
{
UserAccessDetail userAccessDetailTest = new UserAccessDetail();
if (userAccessDetailTest.UserWithTechRefIsNetworkGroupMember("CHCO", "System builders"))
{
Debug.WriteLine("Tech Ref is in Group");
}
else
{
Debug.WriteLine("Tech Ref is NOT in Group");
}
lstADGroupMembers.Items.Clear();
UserAccessDetail userAccessDetail = new UserAccessDetail();
Collections.CaseIgnoringSortedSetType groupUserCollection = userAccessDetail.NetworkUsersForGroupName(comboNetworkGroupList.Text);
foreach (string userName in groupUserCollection)
{
lstADGroupMembers.Items.Add(userName);
}
}
}
/// <summary>
/// Returns the TMS Permission of the user with the supplied WindowsIdentity
/// </summary>
/// <param name="windowsIdentity">The WindowsIdentity for the user which will either come from System.Security.Principal or System.ServiceModel.ServiceSecurityContext.Current</param>
/// <returns>User Access Permission for the specified User</returns>
public static Enumerations.PermissionType UserAccessPermission(WindowsIdentity windowsIdentity)
{
Enumerations.PermissionType userAccessPermission = Enumerations.PermissionType.None;
// A Chassis User Permission Override does not exist
string userName = windowsIdentity.Name;
int backslashPos = userName.LastIndexOf(@"\");
string simpleUserName = backslashPos == -1 ? userName : userName.Substring(backslashPos + 1);
// For speed, cache the User's Group membership
Collections.CaseIgnoringSortedSetType userNetworkGroupCollection = UserAccessDetail.NetworkGroupsForUserName(simpleUserName);
// Determine which Group of which the User is a member starting with the lowest Permission
if (userNetworkGroupCollection.Contains(TmsPermissionNetworkGroupName[Enumerations.PermissionType.Read]))
{
userAccessPermission = Enumerations.PermissionType.Read;
}
else if (
userNetworkGroupCollection.Contains(
TmsPermissionNetworkGroupName[Enumerations.PermissionType.Full]))
{
userAccessPermission = Enumerations.PermissionType.Full;
}
// A Chassis User Permission Override does not exist
return(userAccessPermission);
}
static void UpdateComboThread(Object obj)
{
MainForm mainForm = (MainForm)obj;
UserAccessDetail userAccessDetail = new UserAccessDetail();
Collections.CaseIgnoringSortedSetType networkGroupSet = userAccessDetail.NetworkGroupSet();
mainForm.UpdateCombo(networkGroupSet);
}
/// <summary>
/// Useful function for displaying the contents of all Properties of the Object
/// associated with the supplied Active Directory Entry
/// </summary>
/// <param name="directoryEntry">The Active Directory Entry for the object</param>
private void ShowAllProperties(DirectoryEntry directoryEntry)
{
Debug.WriteLine("Directory Entry Properties for Object \"" + directoryEntry.Name + "\" of class \"" + directoryEntry.SchemaClassName + "\"");
foreach (string propertyName in directoryEntry.Properties.PropertyNames)
{
Debug.WriteLine(" " + propertyName + "=" + directoryEntry.Properties[propertyName]);
Collections.CaseIgnoringSortedSetType propertyValueSet = new Collections.CaseIgnoringSortedSetType();
propertyValueSet = AttributeValuesMultiString(propertyName, directoryEntry, propertyValueSet);
foreach (string propertyValue in propertyValueSet)
{
string valueString = " " + propertyName + "=" + propertyValue;
Debug.WriteLine(valueString);
}
}
}
/// <summary>
/// Return a Set containing the names of all Active Directory Objects of type "group"
/// </summary>
/// <returns>A "Case Ignoring Sorted Set" of Common Names of Active Directory Groups</returns>
internal Collections.CaseIgnoringSortedSetType NetworkGroupSet()
{
Collections.CaseIgnoringSortedSetType networkGroupCommonNameCollection = new Collections.CaseIgnoringSortedSetType();
SearchResultCollection groupSearchResultCollection = SearchResultCollectionFindAll("(&(cn=*)(ObjectClass=group))");
if (groupSearchResultCollection != null)
{
// The search returned at least one result
foreach (SearchResult groupSearchResult in groupSearchResultCollection)
{
DirectoryEntry groupDirectoryEntry = groupSearchResult.GetDirectoryEntry();
networkGroupCommonNameCollection.Add(CommonNameFromDistinguishedName(groupDirectoryEntry.Path));
}
} // The search returned at least one result
return(networkGroupCommonNameCollection);
}
/// <summary>
/// Determine whether the Network User corresponding to the supplied
/// Technician's Reference is a member of the specified Network Group
/// </summary>
/// <param name="techRef">The Underwriting Technician's Reference e.g. "CHCO" of the User</param>
/// <param name="groupName">The Common Name of the Group</param>
/// <returns>Whether the User is (true) or is not (false) a member of the specified Network Group</returns>
internal bool UserWithTechRefIsNetworkGroupMember(string techRef, string groupCommonName)
{
bool userIsNetworkGroupMember = false;
Collections.CaseIgnoringSortedSetType userDistinguishedNamesForGroupName = NetworkDistinguishedNamesForGroupName(groupCommonName);
// Examine the Tech Ref for all the Users in the Group looking for a match
for (int userIndex = 0; (!userIsNetworkGroupMember) && (userIndex < userDistinguishedNamesForGroupName.Count); ++userIndex)
{
string userDistinguishedName = userDistinguishedNamesForGroupName.ElementAt(userIndex);
string userTechRef = UserTechRef(userDistinguishedName);
if ((userTechRef != null) && (String.Compare(userTechRef, techRef, true /* ignore case */) == 0))
{
// A user with the specified Underwriting Technician's Reference is in the group
userIsNetworkGroupMember = true;
}
}
return(userIsNetworkGroupMember);
}
private void UpdateCombo(Collections.CaseIgnoringSortedSetType groupNameSet)
{
// Check whether an Invoke is required by checking any control for an Invoke being Required
if (!comboNetworkGroupList.InvokeRequired)
{
foreach (string networkGroupName in groupNameSet)
{
comboNetworkGroupList.Items.Add(networkGroupName);
}
comboNetworkGroupList.Text = "";
comboNetworkGroupList.Enabled = true;
comboNetworkGroupList.Select();
}
else
{
UpdateComboDelegate updateComboDelegate = new UpdateComboDelegate(UpdateCombo);
this.Invoke(updateComboDelegate, groupNameSet);
}
}
/// <summary>
/// Produce the possible multiple values of the specified Attribute for the supplied object
/// without performing recursion
/// </summary>
/// <param name="attributeName">The name of the Attribute</param>
/// <param name="objectEntry">The Directory Entry for the Object</param>
/// <param name="valuesCollection">A Collection of values of the specified Attribute</param>
/// <param name="recursive">Whether the search should be recursive or not</param>
/// <returns>A Collection of Values for the specified Attribute</returns>
private Collections.CaseIgnoringSortedSetType AttributeValuesMultiString(string attributeName, DirectoryEntry objectEntry, Collections.CaseIgnoringSortedSetType valuesCollection, bool recursive)
{
PropertyValueCollection ValueCollection = objectEntry.Properties[attributeName];
IEnumerator enumerator = ValueCollection.GetEnumerator();
while (enumerator.MoveNext())
{
if (enumerator.Current != null)
{
if (!valuesCollection.Contains(enumerator.Current.ToString()))
{
valuesCollection.Add(enumerator.Current.ToString());
if (recursive)
{
AttributeValuesMultiString(attributeName, LdapPrefix + enumerator.Current.ToString(), valuesCollection, true);
}
}
}
}
return(valuesCollection);
}
/// <summary>
/// Produce the possible multiple values of the specified Attribute for the specified object
/// without performing recursion
/// </summary>
/// <param name="attributeName">The name of the Attribute</param>
/// <param name="objectDistinguishedName">The Distinguished Name of the Object</param>
/// <param name="valuesCollection">A Collection of values of the specified Attribute</param>
/// <returns>A Collection of Values for the specified Attribute</returns>
private Collections.CaseIgnoringSortedSetType AttributeValuesMultiString(string attributeName, DirectoryEntry objectEntry, Collections.CaseIgnoringSortedSetType valuesCollection)
{
return(AttributeValuesMultiString(attributeName, objectEntry, valuesCollection, false));
}
/// <summary>
/// Produce the possible multiple values of the specified Attribute for the specified Object
/// </summary>
/// <param name="attributeName">The name of the Attribute</param>
/// <param name="objectDistinguishedName">The Distinguished Name of the Object</param>
/// <param name="valuesCollection">A Collection of values of the specified Attribute</param>
/// <param name="recursive">Whether the search should be recursive or not</param>
/// <returns>A Collection of Values for the specified Attribute</returns>
private Collections.CaseIgnoringSortedSetType AttributeValuesMultiString(string attributeName, string objectDistinguishedName, Collections.CaseIgnoringSortedSetType valuesCollection, bool recursive)
{
DirectoryEntry objectEntry = new DirectoryEntry(objectDistinguishedName);
valuesCollection = AttributeValuesMultiString(attributeName, objectEntry, valuesCollection, recursive);
objectEntry.Close();
objectEntry.Dispose();
return(valuesCollection);
}
/// <summary>
/// Produce a Collection of Distinguished Names representing the Network Users
/// that belong to the specified Group
/// </summary>
/// <param name="groupLdapPath">The LDAP Path for Network Group</param>
/// <param name="recursive">Whether the search should be recursive or not</param>
/// <returns>A Collection of Network User Distinguished Names that are members of the Group</returns>
private Collections.CaseIgnoringSortedSetType NetworkUsersInGroup(string groupLdapPath, bool recursive)
{
Collections.CaseIgnoringSortedSetType userMemberships = new Collections.CaseIgnoringSortedSetType();
return(AttributeValuesMultiString("member", groupLdapPath, userMemberships, recursive));
}
/// <summary>
/// Produce a Collection of Distinguished Names representing the Network Groups
/// of which the specified Network User is a member
/// </summary>
/// <param name="userLdapPath">The LDAP Path for Network User</param>
/// <param name="recursive">Whether the search should be recursive or not</param>
/// <returns>A Collection of Network Group Distinguished Names of which the User is a member</returns>
private Collections.CaseIgnoringSortedSetType NetworkGroupsForUser(string userLdapPath, bool recursive)
{
Collections.CaseIgnoringSortedSetType groupMemberships = new Collections.CaseIgnoringSortedSetType();
return(AttributeValuesMultiString("memberOf", userLdapPath, groupMemberships, recursive));
}
