internal static void SetDatabaseOwnerImp(string userName) { if (IsFirstTimeUsedImp) { SetupImp(); ModelUserRightsCollection rights = ModelUserRights.GetByName("owner"); foreach(ModelUserRights mur in rights) mur.Delete(); ModelUserRights ur = new ModelUserRights("owner", userName); ur.Create(); return; } throw new UnauthorizedAccessException("Access Denied"); }
internal static void SetupImp() { ModelUser mu = new ModelUser("Everyone"); if (!mu.Exists) { mu.PasswordHash = null; mu.Enabled = false; mu.Create(); ModelUserRights ur = new ModelUserRights("owner", "Everyone"); ur.Create(); } Securable s = new Securable(typeof(ApplicationExceptionSecureService).FullName); if (!s.Exists) { // Default configuration - the safe way. s.TimeSessionIsIssued = 20; s.AllowAnonymousAccess = true; s.Enabled = true; s.GenerationPasswordLength = 6; s.AllowedIPFailures = 10; s.IPsMustBePreregistered = false; s.IPFailureTimeDenying = 60; s.DisableIPFiltering = false; s.SessionsPerIPAllowed = 2; s.Create(); } }
internal static void ChangeRightsImp(string userName, string userRightDescriptor, bool allow, string SessionToken) { ModelSession session = CheckSessionImp(SessionToken); if (CheckUserRightsImp(session.User.Name, "ManageDataAccess")) { if (allow) { if (userRightDescriptor.ToLowerInvariant() == "owner") { if (!CheckUserRightsImp(session.User.Name, "owner")) { throw new UnauthorizedAccessException("Access Denied"); } else { new ModelUserRights("owner", session.User.Name).Delete(); } } ModelUserRights ur = new ModelUserRights(userRightDescriptor.ToLowerInvariant(), userName); ur.Create(); return; } else { ModelUserRights ur = new ModelUserRights(userRightDescriptor.ToLowerInvariant(), userName); ur.Delete(); return; } } throw new UnauthorizedAccessException("Access Denied"); }