private static List <PrincipalInfo> ParallelGetPrincipal(string testUserName, RhetosAppOptions rhetosAppOptions, bool commitChanges) { var report = new ConcurrentDictionary <int, PrincipalInfo>(); const int threadCount = 4; // Recompute membership on authorization with multiple parallel requests: Parallel.For(0, threadCount, thread => { using (var container = new RhetosTestContainer(commitChanges)) { container.InitializeSession += builder => builder.RegisterInstance(rhetosAppOptions).ExternallyOwned(); try { var authorizationData = container.Resolve <AuthorizationDataLoader>(); // First call will automatically create a new principal, see AuthorizationAddUnregisteredPrincipals above. // Other calls should return the same principal. PrincipalInfo principal = authorizationData.GetPrincipal(testUserName); report[thread] = principal; } catch (Exception e) { Console.WriteLine(e); container.Resolve <IPersistenceTransaction>().DiscardChanges(); throw; } } }); Assert.AreEqual(threadCount, report.Count); return(report.Values.ToList()); }
/// <summary> /// Retrieves order for export and calls the IExportOrderService for each one /// </summary> /// <returns>A status message to be stored in the database log and visible from admin mode</returns> public override string Execute() { PrincipalInfo.CurrentPrincipal = PrincipalInfo.CreatePrincipal("admin"); //Call OnStatusChanged to periodically notify progress of job for manually started jobs OnStatusChanged("Starting looking for orders to export."); Stopwatch tmr = Stopwatch.StartNew(); List <ExportOrderInformation> results = new List <ExportOrderInformation>(); List <PurchaseOrder> orders = GetOrdersToExport(); tmr.Stop(); _log.Debug("Found {0} orders to export in {1}ms", orders.Count, tmr.ElapsedMilliseconds); if (_stopSignaled) { return("Job was stopped"); } IExportOrderService service = ServiceLocator.Current.GetInstance <IExportOrderService>(); foreach (PurchaseOrder purchaseOrder in orders) { if (_stopSignaled) { return("Job was stopped"); } OnStatusChanged(string.Format("Exporting order: {0}", purchaseOrder.TrackingNumber)); results.Add(ExportOrder(purchaseOrder, service)); } return(string.Format("Exported {0} orders", results.Count)); }
public PrincipalPermission(string name, string role, bool isAuthenticated) { principals = new ArrayList(); PrincipalInfo pi = new PrincipalInfo(name, role, isAuthenticated); principals.Add(pi); }
private static FieldUserValue GetUserFieldValue(string userName, ClientContext clientContext) { //Returns first principal match based on user identifier (display name, email, etc.) ClientResult <PrincipalInfo> principalInfo = Utility.ResolvePrincipal( clientContext, //context clientContext.Web, //web userName, //input PrincipalType.User, //scopes PrincipalSource.All, //sources null, //usersContainer false); //inputIsEmailOnly clientContext.ExecuteQuery(); PrincipalInfo person = principalInfo.Value; if (person != null) { //Get User field from login name User validatedUser = clientContext.Web.EnsureUser(person.LoginName); clientContext.Load(validatedUser); clientContext.ExecuteQuery(); if (validatedUser != null && validatedUser.Id > 0) { //Sets lookup ID for user field to the appropriate user ID FieldUserValue userFieldValue = new FieldUserValue(); userFieldValue.LookupId = validatedUser.Id; return(userFieldValue); } } return(null); }
public void FromXml(SecurityElement esd) { // General validation in CodeAccessPermission CheckSecurityElement(esd, "esd", version, version); // Note: we do not (yet) care about the return value // as we only accept version 1 (min/max values) principals.Clear(); // Children is null, not empty, when no child is present if (esd.Children != null) { foreach (SecurityElement se in esd.Children) { if (se.Tag != "Identity") { throw new ArgumentException("not IPermission/Identity"); } string name = se.Attribute("ID"); string role = se.Attribute("Role"); string auth = se.Attribute("Authenticated"); bool isAuthenticated = false; if (auth != null) { try { isAuthenticated = Boolean.Parse(auth); } catch {} } PrincipalInfo pi = new PrincipalInfo(name, role, isAuthenticated); principals.Add(pi); } } }
/// <summary> /// After the page is imported /// </summary> public void DataImporter_ContentImported(DataImporter dataImported, ContentImportedEventArgs e) { PageData page = null; if (!ContentReference.IsNullOrEmpty(e.ContentLink)) { page = DataFactory.Instance.Get <PageData>(e.ContentLink).CreateWritableClone(); } if (page == null) { return; } page["PageSaved"] = _originalValues.PageSaved; page["PageChanged"] = _originalValues.PageChanged; page["PageChangedBy"] = _originalValues.PageChangedBy; page["PageCreatedBy"] = _originalValues.PageCreatedBy; page["PageChangedOnPublish"] = true; PrincipalInfo.CurrentPrincipal = PrincipalInfo.CreatePrincipal(_originalValues.PageChangedBy); try { global::EPiServer.BaseLibrary.Context.Current["PageSaveDB:PageSaved"] = true; DataFactory.Instance.Save(page, SaveAction.ForceCurrentVersion | SaveAction.Publish | SaveAction.SkipValidation, AccessLevel.NoAccess); } finally { global::EPiServer.BaseLibrary.Context.Current["PageSaveDB:PageSaved"] = null; } MigrationHook.Invoke(new AfterPageImportEvent(e), Log); }
/// <summary> /// Gets roles for given principle /// </summary> /// <param name="principle"></param> /// <returns></returns> public static IEnumerable <string> GetRoles(this IPrincipal principle) { if (principle == null) { throw new ArgumentNullException(nameof(principle)); } var userPrinciple = new PrincipalInfo(principle); var list = new List <string>(userPrinciple.RoleList); foreach (string name in _VirtualRoleRepository.Service.GetAllRoles()) { VirtualRoleProviderBase virtualRoleProvider; if (_VirtualRoleRepository.Service.TryGetRole(name, out virtualRoleProvider) && virtualRoleProvider.IsInVirtualRole(userPrinciple.Principal, null)) { list.Add(name); } } if (Roles.Enabled) { list.AddRange(Roles.GetRolesForUser(userPrinciple.Name)); } return(list.Distinct()); }
private static List <PrincipalInfo> ParallelGetPrincipal(string testUserName, RhetosAppOptions rhetosAppOptions, bool commitChanges) { var report = new ConcurrentDictionary <int, PrincipalInfo>(); const int threadCount = 4; // Recompute membership on authorization with multiple parallel requests: Parallel.For(0, threadCount, thread => { using (var scope = TestScope.Create(builder => builder.RegisterInstance(rhetosAppOptions).ExternallyOwned())) { var authorizationData = scope.Resolve <AuthorizationDataLoader>(); // First call will automatically create a new principal, see AuthorizationAddUnregisteredPrincipals above. // Other calls should return the same principal. PrincipalInfo principal = authorizationData.GetPrincipal(testUserName); report[thread] = principal; if (commitChanges) { scope.CommitAndClose(); } } }); Assert.AreEqual(threadCount, report.Count); return(report.Values.ToList()); }
private IEnumerable <PrincipalInfo> EnumerateMembershipUsersInRole(string providerName, string roleName) { List <PrincipalInfo> userInfos = new List <PrincipalInfo>(); try { RoleProvider provider = Roles.Providers[providerName]; if (provider == null) { throw new ConfigurationErrorsException(String.Format("Role provider \"{0}\" not found", providerName)); } foreach (string username in provider.GetUsersInRole(roleName)) { PrincipalInfo resolvedUser = ResolveMembershipUser(null, username); if (resolvedUser != null) { userInfos.Add(resolvedUser); } } } catch (PrincipalResolveException) { throw; } catch (Exception ex) { userInfos.Add(ExceptionHandler(new PrincipalResolveException(roleName, ex))); } return(userInfos); }
public IEnumerable <PrincipalInfo> Resolve(SPUser user, IDisposable implicitContext) { try { CommonHelper.ConfirmNotNull(user, "user"); if (!resolvedIdentities.Contains(user.ID)) { resolvedIdentities.Add(user.ID); parentPrincipal = user; if (SPClaimProviderManager.IsEncodedClaim(user.LoginName)) { SPClaim claim = SPClaimProviderManager.Local.DecodeClaim(user.LoginName); if (claim.OriginalIssuer == "Windows") { if (claim.ClaimType == SPClaimTypes.UserLogonName) { PrincipalInfo userInfo = ResolveActiveDirectoryUser(IdentityType.SamAccountName, claim.Value); if (userInfo != null) { return(new[] { userInfo }); } return(new PrincipalInfo[0]); } if (claim.ClaimType == ClaimTypes_GroupSid) { return(EnumerateActiveDirectoryGroup(IdentityType.SamAccountName, user.Name)); } } if (claim.OriginalIssuer.StartsWith("Forms:")) { string providerName = claim.OriginalIssuer.Substring(6); if (claim.ClaimType == SPClaimTypes.UserLogonName) { PrincipalInfo userInfo = ResolveMembershipUser(providerName, claim.Value); if (userInfo != null) { return(new[] { userInfo }); } return(new PrincipalInfo[0]); } if (claim.ClaimType == ClaimTypes_Role) { return(EnumerateMembershipUsersInRole(providerName, claim.Value)); } } } if (user.IsDomainGroup) { return(EnumerateActiveDirectoryGroup(IdentityType.SamAccountName, user.LoginName)); } return(EnumerateBySamAccountName(user.LoginName)); } return(new PrincipalInfo[0]); } finally { if (implicitContext != null) { implicitContext.Dispose(); } } }
// Constructors public PrincipalPermission (PermissionState state) { principals = new ArrayList (); if (CodeAccessPermission.CheckPermissionState (state, true) == PermissionState.Unrestricted) { PrincipalInfo pi = new PrincipalInfo (null, null, true); principals.Add (pi); } }
// Constructors public PrincipalPermission(PermissionState state) { principals = new ArrayList(); if (CodeAccessPermission.CheckPermissionState(state, true) == PermissionState.Unrestricted) { PrincipalInfo pi = new PrincipalInfo(null, null, true); principals.Add(pi); } }
private void TransformPage(PageData sourcePage, bool clearPropertyValues = true) { MigrationHook.Invoke(new BeforePageTransformEvent(sourcePage), Logger); _currentConvertablePageData.Properties = sourcePage.Property; _currentConvertablePageData.TypeName = sourcePage.PageTypeName; var pTRepo = ServiceLocator.Current.GetInstance <PageTypeRepository>(); var sourcePageType = pTRepo.Load(sourcePage.PageTypeID); var targetPageType = pTRepo.Load(_mapper.GetTargetPageType(sourcePage)); string result; //Convert The Page if (clearPropertyValues) { var keys = new List <KeyValuePair <int, int> >(); var properties = sourcePage.Property.Select(p => p.PropertyDefinitionID).Where(p => p > 0); foreach (var propertyId in properties) { keys.Add(new KeyValuePair <int, int>(propertyId, 0)); } //Convert The Page result = PageTypeConverter.Convert(sourcePage.PageLink, sourcePageType, targetPageType, keys, false, false, _repo); } else { result = PageTypeConverter.Convert(sourcePage.PageLink, sourcePageType, targetPageType, new List <KeyValuePair <int, int> >(), false, false, _repo); } Logger.Log(result); var transformedPage = _repo.Get <PageData>(sourcePage.PageLink).CreateWritableClone(); _mapper.SetPropertyValues(transformedPage, _currentConvertablePageData); transformedPage.URLSegment = UrlSegment.GetUrlFriendlySegment(transformedPage.URLSegment); var oldPrincipal = PrincipalInfo.CurrentPrincipal; try { PrincipalInfo.CurrentPrincipal = PrincipalInfo.CreatePrincipal(sourcePage.ChangedBy); global::EPiServer.BaseLibrary.Context.Current["PageSaveDB:PageSaved"] = true; var savedPage = _repo.Save(transformedPage, SaveAction.ForceCurrentVersion | SaveAction.Publish | SaveAction.SkipValidation, AccessLevel.NoAccess); MigrationHook.Invoke(new AfterPageTransformEvent(savedPage), Logger); } finally { global::EPiServer.BaseLibrary.Context.Current["PageSaveDB:PageSaved"] = null; PrincipalInfo.CurrentPrincipal = oldPrincipal; } }
private IEnumerable <PrincipalInfo> EnumerateBySamAccountName(string samAccountName) { List <PrincipalInfo> userInfos = new List <PrincipalInfo>(); string[] tokens = samAccountName.Split('\\'); PrincipalContext context = null; try { if (tokens.Length == 1) { context = PrincipalContextScope.Current.LocalContext; } else if ("NT AUTHORITY".Equals(tokens[0], StringComparison.OrdinalIgnoreCase) || "SHAREPOINT".Equals(tokens[0], StringComparison.OrdinalIgnoreCase)) { context = null; } else { context = PrincipalContextScope.Current.GetContextByDomainName(tokens[0]); } } catch (Exception ex) { userInfos.Add(ExceptionHandler(new ADPrincipalResolveException(IdentityType.SamAccountName, samAccountName, ex))); } if (context != null) { PrincipalContextScope.Current.EnterContext(context); try { Principal principal = Principal.FindByIdentity(context, IdentityType.SamAccountName, tokens.Last()); if (principal != null) { using (principal) { if (principal is GroupPrincipal) { userInfos.AddRange(EnumerateActiveDirectoryGroup((GroupPrincipal)principal)); } else if (principal is UserPrincipal) { PrincipalInfo userInfo = ResolveActiveDirectoryUser((UserPrincipal)principal); if (userInfo != null) { userInfos.Add(userInfo); } } } } } catch (ADPrincipalResolveException) { throw; } catch (Exception ex) { userInfos.Add(ExceptionHandler(new ADPrincipalResolveException(IdentityType.SamAccountName, samAccountName, ex))); } finally { PrincipalContextScope.Current.LeaveContext(); } } return(userInfos); }
private static void AddCurrentUserToEpiLogin(string userName) { if (string.IsNullOrEmpty(userName)) { return; } PrincipalInfo.CurrentPrincipal = PrincipalInfo.CreatePrincipal(userName); SetAuthCookie(userName, false); }
public IPermission Intersect(IPermission target) { PrincipalPermission pp = Cast(target); if (pp == null) { return(null); } if (IsUnrestricted()) { return(pp.Copy()); } if (pp.IsUnrestricted()) { return(Copy()); } PrincipalPermission intersect = new PrincipalPermission(PermissionState.None); foreach (PrincipalInfo pi in principals) { foreach (PrincipalInfo opi in pp.principals) { if (pi.IsAuthenticated == opi.IsAuthenticated) { string name = null; if ((pi.Name == opi.Name) || (opi.Name == null)) { name = pi.Name; } else if (pi.Name == null) { name = opi.Name; } string role = null; if ((pi.Role == opi.Role) || (opi.Role == null)) { role = pi.Role; } else if (pi.Role == null) { role = opi.Role; } if ((name != null) || (role != null)) { PrincipalInfo ipi = new PrincipalInfo(name, role, pi.IsAuthenticated); intersect.principals.Add(ipi); } } } } return((intersect.principals.Count > 0) ? intersect : null); }
/// <summary> /// Login user to CMS /// </summary> private void Login() { if (User.Identity.IsAuthenticated) { return; } PrincipalInfo.CurrentPrincipal = PrincipalInfo.CreatePrincipal(UserName); if (FormsSettings.IsFormsAuthentication) { FormsAuthentication.SetAuthCookie(UserName, false); } }
internal SPUserInformation(PrincipalInfo principal) { if (principal == null) { throw new ArgumentNullException(nameof(principal)); } Id = principal.PrincipalId; Name = principal.DisplayName; Login = principal.LoginName; Email = principal.Email; ImageUrl = $"/api/web/users/photo/{Email}/S";//$"https://outlook.office365.com/owa/service.svc/s/GetPersonaPhoto?email={Email}&size=HR64x64"; Phone = principal.Mobile; }
/// <summary> /// Provides information about one principal, either a user or a group. /// </summary> /// <param name="adobeConnectXmlApi">The adobe connect XML API.</param> /// <param name="principalId">The principal identifier.</param> /// <returns> /// <see cref="PrincipalInfo" /> /// </returns> /// <exception cref="System.ArgumentNullException">principalId</exception> public static PrincipalInfoStatus GetPrincipalInfo(this AdobeConnectXmlAPI adobeConnectXmlApi, string principalId) { if (String.IsNullOrEmpty(principalId)) { throw new ArgumentNullException("principalId"); } ApiStatus s = adobeConnectXmlApi.ProcessApiRequest("principal-info", String.Format("principal-id={0}", principalId)); var principalInfoStatus = Helpers.WrapBaseStatusInfo <PrincipalInfoStatus>(s); if (s.Code != StatusCodes.OK || s.ResultDocument == null) { return(null); } var principalInfo = new PrincipalInfo(); try { XElement contactData = s.ResultDocument.XPathSelectElement("//contact"); if (contactData != null) { principalInfo.Contact = XmlSerializerHelpersGeneric.FromXML <Contact>(contactData.CreateReader()); } XElement preferencesData = s.ResultDocument.XPathSelectElement("//preferences"); if (preferencesData != null) { principalInfo.Preferences = XmlSerializerHelpersGeneric.FromXML <Preferences>(preferencesData.CreateReader()); } XElement principalData = s.ResultDocument.XPathSelectElement("//principal"); if (principalData != null) { principalInfo.PrincipalData = XmlSerializerHelpersGeneric.FromXML <Principal>(principalData.CreateReader()); } } catch (Exception ex) { throw; } principalInfoStatus.Result = principalInfo; return(principalInfoStatus); }
/// <summary> /// Ladda alla noder med data från filstrukturen /// </summary> /// <param name="context">Den HttpContext appen körs i</param> /// <param name="dirId">GUID för rotkatalogen</param> private FileTreeInfo Load(HttpContext context, string dirId) { //Hämta epi användare. var username = context.User.Identity.Name; var epiUser = PrincipalInfo.CreatePrincipal(username); var contentRepository = ServiceLocator.Current.GetInstance <IContentRepository>(); var folder = contentRepository.Get <ContentFolder>(ContentReference.Parse(dirId)); var rootNode = new FileTreeInfo { id = "root", parentId = "", name = "roten", size = 0, link = "", type = "root", children = new List <FileTreeInfo>() //folder = true, //folderPath = "", //key = "0", //path = "", //title = "rooten", }; var includedRootNode = new FileTreeInfo { id = dirId.ToString(CultureInfo.InvariantCulture), type = "dir", name = folder.Name, parentId = rootNode.id, size = 0, link = folder.Name, children = new List <FileTreeInfo>() //key = dirId.ToString(CultureInfo.InvariantCulture), //folder = true, //title = folder.Name, //path = folder.Name, //folderPath = folder.Name + "/", //edit = getRightsJson(folder, AccessLevel.Edit), //delete = getRightsJson(folder, AccessLevel.Delete), //contentreference = folder.ContentLink.ToString(), //typeofmedia = "folder", }; rootNode.children.Add(includedRootNode); LoadRecursiveFromMedia(folder, includedRootNode, epiUser, dirId); return(rootNode); }
public static PrincipalInfo GetInfo(this ClaimsPrincipal principal) { if (!principal.Identity.IsAuthenticated) { throw new NotAuthorizedException("Principal is not authenticated"); } var identity = (ClaimsIdentity)principal.Identity; var claims = identity.Claims.ToList(); PrincipalInfo result = new PrincipalInfo(); Set(() => result.Login, claims, "login"); Set(() => result.CompanyIdentifier, claims, "company"); return(result); }
public virtual async Task <IHttpActionResult> PostCmsImport(Guid id) { if (!Request.Content.IsMimeMultipartContent()) { _logger.Error(InvalidMediaTypeMessage, Request.CreateResponseException(InvalidMediaTypeMessage, HttpStatusCode.UnsupportedMediaType)); throw Request.CreateResponseException(InvalidMediaTypeMessage, HttpStatusCode.UnsupportedMediaType); } var file = await Request.GetUploadedFile(UploadPaths.IntegrationDataPath); var destinationRoot = _permanentLinkMapper.Find(id); if (destinationRoot == null) { return(Ok(id)); } var importerOptions = ImportOptions.DefaultOptions; importerOptions.KeepIdentity = true; importerOptions.ValidateDestination = true; importerOptions.EnsureContentNameUniqueness = true; importerOptions.IsTest = false; var importer = _dataImporterAccessor(); PrincipalInfo.RecreatePrincipalForThreading(); var state = new ImporterState { Destination = destinationRoot.ContentReference, Importer = importer, Options = importerOptions, Stream = new FileStream(file.LocalFileName, FileMode.Open) }; var message = await ImportFileThread(state); if (string.IsNullOrEmpty(message)) { return(Ok(id)); } else { throw Request.CreateResponseException(message, HttpStatusCode.InternalServerError); } }
public IPermission Union(IPermission target) { // Handle the easy cases first. if (target == null) { return(Copy()); } else if (!(target is PrincipalPermission)) { throw new ArgumentException(_("Arg_PermissionMismatch")); } else if (IsUnrestricted() || ((PrincipalPermission)target).IsUnrestricted()) { return(new PrincipalPermission (PermissionState.Unrestricted)); } // Form the union of the two lists. PrincipalPermission perm = new PrincipalPermission(this, true); PrincipalInfo other, newPrin; foreach (PrincipalInfo prin in ((PrincipalPermission)target) .principals) { other = perm.Find(prin.name, prin.role); if (other == null) { newPrin = new PrincipalInfo(); newPrin.name = prin.name; newPrin.role = prin.role; newPrin.isAuthenticated = prin.isAuthenticated; perm.principals.Add(newPrin); } else { other.isAuthenticated = (prin.isAuthenticated || other.isAuthenticated); } } return(perm); }
private IEnumerable <PrincipalInfo> EnumerateActiveDirectoryGroup(GroupPrincipal group) { List <PrincipalInfo> userInfos = new List <PrincipalInfo>(); if (!resolvedIdentities.Contains(group.DistinguishedName)) { resolvedIdentities.Add(group.DistinguishedName); try { DirectoryEntry groupEntry = (DirectoryEntry)group.GetUnderlyingObject(); foreach (string dn in groupEntry.Properties["member"]) { try { DirectoryEntry memberEntry = new DirectoryEntry("LDAP://" + dn); PropertyCollection userProps = memberEntry.Properties; object[] objectClass = (object[])userProps["objectClass"].Value; if (objectClass.Contains("group")) { userInfos.AddRange(EnumerateActiveDirectoryGroup(IdentityType.DistinguishedName, userProps["distinguishedName"].Value.ToString())); continue; } if (objectClass.Contains("foreignSecurityPrincipal")) { userInfos.AddRange(EnumerateForeignSecurityPrincipal(memberEntry)); continue; } PrincipalInfo userInfo = ResolveActiveDirectoryUser(IdentityType.DistinguishedName, dn); if (userInfo != null) { userInfos.Add(userInfo); } } catch (Exception ex) { userInfos.Add(ExceptionHandler(new ADPrincipalResolveException(IdentityType.DistinguishedName, dn, ex))); } } } catch (ADPrincipalResolveException) { throw; } catch (Exception ex) { userInfos.Add(ExceptionHandler(new ADPrincipalResolveException(IdentityType.DistinguishedName, group.DistinguishedName, ex))); } } return(userInfos); }
public IPermission Intersect(IPermission target) { // Handle the easy cases first. if (target == null) { return(target); } else if (!(target is PrincipalPermission)) { throw new ArgumentException(_("Arg_PermissionMismatch")); } else if (((PrincipalPermission)target).IsUnrestricted()) { if (IsUnrestricted()) { return(Copy()); } } else if (IsUnrestricted()) { return(target.Copy()); } // Form the intersection of the two principal lists. PrincipalPermission perm = new PrincipalPermission(this, false); PrincipalInfo other, newPrin; foreach (PrincipalInfo prin in principals) { other = Find(prin.name, prin.role); if (other != null) { newPrin = new PrincipalInfo(); newPrin.name = prin.name; newPrin.role = prin.role; newPrin.isAuthenticated = prin.isAuthenticated && other.isAuthenticated; perm.principals.Add(newPrin); } } return(perm); }
/// <summary> /// Retrieves the full name of a C-Access user. /// </summary> /// <param name="user">The C-Access user to retrieve.</param> /// <returns>The full name on record for C-Access user <paramref name="user"/> otherwise null.</returns> public static string GetFullName(MembershipUser user) { if (user != null) { string username = ToSPLoginName(user.UserName); using (People proxy = new People()) { if (!string.IsNullOrWhiteSpace(SPContentSiteUrl)) { proxy.Url = SPContentSiteUrl + "/_vti_bin/People.asmx"; } proxy.Credentials = CredentialCache.DefaultNetworkCredentials; PrincipalInfo[] matches = proxy.SearchPrincipals(username, 1, SPPrincipalType.User); if (matches.Length > 0) { PrincipalInfo userPI = matches[0]; return(userPI.DisplayName); } } } return(null); }
public IPermission Intersect(IPermission target) { // Handle the easy cases first. if(target == null) { return target; } else if(!(target is PrincipalPermission)) { throw new ArgumentException(_("Arg_PermissionMismatch")); } else if(((PrincipalPermission)target).IsUnrestricted()) { if(IsUnrestricted()) { return Copy(); } } else if(IsUnrestricted()) { return target.Copy(); } // Form the intersection of the two principal lists. PrincipalPermission perm = new PrincipalPermission(this, false); PrincipalInfo other, newPrin; foreach(PrincipalInfo prin in principals) { other = Find(prin.name, prin.role); if(other != null) { newPrin = new PrincipalInfo(); newPrin.name = prin.name; newPrin.role = prin.role; newPrin.isAuthenticated = prin.isAuthenticated && other.isAuthenticated; perm.principals.Add(newPrin); } } return perm; }
public void ParallelRequestsTryCreatePrincipal() { string u1Name = TestName + "U"; string r1Name = TestName + "P"; string commonTestSuffix = Guid.NewGuid().ToString().Replace("-", ""); IPrincipal u1Prototype; Common.Role r1; RhetosAppOptions rhetosAppOptions; using (var scope = TestScope.Create($"{u1Name}-{r1Name}", commonTestSuffix)) { rhetosAppOptions = scope.Resolve <RhetosAppOptions>(); u1Prototype = scope.NewPrincipal(u1Name); var roles = scope.Resolve <GenericRepository <Common.Role> >(); r1 = scope.NewRole(r1Name); roles.Insert(r1); scope.CommitAndClose(); } rhetosAppOptions.AuthorizationAddUnregisteredPrincipals = true; for (int test = 0; test < 5; test++) { Console.WriteLine("Test: " + test); // Test setup: PrincipalHasRole is deleted to make sure it is not up-to-date. // PrincipalHasRole will be recomputed when reading PrincipalHasRole. using (var scope = TestScope.Create($"{u1Name}-{r1Name}", commonTestSuffix)) { var principals = scope.Resolve <GenericRepository <IPrincipal> >(); principals.Delete(principals.Load(p => p.Name.Contains(TestName))); var membership = scope.Resolve <GenericRepository <Common.PrincipalHasRole> >(); membership.Delete(membership.Load()); Assert.AreEqual(@"", scope.ReportMembership(), "Initial empty membership."); AuthorizationDataCache.ClearCache(); scope.CommitAndClose(); } // Recompute membership on authorization with multiple parallel requests: Parallel.For(0, 4, thread => { using (var scope = TestScope.Create($"{u1Name}-{r1Name}", commonTestSuffix, builder => builder.RegisterInstance(rhetosAppOptions).ExternallyOwned())) { var authorizationData = scope.Resolve <IAuthorizationData>(); var authorizationProvider = scope.Resolve <CommonAuthorizationProvider>(); PrincipalInfo u1 = authorizationData.GetPrincipal(u1Prototype.Name); // First call will automatically create a new principal, see AuthorizationAddUnregisteredPrincipals above. var userRoles = authorizationProvider.GetUsersRoles(u1); Assert.AreEqual($@"\{r1Name}", scope.ReportRoles(userRoles), "User's roles should be recomputed."); Assert.AreEqual($@"\{u1Name}-\{r1Name}", scope.ReportMembership(), "Updated role membership"); scope.CommitAndClose(); } }); } }
public static void SetPrincipalInfo(this HttpContext context, PrincipalInfo principalInfo) { context.Items[RequestDataKey.PrincipalInfo] = principalInfo; }
private void LoadDefaultGroupOwner(string adminGroup) { _parentModel.IsBusy = true; _parentModel.IsError = false; _peopleServiceAgent.ResolvePrincipal(adminGroup, (principalInfo, e) => { _dispatcher.BeginInvoke(new Action(() => { if (e == null) _adminGroupInfo = principalInfo; else { _parentModel.IsError = true; _parentModel.ErrorMessage = "Resolve User or Group Failed!"; } _parentModel.IsBusy = false; })); }); }
public IPermission Union(IPermission target) { // Handle the easy cases first. if(target == null) { return Copy(); } else if(!(target is PrincipalPermission)) { throw new ArgumentException(_("Arg_PermissionMismatch")); } else if(IsUnrestricted() || ((PrincipalPermission)target).IsUnrestricted()) { return new PrincipalPermission (PermissionState.Unrestricted); } // Form the union of the two lists. PrincipalPermission perm = new PrincipalPermission(this, true); PrincipalInfo other, newPrin; foreach(PrincipalInfo prin in ((PrincipalPermission)target) .principals) { other = perm.Find(prin.name, prin.role); if(other == null) { newPrin = new PrincipalInfo(); newPrin.name = prin.name; newPrin.role = prin.role; newPrin.isAuthenticated = prin.isAuthenticated; perm.principals.Add(newPrin); } else { other.isAuthenticated = (prin.isAuthenticated || other.isAuthenticated); } } return perm; }
/// <summary> /// Gets principal from username /// </summary> /// <param name="username"></param> /// <returns></returns> public static IPrincipal GetUser(string username) => PrincipalInfo.CreatePrincipal(username);
public static void AddAclForUser(this AccessControlListQuery query, VirtualRoleRepository <VirtualRoleProviderBase> virtualRoleRepository, PrincipalInfo principal, object context) { if (principal == null) { return; } Validator.ThrowIfNull("virtualRoleRepository", virtualRoleRepository); if (!string.IsNullOrEmpty(principal.Name)) { query.AddUser(principal.Name); } ICollection <string> roleList = principal.RoleList; if (roleList != null) { foreach (string current in roleList) { query.AddRole(current); } } foreach (string current2 in virtualRoleRepository.GetAllRoles()) { VirtualRoleProviderBase virtualRoleProviderBase; if (virtualRoleRepository.TryGetRole(current2, out virtualRoleProviderBase) && virtualRoleProviderBase.IsInVirtualRole(principal.Principal, context)) { query.AddRole(current2); } } }
public PrincipalPermission (string name, string role, bool isAuthenticated) { principals = new ArrayList (); PrincipalInfo pi = new PrincipalInfo (name, role, isAuthenticated); principals.Add (pi); }
public static void AddAclForUser(this AccessControlListQuery query, PrincipalInfo principal, object context) { query.AddAclForUser(VirtualRoleRepository <VirtualRoleProviderBase> .GetDefault(), principal, context); }
public IPermission Intersect (IPermission target) { PrincipalPermission pp = Cast (target); if (pp == null) return null; if (IsUnrestricted ()) return pp.Copy (); if (pp.IsUnrestricted ()) return Copy (); PrincipalPermission intersect = new PrincipalPermission (PermissionState.None); foreach (PrincipalInfo pi in principals) { foreach (PrincipalInfo opi in pp.principals) { if (pi.IsAuthenticated == opi.IsAuthenticated) { string name = null; if ((pi.Name == opi.Name) || (opi.Name == null)) name = pi.Name; else if (pi.Name == null) name = opi.Name; string role = null; if ((pi.Role == opi.Role) || (opi.Role == null)) role = pi.Role; else if (pi.Role == null) role = opi.Role; if ((name != null) || (role != null)) { PrincipalInfo ipi = new PrincipalInfo (name, role, pi.IsAuthenticated); intersect.principals.Add (ipi); } } } } return ((intersect.principals.Count > 0) ? intersect : null); }
public void FromXml (SecurityElement elem) { // General validation in CodeAccessPermission CheckSecurityElement (elem, "elem", version, version); // Note: we do not (yet) care about the return value // as we only accept version 1 (min/max values) principals.Clear (); // Children is null, not empty, when no child is present if (elem.Children != null) { foreach (SecurityElement se in elem.Children) { if (se.Tag != "Identity") throw new ArgumentException ("not IPermission/Identity"); string name = se.Attribute ("ID"); string role = se.Attribute ("Role"); string auth = se.Attribute ("Authenticated"); bool isAuthenticated = false; if (auth != null) { try { isAuthenticated = Boolean.Parse (auth); } catch {} } PrincipalInfo pi = new PrincipalInfo (name, role, isAuthenticated); principals.Add (pi); } } }