public static object Regiser() { string configXmlPath = Rally.Framework.Authorization.ModuleConfiguration.DefaultResourceACConfigurationFilePath; string configXml = ""; if (!IO.File.Exists(configXmlPath)) { return(null); } using (FileStream stream = new FileStream(configXmlPath, FileMode.Open, FileAccess.Read, FileShare.Read)) { using (StreamReader reader = new StreamReader(stream)) { configXml = reader.ReadToEnd(); } } ResourceAuthConfiguration authConf = XmlUtility.XmlDeserialize <ResourceAuthConfiguration>(configXml, new Type[] { typeof(Resource), typeof(Subject), typeof(Scope), typeof(Action) }, "utf-8"); IAuthorization authorizationManager = Facade.CreateAuthorizationManager(); string regiseredOpId = null, registeredScopeId = null; string[] ops = authorizationManager.GetDataTypeOperations(null), scopes = authorizationManager.GetDataScopes(null); List <string> opsRegistered = null, scopesRegistered = null, rolesRegistered = null, allRoles = new List <string>(); List <object> identityResults = null; if (authConf != null) { opsRegistered = new List <string>(); scopesRegistered = new List <string>(); //rolesRegistered = new List<string>(); foreach (var resource in authConf.Resources) { if (resource != null) { if ((resource.Actions != null) && (resource.Actions.Length > 0)) { if (ops == null) { ops = new string[] { }; } ops = ops.Select(o => o.ToLower()).ToArray(); foreach (var action in resource.Actions) { if ((action != null) && (!ops.Contains(action.ID.ToLower())) && (!opsRegistered.Contains(action.ID.ToLower()))) { regiseredOpId = (int)authorizationManager.RegisterOperation(resource.Name, action.ID, action.Name) >= 0 ? action.ID : null; if (!String.IsNullOrEmpty(regiseredOpId)) { opsRegistered.Add(regiseredOpId.ToLower()); } } } if (Rally.Framework.Authorization.ModuleConfiguration.ShouldDeleteObsoleteOperationsOnRegistration) { var obsoleteRoleOps = authorizationManager.GetRoleOperations(null) as IList <IDictionary <string, object> >; obsoleteRoleOps = obsoleteRoleOps == null ? null : obsoleteRoleOps.Where(ro => !opsRegistered.Contains((string)ro["OperationId"]) && !ops.Contains((string)ro["OperationId"])) as IList <IDictionary <string, object> >; if (obsoleteRoleOps != null && obsoleteRoleOps.Count > 0) { for (int i = 0; i < obsoleteRoleOps.Count; i++) { authorizationManager.DeleteOperation((string)obsoleteRoleOps[i]["OperationId"]); } } var obsoleteObjectAuthItems = authorizationManager.GetObjectAuthItems() as IList <IDictionary <string, object> >; obsoleteObjectAuthItems = obsoleteObjectAuthItems == null ? null : obsoleteObjectAuthItems.Where(oo => !opsRegistered.Contains((string)oo["OperationId"]) && !ops.Contains((string)oo["OperationId"])) as IList <IDictionary <string, object> >; if (obsoleteObjectAuthItems != null && obsoleteObjectAuthItems.Count > 0) { for (int i = 0; i < obsoleteObjectAuthItems.Count; i++) { authorizationManager.DeleteOperation((string)obsoleteObjectAuthItems[i]["OperationId"]); } } var obsoleteOps = authorizationManager.GetOperations() as IList <IDictionary <string, object> >; obsoleteOps = obsoleteOps == null ? null : obsoleteOps.Where(o => !opsRegistered.Contains((string)o["Id"]) && !ops.Contains((string)o["Id"])) as IList <IDictionary <string, object> >; if (obsoleteOps != null && obsoleteOps.Count > 0) { for (int i = 0; i < obsoleteOps.Count; i++) { authorizationManager.DeleteOperation((string)obsoleteOps[i]["Id"]); } } } } if ((resource.Scopes != null) && (resource.Scopes.Length > 0)) { if (scopes == null) { scopes = new string[] { }; } scopes = scopes.Select(s => s.ToLower()).ToArray(); foreach (var scope in resource.Scopes) { if ((scope != null) && (!scopes.Contains(scope.ID.ToLower())) && (!scopesRegistered.Contains(scope.ID.ToLower()))) { registeredScopeId = (int)authorizationManager.RegisterDataScope(resource.Name, scope.ID, scope.Name, scope.Type, resource.Key) >= 0 ? scope.ID : null; if (!String.IsNullOrEmpty(registeredScopeId)) { scopesRegistered.Add(registeredScopeId.ToLower()); } } } if (Rally.Framework.Authorization.ModuleConfiguration.ShouldDeleteObsoleteDataScopesOnRegistration) { var obsoleteRoleDataScopes = authorizationManager.GetRoleDataScopes(null) as IList <IDictionary <string, object> >; obsoleteRoleDataScopes = obsoleteRoleDataScopes == null ? null : obsoleteRoleDataScopes.Where(rd => !!scopesRegistered.Contains((string)rd["DataScopeId"]) && !scopes.Contains((string)rd["DataScopeId"])) as IList <IDictionary <string, object> >; if (obsoleteRoleDataScopes != null && obsoleteRoleDataScopes.Count > 0) { for (int i = 0; i < obsoleteRoleDataScopes.Count; i++) { authorizationManager.DeleteDataScope((string)obsoleteRoleDataScopes[i]["DataScopeId"]); } } var obsoleteDataScopes = authorizationManager.GetDataScopes(null) as string[]; obsoleteDataScopes = obsoleteDataScopes == null ? null : obsoleteDataScopes.Where(ds => !scopesRegistered.Contains(ds) && !scopes.Contains(ds)) as string[]; if (obsoleteDataScopes != null && obsoleteDataScopes.Length > 0) { for (int i = 0; i < obsoleteDataScopes.Length; i++) { authorizationManager.DeleteDataScope(obsoleteDataScopes[i]); } } } } if ((resource.Subjects != null) && (resource.Subjects.Length > 0)) { var accountManager = Facade.CreateAccountManager(); var userManager = Facade.CreateUserManager(); IDictionary <string, string> rolesToRegister = new Dictionary <string, string>(); IDictionary <string, string> roleDescriptions = new Dictionary <string, string>(); foreach (var subject in resource.Subjects) { if (subject.Type.ToLower() == "fixedrole") { allRoles.Add(subject.ID); if (!authorizationManager.RoleExists(subject.ID, subject.Name)) { rolesToRegister.Add(subject.ID, subject.Name); roleDescriptions.Add(subject.ID, subject.Description); } } else if (subject.Type.ToLower() == "fixeduser") { bool userExists = userManager.UserExists(subject.ID, subject.Name); var identityUser = accountManager.GetAccount(subject.ID); if (identityUser == null) { identityUser = accountManager.GetAccountByNickName(subject.Name); } if ((identityUser != null) && userExists && Rally.Framework.Authorization.ModuleConfiguration.ShouldDeleteObsoleteUsersOnRegistration) { } if (identityUser == null && !userExists) { userManager.AddUser <Core.DomainModel.Account>(subject.ID, subject.Name, Rally.Framework.Authentication.ModuleConfiguration.DefaultFixedUserPassword, (u) => { string userId = u.ToString(); var account = new Core.DomainModel.Account() { ID = userId, Name = subject.Name, NickName = subject.Name }; accountManager.AddAccount(account); return(account); }); } } } rolesRegistered = (int)authorizationManager.AddRoles(rolesToRegister, roleDescriptions) >= 0 ? rolesRegistered : null; if (rolesRegistered == null) { rolesRegistered = new List <string>(); } if (Rally.Framework.Authorization.ModuleConfiguration.ShouldDeleteObsoleteRolesOnRegistration) { var obsoleteRoleDataScopes = authorizationManager.GetRoleDataScopes(null) as IList <IDictionary <string, object> >; obsoleteRoleDataScopes = obsoleteRoleDataScopes == null ? null : obsoleteRoleDataScopes.Where(rd => !rolesRegistered.Contains((string)rd["RoleId"])) as IList <IDictionary <string, object> >; if (obsoleteRoleDataScopes != null && obsoleteRoleDataScopes.Count > 0) { for (int i = 0; i < obsoleteRoleDataScopes.Count; i++) { authorizationManager.DeleteDataScope((string)obsoleteRoleDataScopes[i]["DataScopeId"]); } } var obsoleteRoleOps = authorizationManager.GetRoleOperations(null) as IList <IDictionary <string, object> >; obsoleteRoleOps = obsoleteRoleOps == null ? null : obsoleteRoleOps.Where(ro => !opsRegistered.Contains((string)ro["RoleId"]) && !ops.Contains((string)ro["RoleId"])) as IList <IDictionary <string, object> >; if (obsoleteRoleOps != null && obsoleteRoleOps.Count > 0) { for (int i = 0; i < obsoleteRoleOps.Count; i++) { authorizationManager.DeleteOperation((string)obsoleteRoleOps[i]["OperationId"]); } } var obsoleteRoles = authorizationManager.GetRoles() as IList <IDictionary <string, object> >; obsoleteRoles = obsoleteRoles == null ? null : obsoleteRoles.Where(r => !rolesRegistered.Contains((string)r["Id"]) && !allRoles.Contains((string)r["Id"])) as IList <IDictionary <string, object> >; if (obsoleteRoles != null && obsoleteRoles.Count > 0) { for (int i = 0; i < obsoleteRoles.Count; i++) { authorizationManager.DeleteRole((string)obsoleteRoles[i]["Id"]); } } } } } } } return(((opsRegistered != null) || (scopesRegistered != null) || (rolesRegistered != null) || (identityResults != null)) ? new object[] { opsRegistered, scopesRegistered, rolesRegistered, identityResults } : null); }
//public static ILogger Logger = null; //public static IExHandler ExceptionHandler = null; //public static ITracer Tracer = null; public static object Regiser() { string configXmlPath = DefaultResourceACConfigurationFilePath; string configXml = ""; using (FileStream stream = new System.IO.FileStream(configXmlPath, FileMode.Open, FileAccess.Read, FileShare.Read)) { using (StreamReader reader = new StreamReader(stream)) { configXml = reader.ReadToEnd(); } } ResourceAuthConfiguration authConf = XmlUtility.XmlDeserialize(configXml, typeof(ResourceAuthConfiguration), new Type[] { typeof(Resource), typeof(Subject), typeof(Scope), typeof(Action) }, "utf-8") as ResourceAuthConfiguration; ISecurityManager securityManager = new SecurityManager(); string regiseredOpId = null, registeredScopeId = null; string[] ops = securityManager.GetDataTypeOperations(null), scopes = securityManager.GetDataScopes(null); List <string> opsRegistered = null, scopesRegistered = null, rolesRegistered = null, allRoles = new List <string>(); List <object> identityResults = null; if (authConf != null) { opsRegistered = new List <string>(); scopesRegistered = new List <string>(); //rolesRegistered = new List<string>(); foreach (var resource in authConf.Resources) { if (resource != null) { if ((resource.Actions != null) && (resource.Actions.Length > 0)) { //ops = securityManager.GetDataTypeOperations(resource.Name); foreach (var action in resource.Actions) { if ((action != null) && (!ops.Contains(action.ID.ToLower())) && (!opsRegistered.Contains(action.ID.ToLower()))) { regiseredOpId = (string)securityManager.RegisterOperation(resource.Name, action.ID, action.Name); if (!String.IsNullOrEmpty(regiseredOpId)) { opsRegistered.Add(regiseredOpId.ToLower()); } } } if (ShouldDeleteObsoleteOperationsOnRegistration) { using (AuthEntityModelContainer context = new AuthEntityModelContainer()) { var obsoleteRoleOps = context.RoleOperations.Where(ro => !opsRegistered.Contains(ro.OperationId) && !ops.Contains(ro.OperationId)); context.RoleOperations.RemoveRange(obsoleteRoleOps.ToArray()); var obsoleteObjectAuthItems = context.ObjectOperationAuthItems.Where(oo => !opsRegistered.Contains(oo.OperationId) && !ops.Contains(oo.OperationId)); context.ObjectOperationAuthItems.RemoveRange(obsoleteObjectAuthItems.ToArray()); var obsoleteOps = context.Operations.Where(o => !opsRegistered.Contains(o.Id) && !ops.Contains(o.Id)); context.Operations.RemoveRange(obsoleteOps.ToArray()); context.SaveChanges(); } } } if ((resource.Scopes != null) && (resource.Scopes.Length > 0)) { //scopes = securityManager.GetDataScopes(resource.Name); foreach (var scope in resource.Scopes) { if ((scope != null) && (!scopes.Contains(scope.ID.ToLower())) && (!scopesRegistered.Contains(scope.ID.ToLower()))) { registeredScopeId = (string)securityManager.RegisterDataScope(resource.Name, scope.ID, scope.Name, scope.Type, resource.Key); if (!String.IsNullOrEmpty(registeredScopeId)) { scopesRegistered.Add(registeredScopeId.ToLower()); } } } if (ShouldDeleteObsoleteDataScopesOnRegistration) { using (AuthEntityModelContainer context = new AuthEntityModelContainer()) { var obsoleteRoleDataScopes = context.RoleDataScopes.Where(rd => !scopesRegistered.Contains(rd.DataScopeId) && !scopes.Contains(rd.DataScopeId)); context.RoleDataScopes.RemoveRange(obsoleteRoleDataScopes.ToArray()); var obsoleteDataScopes = context.DataScopes.Where(ds => !scopesRegistered.Contains(ds.Id) && !scopes.Contains(ds.Id)); context.DataScopes.RemoveRange(obsoleteDataScopes.ToArray()); context.SaveChanges(); } } } if ((resource.Subjects != null) && (resource.Subjects.Length > 0)) { //var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(new MySQLDatabase(ModuleConfiguration.DefaultIdentityStoreConnectionName))); //var userManager = new UserManager<IdentityUser>(new UserStore<IdentityUser>(new MySQLDatabase(ModuleConfiguration.DefaultIdentityStoreConnectionName))); var roleManager = new RoleManager <IdentityRole>(new RoleStore <IdentityRole>(new IdentityDbContext(ModuleConfiguration.DefaultIdentityStoreConnectionName))); var userManager = new UserManager <IdentityUser>(new UserStore <IdentityUser>(new IdentityDbContext(ModuleConfiguration.DefaultIdentityStoreConnectionName))); IDictionary <string, string> rolesToRegister = new Dictionary <string, string>(); IDictionary <string, string> roleDescriptions = new Dictionary <string, string>(); IdentityUser identityUser = null; IdentityResult identityResult = null; identityResults = new List <object>(); foreach (var subject in resource.Subjects) { if (subject.Type.ToLower() == "fixedrole") { allRoles.Add(subject.ID); if (!roleManager.RoleExists(subject.Name)) { rolesToRegister.Add(subject.ID, subject.Name); roleDescriptions.Add(subject.ID, subject.Description); } } else if (subject.Type.ToLower() == "fixeduser") { identityUser = userManager.FindById(subject.ID); if (identityUser == null) { identityUser = userManager.FindByName(subject.Name); } if ((identityUser != null) && ShouldDeleteObsoleteUsersOnRegistration) { foreach (var role in roleManager.Roles) { identityResult = userManager.RemoveFromRole(identityUser.Id, role.Name); identityResults.Add(identityResult); } identityResult = userManager.Delete(identityUser); identityResults.Add(identityResult); if (identityResult.Succeeded) { identityUser = null; } } if (identityUser == null) { identityUser = new IdentityUser() { Id = subject.ID, UserName = subject.Name, Email = String.Format(DefaultFixedUserEmailTemplate, subject.Name), //Description = subject.Description, //UserType = 1 }; identityResult = userManager.Create(identityUser, DefaultFixedUserPassword); identityResults.Add(identityResult); } } } rolesRegistered = securityManager.AddRoles(rolesToRegister, roleDescriptions) as List <string>; if (rolesRegistered == null) { rolesRegistered = new List <string>(); } if (ShouldDeleteObsoleteRolesOnRegistration) { using (AuthEntityModelContainer context = new AuthEntityModelContainer()) { var obsoleteRoleDataScopes = context.RoleDataScopes.Where(rd => !rolesRegistered.Contains(rd.RoleId) && !scopes.Contains(rd.RoleId)); context.RoleDataScopes.RemoveRange(obsoleteRoleDataScopes.ToArray()); var obsoleteRoleOps = context.RoleOperations.Where(ro => !rolesRegistered.Contains(ro.RoleId) && !ops.Contains(ro.RoleId)); context.RoleOperations.RemoveRange(obsoleteRoleOps.ToArray()); context.SaveChanges(); } var obsoleteRoles = roleManager.Roles.Where(r => !rolesRegistered.Contains(r.Id) && !allRoles.Contains(r.Id)); if (obsoleteRoles != null) { var users = userManager.Users; foreach (var role in obsoleteRoles.ToArray()) { foreach (var user in users) { identityResult = userManager.RemoveFromRole(user.Id, role.Name); identityResults.Add(identityResult); } identityResult = roleManager.Delete(role); identityResults.Add(identityResult); } } } } } } } return(((opsRegistered != null) || (scopesRegistered != null) || (rolesRegistered != null) || (identityResults != null)) ? new object[] { opsRegistered, scopesRegistered, rolesRegistered, identityResults } : null); }